.comment-link {margin-left:.6em;}

I Hate Linux

Monday, March 12, 2018

Laptop power states can lead to paranoia

A few weeks ago I had a spooky event, from which there were important learnings and since nothing bad happened, is the sort of thing I can happily share, rather than hang my head in shame.


For ages I've made my main home desktop machine (whichever that happens to be) accessible via Remote Desktop. Even when sitting on the couch on a laptop, I am most likely controlling the desktop as it has all of my tools, apps, etc... as well as plenty of storage and RAM.

This also comes in handy when at work so I can maintain separate browser environments in the case I want to search/view something I don't want showing up in official logs (ie, I don't want to worry the security/hr people if I happen to look up the specs of a particular firearm at work, nor do I want to be accused of being a shill for this or that on a web forum based on an ownership lookup of the IP range I am on at the office).


A few weeks ago I was working on some things physically at my desktop when I got logged out, being told that *someone else* was connecting remotely.

Was my Microsoft Account password compromised? How? It's rather complex and very carefully used. It's never even be written down on paper or to a instance of notepad.

I was able to log in locally quickly, yanked the network cable and started the fun process of changing all critical passwords, taking a backup image of the hard drive, then going to bed... it was late.

Some cursory examinations of my router and Windows logs told me a disturbing story... that I was seeing connection attempts to the default Remote Desktop port every 3-5 seconds, for as far back as the log had memory... and from places all over the world.

The day after

Upon getting to work, I mentioned the event to my lead and the head of the networking team, as the day before they had wondered if I had uploaded an unusual amount of data from my work machine (which I didn't believe I did). Fearing the incidents might be related, I figured I should ask them to look into their network logs on their end.

It turns out their firewall views inbound & outbound traffic oddly, so someone in our subnet downloading a fair number of large MacOS updates tripped some data-ex-filtration warnings.

Breathing a bit of a sign of relief, back at home I installed a new hard drive with a fresh install of Windows in case something on the old had been compromised.

Feeling confident that I had contained whatever damage could have been done, I enabled Remote Desktop again, but on a non-obvious port and got back to my life...


A week and a half later while sitting at my desktop... it happened again!

You could argue that without 2FA on my Microsoft Account, it was bound to happen eventually (previously not enabled due to issues with Xbox)... but to have it happen again, so soon with a completely new password, 2FA enabled (not that it matters for desktop RDP) and on a random port? Who the hell did I piss off to get popped like this so quick?

Again, I yanked the network cable, turned off the PC and went to bed... not having the energy to deal with the issue at the time.

What if...?

The next morning, I had a theory... what if some other device of mine was legitimately logging in? I went looking first at my personal laptop and found it was in fact awake at the same time as the previous nights event... exactly 3 hours after my last use.


That night I tested the theory, I opened up my laptop, connected to the desktop via RDP, closed the lid, and made my way down to my desktop a couple of hours later, making sure I was sitting there when sure enough, I got logged out.

As it turns out, after 3 hours of being asleep, my laptop will boot to a full power state for a moment to go into a full hibernation mode. During this time, the RDP app re-asserts itself and will kick an local user out from whatever it is logged into... even though waking the laptop during this window will see the RDP application asking for a password to connect to the remote session.

Benefits & learnings

On the plus side... the event gave me an excuse to upgrade the size of the SSD in my desktop, buy a few fresh sets of underwear, and some major takeaways:

1. I never should have had the default port exposed,
2. Two-factor authentication should be supported out of the box on the client (though Duo can be used for free to do so), alas Microsoft has abandoned the home desktop user,
3. I need to be more diligent about watching failed logons, no matter how confident I am that a good password isn't going to get compromised.

Monday, May 01, 2017

Revealing the prediction, and an ominous warning

Tomorrow Microsoft is expected to announce a Chromebook competitor running a stripped down version of Windows to target the education market. Even though I will probably buy one of them, the effort will ultimately fail. Before we look too far into the future and it's possible success, let's look a bit to the past.

Two years ago I sent a set of predictions to a well-placed former co-worker within the larger Windows group in an email titled "A (hashed) prediction of the future (expires end of 2016)" which included the hashes mentioned in this post.

The prediction in question said:

Windows 10 Mobile bombs. Windows 10 for PCs continues to languish much like 8.x but at more affordable device price points. Terry is forced out by end of 2016.

Windows 10 Mobile/Phone has in fact bombed, so much so that Microsoft has more or less given up on first party devices for the time being, and will soon even be selling Android based devices at the Microsoft Store. Heck, even I, a long time Windows Phone die-hard was eventually forced to switch not six weeks ago (though I'd been trying to since December unsuccessfully).

Windows 10 has languished. While vastly better than Windows 8 in most ways, even with the free (and at time) forced upgrades, it is ultimately competing with previous versions of itself (like Windows 7 which works just fine for most still using it), none of which drives revenue for the company, nor inspires passion from most users who use or buy PCs/tablets/phones.

With regards to Terry (Myerson) being forced out... I wake up every day flabbergasted that this has not happened yet.

Admittedly, he has a difficult job. Aside from trying to make Windows Phone great again, he was ultimately responsible for de-Sinofsky-izing Windows... the first he utterly failed at, the second... remains an ongoing process.

At the end of the day, there is the issue of "why is Windows important?" and the answer really is "it's not anymore", but more on that for another time.

I am occasionally accused of having an ego, true or not, I am now going to say perhaps the most egotistical things I've ever said:

I tried to stop this. I could have made it better. I could have saved so many of the jobs already lost and the ones to come. I wasn't allowed to.

I talk a lot, I listen a lot, but I also play some cards very close to my chest. While it doesn't always work out for me, it doesn't detract from how painfully often I am right about too many things which most didn't see or believe coming.

Just call me Cassandra.

Saturday, March 25, 2017

One less Windows Phone user

I've had a long & tortured history with phones. Long being on Verizon my options were limited, one day I marched into an AT&T store, ready to buy an iPhone provided I could port my South Dakota number. At the time they couldn't. I tried a few different Windows Mobile devices during this time, which did the job for what I needed it for at Microsoft, but it wasn't great. I even bought an Android device, which I returned less than 24 hours after I'd purchased it due to some major issues.

By the time the iPhone came to Verizon, I was eagerly awaiting a Windows Phone to finally show up, which it did on May 26th, 2011, where I was 13th in line at the Verizon store in the Microsoft Commons, many hours before the store was to open. Since then I've gone through many Windows Phones as a local and enthusiastic user (1x HTC Trophy, 2x HTC 8X, 2x Lumia Icon, 4x Lumia 735, 1x Lumia 950 XL.

Yesterday, 9 years to the day after I started at Microsoft (though I am there no longer), I did something I didn't think I'd do. I switched to an Android device, the Google Pixel XL.

As much as I loved Windows Phone, it simply doesn't get the love it needs, both from Microsoft and from 3rd parties.

There was always an 'app gap' with regards to trying to convince companies to bring their apps/services to Windows Phone given its low market share something many attributed to the lack of apps.

The issue was not just app related, but technical. Windows Phone has long had issues with getting sufficient love within Microsoft. Over the years I was a passionate user & developer, both of which often lead to discoveries of issues, many of which were fixed, some not. I even found/yelled about a couple of recall class bugs in the product (thankfully just prior to going to the escrow period).

For me, most of what I needed to do I could do from my phone. Phone/SMS, email/calendar, web, podcasts… and with a couple of apps like Facebook & Twitter rounded out most the rest. For those things I couldn't do, I'd either write my own app or two, or simply go without.

As an aside, one of these weeks/months I'll reveal the answer to my previous prediction about this and other subjects, but that for another time

Given my rather, unique perspective, I thought it would be good to write a few words about my experience thus far in making such a switch.

Out of box experience

I'd often heard it reported that one of the reasons many gave up on Windows Phone was that they simply couldn't figure out how it worked. Having come from devices with very regular design metaphors I'd come to expect, it was rather difficult switching to something else.

Example: While Windows Phone & Android both have back buttons on the bottom left side of the screen, on Windows Phone one holds the back button to show the currently open apps. On Android, you press the right most button, which is a square.

Similarly, I've long been used to using the bottom part of the screen (which provides easier touching in my experience) for accessing settings of a particular app, this is just the opposite in Android, where even the address bar in the web browser is at the top.

Winner: Draw

Multiple email/calendar sources

Like many, I've got a Microsoft Account which is mostly used for signing into Microsoft properties. My email is hosted by Office 365. My YouTubing & Blogging is done with a Gmail address, and my wife (now) has an iPhone so she stores all of her calendar info to iCloud.

On my Lumia 950 XL, I could access all and have a semi coherent picture of all of my email accounts & shared calendars.

On my Pixel XL, the default mail client struggled to make sense of my Office 365, though after multiple tires it eventually worked. Unfortunately, it seems without purchasing an app (or writing my own), I won't be able to access my wife's calendar.

Winner: Microsoft


During my struggle to figure out how to setup my O365 email, I noticed in settings there was an option to receive 24/7 phone based support.


While they weren't able to solve my issue as the 18th time was the charm, the fact they not only have support reps on hand was surprising. The fact that they had the ability reach out and request screen sharing was shocking.

Winner: Google


I hate cables. Just because I've got oddles attached to my TV/DVR/game consoles/network switch/router/desktop PC/etc, or cables on both sides of the couch for Surface Pro 3's, a Macbook, or an iPhone doesn't mean I like them.

Ever since the release of the HTC 8X in November 2012, I've been rocking the wireless charging train. On my desk at work, next to my bed, next to my couch, and next to my home office are wireless chargers that allow me to plop down my compatible device and charge it while not in use. Heck, I even have one of these speakers in my home office.

The only time I would rely on a physical cable, was when I was in the car (given I had to plug my phone in for audio out, another cable wasn't so bad) or when I was doing on device debugging.

I am a sad panda that only the Samsung devices support it, though given their fire issues and very less than stock Android builds, I'm not willing to carry such a device.

Winner: Microsoft

App selection

Recently I pointed out to a friend who pays me on a monthly basis that there is a way to pay via PayPal which doesn't incur fees. He asked why I don't use Venmo or Google Wallet. The answer was simple, the first doesn't exist on my platform of choice, and the second wasn't quite relevant as YouTube is the only area I really sign into Google services for.

Looking around in the app store, seeing all of the major companies (take just fast food I noticed today) who felt compelled to build... something is remarkable.

Given the number of payment & messaging apps out there today, it is quite clear how PayPal & Skype somehow missed the boat.

Winner: Google

App security

Depending on the circles you are in, you may hear Android referred to Windows 3.1, 95, 98 or even 2000. Operating systems which were pretty good for their time, but horribly insecure in certain circumstances. 

Ultimately, the user is in control and is responsible for the security of their device. Not just what apps run on it, but what permissions they are granted. The ease at which apps are able to ask for permission for access to this or that resource (Does my podcast app really need access to my photos & contacts?) is frankly, frightening.

Assuming no user action allows a seemingly innocent app to do malicious things, the degree of protection offered by the underlying platform is important. iOS has been excellent at this, as has Windows Phone. Android, alright. The whole reason I opted for the Pixel was that as a first party phone from Google, it was the most likely to receive regular security updates. There still needs to be sufficient safeguards against such malicious apps running rogue to prevent badness, something Android historically has lacked.

Winner: Microsoft

Bio-metric sign in

I do not like/trust bio-metric sign in options. They are easy to fool, and they are even easier to be used against you. Nothing stops law enforcement or a small child from forcing a device owner to touch their finger to a bio-metric sensor against their will and allowing their adversary into their device. I've personally seen one of these happen, and the hacker squealed in glee upon achieving their goal.

During the brief time I was using the Iris scanner on my 950 XL, I found it not only to be slow (not unlike a Kinect attached to a Windows 10 PC), but it actually hurt my eyes. Anytime I'd use it, day or night, bright or dark in the area, I would feel a… haze over my eyes for several minutes afterwards. 

Winner: Google

Over the last day my wife has often asked me if I was happy with my new phone, I was less than enthusiastic, much to her disappointment. While we all like something like a phone to be interchangeable with any other, the reality is there is a high degree of buy in associated with each particular ecosystem which makes moving rather difficult. Windows Phone is dead, RIP, and as much as I wish I could stay on it, the reasons to stay are decreasing day by day. In time I expect I'll grow to understand & appreciate my new phone, until then, at times I feel like a mule with a spinning wheel, "No one knows how he got it, and danged if he knows how to use it!"

Only time will tell how I get on with my new phone, if I stick with this ecosystem or jump ship to another, but for now, it is an interesting learning experience being one of the last to make this particular jump.

Thursday, July 21, 2016

A (hashed) prediction of the future (expires end of 2016)

The following is an email I sent to a co-worker back on 4/6/2015 who was at the time a rather senior person in the Windows org.

As we approach the end of the window I gave myself for this prediction, I wanted to re-post it in a more public place so if/when it comes true I can more publicly say "I told you so" and "you should have listened" (though not just to him).

I wish to make a prediction of the future (well I made it a couple of weeks ago, but wanted to send it now that you were back so it was less likely be less likely to get swept up in a post vacation mailbox purge of unread mail)... though because of the nature of the prediction (which most would dismiss outright) it’s clear text cannot be revealed at present. Instead I present the following hashes for later verification (by end of 2016 I figure):

length 159

A little long of text perhaps, but it’s a (it’s long because it’s actually a three-parter (I opted to leave out the far more drastic 4th prediction).

For note the following hashes come from the code specified at http://blogs.msdn.com/b/oldnewthing/archive/2006/05/23/604743.aspx

If this prediction does come true, I’ll share the clear text behind the following hashes for the related explanation/castigation:

length 607

Only time will tell.

Tuesday, December 14, 2010

I love hate mail

Between work, work and more work, my time for blogging, let alone side projects has been limited... but as I sit back in a hotel room in Webster, SD in between stakeouts near a local farm field as part of the 2010 muzzleloader season (white tail deer is the target), I was... entertained this morning by the following piece of hate mail:

Subject: There are so many ways to be a loser
From: Sam Handel [schmandel@gmail.com]
Date: Tuesday, December 14, 2010 7:40 AM

Thanks for personally embracing so many at one time as to make your blog a classic of the "My Life Is A Warning To Others" category.

You use your blog to make yourself out to be a sadly typical dick-licking corporate kiss-up. When are you putting up your "I hate System 390" site? Did the amount of your student loans force you to sign on with an over-the-hill, used-to-was toy software company? What's the weather like in 1995?

Thanks for the feedback Sam.

Wednesday, April 21, 2010

Red Eye Podcast!

Admittedly this blog has been silent for too long. Work you love can do that. Tonight I had to break the silence with grand news... the Fox News hit show Red Eye with Greg Gutfield... now has a podcast!

Unfortunately they only advertize it as being available through iTunes and this link... luckily any serious podcast fan will have a copy of iTunes installed only to extract the actual RSS URL for those who do not have an iPhone/Pod/Pad or similar listening device.

I present... the raw URL:


Or for my Zune loving brothers & sisters, simply click here to subscribe in the Zune desktop software.

What is Red Eye? Only the most hilarious late night news/comedy show.

As a quick example, enjoy the following montage of old intros from serious Fox News anchor Patti Ann Browne:

Monday, October 05, 2009


Despite being raised in the Democratic People's Republic of Minnesota and disliking almost everything about it... I still find myself listening to Garage Logic (one of the few redeeming products/exports (aside from scotch tape))... I still tend to root for the Vikings and Twins as I've not found new teams to root for.

While working on some coding this evening I've had the Vikings vs Packers game on and honestly in a predicament... do I root for the hated Packers... or for the 'hometown' Vikings who so easily gave into the demands of the drama queen that is Brent Favre.

Either way... it's been some good football... well except for all of the TV breaks which completely ruin the flow of the game. Oh how I miss attending college football games where the outcome is more or less pre-determined (massive loss).

One more reason to distrust Jay Inslee

Today I received what amounted to a bulk email from my congressmen Jay Inslee which attempted to answer a question I wrote down at one of the town hall meetings back in August... unfortunately his office conveniently ignored my question and opted instead to address one that is tangentially related.

That's not the problem.

I hit Reply in Outlook, typed a response, clicked send... and got a nice little bounce back a moment later which said:

Please do not respond to this message. This is an auto-response to notify you that this email address is no longer active and you can send your message at my "web form" message system which can be found at: http://www.house.gov/inslee/contact/. This email address has been closed because an overwhelming amount of spam messages and comments with non-standardized sender information have made it a less effective means of hearing from and responding to constituents.

To ensure that all constituent comments are received and are responded to, and as the rest of Washington's House delegation has been doing for some time, Congressman Inslee is operating a more commonly-used web-based system to receive messages.

Congressman Inslee both needs and welcomes your thoughts. As email correspondence to Congressional offices has more than doubled in the past five years, the web-based message system is a way to improve the accuracy and timeliness with which your comments are viewed and replied to by Congressman Inslee.  Thank you for your understanding.

Again, your comments can be sent at any time to Congressman Inslee through the following link:  http://www.house.gov/inslee/contact/

Not being a big fan of web forms as they don't offer the same kind of paper trail (for me) as email, I went looking for another email address that I saw in his bulk email which ended with

DISCLAIMER I cannot guarantee the integrity of the text of this letter if it was not sent to you directly from my Congressional Email Account: wa01ima@mail.house.gov.  If you have any questions about the validity of this message, please email me at: Jay.Inslee@mail.house.gov or call my Washington, DC office at: 202-225-6311.  If you would like to be removed from my email update list, please email me your name and address at: Jay.Inslee@mail.house.gov and type "REMOVE" in the subject line.

With this new address in hand (one he also mentioned at the town hall meetings), created a new reply, and a couple of copy and paste jobs later later clicked send... only to get another bounce with the same text as above... but from the same address as the first.

That's right... the Congressmen and his office are giving out an email address that doesn't work. Rather than allowing his constituents to use a communication medium that most are well accustomed to, are forced to use a web form with a broken tab order (Issue comes after Zip, not the check box) and asks for more information that I should have to specify to reply to an email which has all of the same information.

Way to go Jay!