Get details about the Blue Screen of Death

In the comments on a post from early last year, How to troubleshoot the Blue Screen of Death, Al expresses a common frustration:

My PC has crashed a couple of times now to a BSOD with a stop error I can’t read quick enough. I see nothing in event viwer, is there any other log of what happened? What the stop error was and what the 4nvd.dll (possibly!) or whatever it was that flashed past is?

Information about a stop error (aka BSOD) should appear in Event Viewer’s System log. If you can’t find it there, try reconfiguring your system to stop after a stop error (what a concept!) so you can read the error on the screen. Here are the step-by-step instructions:

Open the System option in Control Panel.
On the Advanced tab, under the Startup and Recovery heading, click the Settings button.
In the Startup and Recovery dialog box, under the System Failure heading, clear the Automatically Restart check box.
Click OK to close the Startup and Recovery dialog box, and then click OK to close the System Properties dialog box.

After making this change, you’ll find that the details of a (hopefully rare) BSOD will remain on screen for you to study and write down. You’ll need to press a key to clear the screen and restart the computer.

Maximizing memory usage

Early last year, I wrote a post that advised using Task Manager to track memory usage. It included this quote:

Some people assume that the goal of memory management is to leave as much memory free as possible. (That attitude is especially prevalent among those who spent a long time working with the notoriously resource-challenged Windows 95/98/Me family.) In fact, for best performance your goal should be to make maximum use of RAM. Empty RAM does you no good. Windows can swap data in and out of RAM very quickly, so if memory is free, the cache manager tries to fill it up with as much data as possible. Likewise, a well-written program can and should load as much data into memory as possible so that it can respond quickly when you make a request.

Ken asks:

Are you suggesting here that you should try to run as many programs as possible at the same time to keep all of them in superfast RAM?

That’s kinda sorta what I do anyway, and I have never experienced any performance hit with XP for doing so. As long as these programs are loaded in RAM, they respond much faster. [Insert “well, duh!” here.] And they don’t hog CPU time except when they are actually doing something.

I’m not sure I would go as far as to say you should run as many programs as possible. In some cases, that strategy would take memory away from the cache manager, making some performance tradeoffs inevitable.

Off the top of my head, I’d say the single biggest piece of advice I would give people is this: Assuming you have sufficient RAM to run the programs you normally use, don’t close programs unless and until you need to close them. I watch people work regularly and I’m always amused at how novice users routinely close one program before opening another. I don’t know whether it’s the clutter or what, but that’s something novices almost always do.

In the case that Ken describes, assuming that your regular suite of programs doesn’t put you close to maxing out physical RAM, then yeah, it’s probably a good idea to open up the programs you’re going to use during a session and leave them open for the duration.

Write an annoying comment, go to jail

Update: Professor Michael Froomkin of the University of Miami School of Law sends word from a colleague at the EFF, who says this story is indeed overblown (the exact phrase was “much less here than meets the eye”.)

Update 2: Professor Orin Kerr of the George Washington University School of Law has another skeptical look at the CNET story:

This is just the perfect blogosphere story, isn’t it? It combines threats to bloggers with government incompetence and Big Brother, all wrapped up and tied togther with a little bow. Unsurprisingly, a lot of bloggers are taking the bait.

Skeptical readers will be shocked, shocked to know that the truth is quite different. …

It turns out that the statute can only be used when prohibiting the speech would not violate the First Amendment. If speech is protected by the First Amendment, the statute is unconstitutional as applied and the indictment must be dismissed.

Now, those of us who are worried about the fate of the First Amendment might see this as less than comforting. But that’s a post for another day.

Oh, and this is not the first time I’ve been burned by CNET’s Declan McCullagh. As someone once said, “Fool me once, shame on — shame on you. Fool me — you can’t get fooled again.”

This story sounds like something out of The Onion, but CNET News reports that it is depressingly true:

Last Thursday, President Bush signed into law a prohibition on posting annoying Web messages or sending annoying e-mail messages without disclosing your true identity.

In other words, it’s OK to flame someone on a mailing list or in a blog as long as you do it under your real name. Thank Congress for small favors, I guess.

This ridiculous prohibition, which would likely imperil much of Usenet, is buried in the so-called Violence Against Women and Department of Justice Reauthorization Act. Criminal penalties include stiff fines and two years in prison.

“The use of the word ‘annoy’ is particularly problematic,” says Marv Johnson, legislative counsel for the American Civil Liberties Union. “What’s annoying to one person may not be annoying to someone else.”

Buried deep in the new law is Sec. 113, an innocuously titled bit called “Preventing Cyberstalking.” It rewrites existing telephone harassment law to prohibit anyone from using the Internet “without disclosing his identity and with intent to annoy.”

To grease the rails for this idea, Sen. Arlen Specter, a Pennsylvania Republican, and the section’s other sponsors slipped it into an unrelated, must-pass bill to fund the Department of Justice. The plan: to make it politically infeasible for politicians to oppose the measure.

The tactic worked. The bill cleared the House of Representatives by voice vote, and the Senate unanimously approved it Dec. 16.

Here’s the relevant language.

“Whoever…utilizes any device or software that can be used to originate telecommunications or other types of communications that are transmitted, in whole or in part, by the Internet… without disclosing his identity and with intent to annoy, abuse, threaten, or harass any person…who receives the communications…shall be fined under title 18 or imprisoned not more than two years, or both.”

This is wrong on about a thousand different levels. It’s also symptomatic of a legislative process in the United States that allows important clauses to be written into complex laws at the last minute, so that no one – legislators and citizens alike – has a chance to review them before they’re voted on.

Anonymous speech is an essential component of the Internet. As a Web site owner, I can exercise complete control over who is allowed to post on my site. I allow anonymous postings and only delete or moderate those that cross fairly bright lines. But under this law, anyone who comments on this site anonymously is potentially subject to Federal criminal prosecution if their post is “annoying.” Who decides what that means?

By the way, the sponsor of this bill is Rep. James F. Sensenbrenner, Jr. (R-WI). He is one of the biggest assholes on the planet. He’s the one who gaveled a hearing on the Patriot Act to a close and shut off all microphones rather than listen to witnesses who opposed the extension of the Act. He abused his powers as a committee chairman to rewrite the descriptions of amendments proposed by members of the opposing party so that the authors appeared to be protecting sexual predators. And who can forget his sensitivity to hurricane victims who were required by the Bankruptcy Act to come up with records that were wiped out by wind, rain, and floodwaters? As the Houston Chronicle reported:

A few weeks ago, consumer advocates and bankruptcy lawyers urged Congress to postpone the new law for Katrina victims. Although several lawmakers backed the plan, it was blocked by Rep. James Sensenbrenner, R-Wis., the law’s author.

As Sensenbrenner so eloquently put it, those who wanted the changes “ought to get over it.”

Feel free to leave a comment. Under the terms of the new law, though, if you have anything annoying to say about Rep. Sensenbrenner or me, you’d better sign your real name.

Here’s why patches get tested

Oops. Security expert Dana Epp notes that the “unofficial” patch for the WMF exploit apparently disabled printing for some people using PostScript printers.

How would you feel if your business had bought in to the hysteria and deployed this untested code in a production environment, and then you missed a deadline to submit a design proposal for a key client that cost you a million-dollar contract?

Lots of good insights in Dana’s post.

A tale of two patches, part 2

Apparently, some people think I chose a bad example yesterday to illustrate my point that patching complex software takes time. So maybe a different example will help.

This Secunia advisory from September 9, 2005 was rated “highly critical”:

Tom Ferris has discovered a vulnerability in Firefox, which can be exploited by malicious people to cause a DoS (Denial of Service) or to compromise a user’s system.

The vulnerability is caused due to an error in the handling of an IDN URLs that contains the 0xAD character in its domain name. This can be exploited to cause a heap-based buffer overflow.

Successful exploitation crashes Firefox and allows code execution but requires that the user is tricked into visiting a malicious web site or open a specially crafted HTML file.

NOTE: Exploit code is publicly available.

This Mozilla.org advisory offered a workaround that involved disabling the IDN functionality

On September 6 a security vulnerability affecting all versions of Mozilla Firefox and the Mozilla Suite was reported to Mozilla by Tom Ferris and on September 8th was publicly disclosed.

On September 9, the Mozilla team released a configuration change which, as a temporary measure to work around this problem, disables IDN in the browser. IDN functionality will be restored in a future product update. The fix is either a manual configuration change or a small download which will make this configuration change for the user.

Sound familiar? That’s exactly how Microsoft initially responded to the WMF exploit.

The patch for this vulnerability (and remember, there was working exploit code out there) was incorporated into Firefox 1.0.7, which was released 12 days later, on September 21.

I’m not trying to “smear the Open Source community.” In fact, I’m an enthusiastic Firefox user and supporter. In the September 9 vulnerability, I don’t think that the Firefox developers were underestimating the problem, nor were they sitting on a patch. The process took 12 days, period. I don’t think the Windows security team was sitting on the WMF exploit either. The process of developing and testing a fix takes time. That’s true of any complex program, including Firefox and Windows.

A high-def upgrade for DirecTV subscribers

IGN has details and pictures on the new DirecTV Plus HD DVR:

[W]hen does the HR20 finally come out and how much is it going to cost? DirecTV would not give us a firm date, but it did state that the unit will definitely be available in Q2 2006. “Really Q2, we swear,” a spokesperson told us. Meanwhile, we’re able to report some fantastic news for early adopters who picked up a DirecTV TiVo HD DVR. DirecTV reps confirmed to us today that the HR20 will be made available “completely free of charge” to select HD TiVo owners as soon as the former becomes available. By select, the company means owners who live in the PST or MT areas of the United States, as these regions will be the first to make the switch to MPEG-4 broadcasts. HD TiVo owners who live in other parts of the US can either wait a little longer for the same deal or purchase the HR20 for only $99 smackers. Brand new customers will pay approximately $200 for the device and will get a significant mail-in rebate, according to DirecTV.

But wait! There’s more. Thomas Hawk hung around the Microsoft booth and got word on some possible partnerships:

I got to talk to Matt Goyer a bit about some of the recent Microsoft announcements. Matt seemed very optimistic that we would in fact see HDTV via DirecTV for the Media Center sometime next year with Vista. This is the most exciting thing I’ve heard come out of CES yet. I was super excited when I heard that we would finally be getting premium HDTV with Media Center a few monts back but I’m even more excited about the possibility of things with DirecTV. DirecTV has recently launched a bunch of satellites and promises to bring much more HD content in the future. I really think that DirecTV will be positioned to be the king of HD content delivery next year and to see that they are now working with Microsoft and that we will see an HDTV DirecTV combo for Media Center is huge.

I’ll be looking at some Viiv PCs today and trying to get a hands-on look at the new DirecTV box and the new TiVo Series 3 gear. And of course I’ll be at the Media Center Show awards tonight.

WMF exploit patch is out right now

Underpromise, overdeliver. That’s the classic advice from business school, and someone at Microsoft learned that lesson well.

Five days earlier than promised, Microsoft has delivered the January 2006 security update for the WMF vulnerability. Why now? Mike Nash, Corporate Vice President for Security, explains on the Microsoft Security Response Center Blog:

[A]ctually creating the update was a straight forward process. The challenge was testing the update on all of the supported versions of Windows and the 23 languages we support and making sure that the set of applications that might be effected by this update are not negatively affected by this change.

On Tuesday morning, we announced that our goal was to have an update available as part of our regular update cycle on January 10th. That date was based on our forecast on where we would be with quality.

So what changed to make us decide to release an update today? Two things: The first is that we have an update that we believe in. The team worked very hard to run all of the key scenarios that we are concerned about. While we would always like to have more time, we are confident in the quality of the update. The second issue is that while there is no imminent threat, a number of customers are seeing exploit traffic hitting their AV, IDS and IPS systems. Interestingly, when you talk to the security vendors they are seeing the rate of infection and the rate of spread actually decrease. But, when I spoke to a number of customers and asked if the current situation warranted an out of band release of the update, they said yes, if we had hit our quality goals. I reminded them of their past feedback about out of band updates being an inconvenience and their preference for the monthly release schedule. Overall, they felt that we had made these out of band releases so infrequent, that doing it once when it matters was not a big deal.

If you have Automatic Updates turned on, you’ll get the update without any effort on your part. If you don’t want to wait, visit Windows Update right now.

Congrats to the new MVPs

Marc Orchant is now a Tablet PC MVP. Congratulations, Marc!

Blu-ray versus HD DVD

In the race to determine the next big DVD standard, HD DVD appears to be winning.

Jack Schofield at the Guardian Unlimited Technology Blog passes along a report that HD DVD players will be available in March at prices as low as $500 . At a press event, last night, I talked with a Panasonic rep who was working at the Blu-ray booth. He said Blu-ray hardware would be available sometime in the summer, and a Blu-ray spokesperson said she was doubtful we’d be able to see hardware before mid-July.

The Blu-ray picture sure did look good, though!

Update: More details at Ed Bott’s Media Central.

Windows XP Home reaching the end of the line?

Dwight Silverman passes along news that Windows XP Home users may run out of support options soon:

Microsoft’s support timeline for consumer products differs from that for business products. Thus, XP Home’s mainstream support period will end sooner than that for XP Professional…

The story (which originally appeared in Ars Technica) is based on a literal reading of Microsoft’s Support Lifecycle policies. If the company sticks to its stated policies, support for XP Home would end on December 31, 2006, only a couple months after Windows Vista is due to be released.

Fortunately, a commenter at Dwight’s site read the Windows Service Pack Road Map, which notes that “SP3 for Windows XP Home Edition is currently planned for 2H 2007.” That would suggest that Microsoft has no intention of pulling the plug on Windows XP early.

Sure would be nice if someone in Redmond would actually come out and say so.