Users should control their computers, not be controlled BY their computers

There has been a steady stripping of power of users to control their computers. I talk mainly about PCs as Mac users have never had much control.

Starting with the BIOS, this used to be easily accessed by a “de facto” standard by pressing F2 or DEL. There was a message on the screen telling you which button to press. Easy!

Later computers, particularly laptops, showed a manufacturer logo and hid the options. However, you could still press the buttons to get access. Recent models have dropped the F2/Del standard and started using other options, such as ESC, F1, F9 F10, and F12. If you are very lucky, you get a splash screen letting you know what key to press, otherwise you have to read the (non-existent) F-ing manual, or Google it.

The latest round of removing power from users is the rise of UEFI bios. What this effectively does is tie the bios to the operating system (which is always Windows.) This prevents you from booting from non-UEFI media, effectively prevents the booting up from DVD or USB stick. You have to dig around in the UEFI BIOS to turn off secure boot, change UEFI to CSM boot in order to boot from anything else. Although this allows for faster booting, and has some security benefits, it makes things harder for users who need to reinstall or install a dual boot system.

Posted in Windows. Tags: . Leave a Comment »

UK fungi site launched following demise of the Wild About Britain website

A combination of a developer who didn’t care, and the efforts of hackers caused the demise of the Wild about Britain website, which had some great content on British natural history. Despite many pleas, the developer did nothing and refused to hand the site over. As a fungi enthusiast, I decided to launch a forum for people interested in uk fungi, to identify, discuss and record species of fungi in the uk. I welcome feedback.

It is at

Google must amend search results on the request of individuals

A top EU court has ruled that Google must amend search results if individuals request it. This was based on the case of a Spanish man whose house was repossessed and he didn’t want the story to be hanging around for years. Fair enough!

At first glance this seems quite reasonable. Many of us have skeletons in our closets and in some cases, information held on us is innacurate or obsolete. It is therefore quite reasonable that this information should be updated or removed.

Sadly, this just demonstrates a lack of understanding of what a search engine is. The website which publishes, for example, house repossessions, is still allowed to continue, and you will still be able to visit such websites.  All it means is that Google will have a massive (and impossible admin task in filtering its results.)

In its judgement on Tuesday, the court in Luxembourg said people had the right to request information be removed if it appeared to be “inadequate, irrelevant or no longer relevant”.

It remains to be seen what the outcome will be. Will it allow companies to remove material from search results that they feel is critical or doesn’t reflect well on them? If the BBC publishes a story and someone complains it infringes their privacy, does Google remove links to that story? Surely, the complaint should be directed to the BBC!


Windows 8 laptop a brick – can’t boot from anything except hard drive

Not so long ago, I was given the job of adding a new laptop to a small network of 20 pcs plus two Windows servers. The only thing was, the laptop came with Windows 8, and they needed a custom application that only runs in Internet Explorer 9 or below (I know, I know…  )

As we have volume licences for Windows 7, I assumed this would just require booting from a USB stick or DVD, wiping the hard drive and installing Windows 7. However, whatever F key I pressed, it started the Windows 8 installation process. After some reading online, it appears that the newer type of BIOS, called UEFI, can be modified by the OS and therefore, the only way to alter this was to install Windows 8, then go into advanced startup options, and choose the USB or DVD.

So, an annoying delay where I had to install an operating system I didn’t want, followed by tweaking the startup options. Still no joy. Just an error message. Tried changing various UEFI setting in the bios to no avail. Then tried modifying various USB sticks to include bootx64.efi and other boot drivers.

More online reading, and it appears that the implementation of UEFI is flawed in some makes of laptop, notably Lenovo and Toshiba. So, laptop returned to supplier.


UK Internet censorship move by Virgin Media and Talk Talk

Although widely described as being a block on Internet porn, the scope covers a range of material. In the case of Talk Talk, there are 9 adult categories, including self-harming, gambling and suicide sites.

Content in these categories will be blocked by default. This means that Talk Talk will be deciding what is appropriate for you to access. It is possible to opt in to receive this content, however, Talk Talk now have a list of people who could be considered “sordid” or undesirable. If the police want to view this list, we move further towards a Big Brother society.

Make no mistake, I am in favour of protecting children from internet nastiness, but I don’t believe private corporations should decide what is nasty. The job should primarily be that of the parents, or by the government if it is clearly illegal. Parents should be aware of what their children are doing, and if they don’t understand, they need to ask. If you give smartphones and laptops to children and they take them to their bedrooms, or out and about, you will have no idea what they are looking at. They will find ways to get around censorship. A better solution is to give the choice when people sign up with a provider, and to contact existing providers and ask if they want it or not. However, the bigger issue is the relationship between parents and children, and knowing what your children are doing, and who they are talking  to.

Viruses have won, antivirus is no longer much protection

When look at customers’ computers and find malware, I am constantly asked “Why is there malware when I have antivirus on the computer?”

It is used to be because the user’s antivirus had expired or wasn’t updated. In the last couple of years, however, I have found dozens of infected machines with up to date antivirus.

The truth is, the nature of malware has changed. They used to be in the form of executable files, which had signatures that antivirus could pick up. Now, in the typical mode of infection, malware usually runs scripts on websites that find vulnerabilities in legitimate programmes, causing those programmes to be weakened or malfunction. Java is one of those programmes, and is a legitimate programme, so antivirus is happy with it. However, Java is a programme that has full system access on a pc, although in theory this is restricted. The exploits remove this restriction. This allows network connections to be opened internally to contact malicious sites, which bypasses most firewalls, because “outbound” connections are allowed. The exploits can also modify Windows (and Macs) settings, further weakening, just like the wooden horse of Troy, when the soldiers smuggled inside opened the gates of the city. This can also disable antivirus or prevent antivirus from loading on start up. Because this is done via a legitimate programme, the antivirus is none the wiser. Opening network connections to malicious sites also allows the malware to update itself, similar to Windows Update.

By turning off antivirus and auto-updating, less subtle malware can be downloaded which can have free reign. All that is needed is a single vulnerability. Many of these vulnerabilities are discovered long before patches are released to fix them.

My conclusion is that antivirus is not an effective protection against malware. The most effective protection is users being educated in safe behaviour. The status quo is like a flock of lambs wandering into a wilderness occupied by starving wolves.

How to reinstall Windows 7 and get your drivers back

When the worst happens, and your computer won’t boot, and Windows 7 is unrepairable, you are faced with the frustrating task of reinstalling Windows. There is often a recovery partition that you can use to go back to factory settings. However, you might want a clean install of Windows, without all the crapware bundled by the manufacturer, plus you usually have to install Windows 7 Service Pack 1. One of the frustrations of reinstalling Windows from DVD, especially on laptops, is that many device drivers are missing after you reinstall, and you have to go to the manufacturers website to download them again, not so easy if you are missing LAN/WiFi drivers…

Sometimes it is a pain even if you know what you are doing. If you look in device manager, right-click on the device that is missing its driver, click properties, details, and then change the drop-down to hardware IDs, you can see a VEN_ID and DEV_ID value, eg for a missing driver on a laptop I’m working on, it  shows PCI\VEN_168C&DEV_0032&CC_0280. There is a great website to look these up, the PCI Vendor and Device Database. This can be a good way to find drivers when the PC manufacturers website is terrible. For the example I gave, this shows the vendor is Atheros, and the Device is an AR9485WB-EG. In this case, both the Asus and Atheros websites were of no help, so I found another solution.

If you can still get data off your old (or about to be formatted) hard drive, you can also get the drivers. Here is the procedure:

  • Copy the following two folders to a removable drive. I’m not sure both are needed, but both contain driver files.
  • If you are re-installing due to malware, you need to scan this device for malware using a secure fully patched and protected PC, and preferably by using a Linux live CD or Virtual Machine.
  • Reinstall Windows 7
  • Insert the removable drive
  • In device manager, right-click the device without a driver, and choose update driver software. A dialogue will ask if you want to search automatically or browse my computer. Choose browse my computer and look for the removable drive. From there, Windows 7 will cleverly find the right driver from the list. Repeat this until all the devices have drivers.
    In one case, the driver installed failed on the first run, because it depended on another one being installed first, but it installed fine after a reboot.