Welcome to Orcmid's Lair, the playground for family connections, pastimes, and scholarly vocation -- the collected professional and recreational work of Dennis E. Hamilton
The nfoCentrale Blog Conclave
nfoCentrale Associated Sites
… You visit a site, create a comment, and
… You attempt to register at a site, and
… They prefill a form with your user name or e-mail address
… They will take an OpenId
… They insist on inviting your automatic Disqus logon if the cookie is spotted
… You can’t find your password and you seek their help
You may notice that I have stopped using Technorati tags, since they seem to have no effect whatsoever and I haven’t figured out how to have them make a difference with any alternative source of tags. I should figure out de.licio.us, I suppose, except in that case I should first figure out why my de.licio.us feed has stopped.
I also use categories, well no … I use Blogger Labels which are sort of like categories except it is hard to find out what they are and place a current list and links on my sidebar. Blogger backlinks and Blogger labels remind me of the propensity of some Microsoft developer types to do-it-their-way when there is already an established practice out there. Yes, developers just want to have fun. But inflicting their NIH syndrome on the rest of us is not OK. Go do that in the privacy of your own home, please.
For the labels, I think I will periodically post a message that simply goes into every category I have used (Windows Live Writer knows what they are), so I can remind myself not to make up more and maybe even prune the list where I tend to always use multiple labels in combination.
Aren’t you happy that I have spiffed up this blog to the point that it serves as an invitation to my regular blogging on whatever strikes my fancy in the moment? Just wait, there are five more blogs and I have a great deal of pent-up blogging from my 18 months nose-down in document-standards work.
We all say Happy New Year!
This first post for 2010 brings more blog-template cleanup. I need to post something to confirm that the template is working, and here it is.
I am making these adjustments to this, my longest-standing blog, so that I can then ripple the same adjustments to other blogs. That will induce my priming the pump with a new post on each of those as I proceed.
Update 2010-01-02T12:47: Well, I have no idea how making del.icio.us tags accomplishes anything. Perhaps I need a place to “ping.” What I do know is that although Windows Live Writer things comma-separated tag lists are sufficient, del.icio.us doesn’t deal with spaces or “+” as space at all. That’s why you see the wonderful use of “_” characters in this repost. I think I still don’t have it figured out. I’ll settle for this serving as an example of system incoherence, for now.
Technorati Tags: Microsoft, Encarta, OneCare, Money, software longevity, trustworthiness, Maps, Works, MSN
I recently noticed that three of my favorite Microsoft products are to be no more: Windows OneCare (why are they still selling it?) , Microsoft Encarta, and Microsoft Money. That was striking for me and I have created a contingency plan for each of those products.
On reflection, it is not a new thing for various Microsoft applications to transmogrify and eventually disappear. Although I have never had an interest in Flight Simulator, I am still a devoted user of Microsoft FrontPage. If Microsoft Works were as clean and simple as the MS-DOS version, I would still use it. I have also used a variety of picture editors and photo editors that were bundled in various Microsoft products and that seem to come and go with each new computer system and occasional Microsoft Office upgrade. Some day, I suppose I will have to do without Windows Live Photo Gallery and Windows Movie Maker, especially as future versions/replacements demand hardware capabilities I don’t possess.
Now, Microsoft is not making a fortune for me as an occasional upgrader of these products (though I quietly paid my OneCare subscription renewal each year). It is interesting that not until the abandonment of FrontPage was announced did I begin to feel the squeeze and the lack of an appropriate replacement for abandoned Microsoft products. (E.g., Expression Web is both more and less than what suits my current web-development practices.) Now I now need to look for three more substitutions and also look at long-term measures for protecting my systems and my electronic financial records as well as maintaining my web sites. For the three latest-discontinued products, I find that I have three different contingency measures in place.
Wait, I Like Encarta
When I read that Encarta was to be no more, I resolved to go find a copy of the latest version. I have a version completely installed on my hard drive and it is a handy reference. I confess that I mainly use the dictionary (the default setting for the Encarta Search Bar kept handy in my Windows XP task bar). The encyclopedia is handy but it doesn’t get searched by Windows Desktop Search (a little incoherence there) and I find myself on the web (and Wikipedia) more often than in Encarta because that’s where Windows Desktop Search (and now bing) lead me best.
I’m currently running version 14 (Encarta 2005) and I actually had one monthly update that I didn’t install until last week. The reluctance to update has to do with needing to be administrator when I do it, and I usually forget Encarta updates when I am running as administrator for other maintenance purposes. It is a demonstration of my unnoticed waning interest that I didn’t know I had one update left from 2005.
Nevertheless, I wanted to have the latest and greatest if there were to be no more. Unfortunately, the latest version seems to be Encarta Premium 2007 and it is still pricey, even though pro-rated refunds were cut off on April 30.
I settled for the less-expensive Britannica 2009 Deluxe with the hope that the included dictionary and thesaurus is as easy to use as the one I am abandoning from Encarta.
Not Money Too. No, Not Money!
The shocker for me is last week’s announcement that Microsoft Money will also be no more. I checked, and my oldest Microsoft Money backup is dated 1999 and it has entries from 1998-01-01. I tended to hold onto versions of Microsoft Money. I didn’t switch to Money Plus 2007 until the version I was running under Windows 98 couldn’t be installed on Windows XP as I was off-loading the Windows 98 machine at the end of 2007.
I don’t like Money Plus 2007 as much as the older pure-desktop versions. The change of the user experience to one with integrated web features is mostly a nuisance. The software performs more slowly and I don’t do those on-line things. But I like the reports and the extensive history of purchases (and depreciation records) is important for me. I prepare my tax returns from records maintained in Microsoft Money, and I have had some success balancing my bank accounts using downloads that Money will rely on. (The experience is rather variable and I often simply balance statements manually instead rather than deal with what it takes to correct for a failed automatic account update.)
I discovered that my version of Money Plus “expires”
It seems like a no-brainer that what I want to do is install another downloaded version and continue to use it until I have a satisfactory replacement. I will also want to keep a copy around as long as possible to enable my use of existing records. I will need to discover how to export some of those for use in other products, or as spreadsheets that I can preserve in OOXML/ODF.
So I have another Money Plus Home and Business download and a product key for it. I will install it at a point this summer when I am carefully backed up, exported, and ready to risk an upgrade.
Goodbye OneCare, It’s Been Good to Know Ye
Microsoft OneCare arrived at just the right time for me. I had tired of Norton Antivirus upgrades and a growing drift from what worked just right for me starting before Norton/Symantec Systemworks and going back to a time when there really were Norton Utilities. I valued the simplicity all-in-oneness of OneCare for the following provisions:
It wasn’t the most wonderful product, but it was also steadily improved over the time I used it, right from the beginning of its availability. It did deal with my dominant computer security concerns.
OneCare also provided me with a great source of system-incoherence anecdotes, and I must recount some of those while I can still capture screen shots of the experience.
Actually doing backups onto DVDs was not the most exciting experience, as much as OneCare made that possible. Once backup functions were taken over by WHS, the cleverly-named HP Mediasmart Server (with its Windows Home Server version of Windows Server 2003) now on the network, that difficulty was mitigated and there are now automatic, incremental backups every night.
Still, OneCare works well and effortlessly for us, even if it reports that backups are woefully out of date (a new little incoherence on how OneCare has forgotten WHS is on the job).
It was also great that Microsoft announced that all OneCare support agreements will continue until their expiration. That means mid-September 2009 here.
On the other hand, the promised Microsoft replacements for OneCare are not in sight. I believe the last promise was for around August. I am beginning to squirm.
There appears time to find an adequate substitute, taking into consideration that Microsoft will offer some sort of solutions for some unknown degree of protection where I find it the most valuable for the computers here. Unfortunately, it is not clear that there is a decent non-Microsoft product that works here, regardless of the high reputation a number of Antivirus producers have achieved. The low reputation that is Microsoft’s automatic prize is apparently more myth than reality in my experience. On balance, OneCare works better than anything I have attempted to replace it with.
Here’s how my search is working out so far.
Since OneCare is to be no more, Windows 7 beta and Windows 7 RC not only had no provision for it, those releases were actually hostile to OneCare. So on Quadro7 I have been going through trials of other Antivirus products, partly to determine a good candidate to be installed uniformly on all of the systems here. None of the products tried so far seem to integrate well with Windows 7, which has apparently changed the rules enough that AV producers are having some difficulty. In particular, I have not found an AV product (even the Windows 7 directed beta releases) where Windows 7 reports that it is protected and the Windows Home Server concurs in reporting that my systems are protected.
Having tired of Symantec (and enjoying the liberation that OneCare provided), I haven’t gone back. My latest experience with McAfee was on WHS and that led me to prefer no AV there instead. (That experience also led me to be more cautious about the judgment of folks at Hewlett-Packard and the trial installations they chose to push to WHS.)
Meanwhile, on Quadro 7 I have gone through one trial of Kapersky and another of Trend Micro. I actually bought a retail copy of Trend Micro but Windows 7 chokes on that. Instead, I now possess an useless license since the Trend Micro beta for Windows 7 won’t accept the older-product registration code except when it installs as an update, and that doesn’t work on Windows 7. I’m moving on to F-Secure’s beta for Windows 7 right now and the trial lasts out past August. With luck, I might have a consistent Microsoft solution to deploy across all of the computers here. And if not, I will need to find a product that has an affordable multiple-machine license (as Trend does) and that doesn’t require me to use a web site to know my status (as McAfee Total Protection does).
There are clearly interoperability issues here, and the level of coherent integration is a challenge. It is a challenge for Microsoft too, but as one might expect, OneCare integrates more cleanly and, apart from an apparently-inescapable level of Microsoft paternalism, works most consistently and coherently than anything else I have attempted to use in its place.
Update 2009-06-15-04:06Z Correcting an expiration date for Microsoft Money.
Darren Rowse tweeted about Threaded Tweets, and I went for a look. I can’t remember the last time I saw a NaN delivered up by a web page, and this may be a first. I’m not sure whether 14996 replies is a very successful number, but I guess any thread that lives that long deserves some respect [;<).
There are three interdependent themes that I see around the development and sustenance of dependable systems: system coherence, confirmable experience, and trustworthiness. These and dependability itself are not independent notions.
I think this one is about confirmable experience
Something odd is happening. Thanks to screen-capture software, I can show you (and the producers of ThreadedTweets) what happened. In fact, I will tweet about this and if the cycle of learning and improvement is operating, the Threaded Tweets folk will pick up on it, if they aren’t aware of the glitch already.
It would be fun to create a threaded tweet about this as well, but I am not about to provide my Twitter credentials to ThreadedTweets in order to do that (and you can see the reason for distrustfulness here even though they claim to be using OAuth to protect me, yes?).
There is a part of the confirmable-experience cycle that figure in trustworthiness that I can’t account for. I have no idea how to the tweet threading folks are able to identify the specific difficulty, although it appears to be a stand-out no-brainer, so long as they can see the data on which the failed time-lapse calculation is being done. Smells like there is a division by zero or a failed data conversion in there somewhere too.
But as an end-user, I don’t know about any of that and my speculation is not the same as having visibility on the process for confirming what is happening, as opposed to confirming how users experience it. That’s the part I provide. Also, I notice that the NaN message has disappeared in the past few minutes, possibly because the defect has been noticed, possibly because it is transient and difficult to find.
The tie-in to trustworthiness
ThreadedTweets has a feedback and a support link that I could use to communicate what I noticed to them. Now that it the NaN is gone, I’m not sure whether that will help. They want an e-mail to the support address. I’ll send them a link to this post.
The tie-in to trustworthiness has to do with the demonstration of care for the adopters (a.k.a. users) by the producers of ThreadedTweets. In this case, it is how friction is removed from the ability of adopters to communicate their experience to the producers. The back half is how the producers demonstrate remedies or other solutions in a reliable way.
Since I am very much into identification of confirmable experiences and occasions where system incoherence show up, I have a screen capture utility at the ready at all times. This is necessary but not ordinary behavior required to to demonstrate what my experience is.
An interesting problem for an organization that wants to be trustworthy in delivering a dependable web-based service is this: what can be done that would allow ordinary, casual adopters to convey their experience to the producers in a way that is confirmable? That’s the question to consider.
And your assignment, if you choose to accept it …
That’s the bigger point of this tiny object lesson. Look for more to come. Notice ones in your own experience. Collect the full set. Entertain your friends.
Most of all, begin to notice those little moments of truth where your experience of products raises “uh oh” and “ick” experiences for you. What do you do about them?
This is not a trick question. I don’t do much about many that I experience. It is valuable to notice and even question that, though. What is it you are putting up with?
I arose at 5:30 am to be prepared for the 7:00 am Monday morning conference call of the OASIS OpenDocument Format (ODF) TC. The cancellation notice went out about 2:00 am, my time, from Germany, and I had the opportunity to crawl back in bed after a poor night’s sleep or start my day early. Oh wait, I can post on my much-neglected blog. Aren’t you the lucky ones.
Technorati Tags: twitpic, social networks, internet identity, password antipattern, start-ups, internet security, internet safety, security theater
[update 2009-03-06T20:43Z Hmm. I just checked onto Twitter over lunch and the first update was from Ed Yourdon about Twitter being hacked in some way that allows accounts to be used or users impersonated in some way. The instance on Yourdon’s update page suggest that these came in under the guise of posts using the web, so the exploit appears to be against the Twitter home page or the web site. Ideally, Twitter has finer-grained detail about the path over which these tweets arrive and what the likely exploit is. I had no knowledge or suspicions about this when I researched and created this post yesterday.]
It’s still happening. First it was Facebook credentials. Now it is the new hot: Twitter.
There’s an onslaught of web-based applications that integrate with Twitter and provide additional functions and services for you. Sounds exciting, yes?
But all of them want my Twitter credentials. Like TwitPic, when I wanted to make a comment on this photographic complaint about someone taking a single bite out of the P-I newsroom’s fat-pill supply. That stopped me short. They wanted my Twitter credentials simply to comment on the photograph. I passed.
WAIT!! Have I already fallen for this?
This has me wonder who else I may have already given my Twitter credentials too.
So there are mixed results.
It doesn’t have to be that way. When I configured Windows Live Photo Gallery to update to my Flickr account, I never divulged my Flickr (that is, Yahoo!) credentials to the program. Instead, it worked more like a PayPal transaction, with Flickr arranging a unique credential for Photo Gallery to use that applies only to it, apparently. I don’t know the details of that arrangement; I will find out more. This sort of arrangement needs to be more widely understood. (I’m pretty sure that I can use an Information Card to accomplish arrangements like this too.)
And Now, Some Security Theater
I have resisted two invitations to supply my Twitter credentials, not counting the one at TwitPic today. On reflection, they are each instructive.
Mr. Tweet Sends Me a Message
Mr. Tweet sent me a direct message. Well, that means I am following Mr. Tweet, doesn’t it? Apparently not. If I go to this page, it tells me I need to follow Mrtweet to start receiving the benefits. And when I check MrTweet on Twitter, I am not shown as already following it. Since my only contact with Mr. Tweet was 76 days ago, I have no recollection of anything I might have done that invited that original direct message to me, but I could have.
On the other hand, this appears to be an interesting arms-length arrangement. Mr. Tweet apparently provides support that does not require my credentials to access. Furthermore, its communication with me is via Twitter direct messages. My opting-in by direct-messaging Mr. Tweet does not require me disclosing my Twitter credentials.
I would say I am safely intermediated by this clever use of existing Twitter provisions.
Because I’m not interested in this service, especially not enough to receive direct messages, I am not following Mr. Tweet. This personal choice has to do with my direct messages coming to my e-mail inbox and also my mobile phone. I want to limit that traffic.
Hmm, looking deeper while researching this post, I see that the Mr. Tweet page does have a (Twitter?) login panel at the very top. Maybe this isn’t cool after all? Worse yet, if I choose to follow any of those Mr. Tweet lists as interesting followers using buttons on the Mr. Tweet page, it requests my Twitter credentials. Even though I can click through the links provided to the Twitter pages of those followers and follow them there.
FAIL!! I did notice someone that I thought I should be following, but I went to the Twitter site to do it.
Mr. Tweet should stop being so helpful and take those follow links of their recommendation page, letting us use Twitter to do it. Links to individual Twitter pages are all we need.
Now I wonder what the direct-message enablement is all about. It should be a way to establish that I am the user of the account I would use Mr. Tweet for, but they don’t really need to establish that, it appears.
Mr. TweetSum has Data just for Me. Not Really.
Tweetsum was being recommended in a Twitter update from Andrew Woods. I still don’t know what a DBI is, but I saw immediately that I must use my Twitter credentials to get started. That stopped me cold, as usual.
On questioning Andrew about this, I was not inspired by his remark that he knew the developers and one was a security expert so he had no problems with providing his credentials. What failed to inspire my confidence is that there does not seem to be any need for my twitter credentials for them to accomplish what they offer.
I now see on the TweetSum blog that they know they don’t need the credentials too. They promise not to keep them and “don't worry, we don't keep this info -- twitter merely tells us you are who you say and we believe twitter.”
So, wait a minute. They don’t need my Twitter credentials to do what they do, just as I thought.
Yet they want to be sure it is me? Why?
Someone who asks for Tweetsum analysis for orcmid still can’t impersonate me to Twitter or any of my followers or anyone else. They can’t do anything with information from TweetSum that they couldn’t do anyhow (like, stalk all my followers or something), with or without automated assistance. So what’s the point?
TweetSum having my credentials even for that one check is just security-theater ceremony. There are a lot of those being passed around these days, but that is no reason to tolerate them.
There is value in learning to spot security theater illusions, though. When we encounter these charades it is also legitimate to wonder what else is not being understood about security on the behalf of a service’s users.
Just after midnight coming into Saturday, 2006-12-06, I unloaded my sad experience with Flash Player detection since updating to Flash 10 in IE 8. The details are in the article “WTF: The Adobe Flash Version 1x Crisis.” After that, I created a question on Stack Overflow to explore the geek side of the problem.
I just confirmed that the problem is more subtle than my original suspicions: Flash 10 Detection works in IE 8 beta 2 when I’m elevated to admin and it fails on many (but not all) sites when I am running as a Limited User Account (LUA). So I am seeing what may be a permissions problem that only shows up for users who browse as limited users on Windows XP SP3.
This leaves two mysteries: (1) what is the permissions problem and (2) why does Flash detection work on some sites anyhow?
Technorati Tags: Adobe Flash, Software Version Checking, software usability, software engineering, distributed applications, confirmable experience, system incoherence, StackOverflow, cybersmith
Not Exactly What I Was Looking For
Thanks to a lead from RoBorg on StackOverflow, I was given some useful leads on Flash Player detection resources. This led me to experiment with Adobe Flash Player Detection Kit 1.5. The Kit’s sample for client-side (that is, in-browser) detection failed, suggesting to me that this would be good code to explore for isolation of the problem. I began to conduct an autopsy on Adobe’s sample code.
My first discovery in using the Client-Side Detection sample code is that the failure to detect Flash 10 is not about an incorrect comparison for desired-or-later version. The client-side detection doesn’t get that far. An internal procedure, GetSwfVer, for finding an installed version of Adobe Flash Player is unable to detect any Flash Player at all. So it reports that it failed to find any version installed.
This had me suspect there is something going on with the Windows Registry (where I can see that there are entries for ShockWavePlayer, the Macromedia name that continues to be used). I can also see that there is an entry for Flash Player version 10. Internet Explorer also shows that it has the player installed and enabled when I check the Tools Manage Add-ons menu selection for all add-ons:
I also have observed that the Adobe Flash Player Detection Kit and recommended detection methods have a poor reputation among some developers. I have no reliable evidence to support that. I will, however, also check into the recommended alternative, <swfobject>. If I find that it works where the Detection Kit Client-Side solution does not, that will be worth exploring for what the workaround is. There is a handy article by Bobby van der Sluis on the Adobe Development Center. The sample files there should get me started the same way I have made use of Detection Kit 1.5.
Another Country Heard From
Meanwhile, I noticed that there is also support for Google Chrome. Chrome is the other in-beta browser I keep around to compare with IE 8 beta 2 results and to sometime use as an alternative for some sites that I just can’t get to work with IE 8 beta 2, even in compatibility mode.
I managed to install Flash Player 10 for Google Chrome today. It turns out that Google uses plug-ins, not ActiveX controls, and the same plug-in that works with FireFox and other browsers sharing some of the same code base works with Chrome. It is actually tricky to get Chrome to install a plug-in, but I managed it.
This is a plug-in, not an ActiveX control, so its detection and use can be rather different. Nevertheless, I confirmed that Chrome will play Flash 10 for all of the sites where I am unable to have it work for Internet Explorer, including YouTube and the CBS Television NCIS program page. That solves my immediate desire to catch up on programs that I’ve missed. That makes me happy, as a program watcher.
I still want to get to the bottom of this and complete my diagnosis of Flash Payer detection difficulties with Internet Explorer.
A Small Matter of Privilege
Because I had to be running as administrator to install the Flash Player Plug-in, I first tested Chrome-based Flash Player detection and video playing while my Windows XP SP3 account was still elevated to administrator. Everything worked.
As an afterthought, I also attempted to use IE 8 beta 2 under administrator privileges. It works!
But when I restore to my account to Limited User, it doesn’t:
Hmm, it doesn’t pick up the icon in the address bar either. IE 8 offers compatibility mode for this page, but it doesn’t make any difference to pretend to be IE 7 here.
OK, What’s Next?
I have solved the problem of being able to continue watching my favorite Internet-available programs.
I have not solved the problem of client-side detection in IE8 and what about account privileges has detection work where it doesn’t when I am operating as a limited user.
I will continue my dissection of available client-side code to isolate the problem and determine how some sites manage to get around the limitation I am experiencing.
This business of having applications work while I am administrator and not as limited user is not new. I tend to associate this with my upgrade from Windows XP SP2 to SP3, and it may be related to more-recent security updates. I cannot be certain. I do know I have been putting up with this for some time.
I am hopeful that if I get to the bottom of this one, I may be able to solve other problems (such as having a NewsGator Inbox plug-in for Outlook that only runs when I am administrator).
As far as the specific problems of reliable Flash Player detection in IE8 go, I will continue to work on that as well, but not with the same urgency.
Also, because anything I do from now on will be very geeky, I will provide an account on places like Professor von Clueless in the Blunder Dome and Stack Overflow, as appropriate.
The Incoherence of Confirmable Experience
Although I have wandered off into the weeds on this exploration, there are a number of examples of system incoherence, something where the web is a bountiful source of examples. The difficulty of confirming my experience and isolating it to something that is reproducible by others is also well-demonstrated here.
I am also mindful that the reason there is no great hue and cry over Flash 10 detection problems is that I may be part of that select and small population of devoted LUA users who are seeing the problem at all. This is, of course, fodder for a different sort of rant.
Had any problems with Flash Player version detection lately? Try updating to Adobe Flash Player Version 10. Prepare to be shocked by the poor quality of Flash version detection in the wild.
After upgrading to a clean install of Adobe Flash 10, I discovered that nearly all video sites that worked for me in the past began denying that I had a version of Flash as good as what that they required. Still other sites deliver Flash video to me just fine and, on occasion, I am able to experience the higher quality HD streaming that some sites now support. It is amusing to see who fails to deliver video to me and what they have to say about it.
I leave as an amusing puzzle how one determines what is going on and what the bug is likely to be. My suspicion is that the bug is hilariously simple yet spread like some sort of plague throughout the Internet.
Technorati Tags: Adobe Flash, Software Version Checking, software usability, software engineering, distributed applications, confirmable experience, system incoherence, StackOverflow
Adobe is experiencing its own version of the Y2k disaster, only in a simpler and more hilarious form. As far as I can tell, the problem is not Adobe’s. The difficulty is that many sites are completely unprepared for this version of the Flash Player.
[2008-12-08T20:37Z update: Further analysis reveals that my particular problem is related to permissions in some way, not simply comparing version numbers incorrectly. I have no trouble with Flash 10 detection and playing when I am running as administrator. The difficulties arise only when running as a limited user. This doesn’t explain why I am successful some of the time as a limited user, and more forensic work is required. For details on the dissection so far, see “WTF: Umm, Flash 10 Detection Not So Simple.”
Here’s how I experienced the widespread (for me) Flash 10 detection failure.
There you have it. I’m sure this is not pleasing for Adobe. Let’s just hope that the detection problem is not from an Adobe-provided sample of how to do it. [Update: It appears that the problem has been promulgated in Adobe-promoted materials.]
[2008-12-06T19:20Z update: I went through and added links to the actual sites and videos where there is narrative. I also noted some successes where sites simply worked as expected.]
Technorati Tags: orcmid, LUA, SUA, UAC, Second Life, Punishing Standard Users, Running As Administrator, Safe Computing, confirmable experience, system incoherence
[update 2008-11-27 This page is moved from Orcmid’s Live Hangout and retained here as part of the topical archive on confirmable experience and software incoherence. I was moved to do this, and salvage more Hideout material, by some remarkable experiences a full year later.]
There is a slippery tug-of-war going on between Microsoft and third-party application developers. This even has Microsoft application-product and developer-product development teams fighting/ignoring/neglecting/throwing the mud that is piling up on the user doorstep.
I'm talking about the effort to have users operate safely and snuggly in Standard User Accounts (SUA) and the actions taken by application developers and their employers that completely fail to respect the user in this matter. No matter how much has been said and published about how to deploy applications in a way that works easily for standard users, there are continuing expectations that users run as administrator all of the time. This is made the simple case, reinforcing a practice that we all know to be unsafe (although Vista has a mitigation that some people insist on disabling).
Picking on Second Life
Here's an example of what I mean. I choose it because it is typical and because it all happened while I was looking for a way to illustrate this. Second Life is representative (although no less disheartening).
The Setup: I haven't been on Second Life for a while, which means there is doubtless a mandatory update that I'll be required to install before I can get "in-world." This is so predictable that it actually keeps me away from Second Life even longer once I have been away for more than a week. I start putting off the pain of downloading and installing another release.
Today I was doing some system clean-ups and celebrating the new power-backup unit I installed after a series of storm-related power hits defeated my old battery backup. As a reward, I was tidying up some loose ends after running system tune-ups and catching up on important things like my Facebook presence.
Nice New Update Announcement
I decided to check into Second Life and see what's new. When I brought up the application (and I was running as administrator because I had been installing some other updates), I found a message that I have never experienced before. The message was in a corner of the Second Life client user interface.
I hadn't logged-in yet, but the application apparently checked on-line for an update and it had that message for me. I went ahead download the 18.104.22.168 release into a location on my computer where I save Second Live releases. (I usually keep the current one and its immediate predecessor, along with screen shots of my experience.) Now, I usually don't turn on any automatic check for updates, and I don't recall ever being offered an option in the matter. Since Second Life is an on-line application, I am not surprised. I am surprised this showed up before I opted to connect to the on-line system though.
Not So Fast There, Sparky!
I downloaded the announced update while still elevated to computer administrator, but I didn't install it. I was excited by that "now the choice is yours" phrasing. I wanted to see that in action. I clicked the Connect button to sign into Second Life. Oh, what have we here? The usual. Not exactly a choice, huh? This is the dreaded message I have come to expect.
Since I don't want to do this as an on-line administrator, I clicked Quit. I already have the update. I can install it when I am good and ready.
My previous experience using the Download button is that Second Life will download and attempt to run the install. Because my computer account is normally set to "limited account" the install will fail and I will still have to go to the Second Life site, log in to that site, download the new version, and then install it myself while temporarily upgraded to a computer administrator account. The new Update Available notice has saved me the need to hunt down the download on my own. That is a nice improvement.
Say Stranger, New in These Parts?
I wanted to demonstrate how painful it is to go through a 33-megabyte download only to be told the install can't be done. I switched from Computer administrator back to Limited account to demonstrate what happens. I haven't taken this path since March 2006, the first time I discovered that Second Life does not have a non-administrative way of updating itself. (This was no surprise, but I tried it to be certain.) [This is from a photograph of my screen, slightly defocused to avoid interference patterns in the image. The OneCare pop-up refuses to be screen-captured with the software that I use. The yellow-alert condition there is because I need to run backups. I have to be elevated to administrator to do backups and also to have the correct account data be backed-up too.]
When I opened the Second Life client and got to the download button again, the download didn't even start: Second Life tripped over my firewall. That's interesting because my firewall is already conditioned to allow Second Life access to the Internet. What's even more interesting is that whatever program is being used to install the download, it is one I (and OneCare) have never heard of. I can go no further without checking with OneCare.
I could take Second Life's advice and install using the download that I already have. I certainly don't want the auto-update to succeed. I do want to understand why it failed in this particular way.
I switch users and quickly log into a computer administrator account to consult with OneCare on the matter. I do so, and OneCare's notification comes up immediately.
Uh, I Don't Think So
As a computer administrator, I now have something to say about the program that was blocked.
Now, what program is that exactly?
Let's see, it is not signed code (that's what Publisher Unknown means). There is no version or company identification.
The name of the program is a made-up tmp.exe with a random name.
In fact, the program is in my user-account Temp directory. None of this is reassuring in any way.
My intention is to block this program forever, assuming that it ever runs again, but I'm curious to know if it will still attempt running. [Next I have second thoughts and block it permanently on the second notice which was apparently already stacked up.]
There are two things going on here. First, I am willing to believe that the Second Life client creates a copy of a down-loader in the Temp directory so that the install can happen atop the Second Life location without weirdness. I am almost willing to give that some credence.
Secondly, I am satisfied that the update would attempt to run automatically. There's no danger that the down-loader can accomplish anything, however. Writing to C:\Program Files\Second Life\ on my machine can only be done under an Administrator account. I'm not operating in one of those, which is what I had started out to demonstrate until the firewall intervention occurred.
Reviewing the Situation
So, the easiest way to install all of those interminable Second Life updates is to be running on-line as administrator without a firewall.
Clearly, the Second Life folk know that and they design that as the inviting case. Look, they suspect that their connection attempt with this weird little program is blocked by a firewall.
That's what I mean by the slithery tug-of-war. I also hate it when applications check automatically for updates and then nag me about it. Being denied access to the service until I install one of the interminable updates is worse. Of course, the fact that I put up with this in order to enjoy Second Life eye candy and all the in-world denizens just shows how tempted I am. Even I, a devout Standard User.
Apparent convenience trumps security and safety. Almost all of the time. And we mostly put up with it.
Installing the Usual Way
Today's experience has me thinking that I would be better off not playing in this game with the Second Life developers, regardless of any seductive appeal of their application. But let's see how well I do when I employ my safe practice to install the update and finally return in-world.
This is the file I downloaded earlier. The message applies to that file.
See how complacent I am? The code is not signed, and I don't do anything about refusing to accept unsigned software, especially when downloaded from the Internet (although probably under safe conditions).
As you see, I am going to go ahead and install it. I am now running with my account switched from Limited User to Computer Administrator. I am not on-line, although I am connected.
My intention is to install and run the application once while I am administrator so I can condition my firewall for the new version of the application.
Oh yes, installers have a habit of wanting to access the Internet too. I often experience requests to condition my firewall before a Setup program gets very far. That is also true here. No surprise. We haven't even started up the program and already there is Internet activity.
On continuing, the revised Second Life version starts up for the first time.
Oh, What's this? We get all of this way and now I am given an absolute click-through requirement to accept a lengthy Terms of Service agreement. That seems to be one of the improvements of this release.
I couldn't even get it onto my clip board for closer review later. You can see I selected the text, but I couldn't get it where I could preserve it. And it is long. And mind-numbing. The part that I have scrolled to is section 5.3 where I am informed that everything that I have done on Second Life, any Linden Dollars that I happen to have, and any credit for any purchases can disappear at any time for any reason whatsoever.
Well, I'm certainly happy that they require me to promise to have read this terrible document before I am allowed to continue on and connect into Second Life, the world.
After my exploration was over, I went to the Second Life site and did manage to find a web page with the Terms of Service at http://secondlife.com/corporate/tos.php. I can't testify that it is the same document, but Section 5.3 is definitely the same and I did download a copy for my reference.
About now, I am wondering why I am continuing to put up with this. I wander around in-world for a while, mainly pruning my list of landmarks of places that seem to be dormant or not that interesting.
The Prize in the Bottom of the Box
OneCare let me know about a second program not long after I allowed the main Second Life program to have access to the Internet. For some reason, the extensions to allow direct voice audio in Second Life are provided or installed using a second program, one that my firewall wants me to consider whether or not to allow.
I opt for the program to run. I didn't put on my headset and microphone nor did I find any avatar to talk to this way.
I am grateful for this little addition though. When I closed Second Life, I experienced a frightful system slow-down. Everything turned to molasses. Windows were blank and took forever to paint, that sort of thing. At the end of that prolonged seizure, I received a wonderful message.
I have been waiting almost two years for one of these. It is worth a completely separate blog post by Professor von Clueless, but here is the message. I wanted a real-world example of one of these and now I have it. Thanks, Second Life developers.
[Dear developer: This condition may be a consequence of the temporary blockage that OneCare instituted during the first-time execution of the new version. If the program never noticed that the block had been removed, or was somehow derailed by the block, this Runtime Error might be a consequence. I did run Second Life one more time after restoring to a limited account and there were no further errors and no unusual slow-down conditions.]
A little more background: Even though my main development system runs Windows XP (Media Center Edition 2005), I operate in a Limited User Account (LUA) whenever possible. I have an administrator account that I use only when I need to perform a purely-administrative function (including allow Microsoft Update to install goodies it has ready for me). I'm effectively implementing the equivalent of User Account Control by manual procedure. This is in the spirit that Dennis Wallentin expresses in his 2007-10-20 blog post on being UAC Compliant:
When I need to do something different, such as install new software or update downloads from other sources, I will carry out the download, parking the file in a safe place that I can use for any future re-install. Before installing, I switch my normal account to being a computer administrator and I install under that account. This is to ensure that the software installs properly for operation under that account and not all accounts, if possible.
Second Life, as do many other applications, installs for all accounts on the machine, including all Administrator-group accounts. When I detect this, I remove all icons, shortcuts and start menu occurrences from "all users," confining them to my normal account instead. Automatically installing for use from all accounts on the machine is another action that punishes my efforts to be a Standard User and only allow pure administrative activity in my separate administrator account.
[update 2007-10-21T16:59-0700: I provided a link to the detailed post about Visual C++ Library runtime error messages and also cleanup up some rough edges in the text of this post.]
|You are navigating Orcmid's Lair.|