Geoff Chappell - Software Analyst
My return in June to writing-up for free publication has produced work that’s all over the place. There turn out to have been several reasons for the break since November.
First, I need to earn an income. I keep bleating on about this, but if you use my published material, quite possibly to help you with paid work, including for employers who wouldn’t employ me, then it seems only fair to remind you that I don’t draw a salary for it.
Second, as I expected in November, the purchase of new computers side-lined me into private research to help me get past my many frustrations with Windows 10. I count myself as an advanced user, yet I have never felt so helpless with any computer as I did in November and December when trying to set up Windows 10 by myself from scratch. It’s not as if Windows has got more complex than I can comprehend. It is instead that Windows now comes with a strong feeling that I am not in charge of my own computers. Windows is now a “service” that comes with Microsoft as the IT Department to the world. But what an intrusive IT Department! They threaten to reboot my computer any time they judge that I’m not using it. They spontaneously change my settings or rearrange my desktop icons, often as a surprise after one of those reboots. Then, while I’m putting everything back, they interrupt me to tell me that they’ve made things better! Who is it who writes such invasive, obstructive software but tells us that it’s so much for our benefit that we have to accept it? And who is it who designs such obviously poor user interfaces, e.g., for making you work a little bit harder for every little thing, yet thinks they’re good? That I don’t get it perhaps means that I am now “officially” an old man!
Mostly though, the delay in writing up is because I got it into my head to commit to an examination I had long put off as important but which would surely need more effort that I can justfiy for my own interest. But then I got to see Microsoft taking advantage of information asymmetry in some commercial support that is not mine to talk about. The subject, however, is anyone’s to study. Though it had always seemed too big to take on, I resolved that its time had come. I’m no stranger to putting large amounts of my own time into one or another research project, but never before have I done so with no idea how I might write any of it up! I still don’t even know how I’ll fit it all into this website’s organisation. But a few results will stand on their own and a first article is ready this month, if only as a draft of a first pass.
That Windows has code for significant behaviour that Microsoft does not document is nothing but inevitable. Sometimes, even often, Microsoft keeps to itself that the behaviour exists or is possible. Every now and then, though, Microsoft goes further and makes the code inaccessible to ordinary Windows users by putting it behind a licensing barrier.
It was inevitable but as I worked my way through a succession of Windows 10 releases for the preceding write-up, I just had to look for how and when Microsoft fixed the long-lived kernel bug that can crash Windows from user mode and which I reported to Microsoft in late December 2016 and published here in January 2017 after concluding that Microsoft was insufficiently responsive. (For my take on that, see Most Viewed in January 2017.)
Surely not inevitable is that of the two simple coding errors that independently can cause the same crash, the 1703 release of Windows 10 fixes only one. An immediate consequence is that it remains true that all known versions of Windows can be crashed by one small unprivileged user-mode program. Almost as immediate is that I’ve had to update most of my own pages that describe not just the bug but the relevant functionality (the study and documentation of which was, after all, how the bug ever got found).
Microsoft tells me that their second attempt is in an update scheduled for July 2018. I do not expect that Microsoft will tell me where they describe the problem. I do not expect that Microsoft will describe the problem so plainly that I will be able to know where just from casual reading. As far as I’ve ever seen, plain description doesn’t follow even when those who report a problem to Microsoft go along hook, line and sinker with Microsoft’s scheme of Coordinated Disclosure, whether for a bounty or for a few crumbs of acknowledgement. That “security research” gives such cover to any software vendor is to everyone’s shame.
Tacked on, not quite as an after-thought, are two pages of user-mode cataloguing that I prepared in February as background to fixing for myself what is for me one of the bigger user-interface irritations of modern Windows. As noted in November 2017, there’s much such stuff to do before I can see myself using Windows 10 comfortably. More will come.