Yesterday I mentioned that I’m hoping to drag my feet on deploying Windows 10 at work and I doubt anyone else in even the most vaguely technical role will argue with me. Ultimately, it’s going to be some executive who sees it running on a display laptop at Best Buy or something and I’ll be forced to tip the first of many dominoes in a succession of many bad decisions and then white knuckle it through the days leading up to the first fix patches. Since it’s technically out in the wild over the next few days and I’ve generally found that the least technically adept with the majority of their crucial files saved to the desktop are the quickest to hit the shiny, candy-like ‘upgrade’ button.
I hadn’t really studied up on the WiFi Sense feature in Windows 10 and now that I have I can see a whole bunch of potential problems with it. My workplace has the most basic wireless setup I’ve ever seen and, because it’s ultimately so useless, it really doesn’t have much traffic. It’s internet only and is protected by a fucking WEP key that is crackable in about 15 minutes. That said, you’d get a slow unreliable internet connection and nothing else. You’d need a VPN client and it’s difficult enough to get our VPN appliance to poop out a compatible client much less valid credentials. So, in our workplace, WiFi Sense would almost make sense since an outdoor only experience that randomly disconnects would not provide much of value to an intruder and isn’t stable enough to commit any heinous acts while connected to it. It’s useless, but a safe (from the business perspective) useless.
At home, I’m a bit twitchier about wireless security. There it’s WPA or nothing and I don’t hand out my password to anyone; I go over to their device and type it in for them which I think is more polite than shouting an amalgam of symbols, case shifted letters, and numbers across the room. I think of myself as fairly sane and the reason that I like to keep connections from the outside world to a minimum is that I don’t like to have police my internal network if I can avoid it. I do password protect all of my own devices with a PIN at minimum and I’ve gone through periods of only allowing a double handful of MAC addresses to join the faster AP that actually hands out 802.11ac connections. Those, in a perfect world, can grab 450 MB/s and I’d like to keep fucked up machines off a pipe that wide since I’m ultimately responsible for what they do while I’m hosting. One thing I’m not doing is appending _optout to the end of my SSID because bearing the onus for poor design at my own expense (and god it makes my network look stupid) isn’t something I want to do. I’ve yet to have to deal with this because none of my friends did more than toe dipping into the Windows phone and 10 isn’t really out there yet. I’m going to be right back to typing in passwords again and making sure that the ‘Share with my contacts with compromised machines so my SSID and password can make its way around the world’ button is never checked. Ugh.
I’ve only had one gig that required supporting Windows Vista and that was limited to a single machine. As a result of that, I largely ignored the interface changes between XP and Vista. I knew the names of most of the msc’s and cpl’s that I would need doing day-to-day support and administration so I just ignored most of the horrible GUI “eye candy” and coasted along like nothing had changed. I’ve been lucky enough to completely ignore the 8 series of Windows so I have no idea what horrors/surprises are hidden there. I’d much prefer to keep my optimism and sanity intact so I don’t spelunk in places that I don’t need to.
Today, I needed to setup an executive video conference. They were reluctant to use the Chrome Box which, you know, just works so was out of the question. After years of using LifeSize and appliances similar to the Chrome Box, I dread it when people want to connect directly to projectors with VGA cables and use an actual telephone for audio. Whatever, dudes. The really obvious downside to all of this is unless you permanent change the power settings in Windows, someone has to sort of use the computer while it’s projecting lest Group Policy insist the machine fall into a fugue state after disuse for 15 minutes. Today, I discovered the motherfucking Mobility Center which is accessible from Windows Key-X. That ‘X’ means I’m pressing the key combo, setting the machine into Presentation mode so it doesn’t nod out when someone is viewing a presentation, and bugging out. The number of times that I’ve praised a Windows feature in the past decade is very small, but this is one of them. Despite being relatively hidden, this is good stuff.
In the panel that represents today in the comic book version of my life , there would be a particularly loathsome looking demon. He would be drawn much like an early Jack Chick (I was going to link the Jack Chick tracts site there, but I ended up spending like $25 on an assortment of tracts after going there. Urgh.) villain: all scaley, slime covered, and with WSUS emblazoned across his chest in picnic table metal letters. His dialog bubble: You thought you'd seen the last of me, but I knew you'd come crawling back in the end. Haw! Haw! Haw! Haw!
WSUS is awful.
Lucky for us Windows 93 is finished and it is absolutely perfect. The viruses are perfect and there’s a nice selection of functional software you can mess with.
You can read a more entertaining/enlightening write up over here.
I disagree emphatically. Microsoft has never, ever, ever been remotely cool. We’ve suffering at the hands of crap that values easy installation over stability for a couple of decades and I’m pretty happy that MSFT is a pretty minimal concern in my life (outside of Active Directory which I’ve always found to be basically okay or at least a smaller pain in the ass than Open Directory or any of the other LDAP authentication services) these days. Congratulations on taking a very calculated risk on some marketing materials. Woo.
A day or two ago at work I experienced some buggy behavior with Windows 7 that I’ve never seen before. I’ve seen a lot of Windows 7 broken-ness so it made me scratch my head for a few minutes.
Here’s the deal:
A user closed his Dell laptop with his earbuds resting on the keyboard. This, of course, shattered the screen and made it useless without an external monitor. Luckily we have huge stacks of the same model sitting in our storage area. This makes things like doing the easiest thing in the world at four fucking thirty in the afternoon possible and a very appealing out for a guy who really wants to leave as soon as humanly possible.
The easiest solution was just to swap the hard drive to a new laptop chassis, pour a beer, and call it a day. Unfortunately, this wasn’t an easy solution day and the machine refused to boot normally. At first, it was the vague your computer has shutdown due to an error crap which I dismissed and mocked. I hoped that would be the end of the commodity laptop brain transplant complications, but the patient had other ideas. Windows would successfully boot, throw up our usage agreement click through (part of the GPO and not my doing), and display the credential fields like it would eventually let you log in. I logged in with the local admin account and stared at the blue void for ten minutes. Usually I’m hasty with the improper yet gratifying manual power down but I felt like giving Windows the opportunity to try to do the right thing so I got a beer.
Luckily, I ran into some friendly co-workers when I went on BeerQuest and took entirely too long to get back to the project at hand. My local admin account successfully logged in so I figured it was safe enough to log out of that account and let the user (who had been faithfully camped out at my desk for most of this misadventure) try to log in with domain credentials. This was another terrible logistical error on my part. Maybe my confidence was inflated by having a beer in hand (Stone IPA even) or something, but the end result was much like my first local admin login: very long and without any feedback from winlogon.exe in the Event Viewer.
We waited a crazy long time which resulted in the user going to get a beer and me anxiously twiddling my thumbs and hoping vainly to eventually leave work and do something else that didn’t involve broken Microsoft product. His login failed to ever materialize after 25 minutes of pointless waiting (it just froze the machine) and after giving him a hard time about remembering his password I started to throw up my hands in utter defeat and work on getting a loaner machine together for the interim. My boss walked by as I was ranting about this and asked what was going on and why I was still hanging around. I gave him the (enraged) capsule explanation of what had happened. He asked if I’d checked the licensing for Windows. I hadn’t and that ended up being the ultimate fix.
Seriously: plugging the MAK key in as a local administrator magically fixed all of the issues. The domain account logged in seconds and without issue after I did this. I would be fine with this behavior if there had been any sign during any of the fruitless troubleshooting that this might be an issue. This is an excellent example of why, despite spending the majority of my career supporting software that bears the stock ticker MSFT, I think Windows is an equally abject failure on the enterprise (I hate this term) level as Apple’s OS X. Part of my felt like I should be grateful for a concrete situation that I could point to instead of just lapsing into mumbling and shrugging. That said, if your software fails silently when expecting an action by the administrator you have failed miserably. I may be waiting for you by your car when you leave work for the day. It could totally happen.