Sunday, October 07, 2012

Buggy Windows 8 #1

I am back on the blog!

After spending hours on my HP Elitebook 2760p, I finally got the newly released Windows 8 Pro properly installed on the tablet. Thanks to the streamlined, redesigned setup process, installing Windows 8 from scratch is much easier even than Windows 7, though due to the lack of Windows 8 drivers for several tablet devices, additional steps are must required to cofigure the Windows 8 in order to make all devices and essential HP applications workable. Another individual post will be talking about the custom steps in details.

Today, and from now on, let's talk about the bugs I found from Windows 8.

Since Apple started dominating the mobile industry, it seems that Microsoft has been pushed for a long time by the competitors, the consumer market and the end users, therefore the Redmond Gaint was too keen to quickly become a key player in both consumer and enterprise arenas of today. Unfortunately, like Windows Vista, Windows 8 was born under too many pressures and anxieties.

As a result, Windows 8 is buggy, even though it has a good look.

Here are some bugs I found during my first taste of the deluxe Windows 8, and the issues were never seen in its earlier versions (except one for Windows 7).
  1. Once Windows is restored from hibernation, the system always turns Second Screen settings from my pre-configured Extend mode back to the default PC Screen Only mode. Hence, you have to press Windows + P again and again every time you wake up your computer from deep sleep, and rearrange the windows to the second screen!

  2. When no battery is detected, Windows shows an unplugged battery icon in the notification area. However, if you click the icon, a correct icon (no battery and plugged in) is shown in the pop-up details. See below.

  3. Once a netowork connection is disconnected, its previous IP address is still pingable, although you cannot see the IP address on any listed interface (IPCONFIG /ALL) as the media state is disconnected. Double checked the same senario with Windows XP and Windows 7. Unfortunately, Windows 7 did have the same issue, and Windows 2008 was also reported on this. Windows XP never bahaved like this. This could cause false detection if a script is designed to use Ping for detecting interface status.

  4. If you have dual monitors, once you click the network connection icon on the system tray (notification area), the big Networks list slides on the right side of primary or secondary screen, randomly! It is a bit annoying to check both screens for the same list, especially when working with a large external screen.

  5. The Internet Explorer app can never be closed by mouse or touch gestures. Both Close Tabs and Backward button on the screen have no way to close the app. The only way to forcely quit is by pressing ALT-F4 when the IE app is active. The same situation applies to the built-in Mail, People, Messaging and Calendar apps. If it is by design for Mail and Messaging, what's the point to keep the IE app always running in background??

    Update: It's by desgin of Windows 8. To close a Metro app, point your mouse or finger on the top of the screen and drag it all the way down to to bottom. The operation is easier for using hand and a bit awful for mouse operation.

To be continued.

Saturday, July 16, 2011

Software list of HP EliteBook 2760p

Testing Windows Live Writer


Tuesday, November 30, 2010

Analysis of China's Green Dam Censorware system

From WikiLeaks

Jump to: navigation, search
June 11, 2009

By Scott Wolchok, Randy Yao, and J. Alex Halderman] (Computer Science and Engineering Division, University of Michigan)

We have discovered remotely-exploitable vulnerabilities in Green Dam, the censorship software reportedly mandated by the Chinese government. Any web site a Green Dam user visits can take control of the PC.

According to press reports, China will soon require all PCs sold in the country to include Green Dam. This software monitors web sites visited and other activity on the computer and blocks adult content as well as politically sensitive material.

We examined the Green Dam software and found that it contains serious security vulnerabilities due to programming errors. Once Green Dam is installed, any web site the user visits can exploit these problems to take control of the computer. This could allow malicious sites to steal private data, send spam, or enlist the computer in a botnet. In addition, we found vulnerabilities in the way Green Dam processes blacklist updates that could allow the software makers or others to install malicious code during the update process.

We found these problems with less than 12 hours of testing, and we believe they may be only the tip of the iceberg. Green Dam makes frequent use of unsafe and outdated programming practices that likely introduce numerous other vulnerabilities. Correcting these problems will require extensive changes to the software and careful retesting. In the meantime, we recommend that users protect themselves by uninstalling Green Dam immediately.


1 Introduction
2 How Green Dam Works
3 Security Problems
3.1 Web Filtering Vulnerability
3.2 Blacklist Update Vulnerability
4 Removing Green Dam
5 Conclusion
5.1 Acknowledgments
5.2 Contacting the Authors
6 Source documents
7 See also

Accordingly to recent news reports (NYT, WSJ), the Chinese government has mandated that, beginning July 1, every PC sold in China must include a censorship program called Green Dam. This software is designed to monitor internet connections and text typed on the computer. It blocks undesirable or politically sensitive content and optionally reports it to authorities. Green Dam was developed by a company called Jin Hui and is available as a free download. We examined version 3.17.

How Green Dam Works

The Green Dam software filters content by blocking URLs and website images and by monitoring text in other applications. The filtering blacklists include both political and adult content. Some of the blacklists appear to have been copied from American-made filtering software.

Image filter Green Dam includes computer vision technology used to block online images containing nudity. The image filter reportedly works by flagging images containing large areas of human skin tone, while making an exception for close-ups of faces. We've found that the program contains code libraries and a configuration file from the open-source image recognition software OpenCV.

Text filter Green Dam scans text entry fields in various applications for blocked words, including obscenities and politically sensitive phrases (for example, references to Falun Gong). Blacklisted terms are contained in three files, encrypted with a simple key-less scrambling operation. We decrypted the contents of these files: [data/xwordl.php xwordl.dat], [data/xwordm.php xwordm.dat], and [data/xwordh.php xwordh.dat]. We also found what appears to be a word list for a more sophisticated sentence processing algorithm in the unencrypted file [data/falunword.php FalunWord.lib]. When Green Dam detects these words, the offending program is forcibly closed and an error image (shown above) is displayed.

URL filter Green Dam filters website URLs using patterns contained in whitelist and blacklist files (*fil.dat, adwapp.dat, and TrustUrl.dat). These files are encrypted with the same key-less scrambling operation as the blacklists for the text filter. Five of the blacklists correspond to the categories in the content filtering section of Green Dam's options dialog (shown [#screens below]).

We found evidence that a number of these blacklists have been taken from the American-made filtering program CyberSitter. In particular, we found an encrypted configuration file, [data/wfileu.txt wfileu.dat], that references these blacklists with download URLs at CyberSitter's site. We also found a setup file, [data/xstring.s2g.txt xstring.s2g], that appears to date these blacklists to 2006. Finally, [data/csnews.txt csnews.dat] is an encrypted 2004 news bulletin by CyberSitter. We conjecture that this file was accidentally included because it has the same file extension as the filters.

Security Problems

After only one day of testing the Green Dam software, we found two major security vulnerabilities. The first is an error in the way the software processes web sites it monitors. The second is a bug in the way the software installs blacklist updates. Both allow remote parties to execute arbitrary code and take control of the computer.

Web Filtering Vulnerability

Green Dam intercepts Internet traffic and processes it to see whether visited web sites are blacklisted. In order to perform this monitoring, it injects a library called SurfGd.dll into software that uses the socket API. When a user access a web site, this code checks the address against the blacklist and logs the URL.

We discovered programming errors in the code used to process web site requests. The code processes URLs with a fixed-length buffer, and a specially-crafted URL can overrun this buffer and corrupt the execution stack. Any web site the user visits can redirect the browser to a page with a malicious URL and take control of the computer.

We have constructed a demonstration URL that triggers this problem. If you have Green Dam installed, clicking the button on our demonstration attack page will cause your browser (or tab) to crash.

This proof-of-concept shows that we are able to control the execution stack. An actual attacker could exploit this to execute malicious code.

Green Dam's design makes this problem exploitable from almost any web browser. At this time, the surest way for users to protect themselves is to uninstall Green Dam.

Blacklist Update Vulnerability

We found a second problem in the way Green Dam reads its filter files. This problem would allow Green Dam's makers, or a third-party impersonating them, to execute arbitrary code and install malicious software on the user's computer after installing a filter update. Users can enable automatic filter updates from the Green Dam configuration program.

Green Dam reads its filter files using unsafe C string libraries. In places, it uses the fscanf function to read lines from filter files into a fixed-length buffer on the execution stack. This creates classic buffer-overflow vulnerabilities. For example, if a line in the file TrustUrl.dat exceeds a certain fixed length, the buffer will be overrun, corrupting the execution stack and potentially giving the attacker control of the process.

The filter files can be replaced remotely by the software maker if the user has enabled filter updates. The updates could corrupt these vulnerable files to exploit the problems we found. This could allow Green Dam's makers to take control of any computer where the software is installed and automatic filter updates are enabled. Furthermore, updates are delivered via unencrypted HTTP, which could allow a third party to impersonate the update server (for example, by exploiting DNS vulnerabilities) and take control of users' computers using this attack.

Removing Green Dam

Green Dam allows users who know its administrator password to uninstall the software. We tested the uninstaller and found that it appears to effectively remove Green Dam from the computer. However, it fails to remove some log files, so evidence of users' activity remains hidden on the system.

In light of the serious vulnerabilities we outlined above, the surest way for users to protect themselves is to remove the software immediately using its uninstall function.


Our brief testing proves that Green Dam contains very serious security vulnerabilities. Unfortunately, these problems seem to reflect systemic flaws in the code. The software makes extensive use of programming techniques that are known to be unsafe, such as deprecated C string processing functions including sprintf and fscanf. These problems are compounded by the design of the program, which creates a large attack surface: since Green Dam filters and processes all Internet traffic, large parts of its code are exposed to attack.

If Green Dam is deployed in its current form, it will significantly weaken China's computer security. While the flaws we discovered can be quickly patched, correcting all the problems in the Green Dam software will likely require extensive rewriting and thorough testing. This will be difficult to achieve before China's July 1 deadline for deploying Green Dam nationwide.


We wish to thank our colleagues at the University of Michigan who alerted us to Green Dam and assisted with translation.

Contacting the Authors

Please send questions or comments to Professor J. Alex Halderman.

Source documents

Green Dam censorship system internal brief to Chinese government, Jan 2008
See also

A technical analysis of the Chinese 'Green Dam Youth-Escort' censorship software
Retrieved from ""
Categories: Analyses | United States | 2009 | 2009-06

Sunday, October 31, 2010

NBN a waste of money

* Rick Wallace, Tokyo correspondent
* From: The Australian
* October 30, 2010 12:00AM

ONE of Japan's richest men has labelled Australia's $43 billion National Broadband Network a stupid waste of taxpayers' money.

Masayoshi Son, who heads Japanese internet and mobile giant Softbank and counts Apple's Steve Jobs and Microsoft's Bill Gates among his friends, attacked the Gillard government's signature project yesterday.

Quizzed about the NBN by The Weekend Australian after delivering a speech in Tokyo, Mr Son said it was completely unnecessary to spend so much taxpayers' money.

"It's a waste; it's a stupid solution," he said. "Without using taxpayers' money you can get 21st-century infrastructure."

Mr Son had just finished delivering his own vision of how to deliver fibre-to-the-home connections throughout Japan without any taxpayer contribution.

He claimed that his solution, recently put to Prime Minister Naoto Kan and several members of his cabinet, would deliver basic fibre connections for just 1150 yen ($15) a month, far cheaper than what is envisaged under the NBN.

That is also far cheaper than the current typical monthly price of Y5000 ($63) for cable in Japan.

Mr Son's proposal involves splitting the part-government-owned NTT into telco services and fibre network businesses and rolling out cable to all homes within five years.

Softbank and fellow carrier KDDI would fold their fibre cable infrastructure into the merged network business, which would then be 40 per cent owned by the government and 60 per cent by NTT, Softbank and KDDI.

Mr Son said that a one-time rollout of fibre -- similar to the NBN proposal -- would cost just one-third as much as cabling individual homes on an on-demand basis.

"My advice is forget about the demand basis installation, just do it with a plan. Replace whole cities: this month Hiroshima City, next month another city, and so on," he said.

"Replace entire cities with a plan and remove metal and replace with fibre. That way the installation cost is one-third and the installation speed is much quicker."

He believes that no new capital investment would be required from taxpayers and that the network business would soon become profitable because of lower maintenance costs stemming from the replacement of the decaying copper network.

"After five years it (the network business) would generate very profitable free cash flow. If that company generates profitable free cash flow over the next 20 years, then it can get all the money from banks, not depending on taxpayers' money.

In a speech at the Foreign Correspondents' Club of Japan, he acknowledged Softbank would benefit from the plan, but said so would the country and potentially the world.

Mr Son said that while Australia faced obvious technical challenges in terms of distances and sparse population, Japan's mountainous terrain and thousands of islands posed challenges, too.

Monday, August 09, 2010

Better software modeling is a key

From: - Bill Gates: Better software modeling is a key
by Ina Fried

LAKE TAHOE, Calif.--A key to many hard problems, from using nuclear power to combating diseases, is better software modeling, Bill Gates said on Friday.

While it's not surprising that he's a fan of using software to help solve hard problems, it is somewhat surprising that there aren't already good models for some diseases.

"There's no disease-modeling software," he said, speaking at the end of the three-day Techonomy conference here. "There is none. Why is flu seasonal? We don't know."

Gates said he aims to make sure that gap is filled, supporting development of the tools needed to do such modeling, while he also wants to use modeling to further explore nuclear power options, such as the Terrapower effort he is backing. "On paper it's quite amazing but it is hard to go from here to there," he said.

Gates said he also plans to offer up the modeling software package for free for others to use.

He conceded that the models never get things right exactly, but he said, "You are a hundred times smarter doing it that way than just going out there (without such models)."

"What you are doing is constantly tweaking them to match the finite data set you have," he said.

The risks, he said, of not using modeling can be immense. In malaria, for example, you really want to make sure your approach will wipe out the disease in a particular area lest the effort succeed only in creating more resistant strains of the disease and hardier mosquitoes.

Although he's a big lover of the free market, Bill Gates said Friday that there are a lot of areas where the market could use some help.

For example, Gates said that it takes a really long time to get a new nuclear power plant technology to market, longer even than the patent that might allow a successful invention to be profitable.

"You are not going to have a lot of people putting down money when the length of the project is longer than the length of the patent," Gates said, speaking at the Techonomy conference here.

It's not even certain that one could do it in their lifetime and he said a lot of people like to focus on projects that will happen in their lifetimes, "particularly if you aren't that religious," a category in which he said he falls.

Although some areas need help, Gates said creating new forms of energy will lead to new wealth. "A few somebodies will get very rich making those breakthroughs."

If we knew a particular solar or nuclear technology were a sure thing, he said, our power issues would be complete. But, he said, "boy are there a lot of problems that need to be solved."

As for how he spends his time, Gates said he reads two to three hours a day, but is also up for spending an hour or two watching video, particularly online classes. "There are dozens and dozens of mind-blowing courses you can buy from Teach12," he said. There are plenty of free options too, he said, but it is often hard to find the ones that match one's interests and for which they have the right background.

"There's a lot of dead-ends where a course might not give you what you want," he said.

Gates also said that he hopes that eventually the best online courses will start to get significant funding to get even better, not unlike concert videos and other entertainment.

"Why don't the best physics classes have a million-dollar budget for neat experiments?" he said. Gates also said he is still trying to give people some good book suggestions through mini-book reviews on his Gates Notes Web site, however he admitted "I'm about 20 books behind."

As for his effort to get more of the rich to join him in his philanthropic quest, Gates and Warren Buffett announced that Oracle CEO Larry Ellison and about 40 other wealthy individuals and families have answered their call and pledged to give away at least half their wealth.

Gates noted on Friday that just 15 percent of the largest estates in the U.S. go to philanthropy. Plus, he said that is better than any other large wealthy country. One of the problems is that giving away money can be surprisingly hard because of legal matters and other complications.

"It should be as fun as making the fortune," he said.

* © 2010 CBS Interactive. All rights reserved

Tuesday, June 22, 2010

Nokia iSync for Mac OS X

When I was using iSync on Tiger for the first time, I was impressed by its small, cute interface and especially its phone icon just for the exact model of my mobile. This may sound a bit too much fuss, but as a Windows user who was used to see the same generic icon for all related devices, it could be a little surprised. :)

Unfortunately, most recent Nokia phones are not directly supported by iSync even your Mac OS X is fully updated and even the OS is Snow Leopard. You may connect your Nokia phone with your Mac via Bluetooth and exchange files very well, but you just cannot synchronise the contacts and calendar between your Mac and Nokia phone.

To address this issue, Nokia has released related plugins to work with iSync for Mac OS X. Simply download and install the plugin for your phone and let the iSync go.

The compatible phones are Nokia C5, E50, E51, E52, E55, E60, E61i, E63, E65, E66, E70, E71, E71x, E72, E75, E90 Communicator, N75, N76, N77, N78, N79, N81, N82, N85, N86 8MP, N900, N93i, N95, N95 8GB, N96, N97, N97 mini, X86, 5230, 5232, 5233, 5235, 5320 XpressMusic, 5330 XpressMusic, 5630 XpressMusic, 5700 XpressMusic, 5730 XpressMusic, 5800 XpressMusic, 6110 Navigator, 6120 classic, 6121 classic, 6210 Navigator, 6220 classic, 6290, 6700 slide, 6702 slide, 6720 classic, 6730 classic, 6760 slide, and 6790 Surge.

Make sure you choose the right model otherwise you won't see its icon for your mobile.