Wednesday, 7 November 2012

Underhand moderation in The Guardian tech section

I'm an occasional contributor to the BTL comment in the Guardian's Technology section. I'm not overly sympathetic to the brown-nosing of anything and everything Apple by their Technology Editor, but by and large my posts are at worst mildly ironic. I've noticed recently that I've apparently been blocked from recommending BTL comment on tech articles (but not anywhere else on the site). But I've not had a comment disappear into the ether until now! Dan Crow's "We've passed peak Apple: it's all downhill from here" caught my eye this morning and I added one of the first comments (the article had attracted no comment at the time). My comment posted fourth, and quickly drew a couple of recommends.
Revisiting Dan's blog a little while later I found that two of those early posts had been 'moderated'. Mine however had disappeared entirely!

OK so these are the moderated posts.  First:
youngadam: But Dan, you prefer Android phones - I sense any other opinions you have aren't going to treated with much respect if you can't see iOS as inherently superior.

and second:
PPetteflet: Ass-licking example:
"The story of Apple Incorporated is far from over. It is the most valuable company in the world, by a large margin. Apple produces a range of exceptional and much loved products. It employs many of the most talented designers and engineers on the planet."
 I stopped reading the rest, knowing about the working conditions in the Chinese factories.


My own comment was deemed so offensive it didn't even get the usual "This comment was removed by a moderator because it didn't abide by our community standards. Replies may also be deleted. For more detail see our FAQs." It just disappeared!

So here it is:
"The iPhone 5 is better, but it's really not that much better, and iOS 6 has had some decidedly mixed reviews. But you wouldn't know that listening to the hype from Bob Mansfield, Tim Cook, Phil Schiller et al."
I think we can include one Charles Arthur in the et al!


The Guardian's tech section is the source of a lot of black humour BTL as well as regular complaints from those who take such things a bit too seriously. But surely it's past time when Charles Arthur's lovefest with Cupertino's finest was given the order of the boot from King's Place once and for all.

Tuesday, 24 February 2009

Jack Straw, Facebook and his Hotmail account...

Yes Jack Straw (that Jack Straw) is on Facebook, liberal trendy that he is (what do you mean, he's just the oldest swinger in town?).

It's no surprise really since Jack Straw was so clued up on WMD in Iraq that he was similarly confident about combining his Facebook account with a Hotmail one. Jack should have remembered how Facebook trawled his address book as soon as he signed up, without so much as a by-your-leave. And now some Nigerian scammers have done the same.

I suspect that Jack has been relying on his beautiful colleague Harriet for computing security tips. Yes, that Harriet, the one who thought that username 'Harriet' and password 'Harman' would keep her blog safe from the unsolicited ministrations of her Parliamentary colleagues.

Sadly Hotmail is simply long past its best and hopelessly open to hackers; best to avoid.

Friday, 20 February 2009

Running Windows in 'Safe' mode

Windows offers users the option of running in 'safe mode'. With this, only the barest of essential components of the OS start running on boot up. You would never want to use this for normal computing (the very basic graphics would deter you for starters) but safe mode does have its uses. For example, if you install software on your computer that causes your computer to crash every time you boot up, you can start in safe mode and then uninstall the software in question (or use your system restore function to achieve the same result). It also means that you can delete files that otherwise won't let you, a problem that often catches people out otherwise.

So here are some instructions on how you can start your computer in safe mode. Screenshots were not possible so I've taken photographs. Be warned! The quality of these is not good - I could only handhold my camera and I couldn't use flash because of reflection off the screen. The black & white screens needed a very long exposure and are quite blurred as a result. Nevertheless, I think that they'll be visible enough to be helpful.

To access Windows boot menu, you have to press the F8 key just before your computer reaches the Windows 'splash' screen (that's when the flag starts displaying). So firstly you need to determine how exactly you use the F8 key. That may sound stupid as it is entirely straightforward on a basic keyboard, but some are more sophisticated and offer dual function keys, where the F is not the default. Here is a photo of the keyboard I use:



On the left-hand side of the picture I have ringed the F8 key, which by default acts as a 'Fwd' key for email. To make the keys function as F keys, I have to have pressed the 'F Lock'key (ringed at the right of the picture). This works the same as the 'Caps Lock' key, and once again there is a light to show its status. So check your keyboard.

Now you boot your computer. As soon as the computer has started press your 'F Lock' key or equivalent if you need to, check that the light to show it as being in 'F' status, and now start pressing the F8 key repeatedly until the following screen appears:



Towards the bottom of that list, you will see 'Start Windows normally' highlighted. Use your up and down arrow keys (well, the up one) to navigate to 'Safe Mode' which is right at the top of the list.

Now press enter and you get taken to a second screen (sorry about the photo):



This simply asks you to confirm your operating system (Mine is Microsoft Windows XP Professional). Your Windows OS will be highlighted by default so you simply press enter again. Be aware that you may get taken to this screen ahead of the earlier one. If that happens, simply press F8 again to go back to the first screen.

Now your computer will start booting into Windows. This lacks nearly all graphics, and can take longer than a normal boot, but eventually you get to the login screen:



Note the unusually large graphics, and also that you can only log in to the (normally hidden) Administrator Account or your earliest user account that enjoys administrative priveleges (here it's the account 'Admin').

Now you're in; once again there are very large basic graphics - this picture shows the full screen width:



From this point you can use your computer normally to do whatever you had gone into safe mode for in the first place. Switching your computer off when you've finished is the same as normal, although the PC will not turn itself off after shutting down, you will have to do this manually.

Thursday, 29 January 2009

Platte and privacy: user accounts and the winlogon.exe file

Why does the pm_proc1 executable continually try to access the Winlogon.exe file while it is running? I can think of no legitimate reason why it should do so; perhaps you could enlighten me.

Our software does not attempt to access Winlogon.exe.


Why did I ask Platte that question? I hope you'll bear with me while I give a little background since that will help in following this discussion. Although my computer expertise is somewhat limited, I do enjoy playing with them, and my 10 year old PC has been tinkered with primarily so that I can run a choice of operating systems. As a result it contains a stack of hard drives most of which are also partioned. My original 13GB drive is still my 'C' Drive though, even if it distinctly temperamental these days. Having more than one hard drive offers other advantages beyond easily being able to install a new OS if the fancy takes me. I'm able to store my personal files on a different drive to the one used by the OS which means they don't go down if my OS gets corrupted. Most importantly, it means that I can back up files (or entire disks) from one drive to another. If a hard drive were to fail completely, I can entirely restore its content onto a replacement (that's saved my life on a couple of occasions). That's the reason I'm able to switch between running Windows with Platte installed and running it without. I run Windows XP Pro (my main OS) on my C drive, which also has most of the other software I run, but it does not have personal files for any of the User Accounts; my own 'Stephen's Documents' for example is two hard disks further down on my 'G' drive.

When I installed the Platte software, I created a new User Account specifically for the purpose. That account, including its personal files is entirely on the 'C' drive, as is the Platte software. Since Windows, the Platte files and all the necessary user account files are on the 'C' drive, it should not be necessary for the Platte software to access any of my other disks.

Among the diagnostic utilities I enjoy playing with are several from the wonderful Sysinternals website (linked on my sidebar); it's such a useful site I'll put up a separate post about it in due course. Their 'Process Monitor' utility is probably definitive in that it displays a list of every action taken by the processor in real time; it quickly becomes a staggeringly long list.

I was running Process Monitor one day for some other reason (but when Platte was on my PC) and I noticed that Platte's main executable file, the pm_proc1.exe, was referencing the winlogon.exe file found in the System32 folder at regular intervals (approximately 1 minute apart). So what is the winlogon.exe file? It's part of Windows, and it's an extremely important one; it is Windows own security system. It stores the user passwords and is the file that controls the permissions; that means that it determines which user is able to access which files or programs, and which programs are themselves able to access other files. Essentially, it's the file that is able to grant 'access all areas' passes or not as appropriate; 'Guest' users get 'upper balcony, rear' and no more .

Since I didn't really understand why the Platte software should wish to access the file, I asked Platte about this when I sent them a list of queries recently. As you will have seen at the top of this post, their answer was unequivocal; their software "does not attempt to access Winlogon.exe".

Well, here's a screenshot, taken from a process log generated by Process Monitor. Look at sequence number 354571:




I have to admit that the process logs tend to be pretty much at the limit of my computing knowledge and sometimes slightly beyond it. More often than not I can follow a process through easily but not always. But even with my limited ability in this area it does look as though pm_proc1 is indeed accessing in some way the winlogon.exe file. I don't know why it should do so but it may well have a link with the following -

At present I have set my PC to start Process Monitor running each time I log in. I have put a filter on the logs, so that they only shows activity by the Platte software (this is an awful lot easier than trawling through a list that may consist of upward of a million actions, believe me). The following screenshots were taken a couple of evenings ago, all the accounts had already displayed billing reminders earlier in the day.

First I opened the account that I had installed Platte in. There is minimal activity (there would be more if a bill were to be displaying, but even then that is easy enough to follow):



Only 6 actions, two clusters of 3, and nothing to be concerned about. I had allowed the log to cover a full 10 minutes since I logged in, and those 6 actions are drawn from a total of 702,099 processor actions (displayed in the bottom left-hand corner of the window).

Next I re-ran the Process Monitor software, and went across and opened my own account. Much more activity; when I returned this is what I saw:



pm_proc1.exe appears to be checking out all my disks, C, F, G, H, I and J (look at the top half of the log). A couple of seconds later (that's a long time in computing terms) it's carrying out another check:



Then it moves on with Registry activity before checking out each partition individually:



And again:



Now we find it looking at the winlogon.exe (starting with sequence number 283927):



Now though, we come to the bit that concerns me. The Platte software shows an interest in my personal Documents folder (sequence number 611057 at the top, then 611067):



Now that I certainly don't understand. Why on earth should the Platte software want to show any sort of interest whatever in my Documents folder? Is that why it's referencing the winlogon.exe file?

I have to admit that I don't entirely follow what Platte is attempting to do here. But I do know that the other software I run on my computer hasn't shown any similar unexplained search round my computer, nor interest in my Documents folder. So why should the Platte?

It seem to me that Platte have some serious explaining to do if those who choose to install their software are to feel entirely safe in doing so. Hopefully they will read this and come up with an explanation.

(31st January): I have now taken a different route into my accounts and got slightly different results. I started this time by going into the account I administer my computer from and got a third sequence (I've adjusted column widths to help with reading all the full paths):



This time the route to the documents folder is significantly quicker (sequence number 199600) and no referencing of the different drives precedes it - there's predominantly registry activity. The Admin Documents folder is three disks down from the C drive. When I subsequently went into the account where Platte had been installed, there was merely the six lines of processing that turned up four days ago. So why does the Platte account not attract the same level of activity from the Platte software?




For those with an interest in such matters, the Process Monitor software downloads here.

These remaining screenshots follow on from the original sequence and show the activity when my account displays that repeat bill reminder; I find this entirely straightforward and easy to follow:








Comment on this post (particularly technically informed comment) is welcome. Please make it via my email, indicating any linkback URL you would like included.

Monday, 26 January 2009

Platte and privacy: user accounts and repeating bills

Following on from my previous post, I need to say some more about the frequency of Platte's bills, both adding somewhat to my earlier response to Platte's explanation that when you install the software it installs across all user accounts on the PC. This is because it is the PC owner that is responsible for the account and also returning to a point I made in my original post on Platte all those months ago, that the software throws up more than one bill a day.

I have taken a series of screenshots this morning to illustrate what actually happens.

At 08.55 I logged into the account where Platte was installed and got this bill:




At 08.58 I logged into the computer's 'Guest' account and this bill displayed:



At 09.01 I logged into my own account, and again I got a bill:




When I returned to the first account (the one I had used to install the Platte software) no further bill displayed. However, when I went back to the 'Guest' account at 09.16 a bill displayed once again:




Logging back into the same account 15 minutes later I got yet another bill:




So it is fairly clear what happens: if you install Platte's software into your account on a PC you will receive one bill a day. However other users of the computer receive bills every time they log in, regardless of how often a day they do so. Actually, it's slightly more complicated than that. The account I installed Platte into is an 'administrator' account, where my own account is a 'power user' account while the guest account is just that. There is another 'administrator' account on the computer and when I went into that I got no bill. So what actually happens seems to be this: The computer administrator receives one bill a day, but all other users receive bills every time they log in.

But there's more... there's actually a significant difference between the bill displayed on the account where Platte was installed and all those other multiple repeat bills to the other accounts. The bill sent to the user who installed Platte simply tells them:

Invoice
Thank you for subscribing to a Platte Media Entertainment website. Your Platte Media membership is due for payment

Account Information
Your account is due for payment. To make a payment please select one of the payment options or contact us on 0845 017 8386
.


However, the bill sent to the other users of the computer is not so polite:

Important Overdue Notice
Your account is overdue.
Please contact credit control on 0845 017 8389

Account Information
Your computer was recently used to subscribe to a Platte Media website and your account now requires payment

YOUR ACCOUNT HAS BEEN SUSPENDED UNTIL PAYMENT IS MADE

IMPORTANT: Your account is now overdue, failure to settle your account may result in us or our appointed agents taking legal action against you.

Please call our credit control department on 0845 017 8389


So clearly not only is Platte's software able to distinguish between the account that installed the software and those that didn't, but it only serves up threats of legal action on the bills to those that didn't (and are therefore more likely to be frightened by the bills and intimidated into paying). Note also that the two telephone numbers are different. This means that Platte can tell when you phone in whether or not you might have installed their software or are another user. I wonder if you get different responses depending which of the numbers you call?

Platte's contract (or at least the one I agreed to) clearly stated that I would receive only one bill reminder in any 24 hour period. Far more importantly, they have given specific assurances to the OFT that this is the case, although as I have shown, it is patently untrue.

I am inviting Platte to comment on this and will post their response when I receive it.


Go to my next post on Platte Media

Friday, 19 December 2008

Platte and privacy: user accounts and bills

Why did your software display your bill on my computer after I had terminated my membership, owing you nothing? And why did it do so across all the user accounts on a shared computer?

(a) Sometimes the software requires synchronizing after a cancellation to ensure that the license on the user machine has been updated. To do this the user should either call customer services or open the platte utility and select the "synchronize" option.
(b) When you install the software it installs across all user accounts on the pc. This is because it is the pc owner that is responsible for the account.


Once again, a response from Platte that requires some analysis. Sometimes the software requires synchronising...? I used Platte's downloaded utility to terminate my membership (I took the online option rather than dealing with it by phone). So why on earth didn't their cancellation tool synchronise the software? Actually there's a bigger question - why didn't it do the uninstall at the same time?

It's the (b) part of the answer that's of particular interest though. Firstly, I don't think it's clear whether the PC owner is responsible for the account, or whether it's the person who entered into the agreement. I'm inclined to think it's the latter and I'm not altogether sure that Platte are entirely certain. But it's singularly disingenious to claim that the software 'installs across all user accounts on the PC'. It doesn't. It installs to the user account of the person who installed it, where the 'Get Films Now' icon displays on the desktop and 'Platte Media' shows in the 'Start' menu. In the other accounts, there is no trace of Platte to be found whatever. So it doesn't install to all user accounts at all, but what it does do is bill to all user accounts (and display that wretched 'Platte' desktop icon as well) when the software thinks that money is owing.

All this has very serious implications for the privacy of those who sign up for Platte's service. Consider this scenario: A married couple share an account on their computer, and it's password protected. Their young children have separate accounts and are not able to access their parents'account. One weekend the parents decide, long after their offspring have retired for the night, to try the 'Get Films Now' service. They're quite cautious since they obviously don't want the children to be able to access that sort of material, so after installing the software they go into their childrens accounts to check that it is not accessible in any of them. It isn't, so they don't worry. They are not that impressed with what they find Platte has to offer so they cancel their membership online later that night. The next thing they know is when their children are the first ones to get the pop-up bills; even worse, the children have Googled 'Platte Media' and know that their parents signed up to an online porn service.

Platte are big on privacy. They make much of the privacy that comes with paying by Postal Order. They have a 'Privacy Policy'. Unfortunately that 'policy' has nothing whatever to say about privacy, or the total lack of it, between user accounts on the PC, although there is a catch-all that seems to fit. Platte International Limited (company no.1391058) is committed to preserving the privacy of all visitors to www.plattemedia.com. Committed? Not that committed by the look of things. It's not as if they even bother to warn you about this when you sign up.


Go to my next post on Platte Media

Thursday, 18 December 2008

Using Platte's uninstaller

I get quite a few emails complaining that people can't work out how to use Platte's uninstall software (Not able to access it? It downloads from this link). It's not my fault, I have no connection whatever with Platte, and I'm no apologist for their software! Nevertheless, here's a series of screengrabs to guide you through using it:

1. This first screen is what seems to catch most people out. The figures you enter in the four boxes are not any part of your uninstall code, nor are they the PIN you gave Platte when you signed up, they are just the four figures displayed directly above the boxes. Quite why Platte include this step is beyond me, it seems to serve no other purpose beyond confusing people.

2. Clicking 'Next' takes you to the second screen, where you click the link at the bottom of the
page saying that you have received an update letter. The number above serves no purpose whatever unless you are being talked through the uninstall.

3. Now you can enter the codes that Platte have sent you.

Click 'OK' on the pop-up which warns you to close down any open windows.

Clicking 'Next' finally starts the uninstall

And that's it!

Quite where you are supposed to request the confirmatory email I haven't worked out yet. If you know, please share the secret.


Go to my next post on Platte Media