All I Ever Wanted To Say

… about the current state of the Personal Computer business, Hal Berenson has already said better.

What I would like to add is that probably not only consumers will abandon the PC, but enterprises will too, eventually.

Already today a lot of hip (or cheap) companies pursue BYOD and if those devices are tablets (or similar kinds of usage-restricted Internet terminals), so be it and they will have to adopt to it.

Apple, Google, Amazon, and eventually Microsoft, will learn to blend their marketplace story into the enterprise, as providers of out-sourced software delivery, if you will.

Finally, at least somebody with some sense of quality might bring sanity into the world of corporate software development.

Posted in Business, Computers and Internet, Software Development, System Management | Leave a comment

LSASS deadlock with PGP WDE (10.2.0 MP3 [2317])

Obviously, PGP Whole Disk Encryption is one of the greatest menaces ever let loose on mankind.

Not only will it give SSDs a special “burn over” (you wanted “Whole Disk”, so shut up) and slows them down to a USB 1.1 crawl, it is also apparently not so transparent as they want you to believe. It’s About box does unfortunately not support Copy & Paste, so I cannot associate the developers names with my point of grief.

PCs usually fail when two or more menaces combine to make your live sad and miserable. Today, it is ClearCase and PGP WDE.

While trying to install the ClearCase fixpack on my 8540w, the update process stalls halfway through. A check with Resource Monitor’s “Analyze Wait Chain” reveals that LSASS is deadlocked.

This means that I cannot start any process or access any file which would require authentication. Also, I cannot logoff, or restart the system.

When I capture a dump of lsass.exe and have a look, this is what I see:

0:000> !locks
CritSec ntdll!LdrpLoaderLock+0 at 0000000077c57490
WaiterWoken No
LockCount 2
RecursionCount 1
OwningThread ef4
EntryCount 0
ContentionCount 13
*** Locked

CritSec PGPpwflt!NPPasswordChangeNotify+90080 at 000007feec301910
WaiterWoken No
LockCount 0
RecursionCount 1
OwningThread ef4
EntryCount 0
ContentionCount 0
*** Locked

Scanned 1650 critical sections
0:000> ~
. 0 Id: 358.368 Suspend: 0 Teb: 000007ff`fffdc000 Unfrozen
1 Id: 358.370 Suspend: 0 Teb: 000007ff`fffd9000 Unfrozen
2 Id: 358.374 Suspend: 0 Teb: 000007ff`fffd7000 Unfrozen
3 Id: 358.378 Suspend: 0 Teb: 000007ff`fffd5000 Unfrozen
4 Id: 358.38c Suspend: 0 Teb: 000007ff`fffac000 Unfrozen
5 Id: 358.850 Suspend: 0 Teb: 000007ff`fffa6000 Unfrozen
6 Id: 358.13f4 Suspend: 0 Teb: 000007ff`fffa0000 Unfrozen
7 Id: 358.13f8 Suspend: 0 Teb: 000007ff`fff9e000 Unfrozen
8 Id: 358.159c Suspend: 0 Teb: 000007ff`fffd3000 Unfrozen
9 Id: 358.ef4 Suspend: 0 Teb: 000007ff`fffde000 Unfrozen
10 Id: 358.177c Suspend: 0 Teb: 000007ff`fffae000 Unfrozen
0:000> ~9 kb
RetAddr : Args to Child : Call Site
000007fe`fe2e10dc : 00000000`02e568c0 00000000`00000000 ffffffff`fffffffe 00000000`00000000 : ntdll!ZwWaitForSingleObject+0xa
000007fe`ec1287a4 : 00000000`02e57b10 000007fe`ec1ef250 00000000`00000000 00000000`00000dfc : KERNELBASE!WaitForSingleObjectEx+0x79
000007fe`ec1456b2 : 000007fe`ec2ced60 00000000`00000000 00000000`022b15c0 00000000`022b15e0 : PGPwdesdk!PGP::WDESDK::ExtendedWDRT::~ExtendedWDRT+0x17504
000007fe`ec2ced6a : 000007fe`ec2ced60 00000000`0151fbb0 00000000`00000000 00000000`77b476e1 : PGPwdesdk!PGP::WDESDK::cleanup+0x52
000007fe`ec27ec6d : 00000000`00000000 00000000`f922f068 00000000`00010000 00000000`77b432a4 : PGPpwflt!NPPasswordChangeNotify+0x5d4da
000007fe`ec27b4fe : 00000000`00000000 00000000`00000000 000007fe`00000001 00000000`77b7a050 : PGPpwflt!NPPasswordChangeNotify+0xd3dd
000007fe`ec27b671 : 00000000`0000001e 00000000`00000018 00000000`00000000 00000000`00000410 : PGPpwflt!NPPasswordChangeNotify+0x9c6e
00000000`77b42652 : 00000000`0042d250 00000000`77b79ff0 000007fe`ec27b6b8 00000000`77c52670 : PGPpwflt!NPPasswordChangeNotify+0x9de1
00000000`77b43b2a : 00000000`00000000 00000000`01a2e140 00000000`00000000 00000000`0042d250 : ntdll!LdrpUnloadDll+0x27d
000007fe`fe2e91a5 : 000007fe`ec270000 000007fe`fdd8fa00 00000000`00000000 000007fe`fe2e1582 : ntdll!LdrUnloadDll+0x4a
000007fe`fa222836 : 00000000`015b5370 00000000`0156c708 000007fe`fdd8fa00 00000000`00000000 : KERNELBASE!FreeLibrary+0x1d

As far as I can tell, this looks like somebody is blocking in a destructor while holding the loader lock.
That’s where “Transparency” goes down the drain.

Posted in Computers and Internet, System Management | Leave a comment

The End of the World (as we know it)

Big news made waves two weeks ago, when Microsoft somewhat cryptically announced that it is going to end the world for its developer community.

Overstating the importance of the decisions to limit Visual Studio Express to “Metro-style apps” development or to drop future .NET development for Windows XP/Windows Server 2003 as I might, fundamentally it is the narrow road Microsoft’s recent communication has taken, that may, should and will scare folks off of the beaten paths.

It looks like they are trying to go Apple Road, but I’m unsure whether they or anybody else knows whether they are going it in the right direction.

Clearly, Microsoft has seen the writing on the wall for a while: the demise of it’s home base, the general purpose computer. Microsoft historically often failed first-to-market, be it web TV, tablet computers, smartphones or smart personal objects (exception: Kinect). And it seems they are more successful, albeit slowly, being second, e.g. with word processors, graphical user interfaces, spreadsheets, file and print servers, directory services, internet browsers, application servers, game consoles, or infrastructure and platform “cloud” services (exception: Zune).

So what they are doing now, starting with I guess the death of Windows Mobile, is trying to be second so quickly, that they don’t seem to be able to take their community with them, users and developers. They see Apple and understand that the retail-style consumer binding is the holy grail of revenue generation and all else will follow. That the cash-flow focused patent and content-rights driven lock-up of digital devices is as desirable as it is inevitable.

That is not what will turn out well for a slow and traditional company like Microsoft.

The abandonment of Windows Mobile and Compact Framework application developers (and users) was the writing on their wall that loyalty to a platform is a one-way street and Microsoft is willing to leave supporters in the dust. Silverlight developers have even been left hanging for a year or so with no communication whatsoever so much that even Miguel de Icaza didn’t feel like talking about it until seriously pressed. Microsoft is closing the doors on its broadly opened-up culture that it lived for the past 10 years.

Now, Microsoft removed the compilers from the SDK. So we had two decades of general purpose personal computing digital freedom on the Windows platform, but that’s about it.

Sure, hobbyists, enthusiasts and learners still have access to a reasonably priced up-to-date alternative (Windows 8 + Visual Studio 2011 Express + Windows Store), but the lock-in into ceremony-rich Metro is a lock-out from the platform and the freedom it provides.

Even if we assume that the paradigms and concepts are shifting, that nobody will ever again learn something about programming by re-writing the “type” command or something like the old Windows Explorer, that words like “keyboard”, “mouse”, “file”, “directory/folder”, “disk”, “form”, “control”, and “menu” will vanish from the digital vocabulary, and that applications will either be small, isolated “apps” or distributed systems with a HTML5/JavaScript front-end, even then there is still no compelling argument to justify the investment of time and money into a closed, narrow, disruptive, new, unproven Microsoft platform more than it would be into the closed and narrow environments that are already thriving.

If the industry goes to embrace short-lived, quick, retail-style, buy/replace interactions, developers should follow suit when choosing their platforms and developing applications or another profession.

It’s about time to go with the flow. But it’s time to go.

Posted in Computers and Internet, Software Development | Tagged , , , , | Leave a comment

Shortfall (over Northern Europe)

Big news today from, as they present their long awaited new phones.

I’d like to not be accused of Cassandra complex, but what Nokia presents is falling quite short given all the expectations, their own concepts as the N8, N9, or N900, the South-East-Asian Windows Phone competition, or even more any of the leading smartphones.

Unless there’s going to be a Lumia 900, my HTC TouchPro has to survive another year.

I still have to wait for a WP7 phone with a MicroSD-Slot: any reports about a “16GB Micro-SD” slot on the Lumia 719 were a hoax.

On the German Nokia site, the Lumia 800 is featured under “Business” phones, but it is unclear to me what kind of business would be profiting from a bigger camera, better graphics support, navigation and the optional car kit, but not a keyboard.

There is still too much focus on “joy” features (a trademark for Windows Phone), but then they don’t even have a dual-core CPU, a second camera for video calls, or Skype.

Yeah, we can switch covers on the Lumia 710!

All in all, too little, too late. If this is all MicrosNokia has to offer, neither Lumia nor Windows Phone will find a place in history.

Posted in Uncategorized | Tagged , , , | Leave a comment

Between a rock and hard place, Windows Installer edition

Like most executable binaries on Windows, Windows Installer databases (.msi-files), can be signed with an X.509 certificate to allow verification of origin and integrity.

This is particularly nice on Vista-class Windows systems which during installation show the certificate holder as the verified publisher in the User Account Control consent dialog:

User Account Control consent dialog showing VMware, Inc. as "Verified publisher"

If the executable to be elevated is not signed, the publisher is shown as “Unidentified Publisher”, which may tick some folks off.

That’s all good and well if it wasn’t for Windows Installer Caching, a Pyrrhic feature that originally tried to prevent you from having to search for the Office CD when you want to install a service pack. It more or less caches the installer databases on your computer, so the CD is usually not needed. To make this work reliably, the patches applied to the installed programs have to be cached as well.

Today, this cache is not really optional. Many programs, including the .NET Framework, cannot be correctly updated if the original installers and patches aren’t available in the cache. In my experience, missing cached installers account for many problems with Windows Update. So limiting the size of the cache or deleting it altogether is not a viable option.

What’s worse, installer databases can be manufactured to contain all files to install in an embedded cabinet archive which is quite usually done to enable single-package deployment.

Windows Installer tries to prevent the cache from consuming the entire disk space of the system partition, so up and until Windows 7, this cache only contained the setup information (“meta-data”, if you will), which actually is everything except any embedded cabinet files.

But, to remove the embedded files, the installer database has to be modified, which breaks the publisher’s signature. Now, during uninstall, the UAC consent dialog shows the dreaded “Unidentified Publisher”. Rats!

Stuck between a rock (missing signature) and hard place (enormous disk consumption), Microsoft’s Windows Installer geniuses chose “hard place” and had Windows Installer cache the entire installer database:

But they couldn’t resist to screw it up completely: They are caching your entire installer in a location you can’t change, yet still they require the actual source if to install a patch or update the installer feels inclined to do so.

This is bad news for developers of installer packages. Basically, to play nice and prevent the disk space of users from being eaten, installers with embedded cabinets are now discouraged. But then, an installation is no longer a single package. Instead, another packaging step is necessary, as well as an installer bootstrapper that extracts the files and starts the installation.

All of this just to be an “identified publisher”. No wonder code-signing isn’t picking up.

It seems the only solution is to have, instead of a trusted publisher, a trusted online repository (“store”) for the software (“app”) you need to install and maintain.

Posted in Best practices, Coding Horror, Computers and Internet, Software Development | Tagged , , , | Leave a comment

I have been WordPress-ed.

All good things come to an end.

Obviously, Web 2.0 is being real-world-ed, enterprised and finance-managed into “Web 2.1 for Online Content Consumers”. Services with unclear business value are falling like trees in the snow storm, for instance Bloglines. 

Now Microsoft’s Live Spaces is going down the drain. Not that there was ever any consistent integration into MSN, Live, Hotmail or whatever Microsoft’s consumer web platform should be. And it probably caused so much of spam traffic to Passport Windows Live ID that the cost of maintenance has become prohibitive.

At least they have the grace to provide a rather seemless upgrade path. Bloglines doesn’t.

I don’t really like WordPress that much, it is way to much PHP for my taste, but I still haven’t found time and motivation to pursue my own syndication engine implementation and I might put if off until there is really, really nothing else to do and a compelling feature needs to be brought to the world.

Which is, like, never.

Let’s see what this WordPress thing will lead us to…

Posted in Uncategorized | 1 Comment

The one with worries about the short life-expectancy of solid-state disks

I recently upgraded myself to a notebook with an 128MB SSD. Naturally, I want to keep my new-egg fine and happy and immediately started to worry about the SSD’s life time.

An SSD consists of flash memory cells that have a finite number of erase/write-cycles (100.000 for SLC, 5000 for MLC [1]). Since flash memory cells cannot be erased individually, they are organized into larger blocks. The common block size for SSD appears to be 128KiB.

In practice, this means there is a maximum amount of data than can be written to an SSD. For example, a 128GB MLC drive is expected to have a write capacity of 80 TB [2], a mere 640 writes for each block on the drive.

Drive manufacturers use two tactics to cope with the problem: politics and technology.

Politics means they compare apples and oranges (SSD life-time, HDD mean-time between failure).

Technology means they implement wear-leveling strategies to spread wear across all blocks. Basically, data is always being written to another block. Even old data will need to be moved around, so its original cells can be used for leveling. Similar to HDD there may also be reserved blocks on the drive.

So each and every write to the SSD will result in at least one block being re-written (write amplification).

The question is, how do the file system’s write operations affect the disk? File system block sizes vary between 512 bytes and 16KiB, apparently much smaller than the SSD block size.

However, the file system cannot easily assume that the disk is an SSD, so it cannot easily combine multiple small writes into bigger chunks. For HDD, this would cause immense fragmentation and would limit their performance significantly.

And the SSD can’t help either, because it can’t cache writes infinitely if it wants to avoid file corruption from power failure.

The operating system and the applications are way to high up in the stack to care about the problem. They are more concerned with consistency than with drive wear. At least newer systems are able suppress any attempts at defragmenting files (SSD read access is constant) and may report to the disk which blocks are unused (TRIM), so that they do not need to be preserved by the wear leveling algorithms.

But here I am, with my battery-powered notebook, more RAM than I ever need, and worries about SSD wear and how many useless files are being written to disk. I don’t worry about power failure. Can I do better?

The handy solution is a trip on memory lane: RAM disks. For a short time in computer history, there was plenty of RAM and few applications that used it all. So we could have disks in RAM to speed up games and applications.

For an HDD-based system, they provide no benefit. The operating system’s cache controller is way smarter than a fixed amount of RAM reserved for a fixed amount of files.

But for an SSD-based system, where the “TEMP”-directories, browser cache and occasional downloads are constantly written to with small and rather useless files, they can have a significant benefit in reducing writes to the SSD.

I’m using Dataram RAMDisk 3.5.130, a freeware that works well under Windows 7 64-bit, including Sleep and Hibernate.

I created a 1GB RAMDisk and formatted it with NTFS. I mounted it into a directory on my system drive, so it doesn’t need its own drive letter. I created directories there for Google Chrome’s cache and IE’s Temporary Internet Files, as well as for Downloads and my TEMP directory.

Then I saved the binary image and compressed it. I configured RAMDisk to load this image into the RAM disk upon system start.

For Google Chrome, I needed to setup a junction for the Cache folder. I also configured Chrome to use the Downloads folder on the RAM disk.

For Internet Explorer, I needed to change the Cache value under HKEY_CURRENT_USERSoftwareMicrosoftWindowsCurrentVersionExplorerUser Shell Folders.

For the TEMP directory I changed the environment variables.

I setup a Windows 7 library for Downloads and added the Downloads folder on the RAM disk as the save location.

So far, this works like a charm. (As long as I remember to copy important downloads before shutting down.)

I’m going to occasionally use Process Monitor to find out further possibilities to limit unnecessary file writes. There is a lot of logging going on that may be worth looking into.

Finally, I’m making a rather bold move.

By far the most writes come from Visual Studio. I save a lot of source files, the IDE saves a lot of temporary files for IntelliSense and Refactoring, then there a builds and test files. I don’t think Toshiba has software development as one of their user scenarios.

I copied some often referenced library projects to the RAM disk, cleared the archive flags, and cleaned and saved the image. I’m planning to setup tasks that sync my source files and the RAM disk. For now, I just hope to not forget to not shut the system down before I save my files.

I might also think about a local source control system. And I finally realized: This is exactly how distributed source control will shine.

Posted in Computers and Internet | Leave a comment