On the Lambda

Programming, Technology, and Systems Administration

On the Lambda

Eight Principles for Good Ad Blocking

May 5th, 2016 · 1 Comment · IT News

I’ve seen a lot lately about Ad Blockers used on web sites: how sites and publishers are responding to more Ad Blocker use, the rising numbers of ads on a page, malicious ads, etc. It’s been in the tech news. I myself even (reluctantly) installed an Ad Blocker recently.

Here’s the thing: I don’t mind ads anymore. I used to absolutely hate them, but back in late 2008 I had a revelation. I was using this new-fangled programming question and answer site called Stack Overflow, which aimed to compete with the notorious Experts Exchange. Both sites used ads, but Experts Exchange purported to be mainly subscription based, while Stack Overflow was going to be fully ad supported. I’ll give you one guess which site actually had a better experience. This stark contrast caused me to rethink my position on web advertising. Since then I’ve avoided using Ad Blockers, at least for the most part.

Things have been changing, though. As I said, I was recently forced… yes, forced… to install Ad Blocker. Something is different now about the way ads are served on the web. Ad networks have been unable to adequately police their inventory, resulting in the frequent situation where legitimate and respected sites serve malicious content to users. This leaves the use of Ad Blockers as the only recourse for many of us.

But I’d like to avoid this. I remember the old web, before small sites could pay the bills from ads. I don’t want to go back to that. I don’t want to go back to Experts Exchange. Instead, I want a new kind of Ad Blocker… one that actually allows ads by default, and only blocks ads as a penalty to sites or networks that aren’t behaving. My suggestion is for this new Ad Blocker to only take actions when one or more of these eight principles are violated:

  1. An ad blocker shall block all ads from any site for one year if that site serves a malicious ad. Even just one confirmed malicious ad shall trigger this penalty.
  2. An ad blocker shall monitor ad networks and shall block all ads originating from a network for one year if that network serves even one confirmed malicious ad to users. A network that is unable to police its inventory should be penalized.
  3. An ad blocker shall block ads that use plugins including but not limited to Flash, Silverlight, or Java. Perhaps some day interactive ads will find their place, but this is not that day.
  4. An ad blocker shall block ads that play audio or video without action by the user. A hover is not an action by the user. An ad blocker may extend this to eventually block all ads on a page, site, or ad network for repeat offenses.
  5. An ad blocker shall block all ads on a page if the ad content on the page is > 25% of the total page size in bytes. This may be determined as an aggregate across all of the ad block service’s users and impressions for the page, as some ad networks may occasionally legitimately place a larger ad on a smaller page. An ad blocker may extend this to eventually block all ads on a page, site or ad network for repeat offenses.
  6. An ad blocker shall block all ads on a page if the page prioritizes loading ad content ahead of loading non-ad page content, or fails to allocate proper placeholders in the initial render, such that late-loaded ad content forces original content or links to jump to a new position just as the user might be about to click.
  7. An ad blocker shall block all ads on a site if ads from any page on the site interfere with using a page or substantially confuse users, such as pushing content down off the page while a user is trying to read, or filling in an ad near a link or button that a user may want to click. An ad blocker may rely on end-user reporting to identify these pages and sites, rather than determine this on the fly.
  8. An ad blocker shall block tracking data reported to ad networks which extends beyond the current actual url of the page where the ad is displayed, which specific ad was served, and whether the user clicks the ad. Right now, this is most tracking, but I believe an effective blocking strategy can influence advertisers to improve behavior, or at least be less obtrusive about it, such that this principle might be relaxed in the future. For the moment, however, I believe it is necessary for ad networks to do more to establish user trust, and that means not gathering any more data than they could get from an over-the-air TV ad.

I’ll add one bonus principle that’s really more of a feature option: users should have the option of blocking categories of objectionable content in ads, such as pornographic (or even mildly explicit), gambling, politics, etc. However, I have some previous experience with content categorization engines, and this may be a much more difficult feature than it gets credit for up front.

Some of these principles may seem like death sentences to a site or ad network, but remember that not everyone uses ad blocking services.  Rather than stopping all ads, this would be merely a modest penalty for even the worst offenders. Nevertheless, it **is** a penalty, and therefore should help incent ad networks and sites to better police their content. I think enough people using an Ad Blocker that follows these principles could have a strong positive effect on the internet as a whole. I also believe it would actually INCREASE revenue for sites and ad networks alike, by improving user trust and confidence in the ads they see (thereby increasing the value of each impression) and by shaking some of the more irresponsible players out of the industry, thereby leaving a higher share for those who remain.


The Missing DHCP snap-in for Windows 10 Remote Server Administration Tools

November 6th, 2015 · 4 Comments · .net, c#, development, networking, Powershell, servers

If you’re used to managing Windows Servers, you’re likely familiar with the Windows Server Remote Administration Tools. These tools are packaged as a download for each client (not server) version of Windows. They provide the same set of MMC snap-ins you’ll find on a server, such as Active Directory Users and Computers, DNS, or Group Policy, but for your desktop. You can connect the tools from your desktop to whichever server you need.

Unfortunately, the Windows 10 version of these tools left something out. There is no DHCP snap-in. Instead, Microsoft included a set of Powershell Commandlets for managing a Windows DHCP server.

Now, Powershell is fine for many things. It’s even probably the best way to make changes to your DHCP configuration. In a perfect world, ALL changes to a server happen via command line scripts that were first tested outside of production, and then stored in order in a tool like Puppet or Chef, so that a server can be rebuilt from stock just by running the stored scripts.

However, day to day work sometimes requires quick access to dhcp lease information, where I may want to do things like sort by lease expiration, IP address, or
MAC address. The command-line Powershell tools simply didn’t appeal to me for those times when I just want to get some quick information, and perhaps copy it to the clipboard.

So I built my own viewer for Windows DHCP server scope and lease information. It’s on GitHub. Go take a look.


Steam Controller Review part 2 – Game Play

October 20th, 2015 · No Comments · IT News

Continuing from part 1 of my Steam Controller review.

The first thing I need to get off my chest is Steam’s In-Home Streaming feature. Most of my time with the Steam Controller involves In-Home Streaming, and this is also my first experience with that technology. I want to focus mainly on the Controller, but in order to do that I need to clear the air on In-Home Streaming.

All in all, In-Home Streaming has worked much better than anticipated. My experience showed it is actually possible to play low-latency games like Counter-Strike and Portal via In-Home Streaming. The responsiveness and picture were both good, as long as you’re willing to explore the settings available.

However, adding this extra moving cog into the mix did introduce some new struggles. I had to troubleshoot several things, and so far have not been able to get the Steam Controller to play Portal or Portal 2 via In-Home Streaming, even though Counter-Strike: Source, which has a very similar setup and engine, worked just fine.
Update Oct 20: Valve has released an update to address the issue with Portal and Portal 2.

Now, about the Steam Controller.

I spent enough time playing Counter-Strike to get a few kills; with this controller, it took a while. If a person who scored 15 kills in a round with a mouse and keyboard would only score 4 or 5 with dual analogs (and yes, I believe there is that much difference), the same person could probably do 6 to 7, maybe 8, with the Steam Controller. The Steam Controller is a definite improvement over dual-analog options, but not, in my opinion, to the level where it can replace a mouse and keyboard.

It may be possible with practice to get pretty good, and there may be new configurations or better support for this class of game coming, but as it stands it’s just too hard to aim well at close range at someone moving across the screen. While this isn’t great for the Steam Controller, it’s not out of line for my expectations coming in, and if anything it still exceeds them.

First person shooters like Halo that were born on consoles tend to take this into account in their level designs, and I may look to try a few of those in the future. I may also put in more time with the Controller when I get the Portal games working. With time, I may get good enough to make another attempt in a team game versus real people. However, I’m competitive enough to cringe at the idea of going into a game like this with that kind of handicap.

Where I am most interested in this controller is for more “casual” games, and here it worked great.

I had given up on Lego Marvel Superhero after I first purchased the game. It’s not the kind of game I want to play sitting at my desk, but it didn’t play well at all with the wireless keyboard/touchpad combo I have for the computer. It just wasn’t fun. The Steam Controller makes this game fun again.

Final Fantasy XIII worked pretty well, too. There were some glitches involving In-Home Streaming, but overall I prefer playing this game from my couch, with the Controller, on my TV over playing it at my desk, as well.

I played several hours of Civilization V, and it was good. I needed the keyboard handy at time just to adjust amounts of Gold when bartering with other nations, but that’s something I do rarely. The only other problem is not related to the Steam Controller: the text was just too small in many places. I often found myself standing in front of the TV so that I could clearly read information. I doubt the publisher ever fixes this game, but I’d look for future releases to be sensitive to that issue. Overall, I think I prefer this experience to playing the game at my desk.

The controller worked well for browsing and watching Netflix. I especially found it easier to manage for browsing than the bulkier keyboard. I could improve things further with some custom button binds, but I haven’t explored that yet.

I do have a few real complaints. Something in the driver for the Controller seems to conflict with the wireless keyboard/touchpad combo I use. Sometimes one device or the other will not function, while the other device has taken precedence. In this case, I’ll point the reader back to the last article, where Valve is very explicit that this is still beta, and they are watching for this kind of issue. I’ll be surprised if a firmware update in the next few weeks doesn’t fix this for me.

I also promised an update on battery life. After 14 hours over three days using the controller, Steam still reports 100% battery life remaining when I check it’s settings. Doubtless this is another issue, possibly due to standard instead of rechargeable batteries, but so far battery life seems to be at least reasonable.

One area where I could see the Steam Controller doing real, but did not get a chance to try, is in an MMO like World of Warcraft, Star Wars Old Republic, or Perfect World. If someone tries one of those games, I’d love to hear about how it worked for you.

In conclusion, I’m very pleased overall. There are some things I’d like to do with the Steam Controller that I can’t do well, such as play Counter-Strike, but within the expectations I set for the device, it’s performing admirably.


Steam Controller Review part 1 – Expectations and Unboxing

October 16th, 2015 · No Comments · IT News

To start this review, I need to come clean: I hate game controllers. I mean, really hate them. My game of choice is the first person shooter, and my platform of choice is a PC. Give me a keyboard/mouse or give me death! Literally. My character is probably gonna die a lot if I’m forced to use a controller instead of my beloved mouse and keyboard.

In the Steam Controller, Valve is attempting to bring some of that mouse and keyboard precision to your living couch and TV, but you’ll have to color me skeptical. I think the key words in that previous sentence are, “some of”. I’ll be very surprised indeed if the device sitting next to me is able to deliver.

Thankfully, I can use the power of reasonable expectations to still come out of this with a positive experience for the controller. While shooters are my preferred game, I’ve been known to play the occasional Final Fantasy, Lego Star Wars, or real-time strategy. I’m looking for the Steam Controller to up my experience in these areas. I’m also hoping to use the Steam Controller as an improvement over my current setup for controlling Netflix playback via the computer behind my TV.

About that. I have a computer behind my TV. It’s a 2010 Mac Mini that I got for free and resurrected from the dead by putting a spare laptop hard drive inside to dual boot Windows 10 and OS X. A gaming PC this is not. However, it’s adequate for Netflix playback, and should suffice for Steam In-Home Streaming. Again, color me skeptical that In-Home Streaming will be responsive enough for shooters. However, this won’t be a problem as long as I limit my expectation to the kinds of games where millisecond adjustments aren’t needed. The Steam Controller can succeed in getting a 5-star review by excelling in those areas. If it works for shooters, too (and I will at least try this a few times), that’s just a bonus.

Let’s move on to the unboxing. Here, I have to give Valve full marks. I wasn’t really expecting to see my controller until later this month or early next, but they did right by their pre-orders. I received a notice with tracking info when the controller shipped, as well as a follow-up notice just ahead of it’s arrival that I believe is worth re-printing here:

The first Steam Link and Steam Controller pre-order units are scheduled to arrive over the next few days.

We’re eager to hear your feedback as we continue to make changes and improvements leading up to the full retail launch on November 10th. For the next few weeks, we recommend that you opt in to the Steam client beta (through the System settings panel in the Big Picture UI) so that you’ll be running the most current fixes and functionality.

We’ll be keeping an eye on forums everywhere, but we’ve also set up a contact email address for everyone on the team: SteamHardwareFeedback@valvesoftware.com. Whether you’re having a great time or running into issues, we want to know.

I believe that was beautifully executed. Well done, Valve.

The device itself looks and feels great. Here is the box:

Steam Controller Box

Opened up:

Steam Controller Opened Box

Further contents:

Steam Controller

Also in the box were a Product Guide and Quick-Start Guide. You can see that controller ships with a set of AA batteries. I have no idea what the battery life will be, but I have an ample supply of rechargeable AA’s at home. I am a little disappointed that it doesn’t use something more like a cell phone battery, but I imagine this helped keep costs down, which I also appreciate.

The feel of the controller is pretty good overall. The right trackpad fits under my thumb much better than expected. Left and right motions are actually more of a diagonal axis across the pad, so I hope this is either adjustable or pre-tuned correctly (I will report this after some time in actual game play). The handle buttons under my ring finger and little fingers feel good. I’m not so sure about the upper trigger buttons yet.

My biggest concern right now is that my thumb has to leave the trackpad to use the XYAB buttons. I have to choose one part of the controller or the other. However, this is more on game designers using layouts and mechanics that don’t require this, or on me to work around it through customizing the layout.

That’s all for now. Stay tuned for part 2 in a couple days, where I’ll talk about the actual playing experience with the controller.


Technology vs Magic

April 2nd, 2015 · 1 Comment · non-computer

In honor of the death of Terry Pratchett I’ve been re-reading a few of his books. One in particular is “Maurice and his Educated Rodents“. The premise of the book is that a cat and some rats come across some magical debris that gives them human-like intelligence and speech.

Something in that got me thinking about the difference between magic and technology. People do research all the time to examine and improve the intelligence of rats and other mammals. Imagine what a wondrous technological advancement it would be to create a drug that could give human-like intelligence to a colony of rats! But the cat and rats in the book could also speak. Not just that, but they used human language. That’s magic. Not only do we have the intelligence increase, but the knowledge transfer as well. That’s clearly magic. There’s just something there that knows what you need for the advance to be practical.


Issues with HTC 8x 8.1 Upgrade

February 14th, 2015 · 1 Comment · Uncategorized

I have an HTC 8x phone on a Verizon MVNO (Page Plus). Today, I was excited to see that the Windows Phone 8.1 update was finally available for my device. That excitement was to be short-lived.

As the update finished installing, the final step is to reboot the phone into the new OS. Unfortunately, this didn’t go so well. My phone now continuously restarts in a never ending cycle. It reboots in a loop that I can’t get out of.

After consulting Google, I learned that my only recourse is a full factory reset. Unfortunately, the normal procedure for this does not work for my phone. What you are supposed to do is hold down the volume down button while the phone is off, and after turning it on tap the power button again at just the right time. Unfortunately, after many many attempts, I gave up and determined that this would not work for my phone.

Using the online chat features for HTC, Page Plus, Microsoft Windows Phone Support, and Verizon also got me nowhere (I would have called, but, well…). Page Plus particularly was unhelpful, which was disappointing. After 5 straight hours of work on this problem, I am still without a phone.

Early on in the process I was able to get to the screen with the ! icon on two occasions, but was not able to complete the hardware reset, nor was I able to reproduce the steps that produced that screen. I was also able on three occasions to get the lightning bolt/gear screen, but I wasn’t able to find any useful information on the purpose of that screen.

The good news is that I can force the phone to shut down and stay shut down. That’s really why I made this post: I haven’t seen that information anywhere yet. To do this, hold down both the volume up and volume down buttons at the same time. This will bring you to a new screen with three bar codes. From here, you can turn the phone off by holding down the camera button. Unfortunately, as soon as you connect the phone to a charger, it will start up again and re-enter the reboot cycle. The other thing you can do from this screen is connect the phone to a computer. You can make it work with Vista and XP, but Windows 7 and Windows 8 will have drivers out of the box. You can’t really do anything normal with the link, but later on this link may be required to replace the system ROM.

I have a theory as to what went wrong. I believe that the update botched the battery calibration, such that it believes that the battery is nearly empty (clearly is not, or the phone would be dead now). When the phone starts, it reads the battery state and believes that the battery is too low to boot into the OS, or even reset screen, and instead restarts itself. One other thing I was asked to do was to charge the phone for 10 minutes, and then hold down the volume down, volume up, and power buttons for 2 minutes. This is another item that I haven’t seen recorded anywhere else yet. They never said what this was supposed to do, but I have a suspicion that it was intended to reset the battery calibration.

Perhaps allowing the phone to fully discharge will make the battery calibration more accurate, allowing me to charge it somewhat and enter the factory reset screen, or even avoid the need to do the factory reset at all, if that is enough to allow the phone to finish booting (I’m not holding my breath here). Before I let that happen, though, I have one other option.

At this point what I believe I really need is to restore the original ROM. My time on chat with HTC and Microsoft leads me to understand that, for this product at least, Microsoft supplies materials to make a stock ROM to HTC. HTC much customize it for the phone’s specific hardware, and in turn provide materials for the customized ROM to Verizon. Verizon then customizes it further for their network and produces the final ROM update to distribute. Therefore, in this case, the only place to get the ROM that I need is Verizon. As I am not a direct Verizon customer, I was unable to communicate with them on the issue. I had to go through Page Plus, who seriously dropped the ball here in supporting me. They may have lost a customer over this issue.

Page Plus did suggest I try bringing the phone to a dealer, but I am an online customer and the nearest dealer is, shall we say, less than convenient. What I will do instead is try to bring the phone to a Verizon retail store, and see if they can help. I may be able to bypass the barrier in person that I could not over the web (seriously Verizon: if you’re going to allow MVNOs, accept the MVNO phone numbers as valid for creating support accounts). If that doesn’t work, I’ll have to let the phone drain and start looking on shady bittorrent sites for a download with the software I need (and am licensed for).


Installing AirServer on Windows

November 20th, 2014 · No Comments · Windows

It’s no secret that I prefer AirServer above AppleTVs for classrooms. The ability to mirror a faculty iPad to a large projector screen turns it into a powerful educational tool, and I believe AirServer is the better choice for most schools. I manage AirServer installs in 30 classrooms, and even have it installed on my HTPC at home. My extensive use of this software means that I need to be able to install and activate the software in a reproducible way for our classroom computers as we periodically update our classroom image. What you may not know is that installing AirServer on Windows is not as straightforward as we’d like.

This isn’t entirely AirServer’s fault. The AirPlay protocol (and processing power limitations of your iOS device) mandate that the video streams sent from your device keep the original encoding from whatever the current random app is showing. AirServer depends on the operating system’s ability to decode these video streams. The variety of video types used in various iOS apps far exceeds what codecs are included out of the box with Windows.

I expect that AirServer could, of course, package the most-used of these codecs with their software (and I expect they do this to some extent already), but there are way too many to get them all in one place, and doing so would add licensing costs to the product that I’m happy to avoid. In order to reliably mirror your device there are still some common and uncommon codecs that you’ll want to be able to handle at the operating system level, as well as an additional networking standard you’ll need to support. In short, there are prerequisites you’ll need to get the most out of AirServer that are not included in the software’s installer. I think AirServer could do more with their Windows installer to make these easy to acquire, but until then I’ve got your back.

While I do need to install AirServer more than most, it’s still not all that often. To avoid mistakes, I keep copies of the prerequisites in the same network folder where I keep the AirServer installer itself, and arrange things in a way that encourages success. Here’s what that folder looks like:


Note how I’ve renamed files so that there is an intuitive flow for the installation process. We’ll go through the steps indicated one by one. AirServer itself has an automatic update mechanism, but most of the other items do not. I want to make sure I’m not pushing obsolete (and possibly insecure) software to my classrooms, and so the first step (Step 0) is to make sure that each of the items I’m using is the most recent (read: fully-patched) version available. I’m considering replacing several of the actual download packages with shortcut files to the download page for the project, to ensure I always get the latest version.

This brings us (at last) to the prereq’s themselves. The full list is available here. The first is Bonjour Print Services for Windows. The documentation says that iTunes is enough, but I’ve had better results when I ensure the Print Services package is installed. Print Services is a free download from Apple, and it allows your Windows computer to support the multi-cast DNS protocol (mDNS). I have strong feelings about this protocol that are not fit for public print, but for better or worse you need this for anything Apple, including AirPlay mirroring. This is the most important prerequisite. Without it, AirPlay just won’t work.

The remainder are various open codec packages for use with Windows DirectShow. The packages combined allow you to play almost anything. Be sure to pick the correct x86 or x64 installer, depending on your operating system type. I also need to mention here that there is a current bug in the iOS YouTube app (YouTube videos still play through iOS Safari) and that some apps use copyright protection for their content and just will not mirror, even on a real AppleTV.

Now at last we come to installing AirServer itself. As you run through the installer, I need to call out a few of the options. The first is that you should NOT activate AirServer during the install process. This is especially important for my classrooms, where I need to support many users, but even on your home computer, if you have more than one user account that may want to use AirServer, do not activate at this time. The other option is whether you want to have AirServer run in the background automatically. For my classrooms, where many users log in and out throughout the day, I’ve found this option can cause problems. If you are the only (or primary) user on the machine, where it’s less common to be logging others in and out of the computer, it’s probably safe to let it run in the background.

Now at last AirServer is installed. However, it’s not activated yet, and won’t let you mirror. Let’s take care of that. To do this, you’ll need your license key. You’ll also need to start a command prompt. When the command prompt is open, enter the following commands:

"%ProgramFiles%\App Dynamic\AirServer\AirServerConsole.exe" activate <<License Key>>
"%ProgramFiles%\App Dynamic\AirServer\AirServerConsole.exe" set name <<MirrorName>>

Replace “<<License Key>>” with your license key, and “<<Mirror Name>>” with the name you want to show on your iPad or iPhone when you open up the AirPlay control panel to start mirroring. If you don’t activate and set the name in the console, it will only activate for the current user. When other users try to run the software, they’ll have to reactivate it and set their own name. The key will be saved, and they’ll be successful… at first. But it’s a step they shouldn’t have to take, and soon you’ll run out of activations for your license. The console method activates it once for every user on that PC.


There are worse things than Exceptions

October 21st, 2014 · No Comments · .net, c#, development, stackoverflow

A piece of advise I’ve given on Stack Overflow more than once is to avoid the File.Exists() method, and others like it. Instead, I’ll tell people to just use a try/catch block, and put their time into writing a good exception handler. I won’t re-hash the reasoning here, as I’ve already covered it before. One of those links was even Gold badge -worthy.

One of the responses I often get to this strategy is that handling exceptions is slow. Why risk a slow exception handler if you can avoid it most of the time with a quick File.Exists() check? I think this argument misses the point first of all for correctness reasons. You still need the exception handler, and using File.Exists() to avoid it is a mistake. But more than that, I think that is just plain wrong about the performance issue, too. Here’s why.

Yes, handling exceptions is expensive from a performance standpoint; very expensive. Let’s get that out of the way: I’m not trying to say that exceptions should be your first choice in every situation. The list of things you can do in programming that are slower is very short. However, the list is not empty. Do you know what’s worse than exceptions? I/O. Disk and Network are far and away worse. Let me explain. Here’s a link and except that show just how much worse they can be:


Latency Comparison Numbers
L1 cache reference                            0.5 ns
Branch mispredict                             5   ns
L2 cache reference                            7   ns             14x L1 cache
Mutex lock/unlock                            25   ns
Main memory reference                       100   ns             20x L2 cache, 200x L1 cache
Compress 1K bytes with Zippy              3,000   ns
Send 1K bytes over 1 Gbps network        10,000   ns    0.01 ms
Read 4K randomly from SSD*              150,000   ns    0.15 ms
Read 1 MB sequentially from memory      250,000   ns    0.25 ms
Round trip within same datacenter       500,000   ns    0.5  ms
Read 1 MB sequentially from SSD*      1,000,000   ns    1    ms  4X memory
Disk seek                            10,000,000   ns   10    ms  20x datacenter roundtrip
Read 1 MB sequentially from disk     20,000,000   ns   20    ms  80x memory, 20X SSD
Send packet CA->Netherlands->CA     150,000,000   ns  150    ms

If thinking in nanoseconds isn’t your thing, here’s another reference that normalizes a single CPU cycle as 1 second and scales from there:


1 CPU cycle             0.3 ns      1 s
Level 1 cache access    0.9 ns      3 s
Level 2 cache access    2.8 ns      9 s
Level 3 cache access    12.9 ns     43 s
Main memory access      120 ns      6 min
Solid-state disk I/O    50-150 μs   2-6 days
Rotational disk I/O     1-10 ms     1-12 months
Internet: SF to NYC     40 ms       4 years
Internet: SF to UK      81 ms       8 years
Internet: SF to AUS     183 ms      19 years
OS virt. reboot         4 s         423 years
SCSI command time-out   30 s        3000 years
Hardware virt. reboot   40 s        4000 years
Physical system reboot  5 m         32 millenia

Taking even the best-case scenario for exceptions, you can access memory at least 480 times while waiting on the first response from a disk, and that’s assuming a very fast SSD. Many of us still need spinning hard-drives, where things get much, much worse.

For a comparison reference, Jon Skeet has blogged about exception handling, where he was able to handling them at a rate of between 42 and 188 per millisecond. While there were some issues with his benchmark, I think the point is spot on: relative to other options, exceptions may not be as bad as you think.

And that’s only the beginning of the story. When you use .Exists(), you incur this additional cost (and it is an addition: you have to do the same work again when you go to open the file) on every attempt. You pay this costs whether the file exists or not, because the disk still has to go look for it in it’s file tables. With the exception method, you only pay the extra costs like unwinding the call stack in the case of failure.

In other words, yes: exceptions are horribly costly. But compared to the disk check, it’s still faster — and not by just a small margin. Thankfully, this is unlikely to drive your app’s general performance… but I still want to put to bed the “exceptions are slow” argument for this specific task.


MVP No More

October 1st, 2014 · No Comments · non-computer

For the past five years I’ve been honored to be recognized as a recipient of a Microsoft MVP Award. One of roughly 4,000 awardees world-wide, this is an incredible honor, and I’ve been humbled to part of that group. Today my most recent award expired, and it will not be renewed.

I can’t say I didn’t see this coming. When I was first awarded five years ago, I was at the top of my game in the programming world. However, shortly thereafter my career took a turn as I left full-time programming to become a Systems Administrator. This was an amazing opportunity for me, but it also meant starting back at the bottom of the knowledge curve. Since then, it’s been harder and harder every year to continue contributing as a programmer at that same high level (though I still do participate a lot on Stack Overflow), and while my systems administration skills have grown, I have years to go in that area before I’ll be anywhere close to MVP-level.

So it’s been fun. I appreciated all the benefits, and I’ll remember the one Summit I was able to attend forever. I’m not bitter. I wasn’t looking for the award when it came, and it means more that I had it if Microsoft continues to protect the integrity of the program. It will stay on my resume (with notes for the award years), and probably continue to open doors for me long into the future. Maybe someday I’ll be re-awarded as Microsoft Server MVP. Until then, I’ll just keep doing what I do.

As a closing note, one of the nice things is that my understanding is that I can still use this the MS MVPs blog site, so I won’t have to move any content I’ve posted here, and I can continue to post here whenever I feel like I have something worth posting.


Cleaning an Infected Computer at Work

September 23rd, 2014 · No Comments · security, superuser

I have two basic philosophies underpinning how I approach infected computers. To begin with, I don’t really believe in cleaning an infected computer at all. I could cover the reasoning for this in more detail, but I already have a well-voted answer on SuperUser.com that I think says it better than I could fit here. For computers that I manage at work, I capture base hard disk images for our deployed PCs, and can use those to rebuild an infected computer from scratch. Combine this with the fact that most end-user data lives on a server, rather than the local machine, and this process is often faster than cleaning the computer anyway.

That said, I don’t use roaming profiles, and therefore this process is still very disruptive for users. There are literally thousands of settings that go into a user profile, and while most will never change from the default, over time the cumulative effect of a setting here, an option there, can make a real difference. Additionally, just because you have a few pop-ups, it doesn’t mean you have a rootkit.

Therefore the policy I follow at work is that we do allow some clean-up before resorting to wiping or replacing a computer. However, I limit the techniques I’ll use. Here is the full list:

  • Uninstalling unwanted items via the Control Panel
  • Editing specific registry keys where startup programs are kept
  • Manually disabling Services and Scheduled Tasks
  • Using MSConfig or the StartUp tab in the Task Manager (Windows 8 and later)
  • Manually deleting normal files and folders left behind from an uninstall process
  • Using existing Antivirus software already on the computer

This is the extent of it. If these don’t get the job done, it’s time for a wipe. Some notable items that are not in the list include rebooting to safe mode, installing an anti-malware tool, and running an anti-virus scan in a clean environment. If I have to do those things, I usually figure I’m better off wiping the machine.

Even with the tools I will use, there’s a catch: I’ll only do this once for a given infection. If, after an initial clean-up attempt, there are still pop-ups or other signs of infection, or if the symptoms return, that’s it. It’s time to nuke the machine and start over.

The other philosophy I follow is regarding administrator rights. I do allow staff to have administrator access on their own machines by default. This is a practice that pre-dates my time here, and one I was not fond of when I started. However, over time I’ve come to accept it as more helpful than hurtful… especially since the introduction of UAC. Under no circumstances do I permit UAC to be disabled, and there are some settings that are enforced through Active Directory Group Policy as well. But the main thing is that, by and large, I do permit administrator rights on end-user PCs.

This is important because I’m only will to wipe a machine for free once. For an end user, if it’s to the point where we’re replacing your machine for the second time, you’ll find you no longer have administrator rights to your computer when the third machine arrives. I worry that eventually this policy will lead to unreported infections, especially if it’s ever embraced by non-technical management to the point that maintaining the ability to have administrative access is necessary to being able to do your job. However, to date I’ve only had to enforce this one time.