How to fix the “You’ll need to provide administrator permission to copy to this folder” error

Here’s a good one:

Everytime you try to copy a file to your USB stick you get this error:

You'll need to provide administrator permission to copy to this folder

You'll need to provide administrator permission to copy to this folder

The ironic thing is that you are the administrator of your computer yet Windows keeps pestering you about getting permission from the administrator to complete the action.

Furthermore, it’s farcical, almost absurd, that Windows provides three equally useless buttons.

I don’t want to Cancel the action nor do I want to Skip the file I’m trying to copy but if I click Continue I get a new error:

You need permission to perform this action

If I click Try Again that immutable error remains and haunts me like a specter.

There’s nothing I can do to get around this access denied message.

You need permission to perform this action

I mean, as the Administrator, who exactly do I need permission from to access this folder?

  • Is there a hidden super Administrator account out there?
  • Microsoft? Do I need to call Microsoft for permission?
  • Do I need to ask God for access?
  • What gives?

Among the multifaceted idiosyncrasies of Windows this has got to be the most annoying.

You could try disabling User Account Control (UAC) but that has it’s own issues.  Disabling UAC has other ramifications which will weaken the security profile of the OS and prevent some ModernUI (Metro) apps from running.  In addition, it may not even fix the problem.

Alternatively, you could try using Unlocker or even manually take ownership of the destination folder but these actions might be equally futile.

The first thing I would do is disable your Antivirus Software.

Some programs such as AVG Free and Quick Heal have peculiar features which have good intentions but can get in the way.  I know Avast calls its version of data protection File System Shield.  Different vendors have different names for it but the easiest thing is to:

  1. Disable AV protection
  2. Copy your files
  3. Enable AV protection again

In Quick Heal you can disable Data Theft Protection under the External Drives & Devices section.

Quick Heal Data Theft Protection

You’re AV software should have something comparable.

If that doesn’t do the trick please let me know in the comments because I’ve discovered that AV software is the culprit 90% of the time.

Tagged with:
Posted in Windows, Windows 7, Windows 8, Windows 8.1

Why does my Windows 8.1 PC take forever to shutdown?

Which of these scenarios is worse?  A computer that takes an inordinate amount of time to:

  • Start up or
  • Shut down?

Okay, I guess that’s like asking which is worse: a slow computer or a capricious computer?  In other words, both equally suck and one isn’t really any less annoying than the other.

But this is the thing: When my computer takes ages to shutdown it tempts me to my hold in the power button to force off the power.

I don’t want to wait for the computer to turn off – when I’m done with my PC for the day it shouldn’t merely acquiesce to my shutdown request; no on the contrary it should execute my commands with alacrity and turn itself off in a matter of seconds.

If your PC chronically founders when you tell it to power down then we need to find out why it founders. Is there an easy way to identify the programs or processes that are making a speedy shutdown futile?

Identifying the culprit

One of the most reliable means of identifying aberrant processes is using a free toolkit from Microsoft called the Windows Performance Toolkit which is part of a large software package known as the Windows Software Developer’s Kit (SDK).

I know “Software Developer’s Kit” may sound grandiloquent or even daunting, especially if you’re not a software developer; however, we’re not going to touch a single bit of code.

While it’s true that Windows developers use the SDK to compile and test code;  today we’re only going to analyze some data values so we can figure out what’s bothering your hapless computer.

Installing the SDK

First we need to download the right SDK.

There are different versions for Windows 7, Windows 8 and Windows 8.1 so make sure you grab version that matches your operating system.

Since I’m running Windows 8.1, I’ll demonstration how I got this thing going my OS. Click open the executable named sdksetup.exe and keep the default installation location.

You might notice the setup wizard requires a glut of space; at one and a half gigs this thing looks like a beast.

Fortunately on the third setup screen you’ll have the option to disable superfluous items.  I’ll show you that a little later.

Windows 8.1 Software Development Kit

On the next screen, opt out of the Customer Experience Improvement Program.

Microsoft has enough information about me, anonymous or not, thus I don’t feel compelled to give up anything else.

Windows 8.1 Customer Experience Improvement Program

Accept the license agreement…

Windows Software Development Kit License Agreement

The Software Development Kit comes chock full with a bunch of software libraries that aren’t really germane to what we’re trying to do; therefore, go ahead and un-check everything except the Windows Performance Toolkit.

Windows Software Development Kit for Windows 8.1

In the right pane you’ll see it includes:

  • Windows Performance Recorder
  • Windows Performance Analyzer
  • Xperf

That second guy there, Windows Performance Analyzer (WPA), is our ticket to shutdown speediness.  I’m going to show you how to use WPA, and his cousin Xbootmgr, to get to the bottom of the problem.

Click Install and you’ll be finished in 60 seconds.

Windows 8.1 Software Development Kit

Alright, now we’re done with the boring stuff.

Press Windows Key + x + a to open a Command prompt with Administrative privileges and navigate to the Windows Performance Toolkit folder.

Type this in:

cd \
cd  "Program Files (x86)\Windows Kits\8.1\Windows Performance Toolkit"

change directory to the Windows Performance Toolkit

Alright now save the changes from any documents, spreadsheets or projects you were working on and paste in the following cryptic command:

xbootmgr -trace shutdown -traceFlags BASE+DIAG+LATENCY -noPrepReboot

This tells Windows to trace the shutdown process and to do it immediately after you press the Enter key.

You should see a starting trace dialog box flash on the screen for an instant before your computer reboots itself.

Windows Development Kit Starting Trace

When it returns you’ll see something like this:

The trace you are capturing "C:\Program Files (x86)\Windows Kits\8.1\Windows Performance Toolkit\shutdown_BASE+DIAG+LATENCY_1.etl" may contain personally identifiable information

Windows Development Kit Shutdown

That’s good as it denotes the trace completed successfully.

Go ahead and open the Windows Performance Toolkit folder and then drag the trace file, which should be named shutdown_BASE+DIAG+LATENCY_1.etl, over the Windows Performance Analyzer file named wpa.exe.

Drag etl over wpa

This slick move forces the Windows Performance Analyzer to load all the trace data from the .ETL capture.

When it loads you should see a few items in the Graph Explorer sitting in the left pane:

  • System Activity
  • Computation analytics
  • Storage statistics
  • Memory facts
  • Power data points

Windows Performance Toolkit

I know this sounds crazy but you don’t need a Masters in Statistics to analyze the data here.

Let me walk you through how easy it is to find the processes that could be slowing down your shutdowns…

In the Graph Explorer, click open Storage, expand Disk Usage and double-click Service Time by Process, Path Name, Stack.

Windows Performance Toolkit

A bunch of data will take over your screen.  Let me break it down a little:

We can divide the right pane into two sections:

The top half lists your system processes and displays a graph that lists each process by how long it took to close (the horizontal axis) and how much memory was consumed at each time interval (the vertical axis).

The bottom half shows all your processes, the file path to the process file and the all important Disk Service Time column.

I want you to focus on this bottom pane.

The Disk Service Time column shows time values in millionths of a second, Microseconds.

So to see how long a particular process took to terminate just divide it by 1 million… just kick over the decimal point 6 places to the left to get seconds.

Since the column is Disk Service Time column is sorted with the longest close times listed first, I can start marching down the list to see the slowest processes.

Windows Performance Analyzer Process Path

In my example, I can see something called MsMpEng.exe took 257,250 microseconds to close.  That comes out to .2 seconds, which is paltry I know – but that’s besides the point.  I just wanted you to see where to go when you need to hunt down those slow processes.

If you click the little drop down arrow under the process name you’ll see even more data such as the human friendly name of the process in the file path.  Here, it looks like Windows Defender was nibbling on 56,254 microseconds of close time.

When you locate the offending process you can Google around to see if you need it and can then disable or uninstall it.

The Bottom Line

If your computer takes forever to shutdown then we use a broad stroke and start indiscriminately removing software or we can try a focused approach using the Windows Performance Analyzer.

It takes a little more work than uninstalling rando files you think are responsible for the problem but it’ll give you value insights and empirical data to support your assumptions and justify your actions.

The Windows Performance Analyzer isn’t perfect and can be hard to decipher; however, if you give it a chance and it’ll reward you by helping you identify processes which are slowing down your shutdowns.

If you have any questions please share in the comments!

Tagged with:
Posted in Windows, Windows 7, Windows 8, Windows 8.1

Security Research Labs hacks Galaxy S5 fingerprint reader

Is the integrated fingerprint reader on the new Galaxy S5 a sufficient password replacement?  In other words: is the fingerprint reader secure?

The answer is an astounding no.

In my mind, the Galaxy S5 fingerprint reader is just another bullet point on a feature list.

As forensic scientists at Security Research Labs discovered, the fingerprint reader isn’t ready for prime time.

In 2013, the Chaos Computer Club exposed a flagrant flaw in the TouchID fingerprint reader built into the iPhone 5s.  You can relive the moment in this 60 second Youtube demo.

Given how egregious the error was and the concomitant stinky press directed toward Apple, you would think Samsung would make its version of the fingerprint reader – indomitable.

But – oh my friend, you’re way too optimistic.

The fingerprint reader on the Galaxy S5 is beset with problems.

With relatively little effort, a motivated attacker can spoof a valid fingerprint by brushing magnesium powder on paper, door knobs, or smartphone screens.  The prints, known as latent prints, are invisible to the naked eye but easily emerge when dusted with fine powders.

Since every human being on the planet has a unique fingerprint (even identical twins who share the same DNA), using fingerprints to unlock smartphones and make online payments might seem like a good idea. As far as biometrics are concerned fingerprint readers are a good thing; however, they must never be used in isolation.

I think fingerprint readers are a prudent addition to authentication systems but only when coupled with something you know such as a PIN or password.  The innate immutability of fingerprints is what makes them both a blessing and a curse.

The fact that they never change means if someone successfully forges your fingerprint there’s no way to change it.

Think about it: how would you change your fingerprint?  Get a finger transplant? Burn your fingertips?  Seriously, this is one of the biggest issues but still it’s not the biggest.  In my mind the biggest problem is that people constantly leave copies of print evidence everywhere.

Smartphones, deskphones, and keyboards are obvious places where we unwittingly leave behind print evidence.  Here’s my question: how easy is it to lift prints from these common places?

Well, if you have a chemical called Cyanoacrylate, which is ubiquitous in Krazy Glue and other strong adhesives, you can use the vapors to display the print.  This works because Cyanoacrylate is a catalyst that reacts to the oils and salts of a human fingerprint.  You can then take a high-resolution photo of the print and use it to make a mold slab which you can use to gain unauthorized access to the victims phone.

Most criminals may not go through the effort of doing this; however, if you’re a high-profile individual like a politician or president then you could be the target of such machinations.

I’m getting the notion that big brands such as Apple and Samsung are more concerned about selling products than they are about securing them.  Security is invariably an afterthought.  Instead of implementing a software and hardware development life cycle that bakes security into every phase of development, it gets slapped on the end and then touted as a cogent reason for buying the product.

I’m actually disappointed in both Samsung and Apple but mainly Samsung.  I wouldn’t go so far as to indict Samsung as being duplicitous but the fingerprint reader should not be marketed under the rubric of security.

Admittedly, biometric systems aren’t perfect and there are advantages and disadvantages to each system; however, the onus is on Samsung to get it right.

In summary, I exhort you NOT to trust the fingerprint reader alone as the singular key for unlocking your smartphone.  If you’re going to use the fingerprint reader always use it in tandem with something else like a secure password.

Another issue is that businesses are eager to flaunt app integration with fingerprint readers and yet forgo the rigorous testing required before selling the product.  Paypal is a case in point.

On the Galaxy S5, Paypal authenticates money transactions with that notorious fingerprint scanner.  The ramifications are obvious: now there’s even more reason to steal and mold fingerprints.

In response, Sophie Curtis reports that Paypal told The Telegraph:

PayPal never stores or even has access to your actual fingerprint with authentication on the Galaxy S5. The scan unlocks a secure cryptographic key that serves as a password replacement for the phone. We can simply deactivate the key from a lost or stolen device, and you can create a new one

That’s fine but still doesn’t obviate the phone manufacturers responsibility for securing the biometric devices on their phones.  The bottom line is that Samsung abdicated its responsibilities by mass producing something that isn’t ready to market.

I love Samsung but it really missed the ball this time.

Tagged with: ,
Posted in Mobile, News

How can I tell how many CPU cores I have in Windows 8?

Some people have a fervor for knowing all the details of their system hardware.

In Windows 8 you can easily view the juicy specs about your CPU speed, RAM usage and OS bit version.

Just press Windows Key + x + y to get the summary… but what if you want to see how many cores you have?

First let me explain what I mean by core.

CPUs do a lot

I’m going to figuratively say that the computer’s central processing unit (CPU) is analogous to your central nervous system: your brain.

That is, every click, keystroke, and action is processed through the CPU just as every sensory input as a human being is governed by your brain.

The CPU has the laborious task of synthesizing billions of electrical impulses per second.   Technically speaking, the CPU comprises foundational technologies such as:

  • Arithmetic Logic Unit
  • Interrupt Handling
  • I/O Control

Let’s briefly walk through the trio

Arithmetic Logic Unit

The ALU is a fancy name for the digital circuit that works out all the basic math and logic functions on your computer.

I suppose if we extend our brain analogy, the ALU would be your brain’s cortex. We’re getting philosophical here, but your stream of consciousness is the closest comparison I can think of to the ALU because it’s where activity is the busiest.

Interrupt Handling

You’re assiduously banging out an email when your boss suddenly stomps in your office and breaks your concentration.

He drops a heavy UPS box on your desk and the sheer weight of the fall almost topples your desk lamp.

After the dust clears he barks: “Hey, I need you to expedite this package to New York.  The CEO is expecting it tonight.”

Interruptions suck but they are great way to illustrate the daily life of a CPU.

CPU’s are constantly receiving interruption signals from software and hardware which means its attention is always being pulled from the current task (known as a thread).

CPU’s manage all these interruption and ensure that the active thread still gets reliably executed.

Input/Output Control

When you think of I/O control think of a traffic cop.

In addition to managing interruptions and executing math operations the CPU coordinates the flow of data to and from itself with the help of a specialized controller called a Channel Processor.

Usually the CPU offloads chunks of the I/O functions to this Channel Processor which then independently deals with data exchange.

Cores Cores Cores

So what’s the deal with CPU cores?

Just think of one CPU core as one CPU

Thus, a dual core processor means you have two cores; that is – two CPU’s inside of one physical CPU socket.

This pattern continues for quad-core processors and so on.

So a dual core processor is a single CPU with two cores which is roughly equivalent to having two physical CPUs.

Having multiple cores means you can process multiple instructions in parallel.  In addition you actually get a performance surge by squeezing multiple cores on to a single slab of silicon because the signal has less distance to travel and therefore doesn’t a attenuate as easily and allows chip designers to push more data for each clock cycle.

Alright, enough of the pedantic details, here’s how to see how many cores your computer has.

Viewing your cores

Open a command prompt by pressing Windows Key + x + a and paste in the following command:

WMIC CPU Get /Format:List

Use WMIC to get the number of cores of your CPU

Scroll down and look for NumberOfCores and NumberOfLogicalProcessors.  From the graphic above you can see I have a quad core processor.

The second parameter is double the first because my PC is using Hyper Threading Technology.

Another way to view your cores is to simply press Ctrl + Shift + Esc from the Desktop and click open the Performance Tab.

Windows 8 Task Manager CPU Cores

Those eight mini-graphs represent eight logical cores.  These logical cores include both your physical and virtual hyper-threaded cores.

If you only see one chart, you can right click it and mouse over Change graph to and select Logical Processors.

How to view logical processors

Tagged with:
Posted in Windows 7, Windows 8, Windows 8.1

Reinstall Mac OS X Mavericks from a USB stick or Recovery Drive

A maverick is an unorthodox, unconventional person… and guess what?  your intrepid operating system claims to fit the bill.

Usually Mavericks lives a happy life opening apps with felicity and running  Safari with alacrity – but sometimes the story isn’t so sanguine.  In fact, there are a faction of users who’ve seen its darker side and if you’re one of them read on.

When your Mac has you lamenting the day you switched from a PC,  it could be time for a complete re-install.

There are two ways to kick off the show.  The first is infinitely cooler than the second but I’ll tell you both anyway:

  • From a USB Drive
  • From a Recovery Drive

Before I explain I should mention a few things:

You can’t buy a Mavericks DVD

Mavericks is diskless so you can’t just march into an Apple store and demand that a Genius sell you a Mavericks DVD.

If she’s a snob, she’ll regard your request as farcical and will shoo you away but that probably won’t happen.  When I visited the Apple Store at Grand Central Station about a month ago, the Genius cordially told me to download it from the App store.

Mavericks is available as a 5.3GB download from the App store… I’ll show you how to get it in a bit.

The USB install is convenient

Let’s say your a Mac man (or Mac girl) and your home looks like a Macbook Pro got frisky with a Mac Mini and gave birth to a dozen Apple devices.

You know what I’m talking about: you’ve got:

  • a Mac mini in the office
  • a Macbook pro in the living room
  • a Macbook Air in the kitchen
  • and a clamshell iBook G3 from the late 90′s sitting in your garage.

One day you want to upgrade all your Macs (except that iBook because it’s an artifact) to Mavericks; it’s a lot easier to install the OS directly from the USB drive rather than launching the App store and downloading Mavericks on each Mac.  The convenience of the USB boot option compelled me to share this method first.

I’m going to show you that you truely have the finesse to install a bootable version of Mavericks on your USB drive

It’s super easy and compared to the old-hat way of burning the OS to a DVD, a USB drive is more flexible.  For example, whenever a newer version of Mac OS X arrives, let’s say Apple calls it Mac OS X Killer Lion, you can simply erase the old image and copy Killer Lion like any other file.

With a DVD you’re fettered to limited rewrites and glacial write speeds; however, a USB stick is faster, more portable and more useful especially since many Macs no longer include DVD drives anyway.

Getting Mavericks on the USB stick

Alright let’s do this.  Make sure:

  • The USB drive has at least 8GB of space
  • You don’t care about losing everything on the USB drive.

After downloading Mavericks from the App store, we need to copy it from the Application folder or else it’ll disappear before we can create our bootable USB stick.

Open on the Finder, press Shift + Command ⌘ + a and copy the Mavericks installer, named “Install OS X“, to your Desktop.

Click the cloned version of the app while holding down the Control key and choose Show Package Contents.

Mac OS X Mavericks Show Package Contents

Expand the Contents and SharedSupport folders and double-click InstallESD.dmg to mount it.

Mac OS X Mavericks InstallESD.dmg

Okay, now we need to open the Terminal so we can view a very important file named inside the InstallESD.dmg package named BaseSystem.dmg.

BaseSystem.dmg is an invisible package sleeping inside InstallESD.dmg but we can’t view it by default.  But I’m going to show you a little trick…

With a little dexterity in the Terminal window we can view the contents of BaseSystem.dmg using the open command.

Press Command ⌘ + Space and type


Now paste in the following command:

open /Volumes/OS\ X\ Install\ ESD/BaseSystem.dmg

Mac OS X Mavericks Opening Base System

Once the package opens minimize the window and open the Disk Utility.  You can get here via Command ⌘ + Space and typing

disk util

Plug in your USB drive and then drag BaseSystem.dmg from the left pane into the Source text box in the right pane.

Next, drag your USB drive from the left pane into the Destination text box in the right pane.

Now click the Restore button to annihilate all data on the USB drive. It took my 32GB SanDisk drive about 8 minutes to finish the restore procedure.

Mac OS X Mavericks Disk Utility Restore Base System

When it finishes, click the BaseSystem.dmg in the left pane again but this time click the blue Eject button in the navigation bar near the top of the Disk Utility window.

Okay now here’s the potentially confusing part but if you follow my lead you won’t get confused.

In the Finder there should now be at least two mounted drives:

  • OS X Install ESD
  • OS X Base System

The first is the OS X Install volume we mounted earlier with that esoteric Terminal command.

The second is your USB drive.  The Disk Utility renamed your USB Drive to OS X Base System.

We need to do two things to finish up our bootable USB drive:

  1. Copy OS X Install ESD\Packages to OS X Base System\System\Installation
  2. Delete OS X Base System\System\Installation\Packages

Let me show you what I’m talking about because I know this looks crazy.

Open the Finder, click OS X Install ESD from the left pane then control-click Packages in the left pane and choose Copy “Packages”.

Incidentally, this folder is about 5GB so it’s going to take a few minutes to copy.

Mac OS X Mavericks copy Packages

Click on OS X Base System (your USB drive) in the left pane and click open the System folder in the right pane.

Next open the Installation folder and delete the file (Command ⌘ + Delete) named Packages.  This is just an alias but we need to remove it.

Mac OS X Mavericks deleting Packages alias

Now paste in the 5GB Packages folder we copied earlier.  Make sure you drop it in place of the Packages alias.  So it should end up in here:

OS X Base System\System\Installation\

Command ⌘ + v drops it in.

Now zip on your hoodie, lace up your Pumas and wire up your headphones because you’re going for a 15 minute jog around the block.

You just created your first bootable USB Mavericks drive and that deserves a celebratory action.  Good work.

When you return to your office, let’s do one last trick to tidy things up.

Open the Terminal again.  We’re going to rename your USB drive from that insipid OS X Base System name to something more meaningful:

OS X Mavericks Installer

Type this:

diskutil rename "OS X Base System" "OS X Mavericks Installer"

Mavericks Disk Utility to Rename Volume

Now you’re cooking with gas!  You’ve got Mavericks on your USB stick now and it’s bootable too.

Pop in the USB stick, reboot the box then press and hold the Option key and you’re good to go.

Mac OS X Mavericks hold options key

Re-installing the OS from Recovery

Reinstalling Mac OS X from a recovery drive is even easier and all your settings are preserved.

Reboot and when the gray screen appears, press and hold Command ⌘ + r.

After about a minute the OS X Utilities screen emerges.

Reinstall OS X

Choose Reinstall OS X and click Continue.

Click Continue on the installation Window to verify your computer’s eligibility with Apple.

This should take less than 5 seconds.

Mac OS X Mavericks

Click Agree to the license contract to sign your life away…

Mavericks License

Now select your drive… and you’ll be up and running in no time.

Install Mavericks, Unlock the drive with your Admin password

The Bottom Line

To re-install Mac OS X Mavericks on your Mac you can either create a bootable USB drive or use the OS X Mavericks installer from the Recovery Drive.

Creating a bootable USB drive has the fortuitous side effect of creating an emergency backup of the OS.  In addition, the USB Drive makes it really easy to install Mavericks on your other Macs.

Installing from the Recovery drive is another option and is as easy rebooting, holding down the Command ⌘ + r keys and clicking through an installation wizard.

If my little post helped you through a frustrating time or if you have questions about it please share in the comments!

Tagged with:
Posted in Apple, Mac OS X 10.9 Mavericks

How to disable the touch screen display on your Windows 8 computer

Our materialistic society is absolutely enamored with useless stuff.

  • Why do I need a 41MP camera on my smartphone?  
  • Why do I have 3 dozen apps when I only use 4 or 5 daily?
  • Why the hell does my phone record videos in 4K UHD?
  • Why do smartphone keep losing weight? The smartphone industry is in a perilous race toward anorexia.

When news breaks of some new gadget a melee breaks on the web as everyone rushes to be the first to own it.

Most people just want the latest mode; they want to be at the vanguard of what’s hip, vogue, and unique. With technology this is evidenced by the mobile mania that sweeps our country every Spring and Fall.

But this is the thing: Our acquisitive desire to amass the slickest accouterments has both impoverished and enslaved us at the same time.

By glutting our tech appetites on shiny, tiny computers such as phablets, tablets and phones we unwittingly increasing our dissatisfaction in what we already have.  Furthermore, our avarice leads to poverty as our discontent categorically refuses to be satiated.

Touch on a PC is absurd

One of the things that really really pisses me off are the stupid touch displays on desktops and laptops.

Why the fuck does my desktop computer have a touch screen panel?  It’s one thing for a smartphone to have a touch display and it’s another for your tablet to be touch-ready – but why does my Desktop and Laptop PC have touch screen displays standard?

This is tantamount to buying a minivan with a tachometer.  What soccer mom out there is actually checking the RPM’s of her Dodge Caravan while she hauls little Jennifer to the game? Tachometers are stupid in family cars for the same reason that touch screens are stupid on PCs.

First of all, no sane person is going to use the touch screen display on a desktop to tap out an email, compose a novel or browse the web.  Even if your keyboard failed you would simply buy a new keyboard.

Secondly, touch screen displays condone bad posture.  The human wrist wasn’t meant to twist and writhe in the absurd positions necessary for touching a monitor while sitting.

Third, touch screen displays are like bacon lard, it adds “financial fat” that you don’t need.  Why spend the premium for a touch computer?  You work hard for your money and you’re a scrupulous spender so don’t accede to the hype.

Conversely, proponents of touch might say that everything is moving toward touch so you might as well get used to it now.  Others might add that it works well with the Windows 8.1 Start Screen and looks really neat when your friends come by and see how hip you are.

My rejoinder is simply that touch certainly has its place but it doesn’t belong on a PC.  Touch screen displays are better suited for tablets and smartphones because the smaller size makes it easier to use.

How to disable the touch screen

Today I finally mustered up the strength to disable the touch screen on a friends Desktop computer; however, I quickly lamented the hour I volunteered to help.

The process actually wasn’t straightforward and depending on the PC manufacturer and the software installed on your computer, there are a motley of possibilities for pulling this off.

When it comes to PC’s, I’m no neophyte – so I reasoned I’d disable this touch screen display in a few seconds.

I nonchalantly clicked open the Control Panel and opened Pen and Touch but then stalled.


I couldn’t find anything even remotely resembling a disable button or checkbox.  I clicked the Touch actions items, the Settings button and toggled options but the touch screen adamantly refused to die.

Windows 8.1 Control Panel Pen and Touch


Now I’m exasperated.

I thought to myself:

What the..? I am not googling this. I am not googling this.  This is stupid I can figure this out.

Then it caught my eye…

With lightning precision I noticed something called Tablet PC Settings.

Windows 8.1 Tablet PC settings

Eureka! I’m about to disable that odious option…

My eyes narrowed and the corner of my lip curled as I clicked through tabs and drop down boxes like a madman.

My odyssey to find that stupid setting comes to an end NOW

But alas! My joy was quickly curtailed when I realized this was about as useful as a car exhaust grill.

If you haven’t seen a car exhaust grill, google it, it’s hilarious.

Anyway, speaking of Google I finally capitulated, swallowed my pride and googled the solution.

This is how I fixed it:

As an Administrator, open the Device Manager by pressing the Windows icon key + x + m.

Expand the Human Interface Devices section.

If your face turns to a ghostly pallor because of all those HID thingies don’t worry – it’s just a list of all the drivers requisite for running various peripherals such as USB devices.

Skip over the consumer control devices and focus on all those HID-compliant device icons.

We’re going to systematically right-click each HID icon, disable it and touch the screen to see if it’s disabled.

If it’s not disabled, right click the HID icon again, enable it and move down the list to repeat the previous step.

Human Interface Devices in Device Manager

Keep doing this for all your HID’s until you find the right one.  It’s usually either the second or third HID-compliant device; however, it varies depending on the system.

I was elated when I found mine but I was also indignant because I wish the process was more intuitive.

I hope this little article saved someone the vexation I experienced.

The Bottom Line

The bottom line is that a touchscreen on a PC is absurd.

Whenever I hear benighted touch screen advocates breaking into panegyric for how cool their touch desktops are I think to myself: you’re not cool, you’re a fool for wasting money on something that has no functional value.

And so I’ll end this article in the same way I started it…

  • Instead of a 41MP smartphone give me a battery that stays charged for days
  • Instead of 3 dozen apps give me 5 that can replace the rest
  • Instead of recording ultra-high definition videos on my phone give me a phone that doesn’t freeze when I try to call someone
  • Instead of an emaciated, ultra-thin phablet give me one that feels good in my hand and is durable enough to obviate the need for a case.

Oh and of course I can’t leave this one out:

  • Instead of a touch screen PC just give me one that’s fast and reliable.

Is that too much to ask?

Tagged with:
Posted in Desktops, Hardware, Laptops, Windows 7, Windows 8, Windows 8.1

All about the Heartbleed bug and how to protect yourself

Heartbleed Logo

There are three people you should thank right now:

  1. Neel Mehta of the Google Security Team
  2. Adam Langley from the Google Chromium Team
  3. Bodo Moeller of the Association for Computing Machinery

Both Adam and Bodo work for Codenomicon and coined the name Heartbleed to describe their discovery of the cataclysmic bug that is currently affecting millions of web applications around the world.

The bug is technically known as CVE-2014-0160 and according the internet services firm Netcraft, over 66% of all the webservers in the world are affected by the Heartbleed bug.  That’s approximately half a million widely used websites that are now vulnerable.

And guess what?

Yahoo was one of them.

Yesterday, Yahoo told CNET:

As soon as we became aware of the issue, we began working to fix it. Our team has successfully made the appropriate corrections across the main Yahoo properties (Yahoo Homepage, Yahoo Search, Yahoo Mail, Yahoo Finance, Yahoo Sports, Yahoo Food, Yahoo Tech, Flickr, and Tumblr) and we are working to implement the fix across the rest of our sites right now. We’re focused on providing the most secure experience possible for our users worldwide and are continuously working to protect our users’ data.

Shortly after 3PM EST Yahoo plugged the hole; however, the point is that not even big sites with big budgets are hermetically sealed from the implications.

I mean, yesterday, Joost Bijl of Fox-it security, posted the censored results of the actual exploit of Yahoo’s servers:

Heartbleed example from Foxit

In the right column of the screenshot, you can actually see the login names and scrubbed passwords of real Yahoo users.

This is no joke.

But Yahoo isn’t the only one affected.

You can peruse a list of the top 10,000 sites in the world vulnerable to Heartbleed.  You might be find surprised at who shows up in the list.

Imgur, OKCupid, and LastPass were all running affected versions of the OpenSSL cryptographic libraries but thankfully all three companies have mitigated the threat.

What’s the big deal?

The Heartbleed bug enables an attacker to covertly retrieve data in 64KB chunks from random memory locations on the server.

Admittedly, the culprit has no idea what he’ll get from that 64KB memory block (it’s like blind fishing); however, when the attack is iterative it becomes extremely dangerous because all sorts of sensitive stuff sits in memory…

  • Private Keys
  • Passwords
  • Credit Card Numbers
  • Session Data

For nearly two thirds of the webservers out there, the integrity and confidentiality of data is at risk.

An attacker could discretely eavesdrop on “encrypted” conversations or even masquerade as the server fooling unsuspecting users into divulging sensitive data.

When the servers private keys are compromised encryption because futile.  In Public Key cryptography, only the private key can decrypt an encrypted message; but when the private key is exposed – encryption is rendered useless.

But it’s actually worse than that.

Matt Sullivan made a cogent demonstration on how easy it is to completely hijack a users web session with the vulnerability.  Session hijacking means the attacker basically has a magic cookie giving him unfettered reign on authenticated web sessions.

In short, the HeartBleed bug gives an attacker carte blanche access to anything sitting in the servers memory.

Clearly the ramifications of exploitation are abysmal.

The root issue

The root of the problem is what coders refer to as a buffer overrun or “missing bounds check”.

Let me explain:

OpenSSL is an open-sourced library that provides cryptographic functions to millions of web applications.

In OpenSSL versions 1.0.1 through 1.0.f, there was a new addition called the TLS Heartbeat Extension.  You can read the pedantic RFC on the IEFT’s website; but I’ll spare you the boredom.

Just think of it like this:

Just as your physical heartbeat keeps you alive with each beat, so the TLS heartbeat tells the client and server that the encrypted session is still active.  This is especially important when no data is being exchanged because both computers need a way to make sure the other one is “still there”.

When the server received a HeartBeatRequest message it has to send a corresponding response carrying an exact copy of the payload it received in that request.

But here’s the vulnerability:

If the attacker sets the length of the payload to a value greater than the actual payload size any data sitting in memory after the payload will automatically get copied in the HeartBeatResponse packet.

So in vulnerable versions of the OpenSSL stack, an attacker can craft a benign heartbeat request of a relatively small size but then surreptitiously set the length of the payload in the data packet to something like 0xFFFFF.

So what?

Well 0xFFFFF is hexadecimal for 65,535 bytes.

When the server receives this jumbo heartbeat packet is indiscriminately copies the heartbeat request to memory but also any other bits of memory sitting next to it get dumped in the response.

In other words, any sensitive information sitting in the difference between the payload length value and the actual payload itself is returned to the attacker as a 64KB memory chunk in the next heartbeat.

That’s why this is called the HeartBleeder attack because the bug makes the server bleed it’s sensitive guts to malicious hackers.


Jamie Blasco, Director at research firm AlienVault Labs says that this bug has “epic repercussions”.

It’s epic because changing your passwords – although a necessary next step isn’t sufficient.

Affected providers such as Yahoo, OkCupid and millions of others, need to not only patch the security flaw but also replace the compromised keys and certs.  This entails revoking those adulterated certificates and reissuing new ones.

The enormity of this breach cannot be overstated.  And the nature of this threat is such that it leaves no evidence of exploitation.  In other words, when an attacker executes the attack there’s no indication in the logs that the server was even victimized.

Certificate owners and service providers need to check with their Certificate Authorities (CA) to see how to revoke and reissue their keys.

What should I do?

Three things:

  • Change your passwords
  • Delay logging into sites that have your personal information for a few days
  • Test the site for vulnerabilities

Change passwords

This is obvious and onerous but it’s imperative.

Facebook, Tumblr, Yahoo, Google – everything needs to get a password refresh.

But don’t just change it… you also need to make sure your passwords are both strong and unique.  And don’t share the same password across multiple sites.

That’s why I use LastPass for this kind of thing because it’s a secure means of storing and protecting your passwords… and it’s free.

Abstain from the web

In addition, I suggest abstaining from any sites that hold personal information.  We need to wait a few days for the major sites to revoke and reissue their vitiated certificates before we login again.

There’s no point in changing your password and then logging into a comprised server only to have it stolen again.

Test sites yourself

Finally, you can test websites for the Heartbleed bug by entering the URL into Filippo Valsorda’s Heartbleed tester.

The Bottom Line

The Heartbleed bug has actually been effectual for over two years, specifically according to Codenomicon, since December 2011.


Given the ubiquity of OpenSSL, with that kind of exposure for such a long time at least one of your accounts has a high likelihood of being compromised.

The Heartbleed bug is a sweeping problem that was either a programming mistake or a volitional act of malice.

I want to believe the former; however, I have no evidence to support my belief.  Apparently, I’m not the only one who shares this sentiment.

On his blog, the preeminent security expert Bruce Schneier muses that we’re all asking the wrong question.  He ruminates:

The real question is whether or not someone deliberately [emphasis mine] inserted this bug into OpenSSL, and has had two years of unfettered access to everything. My guess is accident, but I have no proof

This obviously veers in the realm of speculation but it’s an intriguing thought…

We know the German software developer who worked on the code containing the Heartbleed bug claims he “unfortunately missed” the bug two years ago.  But it’s odd because the developer, Robin Seggelmann, is also one of three authors who worked on that RFC 6520 specification.

There’s a lot of speculation on Hackernews about this but nothing substantive so you should but your judgment in abeyance.

But I wonder….

Who knows.

Maybe we should just scrap all our computers and go back to the stone ages when Tablets were actually tablets of stone.  That would obviate all our security problems right?

Well, we’d have to worry about people stealing our tablets then but… I digress.

Seriously – I really wish there was a happy ending to this debacle; however, the truth is it’s going to take months to clean up the collateral damage.

The Heartbleed bug is a sober reminder that we live in an interconnected world where one mistake can have devastating effects for millions of people.

Refresh your passwords, take a break from the internet if you can and see if the website you’re trying to access is vulnerable before logging in.

Oh, and please share your thoughts in the comments!

Tagged with: ,
Posted in News

Windows 8.1 Update is here

Discerning Windows 8.1 users may notice a new update in the Update and Recovery center today.

Microsoft conventionally releases updates on Tuesdays.

IT administrators and computer gurus colloquially refer to this monumental day as “Super Tuesday” or “Patch Tuesday”.

Today is reason to exultant because a valuable update was just unleashed.

Keyboard and Mouse users rejoice!

Keyboard and mouse aficionados once disparaged Microsoft for supplanting their needs for pompous touch-users who flouted keyboards and thought mice were obsolete.

Dogmatic users asserted that touch screens would eventually replace keyboards therefore everyone might as well accede to this nascent touch movement.   But millions of customers dissented (including me) because we think there are still people with an inseparable affinity for keyboards and mice.

These peripherals aren’t antiquated.

I’m glad to see Microsoft nod in agreement.

Windows Update 1, now simply known as Windows 8.1 Update, is teeming with improvements - Microsoft wisely delineated the user interface changes on its blog today.

If you’re not as elated as I am about the interface changes you still need to install the Update chiefly because Microsoft has made this update the prerequisite for receiving future updates.  In other words, you won’t be able to download new features and security patches unless you have this Update.

In a statement on the Microsoft blog, Michael Hildebrand said:

Failure to install this Update will prevent Windows Update from patching your system with any future updates starting with Updates released in May 2014 (get busy!)

The Windows 8.1 Update will become the touchstone on which all future updates will lean on so it’s pretty important.

What you get

Here’s what your computer is getting:

  • Boot to desktop by default
  • Power and Search buttons on Start Screen
  • Context menus via right click on Start Screen Tiles
  • New App installed notifications on bottom of Start Screen
  • Pin Apps to Taskbar
  • Modern Apps get Minimize and Close buttons
  • Skydrive becomes OneDrive
  • Internet Explorer gets Enterprise Mode for backwards compatibility with older version of IE
  • View app sizes in a new Disk Space setting in PC and devices.  You can easily see which apps are consuming the most space.
  • Show estimated data and Forget this network returns when you right click on your WiFi network.

If you install the update on your tablet it’ll magically divine that there’s no need to boot to the desktop so it boots to the Start Screen instead.


One more thing:  the update purportedly included a new Start Menu; however, this was a false rumor proliferated on the interwebs because of statement taken out of context at the 2014 Build Conference.

An image of the Start Menu was shown during a presentation to denote a feature in a future  update; unfortunately we’ll have to wait indefinitely for that one.

Impetuous users who can’t wait for Microsoft to revive the Start Menu should check out Start Menu Reviver and Classic Shell.  Both of these are the best Start Menu replacements I’ve seen for Windows 8 and both are free and customizable.

How to install the update

Alright enough talk: here’s how you can get the update.

The update (singular) actually comprises several updates.  In other words, this is a big boy.

The first update you need is KB2919442.  You can download it manually but the easiest thing to do is just run Windows Update.

Press the Windows Key + w and enter this this:

windows update settings

Click the gray Check Now button in the right pane and wait for Windows to work its alchemy…

Update and Recovery Check Now Windows 8.1

You can hunt and peck for the updates you need but I recommend just checking Select all important updates and choosing Install to get started.

Windows 8.1 View Details Select All Important Updates

My Final Thoughts

I’ve been using Update 1 since February 4th and can attest to its usability enhancements.

It’s becoming my conviction that Microsoft is really starting to get things right.  I feel like the software giant is listening to its customers and really taking our feedback to heart.

On the one hand it’s frustrating when Microsoft removes features you’ve become conversant with but on the other hand it’s a challenge to make sure the world is happy with Windows.

In a candid interview with CNET, Chaitanya Sareen, Principal Program Manager Lead for Windows, told editor Tim Stevens:

The product is living. There are some times when you have to take a bet, and there are times when you have to adjust what you’re doing.

He went on to compare working with Windows like “ordering pizza for 1.5 billion people.”

I’m not going to empathize with Microsoft here but given the prodigious amount of users who depend on the product and who incessantly want a voice in development, I can see how making software for everyone can become a herculean chore.

Ultimately I’m happy with this update and I hope Microsoft continues to listen to its customers.

Let’s see if they deliver on that Start Menu thing…

Tagged with:
Posted in News, Windows, Windows 8.1

3 tips to stop your Galaxy S4 from randomly rebooting

What’s worse than a skittish smartphone with a slow browser?  A skittish smartphone that keeps randomly rebooting.

When your Galaxy S4 get’s stuck in the twilight zone it’ll do some silly stuff.  That’s why I wanted to give you 3 tips to stop your Galaxy S4 from randomly rebooting.

Here’s what you should do:

1 Battery Break-dancing

Remove the battery and spin it like a dradle on a flat hard surface.

Samsung Galaxy S4 Battery

That’s right; we’re making your battery break-dance like a 80′s hip-hop dancer.

If it spins then there’s probably a bulge or the battery is swollen. Samsung is cognizant of this issue so just call up your nearest Samsung service center and explain the problem.

Samsung should replace your battery gratis.

But let’s say you don’t have a bumpy battery and your phone chronically restarts itself.  

What’s the deal?

2 Update your software

Sometimes updating your apps and system fixes the problem.

There are two places we need to update:

  • Google Play
  • System Updates

Updating app with Google Play

Tap open the Play Store then when the Google Play app opens, tap the little Play Store shopping bag icon in the upper left corner of the screen.

Your options drawer will slide in the from the left edge of the screen. Touch My Apps.

Samsung Galaxy S4 Play Store

You can pick specific apps to update; however, I’m lazy so I just tapped Update All.  

I actually suggest flipping through the full app list before mindlessly doing what I did because you may spot some apps you no longer want.  There’s no point wasting time updating those.

Samsung Galaxy S4 Google Play My Apps 

After updating our apps we need to update the system.

Updating the System

Swipe down from the top edge of the screen with your index finger to expose the Notification Center.

Now tap the cog in the upper right corner, choose the More tab with the three dots on far right of the screen then flick down and open About phone.

Samsung Galaxy S4 About Phone

Tap Software update and knock it out.

Your phone’s operating system is constantly evolving and developers are assiduously plugging vulnerabilities and bugs; thus it behooves you to check for updates periodically.

In addition to fixing your random reboots, updating the system has the fortuitous benefit of protecting you from the latest security threats in the wild.

Samsung Galaxy S4 Software Update

Usually updating your phone won’t nuke your settings; however, to be sure I would backup your contacts and photos anyway.

Samsung Galaxy S4 Software Update

You can use Smart Switch from Samsung to get started with that.

3 Use Safe Mode to Delete Apps

It’s possible a third-party app is responsible for your grief.

Try this: boot your Galaxy S4 into Safe Mode.

If the phone doesn’t exhibit the problem in Safe Mode then you know there’s at least one aberrant app debilitating your phone.

Start sifting through your apps and deleting useless apps.

One useful app I use that makes clean a breeze is Clean Master.

This super app cuts through cache, flushes your digital trash and purges programs from flash memory like a champ.

Samsung Galaxy S4 CleanMaster

Just tap open the App Manager in the bottom right corner of Clean Master then peruse the list for unwanted apps.  You’ll probably find stuff in here that you’ve never heard of and don’t need.

If it says Rarely Used and has a blue check mark with the word “Safe” next to it, you typically won’t break anything if you kill it.

Samsung Galaxy S4 CleanMaster App Manager

After you get rid of the dross, reboot and use your phone normally and you should be fine.

The Bottom Line

Nothing will cause you to deprecate your Galaxy S4 more than when it stops working and very few things are more infuriating than when it reboots interminably.

But there’s no need to get violent or despondent!

If you do these three things you’ll probably fix the issue:

  • Replace the battery
  • Update the OS and apps
  • Purge extraneous apps

If this helped you please share in the comments!

Tagged with:
Posted in Hardware, Samsung Galaxy S4, Smartphones, Smartphones

How to delete your Windows.old folder

If you perform a custom Windows installation and choose not to format the hard drive or you upgrade Windows to a newer version you’ll most likely see a folder on your C:\ drive named Windows.old.

Windows 8 or 8.1 users will also see the Windows.old folder after doing a Refresh.

Incidentally, a Refresh essentially installs Windows on-top of itself while perserving your personal files and settings.  You can get there from the Start Screen by typing

recovery options

Refresh your Windows 8.1 PC

Finding old files

That obscure Windows.old folder contains not only your old Windows installation files, which probably isn’t a big deal, but also your old Documents, Settings and Programs.

So if you can’t find an elusive photo or document after upgrading Windows then this is the first place to search.

Press Windows Key + r and type this in the Run box:


Windows 8.1 Run Box

Now you can dig into your folders and save off your old stuff.

Deleting Windows.old with Disk Cleanup

After you rescue your files we should delete the folder. Mainly because the Windows.old folder is unnecessary and often consumes an inordinate amount of space (sort of like the WinSxS folder).

For example check out the Properties on my Windows.old folder:

Windows 8.1 check out Windows.old properties

Why am I wasting 5 gigs?

Unfortunately, you can’t remove it by simply pressing the Delete key because your user account doesn’t have ownership of the folder.

Thankfully we can circumvent this by using our good old friend Disk Cleanup.  Just make sure you know the Administator password because non-admins can’t pull these tricks off.

Press Windows Key + r  and paste in the following command:


When the Disk Cleanup wizard appears select your drive and hit OK.

Windows 8.1 Disk Cleanup Drive Selection

Click the Clean up system files button in the bottom left corner of the description box.

Windows 8.1 Disk Cleanup Clean up System Files

Place a check in Previous Windows installations(s) and choose OK

Windows 8.1 Delete Previous Windows Installation

Removing Windows.old via the Command Prompt

Killing Windows.old from the command prompt is trickier but undeniably cooler.

Open the the command prompt as an Administrator by right-clicking it and choosing Run as Administrator.

We’ve got a trio of commands to run.

In the elevated prompt paste in the following line:

takeown /F C:\Windows.old\* /R /A

Take ownership of Windows.old

takeown allows you as an Administrator to take ownership of a folder owned by another user or process.

The weird /F C:\Windows.old\* thingy means you want to take ownership of all the files in that Windows.old folder.

/R makes the command recursive.  In other words, you’ll take ownership of the parent folder, Windows.old, and all the subfolders and files contained inside.

The /A thing gives ownership to all accounts in the Administrator group (not just the currently logged in admin user).

Okay now paste in this command:

cacls C:\Windows.old\*.* /T /grant administrators:F

Grant Administrators access to Windows.old so you can delete it

cacls let’s you modify the access control on specific files.

Here we’re telling Windows that we want to give the Administrators group carte-blanche access over everything inside the C:\Windows.old folder.

We’re basically hijacking the folder.

Now paste in this final command:

rmdir /S /Q C:\Windows.old\

RMDIR Windows.old

This powerful command essentially drops an Atom bomb on the folder.

rmdir /S removes all directories and subfolders and the /Q zaps everything without bothering you for confirmation.

After running these commands you’ll undoubtedly see a prodigious sum of text scroll up the screen at a lightening speed.

That’s fine – Windows outputs the result of each file modification so you’re just seeing the results of each modified file.

The Bottom Line

If you ignore the Windows.old folder, Microsoft automatically purges it after 28 days; however, if you’re pressed for space and need it immediately you can easily delete the folder by using the Clean up systems files button in Disk Cleanup or taking ownership of the folder and removing it via the command line.

That’s it!

Tagged with:
Posted in Windows, Windows 7, Windows 8, Windows 8.1

iPhones and Macs get fix for extremely critical “triple handshake” crypto bug

About an hour ago from Vonnie Hudson's Twitter via Tweet Button


fixedByVonnie Daily Digest
Get your daily fill of fixedByVonnie

Get the latest tips from fixedByVonnie sent right to your inbox.