Categories
Computing Hardware Science and Technology windows

Enabling Windows Core Isolation With Driver Incompatibilities

[tl;dr — if you’re reading this and just want the fix, click here. However, I’d recommend reading the short preamble — the reasons why Windows presents this error are interesting.]

The Backstory

You’ve seen it, if you’re reading this — the new option in your Windows Settings to enable “Core Isolation”:

A screenshot of the Windows Core Isolation/Memory Integrity option in Windows 10.

Basically, it separates the way windows processes run on your system so that they’re running in fully virtualized environments, utterly isolated from each other — neat, huh? This may be wrong, but I kind of think of it like a “containerization” for your normal windows processes.

Well, if you’re like me, when you tried to turn this on, your computer reported that it could not turn this on due to “driver incompatibilities”.

Example of the error windows shows you when you have incompatible drivers that are preventing Core Isolation from being enabled.

At this point… you may be stuck. Like I was, for weeks. This is a tough problem to get past. The error message that Windows presents at this point is not helpful, and the link to microsoft.com tells you little more than what the error message is already telling you… it’s frustrating.

You may be thinking to yourself, “Okay… so I’ve got drivers that are incompatible with this new feature. Um, turn them off? Don’t use them?”

I’m guessing Windows does not offer anymore help here because mucking around with drivers on Windows can lead to some major problems (for example, while trying to enable this feature, I rendered my entire Windows partition unbootable. Plus, booting into safe mode to try to fix it was impossible, because I have bitlocker turned on, and I lost my recovery key! Fun!).

So, at this point, Windows just leaves you high and dry. You may try to search the Internet for answers, but: be careful. There are several sites out there that offer “solutions” for this by offering a way you can download a registry key and force-enable this option (I won’t link to them here so their visibility in search engines won’t improve). Trust me; just don’t do this. Just don’t. This will possibly render your system unbootable, and depending on your situation, there is no way to revert it, short of a complete re-imaging/reinstallation. (I spent all day doing this one time because of this!)

Anyway — here’s what did work for me.

The Fix

  1. First things first — keep the Settings window showing the list of “incompatible” drivers open — you’ll need that in a moment.
  2. Second — download a copy of Microsoft’s SysInternals. If you’re not already using these for Windows system management, you just found one of your new favorite groups of utilities. Released by Microsoft, this is a suite of tools that are so essential, you’ll wonder why they’re not included in default Windows installations (I wonder about this every time I use them).
  1. In these tools, look for a tool called “Autoruns64.exe” — run it. (It goes without saying that everything here you need to do with Administrator privileges.)
  2. You’ll be presented with a list of processes, drivers, etc, that run on Windows boot. Click on the tab for “Drivers”.
  3. Now, for each item in the list of “incompatible drivers” that Windows presented you, type part of its name into the “Filter” field, and de-select its checkbox (if you don’t find it in your list in Autoruns64.exe — skip it and we’ll apply a different fix in a moment):
Image showing AutoRuns64.exe interface
  1. Now, open a Powershell window, in Administrator mode. For each driver that you de-selected in Autoruns64.exe, just do “Remove-Item <path to driver>”.
  2. Restart, and try to enable core isolation again!

Fix for Drivers that Don’t Show Up in Autoruns64.exe

Okay — you’ve done the steps up above, and for some strange reason, you have an incompatible driver that’s not showing up in Autoruns64.exe (its “Published Name” probably starts with “oem”, doesn’t it?). The exact reason for this is something that still eludes me, but basically, it’s a very naughty driver that’s going to need a special trick to remove it.

For this, we’ll be using a tool called “pnputil” in Windows, which is just another one those utilities that’s included with Windows that you’ve never encountered before today (if you have, my condolences!).

For this type of driver (with a published name that, like I said, probably looks like “oem30.inf”), do the following command in a Powershell window running in Administrator mode:

pnputil -f -d oem30.inf 

(for example; change "oem30.inf" to whatever is the "published name" of the driver you're having trouble with)

In Conclusion

That should be it, and Core Isolation should work now. If it doesn’t, then you’ve encountered a weird issue that isn’t covered here — but don’t fret too much! If you’re kind of person to try to troubleshoot this issue this far, your Windows installation is already very secure, even without this feature.

Keep trying, and then, when you figure out your solution, make sure and write about it so it can help others!

Categories
Blogging Computing Distraction Internet Life Politic Rants and Raves

Why “Social Media” Should be Renamed “Social Masturbation”

We have hundreds of friends on Facebook. We follow hundreds of people on Twitter. We interact with dozens a people a day, spread across an equal number of timezones or even countries.

We follow funny blogs, meme-generators, and news sites on both of these services, and they deliver dozens of posts that we like and re-share to all of our friends, so they can see that we like them.

We feel like we’re making such a difference in the world! It’s so amazing! A collective consciousness if forming, almost — who can stop it? Who can fight it?

Disadvantaged groups are in control of such power! They now have a voice in the world so that everyone can hear of their struggles, thanks to the Internet! Social behavior that would’ve been illegal 50 years ago, and just an enormous faux pas even 25 years ago is now completely normal and accepted… isn’t it?

I mean, that’s what all my friends think. And I’m sure yours largely do too, if you’re probably reading this.

The reality in the rest of America, however, as we just learned, is very different.


Stages of Grief

We’re still not even in the postmortem stage from the Trump election win in 2016, but we’re close. Right now, people don’t know who to blame, mostly because the final results were such a surprise. Nobody saw the coming — not even FiveThirtyEight, who haven’t predicted an election wrong before this one.

And why would they? Why would any of us?

How many Trump supporters are you close to, on a daily basis? How many do you talk to daily, as a friend? Not bickering with online, but in person — where you’re more than just text making them angry on a website, but a living, breathing person in front of them, that they can see, and hear.

If the answer is zero, honestly I don’t blame you. Trump supporters aren’t usually… let’s just say it’s hard to have a conversation with someone who’s starting position is “Ban the Muslims/Mexicans, Build The Wall, Lock Her Up!” There’s not much gray area — not much room for common ground.

Even I only had about half a dozen, and they were all online. Mostly family members who survived earlier Facebook purges and friends from high school who stayed behind in the small town area where I grew up, and never left.

After this past week, of course, I’m no longer friends with them. Not because of anything they did or said, of course — most of them were fairly well-behaved — but because I realized, after the election, that we’re not really friends.

I didn’t talk to them in person. I couldn’t affect their lives in any meaningful way. In any discussion, there was never any meeting of the minds — no give and take. Every conversation could stop immediately when the aggrieved party wanted it to, by just walking away. There was never any reconciliation attempted, because there was no need to.

Our interaction was limited to them sharing their funny conservative memes from ridiculous websites and fake news sources, while I would groan inwardly and put up with them, because I was being “open-minded.”

They were certainly never going to change my mind about Hillary Clinton by posting some link about a “child sex ring in Macedonia run by the Clintons” (all false, of course), and I was never going to change their mind about voting for ol’ Agent Orange himself by telling them about his six bankruptcies, piggish attitudes about women, or the ridiculousness of building a “90 foot wall on the border of Mexico.”

So, why keep up the charade of pretending like we’re friends?


Fair and Balanced

However, I didn’t stop there. How many like-minded people are you friends with on Facebook, that you also don’t see in person? A dozen? Ten dozen? A thousand? How many do you follow on Twitter?

Do you think these relationships are healthy? Do you think you’re making a difference in their lives? That by liking their posts, and replying to their comments on yours that you’re doing something nice for them?

Maybe — just maybe these interactions are robbing you of the desire to make actual relationships, with those people around you.

Now — before you get outraged — I’m not saying you can’t have a meaningful relationship with someone in a purely online fashion. I met my partner online, so I of all people am not saying that.

I’m just saying you can’t have a dozen simultaneously. Or ten dozen. You’re not Scarlet Johansson’s character from the movie Her. And you certainly can’t have 1,456 real “friends” on Facebook, no matter how much you like seeing the number.

These interactions you are having on Facebook, or Twitter, with people you rarely ever see in person, are having a negative influence on your life, and you may not even know it.

They momentarily quench the desire to have real connections, out there, in the real world. Friends you can visit in the hospital if they’re in a car accident. Friends with who you can move a couch. Friends you can go to a party with, or to the park.

And most importantly, friends who, if they don’t think exactly the same as you, may come around to your way of thinking when it’s voting time.


Beating Us at Our Own Game

Because you see, like it or not, this is something “the other side” has the non-Trump-voter beat in, wholly — real life social engagement.

They have churches, where they see the same people regularly, every week.

They go to tailgate parties. Constantly.

They go to real parties, out in the woods, where cell phone connections are spotty and where you’re forced to, you know, talk to people.

And when it comes to voting time, they’re the ones telling their real-life connections, in person, who to vote for.

Yes, they have huge social media presence online, mostly — the recent trouble with fake conservative news being spread like wildfire across Facebook being an example of that — but it’s not their only, or even their most major form of social engagement.

Human beings are social creatures — it’s coded into our DNA. You may think you can survive without a tribe, or a group, but you can’t — that’s just our pleasant, safe, modern world fooling you.

When we human beings were first coming down from the trees and learning to walk on just two legs, the tribes we formed required people to work together to achieve goals — you had to know like-minded people (or in this case, hominids), or you didn’t survive. Human beings weren’t the fastest, or the strongest; we didn’t have sharp fangs or claws or sticky webs to trap pray in; but what we had was cooperation.

And those that could work together with others had their genes propagated to the next generation.


Say “Hi”

So what can you do? If you’re not going to delete your Facebook account in protest of their out-of-control “sharing” feature (I’m still considering it), start by unfriending everybody you don’t see on a daily basis.

Make a few exceptions for those two or three people who, no matter what the geographic distance, you’re still soul mates with. It won’t hurt.

Make an exception for close family that aren’t racist.

But that’s it.

Stop spending time talking to people who you can’t make a meaningful difference in their lives. It’ll hurt at first; I know. But soon that desire will turn into actual action that may help those that are close by to you right now, especially if you live in an area that’s a bit more heterogeneous. (You know, like those “swing” states that Hillary all lost.)

And that is where the culture war will be won. Not by posting rebuttals or Snopes articles on Facebook and Twitter. But by showing people who look and think slightly differently than you how you’re not a caricature.

And maybe, must maybe, they won’t vote next time for a man who thinks that women’s bodies are up for grabs, if you have enough money, or that it’s okay to mock the disabled, or that all illegal immigrants are murderers and drug-dealers.


Caveat

Now, please don’t misunderstand me — I’m not talking about possibly changing the minds of any Trump voters — you should know that’s not possible by now. You’re talking about a kind of person who believes in fake news, without any facts, and when confronted with facts to the contrary, simply chooses not to believe in them. You can’t change that kind of person’s mind, so don’t try.

I’m talking about possibly convincing someone who doesn’t vote, or who is undecided, that they might want to try voting. Those are the changes you can make. And they can be made.

Categories
Computing Linux Science and Technology Ubuntu

rsync to AWS using .PEM key

Took me a little while to figure this out, but it’s a pretty standard implementation of the rsync command — you use the “-e” command and then specify an entire ssh command to use, like below:

function amazonrsync {
rsync -rave “ssh -i ~/.ssh/AWS_key.pem” $1 $2
}

That’s an entire shell function, by the way, that makes the whole thing easier to use.  Feel free to put it in your shell alias file.

Source: Rsync to AWS EC2 Using .PEM key – AnthonyChambers.co.uk Blog

Categories
Computing Hacking Internet Linux Programming Science and Technology Ubuntu

OpenVPN One-Command Server Install Script

I have been looking for a script like this for about a year now:

https://github.com/Nyr/openvpn-install

For some reason that I never understood, installing and setting up an OpenVPN has always been a pain in the ass.  I’ve had one I’ve been using for about a year, but it’s on Amazon’s AWS as was installed through an appliance install, and I really wanted to learn how it worked myself.

Every tutorial I saw either didn’t make sense, or the steps didn’t work.  I set about to try and create a one-script install myself, and then thought, “No — somebody has to have done this before.”

And lo and behold — that’s where I found the above github repo.  It’s amazing, and it works.  I’m going to donate to this person, because they saved me a good bit of work.

 

Categories
Computing Hardware Linux Ubuntu

GeekBench for Linux ARM?

Just got a Rasberry Pi and you’re wanting to benchmark it against other computers that you’ve benchmarked with GeekBench?

It’s not possible, for the most part — no release version of GeekBench for the ARM platform exists, but the creator of GeekBench did release a one-time build of GeekBench 2 a while back:

Source: GeekBench for Linux ARM? / Geekbench / Discussion Area – Primate Labs Support

Categories
Computing Linux Programming Science and Technology Ubuntu

Configuring a Server with Ubuntu Desktop

I’ve been getting an Ubuntu server running recently (FINALLY), and in order to make it run headless (without keyboard, mouse, or monitor), there’s a few things one needs to do:

1) Enable Auto-Logins (optional)

All depends upon how you set things up, but you may want to run everything easily through a default user account — just go to “System > Administration > Login Screen”, and set it up.  (These instructions are for the GUI of Ubuntu, of course — I’m not a CLI-queen, and would rather edit things quickly through an interface that I’m familiar with than search forums for hours trying to find the esoteric commands necessary to do this stuff manually, sorry.)

2) Enabling Networking With Automatic User Login

Now, you may have set up automatic logins, but noticed that you always have to enter in your account password manually anyway once your network tries to connect — took me a while to figure out this one, but just go to “System > Preferences > Network Connections”, and in the type of connection you’ll be using, make sure the option for “Available to all users” is selected at the bottom.  That’s it.  I feel dumb for not figuring this out long ago.


3) Enabling VNC to Run Headless

As per the instructions I found here, you have to

  1. Edit “/etc/gdm/Init/Default” to include the line “/usr/lib/vino/vino-server &” right before “exit 0”
  2. Edit “/etc/gdm/custom.conf” (or “/etc/gdm/gdm.conf” if older than Ubuntu 10.04) and add “KillInitClients=false” — this will prevent any existing VNC clients from being killed if you do login on the server physically
  3. Do a “sudo vino-preferences” and enable the necessary stuff

More to come, including the Minecraft configuration scripts!