Categories
Computing Hardware Science and Technology windows

Enabling Windows Core Isolation With Driver Incompatibilities

[tl;dr — if you’re reading this and just want the fix, click here. However, I’d recommend reading the short preamble — the reasons why Windows presents this error are interesting.]

The Backstory

You’ve seen it, if you’re reading this — the new option in your Windows Settings to enable “Core Isolation”:

A screenshot of the Windows Core Isolation/Memory Integrity option in Windows 10.

Basically, it separates the way windows processes run on your system so that they’re running in fully virtualized environments, utterly isolated from each other — neat, huh? This may be wrong, but I kind of think of it like a “containerization” for your normal windows processes.

Well, if you’re like me, when you tried to turn this on, your computer reported that it could not turn this on due to “driver incompatibilities”.

Example of the error windows shows you when you have incompatible drivers that are preventing Core Isolation from being enabled.

At this point… you may be stuck. Like I was, for weeks. This is a tough problem to get past. The error message that Windows presents at this point is not helpful, and the link to microsoft.com tells you little more than what the error message is already telling you… it’s frustrating.

You may be thinking to yourself, “Okay… so I’ve got drivers that are incompatible with this new feature. Um, turn them off? Don’t use them?”

I’m guessing Windows does not offer anymore help here because mucking around with drivers on Windows can lead to some major problems (for example, while trying to enable this feature, I rendered my entire Windows partition unbootable. Plus, booting into safe mode to try to fix it was impossible, because I have bitlocker turned on, and I lost my recovery key! Fun!).

So, at this point, Windows just leaves you high and dry. You may try to search the Internet for answers, but: be careful. There are several sites out there that offer “solutions” for this by offering a way you can download a registry key and force-enable this option (I won’t link to them here so their visibility in search engines won’t improve). Trust me; just don’t do this. Just don’t. This will possibly render your system unbootable, and depending on your situation, there is no way to revert it, short of a complete re-imaging/reinstallation. (I spent all day doing this one time because of this!)

Anyway — here’s what did work for me.

The Fix

  1. First things first — keep the Settings window showing the list of “incompatible” drivers open — you’ll need that in a moment.
  2. Second — download a copy of Microsoft’s SysInternals. If you’re not already using these for Windows system management, you just found one of your new favorite groups of utilities. Released by Microsoft, this is a suite of tools that are so essential, you’ll wonder why they’re not included in default Windows installations (I wonder about this every time I use them).
  1. In these tools, look for a tool called “Autoruns64.exe” — run it. (It goes without saying that everything here you need to do with Administrator privileges.)
  2. You’ll be presented with a list of processes, drivers, etc, that run on Windows boot. Click on the tab for “Drivers”.
  3. Now, for each item in the list of “incompatible drivers” that Windows presented you, type part of its name into the “Filter” field, and de-select its checkbox (if you don’t find it in your list in Autoruns64.exe — skip it and we’ll apply a different fix in a moment):
Image showing AutoRuns64.exe interface
  1. Now, open a Powershell window, in Administrator mode. For each driver that you de-selected in Autoruns64.exe, just do “Remove-Item <path to driver>”.
  2. Restart, and try to enable core isolation again!

Fix for Drivers that Don’t Show Up in Autoruns64.exe

Okay — you’ve done the steps up above, and for some strange reason, you have an incompatible driver that’s not showing up in Autoruns64.exe (its “Published Name” probably starts with “oem”, doesn’t it?). The exact reason for this is something that still eludes me, but basically, it’s a very naughty driver that’s going to need a special trick to remove it.

For this, we’ll be using a tool called “pnputil” in Windows, which is just another one those utilities that’s included with Windows that you’ve never encountered before today (if you have, my condolences!).

For this type of driver (with a published name that, like I said, probably looks like “oem30.inf”), do the following command in a Powershell window running in Administrator mode:

pnputil -f -d oem30.inf 

(for example; change "oem30.inf" to whatever is the "published name" of the driver you're having trouble with)

In Conclusion

That should be it, and Core Isolation should work now. If it doesn’t, then you’ve encountered a weird issue that isn’t covered here — but don’t fret too much! If you’re kind of person to try to troubleshoot this issue this far, your Windows installation is already very secure, even without this feature.

Keep trying, and then, when you figure out your solution, make sure and write about it so it can help others!

Categories
Life Rants and Raves Science and Technology

American Business During the Early 2020s

American businesses two years ago: “We just don’t think remote work is feasible. Just wouldn’t work. Reasons.”

American businesses one year ago: “Wow, look at how quickly we converted into full remote-work! Aren’t we amazing??”

American businesses one month ago: “Okay, everyone come back into the office. If we can’t see butts in seats, how can we be sure you’re even working?”

American businesses, this week: “…okay you can work at home a little longer”

(Context: May 12 2021 was the week of pipeline attacks and gas shortages in the US. One year before this? Lockdowns and COVID.)

Categories
Android Hacking Hardware Linux Science and Technology

How My Love Affair with Google Ended When I Decided to Stop Being their Unpaid Beta Tester

(This blog post was originally started back in 2016 when I decided to give up on Android for good. I never got around to posting it, even though it’s basically finished, and I still agree with it today! You can pretty much just replace any mention of “Nexus phones” in your head with “Pixel phones” and the argument still works.

With Google seemingly losing interest with Pixel phones in mid-2020, the post is just as relevant today as it was nearly five years ago.)

Logo for Android Version 4.4

The Passion of the Android

Spend a little while on any site that focuses on anything Android, whether it’s phones or apps, and you’ll quickly realize that the Nexus phones produced by Google are held in esteem above all others.

Their specs are lauded.  Their problems glossed over.  Their ability to “always have the latest OS version” (an ability iPhone owners take for granted) unlike phones you get directly from cell phone companies (think AT&T and Verizon), is held in the highest regard, especially.

To the visitors and commenters on these sites, the ability of a Nexus phone bought from Google, to have the newest version of Android before all other phones in the massive Android universe is more important than anything else, be it a sacrifice of 1) speed (because of the higher memory usage of newer software versions), 2) reliability (because of the presence of hidden bugs inherent in all new software), or 3) compatibility (because of app makers not always being able to get new versions of apps release in time to support new versions of Android, if something has broken the app).

All sorts of reasons are brought up for why this is best.  “The phone companies don’t want to upgrade the Android versions on their phones in a timely fashion because they’re lazy and don’t care.”  “The phone makers (also called OEM’s) don’t want to upgrade the Android versions on their phones in a timely fashion because they want you to buy a new phone.

Since version 2.3 of Android, the version of Android running on your phone has been far less important because of Google Play Services

While there are very important reasons that upgraded software on your phone is important (like security fixes, patches, etc), the insane concern for the version number on your phone always being the latest defies all understanding.  Since back in the Android 2.3 days, the Android team at Google even moved most of the important parts of Android (the fun parts that get updated) into a standalone app called “Google Play Services” a few years ago to combat the problem of OEM’s and cell phone companies not updating the Android versions of their phones.

If you have an Android phone, you can go into the full list of apps installed in your settings and see “Google Play Services” there — you can’t stop it from updating, and no one, including the cell phone companies and OEM’s, can stop it either.  This way, even older phones running older versions of Android can still have compatibility and quite a bit of neat new features that newer versions of Android get (like the Android Device Manager, Android’s answer to the iPhone’s “Find My Phone” feature).  The changes to this hidden service layer are subtle, well tested, and ensured to not cause any problems in the massive universe of different Android phone types.

Getting a fully new version of Android is less important in this way, but still offers some benefits here and there (like encryption being a default setting in Android 6.0).  Still, cell phone companies and OEM’s only release full new versions of Android for their phones after months, sometimes a year or more, of testing.  Why is this important?

Yo, do you even test, dude

When you’re a company like HTC (my favorite Android phone maker), or a cell phone company like Sprint, you live and die by your core product. If you work at HTC and your phones suck when it comes to reliability or user experience (or UX), you’re toast.  If you work at Sprint and your service is slow and the phones people buy from your stores don’t work (even though you don’t make them), people stop buying your phones and recommending your service to their friends.

The iPhone/iOS team at Apple does this behind the scenes for months with their products, both phones and operating systems.  Car companies do it for their car software.  Your microwave uses software that was tested for years to make sure the buttons always worked when you pressed them, and to ensure that it didn’t set your food on fire.

Why I bring this up is because I’m reasonably certain, after years of using Nexus phones, that the Nexus team at Google either doesn’t do this type of UX testing, or does it very, very little.

And why would they?

Google doesn’t make money selling phones.  It’s a B2B (business-to-business) company that makes 90% of its profits selling ad space to commercial entities (I went through the work of looking through its investor documents, found here (page 32): https://abc.xyz/investor/pdf/20160331_alphabet_10Q.pdf)  Everything else Google does is minor, and whatever minuscule amount of profit it makes from selling Nexus phones is an even smaller part of that.

Google doesn’t make money selling phones.  It’s a B2B (business-to-business) company that makes 90% of its profits selling ad space to commercial entities

…and there’s nothing wrong with that.  The employees of Google are very good at what they do.  They should focus on their core business, and put the bulk of their resources into effectively selling ads.



		
Categories
Programming Server Ubuntu

Getting PHP 7.2 to work with NGINX (UBUNTU)

This took a while. I’m much, much more familiar with running apache. I really like how fast and light nginx is, though, and was going to start using it, no matter what.

In the end, it was a combination of all of these things:

  • When I upgrade to nginx 1.17, there is a new “include” line in the nginx.conf file, and suddenly nginx was looking for site config files in this directory (/etc/nginx/conf.d/) instead of the usual one (/etc/nginx/sites-enabled). Had to change that first thing.
  • The nginx process was trying to run under the “nginx” user, instead of “www-data”. Basically, the “user” config in both your php conf files and your nginx conf files must match, or the php-fpm process ignores the requests from nginx.
  • Most tutorials I’ve found on the internet want you to insert specific php-related config into your nginx site config that points php to a certain port, like this:
    • "fastcgi_pass 127.0.0.1:9000;:".
  • However, my php-fpm was configured to run under a unix socket only (you find this via the “listen” param in your php config). So, I had to add the following line to my nginx site config instead in the php section:
    • "fastcgi_pass unix:/var/run/php/php7.2-fpm.sock;"
  • I had to include the following line in my php-specific config in my site conf file for nginx. Even the nginx example conf file is not explicit about this:
    • include snippets/fastcgi-php.conf;
Categories
Programming Science and Technology

Converting ghost cms output to csv for wordpress import

If you’re just coming here for the solution, and don’t want to read the backstory about how I came up with the solution, I understand. :)

Click here to skip to the solution.

The Problem

Recently I helped convert someone’s main blog from Ghost, back to WordPress.

While WordPress makes it easy to export in any format (so that you can easily import your entries into another blog engine), Ghost… does not.

While Ghost certainly does have an “export” tool, it exports in JSON format. JSON format is definitely preferable to XML, but no matter what, I could not find a way to import these entries into WordPress.

I searched through the plugin library–nothing was devoted to allowing an import through Ghost.

I furiously Googled–weirdly enough, any entries I could find about converting Ghost’s output to something that WordPress could import were all years old (and thus none of the solutions presented worked anymore, because I imagine Ghost’s export format had slightly changed.)

So, I decided to make my own.

The Solution

The solution is on Gitlab — just download the Powershell script (the .ps1 file) and run it on the command-line, passing one parameter of “jsonFile”, which is the path to the Ghost export.

Then, you’ll need a plugin to import the new CSV file to WordPress — I used the “WP All-Import” plugin. It seemed to be well maintained, and unlike many other plugins, it didn’t require you to pay for it.

That’s it! I built it in Powershell, because A) I can make quick scripts very quickly in Powershell, and I was frustrated by this point, B) Powershell has very good native CSV and file format conversion abilities, and C) Powershell can now run on any platform (Linux and MacOS included).

If you’re running this script on Windows, you already have Powershell installed, but if you’re running it on any other system, the link to install Powershell will also be below.

Future Enhancements

I only had posts with single tags to test against, so my script is only designed to get one tag for each post for the new CSV-formatted entries.

Ghost’s JSON format for tags was… bad. I don’t know why it was the way that it was. With every other type of metadata you’d need associated with a post, their JSON has that data in the “post” object, but with tags, they’re in a completely different other place, and only associated to posts through a series of IDs. It’s weird.

Either way, if you come up with a solution to that, feel free to fork the project! (Or just suggest a pull request.)

Also, I’d like to eventually re-code this into Python, just because more computers probably use it by now!

Sources

Categories
Computing Linux Science and Technology Ubuntu

rsync to AWS using .PEM key

Took me a little while to figure this out, but it’s a pretty standard implementation of the rsync command — you use the “-e” command and then specify an entire ssh command to use, like below:

function amazonrsync {
rsync -rave “ssh -i ~/.ssh/AWS_key.pem” $1 $2
}

That’s an entire shell function, by the way, that makes the whole thing easier to use.  Feel free to put it in your shell alias file.

Source: Rsync to AWS EC2 Using .PEM key – AnthonyChambers.co.uk Blog

Categories
Computing Hacking Internet Linux Programming Science and Technology Ubuntu

OpenVPN One-Command Server Install Script

I have been looking for a script like this for about a year now:

https://github.com/Nyr/openvpn-install

For some reason that I never understood, installing and setting up an OpenVPN has always been a pain in the ass.  I’ve had one I’ve been using for about a year, but it’s on Amazon’s AWS as was installed through an appliance install, and I really wanted to learn how it worked myself.

Every tutorial I saw either didn’t make sense, or the steps didn’t work.  I set about to try and create a one-script install myself, and then thought, “No — somebody has to have done this before.”

And lo and behold — that’s where I found the above github repo.  It’s amazing, and it works.  I’m going to donate to this person, because they saved me a good bit of work.

 

Categories
Internet Linux Programming Science and Technology Ubuntu

mysql_connect() breaking with an upgrade to PHP7?

mysql_connect() has been finally removed from PHP7 (it was deprecated for some time), and now you have to use mysqli_connect();   The same goes for any other mysql_ commmand.  (I simply did a find/replace for “mysql_” and changed it to “mysqli_” in my php code.

Also, if you’re running your own server, you probably need to install the “php-mysql” after upgrading to PHP7 — it doesn’t seem to be installed along by default anymore.

Categories
Android Enterprise Computing Hardware Science and Technology

Unified Internal Storage for Android 6.0+

Thinking about using Unified Internal Storage on Android 6.0+ to expand your phone’s measly internal storage?  Don’t even think about using it with anything other than a UHS-II SD card — even if your phone will let you use a slower card, don’t do it — your performance will be terrible.

It seems like it has to be UHS-II, for some reason (maybe it’s random r/w speeds?). I tried with even a very, very fast UHS-I, that benchmarked nearly the same, but Android wasn’t satisfied with it, giving the “This SD card is slow” warning.

The best priced one I could find out there (that you’d want to use) was a 32GB one:

https://www.bhphotovideo.com/c/product/1211505-REG

Categories
Automotive Gaming Reviews Science and Technology

Review: Gran Turismo 5

(Editor’s Note: I originally started this draft about a year after Gran Turismo 5 came out.  Most of it still applies; some of the gripes were corrected in Gran Turismo’s most excellent next release, Gran Turismo 6.)

What can I say about Gran Turismo 5, a game that was in development for five years; a game that charged $39.99 for its demo download three years ago?

Seriously.

GT5 EU Box ArtIs it cool?  Yes, it’s cool.  But then again, I grew up playing Gran Turismo — I probably racked up 100’s and 100’s of hours on Gran Turismo and Gran Turismo II alone (Gran Turismo III and IV, I never played much, and I regret that — III was apparently one of the best games ever released on the PS2 during the 2000’s).  GT5 could be nothing more than a port of Gran Turismo IV for the PS3, and I’d still love it.  I’m probably not the best person to judge whether or not GT5 is cool.

Does it look good?  Yes, it looks great.

Does it have lots of badass cars?  Check.

By this point, with all the hype that’s been built-up about this game over the years; all the stories of just how maniacal the creator, Kazunori Yamauchi, was in making sure that GT5 was going to absolutely perfect; all the stories of how imaging each car for GT5 was taking 10 times as long as it took to image a car for GT4 (which itself took 10 times as long to image for as it did GT2)…

With all this hype, how could GT5 possibly make anyone happy?

The Bad

The loading times are horrendous. (Try about a minute of waiting, every time you start a race.)

The selection of cars is limited, and the “full resolution” cars, new for GT5, is maybe 10-15% of the total cars.  The rest are all ports of the GT4 cars, and the much poorer graphic quality of the cars can show.

The Good

All right, but it’s not all bad.  Most of the graphics look amazing on the PS3.  And finally, finally, FINALLY, there’s a multiplayer network option!

Yes, the dreams you had when you were younger of playing Gran Turismo verses races from all around the world is true, and it’s great.

Not only that, but you can play with your close friends and family on the Playstation Network, and can gift cars to them (great for giving your fiends a leg-up when they first start playing).

Final Word

Is it worth it?

If you want to play Gran Turismo on the PS3, it’s the only way to do it (unless you’re going to pop in an old copy of Gran Turismo 1 from the PS days).

Was it worth the wait, though?

No — no game should take five years to come out, past the point of the first demo.  No game should ever charge for a demo (and nearly a full price charge, too).

Ugh.  Just ugh.