Category Archives: rants

The threat from insecure “security” cameras and how it goes unnoticed by most users

Ars Technica published a piece today about insecure network cameras which reminded me of my intention to post about my own experience.

I wanted to experiment with IP cameras and Synology’s Surveillance Station so I bought a cheap one from Amazon to see if I could get it to work. The brand is Knewmart.


Most people buying this do not use it with a Synology. The idea is that you connect it to your home network (most will use wifi), install an app on your smartphone, and enjoy the ability to check on how well your child is sleeping, for example, without the trouble of going up to her room. It also works when you are out and about. Users are happy:

So far, so good for this cheap solution for a baby monitor. It was easy to set up, works with various apps (we generally use onvif for android) and means that both my wife and I can monitor our babies while they’re sleeping on our phones. Power lead could be longer but so far very impressed with everything. The quality of both the nightvision and the normal mode is excellent and clear. The audio isn’t great, especially from user to camera, but that’s not what we bought it for so can’t complain. I spent quite a long time looking for an IP cam as a baby monitor, and am glad we chose this route. I’d highly recommend.

My needs are a bit different especially as it did not work out of the box with Surveillance Station and I had to poke around a bit. FIrst I discovered that the Chinese-made camera was apparently identical to a model from a slightly better known manufacturer called Wanscam, which enabled me to find a bit more documentation, but not much. I also played around with a handy utility called Onvif Device Manager (ONVIF being an XML standard for communicating with IP cameras), and used the device’s browser-based management utility.

This gave me access to various settings and the good news is that I did get the camera working to some extent with Surveillance Station. However I also discovered a number of security issues, starting of course with the use of default passwords (I forget what the admin password was but it was something like ‘password’).

The vendor wants to make it easy for users to view the camera’s video over the internet, for which it uses port forwarding. If you have UPnP enabled on your router, it will set this up automatically. This is on by default. In addition, something strange. There is a setting for UPnP but you will not find it in the browser-based management, not even under Network Settings:


Yet, if you happen to navigate to [camera ip no]/web/upnp.html there it is:


Why is this setting hidden, even from those users dedicated enough to use the browser settings, which are not even mentioned in the skimpy leaflet that comes with the camera? I don’t like UPnP and I do not recommend port forwarding to a device like this which will never be patched and whose firmware has a thrown-together look. But it may be because even disabling UPnP port forwarding will not secure the device. Following a tip from another user (of a similar camera), I checked the activity of the device in my router logs. It makes regular outbound connections to a variety of servers, with the one I checked being in Beijing. See here for a piece on this, with regard to Foscam cameras (also similar to mine).

I am not suggesting that there is anything sinister in this, and it is probably all about registering the device on a server in order to make the app work through a peer-to-peer network over the internet. But it is impolite to make these connections without informing the user and with no way that I have found to disable them.

Worse still, this peer-to-peer network is not secure. I found this analysis which goes into detail and note this remark:

an attacker can reach a camera only by knowing a serial number. The UDP tunnel between the attacker and the camera is established even if the attacker doesn’t know the credentials. It’s useful to note the tunnel bypasses NAT and firewall, allowing the attacker to reach internal cameras (if they are connected to the Internet) and to bruteforce credentials. Then, the attacker can just try to bruteforce credentials of the camera

I am not sure that this is the exact system used by my camera, but I think it is. I have no intention of installing the P2PIPC Android app which I am meant to use with it.

The result of course is that your “security” camera makes you vulnerable in all sorts of ways, from having strangers peer into your bedroom, to having an intrusion into your home or even business network with unpredictable consequences.

The solution if you want to use these camera reasonably safely is to block all outbound traffic from their IP address and use a different, trusted application to get access to the video feed. As well as, of course, avoiding port forwarding and not using an app like P2PIPC.

There is a coda to this story. I wrote a review on Amazon’s UK site; it wasn’t entirely negative, but included warnings about security and how to use the camera reasonably safely. The way these reviews work on Amazon is that those with the most “helpful votes” float to the top and are seen by more potential purchasers. Over the course of a month or so, my review received half a dozen such votes and was automatically highlighted on the page. Mysteriously, a batch of negative votes suddenly appeared, sinking the review out of sight to all but the most dedicated purchasers. I cannot know the source of these negative votes (now approximately equal to the positives) but observe that Amazon’s system makes it easy for a vendor to make undesirable reviews disappear.

What I find depressing is that despite considerable publicity these cameras remain not only on sale but highly popular, with most purchasers having no idea of the possible harm from installing and using what seems like a cool gadget.

We need, I guess, some kind of kitemark for security along with regulations similar to those for electrical safety. Mothers would not dream of installing an unsafe electrical device next to their sleeping child. Insecure IoT devices are also dangerous, and somehow that needs to be communicated beyond those with technical know-how.

Fake TalkTalk Frequently Asked Questions

I use TalkTalk for broadband and landline – though I never signed up with TalkTalk, I signed up with a smaller provider that was taken over – and recently I have been plagued with calls from people claiming to be from TalkTalk, but who in fact have malicious intent. If I am busy I just put the phone down, but sometimes I chat with them for a while, to discover more about what they are trying to do.

Rather than write a long general piece about this problem, I thought the best approach would be a Q&A with answers to the best of my knowledge.

Why so many fake TalkTalk calls?

I have two landline numbers, and until recently only the non-TalkTalk number ever got called by scammers. This makes me think that the flood of TalkTalk calls is related to data stolen from the company, perhaps in October 215 or perhaps in subsequent attacks. Some victims report that scammers know their name and account number; in my case I don’t have any evidence for that. On a couple of occasions I have asked the caller to state my account number but they have given me a random number. However I do think that my telephone number is on a list of valid TalkTalk numbers that is circulating among these criminal companies.

How do I know if it is really TalkTalk?

My advice is to assume that is it not TalkTalk. If you think TalkTalk really wants to get in touch with you, put the phone down and call TalkTalk customer service, either from another number or after waiting 15 minutes to make sure that the person who called you has really terminated the call.

How does the caller know my Computer License ID?

A common part of these scripts is that the caller will show that he knows your “computer license ID” by guiding you to show it on your screen and then reading it to you. They do this by getting to you open a command window and type assoc:


The way this works is simple. The number you see next to .ZFSendToTarget is not a license ID. The abbreviation stands for Class ID and it is part of the plumbing of Windows, the same on every Windows PC.

What about all the malware errors and warnings on my PC?

This is a core part of the fake TalkTalk (and fake Microsoft) script. Our server has picked up warning messages from your computer, they say, and they show you a list of them.

The way this works is that the scammer guides you to open a Windows utility called Event Viewer, usually via the Run dialog (type eventvwr). Then they get you to filter it to show “Administrative events” which filters the log to show only errors and warnings.

Now, you have to agree that the number of errors and warnings Windows manages to generate is remarkable. My PC has over 9,000:


However, these messages are not generated by malware, nor are they broadcast to the world (or to TalkTalk servers). They are simply log entries generated by the operating system. If you have time on your hands, you can look up the reason for each one and even fix many of them; but in most cases they are just noise. Real malware, needless to say, does not make helpful logs of its activity but keeps quiet about it.

What does Fake TalkTalk really want to do?

Once your fake TalkTalk caller has persuaded you that something is wrong with your PC or router or internet connection, the next step is invariably to get remote access to your PC. They do this by guiding you to a website such as Ammyy or Logmein Rescue, and initiate a support session. These are legitimate services used by support engineers, but unfortunately if you allow someone untrustworthy to log onto your PC bad things will happen. Despite what the caller may tell you, these sessions are not just for messaging but enable the scammer to see your computer screen and even take over mouse and keyboard input.

Windows will generally warn you before you allow a remote session to start. You have to pass a dialog that says something like “Do you want to allow this app to make changes to your PC?” or similar. This warning is there for a reason! For sure say No if fake TalkTalk is on the line.

Note though that this remote control software is not in itself malware. Therefore you will see that the software that is trying to run is from a legitimate company. Unfortunately that will not protect you when someone who means you harm is at the other end of the connection.

OK, so Fake TalkTalk has a remote connection. What next?

Despite my interest in the goals of these scammers, I have never gone so far as to allow them to connect. There are ways to do this relatively safely, with an isolated virtual machine, but I have not gone that far. However I have seen reports from victims.

There is no single fake TalkTalk, but many organisations out there who do this impersonating. So the goals of these various organisations (and they are generally organisations rather than individuals) will vary.

A known scam is that the scammer will tell you a refund is due because of your slow internet connection. They show you that the sum has been paid, via a fake site, but oh dear, it is more than is due! For example, you are due £200 but have been paid £1200. Oops. Would you mind repaying the £1000 or I will be fired? So you send off £1000 but it turns out you were not paid any money at all.

Other possibilities are that your PC becomes part of a bot network, to be rented out to criminals for various purposes; or that the “engineer” finds such severe “problems” with your PC that you have to purchase their expensive anti-malware software or service; or your PC may be used to send out spam; or a small piece of software is installed that captures your keystrokes so your passwords will be sent to the scammer; or the scammer will search your documents for information they can use for identity theft.

Many possibilities, so for sure it is better not to let these scammers, or anyone you do not trust, to connect to your PC.

Who are the organisations behind Fake TalkTalk?

When I am called by TalkTalk impersonators, I notice several things. One is that the call quality is often poor, thanks to use of a cheap voice over IP connection from a far-off country. Second, I can hear many other calls taking place in the background, showing that these are not just individuals but organisations of some size. In fact, a common pattern is that three people are involved, one who initiates the call, a supervisor who makes the remote connection, and a third “engineer” who takes over once the connection is made.

One thing you can be sure of is that the are not in the UK. In fact, all the calls I have had seem to originate from outside Europe. This means of course that they are outside the scope of our regulators and difficult for police or fraud investigators to track down.

If you ask one of these callers where they are calling from, they often say they are in London. You can have some fun by asking questions like “what is the weather like in London?” or “what is the nearest tube station?”, they probably have no idea.

What is being done about this problem?

Good question. I have reported all my calls to TalkTalk, as well as using “Report abuse” forms on LogMeIn with the PIN numbers used by the criminals. On one occasion I had a scammer’s Google email address given to me; there is no way I can find to report this to Google which perhaps shows the limits of how much the company cares about our security.

I am not optimistic then that much of substance is being done or can be done. Addressing the problem at source means visiting the country where the scam is based and working with local law enforcement; even if that worked, other organisations in other countries soon pop up.

That means, for the moment, that education and warning is essential, imperfect though it is. TalkTalk, it seems to me, could do much better. Have they contacted all their customers will information and warnings? I don’t believe so. It is worried, perhaps, more about its reputation than the security of its customers.

Why Microsoft is hard to love

Microsoft CEO Satya Nadella stated last week that “We want to move from people needing Windows to choosing Windows to loving Windows. That is our bold goal with Windows.”

It is an understandable goal. Many users have discovered a better experience using a Mac than with Windows, for example, and they are reluctant to go back. I will not go into all the reasons; personally I find little difference in usability between Mac and Windows, but I do not question the evidence. There are numerous factors, including the damage done by OEMs bundling unwanted software with Windows, countless attacks from malware and adware, badly written applications, low quality hardware sold on price, and yes, problems with Windows itself that cause frustration.

There is more though. What about the interaction customers have with the company, which makes a difference to the emotional response to which Nadella refers? Again, Apple has an advantage here, since high margins enable exceptional customer service, but any company is capable of treating its customers with respect and consideration; it is just that not all of them do.

Now I will point Nadella to this huge thread on Microsoft’s own community forums.  The discussion dates from September 10 2014 and the contributors are customers who own Windows Phone devices such as the Lumia 1020. They discovered that after updating their devices to Windows 8.1 they experienced intermittent freezes, where the phone stops responding and has to be cold booted by pressing an emergency button combination (volume down plus power). These, note, are critical customers for Microsoft since they are in the minority that have chosen Windows Phone and potentially form a group that can evangelise this so far moribund platform to others.

The thread starts with a huge effort by one user (“ArkEngel”) to document the problem and possible fixes. Users understand that these problems can be complex and that a fix may take some time. It seems clear that while not all devices are affected, there are a substantial number which worked fine with Windows Phone 8, but are now unreliable with Windows Phone 8.1. A system freeze is particularly problematic in a phone, since you may not realise it has happened, and until you do, no calls are received, no alerts or reminders fire, and so on, so these customers are anxious to find a solution.

Following the initial complaint, more users report similar issues. Nobody from Microsoft comments. When customers go through normal support channels, they often find that the phone is reset to factory defaults, but this does not fix the problem, leading to multiple returns.

Still no official comment. Then there is an intervention … by Microsoft’s Brian Harry on the developer side. He is nothing to do with the phone team, but on 27 October receives this comment on his official blog:

Brian, sorry to hijack you blog again, but you are the only person in MS who seems to care about customers. Can you please advise whoever in MS is responsible for WP8.1 and make them aware of the “freeze” bug that MANY users are reporting (31 pages on the forum below). There has been NO feedback from MS whatsoever in the months that this has been ongoing and it is obviously affecting many users (myself included). If “cloud first, mobile first” is to be a success, you better make the bl00dy OS work properly. Thanks

Harry promises to raise the issue internally. On 12 Nov still nothing, but a reminder is posted on Harry’s blog and he says:

Nag mail sent.  Sorry for no update.

This (I assume) prompts a post from Microsoft’s Kevin Lee – his only forum post ever according to his profile:

I’m sorry we’ve been dark – I work closely with the Lumia engineering team that’s working directly on this. Trying to shed a little light on this…

Beginning in early September we started to receive an increased number of customer feedback regarding Microsoft Lumia 1020 and 925 device freezes. During the last two months we have been reaching out for more and more data and devices to systematically reproduce and narrow down the root cause. It turned out to be a power regulator logic failure where in combination with multiple reasons the device fails to power up the CPU and peripherals after idling into a deep sleep state.

I am pleased to pass on that we have a fix candidate under validation which we expect to push out the soon with the next SW update!

Appreciate your patience.

OK, so Microsoft knows about the problem, has sat back saying nothing while users try this thing and that, but now after two months says it has a “fix candidate”. This is greeted warmly as good news, but guess what? Phones keep freezing, no fix appears, and in addition, there is lack of clarity about how exactly the fix is being “pushed out”.

Two months later, user Shubhan NeO says:

And I broke my Lumia 1020. Not going back to Windows Phone ever ! Switching back to Android ! Here is sneak peek of my phone !


It is not quite clear whether he broke the phone deliberately in a fit of frustration, but perhaps he did as he comments further:

Works ? Seriously ? It hangs 2-3 a day, has stupid support for official apps. So many issue.

I’m done.

Here is another:

I paid the extra £ for a better phone; with a better ’41-megapixel camera’… now to find out that people with cheaper models have not had any freeze problems. Despite peoples comments about this being an aged device, and probably the reason for lack of support, I must add that I only purchased my 1020 ‘NEW’ in July 2014 (which is only 6 months ago). For 3 of those months it has been very unreliable … I am extremely disappointed in how I and everyone else here has been treated by Microsoft.

Read the thread for more stories of frustration and decisions never to buy another Windows Phone.

What are the real problems here? The hardest thing to accept is not the fact of the fault occurring, or even the time taken to fix it, but the apparent lack of concern by the company for the plight of its customers. If Mr Lee, or others from the team, had posted regularly about what the problem is, how they are addressing it, possible workarounds and likely time scales, it would easier for users to understand.

As it is, it seems that this part of the company does not care; a particular shame, as Nokia had a good reputation for customer service.

I post this then as feedback to Nadella and suggest that a cultural shift in some areas of Microsoft is necessary in order to make possible the kind of emotional transition he seeks.

When Windows 8 will not boot: the Automatic Repair disaster

“My PC won’t boot” – never good news, but even worse when there is no backup.

The system was Windows 8. One day, the user restarted his PC and instead of rebooting, it went into Automatic Repair.

Automatic Repair would chug for a bit and then say:

Automatic Repair couldn’t repair your PC. Press “Advanced options” to try other options to repair your PC, or “Shut down” to turn off your PC.

Log file: D:\Windows\System32\Logfiles\Srt\SrtTrail.txt


Advanced options includes the recovery console, a command-line for troubleshooting with a few useful commands and access to files. There is also an option to Refresh or reset your PC, and access to System Restore which lets you return to a configuration restore point.

System Restore can be a lifesaver but in this case had been mysteriously disabled. Advanced start-up options like Safe Mode simply triggered Automatic Repair again.

Choosing Exit and continue to Windows 8.1 triggers a reboot, and you can guess what happens next … Automatic Repair.

You also have options to Refresh or Reset your PC.


Refresh your PC is largely a disaster. It preserves data but zaps applications and other settings. You will have to spend ages updating Windows to get it current, including the update to Windows 8.1 if you originally had Windows 8. You may need to find your installation media if you have any, in cases where there is no recovery partition. You then have the task of trying to get your applications reinstalled, which means finding setup files, convincing vendors that you should be allowed to re-activate and so on. At best it is time-consuming, at worst you will never get all your applications back.

Reset your PC is worse. It aims to restore your PC to factory settings. Your data will be zapped as well as the applications.

You can also reinstall Windows from setup media. Unfortunately Windows can no longer do a repair install, preserving settings, unless you start it from within the operating system you are repairing. If Windows will not boot, that is impossible.

Summary: it is much better to persuade Windows to boot one more time. However if every reboot simply cycles back to Automatic Repair and another failure, it is frustrating. What next?

The answer, it turned out in this case, was to look at the logfile. There was only one problem listed in SrtTrail.txt:

Root cause found:
Boot critical file d:\windows\system32\drivers\vsock.sys is corrupt.

Repair action: File repair
Result: Failed. Error code =  0×2
Time taken = 12218 ms

I looked up vsock.sys. It is a VMware file, not even part of the operating system. How can this be so critical that Windows refuses to boot?

I deleted vsock.sys using the recovery console. Windows started perfectly, without even an error message, other than rolling back a failed Windows update.

Next, I uninstalled an old vmware player, using control panel. Everything was fine.

The Automatic Repair problem

If your PC is trapped in the Automatic Repair loop, and you have no working backup, you are in trouble. Why, then, is the wizard so limited? In this case, for example, the “boot critical file” was from a third-party; the wizard just needed to have some logic that says, maybe it is worth trying to boot without it, at least one time.

Finally, if this happens to you, I recommend looking at the logs. It is the only way to get real information about what it going wrong. In some cases you may need to boot into the recovery console from installation media, but if your hard drive is working at all, it should be possible to view those files.

Something Microsoft has never fixed: why Windows is slow to start up

One of the most common complaints I hear about Windows is that it is slow to start up. Everything is fine when a machine is new (especially if it is a clean install or purchased from a Microsoft store, and therefore free from foistware), but as time goes on it gets slower and slower. Even a fast PC with lots of RAM does not fix it. Slow boot is one of many factors behind the drift away from PCs to tablets, and to some extent Macs.


As far as I can tell, the main reason PCs become slow to start is one that has been around since DOS days. Some may recall fussing about TSR – Terminate and Stay Resident – applications that would run at startup and stay in memory, possibly causing other applications to fail. Windows today is generally stable, but it is applications that run at startup that cause your PC to start slowly, as well as having some impact on performance later.

I install lots of software for testing so I suffer from this myself. This morning I took a look at what is slowing down my desktop PC. You can view them easily in Windows 8, in Task Manager – Startup tab. A few of the culprits:

  • Adobe: too much stuff, including Service Manager for Creative Suite, Creative Cloud connection, Acrobat utilities
  • Intel Desktop utilities – monitors motherboard sensors
  • Intel Rapid Storage Technology – monitors on-board RAID
  • Sync applications including SkyDrive, Dropbox, SkyDrive Pro (Groove.exe)
  • Seagate Desktop, manage your Seagate NAS (network attached storage)
  • Google stuff: Google Music Manager, Google update, some Chrome updater
  • Plantronics headset updater
  • Realtek HD Audio Manager
  • Fitbit Connect client
  • SpotifyWebHelper
  • Microsoft Zune auto-launcher
  • Microsoft Lync, famously slow to start up and connect
  • Roccat Gaming mouse settings manager
  • Flexera “Common software manager” (InstallShield updater)

Many of these applications run in order to install a notification app – these are the things that run at bottom right, in the notification area of the taskbar. Some apps install their own schedulers, like the Seagate app which lets you schedule backup tasks. Some apps are there simply to check for updates and inform you of new versions.

You can speed up Windows startup by going through case by case and disabling startup items that you do not need. Here is a useful guide. It is an unsatisfactory business though. Users have no easy way to judge whether or not a specific app is doing an important or useful task. You might break something. When you next update the application, the startup app may reappear. It is a mess.

Microsoft should have addressed this problem aggressively, years ago. It did put great effort into making Windows boot faster, but never focussed on the harder task of bringing third-parties into line. A few points:

  • If Windows had a proper notification service, many of these apps would not need to exist. In Windows 8, it does, but that is little help since most applications need to support Windows 7 and even in many cases Windows XP.
  • The notification area should be reserved for high priority applications that need to make users aware of their status at all times. The network connection icon is a good case. Printer ink levels are a bad case, aside from reminding us of the iniquity of printer vendors selling tiny ink cartridges at profiteering prices. In all cases it should be easy to stop the notification app from running via a right-click preference. The Windows 7 idea of hiding the notification icons is counter-productive: it disguises the problem but does not fix it, therefore making it worse. I always set Windows to show all notifications.
  • Many tasks should be done on application startup, not on Windows startup. Then it is under the user’s control, and if the user never or rarely runs the application, no resources are grabbed. Why do I need to know about an update, if I am not running the application? Have the application check for updates each time it runs instead.
  • It is misguided to run a process on start-up in order to speed up the first launch of the application. It may not be needed.
  • If a background process is needed, such as for synchronisation services, why not use a Windows Service, which is designed for this?
  • Windows has a scheduler built in. It works. Why write your own?

Of course it is too late now for desktop Windows. Microsoft did rethink the matter for the “Metro” personality in Windows 8, which is one reason why Windows RT is such a pleasure to use. Apple does not allow apps to run on startup in iOS, though you can have apps respond to push notifications, and that strikes me as the best approach.

Update: I should mention a feature of Windows 8 called Fast Boot (I was reminded of this by a commenter – thanks Danny). Fast Boot does a hybrid shutdown and hibernation:

Essentially a Windows 8 shutdown consists of logging off all users and then hibernating.

This is almost another subject, though relevant. Microsoft has for years sought to address the problem of slow boot by designing Windows never to switch off. There are two basic approaches:

Sleep: the computer is still on, applications are in memory, but in a low power state with screen and hard drives off.

Hibernation: the computer writes the contents of its memory to disk storage, then powers off. On startup, it reads back the memory and resumes.

My own experience is that Sleep does not work reliably long-term. It sometimes works, but sooner or later it will fail to resume and you may lose data. Another issue on portables is that the “low-power state” is not as low power as it should be, and your battery drains. These factors have persuaded me to shut down rather than sleep.

My experience of hibernation is better, though not perfect. It usually works, but occasionally fails and again you lose data.

Fast boot is a clever solution that works for some, but it is a workaround that does not address the real issue which I have outlined above: third-party and Microsoft applications that insist on automatic start-up.

Toshiba ships DVD media with laptop without DVD drive

One day you will be able to buy a Windows device and have a smooth and delightful experience getting started.

To be fair, something like a Surface tablet can give offer a reasonable experience if you are lucky.

Not so a Toshiba Portege Z930 ultrabook – at least, not if you buy one with Windows 7 pre-installed, and want to run Windows 8, as a contact of mine has just done.

Why would you not buy one with Windows 8 pre-installed instead? With hindsight, that is what I would recommend; but since it says on the box, “This system is pre-installed with Windows 7 Pro software and also comes with a license and media for Windows 8 Pro software,” he did not think it much mattered.

The problem: The Z930 has no optical drive, but Windows 8 is supplied in the form of two recovery DVDs.


I thought that was pretty silly, but luckily I know all the tricks about creating a bootable USB drive from a DVD. I even spotted the note in the box that instructs you to go into the BIOS and change it from CSM Boot to UEFI Boot.

No go. It would not boot from the USB drive in UEFI mode, and in CSM mode (which is also meant to work for Windows 8, with a few limitations) it boots, starts a Toshiba recovery wizard, and then bombs out.

I spoke to support. The first thing they told me, unprompted, was to make Windows 7 recovery disks, since not everyone likes Windows 8.

Next, the support guy was surprised that a model without a DVD drive ships with DVDs. Had the machine been tampered with? Then he looked it up, and admitted that they are all like that.

After a little more investigation, he said there is no way it will work from a bootable USB drive, because it is coded to look for the DVD. The only way is to buy an external DVD drive and attach it via USB.

The behaviour began to make sense to me. The scripts must be hard-coded to look on the optical drive for the files. I’d guess you can fix it by modifying the scripts if you know where to look, but life is too short and I went out and bought a DVD drive.

Smooth after that? Not brilliant. Recover Windows 8, go to Store for Windows 8.1, remember that you have to apply updates before it appears, apply 80 Windows updates, remove McAfee trialware and a few other unwanted applications, back to Store, do large Windows 8.1 download, and done.

In an era where usability is king, it is remarkable that Toshiba thinks that shipping DVDs with a computer that cannot read them is a smart thing to do. That said, I have a few more observations.

  • If you got a product key for Windows 8 and could download the media from Microsoft, that would work. But OEM Windows 8 is now pre-pidded so you don’t get a key.
  • If Microsoft were not still making so much money from businesses paying for Windows licenses, it could give Windows away and offer users a more Apple-like upgrade experience.
  • If Microsoft had not come out with a Windows upgrade which many of its customers do not like, companies like Toshiba would not be selling so many laptops with Windows 7 pre-installed.

As for the Z930, it is a lovely light, fast laptop if you do not need touch. But when will Windows OEMs, and to some extent Microsoft itself, learn the importance of out-of-the-box user experience?

Dear audio industry, fix mastering before bothering with high resolution

The audiophile world (small niche though it is) is buzzing with a renewed interest in high resolution audio, now to be known as HRA.

See, for example, Why the Time is Right for High-Res Audio, or Sony’s new Hi-Res USB DAC System for PC Audio, or Gramophone on At last high-resolution audio is about to go mainstream, or Mark Fleischmann on CD Quality Is Not High-Res Audio:

True HRA is not a subtle improvement. With the best software and hardware, a good recording, and good listening conditions, it is about as subtle as being whacked with a mallet, and I mean that in a good way. It is an eye opener. In lieu of “is that all there is?” you think “wow, listen to what I’ve been missing!” … The Compact Disc format is many good things but high-res it is not. It has a bit depth of 16 and a sampling rate of 44.1 kHz. In other words, it processes a string of 16 zeroes and ones 44,100 times per second. Digitally speaking, this is a case of arrested development dating back to the early 1980s. We can do better now.

As an audio enthusiast, I would love this to be true. But it is not. Fleischmann appears to be ignorant of the Nyquist-Shannon sampling theorem, which suggests that the 16-bit/44.1 kHz CD format can exactly reproduce an analogue sound wave from 20–22,050 Hz and with a dynamic range (difference between quietest and loudest signal) of better than 90Db.

Yes there are some ifs and buts, and if CD had been invented today it would probably have used a higher resolution of say 24-bit/96 Khz which gives more headroom and opportunity for processing the sound without degradation; but nevertheless, CD is more than good enough for human hearing. Anyone who draws graphs of stair steps, or compares CD audio vs HRA to VHS or DVD vs Blu-Ray, is being seriously misleading.

Yes, Sony, you are a disgrace. What is this chart meant to show?


If shows that DACs output a bumpy signal it is simply false. If it purports to show that high-res reproduces an analogue original more accurately within the normal audible range of 20-20,000 Hz it is false too.

As an aside, what non-technical reader would guess that those huge stair steps for “CD” are 1/44,100th of a second apart?

The Meyer-Moran test, in which a high-res original was converted to CD quality and then compared with the original under blind conditions (nobody could reliably tell the difference), has never been debunked, nor has anyone conducted a similar experiment with different results as far as I am aware.

You can also conduct your own experiments, as I have. Download some samples from SoundKeeper Recordings or Linn. Take the highest resolution version, and convert it to CD format. Then upsample the CD quality version back to the high-resolution format. You now have two high-res files, but one is no better than CD quality. Can you hear the difference? I’ve yet to find someone who can.

Read this article on 24/192 Music Downloads … and why they make no sense and watch the referenced video for more on this subject.

Still, audio is a mysterious thing, and maybe in the right conditions, with the right equipment, there is some slight difference or improvement.

What I am sure of, is that it will be nowhere near as great as the improvement we could get if CDs were sensibly mastered. Thanks to the loudness wars, few CDs come close to the audio quality of which they are capable. Here is a track for a CD from the 80s which sounds wonderful, Tracy Chapman’s debut, viewed as a waveform in Adobe Audition:


And here is a track from Elton John’s latest, The Diving Board:


This everything louder than everything else effect means that the sound is more fatiguing and yes, lower fidelity, than it should be; and The Diving Board is far from the worst example (in fact, it is fairly good by today’s standards).

It is not really the fault of recording engineers. In many cases they hate it too. Rather, it is the dread of artists and labels that their sales may suffer if a recording is quieter (when the volume control is at the same level) than someone else’s.

Credit to Apple which is addressing this to some extent with its Mastered for iTunes initiative:

Many artists and producers feel that louder is better. The trend for louder music has resulted in both ardent fans of high volumes and backlash from audiophiles, a
controversy known as “the loudness wars.” This is solely an issue with music. Movies, for example, have very detailed standards for the final mastering volume of a film’s
soundtrack. The music world doesn’t have any such standard, and in recent years the de facto process has been to make masters as loud as possible. While some feel that overly
loud mastering ruins music by not giving it room to breathe, others feel that the aesthetic of loudness can be an appropriate artistic choice for particular songs or

Analog masters traditionally have volume levels set as high as possible, just shy of oversaturation, to improve the signal-to-noise ratio (SNR). With digital masters, the goal
is to achieve the highest gain possible without losing information about the original file due to clipping.

With digital files, there’s a limit to how loud you can make a track: 0dBFS. Trying to increase a track’s overall loudness beyond this point results in distortion caused by
clipping and a loss in dynamic range. The quietest parts of a song increase in volume, yet the louder parts don’t gain loudness due to the upper limits of the digital format.
Although iTunes doesn’t reject files for a specific number of clips, tracks which have audible clipping will not be badged or marketed as Mastered for iTunes.

Back to my original point: what is the point of messing around with the doubtful benefits of HRA, if the obvious and easily audible problem of excessive dynamic compression is not addressed first?

None at all. The audio industry should stop trying to mislead its customers by appealing to the human instinct that bigger numbers must mean better sound, and instead get behind some standards for digital music that will improve the sound we get from all formats.

Bing Maps app on Windows 8: rubbish compared to Bing Maps on the web

I have been looking at the Bing Maps app on Windows 8 and 8.1 (it is the same).

It is surprising how poor it is. The web version is better, which is odd because you would have thought they used the same data.

Here is what I get from the app if I search for public transport between Derby and Birmingham (on a direct rail route):


Bing Maps on the web has no problem with this:


Here is another random example. Bing maps app cannot find Dubrovnik airport. A search only finds Dubrovnik.


Oddly, if you know where the airport is, it is in fact marked on the map.


Web app: no problem:


If Microsoft wants Windows 8 tablets to succeed, glaring problems like this need fixing. Before the release of Windows 8.1 later this year.

Online booking with National Express: prices change arbitrarily

I don’t get this. You go online to book (or check prices) at National Express.


Hmm, that 13.00 looks a good deal at £9.00. But maybe I’ll go earlier. Click Show Earlier Coaches.


Oops! Not only are all the prices more for the earlier journeys, but the 13.00 is now £10.70. What if I now go back with Show later coaches?


Bad new – the 13.00 is still £10.70. Good news – the 16.00 which was £14.00 is now only £12.70.

What if I clear cookies, or revisit the site in a different browser?


Yes, it’s back to the old prices.

My experience is that price reductions are rare. They almost always go up. And that simply closing the browser and starting a new session is not enough to make them go back down. In the worst case, a £19.00 ticket went up to £30.

The behaviour is too consistent to be caused by other factors, like other customers booking or cancelling trips.

A bug? Or does National Express like to play games with its customers?