Saturday 16 February 2013

When Computers Lie



It’s been said that as computers simply process data they are incapable of lying, but ever since HAL 9000 started murdering its crew in  2001: A Space Odyssey I’ve never trusted them. Simply put – while they may follow clear rules and be incapable of deviating from a set of instructions, if those instruction are telling them to lie, then lie they will.

Take for example one we see quite often : “Your Computer has 2,120 Viruses on it. Do you want Windows Antivirus 2013 to remove them?”.

Or the infamous “Metropolitan Police: Attention! Illegal activity was revealed! Your operational system is locked as a result of Great Britain law violation!”. I mean – seriously – would the police really use that many exclamation marks?

But malware excepted, our operating systems regularly deceive us in order to improve the ‘user experience’ by concealing information from us. One feature of all PC operating systems since windows XP has been the default behaviour of hiding file extensions from us. The extensions usually take the form of a dot with three letters, so a program would typically be called ‘program.exe’, but all Windows shows us is ‘program’.

This feature has regularly been exploited by malware authors – typically by attaching files that we see as something like ‘report.doc’ when in fact the file is really called ‘report.doc.vbs’, where vbs indicates a script that will run and probably compromise your PC if you try to open it.

Before Mac users get all smug, I’d like to point out that there’s another piece of subterfuge that has been built into operating systems since the days of ARPANET and actually predates the mechanisms of networking and the internet itself. It’s on your Mac. It’s on your PC. It’s probably on your iPad too if only you could access the file system to find it. Welcome to the hosts file.

When you clicked on the link to load this web page a bunch of clever things happened. The link, blogger.com, was converted to a network address that is a 32-bit binary number which for ease of reading we convert into human-readable notation. For blogger.com this is  173.194.78.191. Your computer knows that Blogger.com resides at this network address thanks to the magic of The DomainName System (DNS) which you can think of as a huge distributed telephone directory of every computer or network device on the internet. This is a complex but interesting subject that I’m not going to explain in detail, but click though the links if you want to know more.

In the beginning, though when the earliest computers wanted to communicate by TCP/IP, there was no automated directory. Instead, just as the earliest telephone exchanges were operated manually, so a single file was used to maintain the directory of computers and network addresses. When you imagine that we are talking about tens or dozens of computers then you will see that it made perfect sense to manually create and maintain this system. And the name of that file was ‘hosts’. No file extension.

If you want to look for your hosts file and you use a PC you should find it at C:\Windows\system32\drivers\etc\hosts ;  on a MAC look in private/etc/hosts. I regularly look here if I’m working on an infected computer because it’s a simple and effective way for malware authors to hijack network traffic, so last week it was one of the first places I looked. I double clicked on the hosts file – as it has no file extension I usually have to select notepad to open it, but this time it obligingly opened in notepad without me having to do this. This struck me as very slightly odd, but the penny didn’t drop just then. The hosts file was clean, and I removed the malware without a hitch, expecting this to resolve the browser pop-ups that were irritating the hell out of my client.

I really thought I‘d cracked it and was preparing to leave when suddenly, against all expectations,  a pop-up appeared bottom left of the web page I was testing. I delved a little deeper in to page code, and it seemed as if the problem was being caused by, of all things, the Google Analytics hooks that were embedded in the code of the web page. Could Google themselves have been compromised? Then, thankfully, the penny dropped.

I returned to the hosts file in Windows Explorer, switched on file extensions, and also asked it to show hidden and system files. All was revealed. The hosts file I had looked at had a .txt file extension that had been hidden from me. This is why it had opened in notepad without prompting. Alongside it was the real hosts file; this one was flagged as hidden and marked as a system file, meaning that windows would normally hide it from me. The file was also flagged as read-only and locked down to be as difficult to access as possible, but once I knew what I was dealing with it was a simple case of firing up the  command prompt, changing permissions and attributes to return the file to normal, and in a minute or so it I was able to open it to reveal…. nothing.

Seriously, after all that trouble the hosts file looked to be devoid of any spurious entries. For a full minute I failed to spot the scroll bar on the right. Then the second penny dropped, and I actually laughed. About a thousand lines of blank space below the standard hosts file entries I found half a dozen entries that were telling the PC that the network addresses for Google Analytics, as well some other embedded features were actually a server in China. Honestly.  With a few deft keystrokes these lies were gone, and the problem was solved.

So the moral of the story is that our computers do lie to us. They do so all the time, and it’s usually to make things easier for us as computers are insanely complicated, and the networks they connect to are unimaginably huge. It’s important to remember  this – particularly if you work in our field, because once in a while you need to unravel some of these lies to get to the root of the problems.

If you’re an end user you probably think the hosts file is of absolutely no interest to you. But consider the dilemma of a parent who wants to keep their child away from Facebook, for example. By navigating to C:\Windows\system32\drivers\etc\, opening the hosts file in notepad, and adding the line ‘127.0.0.1  www.facebook.com’, then restarting the PC they can block this page. This works for Macs too, see above for the location of the hosts file. And iIn the unlikely event that their child manages to discover this little trick the parents should immediately contact Computer Angels so that I can offer their child an internship.

Thursday 7 February 2013

Life without Internet


I’m writing this because I’ve run out of jobs to do that don’t require the internet, which right now is down due to an exchange fault. It's been almost an hour and already the staff are plotting who to eat first. I think I'm safe as I'm lean and gristly but Lee is looking distinctly worried. 

It’s at times like this that you start thinking about the cost of service interruptions. When our broadband works it’s fantastic, but even though we rate the technical support we get from Be quite highly, the impact upon our business when it does fail is pretty severe.

Apart from being reduced to the two phone lines that come with ISDN because we lose the outbound VOIP call routes, our credit card terminal is also on broadband so we can’t take card payments. Email is of course a non-starter, and we lose our remote support facilities. We rely increasingly on cloud services, but the more reliance we place on these the more important it is to assure continuity of broadband service. While you can install industrial strength data connections, these are quite pricey compared to simple ADSL, however it doesn’t take much down time before these start to seem attractive as well as economical.

When we first set up our business we had a single phone line, but pretty soon it became clear that we would need more than one line. When we moved into our first Service Centre on Munster Road I did a lot of research before deciding to use a software PBX using the excellent 3CX system.

3CX does lots of clever things including using VOIP for outgoing calls, and a mobile gateway that uses two SIMs for ‘free’ outgoing calls to mobile phones as we get bundled minutes on the SIMS. At the time SIP trunks were still bleeding edge so I opted for ISDN2e from BT for incoming calls – this gives us two incoming lines, but as the PBX call routing rules mean that these aren’t used for outgoing calls that was enough. Mindful of the fact that I would be using SIP trunks in the future I signed a three year contract which was the minimum available.

The migration was anything but smooth. The BT engineer turned up and installed the new ISDN trunk in about ten minutes as promised and left, but when we tried plugging in our carefully configured PBX nothing worked. After an hour of fiddling with settings I decided to re-route our 0800 number to a secondary line that we use for our broadband. The very first call was from a local takeaway saying that they were getting inundated with calls for us. BT were quick to respond and the engineer returned, but it still several hours before we had a working PBX interfacing with the ISDN line, and the experience cost us a great deal in time and lost business.

Now that we are opening our second service centre we’ve decided to look at new technologies that will allow us to move away from ISDN, and we are working closely with Spitfire with whom we have successfully partnered on a number of projects. Today’s experiences have made up my mind about using Spitfire to provide our data connections as well – the advantages of a single end-to-end technical point of contact for both PBX and data services are pretty obvious, particularly to a man sitting at a computer without internet.

Just when things were starting to take shape a new problem arose – BT are convinced that we are on a five year contract with them. I was adamant that I would never have agreed to this, but BT were insistent. Fortunately I managed to find the original paperwork supporting my claim, but even then I simply couldn’t get BT to address the problem, and the familiar pillar to post routine began. I really don’t have time for this bollocks so I simply sent in a cancellation notice to BT with a copy of the contract and this seems to have done the trick. And it also served to remind me why I’m happy to move on.

Now if I can only figure a way of posting this which doesn't require an internet connection... 

Friday 1 February 2013

A New Year, a New Service Centre


Christmas is a quiet time of the year for us – things don’t really pick up until the second week in January when everybody has returned to work and we get a deluge of two weeks of accumulated problems hitting the office all in one go. Add to that the usual sprinkling of snow that brings the whole of London to a halt, and January turns into what I would describe as an eventful month.

Something that has made it even more eventful than usual is the news that we have finally found suitable premises for our Surbiton Service Centre which we hope to open in March or April, depending upon the speed of the lawyers in drawing up the lease. We are taking over a shop unit in St James Road which is about 100 meters from the station, and that means the next few months are going to be a whirlwind of organising the fixtures and fittings for the new premises, liaising with suppliers, organising signage, utilities, and all the hundreds of other tasks that a new branch requires.

I've been meticulous in keeps lists of everything we required to get our Fulham service centre up and running, including the suppliers we liked (and those we didn't like the flooring contractors who simply never turned up). We are also using the experience of the last four years to shape how we are organising the new shop, building on what works, and working to maximise efficiency within the limited space available. All this should mean that the process is as streamlined as possible, and by knowing exactly what we want we can keep the fitting out costs to a minimum.

We've also taken our first apprentice on board, which is another exciting development. I was wary of the apprenticeship scheme until I met some candidates and was impressed by their enthusiasm. Aaron has been with us for a couple of weeks and it’s great to see how quickly he’s picking up the real-world skills we need to do our job. I know more than a little about the way information technology is taught in our colleges, mainly because I get to see the end result, and I'm amazed that there is still such dislocation between what industry requires, and what education gives us. I’ll keep you posted on how things go but I think the apprenticeship scheme could be a fantastic alternative to spending three years accumulating a huge debt.