Broken Windows Updates

a close up of a broken glass window
Photo by Ivan Vranić on Unsplash

Every month Microsoft releases security updates on the second Tuesday of the month in order to remove security problems in the installations of the Windows Operating System.

January 9th was no exception, but this time there was a problem. One of the updates (KB5034441) failed with the error number 0x80070643, and kept failing on several machines. I paused updates and when updates resumed a week later the patch was gone.

Fast forward to last week, February 13th, and the problematic update is back, and still failing.

According to the MS support article this patch is for something in the Windows Recovery system, related to a problem with the BitLocker file system encryption, and it updates a special partition on the disk (on the systems I have checked it is 500 MB) and the patch claims it needs 250 MB free (there is no information about how much is available in the Windows Computer Management disk info).

Following the failures on many systems, Microsoft posted another article with instruction of how to manually resize the partition so that the patch would apply.

I have several problems with those instructions:

  • The instruction are very advanced, requiring the user to resize an existing disk partition with data to free up space. This is an operation I only undertake when installing a system, before I actually store data on the system. The worst that can happen is that the data in the partition are lost.
  • Further, once the partition has been reduced, the user have to run a highly specialized command as administrator in the terminal window to resize/recreate the recovery partition.

Neither of these are actions are something I (a fairly advanced user) would like to undertake on my own production systems, much less in combination, and I suspect that a normal user would refuse to even consider it.

Actually, I further suspect that most normal users wouldn’t even be aware that the update was failing. There is no indication or notification in Windows that a patch failed to apply, and a normal user will just find their PC rebooted the morning after it applied patches, and conclude that the PC is fully up to date and secure. I only know the patch is failing because the last two months I wanted to control when and how my PC rebooted to apply the patches so that it didn’t disrupt what I was working on.

What this means that, assuming this is a patch for a severe issue (and as it have something to do with bypassing the BitLocker disk encryption, it is severe), most users for which this patch is failing are probably blissfully unaware that they have an unpatched security problem on their machine.

Where is the Press?

What I have noticed about this issue is that AFAICT few of the online news services I monitor seems to have reported on the problem. I have noticed at least one Twitter thread, some MS forums threads, but no news media articles.

The Register (which bills itself as “Biting the hand that feeds IT”), did post an article in January, but have not yet followed up after the February repeat. Others, like ArsTechnica and The Verge seems to not have noticed.

What needs to be done?

What Microsoft needs to do about this patch is that it must fixed so that it is able to safely complete its operation without disturbing the user, or requiring the user to manually change their system.

I also think that the patch should be made to complete successfully without changing partition sizes. To paraphrase what Bill Gates reputedly said: “500 MB should be enough for any recovery partition.”

The trouble with Chromium translations

Most applications that are intended for a broad international audience have their UI translated to various languages, the number of which can vary widely, depending on the resources of the vendor, especially their ability to recruit translators.

Vivaldi is currently being translated to 91 languages, a few more than Chrome.

Under the hood Vivaldi’s UI string (“string”: The term used in computer programming for a section of text) translation system actually consists of two independent systems, the Chromium one, and the system used by Vivaldi’s native UI.

This article will only cover the Chromium system and the challenges of using it.

The Chromium string/text translation and resource system consist of two kinds of files:

  • The GRD files, which can declare the US English version of the strings, and the location of various file resources like icons and documents (HTML, JS, CSS) used by the Chromium UI, and
  • The XTB files, one for each language, contain the various translations of the original strings in the associated GRD file.

When building the product (Vivaldi, in our case) these files are processed by various scripts in the build system and converted into files that can be handled by the Chromium code handling strings and the resources.

One of the challenges for a product like Vivaldi is that the strings and resources defined by the Chromium project are very specific to Chromium and Google Chrome, such as logos and the company and product names used in the string.

Of course, we in Vivaldi want to use the Vivaldi logo, and to use “Vivaldi” and name of the product and company. Duh!

That means that we have to change the resource definitions and the strings (and translations) to use Vivaldi’s preferred resources and names.

However, if you’ve read my article about maintaining a Chromium fork, you will have noticed that I said that you should never modify the Chromium translation files. Yet, I just said above that to use our preferred resources and strings we have to change the files. Why should we not change the files, and how do we work around the problem to still be able to use our chosen resources?

The reason why we should not change the files comes down to two reasons:

First, the Chromium resource files are frequently updated by the Chromium team. New resources and new strings are added, and old ones are changed to improve their meaning, and occasionally some are removed. All of these changes mean that when upgrading the Chromium source code, there is a significant risk that these changes will occur to the specific lines of the file we modified, or close to them. That means that we would have to resolve the conflicts between the new text and our changes, which will significantly increase the time needed to complete the update.

vivaldi/chromium translation strings

Second, for the strings we would have to not just modify the GRD file entry, we would have to modify the corresponding entry in each of the 80+ translation XTB files associated with each file, and to top it off, each of those entries has a numeric identifier calculated from the original string in the GRD file, so if you change the original string, you have to recalculate the value and update each XTB file for that entry. Ouch! Lots of work. Additionally, each of those updated entries in each file is another possible update merge conflict that has to be resolved manually. Double ouch!

So, how do we resolve this problem? How do we update the resources, strings, and translations without modifying the Chromium resource files? The answer is that we do change them, but we don’t change them.

What we have done in Vivaldi is to create our own resource GRD and XTB files for each set of Chromium resource files that we want to update, and add our file resources, strings, and translations in these files. The translation files are usually used to add the translations for the extra languages we support, but in some cases we do an extensive rewrite of the original string, which require more translations to be added in our version.

Then, while building the application we have updated the project and the scripts it used to automatically insert our updated changes into the data, before they are used to generate the binary files used by the application.

The result is that we don’t have to update the original files, but we can update the resources, strings, and translations.

This process is also used to automatically replace mentions of Chromium and Google Chrome company and product names with Vivaldi’s name, both in the original US English strings and the translations. This process does have its challenges, especially since “Google” is frequently used in combination with other words to name products we don’t support, like “Google Pay”, so we have to exclude such replacements.

Occasionally, there are strings that mention the Google, Chrome, or Chromium names when replacing them with Vivaldi is not desirable (and an example just showed up in the forums https://forum.vivaldi.net/topic/77930/wtf-what-the-floc-google-s-still-at-it/2?\_=1661690451983\, where information about a system Google is working on said Vivaldi instead, that has now been “fixed”), and in these cases, we exclude that particular string from being replaced.

Another recent example was the string “Chrome is made possible by the Chromium open-source project”, which was auto replaced into “Vivaldi is made possible by the Vivaldi open-source project”, not “Vivaldi is made possible by the Chromium open-source project”. Oooops! That was fixed by adding a full override of the text with correct wording.

Could we avoid using this kind of system? Well, it is not the only way to implement such a system.

One could add an independent set of resource files (and we have those for our own), and add our replacements in those files using different identifiers for them and replace the originals everywhere they are used. However, we would still have the problem with later updates, both of the strings and their meaning, and starting to use them elsewhere (which would have to be discovered and updated). Then there is the issue of more potential merge conflicts during updates.

Quite simply, using different identifiers would not work very well, since their use would have to be maintained continuously. Just replacing the original entries will generally work better.

And that ignores the use of product names in many strings. There are a lot of those names used around the code, and copying and modifying them into a different set of files would be a major undertaking, and would still have to be updated with new strings every Chromium upgrade.

The best way to avoid the search and replace of product names (and thus avoid the funny cases) would be for the Chromium team to stop using “Google”, “Google Chrome”, “Chromium” etc. hardcoded into the strings, but instead using variables that can insert the downstream project’s own preferred name in those strings. This kind of project would be a major undertaking by the Chromium team, and I sort of doubt they would be willing to take it on.

What do the other Chromium-based browser teams do? I have absolutely no idea. Maybe they use a similar system, or they have found their own way to manage the issue.

Microsoft, you broke Visual Studio!

One of the most important tools when developing software is a good development environment, called an IDE (Integrated Development Environment), with at least an editor, build functionality, debugger, and being able to go directly from a compile error listed in the compiler output to the broken part of the code.

On Windows, my primary tool for this is Visual Studio, although I also use Eclipse for some projects, mostly involving scripting.

For the past few years, I’ve been using Visual Studio 2019, the then current version, but a few months ago I started using the newer 2022 version. Unfortunately, I quickly discovered that I can’t really use it for my major work task: Getting Vivaldi to build again after a Chromium upgrade, because important functionality broke in that version. The result is that I am back to using VS 2019 for that task.

When I am recompiling Vivaldi after a major Chromium upgrade (a process that can take several days), there will be a lot of compile errors (mostly due to changes made by the Chromium team no longer with our own code) that will need to be fixed, and it is very useful to be able to just click on the compile error and get to the exact line in the code where the problem was encountered.

Both VS 2019 and VS 2022 have this functionality, but in VS 2022 it is partially broken, to the extent that it is unusable for a major operation like getting an updated source base to work again, with 100+ files failing to build properly.

The problem is that, while VS 2022 opens the correct file, it doesn’t open it in the “right” way.

The compile error output writes the filename location as relative to the build directory (in my case out/Release), e.g. ../../chromium/chrome/foo.cc, and VS 2022 opens it with that path, relative to the build directory, not using the absolute path drive:/src/project/chromium/chrome/foo.cc which it uses for files opened any other way, as you can see from the screenshot at the top.

It may be that Visual Studio’s own compiler always prints the absolute path in the compile errors, which might explain how this issue was not discovered in testing, but Chromium-based projects no longer use that compiler to build Chromium, they use the LLVM Clang compiler, which outputs relative paths to the file with the error.

The result is several problems, first of all, there can be two tabs open for the same file, and this means that you won’t have access to the edit history of the other file, and having multiple tabs supposedly viewing the same file is a problem if the tabs are out of sync with each other.

Second, these extra tabs are not integrated into Visual Studio’s “Intellisense” system, which parses the code, indicating errors, and can be used to find definitions of functions and classes. Although … Intelllisense no longer works even close to as well as it did 20ish years ago, in Visual Studio 6, in fact using Find in File works usually better.

As mentioned, opening the code in a tab works well in VS 2019, so something got broken along the way between VS 2019 and VS 2022. Probably there is only a call to a function or two to create an absolute path of the file path that is missing.

I reported this issue in June to MS via two of their Twitter accounts as reporting bugs via Visual Studio requires that you log into the system, which requires an account, and I don’t create new accounts at the drop of a bug (or shoe), I generally only do so when I am going to actively use the account for several years. In any case, reporting a bug should not require an account on the system.

As far as I can tell from searching the Known Issues list (using its bad search engine, they might want to talk to some search engine developers) for Visual Studio, my report had not been added a few weeks ago.

However, this is not the only problem with VS 2022.

Among the reasons for moving to VS 2022 was that it is now built as a 64-bit executable, not a 32-bit like before, which should make it better able to manage gigantic projects like the ones based on Chromium. The full Chromium project (even Vivaldi’s relatively lightweight one which does not include all support sub-projects) consumed so much memory when loaded in the old 32-bit VS 2019 that it tended to hit the 3 GB RAM roof and crash, especially in the middle of debugging an issue. A 64-bit executable should be able to handle much larger projects as long as the machine have enough memory installed (and mine have 128 GB RAM).

Unfortunately, VS 2022 does not seem to be very stable at present and has even crashed while being idle in the background (that is, it crashed even if you were not looking at it the wrong way), although I am not sure if that is still the case after the most update, although it still crashes at times.

In other words, at present Visual Studio 2022 is a major disappointment.

Are Rockport XCS shoes still hiding under a rock?

The old meets the new

Back in (pre-covid) 2019 I posted an article asking where the nice things disappeared to, including where the shoe brand I have been using for ~20 years walked off to. It was 8 (now 10) years since I had last been able to buy any Rockport XCS shoes (which is the only ones I have found that give my feet proper support under the arches), and the ones I had was starting to wear out, despite repeated repairs.

After the article, Rockport did provide some information about where I might be able to buy Rockport shoes, in Oslo, London, and in the US, but not necessarily where to get the specific XCS sub-brand I am using.

When checking the Oslo stores they named, they had none of the shoes I was looking for, and almost no Rockport shoes at all, and there were stores selling Rockport that were not mentioned by Rockport. I never got around to checking the London stores, as by the time I had planned to go the world had locked down, and thrown away the key.

When I later talked to one of the stores I knew about that had previously sold Rockport, they told me that they wanted to sell Rockport shoes, but weren’t able to get hold of any from their distributors.

All of this suggests several problems regarding Rockport’s way of doing business.

Not only have they entered bankruptcy twice in the past 4-5 years, but they are not doing a good job getting the shoes out to interested stores and customers. And even the stores that are able to get shoes are apparently not able to get many.

Recently, I was at Vivaldi’s annual gathering outside Boston (incidentally, just a few kilometers from where Rockport got started, in the town of Rockport, MA) and used the opportunity to look for suitable new shoes.

Rockport did tell me that a couple of major chains, Macy’s, Nordstrom, DSW, were selling them. Macy’s was the only one that had a couple of the XCS sub-brand, but none were the right size (as they did not sell the wide size variation I need). I did locate another store that had some, but they only had two pairs, of the wrong size.

I had to resort to what I absolutely did not want to do: Buy shoes online. The reason I don’t want to do that, is that I want to see and fit the shoe before I buy it. Just call me old-fashioned.

While I did have to return one pair of shoes to Amazon because they were the wrong size (not wide enough, which would have caused blisters), I eventually did manage to get a new pair of sandals, a new pair of winter shoes, and new summer shoes (three pairs, since I decided to make sure I would have some for a while, just in case it got difficult to find suitable shoes again). The only reason I was able to manage with just one return was that I was very careful about what I ordered (and only ordered the extra pairs after testing a pair).

I think the way Rockport has been doing business is making a lot of trouble and causing lost sales for them.

First, they are no longer providing customers with an online list of stores that sell their shoes. 10 years ago they did have one, and it was searchable based on which city you were in. With proper integration with a modern sales system such a list should be able to not just tell the customer which stores sell Rockport, but which specific shoes they have in stock.

Second, they closed all the dedicated Rockport stores which were found in various major cities in the US and perhaps elsewhere in the world. These stores were where I bought most of my shoes, because they had the widest selection.

Third, the website/online store where they market their shoes has trouble listing just the XCS shoes (or the other technologies they offer), and the search shows up irrelevant shoes. It was frequently necessary to look carefully on the photos to discover if they were the right kind. They really need to improve the website search capability.

Amazon isn’t much better in the search area, their results also include irrelevant results when searching for “Rockport XCS”, and if you add “men’s shoes” (which is one of their search suggestions) you get a lot of other brands included in the results.

Fourth, they are apparently making it really hard for small Brick-and-Mortar retailers, at least in Europe, to obtain shoes they can sell to their customers. And that might actually cause them further sales losses. A few weeks ago one of Norway’s major newspapers published a story (in Norwegian) about how online shopping, especially clothes and shoes, was declining, and shopping in normal stores was growing.

The result is that Rockport doesn’t tell and doesn’t show potential customers about what they offer, doesn’t tell them where they can buy, and doesn’t tell stores where they can get wares. The “only” place you can reliably get them is Amazon (and the Rockport online store, but I don’t create new accounts at the drop of a shoe), and shoes are one of the wares that are better sold in Brick-and-Mortar stores.

The result of don’t tell, don’t show, is that you don’t sell. And neither do the stores that want to sell your wares, so they go on to sell your competitor’s shoes instead.

Microsoft! You broke my backup system!

Backing up the data on your computer is one of the most frequently given advice to computer owners, and there are a number of ways to accomplish it.

The oldest way is to copy the data to an external media. Originally this was tapes, today it will frequently be one or more external harddrive or SSD. Swapping between at least two complete backups is recommended, with the inactive drives stored off-site to avoid destruction or loss in case of fire, theft, or other disasters (and if your area is prone to major disasters, it might be an idea to occasionally store a backup copy in a safe location hundreds of kilometers away; storage over a network connection could be an option for this).

More recently, online backup storage has become more common. Personally, I am slightly skeptical of these, mostly due to the loss of access control, but also because cloud services occasionally have service disruptions, and in some cases lose the data entrusted to them. In case you use such a service, my recommendation is to make sure the data are encrypted locally with a key not known to the service before they are uploaded; this prevents the service from accidentally or intentionally accessing your data, as well as preventing other unauthorized access. Another problem with such services is that they occasionally shut down business with little or no warning, so even if you use such a service, a local backup is recommended anyway. Backing up locally is also recommended when using online application services; these services are useful for working with others, but you might lose access when you most need the access.

There are various ways to perform a backup, from just using a simple copy command, to using more advanced backup applications in the OS, to purchasing commercial backup tools. Trial or Freeware versions of many such tools are frequently included on external harddrives.

My backup system

In my system at home I swap between two external SSD harddrives, and use Windows’s Backup software to manage the backup. Previously, I used a similar system with a commercial tool, but once I moved to Windows 10, I found that the Backup software in Windows seemed to work better for my purposes and I switched to it.

Better does not mean “perfect”, though. There are a few issues, but reasonably minor: 1) Swapping drives destroys the backup configuration, so I have to re-enter it when connecting the second drive. 2) The software does not resume backing up data from where it left off on the reconnected drive, causing it to use a lot more disk space, and requires occasional cleanup to remove old backups.

All this was manageable. At least until last week.

Microsoft breaks the backup

Recently, I finally caved in and allowed Windows 10 on my home computer to be updated to Feature Update 2004. Considering the problems that had been reported about loss of data in Chromium-based browsers, maybe I shouldn’t have, but Windows was now insisting on updating.

A couple of days after the update I switched backup disks, cleaned up some very old backups that were no longer needed, and set up the backup configuration again, and started a backup. A backup that failed! No data was copied to the drive.

I found no errors reported in the normal Event Viewer logs, until I dug down into the application specific logs for “File History backup”, where I found this meaningless warning: “Unusual condition was encountered during scanning user libraries for changes and performing backup of modified files for configuration <name of configuration file>”, with no information about what the “unusual condition” was.

As I usually do when having a problem like this, in order to find out what caused the problem, I started to test with the default configuration and then add more source drives for the backup to see which one broke the system.

The default configuration did copy those files, but it also copied a directory from one of my other drives, the main data drive, the copied directory is where I store all my photos. This directory was not part of the configuration. This directory may have been included because it is the configured default destination folder for the Windows photo import software.

However, when I added the rest of that drive to the list of folders to copy, no further files were copied (although a couple of days later some of the upper level folders did get backed up, none of the important folders were copied).

Removing that drive from the list, and adding the other drives I have for various tasks, projects, and software, those drives did get copied properly.

Going back to the problematic drive, further experiments did not succeed at backing up that drive more than the mentioned top level folders. Even experimentally adding some sibling folders of the Photo folder did not work; they weren’t even added to the list of folders to backup.

Eventually, I was forced to do a manual copy of that drive to a separate area of the backup drive, to make sure I did have a copy of it.

At present my conclusion is that in Feature update 2004 Microsoft did
something to the Backup/File History software, and it broke my system for
backups.

My initial guess at the cause of this problem is that the addition of the photo folder conflicts with adding the rest of the same drive to the list of files and folders to back up. Such overlapping lists should be merged, not create a fatal error.

A backup problem like this may not be a Security Vulnerability(TM), but it is definitely a Security Problem.

I have reported this via the Windows Feedback App, as well as to the @MicrosoftHelps Twitter account, but have so far not received any information about how to fix this problem (so, no help, so far).

Microsoft, there are some systems that should never break in production systems. The file system is one, account storage is another, and the backup software is one of the others that should never break. In this release it looks like you broke two such systems. And at least one is still broken 5-6 months after the public release!

Please fix this. Immediately!

Photo by Markus Spiske on Unsplash

Where did all the nice things go? SmartGit project dropdown

For modern software developers, there are a number of must-have tools: An editor, a compiler (called a web browser by HTML/JS devs), and a debugger. Further, if you are developing a non-trivial project, especially as part of a team, you will need a version control system.

A version control system is a very important tool when developing software, as it maintains the history of your project, chronicling every change, whether small or major, and it allows you to share your code easily with others. Using the information stored by this system it is possible to specify the source code version to use for a public version of the product or to discover which modification introduced a bug (or fixed it).

There are many different version control systems available. Among the more common ones are CVS, SVN, Hg, and currently the most popular, Git.

All of these systems are generally implemented as command-line tools, and this lets the user perform many advanced actions, especially using scripts to repeat the operations. However, maintaining source code updates only via command line operations becomes difficult very quickly, it does not scale well. A graphical UI (GUI) for the version control system is needed for any major project.

Some of the systems, like Git, also have some basic GUI applications, but their usability is limited. This has opened up a market for more advanced version control GUI applications, such as the one I have used for 10 years, or so, SmartGit.

Syntevo’s SmartGit, like most such tools, has an advanced display of projects, updated files, conflicted files, differences between the currently stored version, and the currently edited version, graphical representation of the project history, etc.

All of this is very useful to developers, especially when they are working on big projects.

Five years ago I wanted to update to the then newest version of SmartGit, v6.5 (the most recent is v19), from my then current version, v4.6.

Unfortunately, I discovered that the SmartGit developers had made some UI changes that broke the tool for me.

One of the UI features I use frequently is a dropdown menu on top of the directory explorer panel listing all the projects I am working on, and which allows me to easily open a second project in a new application window.

In the new version, they had removed this dropdown, and moved all the projects into the explorer panel, alongside the directory views, and the default operation was to open all of these in the same application window (it _is_ possible to open a second window). When you, like me, are working on 20+ various project checkouts, half of them having more than 500 000 files each, having more than one of them opened in the same application window is, in a word, unworkable. Even having the list of all the projects in that panel is in my opinion unworkable with a setup like mine.
I reported this issue to the developers at Syntevo, informing them that this was an upgrade blocker for me. Their answer boiled down to “Won’t fix it”. I responded with “Won’t upgrade”.

I have stayed with SmartGit 4.6 ever since, despite the other issues with it, such as it being slow, leaking memory, some of which could be due to it being implemented as a Java application.

I have explored other similar tools, but the ones that look most useful have one major problem: They all require that before you start, you must create an account with their code repository and log the application into it.

That is unacceptable to me, because I am not generally going to be using an external repository. We have our own local servers holding the repositories for our projects.

I do not mind buying a license for a useful product, but I do mind having to run a product logged into an external service, especially one I don’t need.

So, if Syntevo, could just fix the GUI in this area (and haven’t broken anything else important), they would sell at least one license, and since this would make the tool work better again for Chromium sized projects, they would likely sell even more licenses.

Syntevo: Make it an option!

A safe too far: Goodbye Hotels.com

As I recently described, my primary requirement for selecting a hotel is that it has an in-room safe for storing my laptop.

Recently I have been running into problems regarding that. In the last year or so, there have been many cases when the safe has been too small for my laptop, and in one case there was no safe at all despite the advertisement on Hotels.com.

I just returned from this year’s vacation trip which included going to the (very crowded) World Science Fiction Convention in Dublin (which had a bit more excitement than usual, e.g. Jeanette Ng’s speech, the consequences of which are still emerging, although some are wondering about how to best handle such problems), and the Eurocon in Belfast the next weekend. No problem with in-room safes in both hotels, one of the hotels was booked through Hotels.com, the other direct. Then, to wrap up the vacation, I booked a stay in London and found this safe (my laptop for scale): Laptop on top of too small safe

I have generally not had problems with the size of in-room safes in London before, although there was one case (5 years ago) when the hotel didn’t have the advertised safe. There is a first time for everything, I guess. Laptop on top of too small safe

In fact, it was barely big enough for the document wallet I bring along (if the safe had been in working condition which it wasn’t, but that got fixed). Actually, this may be the smallest in-room safe I have seen, except for the Anaheim safe 13 years ago that I mentioned in my earlier post. The previous contender was able to hold a 12-inch laptop (with the battery removed).

In the past year or so, I have booked 12 hotel stays via Hotels.com (which I have been using for more than 10 years). In two cases I didn’t bother with an in-room safe, since the stays were just overnight at an airport.

Among the remaining 10 bookings, 5 hotels did not have a safe big enough for my laptop or did not have one at all (and that hotel entry still hasn’t been fixed two months later). In one other case, I was able to work around the problem by using the hairdryer for something it was not designed for.

So, that means that in the past year or so, 50% of hotels booked via Hotels.com did not have in-room safes that met my requirements. This is also a very sharp increase in such problems compared to before.

That is not good enough!

The whole point about booking services like Hotels.com is to search for, and book stays at hotels that fit the guest’s requirements without having to search all over the internet through various hotel booking sites. There is an implied promise and expectation that the information provided about the hotel is accurate and sufficient. That turns out not to be the case regarding in-room safes, and one may start to wonder how much other information about hotels is incorrect?

It should not be necessary to phone or email each hotel that is being considered to verify information on their Hotels.com booking page (which is what Hotels.com support have suggested I do).

This is a safe too far, and I am therefore no longer going to use Hotels.com for booking hotels until they have implemented the following:

  • Removed all “in-room safe” entries that are NOT listed as “large enough for a laptop”. Alternatively, changed the text for these to specify that they are “small”. In any case, new in-room safe entries must either specify “small” or “Large enough for a laptop” (“large enough” meaning that it will comfortably fit a 17-inch laptop).
  • Each hotel must be informed about this change and will have to confirm that their safes are capable of comfortably holding a 17-inch laptop (that is, at least 40×27 cm). The images from their hotel rooms should also include at least one picture of the safe, with a recognizable laptop model inside.
  • Searching for hotels must include a filter for in-room safe (large enough for a laptop). It’s been over five years since I first suggested this to Hotels.com.

And Expedia, Momondo&Co., before you start crowing and try to invite me over: this applies to you as well. You are not just all basing your information on the same data. When I checked your various sites regarding the hotel without safe in July, the information I saw suggests that you all engage in a game of telephone, mangling the data until it has no resemblance to the original data.

What will I do about hotel bookings from now on? I’ll likely start using one, maybe two big brand hotel chains and book directly which likely means that stays are going to become more expensive, and the smaller hotels (like the recent London hotel) will loose a few stays. Sorry about that.

Where did all the nice things go?

Over the years we buy many things that we use for various purposes, and some of these things become favorites that we replace with new items of the same kind as the old ones get worn out. Until we are (surprise!) no longer able to do so, because the favorites have disappeared from the market.

Sometimes it is possible to easily find a usable replacement, other times it is more difficult, even impossible (and the search can get expensive).

Below are some favorites of mine that have disappeared from the market.

Behind-the-neck headphones

While for many years I used small on-ear, over-the-head headphones, when I discovered behind-the-head headphones, especially Sony’s, they quickly became my favorites, specifically the one set I found with a retractable cord, as well as the foldable ones.

Unfortunately, it seems Sony has stopped producing these headphones, at least the wired variation, as have most other manufacturers, and the last (low quality) set I have is now nearing end-of-life.

I do notice that there are some small shops in Norway selling headphones like these, but they all lack iPod remote control functionality. I also found listings of similar Sony headphones on Amazon, but considering that Sony does not presently list any wired behind-the-neck headphones I have not looked closer on those listings as I suspect they are actually years-old leftover registrations that are no longer for sale.

For the iPod it seems that the only real option is the Bluetooth variations (see below), but I also use such headphones with my stationary computers, too, and I don’t want to add Bluetooth connectivity to them (Paranoia mode: I’d rather not have any wireless connections to them, at all). I might try out those small Norwegian shops to get some behind-the-head headphones to my computers (don’t need remote controls for those).

The Classic iPod remote control

IPod FM remote
Years ago I replaced my Walkman. First with a Discman, and then started using various MP3 players, and eventually started using iPod players.

Among the benefits of the iPod players was the (Radio) remote control that you could fasten in an easily accessible location on your jacket, sweater, or t-shirt (unlike in the classic iPod ad, I carry the iPod in a pocket or my bag, not in my hand).

Like all mechanical items, the remote control eventually wore out, so I replaced mine multiple times until I was no longer able to find them since Apple had stopped producing them.

Various headphones did fill in the void with a simpler kind of remote control, but these are mostly either the earbud type (which I do not like; I only have one set of earbuds, the noise-canceling headphones I use when flying), or the gigantic over-the-ear-and-over-the-head headphones, none of them are of the wired on-ear, behind-the-neck type I prefer.

As far as I can tell the only current alternatives for behind-the-neck headphones with remote controls are the Bluetooth variants (frequently with an unnecessary microphone), which is a problem since the iPod does not have that capability, or start using a (new) phone (won’t be an Apple phone) as an MP3 player instead.

I have discovered that there are Bluetooth adapters for the iPod, but I worry that they do not provide good enough sound quality. The reason for this worry is that some years ago I tried a third-party iPod remote control, which also could use a Bluetooth connection to your phone.

However, what I discovered was that this remote control distorted the music quality, so I stopped using it. I am worried that the Bluetooth adapters will have the same issue.

Thinkpad Classic keyboards

As one can surmise from my recent article about keyboard layout switching, I think keyboards are important. After all, I use them for all my work.

And like many, I have strong opinions about how a keyboard should be laid out and work. Among my must-haves for desktop keyboards is the classic layout with the horizontal 3-by-2 section Insert/Home/PgUp in the upper row and Delete/End/PgDn in the lower and arrow keys below that. I was seriously annoyed when some manufacturers changed that layout, as were many others. Fortunately, the old layout has remained available.

When it comes to laptops, one does have to make some adjustments. After all, the room available for the keys is a bit … limited. Originally, I used IBM Thinkpads from the X-series, first an X20, and later an X40, when traveling, and these had a keyboard that looked and felt like an ordinary keyboard in the main part of the keyboard, which meant that the transition between the normal desktop keyboard and the laptop was fairly easy.

However, sometime after Lenovo bought the Thinkpad product line from IBM, they started replacing the Classic keyboards in the low-end laptops with the newfangled (and less expensive) island-style keyboards where the keys have a bit of space between them. That keyboard organization is not a good fit for me since the key spacing is slightly different compared to ordinary desktop keyboards, which results in my fingers not hitting the keys correctly when not looking at the keyboard, so typing becomes slower than it could be and switching keyboards become more difficult.

In early 2013, I came across a Lenovo blog article effectively saying that the Classic keyboard was “dead” and to “get over it”.

Lenovo Thinkpad X220
Lenovo Thinkpad X220

Get over it? No way! Hours later I made off with one of the last X220s sold in Norway, thus making sure I had a laptop with a Classic keyboard for years to come.

Late 2017, it seemed like Lenovo did a small rethink of their position (at least for a short while) since their 25-year anniversary edition of the Thinkpad had the Classic keyboard. Both Jon and I hurried to the store to get ourselves one.

Unfortunately, it does not seem like Lenovo decided to return to the Classic keyboard permanently. Considering that the Thinkpad, and in particular the X series is/was considered the pricey, high-end laptops purchased by business users with a need for good quality hardware, it seems a bit odd to remove one of the trademark parts of the series, just to save a few dollars.

My recommendation to Lenovo is to bring back the Classic keyboard, preferably to all their laptops, but at least the X series laptops.

Rockport XCS shoes

It isn’t just electronic favorites that have gone missing. Good shoes went missing, too.

In my case, I need extra support under my feet’s arches, and unless the shoes provide that support I have to use steel inlays like I had to do since before I began primary school.

After more than 10 years using Nike Air shoes, which did give me the necessary support without inlays, I discovered Rockport’s XCS shoes which, besides a businesslike look, had very good support for the arches and real good shock absorption in the sole. These shoes worked very well for me and I kept buying at least one pair a year, including winter shoes (I had to use inlays until then).

However, a few years ago Rockport stopped producing the XCS system shoes that were what I call “business shoes” (nice black ones, but not dress shoes), leaving mostly hiking shoes.

A different product line was supposed to take over, but I stopped using the one pair I did buy after only a few days – they were not good for my feet.

At present, I continue using the old pairs I have left, having them repaired whenever there is a problem, but they will eventually wear out. The winter shoes already have taken their last step.

Why do nice things disappear?

There seems to be a line of thinking among vendors and outlets that, unless something is a runaway sales success, it does not deserve a place among the products they sell, and even the products that are being sold get their features removed if they are deemed too costly and/or not relevant to how well the product sells.

This is something that we’ve seen in software as well. This trend in browsers was one of the main reasons Vivaldi started. As another example, I am still using Smartgit 4.6 because newer versions removed a fundamental UI feature that I am frequently using several times a day, and replaced it with something that does not work very well when you have a dozen projects with 500 000 files or more.

If they are not careful, this may eventually cause them to go out of business, because this will drive away the loyal customers who did buy those items because of those features. For example, I haven’t been buying any Sony headsets or Rockport shoes since they stopped selling the ones I was buying, and if Lenovo isn’t selling Classic keyboards I might go looking at other brands instead (although the red cursor button in the keyboard is still a good reason to buy; I don’t like touchpads, and disable them within minutes of first boot).

Others are making similar observations. Recently, one of the Science Fiction authors I follow posted an article with similar concerns about how (brick and mortar) retailers were removing items from their list of products, thus forcing customers to buy the items they need online, then complaining about how the “internet is destroying their business”.

Sony, Apple, Lenovo, and Rockport, where did all the nice things go?

Maybe you can tell me which of your competitors are able to sell me something that works as well as yours did?

Microsoft, keep your hands off my keyboard!

The keyboards connected to our computers are essential to controlling every aspect of our computer experience, and to our communications with everybody we communicate with. A very basic aspect of the keyboard, and of our personal choice (it is really a major aspect of our national identity), is the layout of the keys. In my case, I am using a keyboard with a Norwegian layout, which is essential when writing text in my native Norwegian language.

What happens when someone, or something, changes how the keyboard is working?

About a year and a half ago I started working on a Windows 10 machine at work (having used Windows 7 until then), but after I while I started running into a particularly obnoxious problem: The keyboard layout would, occasionally, automatically be changed to the US layout, instead of my Norwegian layout.

For somebody who is reasonably competent at typing without looking on a Norwegian keyboard (aka. the “Touch” method), that is rather irritating, because keys like “<“, “:”, “-“, “æ”, “ø”, and “å” suddenly produce completely different characters. The result is a disruption of my current activities.

After some searching I discovered this thread about it, started in 2016 (and still active), and there are indications in the thread’s references that the problem first appeared in Windows 8, at least as early as 2012, maybe 2011.

Based on information in the thread and its references, what seems to be happening is that Windows 10, being “concerned” that the user’s configuration might not be correct in the context of his or her environment, scans the other Windows 10 machines on the network, or obtains information from computers it connect to, and possibly other information, such as the machine’s geographical location, and automatically reconfigures the enabled keyboard layout based on this information.

I do not know if this is correct, but the name of a registry value mentioned in this information, “IgnoreRemoteKeyboardLayout”, indicates that there may be something to it.

This problem seems to have been affecting many users from non-English
speaking countries, especially those working in multilingual, global companies, or those having moved to a different country.

In Vivaldi, I work with colleagues from many countries and we are all using different keyboard layouts, including German, Icelandic, and US layouts.

The thread I found discusses various workarounds, some of them requiring
you to edit the registry (one of which I used to fix my problems), which is something the average user should never be required to do.

Recently, though, I have run into this again with my personal laptop, and as far as I can tell the workarounds are not just not working anymore, it seems
that the workarounds I did apply earlier were removed somehow, possibly by the recent major Windows 10 update.

The keyboard layout of my laptop keeps changing to the US layout several times a day, even several times an hour. In fact, I have had it happen in the middle of writing emails!

And what is happening to my laptop is not an isolated case: One of my colleagues has reported the same thing has started happening to his laptop, too.

So, I think Microsoft is being too “helpful” in this case.

I have configured my PCs the way I want them configured, with the UI language I want, and the keyboard layout I want to use, and I did so when I installed Windows on the PC, and I have no plans to change them.

Microsoft, keep your hands off my keyboard!

 

Update June 24: The jury is still out on this, but a couple of days ago I decided to try two changes: I removed all the extra languages and keyboard layout combinations (again), and also disabled the keyboard shortcuts for switching between these settings.

If this continues to work, it may have “solved” my problem.

However, it is still a “solution” for a problem that should never have existed, the automagic addition of languages and keyboard layouts, and it may be that the workaround only hides the issue.

It also points to what I think is a bad design choice by Microsoft: The choices for the keyboard shortcuts are Ctrl+Shift and Left Alt+Shift (never mind that Norwegian keyboards only have one Alt key, the left one; the other is the AltGr key that is an alias for Alt+Ctrl, used to type various characters like “@”, “{“, and “€”). Both of these shortcuts are used as part of various keyboard shortcuts, and the Alt+Shift key variation is part of the “Switch to previous Application” shortcut Alt+Shift+Tab. What happens if you start to press this shortcut, and decides to not change application after the first two keys are pressed? That’s right: The keyboard layout changes!

And even if these two actions “solved” the problem, it should never have been an issue for my systems, since I never added extra languages or keyboards. Microsoft added them without asking, then a bad choice of keyboard shortcuts exacerbated the problem.

And users that, for various reasons, do have multiple languages and/or layouts enabled, may still be having problems.

Update June 27: After rebooting the laptop, the US layout returned, despite having been manually removed, and the keyboard shortcuts being disabled.

Secure online X-mas shopping? Big stores encrypt, the corner-store doesn’t

Encryption usage by Norwegian online shopping sites (2016 edition)

Over the past several years I have performed occasional surveys of Norwegian shopping sites and their use of encryption. I decided to limit my surveys to Norway, because I concluded that limited knowledge would make collecting a representative international list of foreign shopping sites difficult, and would probably only contain large stores, not small ones.

The last survey I wrote about was performed in early 2015, and while I did not publish an article about it, I did perform a second survey a few months later, in order to get an impression of the effects of some actions initiated after my article. The changes at the time were not significant enough to change what I presented in the previous article, so I did not publish an article discussing those updated results. Continue reading “Secure online X-mas shopping? Big stores encrypt, the corner-store doesn’t”