Slashdot Mirror
Microsoft's BSOD Is Getting More Descriptive With QR Codes (cio.com)
itwbennett writes: Reddit user javelinnl posted a picture last week showing a new dreaded Blue Screen of Death (BSOD) featuring a QR code and a link that may appear in a future version of Windows 10. "Right now, the code and the link take users to a webpage that discusses generic fixes for errors that might cause a crash," writes Blair Frank from CIO. "In the future, though, Microsoft could provide a QR code that leads to more specific information about what caused the computer freeze up." As of this writing, Microsoft had not responded to Frank's request for comment, but when he forced a Blue Screen of Death on his Surface Pro 3, he was unable to get a QR code to appear, though a link to the help page did. The QR code shown in the image simply points to a generic resource page for "troubleshooting blue screen errors."
Windows is designed for people who know where to click for word, solitaire and facebook.
What you call human readable is not readable for them.
What makes this great is that your client/coworker/family member can take a picture of the code and send it to you. That's far more doable than having them try to remember what the error message said. "Oh, it said skynet falls or something". Apps like Google goggles will search the picture for the QR and you have usable information.
Even my 70 year old mother can do that.
"Common sense will be the death of us all"
I think what Microsoft really needs to incorporate, is the transformational power of Emojis to liven up each BSOD into a masterpiece.
"There is more worth loving than we have strength to love." - Brian Jay Stanley
What makes this great is that your client/coworker/family member can take a picture of the code and send it to you. That's far more doable than having them try to remember what the error message said. "Oh, it said skynet falls or something". Apps like Google goggles will search the picture for the QR and you have usable information.
What if your client/coworker/family member directly take a picture of the error message? Why going through this QR crap?
4 - "The BSOD was caused by malicious software. The QR code takes you to a bogus phishing site."
Schroedinger's Brexit: The UK is both in and out of the EU at the same time!
Windows Phone sales set to double, as Windows Phone users now need a phone to take a picture of the QR code when their phone crashes.
I mean, I remember when they actually used to include bonafide technical information on the screen, like faulting module in addition to the usual stop code. I know they had to remove it to make room for the :( emoticon and all, but maybe one day you can again find out what's wrong with your Windows PC via QR code. Maybe. One day. Microsoft cannot comment any further at this time.
In the future, though, Microsoft could provide a QR code that leads to more specific information about what caused the computer freeze up.
Microsoft has not been able to provide useful error messages for the last 30 years, why should it be any different with QR codes?
That was my reaction as well, if it's like the Windows Update help stuff then it's going to be just another way of telling users "Something went wrong. We have no idea what it is, or at least we have lots of data to help diagnose it but we aren't going to give you any of it. Here's a link to a Bing search that will return 200 hits for other people who have run into this problem and couldn't solve it either. Error 800420EE". Totally, utterly useless.
5 - Phishers on forums/messageboards pretending to be looking for help by posting up bogus QR codes.
6 - You are the IT expert at a company and you receive the QR code from a colleague while you're out shopping. The only way to read the QR code photo is with another phone.
7 - How about ms works on putting more description into what a particular window update does first instead of just calling them security updates when they're really some crappy useless thing like telemetry services.
Even my 70 year old mother can do that.
My 70 year mother was taught to read when she was young. And she still masters that skill.
I think they should also patent the idea.
Devil's Advocate: This is a proof-of-concept without the backend being finished just yet.
That said, a lot of error messages should make an experienced helper go, "Oh, just close out of that program, wait ten seconds, start it back up." anyway. A QR code will force him to go to Microsoft's knowledge base (does that show ads?) only to facepalm at realizing which error it is. Again.
At the very least this will make the knowledge base see a sudden surge in use, and department leads just love that for their quarterly reports.
-=This sig has nothing to do with my comment. Move along now=-
And you really expect those kinds of people to know what to do not only with a QR code but also the error message on the web site, which could be the exact same error message given directly on the BSOD?
Give me a fucking break. MS is only doing this because it gives them another lame excuse to harvest data. All of this shit could and should be done locally.
A BSOD means the OS faced an error so critical, there can be no recovery. To keep data corruption from happening, the system must immediately halt. So what it does is dumps what information it can to the screen, and if possible a dump file, and then halts.
You generally see them with hardware errors (not all hardware errors manifest as BSODs but some do) but also with serious driver errors and some other things. They are rare, but they happen, and the codes they give can help you figure out what went wrong.
4.5 - "Reading the QR code with a Windows 10 Phone app causes the phone to crash with a BSOD, revealing another QR code. It's like a Russian doll, QR codes inside another QR codes."
I foresee malware that fakes a BSOD in order to send your phone via QR-code to a website that then hacks the phone. Genius!
It seems MS is losing what little expertise it had in the security-space fast. This demented idea is a good example.
Most ACs are not even worth the keystrokes to insult them. Be generically insulted by this and ignored otherwise.
Like, I don't know, say, a system log that would store messages from drivers and system components like dmesg?
How about a memory dump before crashing that can be inspected later?
What makes you think that Windows does not store messages and does not create a dump (hint: it does. Stop errors are logged in the system log, and default is to create a dump file upon a stop error. Space is even reserved for the dump file on the system drive to guarantee that a dump can be created even if disk is full).
But hey, why don't you make your own assumptions and go by them to diss on something that you obviously don't know anything about?
When you restart your computer, Windows will recognize the dump file and will offer you to upload it to Microsoft. In case of device driver crashes (the most common cause along with hw fails) Microsoft will even notify the vendor if they have registered for crash information.
https://tech.slashdot.org/stor...
Reading slashdot one-liner: (irm http://rss.slashdot.org/Slashdot/slashdot).rdf.item | fl title,desc*
Like, I don't know, say, a system log that would store messages from drivers and system components like dmesg?
You mean like the windows event log which captures the cause of the BSOD and stores it for looking at later?
How about a memory dump before crashing that can be inspected later?
You mean the file c:\windows\minidump.dmp that is created when a BSOD?
Whatever happened to human readable error messages even?
Sure, care to name an example of an OS that provides a human readable error message for a complex issue that was able to cause the kernel itself to croak?
Stop reinventing the goddamn wheel, it's not gonna work if it's square.
The wheel hasn't changed. Only the shape of the check engine light is changing, and quite frankly that was always useless and broken.
Speaking of 'harvesting data', it would be interesting to see what sorts of URLs end up showing up.
There are always privacy implications if you want to provide genuinely useful input on why a system crashed, since a crash dump can be very informative indeed about what the user was doing when the crash occurred; that's not some sinister MS-thing, just how it works. However, as the wonder full people in audience analytics 'user engagement tracking' and whatnot have spent years exploiting; it's really, really, easy to get additional data on who is following links by programmatically generating unique ones that redirect to the destination, rather than just linking directly.
If the QR code is just "https://support.microsoft.com/en-us/kb/123456" then it makes me want the damn kids to get off my lawn; but it's otherwise harmless. If it eventually ends up at that domain; but starts out as an email marketing standard referrer-slurry URL that redirects you through one or more unnecessary tracking steps before eventually landing you at the URL you were supposed to reach in the first place, that's slimy above and beyond the call of duty.
Actually, while the post you're replying too is dumb, there is one really simple reason not to change the BSOD.
Reliability.
Lets go over the scenario and we'll see WHY the BSOD screen is SUPPOSED TO BE EXTREMELY SIMPLE.
A BSOD occurs when the kernel has detected a major failure or corruption within itself. At the point when its determined to BSOD, the system IS UNSTABLE AND UNSAFE. The system is deciding THE ABSOLUTE SAFEST THING TO DO IS STOP DOING ANYTHING, because THE SYSTEM IS UNSTABLE AND IN AN UNKNOWN STATE.
At this stage POTENTIALLY ANY INSTRUCTION CAN BE FATAL because you are no longer sure about anything in RAM, any data structures such as page mappings or anything else. (Sure there are some bug check BSODs that are relatively safe, but those don't happen in release/unchecked builds.)
You do as ABSOLUTELY LITTLE AS POSSIBLE in the BSOD phase of runtime. The mini dump is written to a pre-allocated location of disk ... THE SWAP FILE, that the OS put into a protected region of ram so it couldn't be corrupted in the event of a problem. It doesn't allocate more space, it doesn't move space, it just writes to known good locations. If it tried to read the disk directory, it may be corrupt and read it incorrectly, then write to the wrong portion of your disk and destroy the data structure.
On the next boot, when the system is in a stable state, THEN that mini dump (or full dump if thats the case) is written to an actual file on the file system that you can access, but its in swap until the OS boots, sees it in swap, and writes it to a standard file.
Now some dip shit from marketing wants to put a 100% worthless QR code on the screen. Thats something that has to be calculated. That means intentionally doing more computations on an unstable system and ignoring all conventional wisdom. The QR code provides no benefit and adds risk.
Its a stupid fucking idea probably done by some young engineer to naive to understand why he shouldn't be playing in that code. Or worse still, probably some jackass in the phone group decided that crashes should have a QR code so they could sell phones with QR readers to admins.
Across the board, its a stupid fucking change with way bigger risk than benefits.
Persistent Volume manager for Kubernetes - https://github.com/dwimsey/openshift-pvmanager
It happens too often with Microsoft software for it to be a serious bug. After all, there was enough time to create a QR code for it, then the fault was ALREADY known...
Serious bugs get fixed.
Yup, harvesting data is what it's all about. I'm sure the "website" you'll be redirected to will be about as useless and generic as they are today: Your computer just crashed with code 0x000c84a - you need to reboot your machine. But thanks for giving us your cell phone info!
Seven puppies were harmed during the making of this post.
All the data is right there in c:\windows\minidump.dmp
... at the bottom of a locked filing cabinet stuck in a disused lavatory with a sign on the door saying beware of the leopard. As I said in my original post, "we have all the data but we're not going to give it to you", all you need to do to get it is walk your mother through running the command-line dumpchk.exe and interpreting the results over the phone for you. It's so simple, anyone can do it!
Q: "Help! Windows 7 just crashed and it gave me this QR code, now what?"
A: "That is your Microsoft Support link. It takes you to the Microsoft Store and allows you to purchase Windows 10. Thanks for giving us your cellphone info and good day."
Nothing posted to
Great, so if you know what you're doing you can pour through some obscure file in a directory that we tell users never to look in. Why not provide something remotely helpful?
Like ok, maybe you can't do much analysis on the BSOD itself because the system has crashed, but then maybe it could launch an application by default, on the following boot, that would analyze the dump against known issues and provide some guess as to what went wrong. That's just off the top of my head, but I certainly feel like it would be helpful if the next time you booted after the BSOD, it could say, "This looks like the crash was caused by [whatever].sys, which seems to be related to your [whichever piece of hardware] driver. You may want to try updating that driver." Theoretically, MS could even collect this information across systems and say, "Lots of other people with the same version of the driver have experienced similar crashes, but the problem appears to be fixed in there new driver, which can be downloaded here:" and then link to it.
That level of analysis is possible, even if not incredibly easy. If Microsoft wants to collect telemetry so badly, they could at least do stuff like this, which would actually help people.
Now some dip shit from marketing wants to put a 100% worthless QR code on the screen. Thats something that has to be calculated. That means intentionally doing more computations on an unstable system and ignoring all conventional wisdom. The QR code provides no benefit and adds risk.
Why do you think it's a marketing idea?
There is absolutely no reason the QR code could not be calculated without additional risk. If the space has been set aside, the kernel thread has it's own "safe" space for the stack (which it must have since also creating a dump in the swap file requires at least some call instructions). You can absolutely work out in advance how much has to be set aside for the QR code and -computation. Just like with the minidump.
Now, what could be the upside? While the QR code cannot contain the minidump itself, it can absolutely contain register values along with the program pointer and the module/device driver (name, version, vendor etc) it was in when the STOP error occurred. That is enough to provide a really valuable service once the user hits the web page through the QR code. A known problem with a faulty device driver can for example direct the user to a later/fixed driver, to boot in safe mode or otherwise uninstall it. It will also provide valuable information to Microsoft/3rd party vendor as to the number of computers experiencing a specific problem.
That is engineering - as in engineering for failure - not marketing.
Or worse still, probably some jackass in the phone group decided that crashes should have a QR code so they could sell phones with QR readers to admins.
Ok. Is your tinfoil hat a bit tight?
Reading slashdot one-liner: (irm http://rss.slashdot.org/Slashdot/slashdot).rdf.item | fl title,desc*
Except they've been doing this for over nine years. It been there since Vista with the automated "Problem Reporting" feature in action center. http://windows.microsoft.com/en-US/windows-vista/Reporting-and-solving-computer-problems
It doesn't always give you steps to solve the crash. But I have seen it tell me a crash was due to a driver which I should update. This was before Windows Update starting handling most driver update duties.
Why crash their PC? Just make it look like it crashed and then you can change the QR code to new targets. Joe Average is just gonna hit reboot afterwards anyhow. Hell, after you've sent 'em through enough pages and borrows a short amount of GPU time for some mining, send 'em to a nice formal-looking page that tells them to reboot but warns them that the problem may happen again and to check back often - and trigger it at random intervals. I bet you can get away with that for months.
"So long and thanks for all the fish."
You use the event ID and the error number (gleaned from the event viewer that you opened up from the run dialog) and see what happened just prior to the crash and you search for those if you can't figure it out. There's actually a really need service that will aid with that research - they used to give a copy to the MVPs (third party gift to get us to recommend them) back in the day. I've not participated in the program (or even used Windows) in quite a while so I've forgotten the name.
Truth is, Windows isn't all that bad - if you know what you're doing or actually follow directions. It's even possible to use Windows without *any* resident anti-malware scanning - and to be functional while doing so. However, I'm not gonna recommend that people do that - but it is possible. It's really just a matter of knowing a bit about what you're doing and looking before you leap. If you don't know what the button does, don't click it. That's not an easy thing for some of us - so I recommend researching because someone has *always* pressed the button before you got to it. Well, almost always. If they haven't then it's up to you to be the sacrificial lamb and to push the button - I'm pretty sure that's in the rules, somewhere.
Windows is even stable - if you follow best practices. An example would be that I used to get months of uptime (not kidding) on a Windows ME (!) box that ran both an OpenNap server and an OpenNap hub. It really only got reboots to update - they didn't have "Patch Tuesday" back then, it was more sporadic. It should be noted that that particular PC was actually one that came with ME certified hardware. Hardware was undergoing some major changes at the time and if you didn't have appropriate hardware then ME was a shitty, shitty operating system. It was also actually a fairly cheap system from Acer and was my first exposure to AMD - it was the AMD K6-2 350 and I'd OCed it to about 500 MHz.
As for security? Well... The last time I used Windows, I'd not used even a software firewall nor a resident AV in years. (I do have a hardware firewall at the house.) It was fine. Security is a process and not an application. Practice safe hex and you're generally good to go. Always, always keep backups and plenty of them. Storage is cheap and connectivity is near-ubiquitous, back that stuff up.
'Snot popular to say (and I'm a very content Linux user) but Windows isn't that bad and you can get it fixed quickly and easily when there's a problem. It's even not all that difficult to keep it reasonably secure so long as the operator isn't an idiot. Even a stupid person in the chair can figure out apt-get, dpkg, or make install. By the way, I learned to use a computer because I had to. They didn't do anything useful when I first bumped into them. You had to make them do something useful. I hated 'em, quite passionately hated them, at first. Nah, Windows isn't that bad and I've only one real complaint with Windows 10.
"So long and thanks for all the fish."
Theoretically, MS could even collect this information across systems and say, "Lots of other people with the same version of the driver have experienced similar crashes, but the problem appears to be fixed in there new driver, which can be downloaded here:" and then link to it.
Except you turned that service off at Thanksgiving because you didn't want Microsoft spying on your mother.
"So long and thanks for all the fish."
Yup. It's not like we can't spare a few Hz and a couple of Kb of RAM to make a pretty QR code - it might even (emphasis on might) turn out to be valuable. I could see this actually being a good thing. It's not like you need a dedicated device to read QR codes. It's not like the vast majority of admins don't have a "special QR code reader" right in 'em - called a camera.
Best of both worlds might be that it'd scan a *local* database and feed you information from that. I'm thinking enterprise use. Then they could keep their data internal and not rely on any third party networks/data sets. I could actually see this having some benefit. The question is, will it? The answer is, probably not. But... It could be useful. It could even be mostly privacy respecting! I kind of doubt that last part but, hey... It could happen.
"So long and thanks for all the fish."
Since the dawn of bsod's they've trapped the last known error - and dropped it on the screen - I believe its after the dmp file is written too.
I don't see why it would be a big deal to translate that error into a qr-code - it might be handy for end users.
Did you miss the part where you disabled telemetry without actually waiting to see what was done with it?
"So long and thanks for all the fish."