It’s 2016, why is rotating a video such a pain?

How many times have you quickly shot a video on your phone and not rotated it for landscape? It happens too often and we see these videos all over social media. I sometimes forget to do it as well, or portrait is more in line with what I am shooting. So, I want to quickly rotate a video 90 degrees sometimes. Should be easy, right?

I’ve asked friends and social media before, but I asked again last night and got a lot of great input. My criteria were very simple, but I did not specify platform; I want to load an MP4 video, rotate it 90 degrees, and save it. I didn’t qualify it, but my expectations are that it would not lose quality, it would keep the original MP4 format, and that the process was “one-click” (or close). While I have plenty of history using Linux, going back to CLI graphics tools to do this is not ideal for me, but I considered those options.

  • @cl suggested Windows Movie Maker – It will rotate trivially, but saves your MP4 as WMV and the quality drops noticeably.
  • @TCMBC suggested mencoder – A command line utility, part of MPlayer. So it is not trivial (download, configure, compile, figure out CLI syntax), but it does rotate. Yet, the quality drops noticeably.
  • @viss suggested ffmpeg – A command line utility and graphics library, not so trivial. It did rotate, but the quality drops noticeably.
  • @viss suggested The ‘Rotate My Video‘ web site – It is a bit slow for file upload and conversion, but very easy to use. It played the video correctly in my browser, but when I saved the video the final copy was not rotated.
  • @DeviantOllam suggested (in DM) the Rotate Video FX app for Android – I thought the UX wasn’t intuitive for starters. It did rotate the video for immediate playback, but no apparently way to save the new video back to the device. Sharing it brings up the usual Android options, but uploading the video to google drive and the video was not rotated.
  • @elkentaro suggested Apple’s QuickTime Player – Even with his reference which is outdated, there is no apparent rotation function. Even the ability to save a file is now ‘Pro’ only.
  • MegaManSec suggested ImageMagick ‘convert’ utility – this didn’t work and gave me a nice reminder of the old ‘terminal flash attacks’ from the early 90s.
  • @DeviantOllum suggested Virtual Dub but warned me that some versions handle MP4 and some don’t. Thus, I didn’t try it.
  • @Grifter801 suggested VLC but qualified it “just for viewing”.
  • @mehebner suggested Open Shot Video Player but said it is Linux only, which isn’t convenient.
  • @cl suggested iMovie but it is Mac OS X only, which isn’t convenient.
  • @cl suggested Facebook but he isn’t sure you can save after. I am fairly sure you lose quality though.

The final recommendation, and the one that worked the best for me, is Handbrake suggested by @bmirvine. The upside is I had it installed (but an old version) and am familiar with it to a degree. The best part about conversion is that the video does not lose any quality. The downside is trying to figure out the ‘Extra Option’ argument to rotate is a raging mess, as seen on this thread. I found that using “, –rotate=4” as the extra option worked for version 0.10.5.0 64-bit (latest as of this blog). The only other annoyance is that Windows won’t show a thumbnail of the newly saved video for some reason. [Update: with a newer version of the K-Lite codec pack, the thumbnails render fine.]

There are my quick testing results. I hope it helps. I’d like to give a big round of thanks to all who contributed ideas late night. Reminds me that Twitter has some value and isn’t a cesspool of insipid political tripe. =)

Twitter’s crowd-sourced blocking idea good, implementation bad…

Yesterday I saw a few mentions of Twitter’s new method for “crowd-sourcing” user blocks. The idea is that one person may have blocked dozens of trolls, and you want to do the same without having to dig through a lot of Tweets. I read about how it was implemented, sighed, and moved on. Last night, someone I respect for his technical prowess over the years said it was “well done”, and I disagreed. He said I should post a blog with my idea, so your wish is granted.

welldonetwitter

The Twitter blog that outlines the implementation says some users “need more sophisticated tools.” Sophisticated, not convoluted and annoying to implement. There is a big difference. From the blog:

To export or import a list of blocked accounts, navigate to your blocked accounts settings on twitter.com. Click on the advanced options drop-down menu and select the action you want to take.

To download a list of your blocked accounts, select the export option and confirm the accounts you want to export.

The blog doesn’t even explain the next part for some reason, and I am curious why. Could it because the process starts looking more hassle than benefit? The next step is to host that block list somewhere, advertise you did so, have another user download it, then they go to twitter.com, and imports the list. Fast and easy right? Of course not; that is one of the most convoluted methods of using this type of feature. Your average Twitter user, especially the huge percent that only use it via mobile, simply will not go through this process (and cannot easily do it if they wanted to). Even sitting at my computer, having to do actions outside my Twitter client is annoying and this has too many steps.

How about integrate the functionality instead? Every client has a way to look up a user, or interact with them.

block-context

Just about anywhere on this context menu works nicely. “Add/Inherit @AlecMuffet’s blocks…” or “Block @AlecMuffet’s blocks…” or “Share @AlecMuffet’s blocks…”. One click and a confirmation box, and I could take any of his exported blocks and make them my own. That presents a smoother, more easily crowd-sourced model that is the intent here. If I have multiple accounts, it is three clicks as I choose which account (or all accounts) to add blocks to. Compare that 2 or 3-click method, with the one Twitter came up with. Designing the “User Experience” (UX) is an art, and not many companies do it well. It is often due to the disconnect between how the developers use a product or service and how their users or customers use it.

An Open Letter to @Twitter

Dear Twitter,

You run one of the largest and most visible social network sites on the Internet, highly visible to millions that don’t even have Internet access due to media saturation and today’s lexicon. And you suck at it. Despite your recent IPO and suggestions that you finally figured out how to make money off this beast you have created, you still don’t seem to understand the first thing about the monster you created. Namely, how your users actually use the service. Your overall user experience (UX) is horrible. In no particular order, a few of the incidents and poor decisions that support my case:

  • The dreaded “Twitter unfollow bug“. This has been plaguing your platform for many years, and you still have yet to solve it. Worse, you default to sending us junk mail asking if we know people, trying to get us to follow more people. These two things are at odds with each other.
  • When you finally made it easy for a user to download an archive of their tweets, you sent a URL that was broken. Only a fraction of your users could see that you were HTML encoding an & sign in one place, and manually fixing it would allow the download. The fact you missed this shows that you essentially have no Quality Assurance (QA) testing in house.
  • Your emails are annoying. I specifically opted not to receive them in the past, only to have you revert my decision, the subjects are laughable. Not only are they written with no thought to how they appear outside your world, you seemingly can’t figure out the purpose of a profile or make brain-dead assumptions about all users.
  • Subject: Do you know cyberwar on Twitter? <– errr…
    Subject: Twitter followers want to purchase from your business! <– hot damn. now I need a business plan…

  • Twitter on a Tab? No thanks. When opting not to receive audible notifications, your software ignored that and kept dinging at me happily. No means no. Again, in your attempt to get more people using your service, you completely forget the basics of the UX and that all software should receive some QA time.
  • One of the most frustrating problems recently, is your constantly changing decision on how to handle URLs in direct messages. One day, they aren’t allowed without warning. The next day they work again. Days later, now I can’t send the same URL to the same person because I have “already said that”, even when the accompanying text is different. News flash: some web sites do not have static content on their front page. If you need an example, check out this web page: twitter.com. If you can’t figure out that I am friends with someone via the mutual follow, or the fact we have conversed via DM for months (or years in some cases) and that we may want to send URLs to each other, just get out of this business.
  • Your inability to fight spam on your service has moved beyond a running joke and on to the “sad” category. You still cannot detect profiles that are obviously spam and have every indication of being easily pegged by a half-way intelligent algorithm. At least twice, you have identified Twitpic as a “hostile” service, calling it “malware” once. All the while allowing these spam profiles to send sketchy links.

I fully understand that the size of your network makes some of this challenging. But this is also on you, because you opted not to address these problems years ago when it was more manageable. Instead of fixing these recurring nuisances with a solution that scales, you let them languish until they are beasts that are more difficult to vanquish. The list above is just the ones that come to mind quickly this morning.

In summary, you suck as social media. You don’t care about your users beyond figuring a way to profit directly off of them. In case it has slipped your mind, you need us. We are your business foundation. Figure a way to profit off of us! Just do so while occasionally paying attention to your user base please.

Sincerely,
@attritionorg

Android & Granular Permissions

For Android-based phone owners, you are no doubt passingly familiar with the permission system that governs applications and what they can do. Every time you install an application, the device will ask you if you accept a list of permissions that it says are required for it to run. If you want the app, you must accept the permissions no matter what they are.

In theory, users can simply decline an app that requires excessive permissions and find an alternative. After all, there are over 1 million apps available right? Many won’t even read the permissions, while others may casually dismiss them because they are clearly stated, and any app in the Google Play store has to be legitimate!

The problem is that even the most simple and legitimate apps may request a variety of permissions that are not needed to make the program run:

Screenshot_2013-08-22-19-09-55   Screenshot_2013-08-23-19-12-04

A classic example of an application requesting permissions that aren’t required can be seen in the T-Mobile MyAccount app. The app is designed to give a user information about their T-Mobile cellular account, nothing else. This should take nothing more than permission to send and receive network data from their servers. Instead, the app has traditionally wanted extra permissions that are excessive. Worse, the latest version wants more, including “System tools” that give the app even more control over the phone. As T-Mobile is my provider and I don’t want to call them to find out account information, I have to accept their overly broad permissions. There is no alternative application in this case.

The second example is Avast Mobile Security & Antivirus that expects keys to the kingdome. There is a bit of irony that a security app wants enough permissions to completely own your phone, the same threat it claims to protect you from.

The Alternative

The obvious solution to this problem is setting it up so permissions are granular. This would allow a user to deny a specific permission while allowing others. If denying a specific permission causes the application to stop functioning, the user could enable it again if desired.

How hard is it to implement this for Google and Android? Trivial. This is readily apparent in that phones that have been jailbroken already allow it. Android users have requested this feature from Google via Ticket 3778. If you are an Android user and want to see this implemented, load the ticket and ‘star it’ (click the star on the upper left) to indicate you want it. If Google opts not to implement that one, there is a similar feature request (Ticket 6266) that would give a set of optional permissions an app wants, but are not required to function.

Until we get granular permissions, the concept of security in the context of applications will be a lost cause.

Exploding the Review

In the early 90’s, when I was moving in the world of computer bulletin board systems (BBS), it ultimately ended in my interest in phreaking. It started out reading t-files, moved into wardialing, and a few years later would result in PBX, voice mail, and switch hacking. While I got a late start in the phreaking world, it involved a world of reading including years of historical activity related to the phone system. Blue boxes were all but a thing of the past. Rumors of a switch or two still allowing you to seize a trunk floated around, but the time and effort of building a box based on rumor wasn’t so appealing, especially after some thirty years of it being the primary tool of the trade.

Red boxes still worked and were fun. Like the phreaks before me and my friends, we didn’t have many people to call, but it was fun using them. Something about that spoofed quarter signal, dee-dee-dee-dee-dee in rapid succession. From there it was the world of voice mail hacking. At first, just to see what the system were about. That quickly morphed into trying to find out which ones allowed outdial, putting me on the eternal hunt for diverters. At some point, enough information emerged about switches, and after a chance lesson from a veteran, a few of us learned the absolute basics of the 1AESS switch. Within a year or two, the Internet was taking a hold of our minds. Mind you, this was when DNS was still largely controlled via your own HOSTS.TXT file, before BIND was prevalent.

I offer this history because it heavily influences this review, and my enjoyment of a book.

Cover-New-200

Exploding the Phone gives a fairly comprehensive history of the origins of phreaking (phone system hacking). Written by Phil Lapsley, foreword by Steve Wozniak, the book was published earlier this year.

The book “Exploding the Phone” opens with a curious story of a classified advertisement in the Harvard Crimson student newspaper:

WANTED HARVARD MIT Fine Arts no. 13 notebook. (121 pages) & 40 page reply K.K. & C.R. plus 2,800; batter; m.f. El presidente no esta aqui asora, que lastima. B. David Box 11595 St. Louis, MO 63105.

This story is a launching point into the curious world of the early phone hackers, known as “phone freaks” that later became “phone phreaks”. After a brief history of the creation of the phone system, Lapsley takes us through the early world of blue boxing. By sharing the stories of several early phreaks that independently discovered the 2600hz signal and how it could give them free calls and the ability to explore the phone system, we see that an entire generation of what is now known as ‘hackers’ were in it for the love of system, nothing more. Because nothing can be that pure, we also learn of bookies in the 60’s that used phreak-made blue boxes for profit, by evading long distance bills for their numerous calls. Along with the phreaks are the stories of the phone company security and law enforcement that began to investigate them.

We get detailed stories of blind phreaks like Josef Engressia (aka The Whistler), Bill Acker, and Rick Plath. Instead of rumors and lore, Lapsley took extensive time not only researching them, but speaking with them when possible. The stories continue with the phone company struggling to figure out this new wave of people using the system in ways not intended. The reader enjoys some of the classic pranks pulled by phreaks, as they routed their calls all over the world, even to the Vatican. The history lesson continues with the tale of John Draper, aka Captain Crunch, who did not discover the cereal-box whistle blew the 2600hz tone (he was told that by phreaks that figured it out years before). As with all hacker culture, the drama of snitching and trying to evade serious punishment enters the picture. The book wraps up with more recognizable names like Steve Jobs and Steve Wozniak, and their founding of Apple based on selling blue boxes.

To anyone remotely interested in phreaking, or phone systems in general, I highly recommend this book. The author has done a wonderful job outlining the past through colorful stories, new details, and a great sense of what the culture was like.

T-Mobile’s Poor Implementation Works Against Amber Alerts

Just over a month ago, I received a pop-up alert on my Samsung Galaxy 3 (via T-Mobile) with a standard, and persistent, emergency broadcast noise…

Emergency alert
Longmont, CO AMBER Alert: LIC/245FLJ (CO) 2001 Blue Ford F350 Pickup truck
Type: AMBER Alert

The noise stopped briefly, then picked back up again until I tapped “OK”. This is a radical departure from the previous product behavior and service provided. Presumably this came with the latest Android update T-Mobile pushed shortly before (May 13).

No warning about this change, no indication where the alerts are coming from, no explanation on criteria for receiving (Longmont is almost 40 miles north of me, outside a metropolis of ~ 4.5 million), no indication of how often we receive them, a repeating noise that we have to acknowledge (as opposed to SMS that gives a noise/vibration one time only), etc. I’m not opposed to getting such warnings but I should be able to opt in and control the settings for how it is displayed.

One hour later, I received the same alert. That is intrusive and annoying. When it happened, I thought “if this shit happened at night, it would wake me up and force me to get up to ack the alert and turn off the phone” and just that happened. Wednesday early morning, at 5:20AM I received another. As I thought, it woke me, given the emergency sound and vibrating on my desk.

amber_alert

Looking at the SMS options that control this is also interesting. I now have to receive “Presidential Alerts” and cannot opt out of them. There are also Imminent Extreme alerts, Imminent Serious alerts, and the Amber alerts that I have received twice now. What are the others, and what differentiates them? When was the last time a Presidential broadcast was sent to everyone’s email address or home phone number? Absurd you say, why is it all of a sudden OK to send them to every subscriber’s cell phone?

What bothers me the most is that the Amber alerts, and presumably the others, do not adhere to the rest of my SMS settings. When I get an SMS, it vibrates once, makes an audible noise of my choice once, and sits idle until I check the phone. Amber alerts come up with a different sound; one that repeats until I acknowledge it.

Screenshot_2013-05-25-17-28-55

This is ridiculous. I want to receive them, but on my terms. The current setup and being woken at five in the morning forced me to disable the Amber alerts. T-mobile’s crappy technical implementation has worked contrary to their intentions by annoying customers into disabling them. This works against the entire purpose of having the alerts pushed via cell phones.

T-Mobile SMS Disclosure

Yesterday while waiting for a friend to arrive for a movie, I got a curious text from an unknown number with a 337 area code, saying that I had the wrong number. Since I had not called or texted that number, I replied as such. A few texts later, the stranger sent a screenshot of their phone showing that I did send them messages.

Looking at my sent messages, the messages received by my friend, and the screenshot from the kind stranger, I figured out what happened to some degree.

I sent a string of text messages to my friend. She received most, but not all of them. For whatever reason on the T-Mobile side, they decided to send a few of my messages to the stranger. Note that my friend and the stranger do not have similar numbers, and that they are in different area codes even.

Screenshot_2013-06-04-16-59-20

What is odd is that the stranger got a few of them, but not all, not even all of the ones sent in the same ~ 5 minute period.

Screenshot_2013-06-04-16-59-11

Further, my friend got one of the messages that also went to the stranger. So not only were some mixed up and sent to a stranger, one went to multiple people. It’s pretty clear that this was a one-off situation, but it makes me wonder what happened, if it happened to other people, and/or how widespread it was. The obvious implication of this issue is that a sensitive SMS redirected to an arbitrary person could be embarrassing to say the least.

Figured I would document it here for posterity and just in case it happens again to someone else, they can hopefully find prior incidents.

Welcome to the Internet…

No matter how many articles, news segments, books, web sites, infgraphics, or rumors that warn people about the perils of the Internet, people still flock to this magical Mecca thinking it will bring great entertainment, answers, or whatever else (porn). While I have been in InfoSec for most of the last 20 years, this post is not to warn you about the evil hackers and cybercriminals lurking in every tube. You are basically fucked; your information will be stolen at some point and you will likely be unwittingly involved in fraud. This post is to help you cope with the rest of the Internet. The message forums, mail lists, social media platforms, and comment systems on everything from Youtube to your favorite shopping site.

On a slightly more serious note, you have likely read about incidents of suicide due to “cyber-bullying” [1] [2] [3] [4]. While the news headlines are dramatic, emotional, and full of sorrow, a few fundamental truths continue escape most people. First, a more rational study on so-called “cyber-bullying” finds it is rarely the only thing that caused someone to commit suicide. Second, there is absolutely no comparison to be made between real-world bullying and online bullying. A kid goes to school everyday and may face a bully. There are no alternatives, they can’t just choose to go to another school. Day in and day out, they are forced to be close to the bully. There is also a level of physical intimidation or outright battery against the kid that cannot be compared to a text-based insult. The over-used and ignorant term “cyber-bullying” forgets that if someone is in a confrontation online, they can simply turn the fucking computer off. If someone is in a confrontation and opts to stay online, one must question why. Many adults will stay in the fray because they want the abuse. Either to dish it out themselves, as an outlet for their own frustration, rage, or hate, or because they are a glutton for abuse and fascinated by what these anonymous strangers can serve up. All this hype over cyber-bullying is just that; hype. It may be the straw that broke a few camel’s backs, but it isn’t the root cause of any issue.

On to dealing with the heathens on the Internet! First, understand you are outnumbered, outgunned, outlasted, and most certainly outsmarted. There are legions of people out there that have a single hobby, trolling you. Second, now that you know this, you can be better prepared. Third, there are some rules and laws of the Internet that will help you survive, and flourish. No, these are not actual laws on the books, not found in law libraries, not argued in courts. They exist in a higher power on the Internet; the unregulated masses that somehow manage the content when it suits their needs, along with common sense and just the way humans are wired.
These laws and guidelines will let you navigate this cesspool more safely. These range from the amusing, but true, to the more serious that should have you thinking. Knowing these laws like you know the back of a Twinkie label will help you enhance your calm and traverse the cyber-Wild-West©®™.

Poe’s law:

… is an Internet adage reflecting the idea that without a clear indication of the author’s intent, it is difficult or impossible to tell the difference between an expression of sincere extremism and a parody of extremism.

In the real world, you have hundreds of cues in conversation that you likely aren’t aware of, or do not give thought to. Tone of voice, body language, facial expression, or previous minutes of conversation. Together, they give a whole subset of context that allow you to distinguish between humor and a serious argument. In short, sarcasm relies on these cues. If you can’t distinguish between the two, how does it affect your interaction?

Godwin’s Law:

It states: “As an online discussion grows longer, the probability of a comparison involving Nazis or Hitler approaches 1.” In other words, Godwin said that, given enough time, in any online discussion—regardless of topic or scope—someone inevitably makes a comparison to Hitler or the Nazis.

Hitler and Nazis are offensive! They are the devil! So of course someone will degrade to comparing you or your argument to a dictator and leader of a regime that was responsible for the death of 11 million people. Basically the same, right? That logic is equally infuriating, and they know it dumbass.

Rule 34:

Generally accepted internet rule that states that pornography or sexually related material exists for any conceivable subject.

A Christian rock band dressed as panda bears with little armadillos singing K-pop but dancing to trip-hop while running around stage? Somewhere, someone is jerking off to it. If that exists and is offensive, think about it in the context of your argument and your feelings.

Skitt’s Law:

Any post correcting an error in another post will contain at least one error itself.

Don’t even bother trying to correct someone’s mispelling or grammar. As soon as you do, another person will correct an error in your correction. Instead of looking smart, you will look ironical and dumb. Note: This is also known as Muphry’s Law.

Pommer’s Law:

A person’s mind can be changed by reading information on the internet. The nature of this change will be: From having no opinion to having a wrong opinion.

Perhaps the greatest threat to society, the sheep we’re surrounded by, will read and believe anything and everything, especially if it suits their existing bias. One well written argument, no matter how wrong, can influence many.

Law of Exclamation

The more exclamation points used in an email (or other posting), the more likely it is a complete lie. This is also true for excessive capital letters.

YOU HAVE TO BELIEVE THIS BLOG OK?!!! YOU KNOW I AM RIGHT!!!!!1!!

Danth’s Law

If you have to insist that you’ve won an Internet argument, you’ve probably lost badly.

I’d also include people that don’t so much insist, as they do try to convince you. Some spend more time trying to convince you that they won the argument, than actually presenting facts or arguing the original issue.

Dunning–Kruger effect:

The Dunning-Kruger effect is a cognitive bias in which unskilled individuals suffer from illusory superiority, mistakenly rating their ability much higher than average. This bias is attributed to a metacognitive inability of the unskilled to recognize their mistakes.

I know, I got all fancy on you with psycho-babble, but this is an important one. In very simple and blunt terms, stupid people are not only stupid, they are unable to realize this. They think they are smarter than other people, and as such, are unable to recognize or admit their own mistakes. This is why you will argue with an obvious moron, and wonder if s/he is really that stupid, or trolling you.

Online Disinhibition Effect:

The core concept of the Online Disinhibition Effect refers to a loosening (or complete abandonment) of social restrictions and inhibitions that would otherwise be present in normal face-to-face interaction during interactions with others on the Internet.

This can be boiled down to an age-old insult that strikes to the heart of the matter. “You’re an Internet tough-guy!” This concept is why the 13 year old scrawny geek living in a basement can not only stand up to a muscle-bound jock with a social life, but why one can enrage the other. Put another way, on the Internet, no one knows you are a dog This is also known as the Greater Internet Fuckwad Theory.

Occam’s razor

Occam’s razor .. states that among competing hypotheses, the hypothesis with the fewest assumptions should be selected.

For those of you prone to get into arguments on the Internet, remember this one. Conspiracy theories are all over, some more spectacular than others. This is also good for people who tend to believe anything. No, that Nigerian prince won’t really send you a billion dollars.

Collective behavior:

I’ll leave this one to you. Read the link, which is very academic, and consider it in the context of the words “collective behavior”.

—–

With these rules, laws, and guidance, you are now prepared to withstand the perils of the Internet.


Shortly after publishing, loyal readers pointed out additional laws could, or should be included. Courtesy of Lisa Boals:

Wheaton’s Law

One of the core messages of Wheaton’s speech was the importance of sportsmanship in online gaming, which eventually became encapsulated in the phrase “don’t be a dick.”


Reading a magazine weeks later, ran into another that I forgot to include in this piece. Selective perception allows people to read a rational discussion with facts, and still ignore opposing viewpoints.

windows is beyond a joke (or, why we’ll all be using macs soon)

Mom has been limping along on a 7 year old computer that tries to run XP. Unfortunately, Dad loaded MS One LiveCare on it and didn’t realize that they could do the internetz w/o the MSN software from the ISP. This comp is a dog, so miserably slow I would literally throw it in the garbage if it was mine. We finally talked Bill into getting a new computer, but it has Vista on it, with a coupon to jump to Windows 7 when available. So I have her old slow comp with XP, her new fast comp with Vista, and the self-imposed task of installing software and moving files over.

I got my start on Linux, used Windows along the way for personal desktop / multimedia / etc. All along the way, for almost 20 years now, i’ve despised Windows for being poorly written, given minimal QA and generally being about the most un-intuitive operating system out there. Compared to my recent Mac Air purchase and experience, I can’t see how people tolerate Windows any more.

Today, these are the stupid problems I ran into that remind me yet again, why our industry needs to move away from Windows (any version):

– Windows LiveCare. Microsoft’s (failed) move into security. Supposedly protects a PC by managing a firewall, having a subscription to some signatures etc. In reality, it is the most invasive and annoying software you can get. The amount of times it pops up with vague warnings of not being protected are absurd. Not to mention the ‘Windows Live’ suite shows up over a dozen times in the installed software (less than the 23 pieces of software that show up after installing Canon’s tools for her camera), embeds itself into everything it can (yet another ‘toolbar’ for IE). I uninstall it to try to make the rest of my task easier, only to have it force IE to load, dump me on a Microsoft page to take a survey about my experience with it, and promptly tell me the survey is closed.

– XP computer shares out the entire D drive. Vista mounts that drive, and can copy some files but not others, citing ‘permission problems’. All of the files/directories on the XP machines were created at the same time, by the same method, by the same person. Why do some magically have permissions that restrict this operation?

– Vista, their idea of security through ‘UAC’ is so pitiful you can’t even laugh at it. Every single thing you do, click a warning dialog 2 – 4 times. Copy a file, install software, load some programs, anything. It makes you click these warnings so often, any user will become numb to them in 18 seconds and start blindly clicking them. What’s the point? Is that really how Microsoft envisions good security working, to nag the user like that? Rename a local folder on Vista, click twice to confirm/allow.

– Manage to share a drive out on Vista, mount via XP and try to copy files. Apparently, even with XP, Microsoft never figured out file-by-file copying. The 6 gigs I try to move bomb out after a few minutes and gives me “not enough server storage is available to process this command”. Err ok, so the copy is aborted, just try to open the shared drive and same error. Yes, I have to reboot just to access the share again. After reboot, can’t mount the share anyway with the ever descriptive “The specified server cannot perform the requested operation” message. After renaming the folder, resharing it AND rebooting Vista, XP can mount it. (over 10 gigs to move, XP comp only has USB1, that wasn’t an option)

– After three reboots (security patches, windows patches Norton), Vista runs fine. Fourth reboot it wants me to install driver software for my PCI Simple Communications Controller. WTF? The HP Advisor software I disabled is back. WTF? Trying to reinstall the modem software that I removed because it said it was taking 18.2 GIGS of space.