Viewing events for Windows 10 Controlled Folder Access

I wrote about Controlled Folder Access not long ago. Since then, I’ve seen it throw a few dialogs telling me that a particular application was blocked from doing something, but I generally didn’t pay much attention unless I found something that didn’t work. The desktop notification doesn’t show the full path of the blocked executable if it’s anywhere in \program files or \users\appdata. There just isn’t enough room.

Today I saw a message pop up that had some Chinese characters in it– you’d better believe that got my attention. I wanted to see what CFA had blocked. A little digging around led me to an article that explains how to easily create a custom view that shows CFA events. Sure enough, here’s what it showed:

Someone’s up to no good

Since I don’t use Internet Explorer, it’s pretty clear that something is on my machine that shouldn’t be, but, at least for now, CFA has prevented it from doing anything too nefarious. Off to the malware scanner I go!

Advertisements

Leave a comment

Filed under General Tech Stuff, Security

2017 in review: my top 10 reading list

I decided to post my 2017 reading list a little earlier because there are some real gems here that would make great holiday gifts for people who enjoy various genres. for today, my top 10. In a day or two, the rest of the year’s haul; expect another post around the 31st with the books that I finish between now and then.

Here are my top 10 for 2017 in the order in which I read them:

  1. John Wayne: The Life and Legend. Superbly rich and detailed bio of an American icon– I came out of this with new respect for his wit and grit.
  2. Eccentric Orbits: the Iridium Story. Excellent in every way. Reads as much like a thriller or murder mystery at some points as a business book. (Spoiler: Motorola did it, or tried to).
  3. Spaceman. Lovely autobiography by astronaut Mike Massimino. Uplifting and motivating. Great for kids who might be interested in the space program or STEM in general.
  4. Dreamland: The True Tale of America’s Opiate Epidemic. Enraging and sad. I can’t tell whether I was more angry at the companies and people who profited from the explosion of prescription opiates or the Mexican cartels who simultaneously flooded the US with cheap heroin, both driving and benefiting from demand for prescription pills.
  5. Walking the Amazon. Bugs! Machetes! Killer natives! Exactly what the title implies: a man walks the length of the Amazon river. Fascinating look into something I never want to have to experience myself.
  6. Mississippi Blood: like getting in the boxing ring with Evander Holyfield in his prime, this book is a continuous series of hammering body blows. Unrelenting conclusion to the three-book “Natchez Burning” arc. Grab a cup of coffee because this will take a while to get through.
  7. The Fireman: I was initially skeptical of this post-apocalyptic novel, but in the first few pages the wit of the writing won me over.
  8. The Jealous Kind. I am a lifelong James Lee Burke fan but this is probably his crowning achievement. Set in 1950s Houston, the novel is at once a romance, a coming of age, and a polemic, and it has an ending that for me hit the perfect note combining the three. Burke has a tendency sometimes to make his villains cartoonishly, over-the-top bad guys but the ones here have understandable motivations, and all except the worst are clearly struggling to redeem themselves. And his main characters… wow. Read this.
  9. Atomic Accidents. I have a pretty solid layman’s understanding of atomic power technologies and their history. At least, I thought so until I read this book. One of the clearest, most interesting, and least biased scientific histories I’ve ever read, and absolutely bursting with little-known facts (example: high-speed power-plant turbines are cooled with gaseous hydrogen!)
  10. Stonemouth: atmospheric novel centering on a man’s return to his boyhood home in Scotland, very much against the wishes of a local crime family. Well plotted with vivid characters and a terrific sense of place.

Yesterday’s Kin

Leave a comment

Filed under General Stuff

Quick impressions of the Harman Kardon Invoke Cortana speaker

I’m an early adopter. This is both a blessing and a curse.

Thanks to John Peltonen, I installed some X-10 home automation gear back in the early 90s and have long wanted a more automated home, so when Amazon started shipping the Echo I bought one and threw together an ad hoc home automation system. My “robot girlfriend” Alexa can control various devices, including the kitchen and master bedroom, floor and desk lamps, my security system, and my thermostats (a Nest downstairs and an el cheapo Honeywell upstairs). I have a mix of LIFX bulbs (wouldn’t buy them again), WeMo switches, TP-Link smart plugs, and Lutron Caseta dimmers/switches, plus a GoControl garage door controller. It all works pretty well.

The Alexa devices have pretty quickly blended into my normal home workflow. I use the one in my bedroom like a clock radio, and to control the temperature when I’m in bed; the one in my office gets frequent use for adding items to my grocery list when I remember them, and the kitchen unit is an all-around music player, news source, multi-function timer, grocery-list keeper, and audiobook reader. Overall I’m well pleased with the Alexa devices and ecosystem.

But.

Alexa as an assistant is far behind both Microsoft’s Cortana and Apple’s Siri. (For another time: my thoughts on what each smart-assistant platform is good and bad at, e.g. Siri is dumb and has poor voice recognition, for example, but has a few idiot-savant skills that are useful and both benefits, and is limited by, Apple’s strong emphasis on on-device processing). It’s safe to say that Alexa is mostly a portal to Amazon’s services, which is fine; as a heavy consumer of Amazon services I’m OK with that.

However, I got spoiled by the quality of Cortana’s assistant functionality on Windows Phone and have continued using it on Windows 10, so when I saw that Microsoft and Harmon Kardon were partnering to make the Invoke, a Cortana-powered competitor to the Amazon Echo, I was intrigued. For Black Friday, Microsoft was selling the Invoke for $99, and I had a $50 Microsoft Store credit, so I figured for $50 it was worth taking a flyer. The Invoke got here yesterday and I spent a few hours setting it up and playing with it. Here are my initial short-term impressions.

  1. The device build quality and packaging are excellent. I prefer the physical design and finish of the Invoke to the Echo. They are similar in size.
  2. The Invoke has a power brick instead of a wall wart. That is inappropriate for kitchen use.
  3. The out-of-box-experience and initial setup for the Invoke are very smooth, better than the initial experience for an Alexa device. All I had to do was power on the device and tap “set up my speaker” in the Cortana app. Whereas the Echo/Dot require you to manually switch wifi networks, the Invoke just magically figures out how to set itself up. (The Invoke immediately had to download an over-the-air update but this was painless and fairly fast.)
  4. The sound quality of the Invoke is much better than that of the original Echo. The new Echo 2 supposedly sounds better. The Invoke produces rich, clear highs, solid midrange, and decent bass for such a small unit and it seems louder than the Echo at max volume.
  5. The Dot and Echo have an LED ring around the top that lights up to indicate when the device is listening. The Invoke has a small touch-sensitive screen on the top. The ring is easier to see from a distance (and can be used to indicate when there are notifications, etc) but the touch-sensitive screen is an easy way to interact with the device. I’ll call this one a draw.
  6. Cortana functionality seems to be on par with the iOS Cortana app, and somewhat behind the Win10 app’s functionality.
  7. Cortana has very few skills compared to Alexa’s skills library. On both platforms, many of the skills are either stupid (I don’t need a skill to play the Notre Dame fight song, thanks) or not useful to me (I’m not a Capital One customer so their skill doesn’t do me any good).
    1. Cortana doesn’t have skills to control TP-Link smart plus, LIFX light bulbs, or WeMo switches– all of which I use heavily.
    2. It is completely non-obvious how to add or manage skills. Some skills are built into the device, like Spotify and Skype. Some require you to install an app or to authorize an external service. The process is much more consistent for Alexa devices.
    3. Obviously the Invoke doesn’t have any Amazon skills. I use those heavily too. Being able to reorder cat food, or check on the whereabouts of a package, or listen to an Audible audiobook is very handy.
    4. You enable smart home skills through the Cortana notebook. This isn’t obvious. None of the skills I have seem to recognize individual devices, e.g. the Wink skill just ties Cortana to the Wink hub, and there’s no way I can find to tell Cortana to find new devices through the hub.
  8. Within the first 30 minutes, I ran into a bug– the device would say it couldn’t understand me, no matter what I said. I’ve seen other people mention this online so it’s a legit bug.
  9. I couldn’t get the Wink skill to control my garage door. This might just be because I didn’t know what to say to it; the same skill works fine with my Caseta dimmers and switches though.
  10. You can only set one kitchen timer at a time. Multiple concurrent timers is a key Alexa feature for me because I lack the skill to coordinate cooking multiple dishes without timers.

One feature I really like and can see myself using a lot is the integrated Skype calling. A simple “Hey Cortana, call person” is all it takes. I’m not 100% sure where Cortana is getting contact data from. If I say “call Delta Airlines,” it calls the local Delta Cargo office instead of the number in my contacts. If I say “call Walmart,” the device looks up the nearest Walmart and calls it, which makes sense because I don’t have Walmart in my contacts list. If I name a person in my contacts list, it calls them. Alexa has a very similar feature, along with the ability to send voice or text messages directly to other Alexa devices, but I never got in the habit of using them. (It doesn’t look like Invoke calls show up in my Skype history; I’m not sure if that’s a feature or a bug).

(Fun side note: if you call either device by the other name, it tells you about the upcoming Microsoft-Amazon partnership.)

For now, the Invoke is definitely a second-class citizen here at the fortress of solitude– with limited smart home integration, I can’t do a 1:1 replacement of any of my Alexa devices yet. But it sounds great, and Microsoft has a long history of rapidly improving their 1.0 releases, so I am optimistic that it will get better rapidly. I’ll keep it.

 

 

Leave a comment

Filed under General Tech Stuff, Reviews

Using Windows GitDesktop with Windows 10 Controlled Folder Access

The Windows 10 Fall Creators Update has a very useful new feature that can dramatically reduce the impact of ransomware: Controlled Folders. You should turn it on (Ed Bott’s article tells you how). Once it’s on, any attempt by an unauthorized program to modify files in controlled folders (including your OneDrive and OneDrive for Business folders and your Documents folder) will fail with an error message like this:

Controlled Folders doing their thing

The problem is, sometimes you want an application to have access to those folders. No problem: you can get there by opening the Windows Defender Security Center app, clicking “Virus and threat protection”, then clicking “Virus and threat protection settings,” and then finally selecting the “Allow an app through Controlled folder access.” It’s an easy enough process.

Unfortunately, you may find that the app you added to the list isn’t the app that actually runs when you try to do something. For example, when you run GitDesktop you’ll see a message like the one above because that app is actually a bundle that includes several binaries. You might think you can just add the binaries themselves, and you should be able to, but instead I got an error saying that the path I had entered wasn’t valid. That’s probably because I (lazily) installed the GitDesktop client on my… desktop… so its binaries are tucked away in my Users directory.

I spent some time scratching my head trying to figure out what to do, then discovered that you could enable Controlled Folder Access with the Set-MpPreference cmdlet. Of course, where there’s a Set- cmdlet, there’s usually a Get- cmdlet, and sure enough…

Get-MpPreference is your friend

A little more digging turned up the Add-MpPreference cmdlet and the associated ControlledFolderAccessAllowedApplications switch. A little digging to figure out which actual copy of git.exe  was being run and I was all set… until I started writing this post and found that SnagIt has the same problem!

Adding a new application

Thus I ended up solving two problems (“why doesn’t GitDesktop work?” and “why won’t SnagIt work?”), learning something new (*-MpPreference), and, at least hopefully, protecting myself and others against ransomware. Onwards!

 

Leave a comment

Filed under General Tech Stuff

Flying Friday: briefs

Recently I was on a work trip to the West Coast. While there, I had a customer meeting at the headquarters of a large utility company. I was a little surprised when the meeting began to see it open with our hostess saying “For this meeting, I’ll be the safety leader. In case of an earthquake, we’ll all duck under the table, cover, and hold. In case of fire…” She then went on to enumerate what we were all supposed to do in each of a variety of different emergencies: fire, active shooter, medical emergency, and so on. This was accompanied by her updating the small, permanently mounted whiteboard on the wall that listed who was responsible for handling each of these emergencies.

While it seemed really odd at the time, it fit in well with the many other safety posters we saw on the walls of this company’s HQ. They were clearly invested in improving their safety culture. Even though it might have seemed silly to brief what we were going to do in case of an earthquake (I’d already be under the table, crying like a toddler) or whatever, I could easily imagine these briefings taking place in every meeting in that building. Despite the inevitable eye-rolling, I believe that would help normalize safety, and safety planning, as an ordinary part of every activity at the company– which is exactly what they’re trying to do.

This same idea applies to general aviation. There are four times when briefings are a routine and normal part of our activities.

First, there’s getting a weather briefing, whether from a human or through a website or app. There’s a standardized flow and format for these briefings to make sure that all the needed information is communicated efficiently and concisely. FAR 91.103 requires pilots to obtain “all available information” concerning flights and that absolutely, positively includes weather information. Even if it weren’t legally required, as a simple matter of self-preservation, you’d be stupid not to get a thorough briefing and take the time to think through what you’ve been briefed on. The rate of change of the weather may be a surprise, but the fact of its change never should be.

Second, there’s the passenger briefing. The FAA private and commercial pilot practical test standards require the applicant to show how to give a passenger safety briefing. This can be elaborate, or it can be simple. For first-time fliers in my plane, I always thoroughly brief them on a few key points: how to open and latch the doors, how the seatbelts work, where the fire extinguisher is, and when I need them to be quiet. I also encourage them to ask questions about things they see, hear, feel, or smell, and to look outside and tell me if they see anything interesting (especially other airplanes). This is a low-key way to have them acting as extra eyes and ears.

Third, there’s the IFR approach procedure. The advent of fancy GPS systems (and coupled autopilots, may their names be blessed) means that some pilots are tempted to let the box do the work. Complacency is how you get AA 965, which killed 159 people and spawned the semi-famous talk “Children of Magenta.” I always read the approach procedure out loud, whether I’m flying by myself or not. Verbalizing each of the waypoints, crossing altitudes, and course changes is a great way both to prime myself for the approach but also to cross-check what I see on the approach plate with what’s loaded into the GPS. For example, for the RNAV 17 into Montpelier, Vermont (shown below), I’d read it back as “Cross REGGI at 6000, turn 168, cross JIPDO at 5000, cross ZAXOL at 4200, above 2980 cross WANUX”.

RNAV 17 into KMPV

The little inset in the upper-right corner of the diagram above is the missed approach procedure. It has a separate textual description elsewhere on the approach plate, and I always read it out too. This is what I’d do if I got down to minimums on the approach above and found that I couldn’t see the runway– I’d fly the missed approach (a straight-ahead climb, followed by a climbing turn to the Montpelier VOR and a course hold there).

Going missed? Here’s how

There are other types of briefings that are common in other parts of the aviation world. For example, military preflight briefings include information about tactical stuff that doesn’t apply to me, and airlines often have maintenance handover briefings when a flight crew picks up a jet for their leg. For me, though, the four types above cover everything needed for a safe and efficient flight… except what to do in case of an earthquake, and I’ll try to figure out how to work that in later.

1 Comment

Filed under aviation

Training Tuesday: setting up swim intervals with your Garmin watch

A few months ago, I wrote a post about setting up run intervals on Garmin watches. This turned out to be a pretty popular topic, because it’s a very useful feature, the alternative being to write your intervals down on a piece of paper and use your watch or stopwatch to track them. Garmin Connect has a similar function for swim intervals, and I’ve recently started using it, but it has a few quirks you should know about to make most effective use of it.

Let’s build an example workout based on what my coach, Jon Fecik, gave me today:

  • 4×500 (15) as…
  • warm up choice
  • 50 stroke focus/50 swim…for stroke focus… continue to swim freestyle but focus on 1. more catch up and high elbow, 2.) extend back end of stroke, 3.) finger tips close like the finger tip drag drill, 4.) tight kick, 5.) drive hips
  • Paddle pull with buoy…moderate effort
  • swim easy cool down

This is pretty simple, which is good, as Garmin’s swim interval tools aren’t quite as powerful as the ones for managing run intervals.

Start by logging into Garmin Connect, then in the left navigation bar choose Training > Workouts. That will take you to the Workouts page, which looks like this:

Start with your workout list, which may look different from mine

At the top, click on the “Select a workout type…” pulldown, choose “Pool swim,” and click “Create a workout.” That will take you to the interval builder, which you may remember from my earlier post. By default, you get a workout with a warmup, a two-repeat interval, and a cool down:

You get a warmup, a cool-down, and a two-repeat interval for free

Before you do anything else, check the “Pool size” field on the right and make sure it’s correct. Trust me on this. You might also want to use the pencil icon at the top to edit your workout name, so you don’t end up with 10 “Pool workouts” in your list.

The controls for each item in the workout are pretty much self-explanatory: the “Duration” field lets you control whether the interval is based on time or distance, and the “Any stroke” pulldown lets you choose the stroke type if you want to specify one. Keep in mind that Garmin’s watches will try to automatically detect your stroke but they don’t always get it right if you swim like I do.

Super important note: if you’re doing drills as part of a set, set the “Any stroke” control to “Drill.” If you don’t do that, the watch won’t count your distance– for example, if you have a 200yd kick set, and thus aren’t moving your arms, the watch will sit patiently at “200 y remaining” forever because it doesn’t see you swimming.

Note the “Rest” control. This is important too. By default, every interval in the set will have a rest after it, of whatever duration you specify. However, the last interval in a repeat will always have a “rest until button press” added to it. Read on and I’ll show you why that is.

The “Equipment” field is important too, and it’s not present in the run interval builder. This is where you specify what pool toys you’re using for a given interval.

Armed with that knowledge (oh, and the knowledge that the “+” and “-” buttons in the repeat block will do what you expect), let’s build my workout. Start by setting the warmup and cool down distances to 500yds of any stroke… that’s easy enough.

The main set is a problem. Jon wanted me to swim 50/50 x 5, where the first 50 is a drill and the second 50 is a normal swim. Garmin doesn’t let you have more than one item in a repeat– all you get is one swim and one rest per repeat set. I don’t know why this restriction exists, as the run interval tool lets you add steps to a repeat, but whatever. So the best I can do is this:

Remember, only one swim step per interval

I’ll have to remember to split the 100 up so that the first 50 is focused on each of the items Jon asked me to focus on. Note that I set the rest duration to 15 seconds, as directed. The builder automatically inserted a rest step after the interval– notice that it even tells you “The last rest in this repeat block will be ignored by your device” in the workout builder.

Now I need a pull set, so I’ll click “Add a step” and set the step distance to 500yd and then use the “Equipment” link to specify paddles. Unfortunately, you can only specify one equipment item (kick board, paddles, pull buoy, fins, or snorkel) so it’s on you to remember if you need more than one item,.

There’s the pull set…

Then the cool down is easy– a distance of 500yd of any stroke.

The completed workout looks like this:

The full workout

Click “Save Workout” and boom, it’s saved and visible on my phone. A quick tap of the “Send to device” button and now it’s on my watch, ready to go.

Using the workout is a little more complex, but not really. On my Fenix3 HR, I just go to Training > My Workouts and pick the workout, then select “Do Workout”. Once you start the workout, the watch will track distance for each interval, giving you an on-screen countdown of distance remaining. It will buzz when you’re on the last lap of each step, so you know it’s about time to stop. Note that it doesn’t mark a step as done until you press the “lap” button– so, for example, when I’m swimming my 100s I have to press “lap” and then the 15-second rest period starts. When the rest period ends (whether that’s because you have a fixed rest or a fixed duration per step), the watch assumes you will start swimming again, so you don’t need to re-press “lap”.

Speaking of fixed time intervals– yes, you can do those. For non-swimmers: this is an EMOM-style interval where you’re supposed to swim a distance and then start at the same time. The faster you go, the more rest you get. For example, if my coach says “swim 100 every 2:15”, if it takes me 2:00 to swim the first 100, I get 15 seconds of rest. If the next one takes me 1:55, then I get 20 seconds. And so on. To set these up, set the rest period in the repeat to “Fixed repetition time.”

Timed repeats are the devil

That’s it– happy swimming! (Oh, in case you were wondering: no, I don’t know which specific Garmin devices support this– certainly the tri-focused Fenix3/5 and the 735/920/935xt do but I don’t know about any others).

 

 

 

 

Leave a comment

Filed under General Stuff

My screen went gray: how to turn off Windows 10 color filter mode

I like to think I know my way around Windows after using it daily since Windows 3.1. Sometimes it still surprises me, though.

Today I was working on a blog post for the ENow blog (stay tuned, you’ll see it shortly). I went to copy a quote from a press release and, suddenly, this is what I saw:

Grayscale Windows screen

Where’d my color go?

I couldn’t figure out what the hell had happened, but my screen was suddenly gray. It was at the correct resolution, and everything looked the same except it was gray. At first I thought I’d mistakenly turned on high contrast mode (which you do with left Alt+left Shift+PrtSc) but nope.

A little digging led me to the dialog shown in the image above. Apparently Windows has a “color filter” mode that, when invoked, makes it easier to see certain colors. It’s intended for people with color-vision deficiencies. For ease of use, Microsoft tied it to a key combination: the Windows key + Ctrl + C. I must have accidentally bumped the Windows key while copying my quote.

Now you know.

6 Comments

Filed under General Tech Stuff