Jeff Duntemann's Contrapositive Diary Rotating Header Image

windows

Using Ancient Software Under Win7

I had a need to print out a few calendar pages today, and after thinking about it for a second, I realized that there was a calendar program of some sort on a pile of ancient CDs in the closet that I had not yet dumped. I had actually thrown out a lot of CDs already because they failed to run under Win7, including a few things that I had sorely missed at upgrade time, like the software that came with two of my three scanners. (Thanks to God and all the fates that there is a VueScan X64 that understands both scanners.)

I dug in a box and there it was: Broderbund’s Calendar Creator 7, copyright 1999. It indicated that the software was for Win9x and NT4. I never remember installing it, and honestly don’t recall how it came to me. I have accepted dead or dying computers from other people who had no idea where to take them and didn’t want to just put them out on the curb. Some of these machines came with cardboard boxes full of odd and often broken stuff, with an alluvial layer of software CDs on the bottom. I’m guessing that this was one of them.

So hey, wotthehell: I popped it into my Core 2 Duo/Win7 lab machine, fully expecting it to fail to either install, run, or both. It installed. And it ran.

Once.

However, during its first run it actually created a calendar for me, and printed several pages as a test. I edited the page layout a litle bit and printed the three months that I needed. Then I closed the program and went on to other things. A couple of hours later I realized I needed one more month, but when I tried to run it again, it croaked.

I would have shrugged and tossed it, except that it did run once, launched by the installer as soon as the installer had finished with it. Hmmm. Since installers have to have admin permissions to do their jobs, this made a certain amount of sense, and suggested that if I could run the app as admin, it should work. I gave it admin permissions. It worked.

The 16-bit colors look a little weird, but it runs full-screen at 1600 X 1200 with only one glitch: Print preview doesn’t quite reflect reality. Screens that big didn’t exist in 1999, so I can forgive it that much. It did the job I needed, didn’t cost anything, and as best I can tell didn’t mess anything else up. (That’s not universal, and it’s why I always install things first on a lab machine or a VM. At least do a restore point before you install weird stuff like this.)

If you ever find yourself in this situation, here’s how you run old software as admin:

  1. Right-click the shortcut to get the context menu.
  2. Select Properties.
  3. On the Shortcut Properties dialog, select the Shortcut tab.
  4. Click the Advanced button.
  5. Check the “Run as administrator” checkbox.
  6. Click OK.

Keep in mind that not all ancient software will be this cooperative. A lot of old stuff won’t run at all, or even install. However, it’s useful to try running it as admin before you flip the CD into the trash.

I may still go looking for a modern calendar program. However, it was a good memory jogger, and made me acknowledge that whoever wrote that thing did a very good job of anticipating the future. This is not universal programmer behavior, trust me, and I am not exempt: A DOS program listing utility I wrote in Turbo Pascal in 1985 or so would run in a DOS box in NT4 and Win2K…but after 1999 passed into history, it labeled the printouts as occurring in the year 19100. So it goes.

Using GWX Control Panel to Lock Out Pesky Windows 10 Upgrade Stuff

A few days ago, a countdown timer appeared on Carol’s Win7 PC when she booted up. It told her that Windows 10 would be installed in two hours.

WTUBF?

I turned off the machine and started digging around online. A lot of people have this problem, apparently. All of us who aren’t already running Win10, of course, have been nagged mercilessly about upgrading since last summer. I don’t care if it’s free. I don’t want it now. If I want it later I’ll pay for it. But just so you know, I don’t plan to leave Win7 land before 2020. I dislike the nags, but nags are just nags. This time MS told me they were going to give me something I didn’t want and hadn’t asked for.

Uh-uh.

So. I quickly learned that the upgrade software is contained in a Windows update module called KB3035583. I turned Carol’s machine on and as soon as I could I uninstalled KB3035583. That ended the spy-movie countdown timer. Alas, the next morning the damned thing was back. The countdown timer now said Thursday, (it was Tuesday morning) which was some comfort. I still had some time to work.

I hid KB3035583. The next morning, someone (guess!) had un-hid it. Ok. This means war. I dug around a lot deeper, and found an enormous amount of cussing and bitching and suggested fixes. I tried a couple of things with mixed success. Then I stumbled upon the GWX Control Panel, by Josh Mayfield of the Ultimate Outsider site. Josh initially released it late last summer, and has been updating it periodically ever since. Josh’s instructions are pretty good, but for something a little clearer, take a look at Mauro Huculak’s article on Windows Central. He did a good job, which I know because I followed his instructions when installing GWX Control Panel on my lab machine. I had no issues, and understanding that MS was about to start messing with my wife’s PC, I installed it on her machine as well.

Like Philip Phillips says, Gone Gone Gone. We’ve not even seen the nag window since Thursday, much less the countdown timer. I quickly added GWX Control Panel to all of our other Win7 machines. Worked every time.

Now, why did Carol’s machine say it was about to install Win10, while our several others just kept nagging? We don’t know how, but Carol’s PC thought that somebody had reserved a copy of Win10. The download manager in KB3035583 had already downloaded well over a gigabyte of stuff, which I assume was all the install machinery and the OS itself. Carol doesn’t remember clicking on anything, nor do I. It’s possible that one or us selected something by mistake. MS seems to be increasingly desperate to get as many people as possible to upgrade, and its popups offer no clean way out.

Ironically, I vaguely remember reserving a copy from my lab machine way back when this business first came up. The lab machine did not have the install files and was not giving me a countdown timer. My only theory is that Carol’s PC may now be using the local IP address that my lab machine was using way back when I (may have) reserved a copy, even though that was in Colorado. It’s kind of crazy, but I have no better ideas.

I don’t have anything strong against Windows 10. I know a lot of people who like it just fine. I will probably use it eventually–once it has several years of history behind it. However, as most of you know, I do not like to be pushed. That’s the heart and soul of being a contrarian. The harder you push me, the more likely I am to go in the opposite direction.

All the usual cautions apply to GWX Control Panel. Do a full backup and a restore point before you install it, just as you would with any new software. Follow the directions closely, and do your best to understand what you’re doing. We’ve had no adverse issues with it, granted that I installed it yesterday. If anything changes tomorrow morning, well, you’ll read about it here.

Odd Lots

  • Verizon refuses to stop using tower-side cookies (which can’t be deleted by mobile device users) even as AT&T has caved on the issue. The solution is to stop using Verizon. That’s what Carol and I are about to do.
  • Relax. Microsoft did not pull the plug on Win7 updates on 1/13. That won’t happen until 2020. What’s going away are new OS features and phone support, two things I don’t think the world desperately needs.
  • I like molten lava as much as the next guy. (Just wait until you read my novella Firejammer, coming out–finally–this spring.) That said, I’m not sure I like it quite this much…
  • With January only half over, the Great Lakes ice cover is now up to 34%. Lake Erie has pretty much iced over completely.
  • Britain’s Royal Society has published some evidence that people born during solar maxima do not live as long as people born during solar minima. It may be folate depletion by UV. Or something else. However, the correlation appears to be real. (Thanks to Neil Rest for the link.) Carol and I are solar minima babies, whew.
  • Discovered two very good red wines recently: Menage a Trois Red, and Menage a Trois Midnight. Both are dry reds, both are fruit-forward, and (in contradiction of the vintner’s Web writeups) neither has any detectable oak. I guess if you’re going to get the hipster market you have to claim oak, even if you lie about it. In this case, nothing of value was lost.
  • I doubt that my readers are dumb enough to think you can lose weight by ingesting chemistry sets like Slim-Fast. But just in case, read what Tom Naughton says about recent diet rankings in content-free publications like US News. Hint: The same doofi who bleat endlessly against “processed foods” (which now means “any foods I don’t like”) are endorsing fructose cocktails like Slim-Fast over Atkins and paleo.
  • Popular Mechanics lists the 14 best cities in America for startups. None are in Silicon Valley, and all are in relatively low-cost areas. Maybe hipster city cachet is finally starting to lose its cachet. Or so we can hope.
  • Lots has happened in CPU architectures since the 1980s, when a lot of us learned it. (I started a little earlier, but the IBM PC brought most of us to a new starting gate at the same time.) Here’s a decent summary. One consequence of all this is that human-written assembly language is less of a win over compilers, and the best reason to learn assembly these days is to understand what your damned compilers are up to in there.
  • Before he broke into the SF business, Keith Laumer was an ace model airplane designer. (Thanks to Pete Albrecht for the link.)
  • Physically small, fanless PCs have been around for awhile, and I was bullish on them until I began using Dell USFF (ultra-small form factor) machines like the Optiplex 780, which are pretty small and almost entirely silent. Should we settle for 1.6 GHz? Only if there’s a specific application in mind, like education (think RPi) or embeddedness.
  • Bill Cherepy sends us news of a thermostatic butter keeper that can keep a stick of butter (block? It’s a form factor we don’t make in the US) at any arbitrary temp from 15 to 23 degrees C. Butter is definitely coming back into its own, bravo halleluia!

Odd Lots

When XP’s svchost.exe Takes 100% of the CPU

I have computers the way some people have mice (those other mice, with legs) and two days ago, a couple of them went nuts. Carol’s SX280 went to 100% CPU usage and roaring fans, and when I turned it on, a second machine (an older SX270) did the same thing. Rebooting changed nothing, though it took a minute or so after reboot for the problem to reappear, which allowed me to do some hasty troubleshooting.

Meanwhile, my quadcore purred along without incident. All three machines use XP SP3, and all three are set for auotmatic updates. I pulled an older SX270 off the shelf that I knew was still at XP SP2 and hooked it up on the bench. Nothing so far. I booted into Windows 7 on my GX620 (it ordinarily runs Mint) and have not seen anything out of the ordinary.

The module sucking all those cycles is the instance of svchost.exe that runs all of the miscellanous Windows machinery, including updates. Hmmmmm.

This is not a new problem; in fact, this rang some bells so old the cloud of dust took an hour to settle. As long ago as 2004, people have reported svchost.exe suddenly taking the whole CPU. Quite a few reports indicated that the culprit was the Windows Update automatic updates client, wuauclt.exe. I turned off automatic updates on the misbehaving machines, rebooted again, and the problem went away.

That’s only a partial solution, of course. And the problem is evidently still with us. In the comments to that post, a user suggested this command series as a fix:

  1. net stop “Automatic Updates”
  2. del /f /s /q %windir%\SoftwareDistribution\*.*
  3. net start “Automatic Updates”
  4. wuauclt.exe /detectnow

In essence, you disable automatic updates, delete all the files from the subdirectory where wuauclt.exe keeps its logs and other data files (you can’t do this if automatic updates is running), restart automatic updates, and then force an immediate check for updates. This worked, and I dusted my hands together in triumph.

Alas, yesterday noonish, both machines again went nuts. Both are scheduled for replacement, so I just let them run. After about two hours of screaming fans, svchost.exe let go of the CPU, and everything returned to normal. In the meantime, my quadcore and that creaky old SP2 machine have shown no symptoms.

I still don’t know precisely what’s going on, but it’s almost certainly some kind of bug in automatic updates. (I’ve scanned all machines for malware and found nothing.) XP updates end next April 1, and by that time I’ll have replaced the two wonky machines with much newer Win7 boxes. (One is already on order.) In the meantime, I’d be curious to hear if anyone reading this has seen the same issue. I expected to see a flurry of online reports and found nothing, right up to a couple of minutes ago. So maybe Carol and I just got to the top of the XP karma fairy’s little list. Still looking, and certainly open to suggestions.

Odd Lots

  • Maybe it’s some of the recent solar storms (the sunspots were not spectacularly high) but I heard both Guyana and the Cayman Islands on 17m the other day–the first time I’ve seen any significant life on that band in several years.
  • I have yet to find an Android ebook reader app that will open and render an MS .lit file, of which I have several. No surprise: Having blown an early and promising start in ebook reader software, MS has recently announced that it is withdrawing the app. Reader is actually a nice piece of work, and the first ebook reader program I used regularly. DRMed .lit books are now just noise, and the rest of them will have to be translated by something like Calibre. DRM, especially when it’s abandoned, trains people to locate cracks and become pirates. Way to go, guys.
  • SanDisk just announced a thumb drive about the size of its own USB connector cap. 4, 8, or 16GB. I’ve now broken two thumb drives by leaving them plugged into the rear edge of a laptop and then tipping the laptop back. If that’s a common problem, this is definitely the solution.
  • What do you do with the Moon once you rope it down? (Watering it would be interesting, though Mars needs it more.)
  • This guy thinks like I do. Just ask Carol. (Thanks to Michael Covington for the link.)
  • I recently found a PDF describing the first computer I ever programmed for money. It was a…1 MHz…8080. It cost a boggling number of 1979 dollars, so Xerox ended up using most of the initial production run in-house. The 3200 cast a long shadow: I got so used to sitting in front of it that when I built a computer table later that year for my S100 CP/M system, I made it just high enough that the keyboard was precisely as far off the floor as the 3200’s, a height that I use in computer tables to this day.
  • How long did it take you to figure out what this really was? (Thanks to Pete Albrecht for the link.)
  • Russian President Medvedev has taken a liking to ReactOS, a long-running and mostly ignored attempt to create a driver-compatible, win32-friendly (via WINE) open source Windows clone. He’s suggesting that the Russian government fund it. Now if Medvedev can convince Putin, we could have quite a project on our hands.
  • I’d never thought much about how you recycle a dead refrigerator. Now I know.
  • Begorrah! Zombies are not a new problem. (Thanks to Frank Glover for the link.)
  • And if that machine gun in your hollow leg won’t slow them down, send them into sugar crash.

Luck Happens: The Blotter and the Pocketwatch

WorkingWatch500Wide.jpg

A couple of people have asked me where I got the Windows blotter wallpaper discussed and shown in the photo on my January 19, 2011 entry. I stumbled across it while looking for art depicting steampunk airships. Jim Strickland and I have been tossing ideas around for a drumlin airship, and I wanted to see what other people had done in that area. Just clicking around, and alluva sudden I was looking at this. Egad, it’s 1600 X 1200 too–no need for me to do any resizing. If you’re widescreen, you might consider this one instead.

I like blotters. I had a desktop blotter at Borland that was an Ampad Efficiency Deskpad 24-003. It was basically a faux-leather frame surrounding a pad of 17″ X 22″quadrille paper, which I have always liked for sketches and off-the-cuff coding. When Borland laid us off they told me I could have it, since they were just going to dump it (and everything else in my desk) anyway. It’s followed me around ever since, though I’m not sure the quadrille paper for it is available anymore.

The only thing that bothered me about the blotter wallpaper was the pocket watch, which (while well-drawn) was just an image, and always read 3:37. (Days later, I found a version of the blotter wallpaper without the watch.) If the watch had to be there, it had to work. And then I remembered something I had seen a long time ago and forgotten.

There’s a widget engine for Windows called Rainmeter. It was mentioned on one blog or another that I followed back in 2008 or 2009. A widget engine is an app that runs without a conventional windowed UI, and allows you to display frame-less output on your desktop. The widgets are basically skins, and the output can be drawn in easily parameterized ways. There are myriad skins for Rainmeter, and while I was experimenting with it back then I ran across a clock skin called Pocketwatch. It looked a little bit Stickley (as does much else in this house) and I would still have it running had I kept Rainmeter across the last couple of Windows reinstalls. (I did not.)

On a hunch I did the obvious: I took a 6″ steel rule and measured the size of the Pocketwatch widget on the screen, then measured the static pocketwatch image on the blotter wallpaper. The face of one was precisely the same size as the face of the other. (The Pocketwatch skin is the face only; the blotter has the whole pocketwatch.) I quickly installed Rainmeter and Pocketwatch. I centered Pocketwatch over the face of the pocketwatch image, and then un-checked the Draggable setting on Pocketwatch’s context menu. Bang! The watch on my wallpaper now keeps time. All free, too. C’mon, people: What are the chances? Sometimes luck just happens.

Displaying Wallpaper on One Monitor Only

DualMonitorSetup500Wide.jpg

I got annoyed the other day (finally!) after being annoyed off and on since, well, almost forever. The problem was this: I was following a Web tutorial explaining how to do something in InDesign. I had InDesign up and maximized (as I always use it) and the Web tutorial in a Firefox window. Firefox wasn’t maximized, but that didn’t matter: Each time I selected a menu item in InDesign to tweak a setting, Firefox vanished under InDesign. That’s just the way Windows has always worked, and for a long time (ten years? more?) I was wondering if there were a better way. Tiling is not an option, not if I want to work on spreads in InDesign. So I just kept on keeping on, with Firefox appearing and vanishing as I ticked off steps on the tutorial.

Until this morning, when shadows on the wall told me that the light bulb had appeared over my head. Yes!

I ran downstairs and got an old monitor off the shelf. It’s a 15″ Samsung SyncMaster 570B, bought for Carol in 2003. She used it until I got her a 20″ display a couple of years ago. It has a mount pivot, and can be used in either portrait or landscape mode. I plugged it into the idle VGA video connector on my desktop, and without any fuss I had dual displays.

I’ve done that before to see how it was done, but never had the desk space for two identical (big) monitors. It wasn’t until today that I hit upon the refinement of putting the second monitor in portrait mode, which takes some space but not as much as anything in landscape mode. Now I can put a Firefox window on the secondary display while working on something full-screen on the primary display, without having to rescue the tutorial window from behind the app window each time I do something in the app window. Victory is sweet–and contains no fructose.

One peculiarity: My desktop wallpaper was partially duplicated on the second, lower-resolution display. The wallpaper image is a desktop blotter (complete with stains) and it just looked wrong having only part of it on the smaller monitor. I wanted the wallpaper on the primary display only, with just a blank color field on the secondary. Remarkably, there is no obvious way to do this. I dug around for most of an hour, trying things in both Control Panel’s Display applet and the NVidia control applet, without success. Then I hit upon this article. The gist is this:

  1. Return the wallpaper image setting in Display | Desktop to None; that is, turn off your current wallpaper. Both screens will now have the same blank color field for background.
  2. Select Desktop | Customize Desktop | Web. What you’re going to do is add a static image (the wallpaper of your choice) for Active Desktop, instead of a Web page.
  3. Click New. In the New Desktop Item dialog, click Browse, and select your wallpaper image from wherever it lives. Open it. Click OK on New Desktop Item. Click OK on the Web tab. Click OK on the Display applet as a whole to close it.
  4. The image you selected will be displayed, probably spanning both monitors. (It did on mine.) Hover over the top edge until the Active Desktop title bar pops up. Click and drag the image to whichever minotor you want to have it as wallpaper. When it’s moved completely onto one display, click the maximize button in the title bar. Bang! There’s your wallpaper, on one display only.

Now, as best I know Active Desktop was eliminated from Windows Vista, so this mechanism applies only to XP and (I presume) earlier versions. (Let me know if I’m wrong about that; I have no Vista or 7 instances here.) Active Desktop used a lot of CPU time and memory, but I think that was due to continuous refresh of the Active Desktop HTML and inane things like Pointcast that people have long forgotten. I don’t see any resource hit for having a static image in place of a Web page.

If I see any system flakiness in coming days I’ll reverse the change and let you know, but so far I haven’t seen a downside. I may try other uses of the secondary display, but I also think I may just turn it off unless I need to read a Web page while doing something else on the primary display. We’ll see.

Restoring Grub with Rescatux

If a task has to be done often enough, sooner or later somebody will automate it. And so it happened with a very common task that I’m glad I didn’t have to do the hard way: Restore Grub to the MBR after a Windows reinstall overwrote it.

Windows does not play nice with Linux the way Linux plays nice with Windows. When you install Linux on a hard drive that already contains a bootable Windows partition, Linux adds the Windows instance to the Grub bootloader menu, allowing you to choose which OS to boot on startup. On the other hand, when you install Windows to a hard drive that already contains a bootable Linux partition, Windows ignores the Linux partition and puts its own bootloader link into the master boot record (MBR.) At startup, the system boots straight into Windows. Linux is still there, but you don’t get to choose to boot into it at startup.

Getting Grub back into the MBR after a Windows reinstall isn’t hideously difficult, but it’s a bit of picky terminal work done from a LiveCD. The trick is knowing how. The canonical description of how to do it is borderline incoherent, including advice like “This method apparently no longer works. Use with caution (if at all.)” The information is all there, but you have to dig a little to make sense of it. (Being a Linux geek helps a great deal.)

There’s now an easier way that I wasn’t aware of the last time I had to reinstall Windows on a dual-boot system: The Rescatux LiveCD. It’s a Debian instance with some scripting added that puts up a wizard and automatically detects installed bootable partitions. It then rebuilds the Grub bootloader menu and points the MBR back to Grub.

A couple of cautions:

  • The wizard is fairly terse. Don’t expect a great deal of handholding. If you don’t have any prior experience with Grub, read the documentation on the Web site. Then read it again.
  • Give the wizard time to work at each step. When you click the OK button, the options reappear immediately, but when there’s some disk access to be done, the script goes off to work and doesn’t give you any indication that it’s working. It doesn’t take more than a few seconds. Be patient.

I failed to be patient the first time I ran Rescatux, and clicked something once too often. (I’m still not entirely sure what.) When I booted the system again, Grub ran and Ubuntu was listed, but this time Windows was missing. There’s some rough justice in that, I guess, but I need to get into Windows just as surely as I need to get into Ubuntu. So I rebooted back into Rescatux and ran the wizard again, giving it enough time to finish each step. Another reboot, and Windows was back in the Grub bootloader menu.

Supposedly Rescatux works with both Grub 2 (the current version) and “Legacy Grub,” V0.97. My system uses Grub 2, and thus I didn’t test its dealings with older Grub versions.

It’s still a little rough, but it saved me a certain amount of eye-crossing terminal work this afternoon, and that’s always a good thing. Be careful and read the doc before you begin, but having said that, I do recommend it.

A Viral SSID

First of all, you can stop worrying about me–Carol and I took an intense week-long trip to Chicago tending to family business, and I just couldn’t summon the energy to post while I was there.

But I was reminded of an interesting thing on the trip home, while we waited at the gate for our plane at O’Hare. I opened my new laptop to check for connectivity, and in addition to the airport’s Boingo network, I saw the oft-encountered but poorly understood “Free Public Wifi” SSID. I’ve seen that SSID in airports on almost every trip I’ve taken in the last three or four years, well-aware that it’s not anything like free connectivity. I’ve always assumed that it was a virus running on somebody else’s close-by laptop, because it’s not an infrastructure node like an access point, but an ad-hoc (peer-to-peer) node instead.

Well, it is a virus, but one of a truly fascinating sort. And that may be a little unfair. It’s not malware in the sense of adverse execution on the machine, but a consequence of some Windows foolishness in XP and (possibly) more recent versions. The “Free Public Wifi” SSID spreads virally without the help of anything except Windows itself. I never completely understood the mechanism until I looked it up yesterday. There’s a great writeup here, and I’ll summarize:

Wireless Zero Configuration (WZC) is the part of Windows that manages Wi-Fi connections. When enabled, it will do the following when the machine is booted:

  1. It looks to see if one of your preferred network SSIDs is present in the list of detected infrastructure networks, and will connect if present. Failing that,
  2. It attempts to connect “blind” to infrastructure networks on your preferred list that are not detected, to cover the possibility that your network’s SSID beacon is disabled. This is the Wi-Fi implementation of “security by obscurity,” and no one really uses it anymore. Having failed to connect to a hidden infrastructure node,
  3. WZC will look to see if one of your preferred network SSIDs is present in detected ad-hoc networks, and will connect if it finds one.
  4. Now the weirdness begins: If none of your preferred network SSIDs is present as an ad-hoc node, and if there is an ad-hoc SSID in your preferred networks list, WZC sets your system up as an ad-hoc network with the first ad-hoc SSID it finds in your preferred list.

Hoo-boy. Read that again: If you’ve ever connected to an ad-hoc node and no networks in your preferred list are available, your machine becomes an ad-hoc node. This may not be the worst wireless idea ever, but it’s right up there. Basically, you’ve opened a door to your machine, and (depending on your firewall situation) if somebody connects to your laptop through the ad-hoc node that WZC has created, they can browse your shares.

It didn’t take malware to make this happen. Windows did it all by its lonesome. Here’s a likely scenario explaining why this SSID is so commonly seen in airports:

  1. Somewhere, somewhen, there was a mesh (peer to peer) network named “Free Public WiFi.” It was probably legitimate. I don’t like mesh networks for various technical reasons, but they have their uses, and there’s nothing necessarily scurrilous about them.
  2. An XP user logs into this original “Free Public Wifi” network and connects to the Internet. The SSID is added to their preferred networks list as an ad-hoc node, where it remains. When finished using the mesh network, the XP user breaks the ad-hoc connection and life goes on.
  3. Later on, which could be months or even years, the same user (“User #1”) goes to an airport and while waiting for a plane, boots his or her laptop to do some local spreadsheet work. No connectivity is found, so Wireless Zero Configuration happily establishes an ad-hoc node called “Free Public WiFi.”
  4. A nearby XP user (“User #2”) boots a laptop, looking for connectivity. He or she sees “Free Public Wifi” as an available network, and (naively) clicks to connect. An ad-hoc connection is established to User #1’s laptop. Nothing happens, since neither user is connected to the Internet. However, the “Free Public Wifi” SSID is added to User #2’s preferred networks list. User #2’s plane eventually comes in, and he or she shuts down the laptop, disappointed that no free connection was found.
  5. Later on, User #2 is again at an airport and boots the laptop. WZC establishes an ad-hoc node, and this time, two users see the “Free Public WiFi” SSID and connect. Again, nothing either good or bad happens, but the “Free Public WiFi” ad-hoc SSID is added to the preferred networks list of both User #3 and User #4.
  6. User #3 and User #4 (neither of whom have any idea what’s going on) boot their laptops at other airports, or at conference centers, or some place where laptops tend to congregate. Similarly naive users connect, looking for a free Internet connection, and add “Free Public WiFi” to their preferred networks list.
  7. Contagion continues, as road warriors spread the SSID as explained above.

Although malware isn’t involved, this is far from harmless, since an ad-hoc connection is a door to your machine. Your firewall will probably stop any shenanigans…if you have it working and configured correctly. Some people won’t.

Note well that this only happens if your system has the WZC service running. If you have vendor-specific software installed to manage your wireless subsystem (as all newer Dell laptops do) this craziness won’t occur. Only if Windows and WZC are in charge of wireless are you vulnerable. The solution? Limit your connections to infrastructure networks. There’s a step-by-step at the end of this article.

Other such viral SSIDs exist; I’ve seen “hpsetup” and “default” myself, and others have been reported. Any ad-hoc network SSID can go viral with the help of Windows Wireless Zero Configuration. The “hpsetup” SSID was “contracted” from certain HP printers that connect to laptops via ad-hoc connections. I’ve only confirmed this on XP; the issue may have been resolved with Vista and 7. It’s a fascinating example of unintended consequences in system design, and should become a textbook case in CS coursework. (Why don’t I think that this will ever happen?)