AI-powered PCs built for a new era of work We are excited to announce the first Surface AI PCs built exclusively for business: Surface Pro 10 for Business and Surface Laptop 6 for Business. These new PCs re
I just love how Microsoft sticks “FOR BIZNESSSSSSS!” on the end of things. “Skype FOR BIZNESSSSSSSS!” “Teams FOR BIDNESS!” “Outlook FOR BIZNAAAAAS!” Sigh. How can you take this stuff seriously? Anyway.
Windows stays because Microsoft caters to corporations which abuse the poor, defenseless OS into doing things like locking users out of changing the desktop background and the sleep timeout. Until Apple offers power-hungry corporate IT middle managers the same level of user-hostile malfeasance in the name of “security,” Microsoft will hold the high ground in corporate deployments.
This becomes a self-perpetuating cycle of not-so-micro-aggressions, as it continues to skew all the Microsoft-bought-and-paid-for Gartner polls that show how much more prevalent Windows is over OSX, and self-justify corporate America that they’re doing the right thing. This, in turn, leads to an entire sub-industry of corporate “security” software which must be installed on Windows, because, bought-and-paid-for auditors told them they had to.
Thus, I wind up with a corporate laptop with something like 3 or 4 different “endpoint” security products installed on it, and something like 30-40 different scripts and checks that run almost by the hour to make sure that the inherent weaknesses of Windows hasn’t compromised our precious meeting PPT’s, which corporate IT considers as sensitive as the US nuclear arsenal codes.
Apple offers an alternative to this madness, and I’m very glad they do. I would rather they stay as they are rather than corrupt their ecosystem in this way to make some corporate sales, and I will happily continue to use my personal MBP to do as much of my work as I can.
Apparently, no power in Heaven or Earth can make a Dell Windows “mobile workstation” display 4K@60Hz on an external monitor, using any of its ports, cables, connectors, or adapters, despite every piece in the chain assuring me that it can.
Who do I bill for the last half hour?
Bonus points for Windows losing its patience through the process, and not allowing me to resize the graphics options window after some point.
UPDATE: In desperation, I dug around in all my storage, and found the tiny USB-C-to-USB-A/HDMI adapter that came with the laptop. BEHOLD! That one works. I guess my “certified” Anker converter was not, in fact, up to spec.
Starfield, an RPG that excited gamers for years before release with the promise of being Skyrim in space, is ending 2023 with its Steam Recent Reviews rating at Mostly Negative. Even the overall rating is Mixed, which will doubtlessly disappoint Bethesda and Todd Howard.
I was definitely salty when Bethesda was bought by Microsoft. Like so many others, I’ve been a long time fan of Fallout and Elder Scrolls, and was really looking forward to this one. However, as a PS5 player, I realized that Starfield and TES VI would never be coming to Playstation.
I eventually bought a new PC for the Elder Scrolls Online, and tried the digital deluxe pre-release version of Starfield on Steam. I refunded it after 12 hours. While I could see all the criticisms people are talking about with regard to the game, my particular problem was that inventory management was the worst of any open-world game I’ve seen. After this amount of time, I had collected enough “stuff” to require me to start building bases to store them, so that I could eventually build the interesting items, and start working on ships.
I discovered, to my dismay, that unlimited storage containers do not exist, as there are in Skyrim and Fallout 4. Not only that, but it was going to take precious resources to build containers that were — at their largest — still pitifully small. By the time I realized what was happening, I only had enough resources to build a single-base’s limit of storage containers, and it barely made a dent in my inventory.
The whole thing came crashing down at once. The exercise of breaking down and storing my junk — which had become a very efficient and quick abstraction in Fallout 76 — was going to be many, many more hours of work to tame, and it would never not be a chore. To me, there was simply no excuse for this.
So not only do I now view Bethesda suspiciously (even though I continue to play ESO), but I also hate Microsoft from “back in the day,” because I’ve been a fan of Linux since the start, and I watched them buy up any and all competition in the 90’s, and then use the courts and their bought-and-paid for trade press to try to kill Linux.
And above all of this, I hate the trend towards nation-state corporations having more power than governments, and I hate the reduction in choice and increased price by such moves, all while they funnel all the profits from becoming more and more integrated straight to the top.
I’m not trying to start a fight with Windows and Xbox fans. I just say all of this to preface saying this, in response to this news:
And I hope they have a terrible time with The Elder Scrolls 6 now, whatever it will be called.
This makes about as much sense as Microsoft automatically setting all the power options in Windows to be the most conservative and least performant, including — in an absolutely baffling move — to automatically turn off Bluetooth after a minute. Say what!? Yeah, my Bluetooth mouse and keyboard would suddenly stop working after about a minute. I searched for and found updated drivers. I upgraded Windows. I reset things. I rebooted. And rebooted.
There was a lot of hair pulled before I figured out the power saving setting was the problem, because there isn’t any scenario in the entire world where I would think this would even have been an option that someone was told to take the time to code, make a UI for, and merge into Windows. The only possible reason would be to save literally one penny of electricity, over the course of a year, at the expense of making Bluetooth… COMPLETELY USELESS. Well done, guys.
Now I see the insanity is spreading. It’s not enough that we have to go over every device with a fine-toothed comb for security, opting out of spying, and blocking ads. Now we have to go through the options to make sure that they’re not “helpfully” being invisibly and silently hobbled against their intended, normal usage by companies who want to report to their investors that they’ve saved a collective X number of kilowatt hours by their pernicious power settings.
I thought I had malware on my main Windows 11 machine this weekend. There I was minding my own business in Chrome before tabbing back to a game and wham a pop-up appeared asking me to switch my default search engine to Microsoft Bing in Chrome. Stunningly, Microsoft now thinks it’s ok to shove a pop-up in my face above my apps and games just because I dare to use Chrome instead of Microsoft Edge.
When I was in 8th grade, one of my teachers was out sick, and the principal took over the class for the day. He talked about frames of reference. To illustrate the point, he asked if we had seen the movie, E.T. Of course, we all had. It was the Star Wars-level blockbuster of the summer of 1982. He asked if we remembered the bus scene. None of us could. “You know, ‘Uranus?'” Oh, right. Yes, we all remembered that line. Then he asked us if we could remember what any of the other kids were doing on the bus. Nope. Nothing. They were standing, yelling, throwing things, and generally being disruptive. He said, as a principal, this anarchy on a school bus horrified him. It never even registered with us.
This lesson continues to reverberate with me over 40 years later.
Technical people like me “govern” our computers and devices as much as we can, so when these things happen, they stick out like a sore thumb, and we set about stopping them from happening again. Even after 30 years of “being on the internet,” I am RUTHLESS about spam. When one show up in my inbox, I deal with it, so that, by and large, every email that comes through is of interest and needs my attention.
The people who use Windows because it’s the cheap, default choice are the kind of people that have 10,000 unread emails in their inbox, all of which are spam for services and offers they agreed to be spammed by, because they couldn’t be bothered to at least tick the opt-out box (which only works half the time anyway). When the vast majority of these users see a popup like this, they simply click the button to dismiss it, just like hundreds other digital annoyances they put up with all day long, which they do not understand, and which they do not know how to turn off.
It doesn’t matter that we get upset about this. It’s already been proven several times over that we cannot influence this situation. The incentives just don’t align between users of Windows and Microsoft’s management. You’d expect that they would care about what “power users” like developers would think, so I guess it’s telling how small that community of users is compared to the rest of the people who use Windows.
The real surprise here is that The Verge wrote a piece that is overtly negative about Microsoft.
A couple years ago, I broke free of playing Elder Scrolls Online, for the second time. I had quit before, in frustration of not being good enough to run the end-game content. It annoyed me that there were parts of a game I was paying for on a monthly basis that I effectively could never take advantage of, so I quit.
Then I picked it back up again for a little while, mentally bargaining with myself that this situation was acceptable because there is so much to do in the game besides the vet-level dungeons and trials. But, as a massively-multiplayer online game, it tends to suck you in, and dominate your leisure time, so I decided to quit again. And, since ESO was the only thing I was using it for, I literally threw my 12-year-old, Athlon-XP-based dinosaur of a PC in the trash, as a sort of “burn the ships” move to prevent going back to playing it. Playing ESO on a Mac is basically a non-starter due to crappy performance, so it wasn’t a realistic option.
Then I developed a medical problem that causes me to live with constant pain in my abdomen. That’s a whole book’s worth of another story, but the relevance to this story is that I now spend basically all my extra time playing games. I mean, I was a pretty heavy gamer before, but this is a whole other level.
Bored with everything else, I tried going back to Fallout 4. I couldn’t stand it on the PS5, because it only runs 30 FPS. Bethesda recently released a refreshed version of Skyrim on PS5 with all the Creator Club content, and running at 60 FPS, and it was like a whole, new game. I replayed it all over again, and love it. But I can’t go back to 30 FPS for Fallout.
I decided to buy an Xbox Series X, for several reasons, and waited for Starfield. Then, after the Redfall launch fiasco, Bethesda admitted that Starfield would also be capped at 30 FPS on console. Like I said, I can’t go back to 30 FPS.
So I sold the X, and bought a new PC.
I know, I know.
This one is a loss-leader from Microcenter. Realistically, it’s a $1,000 build, which you can get for $700.
The amount of friction from trying to run Windows again is astounding, and everyone just glosses over it because it’s so pervasive. I’ll be complaining about these things in later posts.
And they let her! You mean, all this time, I could have requested Linux on my corporate laptop for religious reasons!? BRB. Going to HR to explain my actual, deeply-held beliefs on this…
A few years back, as part of a long, slogging series of unfortunate events, I had been tasked with developing a new web application, which circumstances dictated should be written in Java. Books could be written about this one-year period of my career. (And not, like, inspirational ones.) Anyway, part of the process included trying to get people to realize that no one, these days, wrote web apps in Java without using one of the many, popular Javascript libraries for the front end (like React or Angular), and get my management and corporate IT to understand that I needed to install NodeJS on my machine to facilitate this. Up until this point — and despite the fact that it was obviously used by other development teams in the company — it was not on the “approved” list of software to be installed on local machines. Through several strained meetings and rounds of email, someone, somewhere, deep in the bowels of IT, corrected the obvious oversight, and put it on the list.
The production version of NodeJS was 8, at the time of approval.
This kerfuffle was but one small facet in the gem that was this job posting. In the middle development process, I jumped at another job opportunity, and left my Fortune-250 for a different Fortune 250. The IT environment was eerily similar, and led to this post about making Windows tolerable. It was this experience that got me to see the real root of what I’m complaining about here.
And then, through a short series of more unfortunate events — and one amazing event — I came back to the original Fortune 250, in a different department.
Some months later, just after getting settled back in, I got an email asking me if I would approve a new version of NodeJS to be officially blessed and uploaded to the internal repository.
A Symptom, not the Disease
Strangely, I was being asked to approve NodeJS version 9. If you’re not familiar, NodeJS uses a version numbering system like the Linux kernel used to, where even-numbered releases are for production use, and odd-numbered releases are development versions, intended only for development of the software itself. In no way should 9.x be considered for use in projects inside a blue-chip Fortune 250.
I explained this situation to a laundry-list of TO: and CC: recipients in a long email thread that had already been making rounds inside the company before someone finally saw my name attached to the original request, and added me to the chain. Of course, my explanation was ignored, but I only discovered this 6 months later, when I was being asked, again, to approve version 9. Apparently, I was preventing some developer in India from doing his work on a “high priority project” by not having approved it already, and I needed to get on the stick.
I become more blunt, at that point. First, I didn’t do whatever was done to get it certified the first time, so I didn’t know why I was being called on to do it again. Second, I tried to make a case for exempting development libraries, like NodeJS, from the slow process of getting them approved for internal use, and uploaded to our internal software delivery site. This led to another important person added to the chain, who, surprisingly, supported my argument, but, again, nothing changed.
A month later — seven months into this “discussion,” and presumably still holding up a “high priority” project with a “requirement” for 9.x — I got another email, which included a screenshot of an error from Angular, saying that it no longer supported NodeJS 8.x, and that it needed at least version 10.x or 12.x. Again, I pled with the list of people involved in the email chain that we needed to treat development libraries and applications differently than we treated, say, Office applications. I pointed out that, in the time that we had been fussing over version 9, version 14 was now shipping.
Six months after this exchange, I got an email from a desktop support technician. He was asking for clarification about details when installing… wait for it… version 8 on a developer’s computer. That’s right: After over a year of this exercise, we were still fighting to get a version that’s now a year and a half out of support installed on a developer’s machine.
And then, the situation actually got even worse. The developer’s “computer” was really a shared environment (like Citrix, et. al.), and the shared NodeJS install was being constantly re-configured between multiple developers using the same computer between projects. The support person was actually savvy enough to have suspected this, and was asking me about how it worked. I confirmed that this would, indeed, be a problem, and we figured out the flags to install it into each person’s personal directory, and keep the node_modules directory separate, per user. So, at least we figured out how to successfully install a version of Node that was dangerously out of date to a shared computer.
Actually trying to use NodeJS for the job it was created for, and downloading a stack of Javascript libraries to support Angular or React, led to another discussion of how to get it to play nicely with our corporate, Active Directory-authenticated firewall, which — naturally — blocks all access to the internet from anything that doesn’t run through the Windows TCP/IP stack. Say, like npm or yarn trying to access the NPM repository. I had figured out a workaround for that in the first few months of working at the company, and just pointed them at Corkscrew, which transparently handles the NTLM authentication for command-line utilities like npm (or Ruby’s Bundler).
The Root of the Problem: Microsoft, and Windows
If the shared computer had been Linux or Mac, none of these problems would have existed. Each account on Linux and Mac has a proper personal directory, and things like Node and Ruby assume this, and take advantage of it. Each user could install whatever he wanted to in his home directory, and not need administrative permissions on their machine, or have to rely on some internal application-distribution site. Also, if developers could use anything other than Windows, corporate IT would probably not assume that everything which gets forced through the corporate firewall can do NTLM authentication, and force people running tools like NodeJS to rely on a squirrely tool like Corkscrew. Windows has gotten a lot better over the past several years about installing things into a user’s AppData directory, and Microsoft has spent a lot effort in recent years to develop and astroturf WSL(2), Visual Studio Code, and the new Terminal, but Windows is still a second-class citizen for modern web programming.
I try to temper my frustration with this situation with the knowledge that IT departments of large companies have been forced into many, cascadingly-obtuse compromises by their use of Windows. So many frustrations in a company’s user community can be traced back to the relatively quirky, and single-user-oriented way Windows has always worked, and the monoculture that using Windows requires, thanks to Microsoft’s legacy of embrace-and-extend, especially in directory services. The size of the company exacerbates the problem. At my current company, I know of at least 5 different IT org trees. After 6 years of working with various people in these groups, I still have very little understanding who actually owns what. To be fair, most of this is felt by only a small portion of the “power user” community at a company, but that’s most of the people I deal with.
The Distortion of Scale
The biggest problem here is the scale of the operation. When you have 50,ooo nails, you make sure they’re all the same size and finish, and you use the exact same kind of hammer and technique on all of them. You’d think it would be possible to use a bit of manpower in these various IT departments to treat some of these nails differently, but the vast ecosystem required to take care of Windows just eats up all available resources. Anti-virus. VPN. Standard desktops. Scripts to prevent people from doing things they shouldn’t. Scripts to report all activity on the things they should. Office 365. One Drive. Teams. Zoom. Forced password rotations. Worldwide hardware and software upgrades. Locking out how long the screensaver takes to kick in. Preventing changing of custom login screen backgrounds. It’s a lot. I get it. Using Windows as a corporate desktop environment automatically assumes so much work, it leaves little room for treating a computer like a tool that needs to be customized for the job it needs to do, and the work it needs to support, even when those goals are, ostensibly, incidentally, also primary goals of the larger IT organization. It’s a counter-intuitive situation.
I started this post by pointing out that this stack of regrettably-predictable compromises, which result in suboptimal policies and outcomes, is primarily a problem with traditionally non-“tech” companies, but the real, underlying problem is much deeper.
The truth is that all companies are now “tech” companies, whether they realize it or not. And those that can’t change their approach to IT to adapt to this new reality — or change it fast enough to matter — will wither on the vine, and their remaining assets, eventually, will be picked up in a corporate yard sale to companies that have “tech” embedded in their DNA from birth.
I worry that a company which, 30 years later, still breaks up it’s most-important digital asset into 8 pieces because that’s what would fit on a floppy disk will not make the turn in time.
The reason I started writing all of this down was because — after all of this time and discussion — I was asked to approve NodeJS version 10 for the internal software repository. At the time I was asked, version 10 didn’t even show up on the NodeJS release page any more. They were shipping version 16. I guess 10 is better than 8, but let’s be honest: The only reason they gave up on version 8 or 9 is because the version of Angular that they’re using is refusing to work with anything pre-v10. That happened back in Angular version 8, which is now also out of support.
As part of the great email chain, I pleaded with the various people involved with the internal software approval process that keeping up with the shifting versions of your tools and supporting libraries is just part of the job of being a web app developer, yet no one even batted an eye. You would have thought that this concept would have fallen directly under the multi-headed hydra of “security,” and the company’s philosophy seemed to be you can never have too many software layers or policies about it. You would have thought they would have pounced on the concept in order to at least seem serious. I even invoked the specter of the recent, infamous log4j bug, as an example of the risks of letting things get out of date. This issue caused an audit of every Java-based application in the company, so it should have been a touchstone issue which everyone in the chain could relate to. But if anyone could understand what I was trying to say, they apparently didn’t care.
IT Best Practice vs IT Policy
I didn’t much care for The Big Bang Theory, but one scene has stuck with me for a long time. In S1E16, Sheldon is shopping in a store like Best Buy, and some woman comes up to him and asks, “Do you know anything about ‘this stuff?'” He replies, “I know… everything about ‘this stuff.'” And that’s the heck of this situation. It’s almost like every single person concerned with this process has absolutely no idea how any of “this stuff” actually works, and won’t listen to someone who does. And I realize how conceited that may sound, but, in this case, I don’t know how else to put it.
The only other explanation is simply apathy in the face of bureaucracy, and I wish senior IT management would take it on themselves to root out this sort of intransigence, and fix it. It would seem to be their job, and would go a long way to justifying a C-level salary. Unfortunately, this isn’t the first time I’ve found myself trying to explain a direct contradiction of IT best practice versus IT corporate policy to the very people who are supposed to be in charge of both, and I’d like to think I’ve learned how to convey my thoughts in a less confrontational way, but I obviously still haven’t figured out how to motivate people to rise above the internal politics and align the two, and that makes me sad.
I’m finally posting this because I just got another request to approve version 8, now three and a half years on, and I needed to vent.
¯\_(ツ)_/¯
Update 1
A couple weeks after posting this, I got CC’d on a long desktop support email chain from a developer in India who can’t get angular-cli version 7.x working with npm. <sigh> And there are four references to how urgent and how high a priority this is. A simple search shows a pretty detailed SO post about the particular error message, and the general answer seems to be to either play games with the particular versions of the dependencies, or just upgrade to a 8 or 9… three years ago. In any case, this isn’t a desktop support question. IMNSHO, this is squarely a developer’s issue. Sorry, but that’s the job, brother. Do I try, feebly, to make another point, or just let this go?
Update 2, eight months later
Because everyone got new laptops, I was looking around the internal company web page for software installation. And what do you think I happened to see? That’s right! Got it in one try! To be fair, there’s a newer version, but this version should simply not exist, anywhere, for any reason, at this point.
How do you deal with Microsoft’s crap on a daily basis?
I don’t use Windows 11. On Windows 10, I modify the installation image with DISM, removing as much of the unnecessary and user-hostile stuff as possible…
I make extensive changes to the registry that disable all the unwanted stuff. Some of these settings are not documented, and even the documented ones are likely to change without notice or become re-enabled by default in subsequent builds. For this reason, to avoid such unpleasant surprises, I prevent any automatic updates.
There was a time when I was reinstalling Windows XP so often that I made a “slipstreamed” install disc with Service Pack 3 pre-integrated, but this is on a whole other level. If I’m being honest?… I kinda want to try it. If I’m reading the blurb on Microsoft’s docs correctly, DISM is not, in fact, some tens-of-thousands-of-dollars corporate thing, but something that ships with every copy of Windows? That can’t be right, can it? In any case, I never want to hear about how much “work” it is to run Linux any more, when this is what it takes to run a copy of Windows that Microsoft doesn’t actively sabotage on a routine basis.
I’m new with ruby on rails and while creating my first project with this command rails new n_project, i got this error
run bundle installFetching source index from https://rubygems.org/ Retrying fetcher due to error (2/4): Bundler::Fetcher::CertificateFailureError Could not verify the SSL certificate forhttps://rubygems.org/.
There is a chance you are experiencing a man-in-the-middle attack, but most likely your system doesn't have the CA certificates needed forverification. For information about OpenSSL certificates, see .... To connect without using SSL, edit your Gemfile sources and change 'https' to 'http'.
Retrying fetcher due to error (3/4): Bundler::Fetcher::CertificateFailureError Could not verify the SSL certificate forhttps://rubygems.org/.
There is a chance you are experiencing a man-in-the-middle attack, but most likely your system doesn't have the CA certificates needed forverification. For information about OpenSSL certificates, see .... To connect without using SSL, edit your Gemfile sources and change 'https' to 'http'.
Retrying fetcher due to error (4/4): Bundler::Fetcher::CertificateFailureError Could not verify the SSL certificate forhttps://rubygems.org/.
There is a chance you are experiencing a man-in-the-middle attack, but most likely your system doesn't have the CA certificates needed forverification. For information about OpenSSL certificates, see .... To connect without using SSL, edit your Gemfile sources and change 'https' to 'http'.Could not verify the SSL certificate forhttps://rubygems.org/.
There is a chance you are experiencing a man-in-the-middle attack, but most
likely your system doesn't have the CA certificates needed forverification. For
information about OpenSSL certificates, see ...
I develop software using a pretty varied mix of technologies, including C#, VB, Postgres, SQL Server, and Azure services of all kinds, but mostly Ruby on Rails. After 15 years of using it, I find that it remains one of the most force-multiplying tech stacks in the world. With it, by myself, I can develop software faster than entire teams of outsourced, waterfall-managed, Java/React projects. (And I proven that multiple times.) Not only that, but the future is looking even brighter with Rails 7.
Anyway, I develop software on my personal MacBook Pro, upload it to a git host, and deploy it to a Linux VM on Azure. But my work-supplied laptop is, of course, a bog-standard, boring Dell running Windows. I feel an obligation to be able to use it to do everything I would normally do on my Mac, just in case the hammer falls, and they outlaw the way I work. So, on Windows, I use RubyInstaller. But, thanks to my company’s bog-standard industry practices of using Cisco products to lock down the laptop within an inch of usability, I’ve been unable to do a bundle update for awhile now, getting the error listed above.
I had previously worked around this situation by using CNTLM to tunnel command-line-based HTTP/S requests through my company’s firewall. This was no longer working.
I tried changing my Gemfile to use HTTP, instead of HTTPS. I tried getting gem to ignore SSL errors (and use HTTP sources). None of this worked either.
Yesterday, I had finally had enough of the problem, and decided to work through it. Helpfully, the error message included the fact that I was missing the Cisco Umbrella CA certificate in the certificate chain. Also helpfully, Cisco has a page where you can download their certificates, ciscoumbrellaroot.pem and crca2048.pem. Also helpfully, I found the linked StackOverflow Q/A. That got me started, and I finally figured out the RubyInstaller people have anticipated this problem. There’s a proper way of adding a certificate to your chain. Just drop the certs in C:\Ruby-xx-x64\ssl\certs. This allowed me to get rid of all the hacky workarounds, and now bundler works like I expect it to work on my work laptop.
And I hope they have a terrible time with The Elder Scrolls 6 now, whatever it will be called.
