In x64 editions of Windows, Microsoft began to enforce restrictions on what structures drivers can and cannot modify. Kernel Patch Protection is the technology that enforces these restrictions. It works by periodically checking to make sure that protected system structures in the kernel have not been modified. If a modification is detected, then Windows will initiate a bug check and shut down the system,[6][8] with a blue screen and/or reboot. The corresponding bugcheck number is 0x109, the bugcheck code is CRITICAL_STRUCTURE_CORRUPTION. Prohibited modifications include:[8]
Modifying system service descriptor tables Modifying the interrupt descriptor table Modifying the global descriptor table Using kernel stacks not allocated by the kernel Modifying or patching code contained within the kernel itself,[8] or the HAL or NDIS kernel libraries[9] Kernel Patch Protection only defends against device drivers modifying the kernel. It does not offer any protection against one device driver patching another.[10]
Wow, I mean WOA (Windows on Arm). Reading about WOA and basic Windows program design. The HAL (hardware abstraction layer) details are mind blowing. If you know Windows then this is an easy read. . . wait thats not many people!!
Think saving a file in notepad must be simple? Not with Windows. Imagine also another layer added here if your machine is a VM. The VM has to do this via the hypervisor layer, creating another step. Too many steps to save a file?
rt interest it’s interesting that Cisco branded sfps have this limitation. Meaning somehow the switch knows more about the Cisco SFP and a non Cisco SFP. I kind of wonder about Cisco being the king and gorilla of the networking world. They just have a lot of competition now and Nvidia is ruling with AI in the data center. Meaning Nvidia has the AI to make your data center work better with fewer people. Oh that’s or that’s what they say. Your mileage may vary.
if you do networking for a living, you should check the Cisco community. There’s a link above at the top of this article. There’s just tons of good information and review of networking in these in this Cisco community.
I am getting close to knowing enough powershell to make a clean up script. Years ago I had a clean up script to delete every folder and file in every part of a file system. It used a gather process to get all the files and folders, put into a txt file, then using win shell FOR command to go through that list and delete each one. It came in handy. CLeaning up user profiles was fun, It then ran the FOR command again on the list of files and folders, deleting every one. I’m working on a powershell version, when I get it done I will post it here.
Lets go back into the time of window shell and see what it could do. So if you type CMD, then “for /?” you would get a list like the one below. The below code is what I used as a basis for my clean up script.
FOR /F “eol=; tokens=2,3* delims=, ” %i in (myfile.txt) do @del “%i”
The above would get specific strings in the file.txt, then run the delete command on them. the actual help for that is below:
FOR /F “eol=; tokens=2,3* delims=, ” %i in (myfile.txt) do @echo %i %j %k
would parse each line in myfile.txt, ignoring lines that begin with a semicolon, passing the 2nd and 3rd token from each line to the for body, with tokens delimited by commas and/or spaces. Notice the for body statements reference %i to get the 2nd token, %j to get the 3rd token, and %k to get all remaining tokens after the 3rd. For file names that contain spaces, you need to quote the filenames with double quotes. In order to use double quotes in this manner, you also need to use the usebackq option, otherwise the double quotes will be interpreted as defining a literal string to parse. %i is explicitly declared in the for statement a
Application shims are on the security+ test, which is required for some federal jobs. Now if you want to make some money as a highly paid consultant, you might need to rebuild apps to work on newer versions of windows. How can you make that cash? You could use this shim kit to try to make the app work without building it from scratch.
shim examples – ForceAdminAccess shim tries to trick the application into believing that the current user is a member of the local Administrator group, even if he is not. (Many applications outright fail if you are not a local administrator, though you may be able to use other tricks, such as UAC File and Registry Virtualization, to resolve the issues that caused the check in the first place.) How it implements this check can be fairly straightforward. For example, this shim intercepts the API IsUserAnAdmin from shell32.dll. The complete source code of the shimmed function (which has wonderful performance characteristics compared to the actual API) is simply return TRUE.
The WrpMitigation shim tricks application installers into believing they can write to files that are protected by Windows Resource Protection (WRP). If you try to write to a file that’s protected, the shim first creates a new temporary file, marks it to be deleted once the handle is closed, and then returns the handle to the temporary file as if it were the actual protected file. The application installs the crusty old version of kernel32.dll or shell32.dll (or whichever other file it picked up while it was being packaged) into a temp file, but then that temp file goes away and the matching, patched, up-to-date version of the protected file remains on the file system. So, WRP can still ensure that you don’t end up with an ancient copy of shell32.dll from Windows 95 on your computer, but the installer won’t fail with ACCESS_DENIED when you use this shim.
A shim – helps applications by modifying calls to the operating system.
I have been looking at land around Mojave, Palmdale, and Lancaster areas, also parts of Kern county (north of Edwards AFB). Talking with several different realtors and many residents, I found this out.
1. Empty land not on a paved road, with no access to electricity, goes for about 9,000 per acre. Depends on quality of land, and adjacent to services. Sometimes the land has no access and no roads leading to it. This doesn’t seem to affect the price. If the land has a good dirt road to it or not does not seem to affect the price.
2. Empty land with a paved road, and nearby electricity makes the land about 10-20x more expensive. I see a .50 acre lot in Palmdale selling for $49,000 dollars. That is about ten times (10x) more expensive than nearby land with no road and no electrical. And a bit farther out in the desert, this is 20x more expensive than land with no road. You can find two (2)acres of land for $10,000 for example in North Edwards. That is 20x the amount of land per square foot. What you get for a dollar will cost you 20 dollars, depending on road and power. Your dollar does not go that far, for example in Palmdale at .50 acre @ $50,000
3. Theft in the desert is a big deal. Unless its welded and cemented into the ground, it may be gone next time you come look at the land. Have a dog to patrol or someone living nearby will drastically lower theft.
4. Mornings are the time to get things done. Especially in the summer. After 9am sometime, the heat will cook you nice and toasty until you are dripping in sweat. You can work in the heat but be prepared to have shade or simply work slow and have lots of water.
5. Massive speculation. Land far into the desert is portioned and lotted and purchased long ago, yet no one does anything with it. They name roads, plot the subdivisions, but the land sits empty. Go to google earth, type in “
North Edwards”. Look to the east, look to the north. You will see areas of the map with only dirt roads. Those are all bought. Use the Kern County GIS website to via the parcels and the size of the parcels. Use Zillow or another real estate website to view available for sale property. There is a massive amount of investment out there. The majority of the land is just there waiting some future. Realtors tell me they get buyers from all over the world.
6. Don’t expect a realtor to jump in his car and show you some land that costs nine thousand dollars. They are not making much commission on these deals, it’s not worth it for them to drive around showing people these properties.
7. Desert land has a variety of sand or soil. Land near or on a lakebed. Probably the soil is very sandy. Will anything grow on it, unsure? Land closer to the mountains is more like typical ground, a good consistency for building a foundation, wall. Also ground soil that can support most all plant life.
8. Well water. It’s not easy to find status of underground water. Spend time in the neighborhood and talk to stores and residents. For me I was able to ask to use some well water, and then I found out that the well water in that area is not drinkable, it is contaminated enough to make it unhealthy unless filtered. And I still do not know the water table depth and such. Wells in the desert are a thing and they do work but they have pitfalls and do require maintenance cost.
9. Check the airspace. You can use skyvector website to check. Are you in class D airspace. Class D space will mean you may get more overflights and airplane noise.
10. Try before you buy. Use a app like hipCamp to check out property in the desert. Stay a few days in the summer. Check out the different seasons You may find you like it. This is my listing on hipCamp. It’s in NOrth Edwards which is part of Mojave, east of the actual Mojave city.
Copyright right? 2024 Rod Deluhery. Use of web scraping by any agent or knowledge gathering is forbidden, including human, robotic process and artificial intelligence accumulators. Any use of this product requires my written consent.
I went through this again, trying to figure out what exactly is going on with the windows installer. It seems to me this is an exploit of the windows installer as much as an exploit of an application. The details of how the windows installer works gave me a few insights. The specific directory they mention renaming, I could not find any useful references to it. I know it’s common for apps to check for unfinished installs, and if so, then do logic on this and that. It appears that’s what Cisco does, and some how, the program is able to hijack the windows installer service from that point. Meaning there is a exploit done on the windows installer.
And does this exploit on the windows installer service still exist? Seems to me this exploit tricks the windows installer service to behave these commands and do as it pleases, which it really probably should not be allowed to do? You have a low trusted app which ends up escalating the privilege to a highest level, in cooperations with an app that checks for existing installations that are not finished.
I would like to try one of these new PC’s. They run windows but these are NEW as they have ARM CPU instead of the normal CPU that you would have in a laptop. The question I have, are they more secure and less likely to get malware than other laptops?
Looks like the ARM computers (Qualcomm CPU , snapdragon) are getting traction now. Makes me think, are these PCs more secure than a standard Intel or AMD PC? Any windows vulnerability that exists would be here on the quallcomm CPU, right? What about other EXEs coded for Intel or AMD, my guess is all those malware EXE would not run on snapdragon/ARM laptops? Just thinking that since only certain apps/games will run, then that means only certain malware will run also. My thinking. Meaning a C++ app usually is compiled for a CPU type. That specific compile would make it only work on a specific CPU. Now there are other apps lets say made from .NET or from Visual Studio C# that I believe will run on Intel or AMD, then the questions is, will those apps also run on ARM? I think the answer is NO because they say there is only 127 apps available for these Snapdragon PCs. To me that means many malware will NOT run on these laptops. A big plus is that you have more choice when buying a laptop. Another big plus is the battery life on these CPU is built from the ground up to be low power. So you get more battery life.
Here are some games that appear to run on Snapdragon/ARM laptops.
abandoned compressor on the sidewalk. found and fixed. Lets go into it and see what coin it cost to fix it. We will go over these sections:
initial troubleshooting:
2. disassemble compressor, piston and valves.
3. deep t-shoot and run tests:
4. bill of materials:
First here are some pictures, it looked worse when I found it. this is cleaned, greased and siliconed. Sorry that dog follows me everywhere and got in the picture:
initial troubleshooting: unit cycles and motor works. air inlet has more air coming out than going in!! valves must be stuck!
2. disassemble compressor, piston and valves. Easy disassembly except to split the compressor head, the gasket had it stuck pretty good. Massive dirt in the intake section apparently from a wasp or something that made a nest inside the piston head!! The air filter was lost so the insect easily climbed into the cylinder head and had a nice private residence. The intake and output reed valves made of stainless steel and aluminum. Carefully remove gunk using aluminum scraper and scrub brush. Remove old gasket and replace with liquid forma gasket. Silicone on the rubber parts.
3. deep t-shoot and run tests: After 60 minutes of time to set the form a gasket material, I bolt the compressor head and silicone the piston. Piston uses rubber o-ring material in a aluminum piston liner with some type of anti-friction coating that is rubbing off in some parts. Test it! I get it to 100 psi and then bleed the air as I use the air to clean out some areas in the shop. I am afraid to go higher PSI until I do more inspection. I believe max psi is 125 psi on this unit, and it should auto shutoff at that pressure. I want to see if that auto-shutoff is working, but patience. I need to check other things. I bleed all the air, then on to test #4. Another run test. About 15 minutes and I am thinking this compressor is good to go! It is holding pressure with no leaks!! Let me completely reassemble. I clean it and about to put it back together. . . .then I think, hell no. I am going to do another run test. AHHH! Runs for about 3 minutes. . . But no, about then, the running the unit just – stops!
Able to get it running again but the motor is not going full speed. Shutdown and restart. Now motor full speed. Another run test. About 90 psi and 5 minutes of run the motor stops again! Why? Piston moves easy, its the motor. Now the unit will not run at all! What happened to the motor? It was just working!! Its not that hot. This GE motor has a thermal reset. There is a warning that it can reset automatically and beware. It is not that. What else? I remove both capacitors. The start capacitor obviously damaged with dielectric dripping out. To be sure I order the run capacitor also.
4. bill of materials:
90 minute black gasket $17.00
o-ring $1.00
silicone $1.00
starter capacitor $12.00
run capacitor $9.00
Used Grainger.com capacitor selection guide to find the right capacitors. go here:
crypto_voyage 