Ransomware is in the news currently, with WannaCry and its various nasty successors taking out speed cameras and chocolate factories and all manner of other targets. It’s a clever technique, if you put aside the sheer evil of it: use advanced mathematics to scramble a victim’s computer files so they can only be unscrambled one way — then sell that one way for whatever price you can get. The official advice, as always, is don’t negotiate with criminals, but when the price for your entire business’s computer records is only around three hundred dollars, a lot of people are negotiating and official advice be damned.
Mildred at the Cairns Bay Netball Club called me because the computer they kept their membership records on was missing all its files, and a quick check showed me that ransomware was to blame. An unexpected email about cheap deals on flights had pulled her in: all it took was a trusting double-click and everything was gone. In cases like that, I would have advised her over the phone to get her computer wiped and type everything back in from print-outs, but I knew she had an ace up her sleeve.
About a year before, I had been referred to Mildred by none other than our good mate Dr Keith, who keeps popping up in these stories because the Huon Valley is a very cosy place and six degrees of separation is about four too many. I don’t recall now what Mildred’s original problem was, but I do know that I advised her to get a good backup process going, and when she baulked at the price of a commercial one, I gave her an alternative.
Ever since MS-DOS 2.0 or so in about 198-mumble, Microsoft has provided a handy little program called XCOPY. If you know the correct command line, you can make XCOPY back up an entire computer, every file and folder, merrily ignoring errors and only updating any files that have changed since the last time you did this. It’s not pretty, and remembering the command line is not for the weak of brain, but you can’t beat the price. I set up an icon on the club’s computer with the following mystic incantation in it:
XCOPY "C:\Documents and Settings\*" E:\Backups /c/r/i/k/e/y/d/h
See the command line options at the end? /c to continue after error, /r to overwrite read-only files, and so on. I remember it by imagining the scene in heaven when Steve Irwin meets D.H. Lawrence, and says “Crikey, D.H.!” It’s profoundly stupid, but it beats tattooing it on my arm.
So I knew Mildred had an icon on her desktop that would do backups. All she had to do, once a week, was plug the USB memory stick into the front of the computer and click the icon, and all the club’s records would be backed up. No mess, no fuss, and (for Windows XP in those days) just about the easiest available solution for free.
So when I heard the Cairns Bay Netball Club had been hit by ransomware, I dared to hope that all would be well. Ransomware sometimes attacks external drives that are plugged in to the target computer, but I remembered explaining to Mildred that she should keep her USB memory stick in the drawer when it wasn’t in use, so I was sure she’d be OK. I’d explained the whole very simple process to her and watched as she wrote it down, so I knew she was on top of it. At the absolute worst, they might have lost a week’s worth of data, if it had been that long since the last regular click of the old icon.
When I arrived, I quickly reassured Mildred that everything would be fine. While I checked to confirm that, yes indeed, it really was ransomware, and the files were totally scrambled, I asked her to please grab out the backup memory stick so I could check it was OK. This she did.
I plugged it in to my laptop to check it.
It was empty.
OK, I was a bit confused by this. I asked her to confirm that this was the same memory stick she’d been using to do her backups every week, by clicking on the icon.
She said, “Oh, I didn’t know what that icon was for. Can you get my files back?”
It had been a year. Every day she sat down at that computer, and saw the icon helpfully labelled “Back Up Files”. She ignored it. She had her copious notes, taken when I had been there, but she never referred to them.
I would like it known at this point that I did not tell Mildred what I thought of her, but I decided that if ever I told this story and was changing the details, I would definitely give her a silly name. Like Mildred or something.
I didn’t have much choice at that point. I gave her the number of a place that could sell her a new computer, because I couldn’t in conscience leave her using a Windows XP dinosaur when she could replace it for a few hundred bucks and get a warranty and regular updates. I advised her to go get all her print-outs and type them in when she got the new machine. There was nothing I could do to save data that no longer existed.
They say a journey of a thousand miles begins with a single step. That may be true, but it’s not all that helpful if someone doesn’t remember to take that single step. I can help people if they’re willing to help themselves, but I can’t force them to do anything. I am not the IT person-who-leads-horses-to-water-AND-makes-them-drink. I’m the IT blacksmith.
I’ve been working for some time with a small firm based in Cradoc, helping them sort out their computers and keep their software ticking along. They’ve been reluctant to upgrade from Windows XP to a more modern version of Windows because of a piece of software they use, called SellSmart 6000. That decision has had many repercussions, and this morning was just the latest.
SellSmart 6000 handles a major component of the customer’s day to day business, so you’d expect it would be a big priority for them to keep it up to date. Sadly, the owner of the firm doesn’t see it that way. We’ve bought it, he seems to have decided, so we don’t need to buy it again. He’s mistaken about that, of course: software, like raw meat, has a best-before date, and in this case the date passed a long time ago. The software hasn’t been updated since Windows XP was state-of-the-art, meaning that anyone who tries to use the latest operating system, good old reliable Windows 10, will encounter naught but error messages and corrupted files if they try to fire up SellSmart 6000 to do their work. Oops!
In between trying to terrify the owner into upgrading with stories of ransomware and planned obsolescence, I’ve kept them going with the usual assorted taskes: installing this, configuring that, applying long-overdue updates to the other. I couldn’t convince them to upgrade their computers though, until I came upon a clever loophole.
It turns out that the firm has a second branch in Kingston, and they use SellSmart 6000 as well. They do this by remoting in; that is to say, they run a program called Remote Desktop on their computer, and it fools the computer in Cradoc into thinking they’re using it instead. They can then fire up SellSmart 6000 and do all their work without it mattering that they are using a Windows 10 computer.
Eureka! So all I need to do is figure out how to run Remote Desktop locally, and they’ll be able to use their ancient crappy software on modern computers. They won’t know what hit them!
Now, if you’ve read this blog for a while now, you’ll know that simple solutions are rarely simple, so you’ll be expecting me to say that this clever plan came asunder when it encountered some tricky detail that I’d forgotten. Well then, permit me to surprise you: the plan did indeed work, and the upgrade to Windows 10 occurred without a hitch, apart from one or two networking hiccups irrelevant to this story. The admin staff, Jackie and Jillian, duly received their shiny Win10 boxes and had no especial difficulty using SellSmart 6000. Everyone was happy!
But time passed, and with it came a problem from an unexpected quarter. Jackie had a printer on her desk, a trusty Brother laser printer. That’s a brand I trust, but all good things must end, so it was no particular surprise when it died. Luckily she had a backup printer, but it needed to be set up. I came in and did the deed: installed the drivers, tested it all with her and Jillian’s computers, and went away again.
However, just last night, Jillian phoned me to say that the new printer wasn’t working in SellSmart 6000 when used in Remote Desktop. I was surprised to hear this, since I couldn’t imagine that the old one worked with it either, Remote Desktop being a finicky beast that doesn’t usually play well with others. Certain differences between old and new printer may have meant that the old one did work despite that, but that was no guarantee for the new one. And sure enough, I spent half an hour this morning proving exactly that: Remote Desktop is a finicky beast that doesn’t play well with others. No matter what I did, I couldn’t force it to even acknowledge the existence of the printer, let alone install its drivers, let alone access its print queue, let alone actually print anything. It was quite a frustrating experience; if you want to imagine the scene, just visualise a bald guy with a beard swearing at a lump of metal and plastic, and it’s like you were right there.
I was about to give up and tell Jillian that there was no way to make this work, and she’d just have to work around the problem, when Jackie came in. Jillian starts at 7:30am, as it happens, and Jackie starts at 9, so the timing worked out like that. Jillian explained what was going on, and Jackie just reached for the mouse, shut the Remote Desktop window, and then double-clicked on a new icon on the desktop.
The icon read “SellSmart 7000”.
It turns out, she informed us, that the owner finally got around to upgrading to the somewhat newer version of SellSmart. It could now run on Windows 10 without the slightest trouble. Remote Desktop was no longer required. Surely Jillian had got the memo? No, Jillian had not.
Jillian was apologetic, and Jackie was perhaps more amused than either of us. I was just glad I hadn’t given in to the temptation to chuck the bloody computer out the (real, glass, non-version-numbered) window. It would not have been good for repeat business, and I may well have put my back out. I am, after all, not the IT shot-putter. I’m the IT blacksmith.
Every now and then, when I want to drum up business, I’ll try to come up with a gimmick. One time, some years ago, I made an offer to a bunch of my existing customers: refer me to a new customer and I’ll give them a discount and you a freebie. The first to take me up on it was a lovely chap in Geeveston named Jackie. Jackie had overheard Cecil, who works at one of that town’s many art galleries, complaining about his computer. He passed on my card and then gave me a call to let me know. Cecil called not long after, and I went around. His problem was not too complicated, but the art biz is not what it once was so he was glad of the discount. I helped him, and we were all happy.
It was while I was hard at work on his laptop that Cecil told me an interesting story, which I now relate. It just so happens that I was not his first choice of an IT support person. He first called a chap in Hobart who I will call Mr Voy. Mr Voy had made the perilous trek to Cecil’s home in Police Point, which is a rare thing for a Hobart-based tradesperson of any sort. He listened attentively, worked swiftly and was the epitome of professionalism and politeness. Cecil was immensely impressed. He decided then and there that he would recommend Mr Voy’s services to anyone who would listen. When the invoice for Mr Voy’s services arrived in the mail, Cecil was only mildly alarmed at the price, but his memory of the experience was so positive that he paid without hesitation. His intention to sing Mr Voy’s praises did not waiver.
Imagine how impressed he was, a week later, when Mr Voy called up to check that everything was all right. Cecil confirmed that, yes indeed, the computer was behaving exceptionally well, and he was completely happy. Mr Voy pressed, eager to ensure that there were no lingering issues, and Cecil admitted that he wasn’t completely sure about the process for using the scanner on his printer, which Mr Voy had outlined during his visit. Mr Voy was happy to go through the steps again: type “scan” into the search box, select “Windows Fax And Scan”, press the “New Scan” button, and so on and so forth. Cecil wrote this down carefully, and thanked Mr Voy again for his careful and helpful service. He hung up with a warm glow, pleased at how this instance of the sometimes vexatious interaction between customer and service provider had proceeded.
It need not surprise anyone that Cecil’s next interaction with Mr Voy was not as warm and friendly. It may have involved some very short words, few in number but crystal clear in meaning. They conveyed the news that this latest invoice would not be paid, and that no further correspondence from Mr Voy would be welcomed. It was while telling this story to a regular in his art gallery that Cecil was overheard by Jackie, which is where we came in.
Cecil remains a customer of mine, as does Jackie. Jackie got his freebie a couple of months later, when his internet was playing up. It was another easy fix, and he was most surprised when he took out his wallet to pay me and I told him to put it away again, but I’m true to my word.
Meanwhile, because I like how that particular gimmick worked, I’m going to try another. If you’re in the Huon Valley and you need my services, quote the magic word “Cecil” to me and I’ll give you a discount on your first hour. Let’s say… 25% off? Will that work? I think so. I happen to know I’m still less expensive that Mr Voy, at least, so you really can’t lose. Because I am not, in case you ever wondered, the IT pickpocket. I’m the bloody IT blacksmith, dammit!
Sometimes, I’m clever. Other times, I’m lucky. So far I’ve generally been at least one of those. This is a story about a time when I definitely wasn’t clever.
I shall not name the community radio station in question, but it just so happened that a particular community radio station had a volunteer who also worked at a community centre where I had recently provided services. My name was thus in the forefront of that volunteer’s mind the morning that he came in to discover that the computer in Studio 1 was dead. He called me, and I came in to see what I could do.
The last time I interacted with any radio station was to request Phil Collins’ Groovy Kind Of Love, so obviously it’s been a while. In the interim, they’ve all gone digital. The station’s CD library, once a huge and comprehensive collection of every song by every artist from Aaliyah to ZZ Top, was now barely half a shelf in a cupboard next to the kitchenette. All the songs, including a truly disturbing quantity of yodelling music, now resided on a single disk drive. Searching and programming was easy, and for the most part the disc jockeys were now disk jockeys.
This all fell apart, of course, when the disk drive died. Fortunately it wasn’t the master drive, but rather the local copy of its contents stored in Studio 1. The network was unreliable, so a connection from Studio 1 to the disk drive in Studio 2 was not the best way to ensure the usual high rotation of Kenny Rogers. To avoid lag, the entire collection was copied and regularly updated onto the computer in Studio 1, and it was that computer that had, thanks to a recent power spike, fallen in a heap.
Serenaded first by contemporary pop hits and then, later, by the rather dreary Christian Radio show, I performed surgery on the computer. The power spike had hit at a crucial moment, just as some system files were being updated. There was no obvious hardware damage, but enough system files had been scrambled that the poor old thing wouldn’t start up. Luckily, I knew my way around repairing this sort of issue. I fired up the Repair Console, selected “Auto-Repair”, and waited. In a very short time, it finished, and informed me that the disk now had zero bytes of data.
I did not panic. I also didn’t tell anyone at the station what had just happened, even though it appeared I had just wiped the local copy of all their music, with however many songs had not yet been migrated to the master copy, plus all their scheduling information for the entire station and more besides. Instead, I told them I would need to use some tools I had at home. I bundled the box up, stuck it in my car, very sedately walked out, and tore home like a bat out of hell.
At home, I removed the drive from the box and began some heroic resuscitation measures. This is where my luck comes in: one of the tools I had was smart enough to find the portion of the disk that still contained all the files. It wasn’t erased, merely misplaced. I used it to make a complete copy of the relevant information, stuck that on a thumb drive, and reformatted the disk to get it working again. Back to the station and they all thought I was some kind of miracle worker. I have maintained that relationship and that reputation ever since, and never once told them how close I came to being that legendary idiot who wiped out their data through carelessness.
This was a formative lesson. I now know the first rule of any computer rescue, the equivalent of the doctor’s “Do No Harm”: First, Make Backups. I applied that as recently as last night, saving a laptop from what turned out to be terminal old age. I took the drive out, stuck it in an enclosure and copied every single file off. Then I took an increasingly destructive set of steps to try to recover the machine: first to restore it to how it was a week ago, then to factory reset it to its initial settings, then to just erase the disk and let it start over. All those steps failed, but the data was safe, and the way prices are nowadays, the client will probably pick up a superior replacement for pocket change.
Sometimes I do the backups, then try the fix, and the fix works and the backup is redundant. I usually give it to the client anyway, rather than erasing it, because you never know when it might be useful to have all your precious files and photos off to the side and out of the way of burglars, power spikes and errant cups of coffee. I have learnt the benefit of extreme paranoia when dealing with computers, and I consider that a worthwhile lesson. I am, after all, not the IT miracle worker, regardless of what many of my clients have been allowed to think. I am the IT blacksmith.
Half the job of an IT blacksmith involves knowing your tools, but there’s a wrinkle that real blacksmiths rarely encounter: IT blacksmiths’ tools can become obsolete and disappear. I’ve never heard of a hammer being declared incompatible with the new 64-bit horseshoes so you have to find a new one. On the other hand, I hardly ever burn myself on molten metal, so I guess we’re even.
It so happened that I was in Cygnet with my family, visiting friends, when I got a call from a client needing my help right there on the main street. I took my leave and popped around to see what I could do. It was the usual story: Leslie’s computer was running slowly, spitting out lots of error messages, generally behaving like a three-bob watch. I was clever: the first thing I did was check the size of drive C: to see if it was nearing capacity. Was it ever! Total size of disk: 960 gigabytes. Total usage: 953 gigabytes. Free space: bugger all.
OK, I told myself, this is going to be a quickie. I did all the basic stuff: emptied the Recycle Bin, cleared redundant stuff out of the Downloads folder, deleted unnecessary Windows Update files, cleared out Windows Temp, ran the System Cleanup tool. Then I checked the results. Total size of disk: 960 gigabytes. Total usage: 947 gigabytes. Free space: still bugger all.
Interesting! How did a computer manage to be so full? I assumed it was videos and photos. I had a look. Total number of photos: 17, mostly of Leslie’s dog Tiger. Total number of videos: one, of Tiger, thirty two seconds long, cute but not huge (a bit like Tiger). That wasn’t it!
I asked Leslie if she was much of a game player. She admitted to a fondness for Candy Crush Saga, but that’s not a problem. As for your World Of Minecrafts and Grand Theft Halos, she was innocent of even knowing their names.
So what else could be taking up the space?
Here’s where knowing your tools comes in handy. I bring with me everywhere I go a thumb drive (also called a memory stick, USB, flash drive, dongle or a billion other names) with important software on it. I call it my Doctor’s Bag, though maybe Blacksmith’s Box would be a less confusing name now I think of it. On it I have an ancient copy of a program called SpaceMonger. SpaceMonger is still around, now sold by a company called Stardock, but the older version has the advantage that it’s free for casual use and can be run off a thumb drive, whereas the more recent editions, one of which I have happily paid for, need to be installed to run. As you can see from the picture here, SpaceMonger shows a map of every file on your disk, colour coded so you can tell them apart, sized proportionate to their size on the disk.
I ran SpaceMonger on Leslie’s computer, and it told me something unexpected: Google Earth was taking up about 90% of the space on the disk with its temporary files. A little googling revealed the truth: a bug in that particular version caused the program to keep reloading map files that it already had. Every ten seconds for some weeks, Google was discovering life on Earth all over again, and storing it on Leslie’s computer.
The same page that explained the problem gave the solution: delete a certain folder, then uninstall Google Earth and download the new, fixed edition. This I did, and then I checked the disk one last time. It told me: Total size of disk: 960 gigabytes. Total usage: 62 gigabytes. Free space: 898 gigabytes.
Ah, much better! I took my
Doctor’s BagBlacksmith’s Box and its clever tool, and bade Leslie and Tiger farewell. Leslie was pleased, and swore she’d pass my cards on to all her friends. And who knows? Perhaps she did, because I’ve spent a lot of time in Cygnet over the intervening years. And I always bring my tools with me, because you know what? I’m not a complete IT numpty. I am an IT blacksmith!
Making house calls is such a huge part of my job now that it’s hard to remember a time when I was hoping not to have to. The Huon Valley is a big place, and while my goal was always to be the go-to guy for tech support, I kind of preferred not to be tearing from Southport to Mountain River to Kettering every day. Petrol is so pricey down here that mortgage brokers have started opening pop-up shops in service stations to help people finance their Klugers. Surely I don’t want to be going too far?
It’s so long ago that I don’t recall the customer’s name, so I’m going to call her Claire. She had a cosy shack in Randalls Bay, which, as far as a recent mainlander like me knew, was slightly to the south of the far side of the moon. Her problem was one I’ve seen a few times since, and that even formed a key to the later tale of Dr Keith and the Horror Movie Cliché: her desktop PC was shutting itself down randomly. Remember, I hadn’t at this point experienced the strange cause of that problem as revealed by Dr Keith, but I still had a shortlist of potential problems: dodgy wiring inside the computer’s power supply, gunked-up fan grilles, maybe even something in software. The only problem was: I didn’t want to drive all the way out there to find out, especially if it was something dead simple.
I got her to try all the usual stuff: unplug and check all the power cables, “blow the dust off the connectors”, make sure your shack isn’t surviving on poorly-maintained 1930s electrical wiring that shorts out every time someone faces east. No dice. All that stuff, she assured me by crackly landline, was perfectly fine.
(There’s a clue in that preceding paragraph if you’re following along at home. It’s blindingly obvious to me, now. Can you see it?)
Luckily, Claire worked at one of the medical centres in Huonville, three days a week as a receptionist. She could bundle the whole desktop into a cardboard box and I agreed, magnanimously, to meet her in her lunch break to pick it up.
The PC was surprisingly new and powerful. Turns out her sister, who lived in Adelaide, was a developer for a software house whose name you would probably recognise, and gave family her cast-offs every time she upgraded, which was often. This one had been in Claire’s possession for all of three months, and was barely a year older than that. I took it home and ran a bunch of tests. It was well set up, with Windows XP because nobody used Vista, and loads of spare grunt. Could it be the internal power supply, I wondered? Nope: whoever put this box together knew their way around volts and amps better than I do. I plugged it in in the corner of my non-office, and left it running. It needed Windows Updates and a slightly less stupid anti-virus — to give you an idea of how long ago this was, AVG was still a good piece of software, though of course Norton’s was, then as now, awful — so I gave it the computer geek’s equivalent of a grease and oil change. I spent a couple of hours on it, trying various things to make it misbehave, playing hi-resolution videos and even running one of those programs that deliberately stresses out a processor to find flaws in the manufacture. Nothing. No problems. It cruised like a BMW on an autobahn. I was suffering serious hardware envy, but I wasn’t seeing mysterious cut-outs.
Claire’s next work day, I brought it back, in its box. I couldn’t find a problem, and I didn’t want to charge her for my failure, but she insisted on paying so I called it an hour. Tune-up and once-over, that was a fair price I thought.
She called me that night. She’d plugged it all back in, switched it on, got half way through episode one of season one of this new show she’d got on Blu Ray called Game Of Thrones, and it cut out again. I was deeply apologetic, and suggested that maybe I should come out and take a look in situ, but she was adamant that she couldn’t make me do that. She boxed it up, and this time included all the cables, the screen, the printer, the mouse and keyboard, even the mouse pad. I made a special trip to pick it up the next morning before she started work.
I was starting to think it might be an electrical fault, so this time used all her cables. I plugged in everything exactly as she’d had it, turned it on and, because I have no interest in George R R Martin and his gore porn, played a DVD of Pixar’s Up instead. It worked perfectly. The sound was impeccable, the video flawless, the hardware envy growing steadily with every minute. It did not cut out.
I even brought in a heater and turned it right up — did I mention this was January? It was already hot by Tasmanian standards, though a Canberran would call it “refreshingly mild for the time of year” — on the theory that maybe the box was cutting out due to overheating. It didn’t change a thing. Carl, Russell and Dug kept right on flying that house to Paradise Falls without a single skipped frame.
I’d had enough. Clearly the gods were punishing me. The only solution now was to bring the whole thing back, mouse pad and all, and set it up myself in Claire’s shack in distant Randles Bay, which seemed about as far away as Paradise Falls, though perhaps a little more accessible without the use of balloons. Claire was there to apologise profusely and let me in. She showed me to the spot where the computer usually sat: the living room, the desk, the chair, the power board.
The power board…
Power boards are funny things. Usually, you pick them up from Woolworths, but some people go to hardware stores or computer shops if they feel like spending an extra hundred bucks for some impressive red stickers. They all have the basic wiring, and some of the higher-end ones have a special kind of circuitry designed to protect against power surges. (Incidentally, I recommend those circuits if you live in Dover. The public power supply there is pitiful. Some day I’ll write about the windfall of “rebuild my computer” calls I get every time there’s a blackout. But I digress.) Over time, the clever circuits have migrated into even the cheapy Woolworths ones, so that there’s not a huge difference for all the price range.
Claire’s power board was one of the Woolies ones. It even still had the sticker on it from when she bought it. Encouraging, right? Not exactly. The sticker said “Purity”.
For the benefit of any non-Tasmanians who may have wandered in, Purity was a chain of supermarkets all over the island state for many years. In 2000, they got bought out by Woolworths, and rebranded. This power board, then, was over a decade old. To judge from the difference in colour between the top and the underside, it was probably blessed by Pope Pius XII before it was installed.
I was a good blacksmith. I kept my voice level. I asked if Claire had any other powerboards in the house. By chance, she’d picked up one for the TV and stereo, so she went and got that. She plugged it in to the computer. I then asked if she had a pair of evil scissors. (That’s the scissors you have that aren’t “the good scissors”, and so they can be used for any old job that the good scissors must never be used for.) She did. I very carefully took the old power board and chopped its cable; twice, once at the board end and once at the plug. I placed all the pieces in the bin. Then I breathed.
I was kind of nervous that Claire would feel insulted, but she laughed. “Oh, is that all it was?” She swore musically. “I must have replaced the power cords three times with new ones from that shop in Huonville, but I never thought of the power board. Silly old me!”
Well, no. Silly old me for not thinking of it, since I asked about every other step in the sequence from electricity company to computer. And even sillier old me for not just coming out, seeing the problem and solving it a week and a half ago. Ah well. Claire was forgiving, and insisted on paying me for my time. Honestly, I should have paid it all right back and called it educational expenses. I’m not supposed to be the IT idiot. In theory, I’m supposed to be the IT blacksmith!
Not all of my blacksmithing adventures are focused on computers. Sometimes the people are the key, and sometimes there’s even a happy ending.
Glen was a simple fellow. Recently moved to Mountain River from somewhere on the mainland, he arrived with nothing but a laptop and a ute, and a dream of starting his own business selling hand-crafted beers. I’m a teetotaller who only drinks fizzy mineral water, so I disappointed him about fifteen times during the course of our first meeting. Not only did I decline the offers of “just a taste”, but I also by seemed to have no appreciation at all for the finer points of brewing. That and the nature of his computer problem are irrelevant, though. It wasn’t until I’d collected my very reasonable fee and was heading out the door that he said something that made the day worth writing about.
Gentle interrogation revealed the story. He had struck up a romance with a woman by the unlikely name of Lieutenant Bachmann O’Leary, a young officer in the Canadian army, stationed in Nigeria. They had never met; their entire romance blossomed on Facebook and by email. But it was true love, definitely! No doubt in Glen’s mind.
I figured I knew what was going on here, so I sat down and asked him more. Bachmann was an odd name, I suggested. How did he know it was her real name? He showed me a photo of a woman in army camouflage, smiling to the camera, with BACHMANN on her name patch. Ah, I said. So it’s her surname? No, Glen told me, I thought that too, but she said her surname is O’Leary, and I believe her. Why would she lie?
I asked how his saving was going. He admitted that it was a little shaky. He’d only recently moved to Tassie before he “met” the love of his life, and he’d had to send her a substantial sum already, due to some medical problem she’d had involving her brother. Wasn’t her brother Canadian, I asked, and therefore covered by the mediocre but comprehensive Canadian health system? Apparently not; her brother was also in Nigeria, though not in the army. Glen seemed blithely unaware of how unlikely that sounded.
It was at this stage that I understood my own predicament. Glen clearly believed the nonsense that some scammer was feeding him. A random photo snatched off Facebook, a sob story and a few professions of undying love, and he was caught. Glen was mostly an attractive fellow, and he didn’t seem particularly dense, but clearly he’d been taken in by someone with a talent for pressing his buttons. If I tried to convince him that he’d been scammed, he would double down. I needed to figure out a way to head him off his fatal path before it was too late.
I was pondering this, and seriously considering a swig of his home-brewed ale to help me think, when Glen’s computer pinged and he shouted for joy. “She’s online right now! You can meet her!”
He proceeded to chat with her over Facebook Messenger, so I took my leave. But I left him a note: “Glen – when you get a chance, type ‘Bachmann Facebook army’ into Google and see if you get anything”. He was distracted in conversation with his “beloved”, but he nodded vaguely as I left.
I next heard from Glen a month later, when he needed help interpreting a different kind of nonsense, this time the instructions sent by Telstra for setting up his new landline internet. (He’d been using mobile broadband, which is a pricey proposition if there’s any alternative) I casually asked about his long distance romance, and he laughed. “Oh, that! I did that Google search you mentioned, and up came a Facebook page with the same photo in it that I showed you, and a bunch more. Turns out there’s a Corporal Leanne Amelia Bachmann in the US Army, stationed in Kandahar. I asked ‘my’ Bachmann about that, and she tried to claim it was her sister. I called her a liar, so she called me a name and blocked me on Facebook. I haven’t seen her since.”
I asked how he felt about that, and I think he was pretty philosophical. Sure, he spent most of a week drinking nearly all of his product, but then he pulled himself together and concentrated on the much more vexed issue of getting his bloody internet up and running. The way he saw it, the romance had been true enough for him, even if it was all fake from her end. Now it was over, and that meant he was free to live his life. He had saved a fair bit toward his African honeymoon: enough to buy a lot of really shiny new brewing equipment. He was planning a strawberry Guinness that he was sure would sell like hotcakes. I declined his offer of a free bottle of the first batch. I am, after all, not an IT beer connoisseur, and clearly not an IT matchmaker. I’m just an IT blacksmith.
Dr Keith wasn’t all about the ransomware and the dangerous headgear. He also taught me an important lesson about horror films, and their applicability to daily life.
The first time I dealt with him, he was having trouble with his laptop. It was, he told me over the phone, switching itself off at random. He’d be in the middle of watching David & Margaret on iView and it would just switch off. No warning, no reprieve. He’d switch it back on and it would be fine, but then it would happen again ten minutes later. If he left it for a while it might last longer before the next cut-out, but that was pretty random too.
As soon as I heard this story, I guessed at the problem. Laptops are a hothouse of complicated electronics, all crammed together with no room to breathe. To keep themselves cool, they have fans. But those fans suck in air through grilles on the side and underneath, and those can get gunked up, especially in houses with wood heating or occupants who smoke inside. The random cutouts sounded like overheating due to the fan being unable to take in enough air. Simple! Open and shut, no problem. I was sure this was going to be an easy case.
My confidence in my pre-diagnosis lasted until I walked into the house. Keith, even at sixty something, was clearly a health nut, complete with tracksuit, well-worn running shoes and a rowing machine in the corner of the living room. So when he told me he’d been an oncologist as a young doctor, I figured the chance of him or anyone in the house being a smoker was pretty much zero. He confirmed this. He also confirmed that he didn’t have a wood fire; this involved him going on a bit about the benefits of heat pumps in the Tasmanian climate, but chatty customers are part of the job. Looking at his living room, I saw that it was immaculate: no dust anywhere to find its way into the grilles of the laptop.
I picked up the laptop and sniffed it. It’s amazing how many problems you can diagnose with a nose. In this case, I diagnosed that the machine was new (“new laptop smell” is a thing, just like new cars but less upholteryish) and very clean. Dr Keith assured me he only ever used it on the spotlessly clean coffee table and never on his lap; at any rate, he had so little fat on his body that the usual problem of a laptop being half-smothered did not apply. This was the cleanest piece of computer hardware I had ever seen, in a room so spotless that I could have eaten my dinner off any surface (though Keith would prefer that I use the dining table instead, to save on Mr Sheen).
So. Initial diagnosis was a bust. Never mind: no battle plan survives contact with the enemy, as old uncle Helmuth used to say. I switched the laptop on, and it was here that I noticed something new. It was, as he had told me on the phone, generally very well behaved, and very, very quiet.
Too quiet. Like the scene in a horror movie just before everything goes horribly wrong.
I carry a set of precision screwdrivers in my bag. I unplugged the lappie, took out the battery and took the back cover off. It was a Toshiba, so this was not too painful; god help me if I need to do the same for some other brands, which have a million screws in multiple incompatible sizes. As I did this, I marvelled at how tidy it all was. Keith really did keep it in tip-top condition. No dust anywhere. Of course, by this point I’d mostly guessed the terrible secret. The fan wasn’t sucking in any dust, and indeed wasn’t doing anything at all, specifically making any noise at all, because… it was an undead zombie!
Or rather, because it was stuck and wasn’t moving.
A pair of tweezers retrieved the culprit. One of those little stickers that modern computers are infested with, advertising the killer features that supposedly make each new piece of hardware the shiniest and featuriest gadget ever, had come off the bottom of the laptop’s case and made its way through one of the perfectly clean grilles all the way into the inner workings of the fan. As a result, the fan didn’t move, meaning not only that it made zero noise and sucked in zero dust, but also that it let the laptop heat up without interruption. Over time, the heat would reach a level where the internal thermostats would register an emergency, and the laptop would power down to prevent damage.
Part of my initial diagnosis was correct. The randomness of the powering-down was tied to the temperature in the room. Hot days meant a shorter time between shutdowns. But generally it’s the effort a computer is putting in that causes the heat, so rendering the video of David and Margaret arguing over which Adam Wingard flick was the least abysmal was usually enough to send everything to hell.
Sticker removed, I reassembled the laptop, commended Dr Keith on his dedication to cleanliness, and apologised that henceforth his machine might be a little noisier, now that it had a working fan again. He agreed that this was an entirely acceptable situation.
I left him to his iView, and did not kill him and feast on his brains. I am, after all, not an IT undead creature of darkness wandering the night in unearthly torment. I’m just an IT blacksmith.
Dr Keith was a pillar of the community: three days a week at the local medical centre, formerly an alderman before everything got amalgamated in the 1980s. He seemed a little sheepish on the phone, and when I popped round to his rather nice house in Dover, I quickly saw why. His computer screen was showing one of those ransomware messages, all flashing text and spelling errors. He was sure it must have been a website he was looking at, but it all happened so fast that he wasn’t sure. A popup message, a foolish click, and everything went away.
Ransomware is in the news at the moment, with the latest example, WannaCry, causing panic from Patagonia to Portsmouth. It relies on encryption, the same technology that makes your internet banking secure and allowed the Germans to think their radio messages were secret in World War II. The Germans were defeated by Alan Turing and Colossus, but the mathematics has gotten a lot tougher to crack since then. Nowadays, if you encrypt a file and lose the key, you’d better hope you have backups.
Dr Keith’s scary message made the usual claims. Your files, it assured him, have all been encrypted. You can’t get at them unless you have the encryption key. You can’t get that unless you pay the S00par Wizzardz K0llektiv umpteen hundred dollars in Bitcoins. Dr Keith didn’t even know what a Bitcoin was, so he called me in.
This was a while ago, so it was the first case of ransomware I’d seen with my own eyes. Immediately, something made me suspicious. Understand that these things are never very well written. For a start, the text in them is most often composed by someone with a limited grasp of English — WannaCry is probably Chinese, for example, based on some clever linguistic analysis. Writing any kind of computer program is usually a group effort, but these nasties tend to be assembled by smaller groups of people, maybe even just a single “script kiddie” working alone. As a result, they look pretty flaky, even the successful ones. But this one… even by the very low standards of malware, this looked like it was stuck together with chewing gum and string.
A little detective work revealed that the popup message appeared in the Task Manager, a system program that can be used to monitor how a computer is running. That was unsurprising: it could hardly be popping up otherwise! But something else was not appearing in the same system program: the Desktop, the part of Windows that displays your icons and buttons and lets you launch other programs. That suggested an intriguing possibility: maybe the popup message was blocking Desktop from starting somehow. But if so, why?
Task Manager gives you all sorts of capabilities. One of them is the ability to stop a program starting up automatically. There are a lot of automatic programs in a typical computer: they handle everything from the mouse cursor to the printer, and without them your computer would be little more than a large electric paperweight. But the auto-starting program called C:\Users\Keith\Local Settings\jdlkalkschheijscnkjw.exe seemed a little outside the norm. I killed it — another of Task Manager’s helpful tricks — and the popup message disappeared. Progress!
Veeeeery carefully, I now started up Desktop and took a look at the damage. The mysterious jdlkalkschheijscnkjw.exe was sitting there, inert now, so I deleted it, and did a quick search for any lurking copies. There were none. I also checked his browser history, half expecting something rude, but it turned out to be almost boring: a website selling hats that just happened to play host to a dodgy advertisement. The site was now down with just a “please wait” message, meaning the owners must have found the problem, so that was good. I checked his downloads folder and removed the supposed advertisement that had borne the fatal payload. That was easy to kill. But as for encrypted files, there were none, anywhere on his computer. Everything was safe and sound. The ransomware had lied!
I know. Shocking, right? Criminals telling untruths! What is the world coming to?
The chain of events seemed to be this: Dr Keith had felt a need for a new hat, so followed a chain of googles and recommendations to an online shop that was playing host to a dodgy advertisement. The advertisement was clever enough to get through the good Doctor’s defences, both mental and technical. It downloaded a file to his computer. That file created the jdlkalkschheijscnkjw.exe program, and installed it in such a way that it ran before Desktop. It then rebooted his computer. When the computer started again, jdlkalkschheijscnkjw.exe started up, prevented Desktop from running, and popped up the scary message. What it did not do, as far as I could tell, was encrypt any files or do any other damage.
It’s like: what if the mafia tells you they’ve burnt your house down, but all they did was put red paint over your glasses? It’s the ultimate in criminal laziness. I’m almost impressed.
Dr Keith’s files, meanwhile, were safe. I made sure he had a responsible backup procedure in place, and that his anti-virus and Windows Updates were all working. He promised he wouldn’t go shopping online any more, and wondered if I knew where he could pick up a nice hat. I told him I couldn’t help there. I’m not the IT mad hatter. I’m just an IT blacksmith.
Most of the time, when I do a house call to fix someone’s computer, the job is pretty straightforward. Bodgy internet, fussy printer, hard drive that won’t wake up: mostly I fix it, sometimes I have to break the bad news, but in general I don’t spend my time looking for naked photos of a bloke’s wife on his laptop. This is a story about the one time that was different…
Location: Abels Bay, by the beach. Theo was a balding forty-something chap with a nervous handshake. He told me his story and I understood why he was nervous. His wife of ten years, Elly, had recently made the decision to stop being his wife, and was in the process of introducing him to her lawyers. Point of contention: some photos that Theo had taken of her as she stepped out of the shower. Elly claimed that this sort of sleazy behaviour was typical of him, that he’d always done it even though she hated it. Theo admitted taking the photo in question, and plenty before, but asserted that it was always with her complete, even enthusiastic consent. Now that she wanted out of the marriage, he said, she was lying to make him look bad.
I’m the IT blacksmith, not the IT Freudian psychoanalyst, so I figured I’d give him the benefit of the doubt, and asked why he needed my help. “It’s the photos,” he told me. “They’re on here somewhere, and they show Elly, stark naked, and smiling, proving that she didn’t mind me photographing her. Trouble is I don’t know much about computers and I can’t find the bloody things. I want you to find them for me so I can prove I’m not the biggest sleaze since Rolf Harris!”
OK. So you want me to find naked photos of your wife. Riiiiight. Well, a buck’s a buck, and I used to live in Canberra so I’ve heard worse than this. Get to work then!
The first part of the job was easy. A simple command to find every photo file on his entire computer and stick a copy in one folder where I could check them. Took a while to run, but run it did. Problem: it turned up about ten thousand photos. Far too many to search through manually!
If I had a super computer with image recognition software, I could just program in “show us your rude bits” and it would spit out the anti-incriminating photos in no time. Problem: I did not have a super computer with image recognition software.
Or did I…?
As it happened, I did have a super computer. In fact, with two of us in the room there were two super computers! The human brain is a remarkable machine, and it just so happens that it’s very good indeed at finding pictures of people in among other noise. That’s the reason people keep seeing the Virgin Mary on their toast! Why not apply that fact to this puzzle?
I downloaded Irfanview, an image viewing program, and pointed it to the folder with the ten thousand photos. Irfanview had a feature I needed: it flicks through photos quickly if you hold down the space bar. That’s what I did: I just sat there, let my eyes unfocus, and began looking through all the images.
What did I learn? For a start, Windows sticks an awful lot of pointless photos on a typical computer. Hundreds, maybe thousands, of icons, buttons, animated dogs, chatty paper clips and the rest. Most of what I saw was those. And after that, I learned that Theo was indeed a keen photographer. Very keen. However, his subjects were mainly his boat, his dogs and the rocky and snow-covered piece of far north Tassie where he and his wife used to have a holiday shack. As for photos of Elly herself… there were none. Irfanview was fast, so we were able to go through the collection twice, just to make sure. I know the trick worked, because the couple of photos that had, say, Theo in a singlet or some passing tourist in a t-shirt were immediately obvious, even at high speed flicker, so I could stop and go back and, gritting my teeth, check to see if they contained Elly’s smile and other less-commonly-seen bits of her. They did not.
Poor old Theo had his day in court, and came out a chastened and somewhat poorer single man. Elly, if I’m to trust Theo’s account of the matter, started a relationship with a nice lawyer, coincidentally the one who had been of such great assistance to her in her time of need. And as for the photos, well… maybe they were there and had already been deleted by the much more tech-savvy Elly, or maybe they never were and Theo was delusional, or paying me to waste some time to make his argument look plausible. Who knows? I’m not the IT magistrate either; just an IT blacksmith.