• Read the Windows setup page and the Windows x64 setup page (if you are on 64 bit)

If you are on a 64 bit Windows install:

• Check out this post if your JRuby is using the 32 bit JVM on a x64 Windows setup
• You need to use version 4.0 of VirtualBox (rather than the latest). You can get it from here
• You need to use an older version of Vagrant:

  jgem install jruby-openssl jruby-win32ole
  jgem install --version '=0.7.8' vagrant

• If the vagrant box download stops around 4G, check that you have a NTFS filesystem (rather than FAT) and deactivate any "network" scanning capabilities of installed security software (I had problems with NOD32 particularly)

HTH

1. Get a second computer with the same operating system version which didn’t have a 3G modem installed (for example if your target system is running Windows 7 64 bit you need a second system with Windows 7 64 bit – different skews like Home vs Ultimate are ok, but the version and "bitness" must coincide – you could also try using a virtual machine for the second machine which supports USB forwarding like VirtualBox or VMWare)
2. Plug in the modem in the second machine. First it will recognize it as an USB stick / CD-ROM. Copy all the files from it to a separate folder (you should see files like "setup.exe").
3. Let the setup complete. Now copy the installed drivers to the same place you’ve saved setup file. Under Windows 7 you would find them in the location C:WindowsSystem32DriverStoreFileRepository in several folders starting with "gth" (like gthsubus_64.inf_amd64_neutral_4810563f34b37ef5), but here is the generic way to identify the folder:
   1. Start Device Manager
   2. Look for one of the devices associated with the modem (you will find actually several, like GlobeTrotter GI515M – Modem Interface, Network Interface and so on)
   3. Properties -> Driver -> Driver Details. Note the name of the driver for which the provider is Option (for example gtuhsser.sys)
   4. Now search your Windows folder for files ending in .inf which contain the name of driver from the previous step. This will point you to the right folders
4. On the first computer (the one you actually want to install the modem on) remove all previous versions of the software using the Add-Remove Programs facility (you will see two-three entries but they can be easily identified by the same orange icon). Restart the computer for good measure.
5. Copy over the setup program and the drivers from the second computer. Plug in the modem to the first computer, install the application (using the setup file captured on the second computer). Go into the device manager and look for "Unknown device"s (you should see four of them). Use the drivers captured on the second computer to resolve these issues.
6. Unplug and replug the modem – it now should work!

A couple more talking points:

• don’t use "driver manager" type software – they very rarely (read: never) seem to work
• a symptom that you’ve hit this problem is when the management interface (dialer / "Internet Everywhere") for the modem starts but it gets stuck in the "Initializing" phase when you connect the modem and consumes CPU (from what I’ve seen with a debugger it seems to be looking for the installed device in a loop)
• the modem seems to be prone to overheating if the signal-strength is low (around two bars) and in this case it shuts down after ~10 minutes (I assume that this is some kind of thermal protection). You can check if this is the case by putting your hand on the bottom side of the modem. I couldn’t find and solution for this, other than looking for a spot which has better signal. Using the modem in EDGE rather than 3G mode also seems to do the trick, but it has lower speeds and I don’t know of any reliable method to make the modem use EDGE if 3G is also available.

jruby --version
jruby 1.6.3 (ruby-1.8.7-p330) (2011-07-07 965162f) (Java HotSpot(TM) 64-Bit Server VM 1.7.0) [Windows 7-amd64-java] # 64 bit
jruby 1.6.3 (ruby-1.8.7-p330) (2011-07-07 965162f) (Java HotSpot(TM) Client VM 1.6.0_26) [Windows 7-x86-java] # 32 bit

To work around this issue, specify the JVM to use in your jruby.bat (or other batch files installed by gems like vagrant.bat) explicitly. Example jruby.bat:

@ECHO OFF
java -Djruby.home=C:jruby-1.6.3 -jar  -jar "C:jruby-1.6.3libjruby.jar" %1 %2 %3 %4 %5 %6 %7 %8 %9

Example vagrant.bat

@ECHO OFF
java -Djruby.home=C:jruby-1.6.3 -jar "C:jruby-1.6.3libjruby.jar" "C:/jruby-1.6.3/bin/vagrant" %1 %2 %3 %4 %5 %6 %7 %8 %9

ADSL Modem+Router (no wireless) –-> laptop broadcasting over writess –-> ... –-> other laptops

The solution is the following:

• Set up an ad-hoc network on laptop wifi card (using a different subnet – 10.0.0.0/24 for example)
• “Connect” to it to make it work:
• Enable IP forwarding on the machine from the registry

It is simple as 1-2-3 :-p. Some caveats though:

• This setup won’t give you DHCP. So make sure that you configure your other machines with a static IP address
• It also won’t give you DNS, so configure something like the Google DNS (8.8.8.8 or 8.8.4.4) or OpenDNS (208.67.222.222 or 208.67.220.220) or even your ISPs DNS
• The ad-hoc wifi connection has reliability issues. It happened multiple times that I had to restart it because it disconnected and wouldn’t connect any more, but it is a good temporary solution.

PS. You can download the drivers and user manual for the SmartAX MT882 ADSL Router here (the link might go dead unexpectedly, since it is served out of Dropbox). This is a standard modem provided by Romtelecom (the Romanian telecom provider) and I couldn’t find it elsewhere because Huawei is very secretive about its stuff (the files were copied from the CD provided with the modem). The driver makes the USB connection work as a network card (which is very elegant and simple).

Without further ado, compiling a large(ish) Java project on Windows XP:

real    3m16.776s
user    0m2.333s
sys     0m0.796s

And Ubuntu 10.10:

real    1m32.169s
user    2m10.488s
sys     0m12.677s

More than twice as fast! Neat!

Update: a friend just got a newer machine with better processor (Core i5 vs Core Duo) with Windows 7. The new machine with Windows 7 compiles the project in ~1m50s, so still Ubuntu seems to be the better choice.

To get the bad stuff straight out of the way:

• The authors define a very wide scope for the book in the introduction (something along the lines of “everyone should read it” – of course I’m paraphrasing). There is stark contrast however between this statement and the level of knowledge required to be able to understand the book, knowledge mostly isn’t covered in the book
• A large part of the book is monospaced textual content. They don’t use a typeface however in which you can easily differentiate between the letter l and the digit 1 (like Monaco), which makes many of the examples ambiguous
• The chapters have a certain feel of disorganization to them in my opinion, and frequently they seem to be more of a “tips & tricks” collection than complete whole. I assume that a large reason for this is the fact that the WinDBG commands evolved over time, so there isn’t a simple logic which can “decode” all of them (similar to the MS-DOS/MS Windows batch language). Still, a summary of the commands (in cheat-sheet fashion) would have been nice.

One positive aspect of the book is its low error rate. In fact I’ve seen only one error in the whole book (there might have been more, but not many more): a drawing shows the end of the SEH chain as being 0x00000000, while in fact it is 0xFFFFFFFF (the correct value is used however in the text). An other positive aspect is the thoroughness: after reading trough all off ~750 pages, you will get a very good idea about the capabilities of WinDBG and other related tools.

So would I recommend reading this book? If you want to use WinDBG (or other debuggers from the Windows Debugging Tools) yes, but only after reading at least the Windows Internals and an assembly book (I’ve heard that Art of Assembly would be good, although I’ve didn’t read it myself). It should have a warning sticker: for hard-core enthusiast only.

Full disclosure: the links in the post contain my Amazon Affiliate ID.

A small Windows tip: if your computer is part of a domain and all of the sudden you can’t access resources over the network (like shares, printers, etc), try changing your password.

I observed this in several networks, and although I’m not entirely sure about the reason – I suspect that it has something to do with the password expiration policy (even though the password seem to work when logging into the given system – even after a cold boot) – this workaround always seemed to work.

Update: Here is the discussion on serverfault about the problem. There were some good suggestions by Nico, but unfortunately no final solution was found as of now.

Picture taken from gemsling’s photostream with permission.

API-MS-Win-Core-RtlSupport-L1-1-0.dll
API-MS-Win-Core-ProcessThreads-L1-1-0.dll
API-MS-Win-Core-Heap-L1-1-0.dll
API-MS-Win-Core-Memory-L1-1-0.dll
API-MS-Win-Core-Handle-L1-1-0.dll
API-MS-Win-Core-Synch-L1-1-0.dll
API-MS-Win-Core-File-L1-1-0.dll
API-MS-Win-Core-IO-L1-1-0.dll
API-MS-Win-Core-ThreadPool-L1-1-0.dll
API-MS-Win-Core-LibraryLoader-L1-1-0.dll
API-MS-Win-Core-NamedPipe-L1-1-0.dll
API-MS-Win-Core-Misc-L1-1-0.dll
API-MS-Win-Core-SysInfo-L1-1-0.dll
API-MS-Win-Core-Localization-L1-1-0.dll
API-MS-Win-Core-ProcessEnvironment-L1-1-0.dll
API-MS-Win-Core-String-L1-1-0.dll
API-MS-Win-Core-Debug-L1-1-0.dll
API-MS-Win-Core-ErrorHandling-L1-1-0.dll
API-MS-Win-Core-Fibers-L1-1-0.dll
API-MS-Win-Core-Util-L1-1-0.dll
API-MS-Win-Core-Profile-L1-1-0.dll
API-MS-Win-Security-Base-L1-1-0.dll

I guess somebody found an OOP book and started applying the “single responsibility principle” to kernel32 :-). What does this mean to you? If you are an end-user, nothing. If you are a RE or a low level programmer, take care because many functions from kernel32.dll are now forwarded into these DLLs instead of being directly implemented.

Update: here is a little more detailed post on the Avert Labs / McAfee blog.

This is in fact consistent with the way the Windows XP UI works, with a small, but important, difference: under Windows XP you do not get the impression that the whole row is selected (and, in consequence, it should work the same), while under Windows 7 you do.

Win 7  is a big step forward (do not run Vista! do not run Vista!), but it still has its glitches (the glowing-animating progress bar is pretty annoying also).

The error message:

wedit.exe - Entry Point Not Found

The procedure entry point SHGetFolderPathAndSubDirW could not be located in the dynamic link library SHELL32.DLL

Tools used:

• IDA Pro 4.9 freeware
• HxD – Freeware Hex Editor and Disk Editor
• BB FlashBack – to record the process

Here is the script which is shown in the background:

• Patching lcc-win32 so that it runs under Windows 2000
• We try to run the editor and we see that it (in fact the windows loader) errors out saying that it can’t find a given export in SHELL32.DLL
• Bonus tip: you can copy the contents of a message box by pressing Ctrl+C when given focus.
• Ok, we open up the executable in IDA to asses the situation (we already generated the idb file to speed up the demo)
• Using cross-references we see that it is only used in one place, and even that doesn’t seem crucial.
• So we edit the IAT of wedit.exe so that it imports an other function instead of the original one (so that it loads).
• For safety we NOP out the call code. We must NOP out the pushing of the parameters and the call to keep the stack in sync.
• Finally we test that everything works.
• Thank you for your attention!

So you see, things can be fixed, even when you don’t have access to the source code, but it is nicer (and less complicated) when you do. Hopefully this will help somebody out