Bits from Bill

Technology thoughts leaking from the brain of "Bill Pytlovany"

Monday, July 30, 2012

How America Online Created the Internet

Last week Gordon Crovitz created a hornets nest of debate with an article in the Wall Street Journal, “Who Really Invented the Internet?”  This new article has generated more responses and distortions than Al Gore’s interview with Wolf Blitzer on March 9th, 1999 when he said, “I took the initiative in creating the Internet.

The goal of the WSJ article seems to downplay the governments’ role in developing technology that helped generate successful Internet businesses. What appeared to be a tech article turns out to be a political piece.

Mr. Crovitz would instead give full credit to Xerox PARC labs for their creation of Ethernet. He even managed to weave Steve Jobs into his story acknowledging Jobs saw potential in Xerox which included the graphical user interface he would later use at Apple.

I’ve read a number of articles which rebut the Journal and most mention Vinton Cerf and Robert Kahn who created TCP/IP while working on the government project called ARPANET. Ironically, many articles neglected to mention Sir Tim Berners-Lee who was honored during the Olympic Opening Ceremonies. NBC’s lack of info had everyone scrambling to search his contribution in creating a web standards group. Sir Tim documented application protocols and gets credit for HTTP, HTML and the URL format used to define hyperlinks. HTML is actually derived from SGML a mark-up language that itself resulted in early research by IBM.

In fact, most of the fame given to Internet pioneers is related to the technical networks and “protocols” used to transfer or present data in a meaningful, standard way.

So when I claim that AOL, who used a proprietary communication protocol(P3) and a display convention(FDO) optimized for 300 baud modem traffic, created the Internet, I’m going to make some heads spin

Critical Mass is defined as “an amount necessary or sufficient to have a significant effect or to achieve a result.”  What the Wall Street Journal and most tech historians ignore is the Internet, as we know it, would not have been possible without the millions of users instantly provided by America Online. The cost of hosting any website would not have been possible without a critical mass of customers to make it possible. Without AOL’s efforts to integrate and commercialize the Internet nobody would be spending money on your favorite website.

While I had left my lead development position in 1991, I stayed involved as a consultant to AOL and many of its partners. My initial consulting project for Capital Cites/ABC was building automated tools so they could easily upload content to build their AOL areas. The executive leadership at ABC (pre-Disney) openly acknowledged they weren’t expecting to profit by being online. Companies did see a future being online but many households still thought using a modem was for hacking into government computers. An presence online was still a research experiment for most enterprises. 

During the early 90’s my replacement at AOL, who had inherited my FDO language, convinced me that HTML would allow partners to use standard tools and modem speeds could now support it. America Online clearly knew the future was in the acceptance of Internet standards to provide even more content for their members.

Thanks to the archiving of AOL Press Releases by Time Magazine’s, editor at large, Harry McCracken, I was able to find some of the evidence that helps prove my point. Source: A History of AOL, as Told in Its Own Press Releases

qanimateYou may think AOL’s devious plan to create a critical mass of people online was the massive distribution of CD’s. Even when AOL’s Commodore service Q-Link was only available after 6 PM, it was obvious that online growth depended on modem availability. For years, AOL urged computer makers to include a modem as standard equipment. In 1990 AOL negotiated a deal with IBM to develop a service called Promenade to be installed on their PS/1 computers along with its own Prodigy experiment. Once IBM provided modems as standard equipment the industry had to follow. Thanks to AOL, all new computer owners had the ability to connect to an easy to use service without knowing of about duplexes, stop bits or parity. If not for the critical mass of consumer modem users nobody would have later invested in affordable broadband access.


On June 3rd, 1992 AOL announced it was opening up an Email gateway making it simple to send Email to contacts not using AOL. Members just needed to add the @domain name to the Email name. There still weren’t a lot of Internet ISP’s so at first it mostly provided a way for AOL members to communicate with friends on CompuServe and other online services.

Harry documented when AOL passed their 500,000 member goal in 1993 but I guess there wasn’t a press release on how AOL customers were unleashed onto the USENET News Groups with its first graphical user interface. When AOL arrived there were only 4,000 news groups. According to Wikipedia by October 2002 there were 100,000.  The invasion of new users provided a critical mass that allowed for groups on any topic imaginable. Unfortunately, the established USENET users weren’t happy that all these new users also meant diversity. AOL users were quickly labeled as “newbies” and worse because they didn’t know “the rules”. What had been a private playground used by techies was now available to anyone and AOL wasn’t welcomed. It was one of many contributions which were ignored and even generated negative press.

On June 2nd, 1994 AOL continued to promote Internet standards announcing an easy, graphical interface to the popular services Gopher and WAIS.  At the time, these were hot examples on what the Internet offered. Apparently, they weren’t as interesting to the masses since today most have never heard of them. Both were absorbed into standards defined by the World Wide Web Consortium. ( )

By the end of 1994, AOL opened its doors providing its own content in a HTML format making the service available to Internet users not using AOL software.  In November 1994, they acquired BookLink Technologies who had the most sophisticated web browser at that time.  Future acquisitions continued to focus on Internet enhancements.

Two million certainly seems small by today's numbers but providing those active AOL members with easy, graphical access was key to the growth of the World Wide Web.  AOL was instrumental in creating an environment to both grow a customer base and finally made it cost effective for most company’s to create an online presence.  In the next year, AOL’s membership doubled to four million.

In the years that followed AOL made some good and bad choices. The decision to make unlimited online access available was radical at the time but set a standard for others still common today. Unfortunately, as most you know, this seemingly popular decision backfired. The popularity of the service was unsurpassed and the inability for members to consistently connect would permanently damage the AOL brand. So, when I wrote telling you that “America Online Created the Internet”, your reaction was probably “What? AOL Sucks”.


America Online 20th Anniversary Celebration, May 2005

Most pictured here spent years working long hours with no expectations of changing the world. Many never became Internet millionaires. We just knew it was fun and shared the dream that we could provide an online world that anyone could use.

Share on Facebook

Saturday, July 21, 2012

SmartScreen Filter the Next UAC 2.0?

Now that most of us have stopped whining about the User Account Control screen Microsoft is trying to build a better program trap. Their newest plan is to expand a tool called SmartScreen Filter.  I’ve discovered both the good and bad with the plan.

Last month I investigated the need to have a code signing certificate for programs distributed by download.  This added expense for developers can range from $100 to $500 depending on the company providing the security review and certificate.
June 5th: Software Code Signing Certificates. Do you care?

My ultimate decision was to continue purchasing a certificate because it was respectful to folks upgrading to our new WinPatrol and set a good example to anyone new to downloading WinPatrol.  I also discovered if an application isn’t signed it’s nearly impossible to download using Internet Explorer with its SmartScreen Filter enabled.  While this is currently a feature of Internet Explorer expect to find SmartScreen Filter integrated into Windows 8.

Currently, when you try to download a new program which isn’t signed using Internet Explorer you’ll most likely see the following warning…


As I wrote about previously, even if you click “Actions”, Microsoft discourages you from downloading the file and essentially hides the sequence needed to continue your download.

When I released WinPatrol v25 signed with my brand new certificate I was in for a shock from "SmartScreen Filter".  While the message for my signed app was now yellow it still implied that WinPatrol was most likely a dangerous choice.


I received dozens of Emails from long time WinPatrol users most thinking that Microsoft was reporting a false positive.  It turns out that SmartScreen Filter doesn’t 100% trust a code signing certificate.  Based on recent events, they shouldn’t.

SmartScreen Filter is about trust and “Reputation”
SmartScreen Filter is best known as a tool to detect phishing websites based on their reputation. As you now know it also controls the files you download based on their reputation.

On the first night when WinPatrol v25 was released SmartScreen Filter put up what I’d call a level one warning. The screen says “this program is not commonly downloaded” but most developers might argue it will never get downloaded with warnings this scary. 
The only way to continue downloading was to click “More Options”. By the next day WinPatrol had accumulated enough downloads that its reputation improved enough to receive what I call “SmartScreen Filter” level two warning screen. When folks clicked on the “Action” button they’d still see a scary screen but downloading was a little easier.

While Internet Explorer continued to warn that WinPatrol could be harmful at least allow folks were able to “Run anyway”.  As a developer who just purchased a brand new code signing certificate I was still annoyed that Microsoft was recommending “Don’t run this program”.

After two days of scary warnings the WinPatrol setup program had finally become ScreenSmart worthy.  When launching our setup program everyone now receives normal installation screens starting with the traditional User Account Control screen.  Like SmartScreen Filter the UAC is designed to warn users before running apps that might be dangerous.

User Account Control
Even for signed applications the UAC protection has no white list. It has no way for a program to build its reputation. It currently doesn’t connect to the internet to collect or verify information on the program you’re about to run. Essentially, UAC is an extra step users must agree to before running a program which has special rights or permissions. It hasn’t really changed much since its introduction.

SmartScreen Filter
On the other hand, while I’d like to see the scary messages rewritten, SmartScreen does provide an advantage over User Account Control. It has great potential for growth and improvement. The SmartScreen Filter connects to the Internet and evaluates a file before it’s allowed to run. Instead of being a tool to detect phishing sites, Windows 8 users will become familiar with SmartScreen  Filter anytime they want to run a file downloaded from the internet.

When you hear Microsoft promoting Windows 8 as more secure, this will be one of the reasons. It provides a serious security layer that many users will like, especially if they have kids. Others won’t like it and have already written articles on how to disable it. Beta versions of Windows 8 includes two SmartScreen options under the Folder Options dialog. If done properly I can imagine some users reducing their UAC setting in favor of SmartScreen Filter.

I’m told next year when I renew my certificate I’ll need to rebuild my reputation again. That means when I make an update available using a new code signing certificate we’ll spend another couple days scaring users. I haven’t talked to other developers to find out if two days is normal for legitimate signed application. I’m also curious if determining a reputation will change for applications downloaded from the Microsoft Store for Windows 8.

My Recommendation

The only true failure occurred when I clicked on the “What’s SmartScreen Filter?” link. Something like SmartScreen Filter really needs a help screen instead of the following results which I can only guess is an error that can easily be fixed.


I’d also hope that SmartScreen Filter provides a special category for programs which install a 2nd unrelated application. Just this morning I was approached by yet another toolbar company offering me big bucks to install their toolbar as part of our WinPatrol setup.  In my opinion, these programs do cause harm and should never receive a good reputation.

Either way, I’m sure you’ll hear more about this topic.  I’m curious about SmartScreen and will pass along more information as I discover it.

SmartScreen Filter: Frequently Asked Questions

Microsoft Recalls Certificates Exploited by Flame malware

Microsoft Security Advisory:
      Unauthorized Digital Certificates Could Allow Spoofing

Windows 8 To Feature SmartScreen Filter Protection

Share on Facebook

Saturday, July 07, 2012

WinPatrol v25 Learns Lessons from Stuxnet

In recent months we’ve all noticed a change in how malware is introduced on someone’s computer. While the most common entry point remains users making a bad choice, the use of program vulnerabilities is used by more sophisticated malware. The number of Microsoft vulnerabilities being exposed is actually decreasing yet Microsoft was forced to send a number of out-of-cycle Windows security updates last month. Non-Microsoft applications however accounted for 71.2% of all publicly known vulnerabilities in the 2nd quarter of 2011.

There’s no Anti-Virus software available that can totally protect you from the variety of vulnerabilities that continue to be exposed by hackers. Even WinPatrol can’t stop all these holes but does everything possible to alert you and help you cleanup unwanted programs. Some of the newest malware sits quietly in the background waiting for a target. One of our goals has always been to make sure you know what’s happening on your system. WinPatrol v25 continues to improve its monitoring of system location required by sinister applications.

Based on the research done on state sponsored malware like Stuxnet and Flame I’ve added two new features which have become popular methods used to hide and disable security programs. These new features are designed to prevent programs from hiding on your system waiting for a target before releasing their full payload.

* Uninstall Detection ( NEW! )
The new WinPatrol v25 will track programs that have been installed on your system and will monitor the location Windows uses to store Uninstall information. This location includes the path to the Uninstall command which is often used by malware to remove a program silently. WinPatrol will let you know the names of any programs which are removed. This feature is available to PLUS only users and is optional. Legitimate alerts may occur during software updates or when you choose to remove software.

* Start Program Removed Detection ( NEW! )
All WinPatrol users can benefit from the often requested option of Start program removal. WinPatrol PLUS is not required to benefit from this feature. WinPatrol was the first program to let users know if a new auto startup programs were installed. Now WinPatrol will also let you know if another program has removed one of your Startup programs. One of the common behaviors of malware is to reduce the possibility of being detected by Anti-Virus or security software. It’s common for new malware to remove programs from your auto Startup list so it won't be detected. Since WinPatrol is not as well known as other commercial products it's rarely a target for removal.

Recent Exploits

* Delayed Startup Programs
One of our more popular features is the ability to delay the launch of a Startup programs. This can really speed up your boot time. Our recent sale generated a lot of new WinPatrol users who helped isolate a few bugs in Delayed Start especially on the 64 bit versions of Windows. These bugs have been fixed so programs aren’t lost and parameters are properly returned when moving a Delayed program back to its original status.

* Windows XP Kill Task
This bug only affected XP users and even reverting to our v18 code didn’t resolve a flaw preventing WinPatrol from killing tasks. It turns out Microsoft changed the value of one of the parameter masks used in a function called OpenProcess. The Kill Task function broke on XP after we updated to newer Microsoft tools in our efforts to better support Windows 7. Sorry to the XP folks that it took this long to find. I can't thank Larry from Microsoft enough for his assistance. This is an important feature because unlike Task Manager, WinPatrol allows you to select multiple programs to kill with one click.

* Company Name, Details and Correct Path
One of the first steps in detecting a suspicious programs is the lack of a company name in its resource. On Windows 64 bit machines not all of the details of programs were available due to a bug I found and reported to Microsoft. It turns out a common Windows function called ExpandEnvironmentStrings won’t always providing the correct path when represented by the environment variable %programfiles%. If you’re using Windows 64 bit you probably noticed there is a "C:\Program Files" path for 64 bit programs and older programs are stored in "C:\Program Files (x86)". A correct path to your program is required to obtain details like a company name. We’ve worked around this bug so we can find the correct path which is required for company name and many other features. .

* Misc Fixes
Anyone who noticed Scotty's ability to run on startup was sometimes missing will be pleased. There was in fact a bug that removed WinPatrol as a Startup program. It wasn't caused by other programs, just programmer stupidity.

* Remaining Bug – Scotty Barks
There's a weird bug that some folks have experienced where Scotty just randomly barks but doesn’t display a message. It's been around for years and receive reports 2-3 times a month. Usually reinstalling WinPatrol fixes the problem. If you experience this bug you can help us narrow down the reason for this barking by using a little known feature in WinPatrol.
In the Windows Control Panel you'll find an Sound Applet that allows you to customize sounds in programs which take advantage of this option. Near the end of the list of applications you'll find WinPatrol and you can assign different sound files to the different kind of WinPatrol alerts. Instead of our barking sound you can assign any sound you have available on your system. This feature was created for our legally blind supporters. By assigning a different sound file to each alert type you may help us narrow down the type of alert which is occurring when Scotty barks but doesn't display a message.

Why You Need WinPatrol
If you’ve wondered why you need WinPatrol just read what Microsoft has discovered in their malware research. “In the fourth quarter of 2011 alone, Conficker was detected on 1.7 million systems worldwide
This infection is still increasing even though it’s well known to all popular security programs and simple Windows security updates will prevent it from spreading.

You need extra help and WinPatrol is still designed to monitor locations ignored by traditional security software. Contrary to what they might read you from a support script, WinPatrol works and plays well with others. You can run WinPatrol along side your favorite Anti-Malware package and you'll never detect any difference in performance.

Microsoft Security Intelligence Report

Process Security and Access Rights

Computer World June 7th, 2012
Flame authors order infected computers to remove all traces of the malware

Update: As mentioned in the comments some folks are experiencing are repeating alerts since this weeks Windows Update.  This problem has been fixed and verified. On Friday July 13th a new release 25.0.2012.5 is available on our download page.  It fixes the repeating Uninstall alerts and a bug on our Automatically run checkbox.

Read more and download from the following upgrade page.

Share on Facebook