nav search
Data Centre Software Security DevOps Business Personal Tech Science Emergent Tech Bootnotes
BOFH
Lectures

back to article
Windows 10 debuts Blue QR Code of Death – and why malware will love it

Bronze badge

What will make this work

(for large values of "work") is that Windows users will likely think 'ah, M$ has finally got it right and gone all modern, and when that link is followed, there will be a pot of informational gold at the end of it'.

18
3
Silver badge
Alert

Re: What will make this work

Download the Micros0ft Windows 10 diagnostic app for Android. To install, simply go to settings and allow installation from all sources (this is necessary to install Windows apps) and then tap Install...

21
1
Silver badge
Facepalm

Re: What will make this work

Ahh ... I see where this is going. All those billions of blue screens need an Android device, you say? Will the app be paid for, or just show ads?

8
3
Silver badge
Childcatcher

Re: What will make this work

God, I hope not. The telemetry in Windows 10 alone is bad enough without adding Google's big brother to it.

15
1
Silver badge

Re: What will make this work

Download the Micros0ft Windows 10 diagnostic app for Android"

Actually, this would be a very handy tool that would mean the blue screen QR code only needs to contain an error code and such information - in fact it could be a series of QR codes. The Win diag app would then control the web interaction, making it harder to fake the blue screen etc...

Obviously, versions for iOS etc. would also be useful.

1
2
Silver badge
FAIL

Re: What will make this work

in fact it could be a series of QR codes.

Sure. And what will stop a fake crash screen to display a malware URL anyway instead of just crash diagnostic codes? What percentage of users (that have an Android with the app installed in the first place) will fire up that app first to let it grab the codes, instead of blindly pointing it at the screen and tapping the 'go fetch' button?

It doesn't matter that the QR from a genuine crash shows diagnostic codes only, it matters what a fake crash displays and how users deal with that.

6
0
Silver badge
Trollface

Re: What will make this work

Download the Micros0ft Windows 10 diagnostic app for Android

Since I have installed this, I get offers from Nigerian princes and my compromising family photos are being used on /b/. How can I stop this?

3
0
Anonymous Coward

Re: What will make this work

"and why malware will love it"

Presumably because the devices you point at it will mostly be running Android or IOS and will be exploited by sending them to a target webpage.

1
1
Anonymous Coward

This would spoil the fun of trying to grab the error code on a Windows blue screen, which only flashes up for 500ms. Pre-digital camera era.

20
1
Silver badge
Windows

>This would spoil the fun of trying to grab the error code on a Windows blue screen, which only flashes up for 500ms. Pre-digital camera era.

Disable automatic restart on BSOD, simple, I always do ... I know MS tries to hide these from the user, but it does not really help, does it?

My fav has always been "Windows has been shut down to prevent damage to your computer." Now, if Windows damages computers, why do 99.99% of computers on the market come with it pre-installed ?

21
3
Anonymous Coward

"Disable automatic restart on BSOD, simple, I always do ... I know MS tries to hide these from the user, but it does not really help, does it?"

It helps a lot on a remote server where the BSOD may have been a one-off and you want the thing to start back up on it's own. A lot of servers may not even have monitors attached.

Did always wonder why there wasn't the option to restart automatically after say 60 seconds.. but I guess you can achieve the same result by asking it to do a full dump.

2
0
Trollface

Wait while I find my camera

I only have an old instamatic, let me get a picture, send it off, wait for the print, scan it, run it through the QR-reader software, visit the URL, run the reader software again because this has to be a wind-up, surely they would not have a web page that just said "err=unknown_driver_fail please uninstall the driver for Unknown Device" and nothing else...?

Or maybe I could take a shortcut around this whole insane process and use tracing paper and scan that instead?

Actually it doesn't seem like a bad idea, I just have no faith that the page you end up at will be of any use whatsoever and will simply add a delay and another swearing session before you swear and format and reinstall like you were going to do anyway. (admittedly I never entirely understood the logic of those who always did this)

10
0

dump

that's what the dump is for

3
0
Silver badge

" trying to grab the error code on a Windows blue screen, which only flashes up for 500ms"

It's likely in the event log. Also the code is usually displayed for a few seconds as the OS will complete a crash dump before rebooting.

3
1

"to prevent damage to your computer"

All (good) systems do this, just with more technical messages about why exactly damage would occur otherwise.

0
2
FAIL

Disable automatic restart on BSOD

Yes and how many images do you see this done on ?

1
0
Silver badge
Meh

"...the OS will complete a crash dump before rebooting"

And when it doesn't reboot?

1
0

Re: that's what the dump is for

I thought it was to fill up the old 60 gig hard drives so that people ran out to buy bigger ones?

3
0

Why not write the code to the hard drive?

Maybe have a small diagnostic partition. Of course if the hard drive shits the bed, this won't work. But if it is one of the more common BSODs, it should be able to write to it fine. And by being on a separate partition, it shouldn't hose the filesystem.

As for the servers, maybe have the screen flash for, say 1 minute? That way it gives you time to get the code while still allowing headless servers to reboot.

1
0

Re: Wait while I find my camera

"surely they would not have a web page that just said "err=unknown_driver_fail please uninstall the driver for Unknown Device" and nothing else...?"

Oh, yes they would!

Reminds me of the old IBM error messages that used to say something like "Error 10042fcd occurred" and you thought oh goodie that's nice and specific, the big blue book will tell me what's wrong. So you got out the big blue book and looked at the list of error codes, and the numbers jumped from 10042fc7 to 10042fe0 or something like that. Gah! Foiled again, curse you, Red Baron!

1
0
Silver badge
Linux

Re: dump

"that's what the dump is for"

Dumping the Windows PC?

Seems a bit harsh on the hardware...

1
0
Silver badge

Wot, no Microsoft Tag?

But seriously, El Reg is right - terrible idea that WILL be exploited in exactly the manner described.

22
1
Anonymous Coward

Penguin

Why not just use the Linux method, and just don't crash ever?

31
37

Re: Penguin

In the past 10 years or so, every BSOD on my Windows machines was either because of faulty hardware, or because of dodgy uncertified drivers.

19
4

Re: Penguin

Yes. but the cryptic blue screen message meant the average user hadn't a clue it was a hardware problem or driver problem. Windows is still shit at explaining the difference.

32
2
Silver badge

Re: Penguin

When trying out a recent Ubuntu, I got it to kernel panic simply by trying to run Firefox. Quirk? Bad luck? I don't know, but it didn't impress me...

12
7

Re: Penguin

Or fiction...

10
11
Silver badge

Re: Penguin

I had a similar issue trying to get Kubuntu (the version of Ubuntu with the KDE desktop) 15.10 to work . The installer kept crashing before the installation was complete. It took a lot of tries, but it finally finished installing.

Twenty seconds or so after booting, it would either stop responding to the keyboard and mouse clicks or go into a full kernel panic (if you thought the XP/Vista/7 BSOD was bad, try the Linux version). It failed in one of these two ways every time, whether I booted from the installation USB drive or from the boot device (SSD).

So much for the vaunted "never crashes" Linux.

15
4
Anonymous Coward

Re: Firefox on Ubuntu

Ubuntu runs Firefox just fine. You think if it didn't, no one would have noticed? Your fault finding doesn't impress me

7
24
Silver badge

Re: Firefox on Ubuntu

It might not run with a certain combination of motherboard, graphics card, and graphics drivers.

Sorry for the blasphemy and all that.

32
0
Silver badge

Re: Penguin

>When trying out a recent Ubuntu, I got it to kernel panic simply by trying to run Firefox.

Not possible, the kernel panic cannot be related to firefox, it just happened at exactly that moment ... it must have been something else, did you compile the kernel yourself ?

I have never seen Linux throw a kernel panic outside of boot phase, and then, the last one I saw was related to a dodgy sound driver, that I compiled. The one before that was in 2001, and I use Linux daily, since at least 1999 on laptops, desktops, etc...

11
20
Anonymous Coward

Re: Penguin

Bad RAM can cause your system to crash randomly and is more common than you might think - google for "sig 11 faq"

12
0
Silver badge

Re: Penguin

In the last 20 years every crash (since NT4 release) has been faulty hardware, or rubbish graphics driver or rubbish printer driver.

4
4
Silver badge
Windows

Re: Penguin

>In the last 20 years every crash (since NT4 release) has been faulty hardware, or rubbish graphics driver or rubbish printer driver.

Rubbish Windows ecosystem, then.

9
13
Anonymous Coward

Re: Penguin

Really? My Linux box stacked it just this weekend past.

Do I have an aberrant machine?

Not being snarky or anything, but as a long time Linux AND Windows user I've long since stopped noticing any sort of major stability difference between them.

17
0
Silver badge
Linux

Re: Penguin

"Why not just use the Linux method, and just don't crash ever?"

Even better - build one of those tiny linux distros right in there, boot to it and then offer the "report this/get more info" functions from a fixed menu, which of course could still be blue and have any graphics you wanted. Some motherboards already do something very similar.

9
0
Anonymous Coward

Windows is still shit at explaining the difference.

So true. So come on, own up. Which fanboi downvoted this?

5
6

Re: Firefox on Ubuntu

Have you tried plugging the graphics card INTO the motherboard?

3
1
Anonymous Coward

Re: Penguin

Memtest86+ is your friend

11
0

Re: Penguin

Didn't use Windows ME then?

There's plenty of BSOD hotfixes so not sure about that, although I'm sure it's true for a large number (I would add Network Card drivers to that).

3
0
FAIL

Re: Penguin

Why not just use the Linux method, and just don't crash ever?

Never hear of a kernel panic? They're fun to deal with!

Not that I get them that often, but then I don't have to deal that often with BSODs either... at least not the Windows 7 kind. There's no such thing as a completely non-crashing OS.

?Error text lookup failure

6
0
Silver badge

Re: Penguin

Cheap RAM is a false economy.

You know it's a common problem when both Linux and Windows has a memory test tool option from the boot menu

Personally, I always buy good branded ram and soak test it with memtestx86+ for several hours before I'll trust it to do real work.

I had an odd machine the other day though, where it passed memtest OK, but the PC was really unstable, turned out the customer had brought their ram off eBay from China as it was cheap.

I found that all 4 sticks have the same serial number and claim to be Kingston brand and have a part number of Kingston. Nice work cloning team !

8
0

Re: Penguin

Bad RAM can cause your system to crash randomly and is more common than you might think - google for "sig 11 faq"

http://www.bitwizard.nl/sig11/

I like his mate's solution to intermittently dodgy RAM - part-chop it for an "upgrade", secure in the knowledge that the shop-keeper's memory test will not pick up the fault. And you think the current Tory Government is immoral? They've got nothing on us geeks.

2
0

Re: Penguin

Fie, mortal! Don't you know Linux only has user errors, never bugs? You are clearly not pure in thought. Leave the magic kingdom and once and return to Windoze purgatory

7
1
Silver badge

Re: Firefox on Ubuntu

"Ubuntu runs Firefox just fine. You think if it didn't, no one would have noticed? Your fault finding doesn't impress me"

Way back, when Ubuntu first went to Upstart, it became more difficult to diagnose incompatibilities between H/W & drivers or config settings. It was that issue with regard to graphics that pushed me off Ubuntu onto Debian. Of course when Debian Wheezy goes out of LTS and it's wall-to-wall systemd that particular solution will have been lost.

So I believe the OP. "Works for me" is not an example of skilled fault finding but unfortunately it always seemed to be the staple of a few voluble Linux fan-boys.

8
0
Anonymous Coward

Re: Penguin

I was given a pc a couple of years ago, the owner was that fed up of win7 and win8 crashing on him he was going to have a ceremonial burning in the garden. I rescued it and installed ubuntu, it would be fine for days then crash, reinstall, rinse, repeat. Eventually i tracked down the fault to a dodgy sata cable. So for the cost of a 3 quid cable i've now got a shiny stable workstation. The original owner spent 800 quid on a new pc... Which crashes, reinstall ...

Crap hardware will crash anything, windows, linux, MSDOS 1.1ish (my first OS , them wer't days).

5
0
Anonymous Coward

Re: Penguin

"the cryptic blue screen message meant the average user hadn't a clue it was a hardware problem or driver problem."

The crash codes are easily Binged if you don't know what they mean.

2
9
404
Silver badge

Re: Penguin

Binged? BINGED? GTFO! That way ->

19
3

Re: The crash codes are easily Binged

I can get drunk on them? Tell me more!

11
0
Silver badge

Re: Penguin

Now we know who the Microsoft employees's are :-)

Nobody else would admit to using bing !

12
0

Page:

POST COMMENT House rules

Not a member of The Register? Create a new account here.

  • Enter your comment

  • Add an icon

The Register - Independent news and views for the tech community. Part of Situation Publishing