How I ended up accidentally importing a customer's entire Windows registry



  • I'm a developer at a software company that produces software for high school timetable generation & management. (You yanks have a different system and don't need this category of software). From time to time, we get a bug we can't reproduce, and in these cases I sometimes ask the customer to send me their registry settings for our product because they sometimes have display settings which are critical to reproducing the bug.

    Mostly the people we liaise with are very computer literate. They can confidently follow instructions to open 'regedit', right-click on the relevant tree, and export stuff to a .reg file. But in this particular case, the person was not so confident in doing this sort of thing. I'm not sure whether I failed to explain that she should only export our application's settings or whether I explained but she right-clicked on the root of the tree, but either way I got a 5Mb file from her. I did wonder about the 5Mb somewhere in the periphery of my subconscious, because normally these files are just a few K, but I think I thought I'd mis-read it or it was incorrect or something. So then I did what I normally do, I import the .reg file.

    My computer immediately started acting weird. So of course I rebooted. I then got a custom Windows login screen: "Welcome to Hogwarts Group of High Schools" with custom graphics and stuff. After about 1 minute the faint memory of the 5Mb .reg file re-entered my consciousness and the realisation dawned on me. Oh. My. God. What have I done?!!

    I immediately called our very competent sys-admin for help. I was fully expecting to have to reimage and rebuild my machine. I don't keep regular backups of my machine. To my amazement, within 15 minutes he had erased all evidence of my colossal mistake - he used the WinNT shadow file thing to reinstate my registry file from a day earlier. And 2 years on, I haven't missed a beat.

    But in order to be able to log into the injured machine, and before I knew what was actually going on, I rang up the customer with some confused questions. So she was tipped off that something bad had happened. My dilemma was then how to avoid her and her superiors learning that their school had suffered a potentially serious security breach...all her passwords and stuff to 10's of 3rd party systems were possibly in this file. I wrote her a full report about what had happened, and what I had done to erase all trace of the 5Mb .reg file. I then told her that I would not tell a soul, and she could use her own judgement whether to send my report to her superiors or not. I have not heard a peep since the incident and so it seems like she decided to keep quiet!


  • Banned

    That was very stupid of you to apply random registry file on your workstation without first checking the contents.

    The story reminded me of how I once had to help a coworker with broken .bashrc making him unablo to ssh on remote server. I downloaded it to my computer, edited, and reuploaded. The problem is, I've downloaded it to my home directory...


  • :belt_onion:

    Obligatory

    Nice WTF, 8/10, would read again



  • @tcotco said:

    From time to time, we get a bug we can't reproduce, and in these cases I sometimes ask the customer to send me their registry settings for our product because they sometimes have display settings which are critical to reproducing the bug.

    It sounds like this particular issue has crept up more than once. In that case, wouldn't it be simpler to have a feature that automatically creates an export with the relevant keys, and then you can apply it your local environment without fear? Having an end user muck around in regedit in general is asking for trouble.


  • Fake News

    There are these things called virtual machines. Why not apply the reg files to one of those? You can even shut down the VM without saving the changes...



  • I would say these things are called configuration files. The only stuff that really belongs in the registry is COM registration information, installation information, and possibly global enterprise-y settings that normal users shouldn't be able to muck with.

    But something something YOLO something something I wouldn't be surprised if this involved a VB6 app.



  • @tcotco said:

    So then I did what I normally do, I import the .reg file.

    My computer immediately started acting weird.

    Wait, you don't use a virtual system for this kind of work? Or some software for reading .reg files? Or any of a number of viable solutions that don't involve importing the .reg into your workstation? Sounds like you fell victim to a :wtf: procedure.



  • CVE-2014-9390 springs to mind.


  • BINNED

    @abarker said:

    software for reading .reg

    like euh ... notepad or any other text editor ... should be good enough for having a look a the registry settings



  • Stupid Windows. Why you can't undo a whole rewrite of your system settings?

    Now, seriously, use a VM thing.


  • Discourse touched me in a no-no place

    @Eldelshell said:

    Stupid Windows. Why you can't undo a whole rewrite of your system settings?

    I thought everything in Windows had an Undo..?



  • @PJH said:

    I thought everything in Windows had an Undo..?

    It's called System Restore. Now, just how far will it undo your changes is another matter...



  • Back to Linux?



  • Since it seems like you need to do this frequently enough, I'd recommend some script to export the reg settings and anything else relevant and have it zipped up.
    It makes life easier than explaining and hoping the end-user doesn't goof.

    Also agree with using a VM for reproducing customer issues. You can snapshot and revert easily and not have to worry about have either environment get contaminated.



  • @lolwhat said:

    There are these things called virtual machines. Why not apply the reg files to one of those? You can even shut down the VM without saving the changes...

    There are not enough likes in the world for this! (and VM snapshots ROCK!)



  • @Eldelshell said:

    Stupid Windows. Why you can't undo a whole rewrite of your system settings?

    Did you read the OP?

    That's exactly how his IT guy solved the problem.



  • @blakeyrat said:

    Did you read the OP?

    That's exactly how his IT guy solved the problem.

    I need to look at shadow copy at some point. Sounds like very useful thing, but eventually, I'll end up needing disk space, so this will be the first thing to go.



  • @cartman82 said:

    Sounds like very useful thing, but eventually, I'll end up needing disk space, so this will be the first thing to go.

    Once you look into it, you'll realize it operates entirely in your "unused" disk space.

    However, I don't think in this specific case they used ShadowCopy, I think they used the normal Registry backup kept in the System Restore database, which is a different feature, which does use disk space.


  • FoxDev

    @cartman82 said:

    Sounds like very useful thing, but eventually, I'll end up needing disk space, so this will be the first thing to go.

    Given the current storage prices i'd highly recommend simply buying a bigger harddrive is storage space becomes an issue.

    currently you can get 3TB spinners for < $100USD, most desktops, even with a bunch of VMs would be hard pressed to use all of that.



  • @blakeyrat said:

    Once you look into it, you'll realize it operates entirely in your "unused" disk space.

    Interesting article:

    So, yes and no. Shadow Copy takes some fixed percentage of disk space. But since it operates with diffs, in that small space it can store a lot, especially if you don't have much churn.

    BTW good thing I looked into this. For some reason Shadow Copy for my system disk was set to 0%. No idea when & why.



  • @accalia said:

    Given the current storage prices i'd highly recommend simply buying a bigger harddrive is storage space becomes an issue.

    currently you can get 3TB spinners for < $100USD, most desktops, even with a bunch of VMs would be hard pressed to use all of that.

    I basically ran out of SATA ports, so I'll have to start buying larger 3TB-s to replace old puny 1TB drives.


  • FoxDev

    that can be fixed:



  • @accalia said:

    that can be fixed:

    There are certain advantages desktops have over laptops... (I've gone all laptop except for my old Windows Home Server - running a version of Server 2003)


  • FoxDev

    @dcon said:

    There are certain advantages desktops have over laptops...

    and the reverse is true. it's all about what tradeoffs you are willing to make


  • Winner of the 2016 Presidential Election

    @accalia said:

    currently you can get 3TB spinners for < $100USD, most desktops, even with a bunch of VMs would be hard pressed to use all of that.

    /me looks at his 20+ TB of internal and connected storage, most of which is in use.

    So I'm not normal, huh? Is that what you're saying? 👿

    Because you'd be right. 🕶



  • Well it's not "abnormal", really, but have you considered at least slightly controlling your porn habit?



  • @Dreikin said:

    @accalia said:
    currently you can get 3TB spinners for < $100USD, most desktops, even with a bunch of VMs would be hard pressed to use all of that.

    /me looks at his 20+ TB of internal and connected storage, most of which is in use.

    So I'm not normal, huh? Is that what you're saying? 👿

    Because you'd be right. 🕶

    I only have half of that storage, and only half used, so I'd say I'm less of a hoarder than you.

    @dcon said:

    There are certain advantages desktops have over laptops... (I've gone all laptop except for my old Windows Home Server - running a version of Server 2003)

    Perhaps you should not go "all laptop" then?
    I keep a misc server around that holds all my large files, and backups. It is also web facing, so I can access the files (although at a much reduced bandwidth) remotely.
    You can make it fairly compact, headless and low-energy without too much effort. Besides that server, I do everything on my laptop, so local storage is quite limited.



  • @Nprz said:

    I keep a misc server around that holds all my large files, and backups. It is also web facing, so I can access the files (although at a much reduced bandwidth) remotely.You can make it fairly compact, headless and low-energy without too much effort.

    Wow, if only someone would sell a pre-built and pre-configured server like that!

    O wait, lots of companies are selling NASses. Since like forever.



  • NAS suck and cost more combined than my solution?
    I can also host my picture server, music server, web, blah blah blah.
    Of course, if I already had this server and only needed network storage, then maybeno.


  • FoxDev

    @Dreikin said:

    /me looks at his 20+ TB of internal and connected storage, most of which is in use.

    So I'm not normal, huh? Is that what you're saying?

    /me looks at her 27TB personal NAS that's about 70% used

    you're not normal?

    huh.



  • What? You're now going to pull your pants down and have a size competition?


  • FoxDev

    😇

    nope. besides i'd lose by definition if we're comparing size of that thing.


  • Winner of the 2016 Presidential Election

    @Maciejasjmj said:

    Well it's not "abnormal", really, but have you considered at least slightly controlling your porn habit?

    Nah, it's not porn. It's mostly things like pictures and videos and other media1...I'm not helping myself out here, am I?

    @Nprz said:

    I only have half of that storage, and only half used, so I'd say I'm less of a hoarder than you.

    I'd try to aver that I'm not a hoarder, but then I wrote footnote #2.

    @accalia said:

    /me looks at her 27TB personal NAS that's about 70% used

    you're not normal?

    huh.

    Granted, you didn't explicitly say it, but it did seem implied.
    Also, I'm jealous now. I must resist the lure of the Amazon..

    @Eldelshell said:

    What? You're now going to pull your pants down and have a size competition?

    @accalia said:

    😇

    nope. besides i'd lose by definition if we're comparing size of that thing.


    I don't know, my butt's3 pretty flat for my size.


    1: Music, games, raw-type photos, and a whole lot of stuff I mostly don't care about that I have for raisins2. I (badly) try to keep backup versions of everything on separate drives, too. 2: A while back I decided to finally get all the data I could off a number of drives no longer in use before they all irretrievably bit the bit bucket. Several dozen hard drives later, I've got a big "import" directory with a bunch of stuff that I mostly don't care about, but some stuff I do care about hidden in there. So piece by piece, it's (very slowly) getting sorted and trimmed. This, plus frustrations with Adobe Lightroom, have led me to having a particular piece of software I want to create. I may be procrastinating some of the sorting and trimming until I finally make that software so I can use it as test data (after backing it up, of course). 3: We are talking about places used for storage, right?

  • Discourse touched me in a no-no place

    @Dreikin said:

    I may be procrastinating

    Act now! Procrastinate later…


Log in to reply