Revisiting the Windows 10 thumbnail cache

When you look at a folder full of pictures, and enable the display of thumbnails in your folders, Windows will show a thumbnail that represents each of the pictures. Creating these thumbnails is an expensive operation — the system needs to open each file, render the image in memory, and resize it to the desired size of the thumbnail. Therefore, Windows maintains a cache of thumbnails, saved in the following location: [User folder]\AppData\Local\Microsoft\Windows\Explorer.

A few years ago I published a utility for examining the thumbnail cache in Windows Vista and Windows 7.  However, in Windows 8 and Windows 10, Microsoft seems to have made some slight modifications to the file format of the thumbnail cache which was preventing my utility from working properly.  So, I revisited the thumbnail cache on the most recent version of Windows, and made sure the utility works correctly with it, as well as with all previous versions of the cache.

My updated ThumbCacheViewer supports thumbnail cache files from all versions of Windows after XP.  It automatically detects cache files associated with the current user’s account, and it also allows you to explicitly open thumbnail cache files from any other location. Once the file is opened, the utility will show a simple list of all the images contained in the selected cache. If you select an individual image, it will also show some useful metadata about the image:

thumbcache3

You can see that the cached images include thumbnails of individual photos, as well as thumbnail representations of folders that contain photos. Both of these can be forensically interesting, since the folder thumbnails still contain plenty of detail in the images. You can also see that there are separate caches for different resolutions of thumbnails, some of which are strikingly high-resolution (up to 2560 pixels wide, which almost defeats the purpose of a cache).

I’ll also point out that you can perform forensic analysis on thumbnail caches using DiskDigger, by opening the cache file as a disk image. You can do this by following these steps:

  • Launch DiskDigger, and go to the “Advanced” tab in the drive selection screen.
  • In the “Bytes per sector” field, enter “1”.
  • Click the “Scan disk image” button, and find the thumbnail cache file that you want to scan.
  • Select “Dig deeper” mode, and proceed with the scan.

Here is the same cache file as in the screenshot above, but viewed using DiskDigger (note the numerous .BMP images detected by the scan):

dd_88

Either way, this is now a relatively complete solution for analyzing thumbnail cache files, whether you’re a professional forensics specialist, or a home user who’s interested in how Windows preserves thumbnails in more ways than you might think!

The dead dream of chatbots

A long time ago I wrote about the Loebner Prize, and how it seemed like this competition isn’t so much a test of machine intelligence, but rather a test of how well the programmers can fool the judges into thinking they’re talking to a human. Not that anyone has actually done this successfully — none of the judges have ever been convinced that any of the chatbots were really a human, and the annual “winner” of the Prize is decided by sympathy points awarded by some very charitable judges.

In that previous post, I remember being struck by how little has changed in the quality of the chatbots that are entered into this competition:  it hadn’t improved since the inception of the prize.  So, today I thought I’d randomly “check in” on how the chatbots are doing, and read the chat transcripts from the competition from more recent years. (I encourage you to read the transcripts for yourself, to get a taste of the “state of the art” of today’s chatbots.)

And can you guess how they’re doing? Of course you can:  they still haven’t improved by any margin, except perhaps a larger repertoire of cleverly crafted catch-all responses. Even the winner and close runner-up of the 2017 competition are comically robotic, and can be effortlessly pegged as artificial by a human judge.

My goal in this post, however, is not to bash the authors of these chatbots — I’m sure they’re competent developers doing the best they can. My goal is to discuss why chatbot technology hasn’t moved forward since the days of ELIZA. (Note: When I refer to chatbots, I’m not referring to today’s virtual assistants like Siri or Alexa, which have made big strides in a different way, but rather to human-approximating, Turing-test-passing machines, which these chatbots attempt to be.)

I think much of it has to do with a lack of corporate support. Chatbots have never really found a good business use case, so we haven’t seen any major companies devote significant resources to chatbot development. If someone like Google or Amazon had put their weight behind this technology, we might have seen an advancement or two by now.  Instead, the competitors in the Loebner Prize still consist of individual hobbyists and hackers with no corporate backing.

Interest in chatbots seems to have peaked around 2012, when the cool thing was to add a customized bot to your website and let it talk to your users, but thankfully this died down very shortly thereafter, because apparently people prefer to communicate with other people, not lame attempts at imitation. We can theorize that someday we may hit upon an “uncanny valley” effect with chatbots, where the conversation is eerily close to seeming human (but not quite), which will cause a different kind of revulsion, but we’re still very far from that point.

Another thing to note is the actual technology behind today’s (and yesterday’s) chatbots. Most of these bots, and indeed all the bots that have won the Loebner Prize in recent years, are constructed using a language called AIML, which is a markup language based on XML.  Now, there have been plenty of ways that people have abused and misused XML in our collective memory, but this has to be one of the worst!  AIML attempts to augment XML with variables, stacks, macros, conditional statements, and even loops. And the result is an unwieldy mess that is completely unreadable and unmaintainable. If chatbot technology is to move forward, this has to be the first thing to throw out and replace with something more modern.

And finally, building a chatbot is one of those endeavors that seems tantalizingly simple on the surface:  if you look at the past chat logs of the prize-winning bots, it’s easy to think to yourself, “I can build a better bot than that!”  But, once you actually start to think seriously about building a bot that approximates human conversation, you quickly come up against research-level problems like natural language processing, context awareness, and of course human psychology, behavior, and consciousness in general.  These are most definitely not problems that can be solved with XML markup.  They likely can’t even be solved with today’s neural networks and “deep learning” algorithms.  It will probably require a quantum leap in AI technology.  That is, it will require building a machine that is truly intelligent in a more general way, such that its conversations with humans are a by-product of its intelligence, instead of its primary goal.

For now, however, the dream of chatbots has been laid to rest in the mid-2010s, and will probably not come back until the technology allows it, and until they’re actually wanted or needed.

MushroomHuntr

I’m a bit late to the party in starting to tinker with TensorFlow, but nevertheless I’ve been having some product ideas (some dumber than others) for real-world applications of machine learning, and here’s one of the stupider ones:

If you know me at all, you know that one of my hobbies is foraging for wild mushrooms. Going to the forest to forage for mushrooms is a time-honored tradition in Russia and many other Slavic countries.  I also derive great pleasure from sharing this hobby with other people, and telling them how fun, challenging, and rewarding this activity can be.

Therefore, I give you — MushroomHuntr: an Android app that can identify different varieties of mushrooms!  It uses a neural network to perform image recognition in real time, to tell you what kind of mushroom you’re looking at.

Huge legal disclaimer: Do not actually rely on this app to differentiate poisonous mushrooms from edible ones!  The app provides a rough guess of the identity of a mushroom, not a definitive identification.

Under the hood, the app uses the Inception v3 model developed by Google, with the top layer of the model re-trained on a large collection of mushroom images. Many of the training images were taken from Wikimedia Commons, and others came from my personal photos that I’ve taken over the years.

The app can distinguish between about twelve varieties of mushrooms, most of which are native to North America and Europe. All of the trained varieties are common enough to be found easily in parks and forests, to maximize the app’s usefulness for the novice mushroom hunter.

When the app is launched, it automatically enables your phone’s camera, and starts attempting to recognize anything it sees in the image.  Therefore, all you need to do is aim the camera at a mushroom, and see what it says!

To maximize the accuracy of the mushroom recognition, try looking at the mushroom from the side, and bring the camera close enough for the mushroom to fill up most of the frame, like this:

20171104115119

I won’t make this app available on the Google Play Store for the time being, while I continue to refine the model, but if you’d like to check it out, you can build it from source code, or contact me for a pre-built APK that you can install on your device.

VR needs several more generations to succeed

When considering today’s “VR” technology, the actual name “VR” is misleading: it’s not really “virtual reality.” A more accurate name for it would be “binocular display with motion tracking,” but that name is not nearly sexy enough to attract venture capital for your startup. I wanted to put all mentions of “VR” in this blog post in quotes, but that would be too on-the-nose even for me, so just imagine that the quotes are there.

I’ve played with many of the major VR headsets in an “enthusiast” capacity for a while now, and I’ve even developed a few applications for them. I really wanted to like VR. I tried really hard to suspend disbelief and make myself like it, but I just have to admit — I don’t see the appeal, and I don’t see the current generation of VR technology as anything more than a passing fad.

20170429120144
Coming soon to a landfill near you!

The only thing that the current VR experience delivers is novelty. It really is exciting to look into one of these headsets for the first time. However, the drop-off in novelty is very steep, on the order of minutes, not even hours.

There isn’t any one specific deal breaker for the current state of VR. It’s rather a combination of factors that, collectively, make it altogether unusable:

  • It’s very low-resolution. In order for a VR experience to be “believable,” it needs to have a resolution of at least 4K per eye. Otherwise, you can literally see the pixels when you look at the image in the headset.
  • It’s not nearly immersive enough. The field of view of the major VR headsets is about 100 degrees, which feels unnatural, and borders on claustrophobic. And the “depth” of the 3D content in the VR display can’t seem to match true natural proportions, either.
  • It’s nausea-inducing. The sensors that track the 3D position of the headset need to be an order of magnitude more sensitive and responsive.
  • The “headset” form factor is still too impractical to become mainstream. No matter how comfortable the headset becomes, if it still needs to cover your eyes and wrap around your head, you won’t want to use it for very long. Did you know that there’s a Netflix app for VR devices? If watching a two-hour movie while having a big plastic appliance strapped to your face is your idea of a good time, then I salute you, but I would still wager that you’re in the minority.

I don’t believe that VR technology can move forward by addressing any one of the above points. It would need to be a quantum leap of technological advancement.  And honestly, once the collective novelty of VR finally wears off, I’m not sure there will be enough interest among consumers for VR companies to work towards this next leap any time soon, except perhaps for very specific niche markets for which VR is better-suited.

I am, of course, looking forward to the final generation of VR, which will involve a Matrix-like interface that plugs directly into your brain stem. Until then, I’m afraid we can only look forward to landfills brimming with plastic contraptions thrown away shortly after purchase.

Big updates to DiskDigger!

I’ve just released a pretty significant update to DiskDigger for Windows, which introduces numerous improvements and features not only for casual home users, but also for professional investigators and forensics specialists. Here are the highlights from this update:

  • Now using a “Ribbon” interface, which contains navigation (Back / Next) buttons, configuration settings, and recovery options (see screenshot below).
  • Every section of DiskDigger’s workflow now has a “Help” button where you can find answers to common questions about the recovery process.
  • In “dig deeper” mode, you can now save and restore sessions (in the Advanced tab).
  • In both “deep” and “deeper” modes, you can now save a detailed report (in the Advanced tab) which is a log of all recoverable files found by DiskDigger, along with basic meta-information for each file.
  • Improved support for scanning disk images. In the Advanced tab when selecting a drive, click the “Scan disk image” button. For forensic-strength scanning of disk images, you can control the number of bytes per sector (all the way down to 1), for recovering files that may not be aligned to sector boundaries.
  • Added support for recovering raw images from Panasonic/Lumix cameras.
  • DiskDigger now requires .NET 4.0. Therefore, for running it on Windows XP or Windows Vista, you may need to install .NET 4.0 from Microsoft if you don’t have it installed on your system.

dd_screen71If you’ve accidentally deleted or lost your files, DiskDigger is always here for you!