Loading User Information from Channel 9

Something went wrong getting user information from Channel 9

Latest Achievement:

Loading User Information from MSDN

Something went wrong getting user information from MSDN

Visual Studio Achievements

Latest Achievement:

Loading Visual Studio Achievements

Something went wrong getting the Visual Studio Achievements


androidi androidi
  • Split/share​d-screen puzzle games/coding on PC?

    I'd like to see a list of puzzle games and VS/IDE's that support same screen coding with 2 keyboards and mouses with 2 carets & pointers.

    Previously I posted image of keyboard with numpad replaced with a trackball. I think two of these (need added weight on the left side to counter-act the trackball weight) and a large screen could be ideal for co-op puzzle solving/coding/tutoring and such. Of course cameras mics and networks are out of the question so that's why needs to be local only.


    I recently came across a local co-op puzzle flash platformer called fireboy and water girl and thought it was really something fresh - a non-competitive* non-violent multiplayer. (*yeah sure you Could rush to the end on some easier levels but many of the levels enforce teamwork) Another game I'll investigate later is Monaco heist game.


    Any other suggestions?

  • love this bit on the angular web site

    Some personal preferences along the lines of previous comments:

    a) Use the right tool for me/you (C# being a general purpose language may not be the ideal tool for many tasks but I'd rather know a tool & its libs with great debugger and palatable syntax well than dozen languages and their libs poorly or languages with arcane/primitive debugging experience)

    b) If there's no good right tool then postpone (opportunity cost can be high unless you have plenty of other worthwhile projects) (yeah I postpone much of web ideas I have until I see something that I think has staying power & brilliantness+practicality since I don't want to "re-learn the new locations of the piano keys all the time" so to speak)

    c) there's always a c. (eg. Personally I find it easier to read code with { } than vb/python/pascal/delphi-like code. However since single { on a dedicated line wastes vertical space and I want to see the forest from the trees if possible, I tend to start out by fleshing ideas/prototypes by write all code in a single method first, then refactor it into methods and then into classes. For ideas where the implementation is already quite clear ahead of time, I might start with more top down approach and create classes first)

  • What PC's need in post ​floppy/cd-​rom/dvd/sno​wden era

    @kettch: Assume the data integrity is verifiable (perhaps through key or hash coming in another "band").

    floppy/cd-rom with autorun vs usb stick comparison:

    cd with autorun malware "anthrax" - you could opt out from the autorun (or not boot from A: for floppy)

    laptop with no cd drive using usb stick to replace cd:

    insert usb stick : usb stick could have been reprogrammed (windows does not tell you whether your usb sticks are reprogrammable or not, and if it did, the bad guy could reprogram the stick to identify as non-reprogrammable) to try various attacks at the moment of insertion at low level.

    Obviously, the cd writing software could have been replaced with one that caused the cd insertion to compromise the cd reader firmware.

    Key difference? The cd reader was more specific purpose bus than the USB stick. Given the console hacks of past, obviously this isn't enough to protect the system but argument could be made that is transfer/storage medium can only interact with a bus designed for that purpose, the attack surface is smaller than a general purpose bus (that USB memory stick could have presented itself as keyboard at the same time).

    So my argument is that there needs to be a way to move files between devices in such a way that the end-to-end process is designed so as to limit or eliminate the possibility of undesired execution. Anthrax may be nasty but it doesn't steal the data or posses ability to persist data stealing capabilities. Embedding self-replicating spy gadget into a piece of paper may be possible with some nano-size robotic scanners similar to those in Star Gate series but not reality yet I suspect...

  • My top 10 worst tech for value

    @kettch: With my old TV's (with PAL broadcast) I only ever recall adjusting the contrast/brightness to get satisfying image. Without going into detail lets just say that with LCD's there's much more tweaking to get something to look good and then when the ambient lighting or the content changes, things require more tweaking again. Large part of this issue is that with LCD the behaviour of the colors is not similar as when changing contrast/brightness on a CRT. The colors change more or less subtly. OLED is slightly better here but far from CRT*. There's not much tech journalists around that re-iterate this issue all the time but you can in some sites notice that they have to re-calibrate the display for different brightness/ambient light levels. And these LCD's tend to glow a lot due to the backlights seeping through making it necessary to tweak the brightness - which throws off the calibration if any. This goes to why uncalibrated CRT can look better on wider range of material than modern TV that goes through adjustment for day/night viewing.

    With music, some headphones (/EQ curves) allow a wider range of productions sound good on them. Explaining why this is is bit tricky. Lets just say that if bad is defined as an imbalance and good is "in balance", then certain frequencies, whether sound or intensity of color at some nm freq., may after production be at the edge of what one would based on past experience expect as being in balance. Take this with the TV's color reproduction curve being thrown off due to contrast/brightness changes made by the user and you get a narrower range of inputs that produce a satisfying output. Somewhat analogous to using a narrow spectra light in a room. You can see the colors but they're subtly less nicer. And when trying to reproduce some escapism fantasy entertainment, this kind of less nicer reproduction impacts the immersion.


    * (So what's the solution ? Well the TV's need to be factory calibrated and when user changes the contrast/brightness controls, the reproduction should perhaps behave like those CRT's where things looked good with minimal adjustments - this is very much like the good sounding musical instrument problem - there's a lot of soft synths that allow wide range of adjustments but the best sounding ones have limited adjustments such that users are more likely to stay in the "butter zone" - the wider the range in one is, the more effort or precision it takes to work the control in the zone)

  • My top 10 worst tech for value

    @spivonious: I was just reminded recently that there are many of these later dvd/blu-ray TV releases which aren't like what your remember. And besides, if watching fantasy, should the focus not be on the "fantastical" rather than "look at all those imperfections in the production"...

    eg. effects (or sets) which looked wonderful on CRT haven been replaced with high res but cheap looking CGI effects. Or original music has been replaced. Add the sets not living up to the high res and what was once such that you could suspend disbelief is now looking cheap and unbelievable.

    Case in point:


    This only shows how horrible the original blu-ray was vs the new remastered (the colors look much closer to how I remember them in the new release). However it doesn't compare the new remastered to how the original PAL broadcast looked on a CRT. I distinctly remember that the sets and monsters looked more believable and with CRT the deep colors are more satisfying that on LCD (eg. videos of lasers look a lot more realistic on CRT than on LCD due to the differences in color rendition and this type of thing applies especially to the these Ghostbusters ghost-fx)

  • What PC's need in post ​floppy/cd-​rom/dvd/sno​wden era

    @kettch: You lost me. Explain?

    device I is connected to internet, lets assume it is always/eventually compromised without noticing

    device O is always off-line and clean

    if device O gets compromised, then data could go from O to I without your knowledge

    The user desires to move data from I to O and work on the data on O.

    Assume that O is designed such that persisting system level changes beyond boot is not possible, but this does not exclude the possibility that the user workspace could be compromised in a way that allows the I-O channel to be used for covert transfer. (yeah, "dicking around" with VM's and doing many extra steps you can pretty much achieve this now, but has more steps than moving a piece of paper from a locked room to public room through an intermediary x-ray room. Weren't computers supposed to be make things easier? If not, then back to pen & paper / typewriters?)

    Unless I am missing something, it seems the problem to solve is transferring data between I and O in paper-equivalent manner, just like I said in the OP?


  • What PC's need in post ​floppy/cd-​rom/dvd/sno​wden era

    @magicalclick: The other point was that lets say you have a (likely) compromised device and a clean device. You'd like to transfer data between them easily in a standardized manner and nothing else and without a chance of side-effects. To do this you pretty much need a safely implemented intermediary without any persisting memory. Either you set it up or use 3rd party service. Concealing a self-replicating spying device into a piece of paper would be harder I presume.

    Since a USB stick could be a tiny computer and a direct network cable could be used by the compromised computer to do other things than file transfer, neither are really close to "paper-like".

  • Spire.PDF

    I don't know if they do what you want but have you checked PDFBox.NET 1.7.0 or PDFClown 0.1.2 ...


  • What PC's need in post ​floppy/cd-​rom/dvd/sno​wden era

    I think there needs to be way to transfer data between PCs and other devices that is similar to handing over a piece(s) of paper. Simple FTP/HTTP downloader written in safe language is pretty close - especially when done inside a VM using usermode network stack, ensuring that none of the data that is received from network has any chance of interacting directly with the network drivers or firewalls as everything the attacker could control is encapsulated until it's in user mode inside a limited account running in a VM.

    However I doubt everyone can be bothered to set all that up for every exchance they make if dealing with many parties on different platforms. That's where the industry must come up with new solutions that are specified this "paper-equivalent data-exchange" in mind.

    The question isn't about whether you can trust the source of the  data, because obviously you can't trust that the source of the stick or data could know whether their system was compromised and then unknown to them, compromised the data/medium they're handing in such a way that it would interact with the driver stacks to silently create persistence.

    Of course you can't trust any network transfer where keys were handed over same network. Articles on cryptography/TLS and key exchanges suggest that you can trust such thing but a good rule is: If you don't understand it, then can you really trust it? If attacker can actively modify everything related to that TLS session in-flight, and the experts admit some sort of "quantum computing device" could be used to crack it, then how am I supposed to know whether someone already has that quantum device or not? So common sense says : TLS is insecure if keys aren't exchanged preferably split over multiple alternate bands/networks, such that only by compromising all the key & data exchange channels/methods, could the communication be decrypted.

    Now of course that means nothing if either end is compromised.

    Almost any driver update could create persisting changes in any device that can't be rolled back by going back to the old driver. The whole system relies on some certificates to validate the integrity but if attacker has already gained local user access, gaining system level access is only a matter of time - and at that point the certificates don't matter - you can consider the system firmwares compromised and throw the pc into the bin.

    The only method that could help in this setting is a completely separate system at hardware level that monitors all the various reprogrammable devices for changes in one-way/passive manner.

    But the more complicated all this is, the more work it is to validate that none of the parts are not compromised at the factory.

    This leaves two choices: Either assume everything is compromised at the factory and never plug it into a network, or for mission critical needs, use a retro pc made with parts and operating systems that never were intended to be in a network.


    TL;DR: Commodore 64 with a modem added could be the most secure home computer ever* for encrypted IRC/instant messaging? (*out of those I happen to own)



  • Spire.PDF

    I'm not sure what you're trying to do but for converting web page to pdf incase saving as .mht doesn't work (the parameter is to prevent it from getting stuck):

    wkhtmltopdf.exe --load-error-handling ignore %*