Loading User Information from Channel 9

Something went wrong getting user information from Channel 9

Latest Achievement:

Loading User Information from MSDN

Something went wrong getting user information from MSDN

Visual Studio Achievements

Latest Achievement:

Loading Visual Studio Achievements

Something went wrong getting the Visual Studio Achievements


evildictaitor evildictait​or Devil's advocate
  • Need ​documentati​on for DNS Client settings in Windows 8.1




  • So is SQL Server 2014 in memory Hekaton gonna crush nosql?

    Here is an easy fix for MongoDB's inability to do transactions or safely store data.

    Take the thing you want to store. JSON serialize it. Put that in a SQL table (called JSONtable) stored under a GUID index.

    When you want it back, select the object you want by its GUID and then deserialize it.

    Voila and congratulations. Now you have all of the benefit of a schema-less database, plus the transactionality, able-to-deal-with-lots-of-data-ness and likely-to-not-get-corrupted-ness of SQL.

    You're welcome.

  • Vortex based mathematics.

    Just found a recent TEDx presentation about Vortex based Mathematics to bring unlimited energy. Do you think it can be done? That would be awesome IMO


    Because I trust the second law of thermodynamics considerably more than I trust his hand-wavy math.

  • Heartbleed

    , blowdart wrote

    Then perhaps you can ask MSRC to reclassify. The maximum security impact given to bulletins is a subject of much discussion and we always choose the most serious. Building a new auth token and having code act on it isn't an RCE.

    It was RCE because with a web.config you get the machine key of the ASP.NET application. With the machine key of the ASP.NET application you can sign any data as part of the ViewState, which means that you can fabricate malicious viewstate which is then deserialized. And although it wasn't widely known at the time, the deserializer was vulnerable to RCE (CVE-2013-3171).

    So tl;dr is that the web.config oracle was RCE at the time if your web.config contained a machine key and used viewstates anywhere in your application.

    Even now it's more than an information disclosure; with the machine key you can still get an arbitrary file delete from the ASP.NET machine account (which isn't many files, but it isn't zero files either), and this bug has been around since at least 2012.

  • Things to say to Cortana

    Cortana! <beep-boop>

    I have a meeting tomorrow at 9am, but John can't make it.

    <Inspecting calendar>

    <The meeting ... tomorrow ... at nine A..M.. no longer contains anyone in your line management chain and the schedule does not contain any projects you are involved in. Would you like me to delete the invite so you can have a lie in tomorrow?>

    Thanks Cortana. That sounds great.

    <Deleting the invite and setting alarm for nine ... thirty A..M>

  • So is SQL Server 2014 in memory Hekaton gonna crush nosql?

    , RealBboy360 wrote

    I just think in the long run a database by Microsoft or oracle is going to outperform open source, even if an open source db or file system has the jump on them for a few years.

    On what planet does whether a product is open/closed have any meaningful impact on that product's performance?


  • Heartbleed

    , blowdart wrote

    That was not an RCE. That was an Information Disclosure attack. If you're going to discuss ASP.NET bugs I'd ask you get their impact right, as I'm responsible for some of that process.

    It's an RCE if it's got a machine key in it and .NET <= 4.5

  • The IPC barrier has been broken

    They will need to keep the restriction on store apps (or at least mark store apps that do this with a big banner shouting "warning!" to users), because understanding how to secure these IPC channels is depressingly hard for ordinary developers (there were several hundred bugs filed by WinSec against this type of channel before Win8 shipped) - and that's even before you realize that a malicious app-store doing this gets medium integrity impersonation of the user on the desktop for free doing this.

    Or in other words, this breaks the entire AppContainer security model by turning a download of one of these apps into effectively double-clicking an EXE you found on the Internet and hoping it doesn't pwn your system.

    Generally, a better solution for store apps would be for Windows to be a bit more proactive at inventing and shipping new WinRTs.

    For example, even on this forum some developers have asked for COM1 read/write from inside a Windows Store app. Now the correct approach to this is not for Microsoft to give developers medium integrity DLL execution. That's like your four year old daughter asking for a wendyhouse and you handing her a powerdrill and telling her she can build her own.

    The correct response is to write a bespoke COM1-over-IPC channel - Microsoft is able to build and secure these because that's what WinRTs are. Microsoft should be proactively seeking out new ideas for WinRT that developers are really asking for, and implementing them and releasing them out-of-band with the rest of the release cycle of Windows.

    Why should a developer have to wait until 2016 (or later, who knows?) before getting a feature that's make-or-break for their app? Like being able to 3D-print, or use a custom barcode scanner? Or maybe a banking app that interacts with a custom card reader or something?

    It's nice that Microsoft is allowing developers to be flexible here - but developers need to be careful. That powertool is not only heavy and complicated; it's dangerous too.

  • The story of the Windows XP background

    , itsnotabug wrote

    i wonder how much he made on the outright sale and whether it would have been better for him to get a royalty per use? i'm thinking yes :)

    Fed-Ex will refuse to carry anything with a declared value in today's money of $50,000 or above, so it's more than that, but it might not be as huge as you think.

    Regarding royalties, my guess is that Microsoft will have wanted ownership of whatever became the Windows XP background image considerably more than they wanted his photo to be that image. If he'd have held out for royalties, the Windows XP background would be something entirely different and he'd have not got anything.

  • Heartbleed

    , ScanIAm wrote

    The real bug is that a piece of security software can allocate memory that hasn't been wiped before and after use. 

    That would make no difference in this case; the bug here isn't that it's returning uninitialized memory, but that it's reading data beyond the allocation. Even zeroing mallocs would return passwords, SSL keys and SSNs if they had this bug.