Entries:
Comments:
Posts:

Loading User Information from Channel 9

Something went wrong getting user information from Channel 9

Latest Achievement:

Loading User Information from MSDN

Something went wrong getting user information from MSDN

Visual Studio Achievements

Latest Achievement:

Loading Visual Studio Achievements

Something went wrong getting the Visual Studio Achievements

Discussions

Blue Ink Blue Ink
  • VC++ vNext eating into the market of Visual Assist X

    Nice!

    I do hope that this means that there's a committment to make the C++ editor get at least on par with C#: there are quite a few options that are sorely missed if you constantly switch between the two.

  • Nothing for Money, now on WP7

    @figuerres: natural selection as applied to personal finances. I agree in principle, but in practice it doesn't take much to make a mark out of a generally careful person. I recently risked becoming the owner of a crappy 2.99 game thanks to a couple of overactive young relatives who cannot even understand the UI language of my phone. Yes, it would have been my fault and yes, I would have still loved the two little earthquakes had they made a 499.00 purchase. But I still feel that the industry should make life harder for scammers, not for the general public.

    @cbae: yes, it's not a new concept, but that's beyond the point. Apple retains the right to take down an app for unspecified reasons (which is what it did with the original "I am rich"); Microsoft doesn't as far as I know and, as others pointed out, there's no way they would ever risk doing something like that. These apps are just egregious examples, but the same would apply to calculators returning wrong results, programs that corrupt your data, games you cannot possibly play, maps limited to the uptown area of Ittibitty, KA.

    User review can only help to a point (spammers, anyone?) and cannot get an app removed in any case. Might be an acceptable situation for stuff that goes for pennies, not so much if you go in the double digits. Totally unacceptable when it involves serious money.

    Peer review seems the only way out to me.

  • Nothing for Money, now on WP7

    Just in case you missed it, there's an amazing app in the WP7 marketplace that shows a one dollar bill on your screen. For just 0.99 EUR. Judging by the description (my devotion to the experimental method is not unlimited), it seems that all it does is showing the obverse and reverse of the bill.

    If you find that's cute, you cannot possibly miss the other apps of the same kind... up to the incredible "€500 bill" that goes for just about 425.00 EUR.

    Seriously.

    This set me thinking... the submission process currently only allows Microsoft to bounce apps that are flawed or that break some of the rules. It's not their place to determine if an app is worth its asking price. Add the no refund policy and you get an explosive mix.

    Essentially, nothing can stop anyone from writing a correct but worthless app, slap a ridiculous price tag on that (doesn't have to be so spectacularly high) and rake in the profits from the occasional fool. Ok, maybe it takes a very special fool, a one in a million fool, which makes this not much of a concern for WP at the moment. But all of a sudden, having a Marketplace integrated in Windows, with its hundreds of millions of users, doesn't sound like a good idea.

  • Invent a better solution for a deceptively simple problem (AKA how I change de folder)

    ,androidi wrote

    ...

    edit: I think this method may need to verify that the parent is actually a console, otherwise there could be interesting results - as in starting this from debugger shows the parent is devenv.exe.

    Maybe. In its current form, the program is just a dumb CD replacement, it doesn't have any side effect unless you pass an argument, which rules out most accidents. For the purposes of our little excercise I considered that to be good enough.

    For production use, this might require further scrutiny: if the side effect is generally benign, you may want to think twice before limiting the scope of your program to CMD alone.

  • Invent a better solution for a deceptively simple problem (AKA how I change de folder)

    Technically there is a way: DLL injection. Minus the DLL injection part... as it turns out, kernel32 is always loaded in every process at the same address and SetCurrentDirectory is compatible with LPTHREAD_START_ROUTINE, so you can call CreateRemoteThread without having to write a DLL.

    Here's a rough proof of concept (as in: written in a rush, tested for two minutes on exactly one machine)

    #include "stdafx.h"
    #include <Windows.h>
    #include <TlHelp32.h>
    
    DWORD GetParentProcessId () {
      DWORD processId = GetCurrentProcessId ();
      HANDLE snapshot = CreateToolhelp32Snapshot (TH32CS_SNAPPROCESS, processId);
    
      if (snapshot == INVALID_HANDLE_VALUE) {
        _tprintf (_T("Cannot create shapshot.\n"));
        ExitProcess (0);
      }
    
      PROCESSENTRY32 processEntry;
      processEntry.dwSize = sizeof (PROCESSENTRY32);
      if (Process32First (snapshot, &processEntry)) {
        do {
          if (processEntry.th32ProcessID == processId) {
            return processEntry.th32ParentProcessID;
          }
        }  while (Process32Next (snapshot, &processEntry));
      }
    
      ExitProcess (0);
    }
    
    BOOL EnableDebugPrivileges () {
      HANDLE token;
      LUID sedebugnameValue;
      TOKEN_PRIVILEGES privileges;
    
      if (OpenProcessToken (GetCurrentProcess (), TOKEN_ADJUST_PRIVILEGES| TOKEN_QUERY, &token)) {
        if (LookupPrivilegeValue (NULL, SE_DEBUG_NAME, &sedebugnameValue)) {
          privileges.PrivilegeCount = 1;
          privileges.Privileges[0].Luid = sedebugnameValue;
          privileges.Privileges[0].Attributes = SE_PRIVILEGE_ENABLED;
    
          if (AdjustTokenPrivileges (token, FALSE, &privileges, sizeof (privileges), NULL, NULL)) {
            CloseHandle (token);
            return TRUE;
          }
        }
        CloseHandle (token);    
      }
    
      return FALSE;
    }
    
    int _tmain (int argc, _TCHAR* argv []) {
      DWORD processId = GetCurrentProcessId ();
      DWORD parentProcessId = GetParentProcessId ();
      _TCHAR pathname [MAX_PATH];
    
      if (argc < 2) {
        if (GetCurrentDirectory (MAX_PATH, pathname)) {
          _tprintf (_T ("%s\n"), pathname);
        }
        return 0;
      }
    
      if (_tclen (argv [1]) >= MAX_PATH) {
        _tprintf (_T ("The filename or extension is too long.\n"));
        return 0;
      }
    
      if (! SetCurrentDirectory (argv [1])) {
        _tprintf (_T ("The system cannot find the path specified.\n"));
      }
    
      //TODO: get the actual casing in the pathname
      wcscpy_s (pathname, argv [1]);
    
      if (! EnableDebugPrivileges ()) {
        _tprintf (_T ("Error: Cannot enable debug privileges."));
        return 0;
      }
    
      HANDLE target = OpenProcess (PROCESS_ALL_ACCESS, FALSE, parentProcessId);
      if (target != INVALID_HANDLE_VALUE) {
        HMODULE kernel32 = LoadLibrary (_T("kernel32.dll"));
        if (kernel32 != NULL) {
          FARPROC address = GetProcAddress (kernel32, "SetCurrentDirectoryW");
          if (address != NULL) {
            LPVOID remoteMemory = VirtualAllocEx (target, 0, sizeof (pathname), MEM_COMMIT| MEM_RESERVE, PAGE_EXECUTE_READWRITE);
            if (remoteMemory != NULL) {
              if (WriteProcessMemory (target, remoteMemory, pathname, sizeof (pathname), NULL)) {
                HANDLE handle = CreateRemoteThread (target, NULL, 0, (LPTHREAD_START_ROUTINE) address, remoteMemory, 0, NULL);
                if (handle == NULL) {
                  _tprintf (_T ("Error: %d"), GetLastError ());
                } else {
                  WaitForSingleObject (handle, 1000);
                  CloseHandle (handle);
                }
              }
              VirtualFreeEx (target, remoteMemory, 0, MEM_RELEASE);
            }
          }
          FreeLibrary (kernel32);
        }
        CloseHandle (target);
      }
      return 0;
    }
    

    A couple of notes:

    1) Due to the assumption about kernel32, the program must match the "bitness" of the command prompt.

    2) The program doesn't require elevation, but I wouldn't be surprised if it didn't work for a restricted user.

    EDIT: fixed a bad typo in VirtualFreeEx

  • IE9 copy & paste removes line returns

    @androidi: It doesn't seem to be Google's fault this time: the minimum repro I could find is:

    <div style="display: table">
      <div>
        This text cannot be selected
      </div>
    </div>

    If you remove the "display: table" directive, or remove the inner nested div, the problem disappears. Weird...

  • Happy birthday, Linux!

    Hey, I thought nobody was supposed to comment on Windows 8 until build.

    //TODO: find an appropriate smiley

  • Channel 9 show idea

    ,cbae wrote

    *snip*

    That's why I think they shouldn't call the new version Windows 8. They should call it Windows 7 R2. How long as Apple's OS been stuck on "version" 10?

    Maybe Apple feared back compatibility. Lots of programmers have written incredibly bad code when checking for version numbers, maybe because they don't think their application will stay around long enough, or because they don't think they will still be around when the excrement hits the ventilation system. Or something... but historically, bumping up the major version number has proved to be a big source of headaches.

  • Toshiba Mango, waterproof.

    @JoshRoss: I don't think that alone would suffice: repelling water is great, but it doesn't take a very large droplet to short a USB connector. I just hope they didn't overuse the ugly silicone plug covers.

  • Select Case behavior

    ,evildictait​or wrote

    *snip*

    Every time you write your own hash function a cryptographer somewhere cries.

     

    @Blue Ink: If you're writing hardware code that is timing sensitive and writing it in something other than C or assembly, then you're doing it wrong.

    Obviously. And using C would still expose you to the subtle difference between eager and short-circuit operators... unfortunately mine wasn't an academic example.

    As for the other comment, I think the hash function has little to do with what blowdart was referring to. If you use a method that fails early (such as short-circuit evaluation, or even just memcmp) when comparing some secret value with another submitted by the attacker, you may be giving away how much of the submitted value is correct. It's the same as making a combination lock that emits a louder tick whenever you hit on a partial result.

    In the end, someone may cry, but it won't necessarily be a cryptographer.