Holy cow, I wrote a book!
year, I put together a little pocket guide to the
Seattle Symphony subscription season
for my symphony friends to help them decide which
ticket package they want.
As before, you might find it helpful, you might not, but here it is anyway.
This chart doesn't include "one-off" concert series such
as the Visiting Orchestras or Distinguished Artists series.
Explanations for the partial blocks:
The Musically Speaking concert on 10/19 includes
only one of the Vivaldi concertos,
and the concert on 2/12 omits the Rachmaninov.
The comments column very crudely categorizes the works
to assist my less-classically-aware friends.
This is, of course, a highly subjective rating system,
but I tried to view each piece from the ears of somebody new.
Thus, I rated downward pieces that I personally like
but which others might not and rated up pieces that I may not
find musically satisfying but which nevertheless tend to be
These predictions have, of course, proven wrong in the past.
last season, my rating of "Okay" for Copland's Music for the Theatre
was too optimistic.
Here's what the comments mean.
Note that they do not indicate whether the piece is significant in
a musicological sense; they're just my guess as to whether my friends
are going to like it.
A question mark means that I am not familiar with the piece
and am basing my evaluation on what I know about the composer
(or am just guessing).
And who knows, maybe by next season
they'll know who their concertmaster is.
A common mistake I see is people confusing message tables
with string resources.
This basically shows up in one place:
The folks who were designing Win32
decided that plain string resources weren't fancy enough,
so they invented message tables, which is just another way
of storing strings in resources.
Why string resources weren't good enough I don't know.
The FormatMessage function accepts a message number,
which is looked up in a message table,
not in a string resource.
In other words, if you have something like this:
#define IDS_MYMESSAGE 100
IDS_MYMESSAGE "Hello, %1"
IDS_MYMESSAGE, 0, szBuffer, 256, Arguments);
the call to FormatMessage will fail
because you passed in a string resource identifier, not a message
actually uses message tables,
you almost certainly want to pass the
LoadString(g_hInstance, IDS_MYMESSAGE, szMessage, 256);
IDS_MYMESSAGE, 0, szBuffer, 256, Arguments);
The only place you will normally want to format a message from
a message table is when you want to access the system message table
to get the text associated with an error code.
don't forget the
It's not just orange juice for breakfast any more.
Soft drinks are making inroads into the world
traditionally dominated by milk, orange juice, coffee, and tea.
According to the article, over one in seven people order a soft
drink to accompany their breakfast.
(Among people who eat at home, the rate is 2.4%.)
If this trend continues, can Doritos for breakfast be far behind?
On Windows NT-based operating systems,
process and thread IDs happen always to be a multiple of four.
Is this just a coincidence?
Yes, it's just a coincidence, and you shouldn't rely on it
since it is not part of the programming contract.
Windows 95 process and thread IDs were not always
multiples of four.
the reason that
kernel handles are always a multiple of four
is part of the specification and will be guaranteed
for the foreseeable future.)
Process and thread IDs are multiples of four as a side-effect of
The same code the allocates kernel handles is also used to allocate
process and thread IDs.
Since kernel handles are a multiple of four,
so too are process and thread IDs.
This is an implementation detail,
so don't write code that relies on it.
I'm just telling you to satify your curiosity.
Some months ago, I wanted to make a reservation at my favorite
Seattle restaurant for special occasions:
Their original Wallingford location was so small,
you had to go into the kitchen to use the rest room.
When they moved to Fremont, they made a special point
of putting the rest room in the kitchen for old times' sake.)
One evening, I called to make a reservation, and since they aren't
open on Sundays, I was taken off guard when a live human being answered.
I said that I was expecting the answering machine since I thought
they were closed.
The person who answered explained,
"Well, we are closed.
I'm not really supposed to be here.
I'm just baking some cookies."
And then he took my reservation.
I'm assuming he actually works there and wasn't some guy who broke
into the restaurant to bake cookies.
One of the predefined security access masks is
You see it used in defining the _ALL_ACCESS masks for
Here are just a few examples:
#define PROCESS_ALL_ACCESS (STANDARD_RIGHTS_REQUIRED | SYNCHRONIZE | \
#define EVENT_ALL_ACCESS (STANDARD_RIGHTS_REQUIRED|SYNCHRONIZE|0x3)
#define FILE_ALL_ACCESS (STANDARD_RIGHTS_REQUIRED | SYNCHRONIZE | 0x1FF)
The STANDARD_RIGHTS_REQUIRED mask is meant to be used
when defining access masks for object types.
I'm guessing it's called STANDARD_RIGHTS_REQUIRED because
it's the set of access masks that all securable objects must support.
Look at the documentation
or just at the definition:
#define DELETE (0x00010000L)
#define READ_CONTROL (0x00020000L)
#define WRITE_DAC (0x00040000L)
#define WRITE_OWNER (0x00080000L)
#define STANDARD_RIGHTS_REQUIRED (0x000F0000L)
Notice that STANDARD_RIGHTS_REQUIRED is just
an abbreviation for the union of the four access bits
DELETE | READ_CONTROL | WRITE_DAC | WRITE_OWNER.
DELETE | READ_CONTROL | WRITE_DAC | WRITE_OWNER
Now that you see what it's for,
you can also see what it's not for:
You're not expected to pass it as the mask of requested
access bits when you attempt to open an object.
In other words, the following is wrong:
HANDLE hProcess =
STANDARD_RIGHTS_REQUIRED | PROCESS_QUERY_INFORMATION);
The person writing this code probably thought,
"Well, I just want to be able to query information, so I need to
There's this other thing here called STANDARD_RIGHTS_REQUIRED;
since it's required, I'll pass that too."
The "required"ness of STANDARD_RIGHTS_REQUIRED doesn't
apply to you, the program opening the object.
It applies to the person who is designing the object.
Your attempt to be a "good security citizen" and ask only for the
access you need (namely, PROCESS_QUERY_INFORMATION)
has backfired due to the addition of STANDARD_RIGHTS_REQUIRED.
If you ask for
you are asking for everything.
Why is that?
Notice that STANDARD_RIGHTS_REQUIRED includes
If you have WRITE_DAC permission, that means that you
have permission to
change the security descriptor on the object,
at which point you totally 0wnz0r it.
You want PROCESS_VM_WRITE access but the security
descriptor doesn't let you?
Just set a new security descriptor that grants you
PROCESS_ALL_ACCESS to the process object.
Tada! You now have all the access in the world.
Moral of the story:
Don't ask for STANDARD_RIGHTS_REQUIRED,
because only somebody with full control will be able to get it.
Ask for what you actually want.
The organizers of
TechDays 2008 Portugal
have decided to lower their standards and invite me to
speak at their conference in Lisbon,
which by an amazing coincidence takes place during the same week as
my appearance at
XV Semana Informática do Instituto Superior Técnico
(though fortunately not the same day).
You don't need to attend both events, since I will be giving basically
the same talk at both of them,
although the precise mix may vary based on audience
reaction, my mood, and the presence of video cameras.
(More video cameras means I tell less provocative stories.)
The TechDays folks found a sneaky way of getting me to attend
your conference without having to hold it in Redmond:
Wait for Raymond to travel to your city and hold your conference
while he's there!
Commenter Rick C
sort of missed the set-up for the entire blog entry on what
it takes to get me to attend your conference.
I wasn't writing about conferences where it's my job to be there.
Naturally, if it's part of my job, Microsoft will pay my expenses.
But as I noted in the base article,
going to conferences around the world is not part of my job.
My job is to stay in Redmond and bang on code.
This blogging thing is just a side activity I do in my personal free time.
If somebody at Microsoft decided that it would be beneficial
to send me to a conference
(and that someone has the money in their travel budget),
then I won't object,
assuming it doesn't interfere with my day job.
But the odds of that happening are pretty slim,
because, as people seem to forget and I have to remind them,
blogging is not my job.
Some time ago,
wrote about the unofficial game of
Last Checkin Chicken,
wherein teams "compete" to avoid being the one responsible for the
last change to a product.
The competition is purely virtual;
nobody really keeps score,
and the "winner" is soon forgotten.
Unless you're that winner.
I know someone who won the Last Checkin Chicken prize
not once, but twice!
My colleague made the last checkin for Windows 2000,
and purely coincidentally, also made the last checkin for Windows XP.
It's not something to be proud of,
but it's not a badge of shame either.
As part of the game, teams will try to make "remora" checkins.
(I just made up that term.)
These are fixes that you want to get in at the last minute,
but which you cannot justify on their own merits as worth delaying
the release of the product another day for.
You still have to argue your fix to the release management team
(and your fix had better be rock solid),
and if release management grants you remora status,
then your bug fix is set aside.
If a serious bug is discovered elsewhere,
then your remora bug gets to hitch a free ride on the window opened
by that other bug.
On the other hand, if no serious bugs are found that force a delay
of the product's release, then your fix goes into the next update
(be it an online update, a service pack, whatever).
It's sort of the developer version of
bug bar limbo.
Pre-emptive snarky comment:
"This is why Microsoft products suck."
Pre-emptive Igor Levicki comment:
"Windows Vista sucks."
Recently-unearthed documents reveal that
back in the 1950's,
France proposed merging with United Kingdom into a single country
or at least joining the
Apparently, Churchill proposed a similar alliance in the 1940.
It too was rejected.
There's a secret joke in that article: Check out the URL.)
the proposal was never seriously considered.
Ah, what could have been...
Why doesn't Microsoft bundle third-party programs?
it has been done
in the past,
but the results were hardly a slam dunk success.
Who ports the software to 64-bit Windows?
(Answer: Me, personally.
I spent a good chunk of the year 2000 porting millions of lines of code
to 64-bit Windows.
Just for fun, I did a wc -l on a couple
of the "gifts" that I ported.
Over 100,000 lines of code in one of them, and over 50,000 in another.)
Who fixes the security holes in the software?
(Answer: Me and people I work with.)
Who has to pay all the
software taxes that the original software vendor
failed to address?
(Answer: Me and people I work with.)
Who has to update the program to keep up with new Windows design guidelines?
(Answer: Me and people I work with.)
Who has to make the program localizable?
Who has to translate the software into 20+ languages?
Who gets sued if there is a patent violation in the software?
Will people realize that
the bundled tools are included merely as a courtesy and
that applications should not rely on their continued presence?
I know this from personal experience.
When somebody gives you a gift of code,
it's more often than not a burden in disguise.
And that's not counting the legal and public relations
challenges some commenters in the linked article have raised.
I mean, heck,
Windows Vista simply included some photographs from the
look at all the anger that generated,
both in the comments and
And those were just photos!
(Some people might notice that this is the flip side of
free code samples.)