Other

  • The Old New Thing

    Poor man's comments: Inserting text that has no effect into a configuration file

    • 14 Comments

    Consider a program which has a configuration file, but the configuration file format does not have provisions for comments. Maybe the program has a "list of authorized users", where each line takes the form allow x or deny x, where x is a group or user. For example, suppose we have access_list that goes like this:

    allow payroll_department
    deny alice
    allow personnel_department
    allow bob
    

    This is the sort of file that can really use comments because people are going to want to know things like "Why does Bob have access?"

    One way of doing this is to embed the comments in the configuration file in a way that has no net effect. You can do this to add separator lines, too.

    deny !____________________________________________________________
    allow payroll_department
    deny !alice_is_an_intern_and_does_not_need_access_to_this_database
    deny alice
    deny !____________________________________________________________
    allow personnel_department
    deny !____________________________________________________________
    deny !temporary_access_for_auditor
    deny !see_service_request_31415
    deny !access_expires_on_2001_12_31
    allow bob
    

    Assuming that you don't have any users whose names begin with an exclamation point, the extra deny !... lines have no effect: They tell the system to deny access to a nonexistent user.

    Sometimes finding the format of a line that has no effect can take some creativity. For example, if you have a firewall configuration file, you might use URLs that correspond to no valid site.

    allow nobody http://example.com/PAYROLL_DEPARTMENT/--------------------
    allow alice http://contoso.com/payroll/
    allow nobody http://example.com/PURCHASING_DEPARTMENT/-----------------
    allow bob http://contoso.com/purchasing/
    allow nobody http://example.com/SPECIAL_REQUEST/-----------------------
    allow ceo http://www.youtube.com/
    

    Of course, these extra lines create work for the program, since it will sit there evaluating rules that will never apply. You may have to craft them in a way so that they have minimum cost. In the example above, we assigned the comments to a user called nobody which presumably will never try to access the Internet. We definitely didn't want to write the comment like

    allow * http://example.com/PAYROLL_DEPARTMENT/-------------------------
    

    because that would evaluate the dummy rule for every user.

    If you are willing to add a layer of process, you can tell everybody to stop editing the configuration files directly and instead edit an alternate file that gets preprocessed into a configuration file. For example, we might have access_list.commented that goes

    //////////////////////////////////////////////////////////////////
    allow payroll_deparment
    
    deny alice // payroll intern does not need access to this database.
    
    //////////////////////////////////////////////////////////////////
    allow personnel_department
    
    //////////////////////////////////////////////////////////////////
    allow bob // Temporary access for auditor, see SR 31415. Expires 2001/12/31.
    

    Everybody agrees to edit the access_list.commented file, and after each edit they run a script that sends the file through the C++ preprocessor and puts the result in the access_list file. By using the C++ preprocessor, you enable features like #include directives and #define macros.

  • The Old New Thing

    A lie repeated often enough becomes the truth: The continuing saga of the Windows 3.1 blue screen of death (which, by the way, was never called that)

    • 36 Comments

    HN has been the only major site to report the history of the Windows 3.1 Ctrl+Alt+Del dialog correctly. But it may have lost that title due to this comment thread.

    I read here that Steve Ballmer wrote part of [the blue screen of death] too.

    The comment linked to one of may articles that erroneously reported that Steve wrote the blue screen of death.

    Somebody replied,

    Seriously?

    linking back to my article where I set the record straight.

    Undeterred, the original commenter wrote,

    LOL! so far only MSDN has been refuting the claim.

    and linked to two technology sites which reported the story incorrectly.

    Just goes to show that a lie repeated often enough becomes the truth.

    Oh, and by the way, the phrase "blue screen of death" did not really apply to the blue screen messages in Windows 3.1 or Windows 95. As we saw earlier, the Windows 3.1 fatal error message was a black screen of death, and in Windows 95, the blue screen message was more a screen of profound injury rather than death. (Windows 95 was sort of like the Black Knight, trying very hard to continue the fight despite having lost all of its limbs.)

    The phrase "blue screen of death" was generally attributed to the blue screen fatal error message of Windows NT. In Windows 95, we just called them "blue screen messages", without the "of death".

    I didn't expect this to become "blue screen week", though that's sort of what it turned into.

  • The Old New Thing

    It's a trap! Employment documents that require you to violate company policy

    • 20 Comments

    One of my colleagues had a previous job involving tuning spam filters and removing objectionable content. Before he could start, he was told that he had to sign a special release. The form said basically, "I understand that my job may require me to see pornography or other objectionable material, and I promise not to sue."

    He asked, "So where is the part that says I'm not going to be fired for doing that?"

    "What do you mean?"

    He explained, "This document protects the company from me. But where is the part that protects me from the company?"

    "I don't know what you're talking about."

    He spelled it out: "Company policy says that watching pornography at work is grounds for termination. This document does not actually say that it's okay for me to do so if it is done in the course of my job duties."

    "Look, you can either sign the release form or not, but you can't work until you sign it."

    My colleague sighed as he signed the form. "Whatever. Nevermind."

  • The Old New Thing

    If you're looking for the code that displays a particular dialog box, the most directly way to find it is to look for the dialog box

    • 18 Comments

    Suppose you are working in a large or unfamiliar code base and you want to know where the code is that displays a particular dialog box or message box or something. Probably the most direct way of figuring this out is to look for the strings.

    Say there is a message box that asks for user confirmation. "Are you sure you want to frobulate the flux capacitor?" Search for that string in your source code. It will probably be in a resource file.

    resource.rc:IDS_CONFIRM­FROBULATE "Are you sure you want to frobulate the flux capacitor?"

    Great, now you have the string ID for that message. You can perform a second search for that ID.

    resource.h:#define IDS_CONFIRM­FROBULATE 1024
    resource.rc:IDS_CONFIRM­FROBULATE "Are you sure you want to frobulate the flux capacitor?"
    maintenance.cpp:   strPrompt.LoadString(IDS_CONFIRM­FROBULATE);

    If the thing you are searching for is a dialog box or menu item, then be aware that there may be an accelerator in the string, so a straight grep won't find it.

    No matches for "Enter the new name of the frobulator:"

    For a dialog box, you can tap the Alt key to make the accelerator show up, so you can search for the right string. For a menu, you invoke the menu via the keyboard. Or in either case, you can disable the Hide underlined letters for keyboard navigation setting.

    resource.rc:  LTEXT "Enter the ne&w name of the frobulator:",

    I tend to be lazy and instead of using any of those tricks to make the underlines show up, I just search for a shorter string and hope that the accelerator isn't in it.

    resource.rc:  LTEXT "Enter the ne&w name of the frobulator:",

    "But Raymond, hitting the Alt is just a quick tap on the keyboard. Surely you can't be that lazy!"

    Right. If the dialog box were right in front of me, then I could tap the Alt and be done. But usually, when I am investigating this sort of thing, it's because somebody has sent a screen shot and asks, "Where is the code that displays this?" Tapping Alt on a screen shot doesn't usually get you very far.

    Once you find the code that displays the dialog box or message box or whatever, you can then study the code to answer follow-up questions like "What are the conditions under which this dialog will appear?" or "Is there a setting to suppress this dialog?"

  • The Old New Thing

    The latest technologies in plaintext editing: NotepadConf

    • 13 Comments

    On November 13, 2014 November 14, 2014, Saint Paul, Minnesota will be the home to NotepadConf, which bills itself as "the premier technology conference for Notepad.exe users and text enthusiasts."

    I'm still not sure whom Microsoft will send to the conference, but maybe that person could give a talk on how you can use Notepad to take down the entire Internet.

    Update: The conference has been rescheduled to Friday the 14th.

  • The Old New Thing

    Microspeak: 1 – 1 is not zero

    • 28 Comments

    In his reddit AMA, Joe Belfiore wrote

    i have regular 1-1 meetings with my counterparts in Office, Skype, Xbox.

    The little bit of jargon there is 1-1 meeting. This is an abbreviation for one-on-one meeting, a common business practice wherein two people, typically a manager and a direct report, have a face-to-face meeting with no one else present. In the case Joe used, the meeting is not between a manager and a direct report but between two peers.

    The term is also abbreviated 1:1, which like 1 − 1 also looks like a bit of mathematical nonsense. But it's not zero or one. It's just an abbreviation for business jargon.

    Of course, Microspeak isn't happy with the abbreviation as-is. Microspeak takes it further and nounifies the abbreviation. "I'll bring that up in my 1–1 with Bob tomorrow" means "I'll bring that up in my one-on-one meeting with Bob tomorrow."

    Note that the abbreviation OOO is not used to mean one-on-one. That abbreviation is used to mean Out of the office, although it is more commonly abbreviated OOF at Microsoft.

  • The Old New Thing

    Microspeak: Tell Mode / Ask Mode

    • 12 Comments

    As a product nears release, the rate of change slows down, and along the way, the ship room goes through stages known as Tell Mode and Ask Mode.

    In Tell Mode, any changes to the product do not require prior approval, but you are required to present your changes to the next ship room meeting and be prepared to explain and defend them. The purpose of this exercise is to get teams accustomed to the idea of having to present their changes to the ship room as a warm-up for Ask Mode. There is also the psychological aspect: If you have to present and defend your changes, you are going to be more careful about deciding which changes to make, how you will go about making them, and how thoroughly you're going to validate those changes. For example, if a bug could be fixed by applying a targeted fix or by rewriting the entire class, you are probably not going to choose to rewrite. (In theory, the ship room may reject your changes after the fact, and then you have to go back them out. But this is rare in practice. The ship room usually lets you off with a warning unless your transgression was particularly severe.)

    The next stage of scrutiny is known as Ask Mode. In this stage, any proposed changes to the product must be presented to the ship room before they can be submitted. Rejection is more frequent here. Time has passed and the bug bar has gone up, and because it is easier to get forgiveness than permission.

    Here is a more detailed explanation of how one team implements the two modes.

    Note that there can be multiple levels of ship room. There may be a local feature team ship room, then a group-wide ship room, then a product-wide ship room, and it is not uncommon for each ship room to be in a different mode. For example, the local feature team ship room may be in Ask Mode, the group-wide ship room is in Tell Mode, and the product-wide ship room isn't looking at individual bugs yet. This means that when you want to make a change, you need to get permission from your local feature team, and then after you commit the change, you need to get forgiveness from the group ship room.

  • The Old New Thing

    Why are only some of the Windows 7 system notification icons colorless?

    • 52 Comments

    André decided to play "gotcha" by noting that not all of the notification icons went colorless and wondered what the criteria was for deciding which ones to make colorless and which ones to make colorful.

    It's very simple: The design team generated colorless versions of the most commonly-seen notification icons. They didn't have the time to generate colorless versions of all notification icons, so they focused on the ones that gave them the most benefit.

    This is the standard tradeoff you have to make whenever you have finite resources. Eventually the marginal benefit of redrawing one more icon exceeds its marginal cost, at which point you stop. The marginal cost is measured not only in actual resources (designers can redraw only so many icons per day, and you have money to hire only so many designers) but also in opportunity cost (time spent redrawing icons to be colorless is time not spent on other design tasks).

    This is the same reason that not all icons in Windows XP were given the full-color perspective-view treatment. For example, nearly all of the icons in the Administrative Tools section are the old Windows 2000-style 16-color flat (or isometric) icons. The design team focused on the 100ish most commonly used icons and went to the effort of redrawing them in the Windows XP style. The more rarely-used icons were left in the old style because the cost of converting them did not merit the benefit.

    The same thing happened in Windows Vista, when the icon design changed yet again. The style became less stylized and more realistic, but not quite photorealistic, and the angle of presentation changed. The design team had the resources to convert the most commonly used icons, and the rest were left as they were.

    It's the Pareto Principle again. If you have finite resources (and who doesn't) you may find that you can get 80% of the benefit by doing only 20% of the work. And that leaves 80% of your capacity available to address some other problem.

  • The Old New Thing

    Communication between moving vehicles during the narrow window of the late 1990s

    • 39 Comments

    The long holiday weekend in the United States means that there are probably going to be a lot of people on road trips.

    Back in the old days before mobile phones, if you had multiple cars traveling together on a long trip, you had to stay within visible range of each other so that you didn't get separated. And if the car at the end of the convoy needed to pull over to take a bathroom break or something, they needed to rush to the front of the group and pantomime through the window to the passengers in the lead car to tell them what they were going to do, and then everybody would pull over together.

    I still remember those days.

    Of course, nowadays, you'd just whip out your mobile phone and call the other people in the group. "Hey, we need to stop for a bathroom break. You can join us, or we'll just catch up with you down the road."

    There was a narrow window of a few years where WiFi hardware was generally available, if somewhat expensive (in the form of a PCMCIA PC Card for your laptop and a $1000 base station)¹ and mobile phone coverage along highways in less populated areas was spotty or nonexistent. That was the window of time during which I wrote a chat program for multi-car road trips.

    The idea was that we would establish an ad-hoc wireless network among the laptops, and the program would act as a peer-to-peer instant messaging program. We would be the world's fastest-moving WiFi hotspot. As long as the cars stayed within around 100 meters of each other, we would (presumably) still have connectivity. The program was robust to outages, and it could handle devices dynamically coming into or leaving communication range.

    With this technological contraption, we didn't have to make everybody stop and pull over in order to decide where to have lunch. We could just start an IM conversation and work it out while still moving. (But if we wanted to take a bathroom break, everybody had to stop; otherwise the cars would get out of range.)

    I over-engineered this program, designing it to handle chats that if printed out would require a roll of paper over 300 kilometers long. In other words, for a 300km trip, you would have to be sending instant messages fast enough that you could drive on the paper coming out of the printer. (Related.) Another way of doing the math was observing that the program could in theory handle a cross-country trip where people were sending 500 messages per second the entire time. (Well, except it would have run out of memory long before hitting its design limits.)

    This program met an even sadder fate than my in-car mp3 player. At least I got to use that program a few times. Mobile phone technology quickly improved to the point where the car chat program was no longer necessary. It was never used at all!

    ¹ I still have my $1000 base station packed in a box somewhere. I wouldn't be surprised if my my mobile phone now has a faster data plan than that thing.

  • The Old New Thing

    It rather involved being on the other side of this airtight hatchway: Surreptitious file access by administrator

    • 43 Comments

    A security report was received that went something like this:

    A user can bypass file sharing locks by opening a read-only handle to the physical volume containing the file in question. This allows the user to extract the contents of protected files by reading the corresponding sectors directly from the disk. Since this operation requires administrator access, any user with administrator access can extract data from files that are normally inaccessible due to file locks, such as the SAM database.

    Yes, that's right. An attacker who gains administrator privileges can extract data from any file on the computer.

    But so what? The attacker is already on the other side of the airtight hatchway. They already pwn your machine. That a pwned machine can be pwned is not really all that surprising.

    That some files are not accessible due to file locks is not a security measure. It is a consequence of, um, file access.

    Besides, once you gain administrator access, a much easier way to steal the SAM is to merely grab a backup copy.

    What, you can't find a backup copy?

    No problem.

    After all, you're the administrator. One of your job responsibilities is to maintain regular system backups.

    So create a backup of the SAM file. Of course the system will let you do this. It is your job after all.

    For example, you can use the Volume Shadow Service to create a volume snapshot, then mount the snapshot and extract the SAM file.

    Bingo, instant copy of the SAM database.

    Just doing your job.

Page 1 of 93 (928 items) 12345»