May, 2008

  • The Old New Thing

    Food discovery: Vietnamese sandwiches, aka bánh mì

    • 29 Comments

    Some friends came down to visit from Vancouver to take advantage of the favorable exchange rate, and when the topic of lunch arose, one of them suggested Vietnamese sandwiches.

    "What are Vietnamese sandwiches?" I asked.

    "Okay, that settles it. We're having Vietnamese sandwiches for lunch," was the response.

    We went to the generically-named Seattle Deli and ordered our sandwiches. (I had the chicken.)

    For less than three dollars I was rewarded with a wonderful sandwich. Crisp French bread around a collection of vegetables, some spicy, some pickled, some fresh, but all crispy, contrasting with the softness of the promised meat.

    It's a fantastic dining experience. Too bad there are no Vietnamese sandwich shops near work.

  • The Old New Thing

    Another interesting detail from the analysis of Windows Error Reporting data for Explorer

    • 47 Comments

    I was in a meeting last year where I learned an interesting tidbit of information. One of the people at the meeting was looking at the error reports submitted against Explorer, and the breakdown went something like this. For the purpose of discussion, the number of reports have been normalized into "units", the precise meaning of which is left unspecified, but is meaningful for comparison purposes.†

    RankCauseUnits
    1XYZ.v2 Virus6 million
    2XYZ.v3 Virus5.5 million
    3XYZ.v1 Virus5 million
    4XYZ.v1 Virus4.5 million
    5XYZ.v2 Virus4.5 million
    6XYZ.v2 Virus4 million
    7Bug 27182850,000

    The XYZ virus (not its real name) and its variants together are responsible for the top six categories of Explorer crashes, and by an enormous margin. Seventh place, an actual bug, comes in at only 1/80th the rate of number six; if you group all the XYZ virus failures together, then the combined virus failures outnumber the most popular Explorer bug by a factor of nearly 600.

    I remember reading a report that half of Explorer crashes can be directly attributable to malware. Seeing the top Explorer crash swamped by a single virus really drives that point home.‡

    Footnotes

    †I don't know what these units mean either.

    ‡The anti-malware team is very interested in this data, because when a new category of Windows crashes suddenly spikes in popularity, there's a decent chance that a new virus is on the loose.

  • The Old New Thing

    König Drosselbart: Performed in clay, feathers, and other strange materials

    • 4 Comments

    This past weekend I went to the Seattle International Children's Festival to attended a performance of König Drosselbart in German. I was not familiar with the story beforehand, but that's okay. It just makes for a better surprise.

    The interpretation was very creative. The narrators embodied the characters in the story at times; other times characters were represented by props manufactured on the spot from clay, decorated with feathers and twigs. (With one exception: The princess was represented by a well-known doll.)

    The most amusing parts were when both techniques were used simultaneously: For example, at one point in the story, the princess was being particularly difficult. One narrator said "She sat down" as he placed the doll representing the princess on the table in a sitting position. The other narrator (embodying the pouty princess) placed the doll flat on her back just to be contrary.

    The first narrator corrected himself. "The princess lay down."

    The other narrator made the doll sit up again.

    "Sat down."

    On her back.

    "Lay down."

    Sitting up.

    "Did some exercise."

    If you know your Aarne-Thompson classification of fairy tales, the story of König Drosselbart is story type number 900. If you go to a folklore convention, you can just say "Number 900!" and people will say, "Ah, that's a good one" or "Yeah, I'm not a big fan of that."

    Or they may just look at you in disgust and say, "You told that story so badly."

    It's all in the delivery.

  • The Old New Thing

    The Phantom Bug: Why doesn't MessageBox work from my WM_NCDESTROY handler?

    • 5 Comments

    Adrian McCarthy ran into a problem where MessageBox didn't work when called from a WM_NCDESTROY handler. You already know how to solve this; you just have to connect the dots. See if you can do it on your own before the answer is revealed.

  • The Old New Thing

    Bacalhau: The unofficial national dish of Portugal, and don't pass the salt

    • 30 Comments

    The unofficial national dish of Portugal is bacalhau, or dried salted cod. The story goes that there is a different bacalhau recipe for every day of the year. There are those who believes that the stories provide a gross underestimate.

    Bacalhau naturally dates back to the days before refrigeration: Drying and salting served to preserve the fish. At a group dinner, one of the faculty members lobbied heavily but ultimately unsuccessfully for us to order the bacalhau. I did have a bacalhau appetizer later in the trip, so I did hold up my end of the deal, eventually.

    A friend of a friend spent some time in Lisbon and prior to my trip, he recommended that I try a bacalhau dish. "The one I got was too salty, but that might just have been bad luck on my part."

    Nope, it wasn't bad luck. It really is salty.

    Actually, Portuguese food is salty pretty much across the board. Definitely a problem if you're watching your sodium intake. I remember one dish consisting of grilled salmon with rice and salad. The salmon was salty. The rice was salty. The salad was salty.

    I'm told that the Portuguese public health department recognizes the high sodium levels in traditional Portuguese cooking and is trying to get people to cut down. Good luck there fighting hundreds of years of culinary tradition.

    Sidebar: Perhaps it was just my choice of restaurants, but I was often disappointed with the vegetables, or what passed for vegetables. For example, that salmon dish counted rice and salad as vegetables. Others counted potatoes as a vegetable. (Psst, potatoes and rice may technically be vegetables, but they are not green. They are starches.) With beef often comes creamed spinach, although the Portuguese preparation blends the spinach into a purée rather than leaving the spinach leaves in small chunks. And the traditional Portuguese vegetable soup consists of cabbage and potato, with some carrot if you're lucky.

    I just hope this was touristified restaurant food and that real Portuguese people eat proper vegetables.

  • The Old New Thing

    Why is the function SHStripMneumonic misspelled?

    • 43 Comments

    If you wander through MSDN, you may stumble across the function SHStripMneumonic. The correct spelling is mnemonic. Why is the function name misspelled?

    "It was like that when I got here."

    The function was originally written for internal use only, and the person who wrote the function spelled the word incorrectly. Still, since it was an internal function, there was no real urgency to fix it. After all, there is no technical consequence of the spelling of a function's name, as early entrants of the IOCCC discovered. If you really wanted to, you could just call all your functions F1 through F578173.

    There the function remained, misspelled but inconsequentially so, for some time. Since it was an internal function, it didn't go through the normal scrutiny that a public interface receives. That's part of what makes it internal.

    The effort required to fix the spelling was a bit more than usual, since the function was used by multiple teams, so there would have to be some coordination among the teams so everybody fixed their spelling at the same time. The issue sat on the back burner as a very low priority item since it wasn't hurting anybody, and the effort required to fix it really didn't justify the benefit (which was zero).

    In 2001, the order came down to document all functions which met specific criteria (the details of which I will not go into, and I would appreciate it if others didn't try), and the SHStripMneumonic function was suddenly thrust onto the public stage before it had a chance to so much as comb its hair and make sure it didn't have food stuck in its teeth. The function had to be documented, warts and all, and the bad spelling was one of the warts.

    Of course, now that the function has been published, its name is locked and can't be changed, because that would break all the programs that used the original bad spelling.

    Epilogue: Some commenters are suggesting ways that the function could have combed its hair and removed food from its teeth, completely ignoring the point that the function had to be documented, warts and all. I assure you, nobody wanted to comb that function's hair more than me.

  • The Old New Thing

    I assume it's cracking good, though I'm not the expert

    • 19 Comments

    I have many friends who are enamored of all things cheese, enjoying the subtle nuttiness of a fribble-frabble cheese or the elastic grassiness of an imported Rückwärtspilzhaus. To me, on the other hand, they all just taste like cheese.

    My friends would probably enjoy this weekend's Seattle Cheese Festival. (Word on the street is that it gets really crowded by midday, so get there early.)

    I, on the other hand, would struggle to come up with commentary even as insightful as "Gee, that's salty." I'd probably start with "Hm, I think this tastes like cheese." For people like me, here are some tips on putting together a cheese plate.

  • The Old New Thing

    If users can shut down the machine, it's not a security hole if they can shut down the machine

    • 17 Comments

    One great way to come up with a dubious security vulnerability is to take something completely innocuous and wrap it inside layer upon layer of obfuscation, and then you proclaim that the obfuscation is the vulnerability. Here's an example based on an actual dubious vulnerability report:

    Title: Native NT application can shut down computer

    Description: I have written this native NT application which bypasses the Win32 layer and talks directly to the low-level native NT functions. By calling various native NT functions, I can cause a dialog box to appear which includes a Shut Down button that shuts down the computer if the user clicks on it.

    Well, sure, you can go through all that to shut down the computer. Or you can save yourself all the hassle and just call ExitWindowsEx. You see, that dialog box you found includes a "Shut Down" button only if the user that ran it has permission to shut down the computer in the first place.

    It is not a security vulnerability that users with permission to shut down the computer can shut down the computer.

    This is another example of people getting excited that they were able to do something unusual. But just because you can do something unusual doesn't mean that you've found a security vulnerability.

  • The Old New Thing

    Selling your life for a quarter at a time

    • 14 Comments

    A year and a half ago, I stumbled across the essay Selling Your Life for a Quarter at a Time by Tim Barcz and found it quietly poignant. (Unfortunately, the spammers also found the essay and decided to fill it with garbage links. So much for poignant.)

    I tried to come up with a catchy tagline for this entry, but nothing worked. Coming up with something snappy would just be a disservice.

  • The Old New Thing

    Build a slide show out of search results

    • 1 Comments

    My colleague David Washington discovered how you can combine the Sidebar slide show gadget with search folders to end up with a slide show that is built out of search results.

    Pretty neat.

Page 2 of 4 (39 items) 1234