• The Old New Thing

    John Swansburg deftly declines the fine print disclaimer on his Heelys

    • 11 Comments

    Before field-testing his Heelys for a report in Slate, John Swansburg reads the legal disclaimer and declines it.

  • The Old New Thing

    How do you drop on the background of an Explorer window when it is in details view?

    • 38 Comments

    When you set your Explorer to Details view, it can become tricky to drop an item onto the window background (in order to move it into the folder) because Details view sets full row select (starting in Windows Vista). This helps users of tablets and touch screens, because it increases the size of the target when dragging and dropping into a folder. On the other hand, when you have more items than fit on the screen, every pixel in the view corresponds to an item; there is no background any more. So how do you drop on the background?

    If you're using Windows 7, you can take advantage of a little gutter space to the left and right of the columns. There is a gutter to the left of the leftmost column and another gutter to the right of the rightmost column. Windows Vista doesn't have these gutters, but you can create a gutter on the right hand side by resizing your columns narrow, and then resizing the window wider than the sum of all the columns. Yes, it's clumsy.

    Less clumsy is dropping onto the Details panel at the bottom of the window, which works both on Windows Vista and Window 7. Dropping onto the Details panel is treated as a drop on the folder background. And the Details panel is a nice big target for your drag/drop operation, so those of you using a tablet or touch screen should have no trouble finding it. (Those gutters are nice for mouse-based users, but if you've got fat fingers, they're not much help on a touch screen.)

    If you've turned off the Details panel, you can also drop onto the title bar. It's not as big as the Details pane, but it's still bigger than the gutters.

    Finally, there's always the copy/paste approach instead of drag/drop. Multi-select the items you want to transfer, right-click them and select Copy (or Cut, as appropriate), then go to the destination folder, and under the Organize menu, select Paste.

    Except for the gutters, all of these techniques also work for Windows Vista.

    Bonus chatter: Commenter Medinoc complains that, with the switch to full row select, it's very hard to click on the background. Actually, it's not that bad. You can right-click on the blank space of any unselected item. For example, find an unselected item with a name that doesn't fill the entire Name column and look at all that white space to the right. You can right-click there and it will be treated as as a right-click on the background. The full row is still treated as part of the item when dropping, for the benefit of people using tablets and touch screens, or people who simply want to hit a target bigger than a 16×16 icon.

  • The Old New Thing

    Weak references have no effect on object lifetime

    • 18 Comments

    The Weak­Reference class lets you retain a reference to an object while still permitting the object to be garbage collected. When that happens, then the Is­Alive property is false and the Target property is null. (Related discussion.)

    Note, however, that weak references do not alter the decision of the garbage collector whether or not an object is garbage. It merely lets you observe the garbage collector's decision.

    Some people think that Weak­Reference means "Treat this as a regular (strong) reference most of the time, but if there is memory pressure, then you can reclaim the object." This type of reference is called a Soft­Reference in Java, but the CLR has no analogous concept as far as I'm aware. In the CLR, weak references do not extend the lifetime of an object.

    It's sort of like the Prime Directive from Star Trek: Weak references follow a policy of non-interference with the natural course of the GC.

  • The Old New Thing

    Microspeak: Net out

    • 5 Comments

    It started out in finance, but the term has crept into more mainstream usage (at least within Microsoft) and along the way picked up its own meaning:

    Where did we net out on this?
    Customers want you to net out the business value.
    Note any significant changes to the forecast and explain the reasons why. Net out changes to start conversation.

    Include the following points in your presentation:

    1. ...
    2. Net out action plan moving forward

    The next citation is a bullet point from a PowerPoint slide:

    Agenda
    Each district/vertical will answer/report back on:

    • ...
    • Net out top 3 business asks

    (I also have some finance citations, but they aren't relevant to Microspeak, so I've left them out.)

    In finance, to net out is to cancel out positive and negative amounts. For example, you might net out an account by cancelling amounts owed against amounts due in order to eliminate offsetting transactions. When calculating tax liability, you net out your gains against your losses to determine your net change for the tax period.

    In Microspeak, well, I'm not sure what it means. In that first citation, it appears to be a synonym for come to a conclusion. The question appears to be a rephrasing of "What was our conclusion on this?" or "What did we finally decide on this?"

    In the second citation, it appears to be a synonym for summarize in terms of net benefit/loss. "Customers want you to show the net benefit of the product."

    In the third citation, it appears to be used merely to mean summarize.

    And in the final two citations, it appears to be simply a verb meaning to produce.

    Note that net out is unrelated to that other Microspeak phrase net net, discussed earlier.

  • The Old New Thing

    Searching for Evil: Spot the scam

    • 8 Comments

    Security researcher Ross Anderson gives a talk on how a search engine can be used to shed light on the various evils that lurk on the Web. It starts off slow, but picks up when he gets to the "Can you spot the scam?" game that he plays with each Web site. (If you're in a hurry, skip ahead to a little past the 20 minute mark.)

  • The Old New Thing

    It rather involved being on the other side of this airtight hatchway: Invalid parameters from one security level crashing code at the same security level (again)

    • 37 Comments

    A few years after I posted this story, the security team received something very similar.

    If have found that if you call the XYZ function (whose last parameter is supposed to be a pointer to a DWORD) and instead of passing a value pointer to a DWORD, you pass NULL, then you can trigger an access violation in the XYZ function. The XYZ function does not check whether the input parameter is NULL. This is a denial of service attack against the system.

    Okay, first of all, even if the XYZ function checked that the final parameter is non-NULL, that wouldn't prevent a caller from passing an invalid non-NULL pointer, so adding a NULL check doesn't accomplish much from a security-theoretical standpoint.

    The problem with this vulnerability report is that there is no elevation. The attack code and the code that crashes are on the same side of the airtight hatchway. If your goal was to make the process crash, then instead of passing invalid parameters to the XYZ function, you can just trigger the crash yourself.

    int __cdecl main(int, char**)
    {
        return *(DWORD*)NULL = 0;
    }
    

    In other words, in order to trigger an access violation in the XYZ function, you must already have had enough privilege to run code, which means that you already have enough privilege to trigger an access violation without even needing the help of the XYZ function.

    This dubious vulnerability falls into the category Code execution results in code execution.

  • The Old New Thing

    Where do those Wall Street Journal hedcuts come from?

    • 1 Comments

    A few years ago, Marketplace radio looks at those portraits used by the Wall Street Journal, known as hedcuts. Believe it or not, these drawings are hand-done, not computer-generated. View the Smithsonian National Portrait Gallery online exhibition to see, for example, how Steve Jobs's portrait has changed over the years.

  • The Old New Thing

    Grown in the middle of some very respectable Seattle suburbs, such as Renton

    • 14 Comments

    "The marijuana is grown in the middle of some very respectable Seattle suburbs, such as Renton."

    This is a funny sentence if you're a longtime resident of the greater Seattle area, because Renton has historically been a working-class town. (Here's Almost Live's parody of South King County to give you an idea of what Renton is up against.)

    The city is working to change its reputation. I wish them luck.

  • The Old New Thing

    It helps if you write a cover letter and remember the name of your interviewer

    • 2 Comments

    It's not a big thing, but it shows that you have your act together and does a lot towards distinguishing you from everybody else. A story of the importance of writing a cover letter and remembering the name of your interviewer.

    (Then again, what do I know. JobsBlog probably is a better source for this type of info. Earlier this year, Angela McLaughlin shared her thoughts on cover letters.)

  • The Old New Thing

    Management-speak: Multi-perspective content

    • 7 Comments

    A colleague of mine visited an internal Web site for task ABC and found that the site was no longer there. Instead it was replaced with a simple message:

    Designed with the user in mind you will now find contextual ABC and DEF information served up in a secure format alongside all GHI information. Access to relevant multi-perspective content will enable faster resolution for your GHI needs.

    Translation:

    HTTP/1.1 301 Moved Permanently
    Location: http://ghi
    
Page 378 of 426 (4,251 items) «376377378379380»