October 2005 - Posts
Mark Russinovich has a great article on his blog about
Sony DRM and rootkit-style cloaking. He does a good job of navigating through the obfuscation that an idiotic DRM company foisted on Sony and on the world.
Mark concludes:
The entire experience was frustrating and irritating. Not only had Sony put software on my system that uses techniques commonly used by malware to mask its presence, the software is poorly written and provides no means for uninstall. Worse, most users that stumble across the cloaked files with a RKR scan will cripple their computer if they attempt the obvious step of deleting the cloaked files.
Wow. Reason #524 why I hate DRM. I know we gotta have it, but it just leads to crap like this. And worse. But that's a topic for another day and other websites. At least with Apple, you know where you stand.
So, no more buying CDs from Sony. Too bad; they have some good stuff on their classical labels.
- Two weeks ago, I left my iPod on a plane. I realized it 5 minutes after they left the gate. It never turned up at the other end of that flight.
- Three days ago, I turned my car in off lease and left my garage door opener in the car. Fortunately, they found it last night.
- Yesterday night, I left a sack with a 200GB hard drive and some paperwork with my name and address on it in the parking lot of my local CompUSA. I realized it within 5 minutes, turned around, and called. It never turned up.
Here's hoping that we're done with that game.
Good news! An NTDEV poster pointed out that
Filter Manager is available as a redistributible from Microsoft, if you call them and ask nicely. I hope this turns into a fully-supported redistributible. But, it's one less reason to ever try to write a filesystem filter that's not a minifilter.
UPDATE: Neal clarifies on NTDEV:
Let me clear up some confusion. This KB article is not for the
redistributable. It simply is to let people know that filter manager
was part of the W2K URP.
We are still planning on releasing the redistributable.
I agree that it has taken longer then originally planned. I pinged the
group in India that is doing this, unfortunately this week was a holiday
and most people were out. I will have a status update on the
redistributable at the PlugFest next week (14-18).
Neal Christiansen
Microsoft File System Filter Group Lead
This posting is provided "AS IS" with no warranties, and confers no
Rights
Wow...
- The host kept talking in the background, totally distracting me repeatedly,
- The fire alarm went off in my building halfway through,
- The host asked me a question that our Q&A screener explicitly marked as "don't-ask",
- I violated personal policy and mentioned a quasi-competitor or two, unintentionally,
- I took 25 minutes to do the first 25% of the slides, leaving 5 mintues to do the rest. Went way over. :-)
Other than that, it went quite well. If you're interested in this sort of topic, bonk the link at the top of the Positive Networks homepage - it's archived for 30 days or so.
I'm giving a webcast today in about an hour (3:00PM CDT) discussing six truths that I've learned over the years about what it takes to deploy a safe, effective, reliable remote access system. The webcast is free and should be about an hour long, with a Q&A session at the end.
If you're interested, stop by the Positive Networks site and register. Should be a hoot!
David at
37signals has pointed out a couple of interesting reasons to
fear the Google Web Accelerator. This has implications for anyone who works on any kind of intranet or management web app. Om Malik points out that there are
security concerns as well.
Update: Jason Sloderbeck, our Director of Operations at Positive Networks, says: "It's not nearly as bad as whatever Slashdot story you just got done reading. Google didn't write software to automatically trade your stocks in E*Trade. They're smart. Quote me."
Until the MVP Summit, I had only heard of, but had never used, the DIFx tools. We had a great presentation with the DIFx people where they demonstrated exactly how to cleanly incorporate driver installation into an MSI, and I've been meaning to work on doing just this since I got back. But, one thing drives out another, as they say.
Well, it seems that a new blogger, Code Mortem (catchy name), has posted information on getting your driver to install with DIFxApp.
Have a look. And welcome to the Blogosphere™, Mr. Mortem!
It's funny how something that seems at first to be nothing but the reemergence of opportunity can be the cause of so much anxiety. The Web 2.0 buzz that's been going on since the conference (I discussed it in
WTF Is 2.0? and in
More On Web 2.0 recently) has been surprisingly divided between hype and fear of "Bubble 2.0".
I think a repeat of the late 90's is unlikely. If it were to happen, it'd be because venture capitalists had forgotten the very very expensive lessons they learned during the crash. Having spoken to a few of them recently, I most certainly don't think they have - VCs are out looking for good companies with products to sell and customers to win, not merely a cool concept.
Even if we do see another frenzy of stupid investing, which I doubt, the web economy is in a different place now than it was then. I've been a happy E*Trade customer for approaching 10 years, I've been using Google every day for a couple of years, I buy a nontrivial amount of junk from Amazon, I use Ebay on occasion, etc... These companies, be they 1.0, 2.0, or even 3.1b2p6, are not going anywhere soon.
I'm getting tired of policing comment spam for the moment, so I'm turning off comments for the moments. Feel free to drop me an
email through the feedback link if you want.
Now back to porting my coverage tool to kd.
Maybe I feel too free to post non-technical content on the weekends. :-)
As a not-particularly-talented musician (I play a little mandolin and even less guitar), I'm no stranger to feelings of inspiration and sublime awe at particularly gifted musicians as they do their thing on stage or on MP3. I can sit and listen to Jimmi or to SRV or to Chris Thile of Nickel Creek for hours and hours and never get tired of listening to them for their virtuosity and innovation on their instruments.
But the thing that fewer people cop to is a feeling of awe at the "right song". I'm not really talking about classical music here - I love classical music, but it is so complex and subtle that the feelings it inspires in me are, in a sense, beyond those that I experience when I hear a good song (i.e. a few minutes long and written in the last century). It's a unique feeling when I stumble on exactly the right song - they're not the songs that I would expect to connect with usually - but I feel like I can relate to it so much that I wish I had written it. I don't know how else to explain it - these songs just click with my personality in a weirdly synergistic way.
The songs that do this are all over the board - Cherub Rock by Smashing Pumpkins is one of them, as is A Day In The Life by the Beatles, Nothing But Flowers by The Talking Heads, and (oddly?) Happier by Guster. A couple of songs in Rent fall into this category, like One Thousand Kisses and Living In America. But the far-and-away winner in the category of Most Songs I Wish I'd Written is Bob Dylan. The one that popped up on my mp3 player tonight was Tangled Up And Blue - one of the greatest.
I wonder how often this phenomenon - "I wish I had written that," or its cousin for the more talented among us, "I should have written that" - happens. For people who can/do write music, I would think it would be the beginning of creative inspiration; for the rest of us (or me, at least), it is just a feeling of frustrated amazement.
One of the few things that I dislike about my PowerBook is common to all laptops that I know of: non-ergonomic keyboards. This laptop has a fine keyboard overall - one of the best I've used - but it uses the traditional square-key, rectangle, wrist-destroying layout that most traditional keyboards use. I'm already at the point that my wrists and fingers start hurting after coding for an extended period of time, so I try to use an external natural keyboard when I can. But darn, my laptop is sooo convenient, I just can't bring myself to haul around a big old keyboard with it when I'm not at my desk. So I wind up spending a lot of time typing directly on the laptop.
I just looked at Microsoft's new Natural® Ergonomic Keyboard 4000, and I want one. Notice how you can tilt the whole thing down and away from you, creating a much more comfortable wrist bend. Incidentally, it, like all of the other Microsoft hardware I've bought recently, supports Macintosh very well. Since I use my Mac as often as my Windows boxes, I appreciate that.
Anyway, I just wish there were a reasonable laptop manufacturer out there that would somehow figure out how to build a split, downward-tilted keyboard into a laptop. I'd even deal with a bigger/heaver laptop in exchange for a more comfortable keyboard. My guess is that I won't get my wish anytime soon.
I can only hope that this was the result of a language barrier:
For the below read routine i am expecting
guidance/solution from you people.
No, no, not "moron" Web 2.0, "more on" Web 2.0. Gee, it's like you were trying to mis-read me on purpose. Really!
I've read several blog posts in the past week that echo my confusion regarding Web 2.0. It seems as though I'm not the only one whose bullshit detector went off. Now Joel Spolsky has a hilarious rant up on his blog about the same topic.
Now, if only I could get him to quit griping about one of my favorite groups, Creative Commons. (In fairness, it was a minor, offhand gripe.) I just got home from Barnes & Noble, where I bought the "centennial" edition of Ayn Rand's Atlas Shrugged. I haven't really thought about this book since high school, aside from some conversations with friends at work, and I thought it'd be a good time to see how my perspective has changed in the meantime. It's not really centennial, in the sense that the book was published in 1957, not 1905, which is when Rand was born. But it's as nice of a paperback edition as you can reasonably ask for, so it is forgiven for being misleadingly labeled.
Political Rant Follows; Read At Your Own Risk
Then, I realized that I can get the entire Harvard Classics and Shelf of Fiction, all 71 books' worth, for free - they're in the public domain. Then I thought about my favorite time-sink, Wikipedia, which has tons of content from the 1911 Encyclopedia Britannica, all in the public domain. On the flip side, the way current copyright law is headed, my children's children won't have access to a much larger public domain than I have access to now, and Rand's books probably still won't be on the list.
As I've said before, I make my money with copyright, but at the same time, I happily support organizations such as Creative Commons that work to keep the associated policies under control.
And now, for the bit with a dog
I remember how nobody thought the movie Shakespeare in Love (1998) deserved to win the Academy Award for Best Picture. I don't really have an opinion on that point, but as I was reading my latest Shakespeare bio (Will in the World), I was repeatedly impressed with some of the historical bits the movie got right. They most certainly took a ton of creative license regarding the main storyline, but a lot of the details were represented well. Don't take the film too seriously, but it's clearly not the junk that a lot of people were calling it at the time. Plus, it has a bit with a dog in it.
Several posts to the WinDBG list recently have pointed out the fact that 1394 debugging can be flaky with the wrong hardware. If you're having any sort of flaky experience with 1394 debugging, the first thing to do is to get a reasonable 1394 card. The kind folks at
OSR have a 1394 card for sale in their store that everyone agrees works well with 1394. I can't provide a direct link because their website seems to be smarter than I am at this hour - I am unable to find a direct link that works. They list it for US $29, which is a bargain at twice the price if you're currently putting up with crummy 1394 debugging.
I ran PreFAST on
coverage 0.1 and wound up with a strange size_t redefinition problem. I mailed NTDEV to see if anyone had heard of it, and Doron Holan said that one of the dev owners said that PreFAST isn't ready for prime time on AMD64. At least that's true as of PreFAST 2.1, which is what's in the 5112 WDK.
The solution, of course, is to build your code as 32-bit and test it that way. This should be reasonably easy to do; the worst-case scenario is #ifdef'ing out the 64-bit parts if need be. It just so happens that DbgEng code is directly portable between x64 and x86, as long as you don't do anything dumb, so this didn't turn out to be a problem for me at all.
And, I managed to find a new bug when I built it under 5112 (the released version is built with 3790.1830) - and in general, I've noticed that the PreFAST in the WDK finds many more bugs (mostly true positives) than the previous versions of the tool.
What a great tool.
Well, I've burned the last couple of evenings on a code coverage tool that is now a working proof-of-concept. I had some trouble finding docs for DbgEng, and I had even more trouble finding an actual (free) code coverage tool, so I'm going to post this
very early development build of the tool here, in case anyone else is interested. Feedback and suggestions are much appreciated.
Download coverage v0.1
There is a README in the package with more details. Source code is included, as are x86 and x64 binaries. I've placed it in the public domain, so feel free to experiment.
Next stop: turning it into a kd extension so that I can use it on my drivers. Shouldn't be too difficult.
Microsoft has released a new
Community Technology Preview of Windows Vista, which appears to be build 5231. If everything stays on schedule, Beta 2 ought to be here around the holidays.
The server that hosts my blog is having a bit of a rough morning; it's being worked on, so it should be back to normal soon.
I have an article running about
VPNs and Endpoint Security, in FSA Times, a publication of the Financial Services Auditor Group. It's written for an IT audience, so it's pretty non-technical.
More Posts
Next page »