information - Dave's Blog


Search

Debugging anecdote - the color transparent black breaks accessibility

May 22, 10:36

Some time back while I was working on getting the Javascript Windows Store app platform running on Windows Phone (now available on the last Windows Phone release!) I had an interesting bug that in retrospect is amusing.

I had just finished a work item to get accessibility working for JS WinPhone apps when I got a new bug: With some set of JS apps, accessibility appeared to be totally broken. At that time in development the only mechanism we had to test accessibility was a test tool that runs on the PC, connects to the phone, and dumps out the accessibility tree of whatever app is running on the phone. In this bug, the tool would spin for a while and then timeout with an error and no accessibility information.

My first thought was this was an issue in my new accessibility code. However, debugging with breakpoints on my code I could see none of my code was run nor the code that should call it. The code that called that code was a more generic messaging system that hit my breakpoints constantly.

Rather than trying to work backward from the failure point, I decided to try and narrow down the repro and work forwards from there. One thing all the apps with the bug had in common was their usage of WinJS, but not all WinJS apps demonstrated the issue. Using a binary search approach on one such app I removed unrelated app code until all that was left was the app's usage of the WinJS AppBar and the bug still occurred. I replaced the WinJS AppBar usage with direct usage of the underlying AppBar WinRT APIs and continued.

Only some calls to the AppBar WinRT object produced the issue:

        var appBar = Windows.UI.WebUI.Core.WebUICommandBar.getForCurrentView(); 
// appBar.opacity = 1;
// appBar.closeDisplayMode = Windows.UI.WebUI.Core.WebUICommandBarClosedDisplayMode.default;
appBar.backgroundColor = Windows.UI.Colors.white; // Bug!
Just setting the background color appeared to cause the issue and I didn't even have to display the AppBar. Through additional trial and error I was blown away to discover that some colors I would set caused the issue and other colors did not. Black wouldn't cause the issue but transparent black would. So would aqua but not white.

I eventually realized that predefined WinRT color values like Windows.UI.Colors.aqua would cause the issue while JS literal based colors didn't cause the issue (Windows.UI.Color is a WinRT struct which projects in JS as a JS literal object with the struct members as JS object properties so its easy to write something like {r: 0, g: 0, b: 0, a: 0} to make a color) and I had been mixing both in my tests without realizing there would be a difference. I debugged into the backgroundColor property setter that consumed the WinRT color struct to see what was different between Windows.UI.Colors.black and {a: 1, r: 0, g: 0, b: 0} and found the two structs to be byte wise exactly the same.

On a hunch I tried my test app with only a reference to the color and otherwise no interaction with the AppBar and not doing anything with the actual reference to the color: Windows.UI.Colors.black;. This too caused the issue. I knew that the implementation for these WinRT const values live in a DLL and guessed that something in the code to create these predefined colors was causing the issue. I debugged in and no luck. Now I also have experienced crusty code that would do exciting things in its DllMain, the function that's called when a DLL is loaded into the process so I tried modifying my C++ code to simply LoadLibrary the DLL containing the WinRT color definition, windows.ui.xaml.dll and found the bug still occurred! A short lived moment of relief as the world seemed to make sense again.

Debugging into DllMain nothing interesting happened. There were interesting calls in there to be sure, but all of them behind conditions that were false. I was again stumped. On another hunch I tried renaming the DLL and only LoadLibrary'ing it and the bug went away. I took a different DLL renamed it windows.ui.xaml.dll and tried LoadLibrary'ing that and the bug came back. Just the name of the DLL was causing the issue.

I searched for the DLL name in our source code index and found hits in the accessibility tool. Grinning I opened the source to find that the accessibility tool's phone side service was trying to determine if a process belonged to a XAML app or not because XAML apps had a different accessibility contract. It did this by checking to see if windows.ui.xaml.dll was loaded in the target process.

At this point I got to fix my main issue and open several new bugs for the variety of problems I had just run into. This is a how to on writing software that is difficult to debug.

PermalinkCommentsbug debug javascript JS technical windows winrt

Moving PowerShell data into Excel

2013 Aug 15, 10:04
PowerShell nicely includes ConvertTo-CSV and ConvertFrom-CSV which allow you to serialize and deserialize your PowerShell objects to and from CSV. Unfortunately the CSV produced by ConvertTo-CSV is not easily opened by Excel which expects by default different sets of delimiters and such. Looking online you'll find folks who recommend using automation via COM to create a new Excel instance and copy over the data in that fashion. This turns out to be very slow and impractical if you have large sets of data. However you can use automation to open CSV files with not the default set of delimiters. So the following isn't the best but it gets Excel to open a CSV file produced via ConvertTo-CSV and is faster than the other options:
Param([Parameter(Mandatory=$true)][string]$Path);

$excel = New-Object -ComObject Excel.Application

$xlWindows=2
$xlDelimited=1 # 1 = delimited, 2 = fixed width
$xlTextQualifierDoubleQuote=1 # 1= doublt quote, -4142 = no delim, 2 = single quote
$consequitiveDelim = $False;
$tabDelim = $False;
$semicolonDelim = $False;
$commaDelim = $True;
$StartRow=1
$Semicolon=$True

$excel.visible=$true
$excel.workbooks.OpenText($Path,$xlWindows,$StartRow,$xlDelimited,$xlTextQualifierDoubleQuote,$consequitiveDelim,$tabDelim,$semicolonDelim, $commaDelim);
See Workbooks.OpenText documentation for more information.
PermalinkCommentscsv excel powershell programming technical

Pixel Perfect Timing Attacks with HTML5 - Context » Information Security

2013 Aug 7, 8:25PermalinkCommentssecurity html html5 svg javascript requestAnimationFrame iframe

In Depth Review: New NSA Documents Expose How Americans Can Be Spied on Without A Warrant

2013 Jun 21, 10:43

What It All Means: All Your Communications are Belong to U.S. In sum, if you use encryption they’ll keep your data forever. If you use Tor, they’ll keep your data for at least five years. If an American talks with someone outside the US, they’ll keep your data for five years. If you’re talking to your attorney, you don’t have any sense of privacy. And the NSA can hand over you information to the FBI for evidence of any crime, not just terrorism. All without a warrant or even a specific FISA order.

Not sure if this is saying all Tor data is collected or saying if someone uses Tor then start collecting that someone’s communication.

PermalinkCommentstechnical legal tor nsa eff spying security privacy

Stuxnet Explained - Obama Order Sped Up Wave of Cyberattacks Against Iran

2012 Jun 1, 4:57

From his first months in office, President Obamasecretly ordered increasingly sophisticated attacks on the computer systems that run Iran’s main nuclear enrichment facilities, significantly expanding America’s first sustained use of cyberweapons, according to participants in the program.

PermalinkCommentssecurity politics iran nuclear virus

Privacy through Obscurity

2012 Mar 9, 3:30

With Facebook changing its privacy policy and settings so frequently and just generally the huge amount of social sites out there, for many of us it is far too late to ensure our name doesn't show up with unfortunate results in web searches. Information is too easily copyable and archive-able to make removing these results a viable option, so clearly the solution is to create more data.

Create fake profiles on Facebook using your name but with a different photo, different date of birth, and different hometown. Create enough doppelgangers to add noise to the search results for your name. And have them share embarrassing stories on their blogs. The goal is to ensure that the din of your alternates drowns out anything embarrassing showing up for you.

Although it will look suspicious if you're the only name on Google with such chaff. So clearly you must also do this for your friends and family. Really you'll be doing them a favor.

PermalinkCommentstechnical facebook stupid internet privacy

Glitch Helperator

2012 Feb 29, 3:05

I've been working on the Glitch Helperator. It is a collection of tools and things I've put together for Glitch. It has a few features that I haven't seen elsewhere including:

Favorite Streets
A notebook in which you can save information about interesting streets and later use it to find your way back to them.
Birthday
Find out how old your Glitch is and the date of your next birthday in Glitch time or Earth time.
API Update History
A history of changes to the streets, skills and achievements of Glitch noting when new ones are added and when existing ones are changed.
It also has an interactive skill tree, find nearest feature tool, and achievement display. If you play Glitch, check it out.
PermalinkCommentsglitch tool glitch-helperator game

Blackmail DRM - Stolen Thoughts

2012 Feb 13, 4:00

Most existing DRM attempts to only allow the user to access the DRM'ed content with particular applications or with particular credentials so that if the file is shared it won't be useful to others. A better solution is to encode any of the user's horrible secrets into unique versions of the DRM'ed content so that the user won't want to share it. Entangle the users and the content provider's secrets together in one document and accordingly their interests. I call this Blackmail DRM. For an implementation it is important to point out that the user's horrible secret doesn't need to be verified as accurate, but merely verified as believable.

Apparently I need to get these blog posts written faster because only recently I read about Social DRM which is a light weight version of my idea but with a misleading name. Instead of horrible secrets, they say they'll use personal information like the user's name in the DRM'ed content. More of my thoughts stolen and before I even had a chance to think of it first!

PermalinkCommentsdrm blackmail blackmail-drm technical humor social-drm

"Forwarded HTTP Extension" - Andreas Petersson, Martin Nilsson

2011 Nov 17, 3:30

Describes forward HTTP headers to explicitly list proxying information that might otherwise be lost.

PermalinkCommentstechnical ietf http http-header proxy

NYTimes Sues US For Refusing To Reveal Secret Interpretation Of Patriot Act (techdirt.com)

2011 Oct 20, 6:52
Wow, FTA: "Given all of this, reporter Charlie Savage of the NY Times filed a Freedom of Information Act request to find out the federal government's interpretation of its own law... and had it refused. According to the federal government, its own interpretation of the law is classified."
PermalinkCommentstechnical

Obscuring Location

2011 Jul 1, 10:17"A method for obscuring location information is described. Both static and changing location information can be obscured. A single distance measure is input to the process; this parameter controls the precision of location information that can be extracted by a recipient."PermalinkCommentsgeoloc geolocation technical rfc standard reference

Lessig: Copyright isn't just hurting creativity: it's killing science (video) | Motherboard

2011 Apr 27, 2:22"Larry Lessig gave a new talk at CERN last week about copyright and how it has affected open access to academic or scientific information"

The Architecture of Access to Scientific Knowledge from lessig on Vimeo.

PermalinkCommentscopyright science lawrence-lessig video talk

What's Happening in Egypt Explained. (UPDATED)

2011 Jan 30, 3:15PermalinkCommentspolitics information history media technology

Google Prediction API - Google Code

2010 Aug 13, 11:46RESTful machine learning API from Google... "The Prediction API implements supervised learning algorithms as a RESTful web service to let you leverage patterns in your data, providing more relevant information to your users. Run your predictions on Google's infrastructure and scale effortlessly as your data grows in size and complexity."PermalinkCommentsrest ai google programming analysis machine-learning development technical

RFC 5854 - The Metalink Download Description Format

2010 Jun 1, 6:46"Metalink describes download locations (mirrors), cryptographic hashes, and other information. Clients can transparently use this information to reliably transfer files."PermalinkCommentstechnical internet download web url xml metalink

The Essential Message: Claude Shannon and the Making of Information Theory

2010 Apr 20, 9:34PermalinkCommentstechnical pdf information-theory cryptography history system:filetype:pdf system:media:document

notes.husk.org. “Infographic” (by Phil Gyford, repurposed under a....

2010 Apr 11, 3:55Humour infographic backlash infographic.
PermalinkCommentsinformation infographics humor technical

Getting started with Google Calendar Sync - Google Calendar Help

2010 Mar 21, 3:22Google Calendar Sync is an Outlook plugin that syncs your Google and Outlook calendars (you get to pick 1way and direction or 2way sync'ing). This almost looks like what I want but perhaps my feature requests are too obscure for someone to have already implemented them:
Events marked personal added on my Outlook calendar should get full 2-way sync'ing with my Google calendar.
All other events added on my Outlook calendar should be assumed to have private company information and should get 1-way sync'ing with just the time and location - no attendees or subject or desceiption.
All events added on my Google calendar should get full 2-way sync'ing with Outlook and there should be marked personal.

I doubt I'm going to find a pre-made app to do this so I guess I should get coding. Otoh, if they ever bring the updated Android OS that has Exchange support to my G1 maybe none of this would be necessary...PermalinkCommentsgoogle calendar outlook microsoft tool free technical

New Paintings Page: Ward Shelley

2010 Feb 4, 2:07Infographic oil paintings of things like the historical influences of avant garde or the life of Frank Zappa.PermalinkCommentsart design visualization information gallery infographics painting ward-shelley via:infosthetics

A Peek Into Netflix Queues - NYTimes.com

2010 Jan 11, 2:24Heat map of rental popularity of particular movies from NetFlix in various cities.PermalinkCommentsvisualization movie netflix map nytimes flash information
Older Entries Creative Commons License Some rights reserved.