wa page 22 - Dave's Blog

Search
My timeline on Mastodon

Malware Signed With a Governmental Signing Key - F-Secure Weblog : News from the Lab

2011 Nov 16, 12:19

“It’s not that common to find a signed copy of malware. It’s even rarer that it’s signed with an official key belonging to a government.”

PermalinkCommentstechnical ssl

FireFox doesn't have innerText

2011 Nov 14, 12:34

I wrote my HTML against IE9 and continually validated with Chrome as I went. Afterward I tried it in FireFox and found out that FireFox has textContent whereas IE9 & Chrome have innerText

PermalinkCommentstechnical web web-browser firefox ie9 chrome ie innertext textcontent js html

iPod Godfather Tony Fadell Finally Reveals His New Product: A Thermostat. No, Really. | TechCrunch

2011 Oct 25, 5:37
An original iPod guy has a new company that makes... wait for it... thermostats. Weird. Well they look cool anyway.
PermalinkCommentstechnical

MemeCats: #OccupyPopTarts

2011 Oct 20, 12:00PermalinkCommentslolcats memecats memes nyan cat occupy wall street politics protests signs technical

Bug Spotting: Smart pointers and parameter evaluation order

2011 Oct 19, 5:58
The following code works fine. I have a ccomptr named resolvedUri and I want to update its hostname so I do the following:
        CreateIUriBuilder(resolvedUri, 0, 0, &builder);
builder->SetHost(host);
builder->CreateUri(0xFFFFFFFF, 0, 0, &resolvedUri);


But the following similar looking code has a bug:
    ResolveHost(resolvedUri, &resolvedUri);


The issue is that doing &resolvedUri gets the address of the pointer but also clears out the pointer due to the definition of my smart pointer class:
    operator T**()  
{
T *ptrValue = mPtrValue;
mPtrValue->Release();
mPtrValue = NULL;
return &ptrValue;
}


In C++ there’s no guarantee about the order in which parameters for a function or method are evaluated. In the case above, &resolvedUri clears out the ccomptr before evaluating resolvedUri.Get() and so ResolveHostAlias gets a nullptr.

An interesting and related thread on stack overflow on undefined behavior in C++.
PermalinkCommentsc++ technical bug programming smart-pointer cpp

The three terrifying minutes that created The Gunstringer

2011 Sep 29, 8:35This story is funny and also reminds me to go eat at Matador... "Twisted Pixel chief creative officer Josh Bear had responded with abounding confidence, if only to mask the truth. Because the fact of the matter, the fact that he and CEO Mike Wilford were all too aware of, as they sat in Redmond, WA Tex-Mex restaurant The Matador, was this: The idea wasn't "awesome." It was nonexistent."
PermalinkCommentsfood microsoft game gunstringer humor technical

The Most Anticipated Shoe of All Time: Q+A With Someone Who Won A Pair of Marty McFly's Futuristic Kicks | Motherboard

2011 Sep 20, 9:27Interview with someone who bought the limited edition Back to the Future shoes: "[Interviewer] Have you watched the Back to the Future movies? [Respondent] Yeah, some of em. The hoverboards and shit. That was cool." ARGH! Not worthy!PermalinkCommentshumor bttf nike shoes

Sleepy Alex

2011 Sep 10, 10:27
PermalinkCommentsvideo

Hey, Bethesda! Let's settle this! : The Word of Notch

2011 Aug 17, 4:52This is awesome: "I challenge Bethesda to a game of Quake 3. ... If we win, you drop the lawsuit. If you win, we will change the name of Scrolls to something you’re fine with." I could have been a lawyer if things worked this way.PermalinkCommentsminecraft game law quake3

Baby Room (Pre Baby)

2011 Aug 7, 2:22
PermalinkCommentsvideo

Telex

2011 Jul 18, 2:38Neat idea: "When the user wants to visit a blacklisted site, the client establishes an encrypted HTTPS connection to a non-blacklisted web server outside the censor’s network, which could be a normal site that the user regularly visits... The client secretly marks the connection as a Telex request by inserting a cryptographic tag into the headers. We construct this tag using a mechanism called public-key steganography... As the connection travels over the Internet en route to the non-blacklisted site, it passes through routers at various ISPs in the core of the network. We envision that some of these ISPs would deploy equipment we call Telex stations."PermalinkCommentsinternet security tools censorship technical

The Cthulhu fez awakens...

2011 Jul 18, 1:28The Cthulhu FezPermalinkCommentshumor gift fez cthulhu awesome wishlist

A true American Patriot recites Bill Pullman’s Independence Day speech around New York City  | Great Job, Internet! | The A.V. Club

2011 Jul 6, 7:28"Over this past Fourth Of July weekend, we neglected to note that it was the 15th anniversary of Roland Emmerich’s 1996 blockbuster Independence Day. New York comedian Sean Kleier remembered, and decided to make his own tribute, going to various locations around New York City—Times Square, the Brooklyn Bridge, the subway, and inside a Victoria’s Secret—reciting Bill Pullman’s rousing speech before the movie's final battle sequence, megaphone and all."
PermalinkCommentshumor video bill-pullman independence-day new-york

The Dusty 45s

2011 Jul 4, 4:05Just watched the Dusty 45s play the Seattle New Years event. You must enjoy the flaming trumpet! And that's a literal flaming trumpet - check out 4:05:
PermalinkCommentsmusic rockabilly swing bands video youtube seattle dusty-45s

YouTube - ‪Star Trek: The Captain's Summit (1 of 7)‬‏

2011 Jun 30, 1:23"Join Whoopi Goldberg (Guinan) as she hosts The Captain's Summit. Whoopi sits down with Trek stars William Shatner (Kirk), Leonard Nimoy (Spock), Patrick Stewart (Picard) and Jonathan Frakes (Riker) and gets personal with them. From fan-etiquette to comparing series, this is a must see for all Trek fans."

PermalinkCommentsnerd video startrek youtube tng tos

Playable Archaeology: An Interview with Telehack's Anonymous Creator - Waxy.org

2011 Jun 20, 2:25I knew it was a game but still felt bad war-dialing and otherwise messing around in there. What if I accidentally find a way out? "Telehack is the most interesting game I've played in the last year... a game that most users won't realize is a game at all. It's a tour de force hack — an interactive pastiche of 1980s computer history, tying together public archives of Usenet newsgroups, BBS textfiles, software archives, and historical computer networks into a multiplayer adventure game." Also, see all the accounts of people finding their teenage selves in the game.PermalinkCommentsinternet technical development hack telnet wardial game

4chan BBS - Genius sorting algorithm: Sleep sort

2011 Jun 20, 2:20"Genius sorting algorithm: Sleep sort 1 Name: Anonymous : 2011-01-20 12:22 Man, am I a genius. Check out this sorting algorithm I just invented.
#!/bin/bash 
function f() { 
    sleep "$1" 
    echo "$1" 
} 
while [ -n "$1" ] 
do 
    f "$1" & 
    shift 
done 
wait 

example usage: 
./sleepsort.bash 5 3 6 3 6 3 1 4 7
"PermalinkCommentshumor programming code technical 4chan bash sort sleep-sort sleep

LulzSec manifesto: "We screw each other over for a jolt of satisfaction"

2011 Jun 20, 2:09"Why did the hackers at Lulz Security ("LulzSec") invade Sony Pictures websites, take down cia.gov, and release 60,000+ e-mail addresses and passwords? For the lulz, of course—but what might look lulzy to one person could certainly enrage another. In honor of its 1,000th tweet, the witty wankers of LulzSec released a manifesto of sorts, defending their actions to the angry Internets."PermalinkCommentsinternet security privacy hack technical

Lifetimes of cryptographic hash functions

2011 Jun 20, 11:25A cautionary tale in chart form: lesson is make sure you can always upgrade your hashing algorithm or don't have security dependencies on hashing algorithms.PermalinkCommentsreference hash encryption security table technical humor

WPAD Server Fiddler Extension Update v1.0.1

2011 Jun 12, 3:34
As it turns out the WPAD Server Fiddler Extension I made a while back actually has a non-malicious purpose. Apparently its useful for debugging HTTP on the WP7 phone (or so I'm told). Anyway I took some requests and I've fixed a few minor bugs (start button not updating correctly), changed the dialog to be a Fiddler tab so you can use it non-modally, and the WPAD server is now always off when Fiddler starts.
PermalinkCommentsextension fiddler technical update wpad
Older EntriesNewer Entries Creative Commons License Some rights reserved.