wa page 23 - Dave's Blog

Search
My timeline on Mastodon

Hidden device distorts news on wireless networks, brews beer, is time machine - Hack a Day

2011 May 30, 3:13"We covered the Newstweek, a wall-wart sized box that injects fake news stories over public WiFi connections last February, but now there’s a great walk through and it seems our doubts about this project were disproved."PermalinkCommentssecurity journalism wifi hack technical

Command line for finding missing URLACTIONs

2011 May 28, 11:00

I wanted to ensure that my switch statement in my implementation of IInternetSecurityManager::ProcessURLAction had a case for every possible documented URLACTION. I wrote the following short command line sequence to see the list of all URLACTIONs in the SDK header file not found in my source file:

grep URLACTION urlmon.idl | sed 's/.*\(URLACTION[a-zA-Z0-9_]*\).*/\1/g;' | sort | uniq > allURLACTIONs.txt
grep URLACTION MySecurityManager.cpp | sed 's/.*\(URLACTION[a-zA-Z0-9_]*\).*/\1/g;' | sort | uniq > myURLACTIONs.txt
comm -23 allURLACTIONs.txt myURLACTIONs.txt
I'm not a sed expert so I had to read the sed documentation, and I heard about comm from Kris Kowal's blog which happilly was in the Win32 GNU tools pack I already run.

But in my effort to learn and use PowerShell I found the following similar command line:

diff 
(more urlmon.idl | %{ if ($_ -cmatch "URLACTION[a-zA-Z0-9_]*") { $matches[0] } } | sort -uniq)
(more MySecurityManager.cpp | %{ if ($_ -cmatch "URLACTION[a-zA-Z0-9_]*") { $matches[0] } } | sort -uniq)
In the PowerShell version I can skip the temporary files which is nice. 'diff' is mapped to 'compare-object' which seems similar to comm but with no parameters to filter out the different streams (although this could be done more verbosely with the ?{ } filter syntax). In PowerShell uniq functionality is built into sort. The builtin -cmatch operator (c is for case sensitive) to do regexp is nice plus the side effect of generating the $matches variable with the regexp results.
PermalinkCommentspowershell tool cli technical command line

Native x86 Android runtime will enable Android apps on Windows

2011 May 26, 1:28This was on my todo list. I'll scratch it off knowing far more funded folks are doing this: "A startup called BlueStacks has developed an Android runtime environment for the Windows operating system. It will enable users to run Android applications alongside conventional Windows software on Microsoft's operating system." "One example would be a convertible netbook tablet that normally runs Windows but switches to an Android interface for greater touch-friendliness when the screen is flipped.
Such a product would offer the full power and multitasking capabilities of Windows but also benefit from having access to Android's broad touch-enabled software ecosystem."PermalinkCommentswindows programming android java technical

clip.exe - Useful tool I didn't know shipped with Windows

2011 May 26, 11:00

When you run clip.exe, whatever comes into its standard input is put onto the clipboard. So when you need to move the result of something in your command window somewhere else you can pipe the result into clip.exe. Then you won't have to worry about the irritating way cmd.exe does block copy/pasting and you avoid having to manually fixup line breaks in wrapped lines. For instance, you can put the contents of a script into the clipboard with:

more cdo.cmd | clip

I've got a lot of stuff dumped in my bin folder that I sync across all my PCs so I didn't realize that clip.exe is a part of standard Windows installs.

Nice for avoiding the block copy in cmd.exe but I'd prefer to have the contents sort of tee'd into the clipboard and standard output. So TeeClip.ps1:

$input | tee -var teeclipout | clip;
$teeclipout;
PermalinkCommentspowershell clip tool clipboard cli technical windows tee

_opt Mnemonic

2011 May 24, 11:00

​I always have trouble remembering where the opt goes in SAL in the __deref_out case. The mnemonic is pretty simple: the _opt at the start of the SAL is for the pointer value at the start of the function. And the _opt at the end of the SAL is for the dereferenced pointer value at the end of the function.






SAL foo == nullptr allowed at function start? *foo == nullptr allowed at function end?
__deref_out void **foo No No
__deref_opt_out void **foo Yes No
__deref_out_opt void **foo No Yes
__deref_opt_out_opt void **foo Yes Yes
.
PermalinkCommentssal technical programming

CSS Fonts Module Level 3

2011 May 10, 10:49Interesting standards disagreements showing up in specs: "Some implementers feel a same-origin restriction should be the default for all new resource types while others feel strongly that an opt-in strategy usuable for all resource types would be a better mechanism and that the default should always be to allow cross-origin linking for consistency with existing resource types (e.g. script, images). As such, this section should be considered at risk for removal if the consensus is to use an alternative mechanism."PermalinkCommentsreference web development font specification w3c css3

What are all the common undefined behaviour that a C++ programmer should know about? - Stack Overflow

2011 May 2, 7:33I recalled that the order of function/method parameter evaluation was not specified by C++ standard, but I didn't know the more general rule and the associated implications for the double check locking construct. Interesting.PermalinkCommentstechnical c++ programming

That’s What She Said: Double Entendre Identification

2011 Apr 29, 3:54That’s What She Said: Double Entendre Identification
Chlo´e Kiddon and Yuriy Brun
Computer Science & Engineering
University of Washington
Seattle WA 98195-2350
fchloe,brung@cs.washington.eduPermalinkCommentstechnology humor twss science paper csc technical system:filetype:pdf system:media:document

YouTube - Fight For Your Right - Revisited

2011 Apr 8, 2:28Trailer for the upcoming video for the upcoming Beastie Boys album. Took me a second viewing to realize that was Elijah Wood and to see the DeLorean (from the future?!).
PermalinkCommentshumor video youtube beastie-boys

When Harry Met Sally 2 with Billy Crystal & Helen Mirren

2011 Apr 7, 2:28Better left unspoiled. Just watch...PermalinkCommentshumor parody video movie

Capturing HTTPS with FiddlerCore

2011 Apr 6, 10:00

I used FiddlerCore in GeolocMock to edit HTTPS responses and ran into two stumbling blocks that I'll document here. The first is that I didn't check if the Fiddler root cert existed or was installed, which of course is necessary to edit HTTPS traffic. The following is my code where I check for the certs.

    if (!Fiddler.CertMaker.rootCertExists())
{
if (!Fiddler.CertMaker.createRootCert())
{
throw new Exception("Unable to create cert for FiddlerCore.");
}
}

if (!Fiddler.CertMaker.rootCertIsTrusted())
{
if (!Fiddler.CertMaker.trustRootCert())
{
throw new Exception("Unable to install FiddlerCore's cert.");
}
}

The second problem I had (which would have been solved had I read all the sample code first) was that my changes weren't being applied. In my app I only need the BeforeResponse but in order to modify the response I must also sign up for the BeforeRequest event and mark the bBufferResponse flag on the session before the response comes back. For example:

    Fiddler.FiddlerApplication.BeforeRequest += new SessionStateHandler(FiddlerApplication_BeforeRequest);
Fiddler.FiddlerApplication.BeforeResponse += new SessionStateHandler(FiddlerApplication_BeforeResponse);
...
private void FiddlerApplication_BeforeRequest(Session oSession)
{
if (IsInterestingSession(oSession))
{
oSession.bBufferResponse = true;
}
}
PermalinkCommentshttp fiddler technical https geolocmock programming fiddlercore

JavaScript & .NET interop via WebBrowser Control

2011 Apr 5, 10:00

For my GeolocMock weekend project I intended to use the Bing Maps API to display a map in a WebBrowser control and allow the user to interact with that to select a location to be consumed by my application. Getting my .NET code to talk to the JavaScript in the WebBrowser control was surprisingly easy.

To have .NET execute JavaScript code you can use the InvokeScript method passing the name of the JavaScript function to execute and an object array of parameters to pass:

this.webBrowser2.Document.InvokeScript("onLocationStateChanged",
new object[] {
latitudeTextBoxText,
longitudeTextBoxText,
altitudeTextBoxText,
uncertaintyTextBoxText
});

The other direction, having JavaScript call into .NET is slightly more complicated but still pretty easy as far as language interop goes. The first step is to mark your assembly as ComVisible so that it can interact with JavaScript via COM. VS had already added a ComVisible declaration to my project I just had to change the value to true.

[assembly: ComVisible(true)]

Next set ObjectForScripting attribute to the object you want to expose to JavaScript.

this.webBrowser2.ObjectForScripting = this.locationState;

Now that object is exposed as window.external in JavaScript and you can call methods on it.

window.external.Set(lat, long, alt, gUncert);

However you don't seem to be able to test for the existence of methods off of it. For example the following JavaScript generates an exception for me even though I have a Set method:

if (window.external && window.external.Set) {
PermalinkCommentsjavascript webbrowser .net technical csharp

IE9 Document Mode in WebOC

2011 Apr 4, 10:00

Working on GeolocMock it took me a bit to realize why my HTML could use the W3C Geolocation API in IE9 but not in my WebBrowser control in my .NET application. Eventually I realized that I was getting the wrong IE doc mode. Reading this old More IE8 Extensibility Improvements IE blog post from the IE blog I found the issue is that for app compat the WebOC picks older doc modes but an app hosting the WebOC can set a regkey to get different doc modes. The IE9 mode isn't listed in that article but I took a guess based on the values there and the decimal value 9999 gets my app IE9 mode. The following is the code I run in my application to set its regkey so that my app can get the IE9 doc mode and use the geolocation API.



        static private void UseIE9DocMode()
{
RegistryKey key = null;
try
{
key = Registry.CurrentUser.OpenSubKey("Software\\Microsoft\\Internet Explorer\\Main\\FeatureControl\\FEATURE_BROWSER_EMULATION", true);
}
catch (Exception)
{
key = Registry.CurrentUser.CreateSubKey("Software\\Microsoft\\Internet Explorer\\Main\\FeatureControl\\FEATURE_BROWSER_EMULATION");
}
key.SetValue(System.Diagnostics.Process.GetCurrentProcess().MainModule.ModuleName, 9999, RegistryValueKind.DWord);
key.Close();
}
PermalinkCommentsweboc fck ie document mode technical ie9

GeolocMock Tool - Tell IE9 Where You Are

2011 Apr 3, 12:00

I've made GeolocMock. If your PC has no geolocation devices, IE9 uses a webservice to determine your location. GeolocMock uses FiddlerCore to intercept the response from the webservice and allows the user to replace the location in the response with another. This was a fun weekend project in order to play with FiddlerCore, the W3C Geoloc APIs in IE9, hosting the IE9 WebOC in a .NET app, and the Bing Maps APIs.

PermalinkCommentsfiddler technical geoloc ie9 fiddlercore

Watch the “Invader ZIM” Cast Reading Unproduced Scripts

2011 Mar 28, 9:35Includes Zim/Dib puppet makeout scene.

PermalinkCommentsscript invader-zim humor tv video

Junkyard Jumbotron: join all your screens into one big one, no software install needed - Boing Boing

2011 Mar 14, 4:30A web service to turn multiple web browsing devices into one larger screen. Panning and zooming on one screen (for phones) changes the whole picture.
PermalinkCommentsqrcode web video ui tv

Listen to Max Tannone and Watch Moon

2011 Feb 23, 1:13
Max Tannone does awesome remix albums:


Also, the movie Moon is really good on a variety of points. Sam Rockwell and the voice of Kevin Spacey! Its available on Netflix Watch Instantly so you have no excuse!
PermalinkComments

IBM’s Watson Supercomputer As A Challenger on Jeopardy Game Show

2011 Feb 14, 6:59PermalinkCommentsibm Jeopardy game ai

zerodaythebook.com

2011 Jan 23, 4:49Sysinternals Mark Russinovich writes a novel (fiction) and gets a Bill Gates blurb for the cover: “Mark came to Microsoft in 2006 to help advance the state of the art of Windows, now in his latest compelling creation he is raising awareness of the all too real threat of cyberterrorism.” —Bill GatesPermalinkCommentsbook security microsoft sysinternals mark-russinovich novel fiction technical

Skynet meets the Swarm: how the Berkeley Overmind won the 2010 StarCraft AI competition

2011 Jan 19, 9:05
PermalinkCommentsgame programming design ai starcraft
Older EntriesNewer Entries Creative Commons License Some rights reserved.