Dangers of web code snippets
Tuesday, May 5, 2009
Every programmer knows these situations: you are in the middle of programming something when you realize you need to do a thing you never did before. Instead of opening library/programming language/toolkit documentation, you just fire up google, type in a few keywords and import the first snipped that google finds straight into your source code.
I’ve hit these situations many times. The problem is that usually these snippets are just plainly wrong. Often, you end up importing source code from a 12-year old blogger with 3 months of experience in programming. Not really what you want to do in production code.
I’ve hit this situation today, again. I needed my C# WinForms application to go fullscreen. Google immediately yielded some results. First result was this, the second one this.
The first one didn’t really do what I needed. And when I saw the ugly P/invokes in the second one, I decided to do it myself.
The solution was dead simple: set FormBorderStyle to None, TopMost to true and WindowStyle to Maximized. That’s it. A fullscreen form without P/invokes or other voodoo, that will even work with Mono.
So, be careful with random web code snippets and always read comments for the article where those snippets appear. They are usually pretty good at telling you if this is a bad solution and pointing you in the right direction.
Topics: Uncategorized | Comments Off
Geolocation over WiFi
Wednesday, April 22, 2009
I was playing with my iPod Touch today, skimming throught Google maps, when I accidentaly hit the Show current location button. I knew that my iPod doesn’t have a GPS so I never really expected it to work. I was really stunned when after 3 seconds it showed me a map of Uppsala, with a circle around a place that actually was my location.
My first reaction was: what?! And I immediately went to check if my iPod really does not have a GPS. It didn’t. So I started googling and after a few links I finally knew what was going on: iPod uses WiFi to provide geolocation.
Still, this was not an answer for me. WiFi access points usually don’t report their own GPS coordinates. That would make them too expensive with very little benefit to the user. Something different had to be behind this.
A few more minutes after that I found the answer: there is a company that runs cars with a GPS and WiFi on board, that scan MAC addresses of WiFi access points and stores them together with their positions. When a device like my iPod Touch needs to find out it’s location, it sends a list of all access points around it to a web service of this company. If you are lucky, the MAC addresses are already in their database and using triangulation, they can find your location with precision of ~100 meters.
That’s pretty impressive for a device with no real geolocation hardware.
Topics: Uncategorized | Comments Off
GDB and QEMU on Windows
Tuesday, April 21, 2009
A few weeks ago I started to work on a small operating system for a MIPS-based development motherboard. When thinking about a development toolchain, I immediately looked at one of my favorite emulators – QEMU.
QEMU has a few nice features that make development of operating systems easier than ever. One of these features is the -kernel command line parameter that loads a custom operating system kernel right into memory without the need to write a custom boot loader. Another useful command line option is -s which starts a GDB server inside QEMU so you can connect to it with GDB (with the command target remote :port_number) and debug your loaded kernel with full symbols.
At first, this didn’t work for me. GDB refused to connect to the server for no apparent reason (No connection could be made because the target machine actively refused it.). It took me almost half an hour to figure out where the problem was: QEMU was opening an IPv6-only port and GDB was using IPv4. Quick fix: open up gdbstub.c in QEMU sources, locate the line where the connection string is being created (in QEMU 0.10.2 it’s the line 2300; there is a string that says: tcp::%d,nowait,nodelay,server) and fix the connection string to look like this: tcp::%d,nowait,nodelay,server,ipv4.
Topics: Uncategorized | Comments Off
Compiling GDB under Windows
Wednesday, April 15, 2009
Just a quick post to make things simpler for everyone who is googling for help when compiling GDB debugger under Windows.
There are two small oddities that require edits in the source code when compiling GDB 6.8 using MingW with MSYS.
- In sim\common\sim-signal.c: replace
#ifdef _MSC_VERwith#ifdef _WIN32 - In gdb\tui\tui-io.c: find the line with
/* #undef TUI_USE_PIPE_FOR_READLINE */and uncomment it
After you change this, just “configure” and “make” and you are good to go.
And if you want the TUI (textmode GUI interface), install PDCurses to your MSYS directory (and create a link from MSYS\lib\libpdcurses.a to MSYS\lib\libcurses.a; not sure it’s neccessary, but that’s what I did) before running the configure script.
Topics: Uncategorized | Comments Off
Summer at Microsoft
Tuesday, September 30, 2008
As you probably all know from my last blog post, I spent this summer interning at Microsoft in Redmond. I was hoping to keep this blog updated with all my experiences and news, but being the lazy person I am… I did not write a single line.
This is a condensed version of what happened with me during my 12 weeks in Redmond.
- Microsoft organized a lot of events for the interns – from big scale ones (21 buses, 2 concerts, lots of food and a free 8 GB Zune for everyone), through smaller ones (a few buses to Mount Rainier) to family-scale ones (some ice cream and free t-shirts for the international interns)
- I was working in the Windows Shell Test team, integrating some UI automation stuff into a bigger framework (the details are covered by the NDA I signed, sorry…)
- Mark Russinovich signed me a copy of Windows Internals book
- I saw Raymond Chen’s office. Raymond was not there when I walked by…
- I had a read only access to Windows 7 source code and daily builds. Windows 7 is awesome and MinWin rocks :)
- Mario Hewardt signed me a copy of Advanced Windows Debugging
- I had access to Office 14 builds (yes, they are skipping Office 13)
- I saw Steve Ballmer from, like, 2 meters away
- I played bowling with Jon DeVaan
- My team was working on Windows Vista SP2
- Dave Cutler, the father of Windows NT kernel, had his office in the same building and on the same floor as I had. He signed me a box of Windows NT 4
- Dev10 (the next Visual Studio) will kick your behind
- I didn’t see Bill Gates, but I saw his house (well, I biked to the gate of his house, to be more specific; no fanfares and no warm welcome from Bill’s side)
- I had access to Microsoft Company store, where you can buy Microsoft merchandise and software for funny prices
- I had time to do explorations of neighborhood (Seattle, Vancouver,…)
- Microsoft paid for me a health club. The club (Pro Sports Club) was the best I have ever seen.
All in all, it was a great summer. Microsoft gave me an offer for another internship the next summer, which I accepted. If you are still a student, give it a try and we might see each other in June 2009 :).
Topics: Personal | Comments Off
Interviewing with Microsoft
Wednesday, April 16, 2008
A few months ago I found an offer for a summer internship at Microsoft headquarters in Redmond. After all I have heard about working at Microsoft, it sounded like a perfect summer opportunity for me. I wasn’t very optimistic about my chances, but I would probably regret it later if I didn’t apply. So I sent them in my CV.
After a few weeks of waiting I got a call from the Czech Microsoft office saying that they like my CV and they are sending it to Redmond for further evaluation. I was happy, but still – had no reason for celebrations :). A few weeks passed until I received an e-mail from Redmond asking me several questions about my background (my motivation, programming proficiency, how much code did I write within the last year and stuff like that). I sent them all my answers and waited impatiently for a reply.
The phone interview
After a week or so, I received an e-mail with a telephone interview arrangement. Now it all started getting serious. I searched the whole internet for any hints on telephone interviews, prepared a sheet of paper with all possible questions, printed out my CV and even started brushing up my english a bit.
To my surprise, the interview went quite well. Again, there were some questions about my background and motivation and a simple problem-solving question. No “real” technical questions at all. Still, I had a pretty bad feeling about it. My answers could definitely be better and I felt that I didn’t say anything that would distinguish me from the other candidates.
In-person interview
A few weeks of radio silence followed. I started to be a bit worried that after the disastrous phone interview I am not even worth to get an e-mail telling me that I didn’t meet their expectations. Then I received an e-mail with subject “Microsoft Internship Interview Preparation – Warsaw”.
It was an invitation for an in-person interview with people from Redmond on their International Recruiting Trip in Warsaw, Poland!
The in-person interview was challenging. The interview took place in the Warsaw Microsoft office, which is a nice building about 10 kilometers from the city centre. I met 6 other internship candidates, 2 from Czech Republic, 2 from Romania and 2 from Bulgaria. I was the only one from Slovakia (the interviews were scheduled for two days and if I remember well, about 40 candidates were invited to Warsaw altogether).
I interviewed with 3 people – Holly (technical recruiter), Phil (manager from the Speech Recognition team) and Tom (developer from the “Clouds” team).
During the interview I had to write code on paper, explain my approach, design several tests and even solve puzzles (variations on the Pigeonhole principle). Even thought one interview took only 20 minutes (so 3*20 minutes together), it was exhausting.
The rest of my trip to Warsaw was fun, too. I had time for some explorations of the city and I took many pictures. The best thing about it – Microsoft paid all the hotel and travel expenses :).
Interview results
The results of my interview came in about two weeks later. I was really anxious about opening the e-mail. I really wished to get there. So I opened with jittering hands just to find out I received an offer! An offer for a SDET position at the Windows Serviceability team! Probably the best place I could get!
If everything goes well, I will start in the middle of june. So – see you in Redmond :)!
Topics: Personal | Comments Off
Singularity source code released
Wednesday, March 5, 2008
Microsoft has finally made the source code of it’s research OS called “Singularity” available to general public.
Singularity is a prototype operating system coded almost entirely in managed code. It’s written using Sing#, a language derived from Spec#, which itself has roots in C#. Spec# adds Eiffel-like contracts (loop invariants, preconditions, postconditions, etc.) to C#. Sing# extends Spec# with low-level constructs required for operating system development and channels required for communication within Singularity’s microkernel.
Okay, now what does this mean?
- Singularity’s code can be mechanically proved correct. This can easily reduce number of possible programming errors by orders of magnitude.
- Singularity’s strong typing creates impenetrable memory boundaries within operating system components and processes. This allows execution of everything, including user processes in ring 0. No more CPU cycles wasted by context switching.
- And much much more :)
Other projects attempting to create a CLI-based operating systems are SharpOS (which unfortunatelly uses the aggressive GPLv3 license) and Cosmos (released under a BSD license).
EDIT: I almost forgot the download link for Singularity; you can get it from Codeplex.
Topics: .NET | Comments Off
.NET framework libraries source code to be released
Thursday, October 4, 2007
According to Scott Guthrie’s blog, Microsoft will release the source code of .NET framework libraries together with .NET 3.5 and Visual Studio 2008 release later this year.
Nice. This means no more uncommented disassemblies of extended .NET classes from Lutz Roeder’s .NET Reflector (even though it’s a wonderful tool when you don’t have the source code, having the source code is better).
Topics: .NET | Comments Off
Latest development
Monday, September 17, 2007
It has been quite a long time since I have posted anything to this site. A month, to be exact. After a pretty harsh first half of my summer holidays, I have been busy catching up with some summer pleasures in it’s second half.
With my parents and my brother, I spent a week at our cottage in Low Tatras. I finally got the chance to charge my internal batteries.
After returning from the mountains a friend asked me if I would join him on his trip to Prague. He has never been there before and I just could not say no. The trip was perfect and I’ve got some nice pictures, so maybe I’ll post them somewhere.
Anyway – I promise, I will write more content for this blog now and I will also try keeping it less personal and more technical. I’ve got some fun things on the burner, so stay tuned.
Topics: Personal | Comments Off
Don’t fool your users
Saturday, August 11, 2007
Today, I finally got into reading the series on anticracking I mentioned in my previous post. In one of the articles, I found this suggestion on what to do if you detect that your program is being cracked†:
Instead of crashing the program, you should wait several days and then change the way the program reacts. For example, in a graphical program when the user of illegal version picks green colour, the program will draw with blue colour.
The intention of this is clear: discrediting the cracker. If he doesn’t notice this additional protection layer and ships his (unfinished) crack, his credit among the cracker community will be degraded.
In reality, though, the one with degraded credit will be you. “Do not use the X program. It’s full of bugs and works in an unpredictable way.”
People do not usually associate bugs in programs with unfinished cracks. If a program works just fine after it was cracked, people tend to forget that the program was ever cracked. All errors that show up after a certain period of time will be automatically associated with you.
If you want to include delayed checks in your protection, make sure they behave in a direct way. You detected that your program is partially cracked? Show a message box‡. Display a message on the application title bar. Inform your users. Do not let them make false assumptions about your program.
†There are many ways how to detect this – a checksum doesn’t match, the registration verification procedure returned true even though the code supplyed was intentionally not valid, etc.
‡ Of course, do not forget to hide the message in the code appropriately. You don’t want to bring the attention to this code, do you?
Topics: Security | Comments Off
