Saturday, December 15, 2007

Bad Security Programming

I am often amazed on how much privacy and security violation that often times appear on
websites.

Here the latest one i notice just a few days back. It not an actual programming problem but more on common sense privacy violation.

Goto : www.pizzahut.com.my

Goto "Register", enter any phone number of a person that you know of, and chances
is the Pizza hut will show you the "address" where that person is staying or last used to order
pizza. Yes, this means you can get the address of anyone who happen to have registered with
PizzaHut EVEN if that person ordered via the PHONE last time.

What does this tells you?
Anyone can locate your house address and other information if you have ordered anything from Pizza Hut via phone or online.

Conclusion : Call up pizza hut to remove your information on their database, or if you havent registered or ordered via phone, DONT.

Monday, November 19, 2007

Alchepo Guide to Software Quality Assurance

Face it. Most teams don't have time to do a proper quality check on their products, instead most depend on "trust". Its impossible to expect the Guru programmer to check everyone's source code to look for flaws and potential problem. Its equally insane to expect amature programmers to code like a pro equally.
So how does one implement quality inspection on the code? In many cases, its the end product that is installed and tested in a given time. Although end product testing is a must, i am talking about other stages where quality can be enforced and not just the end stage.

Here are some of my suggestion, mostly based on William Edwards Deming's key recommendations and paraphrased. Who is he? If you study on how Japan manufacturing and quality rose from the ashes, you will know who this person is. http://en.wikipedia.org/wiki/W._Edwards_Deming

One of the important rule you have to remember is :-

- Substitute personal supervision with.. Statistics.
This means you must ask your programmers for proof of quality instead of "have u tested it?" etc. For eg, ask him/her to run a set of tests and show u the result of those tests on his routine/function.
One alchepo way is to also record down the memory usage and handles of the program by simply running the task manager and recording the usage of that process before/during/after the tests are conducted. This simple practise ensures that no crazy leaks occur in the program which will result in those popular scenario where the program runs perfectly in day 1, but crashes in a week.
This should be conducted whenever they perform unit test on their new routine/program.

- Diverse data testing
One of the most evident proof of an amature programmer is when he/she says "it runs ok on my machine" where else it crashes just after deployment on the first client pc.
The product/routine must be tested in as diverse scenario as possible, you dont really need an infinite number of pc's to do this, just some range of diff setup. For eg, a new setup with no service pack or on Virtual pc, and some end users pc you have in your office with loads of rubbish loaded. Better still is the industry practise of providing a beta testing to selected clients or public.

This is by no means a complete or even decent article on software assurance, but if your team have no proper method anyway, these 2 steps alone will secure ur eternal gratitude to this blog . ;-)

Monday, November 5, 2007

Windows Mobile Dominance : Dopod / HTC = ?


Around 2-3 years back, i got myself the new Xphone, powered by the SmartPhone OS which is basically Windows CE based. The idea that the phone ran on Windows was interesting so much so that the curiosity got the better of me and i parted with RM 1,800.



(photo from gsmarena)



Thats when the nightmare began, it seems like the phone was nothing more than a plastic shell that ran Windows with no regards to phone practicality. Although the contacts smart search (it searches both letter and numbers when you press the relevant keys) was a great design, the rest of the functions just falls out of place. The phone taught me how refined a normal Nokia was and how foolish was me to think that MS new venture (back then) could possibly be better.

One of the most irritating problem i recalled was the SMS ringtone. When you are using phones like nokia, alcatel, motorola and even Sharp, the sms ringtone are discreet or a soft vibrate. On the XPhone, it just "DING-DONG!" right into your ears not realizing that you are on the phone talking and your ears are like just milimeters from the speakers. It rang right out, without detecting the current state of the phone. That shows how "basic" the phone was. I did read a review on an Australia ZDnet before buying the phone, i guess the reviewer never really used the phone. The phone was sold under O2, but if you dont know by now, its all by HTC. Couple that with frequent hangs and reboots, the phone was sold off to a guy who wanted to use it as contact backup at a fraction of the price.






Time passed, so does my grudge against Xphone. This year 2007 during the CNY, i got myself the Dopod838 pro, surely the best of Window Mobile won't go wrong was my excuse this time.

(photo from dopodasia)






The camera was chun!, the video was perfect for recording impromptu stuffs. The Outlook synch worked perfectly well and the phone comes with a sliding keyboard, something that my fingers easily adapt to.


Then comes the problem :-


  1. Its a 3G phone, when you are surfing on the phone, all incoming calls are dropped, you won't even hear a ring. You cant make any calls out either. Yes, one can argue that 3G uses the same bandwidth as the calls thus it was technically correct to make the phone work this way...GO TRY A NOKIA, it would smartly pause the 3G while you chat and resume when you hang up.

  2. The sliding keyboard frequently hung, the screen was no receptive to anything you type on the keyboard, i ended up switching to the touch screen and pen.

  3. You will need to turn "off" the screen by pressing the side buttons or the phone can be configured to "energy saving mode" when idle for minutes. But most likely you will just press the side button like all other Windows mobile devices (ver 5 and 6). Now this poses a problem, the device comes with so many other buttons which are accidentally triggered somehow even when the phone screen is already off. Thus you find a slew of applications running when you turn on the screen and it lags the device to a crawl. Solution: Assign all the buttons (except camera) to "none".

  4. The front buttons have a paint that easily peels off, for a device that cost RM 3k (ouch!) this kind of quality is not expected. I wasn't expecting the VW golf 4 layer paint coat, but hey its just 3 months down the road and it peeled.

  5. If you are new to PDA+phone and you like to quickly reply SMSs while you are stuck in a short traffic, you would want a phone with a real keypad.

I upgraded the OS to Windows Mobile 6 (official dopod838 pro patch) , yes the new menu's better but overall...the phone is still very much slacking in practicality as a phone. I find myself nagging the phone and getting impatient with its flaws and missing the good'ol Nokia 6630.

Well, thats me, on the corporate industry and IT world however ....

Windows Mobile is a very attractive choice.



  1. MS Exchange comes with free push email (Direct Push). Blackberry, Visto, and Seven (Ericsson mobility) require a third party provider and expensive upfront payment. Then there is Funambol (http://www.funambol.com/) which claims to provide free push email Open Source. Funambol won't work in Malaysia, not on Maxis and other providers, it require an incoming connection directly from your Provider to your phone, which only means it can be implemented only by your provider. I did manage to make this work, by writing our own proxy clients (java for nokias, sonyerics and .net for WM) on the phone and modifying the server to provide straight push email. However, the market expectation of push email speed and funambol server polling design makes it non viable.

  2. Vista beautiful support for Windows Mobile via the new Window Mobility Centre.

Thus i would say, as more people demand for push email becomes apparent, some would turn the blind eye to the Windows mobile flaws and embrace the Empire's offer. (imagine the evil star wars empire soundtrack playing....teee tee teee te te te te te te)


May the mails be with You....




Thursday, November 1, 2007

Programming Job available


There will be a booth in TARC this coming 14-15th Nov, 2007 held by my company.

The company wants to hire programmers, if you are a tarcian and attending the event, i gurantee u will not miss our booth (ha ha)...the posters that was done is out of this world.


"Code Wars" - Master Yoda poster


"Enter the Coders" - Bruce Lee poster


I hope the rightful parties wont be offended as the images are just used for this one occasion, for the same reason i wont be posting the images in its actual format.

Actually if you are looking for a programming job as your starting career or if you have 1-2 years experience, you just need to be able to write this program, and my company would love to hire you.


Program Test: (C# or C++)


1. Write a program that will write to a file, the following random objects

integers, alphanumberics, floats and seperated in a file. The file size must be around 20 MB.


Eg, 23213, 1.2312, helloworld, 88593, what is this, 88.22


2. Write a program that will read from this file and print the types of each token that was read from the file :


Eg, 23213 = integers

1.2313 = floats

helloworld = strings


Thats it, simple and straight forward. Just complete the 2 programs on your own.


Send the program project to the company at : onlythebest@internetnow.com.my complete with your resume .






Monday, October 29, 2007

Its all about Design

What happens when two programmers of equivalent skills and same field exposure are hired to write their own version of the same sofware? E.g A Corporate Messenger or something as simple as a Leave application system.

The "Design" will be the distinctive line between the amature and the pros.

When i say design, i mean the way all the components and function calls interact. When i say design i mean how the UI will be presented to the users. When i say design, i mean how the product ends up in different modules/classes and processes?

Let me give you a real life example :

Write an application for XP that can retrieve MAC addresses given a list of IPS in the LAN.
A layer2 passthru packet driver is provided.

Programmer A# : Adds a function in the layer2 to provide ARP request. Adds a function in layer@ to process ARP reply. Adds a function in layer2 to receive the list of ips to test. Need to determine which Network interface to send the ARP request/reply. Send the information back to User mode .

Programmer B# : Adds a function in layer2 to receive the list of ips to test. Adds a function to match incoming ips and extract from packet header the mac. Send the information back to User mode.

While Programmer A# seems to have coded the more technical way, its also the more time consuming approach. Since most the the functions (arp handling) is also handled at the driver level, that means more vulnerable BSODs are bound to occur if any bugs were to surface.
That also means that you need to send the packets out in the first place and you will need
to determine which network interface is the one that talks to the LAN.

Programmer B# on the other hand, you might ask how will he ever get the MAC address since he did not do any ARP request/reply functions at the driver? He did that via the usermode....all he did was issue ping via the raw socket api, and the Windows XP naturally send the packet out via the correct network interface. So all he need to do at the layer2 driver, was to match the return ping replies and get the MAC address from there.

Why write your own ARP handling when Windows already paid $$$$ and hired XXXX programmers to provide the functionality? A choice of design.

Same product, 2 design.

Design is everything. I see "design" everywhere, from the way the texts are displayed when you boot up the system, Windows displaying its welcomed screen, the license agreement layout and presentation, how my power off button is used...everything.

Some design are just so dumb, it makes you wonder why the person/company that does it never saw the errands of it. There was a time back then when USB was just coming out of the oven and you see tons of manufacturers and ham-kei shops producing their desktop with USB support.

I notice a faulty design choice that many chose... Why in the world, was the USB port BEHIND?
Its was just a plain "everything else is at the back, so just put it there". While those com ports, printer ports and power connectors have always been conventionally at the back, the USB port which is a drastically different port was placed errornously with the rest at the back.
Of course, soon, some bright sparks soon realize the fallacy of the design and in just a matter of months, kazam! USB ports in front of all major Desktop brands.

The other day i was passing by USJ and i notice one big advertisement board near the Summit left turn : Giant 70,000 and more items. The problem is, people could not visualize how much is 70,000 and that figure doesnt impress anyone. The casual mind is just not able to associate how great or significant is 70,000 in a hypermarket item count. The mind could only remember 3 type of things, which if i were to do marketing, i would use these 3 factors to the fullest:

1. Humour / ridiculous factors
2. Great quantities (eg you see uncountable warriors in an epic movie)
3. Big sizes (imagine godzilla 10 times bigger coming to town)

These factors you can extract from books that teaches you how to improve your Memory.

People are bombarded with figures like 1,000,000++ in many marketing materials, what is 70,000 ? Thus putting that advertisement is a big waste of space, they might as well put there "GIANT" surrounded by small uncountable "giant" and it would strike a better impression.

Friday, October 19, 2007

Can i be a programmer for life?

Quoted from jobstreet.com -

"The two greatest gurus of software development in Malaysia, Ralph Tee and Marcus Low will address your concerns about the career path of a programmer. Having charted many successes in their careers and earning the accolade of being the brains behind cutting-edge Malaysian technology which had penetrated the international market, Ralph and Marcus will cut to the bone, challenge your beliefs and present their outspoken views on the following:

1. Is there a future to being a software programmer? (As Ralph puts it, have you ever met a 50-years-old programmer? Is your programming career over after 35?)

2. What does it take to be the best code guru?

3. What should you do and not do when you are applying for a programming job? If you are a programmer worth your salt, if you are a software developer who sees heaven in lines of code, this is a forum you cannot afford to miss."


Years back i was invited by JobStreet to give a talk on career as a programmer. This is one subject that is closed to my heart. Having worked and interacted with all kinds of programmers in Malaysia, I have identified and listed out various "mental" stumbling blocks and attitude that prevents a person from being a successful programmer which leads to a frustrating career.

So is programming a job for you? Watch the Videos below and download my presentation.
You will need to watch the video to interpret the powerpoint, else its gibberish. The first half of the talk was conducted by Ralph Tee, a respected programming guru that was the author of Armour Anti-virus back in 1993. For those who didnt know, Armour was the best selling antivirus from 1993-1996 up to a point where in 1995 the US defense ministry uses 1.5 million license of it (in a diff brand name ^_^). Ralph wrote tons of other programs and recovery tools that he never made public but very interesting. He currently runs his own company doing virtual Telekom mapping projects, POS malaysia and other project based stuffs.

Someone in the seminar wrote me this "what qualifications you have that Jobstreet labelled you Malaysia Top gurus in programming" Frankly, there is no way u can get yourself such a title being conferred by any organization. Its the people in jobstreet and their personal evaluation ^_^. Personally i feel that anyone's programming skill and worth is only measurable when its weighted on a global scale. When the result of your product is matched againts the borderless world, the demand for your product or your skills is put on the real scale.

Amazingly, one of those mentality problems malaysian programmers have is to quick to compare with local talents when the real standard is out there. Its okay when someone says "This mr.foreigner is a great programmer, one of the best". The moment you hear "This malaysian programmer is one of the best", arrows and backstabbing comments come flying. What profit is there when 2 proton car engineer argued on who designed the better proton model in the line-up? Here comes VW...

I would recommend anyone downloading the powerpoint presentation to bear in mind the principles involved, but the material itself is 3 - 4 years back, and in IT that is one whole life cycle. Today i would recommend "C#" as part of programmers foundation to work on.

Video1 (113MB) (right click and save)
Video2 (13MB) (right click and save)
Presentation (ppt)

Thursday, October 18, 2007

Windows Pro but Noob on Linux : Things you should know to move quickly in Linux

Ur a hot shot programmer in Windows. Nothing is too hard for you in Windows.
Suddenly you received an email from your employers, "Our next project will run on a Linux Box".

Here are things that you should know that can save you time and get you moving quickly :-

1. If its going to be webbase thing, you can leverage your .net skills in Linux. You can even host ASP.net on Linux or write application in C# that will run on Linux. Check out this site for more info : http://www.mono-project.com/

Alternatively you can learn PHP, the syntax is similar to C/C++ so if you have experience in C#, this should be no problem. However you will soon notice that you need an IDE that recognizes PHP, i suggest you just use your Visual Studio .Net and get this php syntax highlighting FOC from this David Crumps : http://blog.cumps.be/visual-studio-2008-and-php-coloring/

Although there are commercial IDEs for PHP, but you can easily lookup the function reference
from the windows chm file you get from http://www.php.net/. In Visual Studio (2005 at least in my test), the Designer view is even better than some of these commercial PHP. This allows you to easily see the xhtml layout and code php at the same time.

If you going to use php, i suggest u start right on with smarty and php together. You can get smarty from http://www.smarty.net/ . Its a templating engine that will save u lots of time when you do php and its so much cleaner on your code/ui separation.


2. Learn about Daemons, Crontab and linux file permission. These info are easily available anywhere . For file permissions read this up : http://www.linuxcommand.org/lts0070.php
Linux processes and daemons (eq windows services) uses configuration files for their settings and configuration. These are the basics you should at least know and understand.

3. There are many linux distributions, use one and stick with that one. Depending on your linux project, if its a hardware, its easy, just choose any one of the latest Linux distribution and use that for all your deployment. Each distribution is trying to value add to the generic linux and thus its kinda problematic if you want to deploy to all versions.

Take one of the Anti-Virus my company uses for example, www.drweb.com . Its one of those few antiviruses that supports various linuxes, it has basically a diff scripts for installing to each distribution to protect its Samba folder (haha yeah, you're not really going to sell unless u are protecting the samba folders which many are used as file sharing with the the windows stations).

The popular choice would be Red Hat Enterprise Server, Fedora, Debian and CentOS. Now talking about CentOS, here is one event that i would labelled as the worst "User support" case ever, the kind of user that would be your technical team's nightmare : http://www.centos.org/modules/news/article.php?storyid=127

Wednesday, October 17, 2007

Linux vs Windows

I have never been a fan to Linux vs Windows discussion. Yes, i have worked on Linux and Yes i know it has tons of network tools given to the admin that made win95/98 looks like a joke. But that was win95 back then.
The argument that linux is secure, stable due to the open source many "eyes" concept has never been accepted by me. Yeah, i do agree win3.1 and 95, 98 was a rough ride when it comes to security and even on 2k and xp, it was hackers haven.

But then consider this, if you load windows with just those essential drivers, modules like what came in linux, it would be as stable as it is. Heck, i have witness so many linux firewall hanging after adding this module and that module, its just no diff. I am talking about linux firewall that is retailing at RM 50k and above.

Stability is just using whatever that is standard, tested and proven by a party that practices safe programming, be it Windows, Linux, BEOS or MAC OS.

If u ask me, hehehe, i seriously think that most of the unstability in Windows is caused by security products itself! Such as antivirus and personal firewalls. These programs uses drivers (sys=nt,xp,2k, vxd=95/98) which if buggy can easily crash the system. That my fren, is no different than you adding some hooks into the kernel for linux and compile and use it when its buggy. It will crash.

In fact after giving myself a lot of time looking at those projects for linux, i can conclude only one thing.

Linux will still have a market on its own - that is in appliance.
Being free as in $$$$ is a reason so strong its absolutely ridiculous not to use it as an appliance OS. An open source kernel in which u can add.change anything you want, inspect anything, hook anything and the software components of Apache, php, java allows decent development to make the appliance works. These factors just makes Linux win easily as the choice OS for appliance.

Apart from that, design wise, there is nothing in apache, php that IIS and .net doesnt win.
Yes, PHP has tons of supporter, i use it too! However once u use both tools, you cant help but admire the design that the .Net has put in for web development and dynamic content. Basically its makes php looks really dated.

There is a reason why Windows was the best seller and popular choice OS for all time, for some, the reasons seems uncomprehensible, for others, its not a choice. For many programmers the choice is more emotional than logical, we all remember how MS crush netscape, how MS crush Borland C++, how MS this and that , deep down, nobody like to give in to a monopolizing Giant.

What if today MS suddenly declares that Vista will be sold at RM 50 and Windows
Server 2008 at RM 100? I bet the market share for MS will grow exponentially crazy.

Now...Linux is free isnt it?

Tuesday, October 16, 2007

Nothing beats Soft-Ice for live engineering

Soft-ice, the mighty sword i have wielded for many generations of windows os and days of DOS.
How have thou fallen O my comrade, thy blade would no longer pierce the foe Vista. I mourn for thee Soft-ice, has thy maker abandon thee?

I love soft-ice. I have used it to reverse...hrummp... i mean analyse (i dont promote cheap hacking) many applications and malwares thru the generations. Its a loyal and trustworthy companion for any serious system programming. The fun i had in the Ultimas, Red-alert (super sonic tank), alone in the dark, , neverwinterII (using the cage as armour), ROM (256 rays!),diabloII (99% life leech...ouch), DungeonSiegeII (complete the mysterious quest, damage of 14124124) and those cant even recall endless list of games (did i mention no cheap hacks, i never mod life stats and str, mana etc...those can be done via trainers and even built in cmds, no fun if u cant die)

While we are at this, i got some confession to make, some naughty stuf i did in this IT world during my earlier reckless days...

- Ixxxxx college, around year 1993/94. My sincere apologies for crashing all the pcs for a duration of week. Shooting masses of msgs via the netware send api that refuses to go away when u press the ctrl-enter. Yeah, it was no virus...

- to all the cybercafe players in pandan indah, during 2003-2004, counter strike 1.5, 1.6. Miyu, Camper369 is actually a cheater = me. Yup, i wrote a client proxy via the blueprint from ogc, and i played in the cybercafe. Since the gun auto aims the "cookoo part" and hides all UI elements and triggers via the keypade keys, you guys never knew what hit u, even when you are standing behind me watching me play. That program is just...well... anti-anti-cheater and anti-ppl-stand-behind-to-see-if-i-cheated version. Thanks for all the fun and frags.

- sincere apologies to Tay cheng yik and his cousins and collegues. For i used the same program on the silversurf cybercafe when u organized the counter strike match . Yes, you were smart the cybercafe comes with the security of not allowing any downloads and processes....but i went there earlier at 6pm and well..."loosened" the security so my program would load. How? Well the security they granted to yahoo messenger was too high, so its just a matter of renaming and putting my program as yahoo messenger. Now u know, why i didnt agree to join WCG.

- QuakeII office match, wait a minute, i was a QuakeII master, what did u expect to read here, i never wrote any mods to help out in this one. Where did i put that rail gun...u just wait here.

Sob...Sob...

Soft-ice wont be available for vista. So what alternative you have. For one, u still have the windbg (yawn...), Ollydebug and Syster. I have tried the latter two and they do a good job in analysis but for live reverse....i mean terbalik engineering on live processes/drivers, nothing beats Soft-ice.

Soft-ice....(ok skip ahead, leave me mourning here for my loved ones..)

Monday, October 15, 2007

Microsoft Expression Blend (sept preview)

What does an UI programmer, a System programmer and a Computer animator have in common? The UI complains "i am not a web designer, those cool flash sites you see, well they are more of a designer job". The System programmers proclaims "i only write engines, those UI coders are no fun anyway". The designers wish list "i wish these jokers understand i cant perform well unless i know the context of how this image will be used in their UI in detail".

Now everyone gets a chance to put themselves into everyones' else shoes.
In MEB, you can animate a control using a timeline....did i say animate...., yes
animate, animate, animate, and TIMELINE, what in the world is happening here? What does a programmer do with an animation timeline? and wait...layering on my toolbox controls? Layering as in Adobe photoshop kinda thing? Dreamweaver??

You bet...the MEB is one heck of an IDE providing all these functionality, wait maybe calling it an IDE is insuficient to provide the right impressin, a mega ide perhaps, a tool that integrates everything that powers an application. (isnt that what an normal ide does? heheh dont try to be smart mouth here...)

MEB is possibly one of the most radical IDE i have the chance of playing with. It infused great power (well not so great responsibility since generated app ran on .net 3.0) and promotes the WPF concept. I must say the first 30 minutes of playing with it caused my mind to ran back and forth thru time and space, to venture the possibility where no man has gone before.
Its one of the most exciting tool :-) for bored programmers.

Having said that, i was working on pHP and java and been using various IDE's (emacs, Nusphere, eclipse, netbeans) before i completed the linux box project. Well, if the linux community was happy with those IDEs they have (there are still some clueless ppl who champion the use of vi or notepad for programming but i am talking about professionals that maximizes a tool like an ide for dev in linux), the MEB would be a real eye opener.

Wait a minute, why are you talking about linux? You are talking about some Microsoft stuff here and that won run on linux, so it has nothing to do with the linux community.
Actually, i have this funny feeling that the borders are coming down fast, heard of mono? The .net being supported in linux also means hordes of windows coders will find their skill and knowledge workable on both worlds with minimum effort. One may argue the other way is true, for eg, java running on windows, well honestly, java apps running on windows not only looked weird but downright silly, they are just anything but cool. Remember there was once that Lotus Notes on the server ran on a command console box (dos like)? Yeah that feeling.

The developers have ensured that whatever u developed on MEB would ran on XP sp2 onward, now that isnt too bad of a criteria seeing that w2k is at least 7 years old now and most Xps could dl the sp2 anytime. U still need the 3.0 .net though.

And as expected, c# is the core language for using this tool. The MEB would launch your VS 2005 when you add the code behind the controls.

Here download it and watch some of the samples provided :
http://www.microsoft.com/expression/products/download.aspx?key=blend2preview

Thursday, October 11, 2007

Winsock2 Replacement (ws2_32.dll)

Ok one day i decided try something funny, basically i wrote a winsock2 dll (ws2_32.dll) that will intercept all the calls to the real ws2_32.dll. Sure there are plenty of winsock hooks around town, but a replacement dll? oh come on, it must be a big waste of time, but anyhow i did it.

The advantage of a replacement winsock is obvious for research reasons, for one, it only intercepts whichever application folder that it is running in, without interfering the rest of applications that uses winsock, thus you dont need to filter the logging of other apps.

How was it done?

First i wrote a pre-processor that will preprocess the winsock2 header files including the ws2spi.h from the sdk and churn out a cpp and a def file. These files are then used to create a project.

To use the DLL, just copy the ws2_32.dll to the directory where your application resides.
Eg, c:\temp
Then run your application from there, eg c:\temp\telnet.exe

Depending on what kind of logs you want to see, you can create the following at c:\ before
running the app.

  • c:\winsock2.dll.var (this must be created if u intend to start logging, then content of this file is not important, enter anything)
  • c:\winsock2.dll.log (create this file with any text as the first line, this file will contain logging from the replacement winsock)
  • c:\winsock2.dll.binary.var (create this file with any text as the first line, this file will inform the replacement winsock to also log binary data)

I have used this fun project to intercept and make modifications to some legacy apps running, for eg, some dump apps just insist of listening to port 8888 which some corporate IT admin refuse to forward that port, thus the replacement winsock replace the port to 80 (u get the idea).

You can also use it for eg, to learn about data and protocols, eg put in the firefox folder, or msn messenger...well i guess i leave the rest of the ideas to you.

(* one more thing though, last time i used it was ages ago, before vista came out, so dont ask me for vista version if it doesnt work)

Here, download the complete source code with built binaries of the dll. (no support for this of course, its freeware from me)

codemagnet.winsock2.zip

Have fun!

** Update : See remarks (from Martin) Modified version. (click on the winsock2_getaddrinfo.rar)


Apollo, Flash, Flex, (Ajax). Which way to go ?

Well unless you are living in a tempurung, you probably agree that any cool development in the past few years are web based development. And you would also come to a conclusion that flash is the best dynamic content format that can be employed...well at least for the past few years.
(althought ajax does a decent job, heck who are we fooling, look at those flash sites, ajax btw is not product haha so its not a comparison but i am referring to the effects and results)

Anyway, many developers ask me this question as to whether they should venture full force into application development with flash. Instead of whamming a do-or-die opinion from me, read the following blog :

http://weblogs.asp.net/jezell/archive/2007/05/03/silverlight-vs-flash-the-developer-story.aspx

There....make your own decision.

Device Driver Woes

If you are deploying an IM driver or some other device driver via the dpinst.exe, here are some problems and solution :

1. dpinst says updated, but nothing happens, the old drivers are still used.
Set the DriverVer to some bumped up values and date.

2. dpinst fails to update one of the driver.
Look at \windows\dpinst.log. The error codes are listed there, if the error is service name then you will need to remove that name from the registry under system/services. A reboot is required else you will get an error like 0x6xx.

3. try doing the dpinst /U xxxx.inf , on the previos version to force remove the old version
before you install the new one

4. Do a SnetCfg -l command on the service name (eg ms_passhtru) to replace the drivers.

Reading the entire section on *.INF format in MS doc is a necessity if you intend to do serious driver programming.

Wednesday, October 10, 2007

Moving to .NET : Multilanguage support

Best MultiLanguage Example

The best example no doubt is the one provided by Microsoft :
General_LocalizedHelloWorld.exe

The rest as found in code project are some singalimgam saying and quoting each other and giving half-baked solution.

Multilanguage in .NET (C#)
You will meet a load of problems if you dont follow these steps.
Basically, u need to create Satellite (*.dlls) that contains the resource for each of the language. These dlls are stored in the local directory where the .EXE will be running.
Eg,
en-USAPopup.resources.dll
enAPpopup.resources.dll

The filenames are language-culture shortcut names to use. These are not just alias, it must be EXACT.
Then make sure your ASSEMBLY name and NAMESPACE is same. This is to avoid asking yourself funny questions later on like, what is the resource name to load. You can always rename the *.exe output yourself later on and it will work.

Your code will be put before the InitializeComponent:

Thread.CurrentThread.CurrentUICulture = Thread.CurrentThread.CurrentCulture = new System.Globalization.CultureInfo(“en-US”); // example, or “” for neutral
MyManager = new System.Resources.ResourceManager(“APpopup.Resources.MyResource”, System.Reflection.Assembly.GetExecutingAssembly());
string str = MyManager.GetString(“form2.renew”);
InitializeComponent();


On your C# projects you have to create 2 additional directories, 1 for resource (the resx files) and the other for satellites. You can do this using console but heck its a mess, btter use the IDE. You create this folder by :

1. Right click on your solution on the solution explorer, add new project, select VC++, empty project.Name your project “Resource” for example.
2. Edit the new project properties, set the type to “Utility”. This will get rid of the C++/Linker etc tabs which u wont be using.
3. Set the files need to clean up (eg if resources, *.resources)
4. Add the *.resx files here. You need the names to be like this. If your namespace, assembly is : APpopup. You might want to call it : APpopup.MyResource.resx for the main one. For english-USA (en-US), you call it : APpopup.MyResource.en-US.resx etc.
5. Under the custom build, command line : resgen.exe “$(InputPath)”

Under the output path : $(InputName).resources
Set the dependency of your main project to “Resource” (the above project) so that it will always build that one first before building ur main project.
Now do the same for Satellite folder (Step 1-3). Except you dont have any .resources files to add here. So you need to build the “Resource” project up there first. Now add all the “*.resources” to this project.

Now one more VERY important STEP.On the custom build, command line :
mkdir ../windowsapplication1/bin/$(OutDir)/en-US al.exe /culture:en-US /out:”../windowsapplication1/bin/$(OutDir)/en-US/APpopup.Resources.dll” /embed:”$(InputPath)”,”APpopup.Resources.$(InputFileName)” /template:”../windowsapplication1/obj/$(IntDir)/APpopup.exe” Output : ../windowsapplication1/bin/$(OutDir)/en-US/APpopup.Resources.dll

Create a “Resources” folder directly under your main project (not your solution which u already have created Resources Project). Under this folder put in the neutral resource, MyResource.resx or MyResource.resource. Without this you always get a "tut-tut-tut-censored (these are vulgar curses..LOL)" error on your application when your culture info is neutral : CultureInfo(”")


There, thats all you need to do.

Porting winpkfilter to Vista compilation

Moving the old compilation of winpkfilter that was used for win2k,xp to the new Vista.
However note that from now on, its NDIS 5.1 and no longer 4.0 so it wont work on win2k.
I will be using the IM version and no longer the ndis hook.

1. Set the correct build environment
you willl need to install the winddk. Set a shortcut like this :-
C:\WINDOWS\system32\CMD.EXE /k c:\winddk\5483\bin\setenv.bat c:\winddk\5483 chk WXP

2. Correct the misc problems
- Apparently efilter.h and afilter.h is not used, thus create dummies for these.

- next the ndisrd.rc complains about afxres.h missing, duh... just copy the .h from /vc/atlmfc/include in ur 2005 Visual studio.

- copy the nmsym.exe, nmtrans.dll, msdia20.dll to your new vista pc folder, and make ur reference to these when generating nms for softice. (note to self : sice no longer works on vista move on, debug sice only on wxp machines)

- chkstk.obj is no longer used. So removed it from the sources file.

There, that should do it, type "build" and we're done here. The new driver will work on xp and vista as intermediate driver.