Parameter tampering

Posted by jasper22 at 11:40 | Friday, March 5, 2010

Parameter tampering video: Youtube

Posted via email from jasper22's posterous

SQL Injection tutorial

Posted by jasper22 at 11:38 |

Video on: Youtube

Posted via email from jasper22's posterous

Vs 2005 constantly repainting when running under remote desktop

Posted by jasper22 at 17:16 | Thursday, March 4, 2010

If your running Visual studio 2005 under Terminal services or Remote desktop and you find the editor constantly refreshing ( repainting, flickering ) Disable font smoothing on your remote desk top connection. If you have your heart set on using font smoothing try courier as your editors font.

Patent an Invention

Posted by jasper22 at 17:04 |

You may be cool with open-sourcing your billion-dollar idea, but if you want investor capital, you're going to need a patent.

This article is a wiki. Got extra advice? Log in and add it.

Prove It

One of the US Patent and Trademark Office's requirements for patentability is that your invention is new, useful, and unobvious. Search the USPTO.gov database, trade journals, and any other relevant sources for "prior art" -- that's patent-speak for gizmos that already use your idea. Some similarity is OK, as long as your advances are big enough that "a person of ordinary skill in the art" wouldn't find them "obvious."

NX Server

Posted by jasper22 at 16:21 |

NoMachine NX is an enterprise-class solution for secure remote access, desktop virtualization, and hosted desktop deployment built around the self-designed and self-developed NX suite of components. Thanks to its outstanding compression, session resilience and resource management
and its integration with the powerful audio, printing and resource sharing capabilities of the Unix world, NX makes it possible to run any graphical application on any operating system across any network connection. Via
NX accessing remote desktops, servers and applications, whatever their location, is just as fast, easy and secure as if you were sitting in front of them. Together with easy-to-use management, deployment, and monitoring tools, NoMachine NX makes it possible to transform any traditional desktop computing environment into a centrally managed, globally accessible, virtual desktop infrastructure.

NX Free Edition

A complete solution for remote access to your Unix workstation. It allows 2 users to connect at the same time no matter what their location is, and share the desktop. NX Free Edition is incredibly easy to install and run, leverages the competence and quality of the company that makes NX and, most importantly, is free forever.

Privacy With a 4096 Bit RSA Key — Offline, On Paper

Posted by jasper22 at 16:06 |

Online backup is practical, but can it offer any privacy? The Dutch security company Safeberg developed an Offline Private Key Protocol, with an asymmetric key scheme. The protocol demands that the private (decryption) key be stored away from the 'source' computer, which presumably is 'too vulnerable.' The catch is that the private key needs to be fairly large to be secure: a 4,096-bit RSA key should suffice for some years. But how to store an 800-character key offline? Safeberg introduces a machine readable paper key, with the 4k-bit key crammed in a giant 2D Datamatrix barcode. This video on key strength tells the story

Microsoft confirms the 'F1' key as potentially deadly

Posted by jasper22 at 15:51 |

Look at it up there, in the top left corner, just above your middle finger, all innocuous-looking... just gagging to be depressed... you could just give F1 a little tickle, no one would know... STOP! Don't do it! At least, not if you're on Windows 2000, XP or Server 2003. A few days ago a warning appeared on Microsoft's Security Response Center, in it they detailed an attack involving pop-up boxes and the F1 key. There's now a full Security Advisory on the issue, and if you're running one of the affected operating systems you should read it.

In essence: if you hit F1 in response to a pop-up dialog, an attacker could execute arbitrary code (i.e. hack you). All it takes is some cleverly-crafted VBScript -- but Microsoft says it's not aware of any such attacks currently in the wild.

oDesk

Posted by jasper22 at 11:07 |

About Us - The Marketplace for Online Workteams

Whether you are looking for new talent or already have a remote team, oDesk offers a complete solution for working online.

oDesk is the marketplace for online workteams, with the best business model for both buyers and providers. Our unique approach guarantees to buyers that an hour billed is an hour worked, while guaranteeing to providers that an hour worked is an hour paid.

This win-win approach attracts more work to oDesk than to any other online work marketplace. Each month, thousands of companies of all sizes post jobs on oDesk, representing more than $65,000,000. At the same time, hundreds of thousands of top-notch professionals, including web developers, software programmers, graphic designers, writers, customer service representatives and virtual assistants, offer their services through oDesk.

With an average job size of $5,000, oDesk is the best place to find meaningful work and top-flight talent. More than doubling in size each year since 2004, oDesk is where companies are building their entire organizations online and is the primary source of income for thousands of providers. oDesk is truly changing how the world works.

Microsoft Interview Questions & Answers

Posted by jasper22 at 11:05 |

I recently visited Microsoft's Silicon Valley campus and interviewed with the Hotmail group. If you've never had a Microsoft interview, realize that they are very different than the standard interview. You won't be asked any of those questions like, "What is your greatest weakness," or, "Where do you want to be in five years?" Rather, a Microsoft interview typically contains a number of brain teasers and coding questions. In fact, you can read interview questions from my internship interviews.

Here are the questions I was asked, accompanied with the answers right below the question! So, once you reach the end of the question, don't read any further unless you want to immediately know the answer! Anyway, here goes:

Question: How could you determine if a linked list contains a cycle in it, and, at what node the cycle starts?

Answer: There are a number of approaches. The approach I shared is in time N (where N is the number of nodes in your linked list). Assume that the node definition contains a boolean flag, bVisited.

struct Node
{
...
bool bVisited;
};

Then, to determine whether a node has a loop, you could first set this flag to false for all of the nodes:

// Detect cycle
// Note: pHead points to the head of the list (assume already exists)
Node *pCurrent = pHead;
while (pCurrent)
{
pCurrent->bVisited = false;
pCurrent = pCurrent->pNext;
}

Then, to determine whether or not a cycle existed, loop through each node. After visiting a node, set bVisited to true. When you first visit a node, check to see if the node has already been visited (i.e., test bVisited == true). If it has, you've hit the start of the cycle!

bool bCycle = false;
pCurrent = pHead;
while (pCurrent && !pCycle)
{
if (pCurrent->bVisited == true)
// cycle!
pCycle = true;
else
{
pCurrent->bVisited = true;
pCurrent = pCurrent->pNext;
}
}

A much better approach was submitted by 4Guys visitor George R., a Microsoft interviewer/employee. He recommended using the following technique, which is in time O(N) and space O(1).

Use two pointers.

// error checking and checking for NULL at end of list omitted
p1 = p2 = head;

do {
p1 = p1->next;
p2 = p2->next->next;
} while (p1 != p2);

p2 is moving through the list twice as fast as p1. If the list is circular, (i.e. a cycle exists) it will eventually get around to that sluggard, p1.

Thanks George!

Question: How would you reverse a doubly-linked list?

Getting Started with Building Windows Mobile Solutions with Visual Studio and Windows Mobile 6 SDK

Posted by jasper22 at 11:03 |

This article focuses on how to develop Windows Mobile .NET Compact Framework offline client solutions. .NET Compact Framework (.NET CF) is a subset of the full Microsoft .NET Framework, with all the functionality that you must have to deliver powerful enterprise applications for the Windows Mobile platform. Visual Studio 2008 has built-in support for both the .NET Compact Framework 2.0 and .NET Compact Framework 3.5.
Visual Studio and .NET Compact Framework

Developers who develop desktop applications that use Visual Studio have all the necessary tools and knowledge to develop solutions for Windows Mobile platform. Of course, there are differences between the desktop and mobile platform, and you have to approach each differently. However, the programming concepts remain the same.

You have to answer the following questions before you start to develop a Windows Mobile solution:

* What development tools do you have and want to use?
* What platform do you want to target, Smartphone or Pocket PC?
* What version of the .NET Compact Framework do you want to use?

Answers to earlier questions influence the direction you take with your project and how you start it. Other business-related considerations can also influence your decisions:

* Do you want to create offline or online solution?
* How expensive is your connection?
* Do you want touch screen functionality?
* Are you targeting multiple form factors or a single platform?
* What are your security requirements?

After you analyze and answer all these questions, you are ready to take the correct direction with the project. This paper focuses on how to develop Windows Mobile .NET Compact Framework offline client solutions.

Class and object references

Posted by jasper22 at 10:46 |

Further to my previous post which introduced classes and objects as a way of storing unliked-typed variables I’ll now describe how to reference different objects and discriminate between different objects of the same class giving you the power to define, manipulate and disregard objects within your code.

Discriminating between objects

Using my previous Vehicle class.

Vehicle car1 = new Vehicle();
car1.sManufacturer = "BMW";
car1.sModel = "Five Series";

Vehicle car2 = new Vehicle();
car2.sManufacturer = "Ford";
car2.sModel = "Fiesta";

Creating an object car2 and assigning it the manufacturer “Ford” has no effect on the car1 object. The ability to discriminate between objects is the real power of the class construct. Objects can be created, manipulated and dispensed with in isolation from other objects of the same class.

Excel as a document-oriented NoSQL database

Posted by jasper22 at 10:45 |

I’ve been a long time fan of CouchDB, one of the many NoSQL databases to appear in the last few years. CouchDB is a document-oriented database, which with solid B-tree indexing and easy replication, topped off by a MapReduce style view mechanism, puts it up there as a best-of-breed noSQL datastore.

Now it may seem strange that somebody whose SQL – does exactly what it says on the tin post clearly marks him out as an RDBMS fanboy, can also sing the praises of a noSQL database. Are they not mutually exclusive? To many, particularly in the noSQL world, this appears to be the case, with some clearly determined to re-invent the wheel, ignoring the lessons learned by relational database practitioners.

The main advantage to me of document-oriented databases, such as CouchDB, is the ease of setup and subsequent pain-free evolution of data models that comes with a schema-less database. The main disadvantage is the relative rigidity of downstream analysis built into most such databases. MapReduce, such as used by CouchDB, is fine for predefined views developed by programmers, but as we know, reporting never stops; datastores front-ended by a SQL interpreter open up the data within to a much wider audience (be that through hand-crafted SQL queries or more likley via reporting-tool generated SQL)

15 Quality Web-Based Applications to Create Mock-Ups and Wireframes

Posted by jasper22 at 10:44 |

To effectively manage a project with very little mistakes, you must make it a priority to plan. Diving into the development process with not a single clue as to what elements go where or how certain aspects of a websites interface differ from one another is dooming yourself to hard-earned headaches.

For as long as humans have been able to hold a pen and a paper in hand, we have been prototyping and although different from now, “wireframing“. This dates back to thousands of years ago when architects and artists began converting their artwork into an actual physical presence.

This is to outline that we are no strangers to the planning, prototyping, and executing process.

Hot Gloo
Mockingbird
Pencil Project
(more..)

How to package and deploy COM component

Posted by jasper22 at 10:42 |

I’ll use a walkthrough example to show how to package a web application with speech API COM component using Visual Studio 2010. I wrote and tested the sample in Win7 x86 with IIS7.5, and packaged and manually installed to win2k3 x86 IIS6 (which only had 3.5 framework installed).

1. Create a C# 3.5 web application
2. Add COM reference to “Microsoft Speech Object Library”

Posted via email from jasper22's posterous

SQL SERVER – Rollback TRUNCATE Command in Transaction

Posted by jasper22 at 10:41 |

This is very common concept that truncate can not be rolled back. I always hear conversation between developer if truncate can be rolled back or not.

If you use TRANSACTIONS in your code, TRUNCATE can be rolled back. If there is no transaction is used and TRUNCATE operation is committed, it can not be retrieved from log file. TRUNCATE is DDL operation and it is not logged in log file.

Update: (Based on comments of Paul Randal) Truncate *IS* a logged operation, it just doesn’t log removing the records, it logs the page deallocations.

Following example demonstrates how during the transaction truncate can be rolled back.

Posted via email from jasper22's posterous

Pushing the Limits of Windows: USER and GDI Objects

Posted by jasper22 at 10:39 |

So far in the Pushing the Limits of Windows series, I’ve focused on resources managed by the Windows operating system kernel, including physical and virtual memory, paged and nonpaged pool, processes, threads and handles. In this and the next post, however, I will explore two resources managed by the Windows window manager, USER and GDI objects, that represent window elements (like windows and menus) and graphics constructs (like pens, brushes and drawing surfaces). Just like for the other resources I’ve discussed in previous posts, exhausting the various USER and GDI resource limits can lead to unpredictable behavior, including application failures and an unusable system.

Sessions, Window Stations and Desktops

There are a few concepts that make the relationship between USER objects, GDI objects, and the system more clear. The first is the session. A session represents an interactive user logon that has its own keyboard, mouse and display and represents both a security and resource boundary.

The session concept was first introduced with Terminal Services (now called Remote Desktop Services) in Windows NT 4 Terminal Server Edition, where the physical display, keyboard and mouse concepts were virtualized for each user interactively logging on to a system remotely, and core Terminal Services functionality was built into Windows 2000 Server. In Windows XP, sessions were leveraged to create the Fast User Switching (FUS) feature that allows you to switch between multiple interactive logins on the same physical display, keyboard and mouse.

Thus, a session can be connected with the physical display and input devices attached to the system, connected with a logical display and input devices like ones presented by a Remote Desktop client application, or be in a disconnected state like exists when you switch away from a session with Fast User Switching or terminate a Remote Desktop Client connection without logging off the session.

Memory Issues? Not to worry.

Posted by jasper22 at 10:37 |

In QuickUnit we develop a Visual Studio addin which allows developers to easily create quality unit tests. It’s a rather complicated, highly extensible, code-analysis and code-generation, .net application, with a rather complex UI layer (but with a simple UX). We use WPF (on MVVM) for the UI infrastructure, and make very heavy use of viewmodel objects, data bound to data templates.

We’ve encountered a scenario where our memory consumption started growing, after every action which basically only re-rendered the UI. ProcessExplorer was kind enough to show us that the gen2 heap was growing steadily, and GC collections had no effect. Basically, the classic telltale signs of a managed memory leak.

Our first mistake was to try to find the leak manually, by code reviews. We’re a strong, two-man team, and we know the code pretty darn well, so we figured this was only a matter of catching the ill-written line or two. The second mistake was finding an ill-written line or two which made us feel good about solving the problem. J

After realizing that our solution did not help one bit – we told ourselves to get serious about it, and start profiling. Oh, the Ants Memory profiler kicks so much ass... After adding a “GC Collect” button to our application (a great feature to have in any memory profiler, btw) we were good to go.

Posted via email from jasper22's posterous

Big Day in MonoLand

Posted by jasper22 at 10:35 |

Mark Probst found and squashed one of the hardest bugs in our upcoming garbage collector. Pablo from Codice has been testing the new GC under stress and posted a nice message to the list.

Plenty of great feedback on deprecating old libraries and tools from Mono. We will have a lighter distribution. As things are coming together so fast and we are now well into the features we had planned for 3.0, we might end up just calling the next version 3.0 instead o 2.8.

Andreia got Moonlight running on Chrome.

NServiceBus

Posted by jasper22 at 10:34 |

Designed for collaboration between business-oriented services, NServiceBus is not a replacement for RPC technologies like WCF. Successful SOA and DDD projects use a mix of approaches and technologies - not just NServiceBus for communications. Here you'll find the similarities and differences between NServiceBus and its Microsoft counterparts.

Closer to WCF than to BizTalk

When many people hear the term "service bus" they picture a central box which all communication goes through, like BizTalk. That's actually a description of the Broker architectural style, not the Bus architectural style. A bus isn't necessarily a physical entity. In that respect, NServiceBus is more similar to WCF than it is to BizTalk.

There is no physical WCF one can point to in the network topology. WCF is part of the infrastructure that is run in-process with a given application's code. NServiceBus is the same.

Kernel Update Compatibility Assessment Tool (KB980966)

Posted by jasper22 at 10:30 |

This package contains a Kernel Update Compatibility Assessment Tool that administrators can use to determine whether the computers in an enterprise environment are compatible with security update MS10-015. The package also contains a sample script that can be leveraged to help automate an enterprise wide compatibility assessment.

Kernel Stack Overflows

Posted by jasper22 at 10:29 |

Hello, this is Omer, and today I would like to talk about a common error that we see in a lot of cases reported to us by customers. It involves drivers taking too much space on the kernel stack that results in a kernel stack overflow, which will then crash the system with one of the following bugchecks:

1. STOP 0x7F: UNEXPECTED_KERNEL_MODE_TRAP with Parameter 1 set to EXCEPTION_DOUBLE_FAULT, which is caused by running off the end of a kernel stack.

2. STOP 0x1E: KMODE_EXCEPTION_NOT_HANDLED, 0x7E: SYSTEM_THREAD_EXCEPTION_NOT_HANDLED, or 0x8E: KERNEL_MODE_EXCEPTION_NOT_HANDLED, with an exception code of STATUS_ACCESS_VIOLATION, which indicates a memory access violation.

3. STOP 0x2B: PANIC_STACK_SWITCH, which usually occurs when a kernel-mode driver uses too much stack space.
Kernel Stack Overview

Each thread in the system is allocated with a kernel mode stack. Code running on any kernel-mode thread (whether it is a system thread or a thread created by a driver) uses that thread's kernel-mode stack unless the code is a DPC, in which case it uses the processor's DPC stack on certain platforms. Stack grows negatively. This means that the beginning (bottom) of the stack has a higher address than the end (top) of the stack. For example, let's stay the beginning of your stack is 0x80f1000 and this is where your stack pointer (ESP) is pointing. If you push a DWORD value onto the stack, its address would be 0x80f0ffc. The next DWORD value would be stored at 0x80f0ff8 and so on up to the limit (top) of the allocated stack. The top of the stack is bordered by a guard-page to detect overruns.

Five Indispensable MySQL Tools

Posted by jasper22 at 10:28 |

In the twelve years since first being introduced to MySQL, I've spent a substantial part of my professional life interacting with the database. Like any long-term relationship, my success using MySQL can largely be attributed to how well I've been able to communicate effectively with the database. Thanks to a number of well-designed tools, MySQL simply is a very easy database to "talk to," a convenience which is particularly important because developers often are tasked not only with constructing very complex schemas and queries, but also with monitoring overall server health and performance. The latter often is a unique blend of art and science.

In this article, I introduce you to five indispensable MySQL tools, including some that I've used for more than a decade and one that I've been using for only about two weeks yet am already wondering how I ever got along without it.

phpMyAdmin
MySQL Workbench
(more..)

CryEngine3 goes 3D

Posted by jasper22 at 10:27 |

Stereoscopic 3D tech built into the newest edition of CryEngine; can be used for 360, PS3 and PC projects

Frankfurt-headquartered Crytek has integrated 3D technology into its newest platform, the CryEngine 3.

The independent game and tools company will be giving a presentation of its new hardware at this year’s GDC expo in San Francisco.

The firm states that, for the very first time, developers can use stereoscopic 3D tech built into the newest edition of the CryEngine.

“After the successful introduction of CryEngine3 at last year’s GDC, we are really excited to show the latest version of our all-in-one game development solution this year in stereoscopic 3D,” said Carl Jones, CryEngine’s director of global business development.

MSDN Magazine: March 2010 Issue

Posted by jasper22 at 10:07 |

The Online edition of the MSDN Magazine’s March edition is available now, with articles on IIS Smooth Streaming, Multitouch in Silverlight 3, Thread performance tuning with the VS2010 Concurrent Visualizer, and testing Silverlight applications using messages, along with the usual regular articles and columns.

Cryptome Spying guides as a Digital Forensic Resource

Posted by jasper22 at 18:34 | Wednesday, March 3, 2010

These documents were created to assist Law enforcement and appropriate investigators of what can be provided and the methodology for request. The guides were generally considered confidential in nature when distributed. It is not my intent to break confidentiality of the source or creator. It is intended to assist in digital forensic discovery. Many of these documents are strictly intended for Law Enforcement and not corporate investigations. This should not deter the reader in my opinion using the contact information provided.

The published documents contain appropriate process for requests and available detail from the source. Some links listed are example documents or public record examples of evidence gathered. The guides/handbooks were originally created and provided for informational purposes to all law enforcement and legal requests.

The following sources have been referenced and published from Cryptome.org:

Microsoft – http://cryptome.org//isp-spy/microsoft-spy.zip
Paypal – http://cryptome.org/isp-spy/paypal-spy.zip
MySpace – http://cryptome.org/isp-spy/myspace-spy.pdf
Facebook – http://cryptome.org/isp-spy/comcast-spy.pdf
AOL – http://cryptome.org/isp-spy/aol-spy.pdf
Skype – http://cryptome.org/isp-spy/skype-spy.pdf
Cox Communications – http://cryptome.org/isp-spy/cox-spy.pdf
(more...)

glTail.rb

Posted by jasper22 at 18:30 |

glTail.rb - Realtime log visualization

FEATURES

* Real-Time
* Multiple logfiles on multiple servers
* Configurable layout
* Multiple logfile parsers
(Apache Combined, Rails, IIS, Postfix/spamd/clamd, Nginx, Squid, PostgreSQL, PureFTPD, MySQL, TShark, qmail/vmpop3d)
* Custom events
* Show rate, total or average
* If you can 'tail' it, you can visualize it
* Written in Ruby using net-ssh, chipmunk & ruby-opengl
* Free! (GPLv2)

Packet Garden

Posted by jasper22 at 18:27 |

Packet Garden captures information about how you use the internet and uses this stored information to grow a private world you can later explore.

To do this, Packet Garden takes note of all the servers you visit, their geographical location and the kinds of data you access. Uploads make hills and downloads valleys, their location determined by numbers taken from internet address itself. The size of each hill or valley is based on how much data is sent or received. Plants are also grown for each protocol detected by the software; if you visit a website, an 'HTTP plant' is grown. If you share some files via eMule, a 'Peer to Peer plant' is grown, and so on.

How to Find the Owner of a Named Pipe

Posted by jasper22 at 12:15 |

This is a follow-up on the LPC hang blog. The same hang troubleshooting techniques apply to this, but when a named pipe is involved you’ll have to use a slightly different method to following the chain from a client application to the server application. For the purpose of this exercise I’ll use the named pipe server (http://msdn2.microsoft.com/en-us/library/aa365588.aspx) and client (http://msdn2.microsoft.com/en-us/library/aa365592.aspx) given by MSDN.

Amazing leaf art by Leaf Carving Art in California

Posted by jasper22 at 18:04 | Tuesday, March 2, 2010

25 Bizzare house design

Posted by jasper22 at 17:59 |

Red more: Wonders World

Posted via email from jasper22's posterous

Aurora Attack — Resistance Is Futile, Pretty Much

Posted by jasper22 at 15:13 |

Do you have branch offices in China? iSec has published a new report (PDF) outlining the severity of the attacks on Google.cn, allegedly by the Chinese government, dubbed 'Aurora' attacks. Up to 100 companies were victims, and some are speculating that resistance to such attacks is futile. The report lays out the shape of the attacks — which were customized per-company based on installed vulnerable software and antivirus protection: '1. The attacker socially engineers a victim, often in an overseas office, to visit a malicious website. 2. This website uses a browser vulnerability to load custom malware on the initial victim's machine. 3. The malware calls out to a control server, likely identified by a dynamic DNS address. 4. The attacker escalates his privilege on the corporate Windows network, using cached or local administrator credentials. 5. The attacker attempts to access an Active Directory server to obtain the password database, which can be cracked onsite or offsite. 6. The attacker uses cracked credentials to obtain VPN access, or creates a fake user in the VPN access server. 7. At this point, the attack varies based upon the victim. The attacker may steal administrator credentials to access production systems, obtain source code from a source repository, access data hosted at the victim, or explore Intranet sites for valuable intellectual property.' The report also has pages of recommendations as well as lessons learned, which any systems administrator — even those inside the US — should read and take note of.

The Complete Guide to Windows System Restore (It's Better than You Remember)

Posted by jasper22 at 14:53 |

Most of us remember Windows System Restore as a lame-duck feature from Windows XP; when it seemed we might benefit from using it, it never quite worked how we expected. That's no longer the case.

Windows System Restore is an awesome system recovery tool, and it's included with Windows for free. It's the ideal solution for rolling back bad drivers, fixing when buggy software breaks your PC, or simply rolling you back to a previous point in time. If you've still got a bad taste in your mouth from the lackluster XP version of System Restore, it's time to take a look at it again if you've upgraded to Windows 7 or Vista.
System Restore in Windows 7 Is Better than XP

If you've ever tried the XP variety of System Restore, the uselessness of it probably left a bad taste in your mouth. Setting a system restore point was often agonizingly slow, and when it came time to actually attempt a system restore, it rarely did what you wanted it to do. But if you've upgraded to Vista or Windows 7, you should really give System Restore another chance.

Skinput: because touchscreens never felt right anyway

Posted by jasper22 at 13:06 |

Microsoft looks to be on a bit of a hot streak with innovations lately, and though this here project hasn't received much hype (yet), we'd say it's one of the most ingenious user interface concepts we've come across. Skinput is based on an armband straddling the wearer's biceps and detecting the small vibrations generated when the user taps the skin of his arm. Due to different bone densities, tissue mass and muscle size, unique acoustic signatures can be identified for particular parts of the arm or hand (including fingers), allowing people to literally control their gear by touching themselves. The added pico projector is there just for convenience, and we can totally see ourselves using this by simply memorizing the five input points (current maximum, 95.5 percent accuracy), particularly since the band works even if you're running. Make your way past the break to see Tetris played in a whole new way.

Difference between ASP.NET Sessions, Application variables and Cache objects.

Posted by jasper22 at 11:38 |

When developers start with ASP.NET Web Forms the question I always get is; where is the best place to store user information, the application variable, the session state, cookies, database or the cache objects?

This is not an easy answer there are so many variables and options. In a nutshell Session state can make a big difference depending there that session state is also stored, depending on so many factors, how many servers you going to need? how many users you need to support?

Please find the code below to test for yourself how Session, Application and Cache variables work.

In the previous post, you can see how Cache has a callback when the object gets remove from memory.

The difference from an Application variable and Cache is mainly that you can assign the time the Cache variable will be stored in memory.

Top 10 Silverlight Myths and the Facts to Bust Them

Posted by jasper22 at 11:28 |

Silverlight is a client side plug-in based technology that has been in production since late 2007. I've been a web developer for well over a decade now, and recently have focused almost exclusively on Silverlight since version 3.0 was released. It astounds me how many people still resist Silverlight because they either don't understand what it is or haven't taken the time to research the capabilities it provides. Silverlight is a strong, mature technology that is being used on production sites to deliver powerful applications right here, right now. It's not emerging and it's not experimental.

From my experience answering questions about Silverlight on both Twitter and various forums and discussion groups, I've come up with ten common myths that I hear of over and over again. My hope is this one post can serve as a central place to address those myths, provide the facts that bust the myths, and help potential Silverlight users and developers better understand and take advantage of what I consider to be amazing technology. Feel free to share your thoughts in the comments at the end of this post and share this link with anyone who will gain value learning about the truth!

Myth: "Silverlight is mainly for video."

Fact: Video is only the tip of the iceberg.

Silverlight is a cross-browser, cross-platform, and cross-device plug-in used for creating rich applications on the Internet. In addition to a powerful video stack that makes it easy to deliver video using most of the widely available codecs, Silverlight also boasts a powerful client networking stack (making it easy to connect to third-party services like Facebook and Twitter, using SOAP, REST, or even raw TCP sockets). It has a robust data access model that uses a concept known as data-binding to render data. This makes it ideal for line of business applications due to the relative ease of taking business classes and exposing the data through a rich, interactive user experience. Silverlight also boasts a very robust layout and styling engine and comes with literally hundreds of controls and behaviors ready to be integrated into your applications.

To see what's possible with Silverlight, take a look at the Silverlight Showcase. For an example of how Silverlight provides an effective "line of business" experience, check out Microsoft's Health CUI Patient Journey Demonstrator.

Myth: "Silverlight requires Microsoft web servers to run."

MMORPG programming in Silverlight Tutorial: Animate the object

Posted by jasper22 at 11:26 |

Now, there are so many articles to introduce how to create animation in XAML by Blend, so I don’t plan to say more on this topic. It make many people puzzled “Silverlight is just Microsoft’s Flash, no difference”. If you follow this style, it will make no sense.
We must do something to show all the potential of the Silverlight in game domain. So in my tutorial, I will use C# rather than XAML as possible as I can. It is more flexible in game architecture than Flash; at last, all the tutorials will make up a game engineer, which is my purpose that I want to achieve.

Let’s return to the topic of this article, “How to create animation on object?”

In Silverlight, there are 3 methods to create animation.

1) Storyboard
This method is recommended by Microsoft, so I introduce it at first.
Now I will do a demo to show how to use Storyboard in C#.

1st, create a Silverlight project, open the MainPage.xaml, modify the xaml file as follows:

In this snippet code, I create a canvas named Carrier, and set its dimension to 800 * 600. I set its background to Silver, donot remove the background color, otherwise, if there is nothing in the canvas, it’s MouseLeftButtonDown event won’t be hired.

Why I use Canvas as my container? Because canvas can do absolute positioning, it is convenient to handle object’s moving on it.

Posted via email from jasper22's posterous

עבודה עם קבצי Wim חלק א

Posted by jasper22 at 11:24 |

כפי שכבר הזכרתי בבלוג שלי כאן Wim היא הטכנולוגיה של מיקרוסופט ליצירת קבצי image כאשר הראיון המרכזי הוא שניתן לבצע את יצירת האימ'ג בתהליך לכידה באמצעות כלים כגון : imagex ו dism .

בחלק זה אתייחס ל לעבודה עם Wim באמצעות הכלי של imagex

WIm – מה זה ? נתחיל מהראשי תיבות Windows Imaging Format(WIm) .

החל מגרסת מערכת הפעלה ויסטה שיטת ההפצה השתנתה למבנה של Images וגם סיפקה כלי נחמד שנקרא ImageX .

בואו נפרט מה מכיל ה image או למעשה ה WIM :

אז למעשה מדובר ב image שמבוסס על file based (קבצים ) להבדיל מ images הקודמים שהתבססו על sector based , כמובן ששימוש ב Image מבוסס file מאפשר לנו מספר יתרונות על שאר images :

1. Wim לא תלותי בחומרה – כלומר ניתן לייצר קובץ אחד שיתאים למספר מחשבים .

2. קובץ wim אחד יכול להכיל מספר images בתוכו , ניתן לאחסן Images עם או בלי תוכנות בתוך wim אחד ,במקביל ניתן לסמן image כ bootable מה שאומר שניתן לאתחל את המחשב מקובץ WIM .

3. מאפשר דחיסה ברמת הקובץ .

4. מאפשר עבודה על קובץ במצב offline ניתן למחוק מהimage דרייברים או תוכנות בלי ליצור Image חדש. במקום לבזבז שעות על יצירת image ועדכון שלו מה שהיה מקובל ב XP רק נזכיר למי ששכח ב XP אם רצית להוסיף עדכון ל image שהכנת היית חייב לאתחל את המחשב עם המאסטר image להוסיף את ה עדכון ואז להכין את ה Image מחדש , החל מויסטה ניתן להוסיף את העדכון ב offline .

5. ה wim מאפשר לך להתקין את ה image על מחיצות ללא תלות בגודל המחיצה ,שלא כמו ב image מבוססי sector היית צריך להפיץ את ה image למחיצה באותו גודל או גדולה יותר מהמקור .

אלו למעשה עיקר היתרונת של פורמט wim זכרו file based image לעומת sector-based-image .

Getting started with code signing for under $100

Posted by jasper22 at 11:22 |

I recently jumped in and acquired an Authenticode code signing certificate & key pair. It’s great being able to sign my .NET executables, installers, and even Visual Studio 2010 extensions.

I’m documenting my efforts here in the hope that others would be able to follow the relatively straightforward process – there’s not much magic other than learning to export and work with the certificate mechanisms inside Windows. But I know a lot of devs see it as a black magic art, and really it’s just about time, money, and some quick learning.

Windows 7 is leaps and bounds ahead of Vista in terms of usability. The improved User Account Control experience is nice. I think that a lot of people are finally becoming more wary of unsigned software, especially installers.

With the net full of stories of mirror servers becoming compromised, or people blinding clicking yes on many dialogs, the assurance of the dialog without the scary orange warning banner is the one I think every software developer would like to offer their customers. It’s the professional thing to do.

So here we are, from start (no cert) to finish (signing a .NET app). It only took about two days to go through the identity verification process, but the time was well worth it – and the rest is easy given the nice signing tools in Windows and Visual Studio.

We’ll be getting a certificate & private key through a trusted root certificate authority (CA) provider, not test signing or self-signing. If you’ve ever purchased an SSL certificate for your web servers, similar process.

For a list of current program members, see this download on the Microsoft site – there are hundreds of businesses and governments in the program.

Some corporate IT departments will have their own internal CA, so although those companies can sign apps for internal use, using them on machines without that CA cert installed will yield the un-trusted publisher dialog.

Microsoft Visual Studio Test Professional 2010 RC – ISO

Posted by jasper22 at 11:19 |

Microsoft® Visual Studio® Test Professional 2010 is a specialized toolset for quality assurance professionals, which delivers a brand new experience for test planning and manual test execution. Help eliminate waste across the application lifecycle and embrace change through the use of Test Impact Analysis, rich actionable bug filing and Fast Forward for manual testing. Create transparency and allow for better decision making through reporting integration with SharePoint. Aligns test teams with the application lifecycle, break the silos across your development and testing teams and enable them to collaborate more effectively. When combined with Visual Studio Lab Management 2010, Test Professional 2010 allows you to extend its capabilities to virtualized lab environment management and help accelerate your development and test lifecycles.

For more information on Visual Studio 2010 and the .NET Framework 4 visit http://www.microsoft.com/visualstudio/products/2010/default.mspx

Desktop Dimmer

Posted by jasper22 at 11:16 |

A simple application for dimming the desktop around windows, videos, or other media.

Windows Debuggers: Part 1: A WinDbg Tutorial

Posted by jasper22 at 16:40 | Monday, March 1, 2010

Table of contents

* Introduction
o Overview of Debuggers
o Comparison of Debuggers
o WinDbg
o PDB files
* Debugging Scenarios
o Remote Debugging
o Just-in-time Debugging
o 64-bit Debugging
o Managed Debugging
o Debugging Services
o Debugging Exceptions
* WinDbg Features
o Debugger Extension DLLs
o Dump Files
o Crash Dump Analysis
* WinDbg Settings
o Symbol Files and Directories
o Source Code Directories
o Breakpoints, Tracing
* Commands
o Basic Commands
o More Commands
o Handy Extension Commands
* Example
o Suggested Exercises
* Epilogue
o Points to Note
o Q & A
* References

Introduction

In my professional career, I have seen most of us use Visual Studio for debugging but not many of the other debuggers that come for free. You may want such a debugger for many reasons, for example, on your home PC which you do not use for development but on which a certain program crashes from time to time. From the stack dump, you can figure out if IE crashed because of a third party plug-in.

I did not find any good quick starters for WinDbg. This article discusses WinDbg with examples. I assume you know the basic concepts of debugging – stepping in, stepping out, breakpoints and what it means to do remote debugging.

Note that this is meant to be a Getting Started document, which you can read and start using WinDbg. To know more about specific commands, consult the WinDbg documentation. You can use the commands presented in this document with any debugger provided by Microsoft, e.g. from the Command window of Visual Studio .NET.

This article is based on WinDbg 6.3.

This is the first of a series of articles on debugging. In my next article, I shall explain how to write debugger extension DLLs.

WinDbg / SOS Cheat Sheet

Posted by jasper22 at 16:13 |

Starting, Attaching, Executing and Exiting

	Start -> All Programs -> Debugging Tools for Windows -> WinDbg
F6	attach to process
Ctrl-Break	interrupt debugee
.detach	detach from a process
g	continue debugee execution
q	exit WinDbg

Getting Help

?	help on commands that affect the debugee
.help	help on commands that affect the debugger
.hh command	view the on line help file
!help	help on the extension dll at the top of the chain (e. g., SOS)

Issuing Commands

up arrow, down arrow, enter	scroll through command history
Right mouse button	paste into command window

Examining the Unmanaged Environment

lmf	list loaded modules with full path
lmt	list loaded modules with last modified timestamp
~	list unmanaged threads
~thread s	select a thread for thread specific commands
!token -n	view thread permissions
k	view the unmanaged call stack
!runaway	view thread CPU consumption
bp	set a breakpoint
.dump path	dump small memory image
.dump /ma path	dump complete memory image

Working with Extension DLLs (e. g., SOS)

.chain	list extensions dlls
.load clr10\sos	load SOS for debugging framework 1.0 / 1.1
.unload clr10\sos	unload SOS
.loadby sos mscorwks	load SOS for debugging framework 2.0

SOS Commands

!threads	view managed threads
!clrstack	view the managed call stack
!dumpstack	view combined unmanaged & managed call stack
!clrstack -p	view function call arguments
!clrstack –l	view stack (local) variables
!name2ee module class	view addresses associated with a class or method
!dumpmt –md address	view the method table & methods for a class
!dumpmd address	view detailed information about a method
!do address	view information about an object
!dumpheap –stat	view memory consumption by type
!dumpheap –min size	view memory consumption by object when at least size
!dumpheap –type type	view memory consumption for all objects of type type
!gcroot address	view which object are holding a reference to address
!syncblk	view information about managed locks

SOS 2.0 Commands

!bpmd module method	set breakpoint
!DumpArray address	view contents of an array
!PrintException	view information about most recent exception

TreeView and XmlDataSource

Posted by jasper22 at 14:24 |

נניח שרוצים לקשר בין TreeView לבין קובץ xml

נקח לדוגמא את קובץ שערי המטבעות מבנק ישראל (שאפשר גם לעבוד איתו מקוד)

ונרצה להציג אותו ב - Tree

כשנכתוב קוד כזה

<asp:TreeView ID="TreeView1" runat="server" DataSourceID="XmlDataSource1">

</asp:TreeView>

<asp:XmlDataSource ID="XmlDataSource1" runat="server"

DataFile="~/currency.xml"></asp:XmlDataSource>

כלומר נקבל את המבנה ולא את המידע בעצמו.

Mono, MonoTouch + C# vs. iPhone SDK + Objective-C

Posted by jasper22 at 12:42 |

Так сложилось, что моя деятельность в качестве разработчика программного обеспечения связана как с iPhone, так и с .NET технологиями. Если говорить, что первично, то это, конечно, .NET и C#, поэтому информация будет подана с точки зрения дотнетчика.

В статье хочу рассказать о небольшом опыте разработки одного проекта одновременно на mono с использованием MonoTouch и на родном Objective-C.
Описание проекта

Необходимо было разработать красивый эффект перелистывания страниц для одного iPhone приложения. Хороший пример того, что нужно было сделать, был найден в интернете в виде Silverlight-приложения.
Вариант №1: Mono + MonoTouch

Думаю, не нужно говорить, что такое Mono.

MonoTouch позволяет писать приложения на C# и компилировать их для iPhone, а также использовать .NET библиотеки.

Полный набор программного обеспечения:

* Apple Mac OS X
* утановленный Mono для Mac OS X
* MonoDevelop
* MonoTouch

Read more: Блог Краковецкого Александра

Posted via email from jasper22's posterous

MoleBox - Software Virtualization and Protection Solution

Posted by jasper22 at 12:41 |

Why Virtualize Your Software

Traditional software installation process frequently requires administrator privileges, includes installation and registration of many components, and takes minutes or even hours of time. Another application using different versions of the same components may corrupt your installation. Virtualization solves all these problems, making software portable and allowing it to run instantly, independent of user privileges.

MoleBox Virtualization Solution

Built on a new technology, MoleBox Solution offers improved virtualization and reliable protection for native and .NET applications.
MoleBox is a software virtualization and protection tool that allows delivering your application as a portable stand-alone secure EXE file which runs instantly with zero installation.
MoleBox packs all application files into a single efficient executable file that works without extracting packed files to the hard drive and creating temporary files. MoleBox also applies a number of protection techniques to packed files, including anti-crack protection for EXE and dlls, resource protection, protection from modification for data files, and many more.

Программа из одного exe

Posted by jasper22 at 12:40 |

Как правило, при написании .NET программ используются не только классы из .NET BCL, но и сторонние библиотеки. Во время выполнения программы все используемые библиотеки должны быть найдены. Для этого зависимые dll кладут в одну папку с exe файлом.

Однако существуют программы, использующие сторонние библиотеки, но при этом состоящие из одного единственного файла. Все утилиты от SysInternals, а также любимый мной LINQPad представляют из себя один файл в котором содержится все, что требуется для работы. Пользоваться такими утилитами одно удовольствие — они сразу готовы к использованию, их удобно передавать и хранить.

В статье рассказывается, как создавать такие автономные программы из одного файла. Разобран пример как со сжатием зашить библиотеку AutoMapper в программу и как ее потом достать и использовать.

Код программы использует стороннюю библиотеку AutoMapper. Чтобы убедиться в работоспособности библиотеки после ее зашития в ресурсы, в программе вызывается код из семплов к библиотеке. Этот код здесь не приведен, ибо это статья не об AutoMapper. Но сама библиотека интересная и полезная — рекомендую посмотреть, что же она делает в коде.

Подход

Чтобы .NET код мог работать, в использующий его AppDomain нужно загрузить сборку, содержащую типы, которые используются в коде. Если тип находится в сборке, которая еще не была загружена в AppDomain, CLR производит поиск этой сборки по ее полному имени. Поиск происходит в нескольких местах, где именно — зависит от настроек AppDomain. Для настольных приложений это обычно GAC и текущая папка.

Если CLR не удалось найти сборку, вызывается событие AppDomain.AssemblyResolve. Событие дает возможность загрузить требуемую сборку вручную. Поэтому для реализации автономной программы, состоящей из одного exe файла, достаточно зашить все зависимые сборки в ресурсы и в обработчике AssemblyResolve подгружать их.

Подробности про механизм нахождения сборок можно найти в книге Essential .NET, Volume 1: The Common Language Runtime (Don Box, Chris Sells) — 8 глава, AppDomains and the Assembly Resolver секция.

8 Tips To Create Complete Test Cases

Posted by jasper22 at 12:26 |

How can you explain to a beginner tester the idea of writing, executing and reporting of test cases? It’s a tough job, I found this quite recently by training a new person in the team. Everything I had in my head but there was not one clear and consistent explanation on the paper. Many years of experience, unfortunately, has not helped me to verbally justify and explain this issue. This post will be an attempt to complete my own thoughts and these coming from the environment.

Starting from the end again, because it will be easier, I can write:

* Test Step – specifies an action to perform, and the expected response of the test application. For example: Action : Type the password in the password box, Expected result: Your password should be dotted / hidden.
* Test Case – a list of test steps. Also defines the environmental situation and may link to related bugs, requirements etc.
* Test Scenario – usually comes directly from business requirements or userstory. Management tools often ignore test scenario for linkage with a list of the requirements. Scenario contains a list of test cases and often their sequence.

As you can see, varies between a test case scenario is significant, and often the two concepts are confused.
How to ensure the quality of the test cases are created? How to manage their life cycle? How to deliver them quickly and when developers need it ?

1. Template – need one and complete template for creating test cases. We can create it in a text editor, spreadsheet or buy or customize the tool. I have written about this in the context of the JIRA.

2. Descriptive and specific

Get function return values and profiling information in .NET using Windbg

Posted by jasper22 at 11:41 |

There have been times when we would like to the know function return value ,debug within the function and get profiling information like the duration of a function. VS.NET provides all these features, but in production environment we won’t have VS.NET. This is where Windbg comes in handy. Here is the sample code that I am going to use.

using System;
using System.Collections.Generic;
using System.Threading;
using System.Windows.Forms;

namespace WindowsFormsApplication1
{

public partial class Form1 : Form
{

public Form1()
{

InitializeComponent();

}

Managed DXGI

Posted by jasper22 at 11:39 |

Managed DXGI library is Fully managed wrapper writen on C# for DXGI 1.0 and 1.1 technology. It makes easier to support DXGI in managed application. Because it fully managed there is no need for unmanaged libraries - compile once, run everywhere!

The original DXGI documentation can be found: http://msdn.microsoft.com/en-us/library/ee418146(VS.85).aspx

Where Google revenue comes from

Posted by jasper22 at 11:37 |

Kayak

Posted by jasper22 at 10:34 |

Kayak is a lightweight HTTP server for the CLR, and the Kayak Framework is a utility for mapping HTTP requests to C# method invocations. With Kayak, you can skip the bulk, hassle, and overhead of IIS and ASP.NET. Kayak enables you to do more with less syntax, and is easy to configure to work in any way you care to dream up.

Kayak consists of two DLL libraries: a request framework, and the HTTP server on which it depends. Unlike IIS, the Kayak server does not load your code into its process space. You write your own entry point, instantiate a KayakServer object, set it up however you want, and start it when you're ready. Usually, you'll set it up to handle requests using the Kayak Framework.

The framework simply maps HTTP requests to .NET method invocations. Arguments to a method invocation can be generated from the HTTP request, and the return value of the invocation can be used to generate the HTTP response. By default, the Kayak Framework converts .NET objects to and from JSON. It automatically deserializes JSON in the body of an incoming HTTP request and passes the deserialized .NET objects as arguments to invocations of your methods. When your function returns, Kayak then serializes the return value of the invocation as JSON to the body of the HTTP response. Kayak makes it very easy to create those simple HTTP APIs which are all-the-rage these days.

By the following principles of REST (excuse the buzzword; I don't like it either), you eliminate the need for many of the features that bloat tools like ASP.NET, MonoRail, and ASP.NET MVC, as well as Django and other popular frameworks for dynamic languages.

Scaling Up with STM.NET (Software Transactional Memory)

Posted by jasper22 at 10:28 |

Every developer that spent enough time with concurrent applications must have learned that producing a reliable, high performance application that scales gracefully to many core hardware is extremely difficult to do.

In order for the application to scale and maintain high throughput, we have to design the threading model such that at any given time the application will produce the optimal amount of threads that will put the maximum number of cores to work with minimum contentions. In order to keep the amount of contentions low, besides of not over introducing threads, it’s crucial that we’ll find an efficient way to protect the data that is being shared among the threads from concurrent access.

In order to make parallel programming easier, .NET framework 4.0 introduced the TPL (task parallel library) together with new parallelism constructs that facilitated the process of adding concurrency to applications. However, although more and more code is tempted to run in parallel, we get no real help from the runtime with protecting the shared data from concurrent access. Applications that require coarse-grained isolation can get away relatively easy by utilizing techniques such as message passing, which deters sharing and eliminate the need for locks almost entirely. However, in order to achieve greater scalability there’s not escape from using fine-grained locks, and so the problems begin…as we’ll find in the next chapter.

Code a Modern Design Studio from PSD to HTML

Posted by jasper22 at 10:27 |

Today we’re going to convert the Modern Design Studio PSD Template created by Tomas Laurinavičius a few days ago to a clean and working XHTML/CSS code. You can download free PSD from The Modern Design Studio PSD Template.

Haze Anti-Virus

Posted by jasper22 at 10:25 |

Haze Anti-Virus is a anti virus written in C# and has features such a realtime process watching and a Process Blacklist, and is able to download Database Updates and with Scanning of files with Signiture Checking

Welcome to the Homepage of Haze Anti-Virus, I started with Haze AntiVirus becuase I was in search of a Antivirus that was secure and did not always delete you work. Here is What I would like see in Haze Anti-Virus in the next few months
*Check For Registry Access
*UI Never Hangs
*Unknown Virus Detection
*Logging
*Backup of Self

Here are the Main Features of Haze Anti-Virus
*Process Watching
*Process Blacklisting
*File Scanning
*Database Updating
*Skinned UI

Archive

Random sites

Followers

Search This Blog

Subscribe To