Reason number 9,999,999 why you don’t ever use humorous elements in a shipping product

I just saw an email go by on one of our self hosting aliases: From: <REDACTED> Sent: Saturday, April 30, 2011 12:27 PM To: <REDACTED> Subject: Spelling Mistake for browser in event viewer Not sure which team to assign this to – please pick up this bug – ‘bowser’ for ‘browser’ And he included a…


How do people keep coming up with this stuff (mspaint as an audio track).

The imagination of people on the internet continues to astound me. Todays example: Someone took mspaint.exe and turned it into a PCM .WAV file and then played it. The truly terrifying thing is that it didn’t sound that horribly bad. TThere’s also a version of the same soundtrack with annoying comments


Someone is a glutton for punishment

From Long Zheng, a video of someone who decided to upgrade every version of Windows from Windows 1.0 to Windows 7. The amazing thing is that it worked.


The case of the inconsistent right shift results…

One of our testers just filed a bug against something I’m working on.  They reported that if they compiled code which calculated: 1130149156 >> –05701653 it generated different results on 32bit and 64bit operating systems.  On 32bit machines it reported 0 but on 64bit machines, it reported 0x21a. I realized that I could produce a…


Why does Windows still place so much importance on filenames?

Earlier today, Adrian Kingsley-Hughes posted a rant (his word, not mine) about the fact that Windows still relies on text filenames. The title says it all really. Why is it that Windows still place so much importance on filenames. Take the following example – sorting out digital snaps. These are usually automatically given daft filenames…


Hacking Windows with Phones… I don’t get it.

Over the weekend, Engadget and CNet ran a story discussing what was described as a new and novel attack using Android smartphones to attack PCs.  Apparently someone took an Android smartphone and modified the phone to emulate a USB keyboard. When the Android phone was plugged into Windows, Windows thought it was a keyboard and…


It’s a bad idea to have a TEMP environment variable longer than about 130 characters

I’ve been working with the Win32 API for almost 20 years – literally since the very first Win32 APIs were written.  Even after all that time, I’m occasionally surprised by the API behavior. Earlier today I was investigating a build break that took out one of our partner build labs.  Eventually I root caused it to…


What does “size_is” mean in an IDL file?

My boss (who has spent a really long time working on RPC) and I got into a discussion the other day about the “size_is” IDL attribute (yeah, that’s what Microsoft developers chat about when they’re bored). For context, there are two related attributes which are applied to an array in IDL files.  size_is(xxx) and length_is(xxx). …


Microsoft Office team deploys botnet for security research

Even though it’s posted on April 1st, this is actually not an April Fools prank. It turns out that the Office team runs a “botnet” internally that’s dedicated to file fuzzing.  Basically they have a tool that’s run on a bunch of machines that runs file fuzzing jobs in their spare time.  This really isn’t…


Not Invented Here’s take on software security

One of my favorite web comics is Not Invented Here by Bill Barnes and Paul Southworth.  I started reading Bill’s stuff with his other web comic Unshelved (a librarian comic).   NIH is a web comic about software development and this week Bill and Paul have decided to take on software security… Here’s Monday’s comic:…