The Acorn Wand, key to a magical puzzle hunt

Puzzle hunts are a popular pastime at Microsoft. For the Microsoft Intern Puzzleday 2007, the puzzle design team decided upon a Harry Potter theme. Competitors (“students”) formed teams (“study groups”) as they attended classes at the Hogwarts campus at Microsoft. Of course, since this is Harry Potter, you need a magic wand, so the puzzle…


It rather involved being on the other side of this airtight hatchway: Local execution

The security response team gets all sorts of reports, and a good number of them are from people who just get excited that they were able to do something unusual, even if it isn’t a security vulnerability. Attached please find a security exploit in the ABC ActiveX control. If you save this Web page to…


Email tips from Adam Phillabaum

Adam Phillabaum of Doing Boeing (who kept the name even though he left Boeing and now works for PayScale) has his own tips for writing email. Recommended reading.


You can’t change it, but you can hide it and add something that looks like it

Today we have another case of “Now you have two problems.” The corporate customer already solved their problem halfway and needed help on the other half. The impossible half. We want to change the Add or Remove Programs icon in the Windows XP control panel so it runs our custom install management program instead of running…


Why doesn’t Explorer show recursive directory size as an optional column?

“Why start up another program to see folder sizes, when they should just be right there, in Explorer, all the time?” The same reason \\ does not autocomplete to all the computers on the network: Because it would destroy corporate networks. Showing folder sizes “all the time” means that when you open, say, the root…


The King County Council race gets even stranger

I told you it was going to get weird. In the month since my last report, there have been a few developments in the county council race between an accused drunk (the incumbent) and a fringe candidate (the challenger). The incumbent admitted having approved biographical information in which a bachelor’s degree was claimed, shortly after…


If you pass enough random numbers, eventually one of them will look valid

One customer traced a problem they were having to the way they were calling a function similar in spirit to this one: HGLOBAL CopyClipboardData(UINT cf) { HGLOBAL hglob = NULL; HANDLE h = GetClipboardData(cf); if (h) { void *p = GlobalLock(h); if (p) { SIZE_T size = GlobalSize(h); hglob = GlobalAlloc(GMEM_FIXED, size); if (hglob) {…


What’s the deal with the EM_SETHILITE message?

If you look up the documentation on the EM_SETHILITE and EM_GETHILITE messages, they just say “not implemented”. What’s going on here? The EM_SETHILITE and EM_GETHILITE messages were added back in 2002 for the breadcrumb bar to use. Back in those days, the breadcrumb bar wasn’t what you see in Windows Vista today, a series of…


What’s the difference between LVM_HITTEST and LVM_INSERTMARKHITTEST?

One customer was confused by the two list view hit-test messages LVM_HITTEST and LVM_INSERTMARKHITTEST. What is the difference between the two? The LVM_HITTEST message tries to find the item the point is over. The LVM_INSERTMARKHITTEST message tries to find the item the point is next to. For example, suppose you have two 32×32 items, item…


Superstition: Why is GetFileAttributes the way old-timers test file existence?

If you ask an old-timer how to test for file existence, they’ll say, “Use GetFileAttributes.” This is still probably the quickest way to test for file existence, since it requires only a single call. Other methods such as FindFirstFile or CreateFile require a separate FindClose or CloseHandle call, which triggers another network round-trip, which adds…