This is probably gonna be a post where I end up looking like an idiot, but here goes...

I was playing around and wrote a small program to dump the video font table. I started at around 33 bytes, but want to get it as small as possible (to um, learn! :)). Here's what I have so far:

[BITS 16]
[ORG 100h]
[SECTION .text] 
start:
mov al,64   ; Init (but don't clear) video     
INT 10h      ; Need to call int10h to start NT's DOS video emulation I think... 
mov ax,VideoBuffer 
mov es,ax    ; Put video buffer segment into ES
mov ah,007h    ; White text (Attribute 7). AL is already zero from loading the video buffer
mov cl,255    ; All oem chars
charloop:
 stosw 
 inc ax ; Increase char, don't worry about the attribute; it's high
 loop charloop
ret
[SECTION .data] 
VideoBuffer EQU 0B800h

00000000  B040              mov al,0x40
00000002  CD10              int 0x10
00000004  B800B8            mov ax,0xb800
00000007  8EC0              mov es,ax
00000009  B407              mov ah,0x7
0000000B  B1FF              mov cl,0xff
0000000D  AB                stosw
0000000E  40                inc ax
0000000F  E2FC              loop 0xd
00000011  C3                ret

Mike Stall just released a cool tool for doing inline IL in C# (oh, and in VB). It's not full integration with the compiler (so it's not a _msil() block or anything), but it's still very cool.

Wow, here's a cool technique in spam:

.,        ,; .r,                                                  iZ        .              ,  ...7  
@qy      jpp uol                                               peigllf.   @oiatmB          gnjqwgj  
 kd      fq,                                                  au0 pr rk  hac   cna        ia        
 Bym    bpB  WaW  ihjpopc:   igwpkWtk  Wfguvp  @gkbjgS         cu jS     ,,     va        lxpvkk8   
  rj    nv   uyw  yl    uq. Wig.  bly  uxn    yr;   @nS         plkea         @cx        abpX:,qof  
  gpu  ccn   WsW    8xurgl: hv     sv  WsZ      Zegydg@           b@ipl    .qwf2                8uj 
   jh .wx    WkW  xvW:: qr, db     ta  WiW    xbf,i 0sW       Za  dS nhr  jfe            8X     Zlm 
   SjdxgS    WoW ja     cb  vsZ   rds  WoW   gsB    0hZ       hx  pS gui ZdX             wks    pe: 
    xnff     alo  rfbfdvcyc  iprWkoaf  scc    yknxrxpuk0       fjWhbjsb Xkavsnhgib7 cfg   yrfmkks:  
              ,    ,:;i   :        tt   ,       ,;i   .:          jf     .       i   i,             
                            Zkl   aur                             Z,                                
                              hysqd.                                                                
                                                                                                    
                                                                                                    
     88ZS     yj             80  :mc                               7wu7       ;Z8             X2a   
  avhtmnsvp   gf             th7 Spe                             8xdqjpsW   8ehbnum         npketqb 
 jha      elj                qa,                                ,ta hb lni Spa   ilk       8dm    qk
 ig       .@8 yt   vqlwjm@   qk, rox  rotjoud                    poXdc            lj       xp2    wp
rn0           tc  ;hZ   ,vb  pu, iod ,ig   vy:                    0wkfW:        Xxh        :ud   Bjl
7a8           am    Xfxfxkx  as, ,ro  xn                            nrZio     ghl0          .dsfrhdq
 pb       Std uo  Bdm:  .rs  og, ,ih   iwvhvi2                  aS  es Smw  Wam;                  fm
 Zks;    adt; uv  ci    ;oe  en, ,do Xs0    py                  sqt jc 0vb  aW              dv.  Bic
   fcrxbimw   pi  Wfcdcuhhxs iuS Swk  caakngm2                   kpjxxqoi  ckraxuonbb Xeb   ,vsjytw 
                           .                                        wn                              
                                                                    ;;                              
                                                                                                    
                                                                                                    
                                                                     ,                              
;tX      Wx                                                         @cs        .s         .pkivk@BZ2
 ch.    ute                                                       ngBcByo      hh         ,bfxvs8ouw
  shb  skX                                                       uh, j  ud   hvwd                kc 
   aoSphZ    aomxljc;  Bglkfocf    tshoub@  euX   tqa             oq7c         er               hg  
    sfe      lx    ev  2ad   Wbw  Zm:   rya  giB yc@               Wmit0       dc              xbW  
   BfWgh      ,lqfbla  Smf    lw    @stcjia   nxrdZ                  j7crW     mj             iaj   
  Wdg rbw   .uhr   yg  Ses    jw  cel   isy   Xumw               BW  n  rw;    oj             rcr   
 mqm   ijm  or     wk  Xqi    js ayq    8mh  qdg mfi             ah  c  mx.    fi            ;it    
dlc     ,sk0 hlrhstdhx Bev   ,xj  oclkeofgfkghe   clg            ,lkmoiqmS     ev     ofn    Spn    
                                                                     ui                             
                                                                     r                              
                                                                                                    
                                                                                                    
                                                                     r                              
Bj        ju.           ty: 7rf                                    ,kuyi       ,v            ,vxi   
8vd      qnr            by; ;xd                                   mvalZmj,    ,ke          7oodlsia 
 wi.    .lc             ct,                                      ys, p  qu   jjbc          be    tyr
 Shd    bgS   uokebif   kx, Skk  rkS   ixk  yxvionB,cclf8         elXc         dm          od    Xv2
  ps    bj   Sx,   rbj  is, :bm  ep:   @u@  ut;  dsj   rs,         @rgsW       pa          yqg   eyS
  Bgs  xxB     gcetvtu  ep, ,wu  pr,   WcW  hd   rxc   vj:           uijld     kh           8wjjrebS
   tf ;bd    xlr   ,eg  wx, ,va  ye    0vW  sy   Sxw   ax,       wj  r  jm7    bj                :nZ
   .fagr.   ,kj    Wjq  eb, ,vv  ula   bdW  ly   Som   dc,       ll  y  nu     qf          pcs   gh 
    tfui     Zsfnwckteb we2 2hc  ,vxvwakms  bp   pji   nj2        eqbhqqar     eo     mpo   pgnqbj  
                                                                     h                              

On an MVP mailing list today, someone posted this link:

A parent's primer to computer slang
Understand how your kids communicate online to help protect them http://www.microsoft.com/athome/security/children/kidtalk.mspx

To which I replied:
... I just felt a disturbance in the force, as if millions of kiddies yelled out in embarrassment as their parents tried to talk leet to them...

M0M [133t!]: d00d, did j00 |-|4/\3 phun 4t sk00l t0d4yz? $c13nc3 is teh

r0x0rs, w00t! D4D 4nd I R g0ing 0ut ToNiGHT, g0nn4 sh0z /\/\y m4d

sk1llz. Th3r3's ph00d in da phridg3.

Son: I'm so embarrassed. Never talk that way again, please.

 I'm surprised they didn't have some sample conversations to test your knowledge. They also left out "r00t".

Steve adds: And M$

Hmm, I wonder, maybe MS will start doing a whole series on slang? Maybe they're working on a paper like that right now? “What does it mean when your son says 'Her? The whole shool's had root access.'”

While visiting my parents' clinic in Guatemala two years ago, I decided to do a bit of developer evangelism. Perhaps I should go back to tell her WinFS was cut?

Doing some work on a new site using Whidbey, and I came across this:
http://msdn.microsoft.com/asp.net/whidbey/beta2update.aspx#ASP.NET_2.0_Compilation_Model_Changes

YES!!! Whoever says MS doesn't listen is definately wrong. Quick recap: ASP.NET changed it's project system/compilation model to better suit people who think HTML is a programming language. Good ASP.NET developers pushed back... hard. The “Web Platform and Tools“ team nicely listened. Yey!

The blessed article is a bit terse, so I've provided common-language translations (sarcasm and jest ahead... it's just because I'm so relieved, no offense intended):

“In response to significant customer feedback...”.
Translation: “We spoke with professional developers, instead of just going after the “PHP is teh r0x0rs” group, and the “I know HTML and thus am a 'Web Developer'” group.“

”The goal is to improve the code-behind and code-separation experience and enable the partial class paradigm to be used to improve the code-behind experience while continuing to maintain a syntax and functionality that is very similar to ASP.NET 1.x.“
Translation: “We fixed the compilation model.” 
Note: Wow, that's a really long sentence. And they even used the word “paradigm“. Wow.

“As a result, it makes upgrading of v1.x projects even easier and further reduces new ASP.NET 2.0 specific concepts.“
Translation: “Customers told us backwards compatability and migration was actually important.“
Minor correction: “upgrading of v1.x projects *possible* and further...“ (Yea, I had zero luck upgrading projects. Yet I could open VC++ 6 projects with VS2005 and compile and deploy to client systems with zero problems.)

“In short, this change enables developers to continue to pre-compile ASP.NET pages for significant performance gains while still being able to maintain the .aspx markup content separate from the binary.“
Translation: “Now things work like 1.1 again.“

Wow, this is really, really great news. I'm thrilled. Can't wait to get Beta 2, even if it means having to redo a nice amount of code.

Oh, BTW, they shortened the special directory (the Vile Code directory) prefix from “/Application_“ to “/app_“, and rightly canned “/Application_Assemblies“ (which was the “/bin“ replacement). Why “/Application_Assemblies“ was ever a good idea apart from consistency is beyond me...

Even so... something gives me the feeling that the compatability part of their team is somehow very much different from say, the Windows Shell team :).

Out of all my experiences (heh) with Linux, Mono has to be the best one. It just works. I'm writing a set of web services to manage Asterisk. Things like adding users to the dialplan, configuring incoming numbers, voicemail, etc. I wrote a library to deal with the config files in VS2005, and tested on VS2005. Drag and drop, and bingo: it works just fine on Linux.

I just got a nice queued reload finished for Asterisk via my webservices. A little bit of threading code, and 40 lines later, it's done. Build, drag and drop (Samba), and presto. Works, smoothly. I just can't stress how cool it is to be able to work with MS tools, use shared code libraries with Windows, and then just drag and drop over the network and have it running right alongside with Asterisk.

We're doing a pretty ambitious project, the entire front-end on Windows, and Linux for everything to do with the voice. So far, everything's been a breeze, thanks to .NET. Not having to write in C, or ... PHP <shudder> ... is so nice. At any rate, we're hoping to launch by the end of the month. So if we do, I'll go into more detail on what things .NET let us just speed right through.

And already, I've made a new convert. We hired a guy who has worked with Java and PHP, never with .NET. You should of seen his face and heard his comments when I took him on a whirlwind tour of ASP.NET 2 and web services, adding in xcopy deployment to Linux in to boot. Wow :).

CNN has a story about american high school kids who don't know what free speech is. (Thanks BoingBoing!) 

Wow. Double wow. Are kids really this clueless? Are they really such idiotic sheep? Through an intense, multi-year study* that I've done, I know that many kids are idiots. But now they're just gonna go and screw themselves over? Maybe these kids LIKE CSS and Region Encoding? Perhaps the MPAA are visionaries and are actually marketing to these people?

Sigh... I'm frightened by the attitude and lack of critical thinking I see in most adults in the states these days. I'm surprised that most americans do not know what made their idea of government any good. Here's a hint: It's not poor cars and bad food. The USA started out as a good idea because it had a government that was built to limit itself. These days, people just think it's about capitalism, immoral behaviour, and whatever other base thing that comes to mind.

The thought of these children growing up, and from an early age thinking that the government HAS or SHOULD HAVE more power... that's simply chilling.

So, Pulver launched a great new marketing campaign called Bellster. People are hyping this up as “Peer to Peer telephony”. I'm tired of P2P being abused as buzzword. The entire freaking Internet is a peer to peer system. But that's not what I really care about. People are joining up to Bellster without thinking what it means. There are two primary problems with Bellster.

1. *Most likely* your phone company has it outlawed, since you are reselling your service. In some countries, this might even be illegal, and in violation of local laws, in addition to your own contract. There is no such thing as “unlimited” calling (except perhaps, inside a certain network). If you go over what your telco thinks is acceptable for “unlimited” calling (somewhere between 1000-5000 minutes probably), you'll get charged, or cut off, or something. Other telco's might notice your calling pattern has significantly changed. If you use your phone normally, and then all of a sudden it jumps to 4 times volume and calls a wide range of numbers at a wide selection of times... software can flag that down, and you can get your line cut (it's called bypass). This will depend on each telco/country. Then again, maybe you hate the telco and want to stick it to 'em. If you get away with it... good for you.

2. It's all fun and games 'till someone gets hurt. (And then it's fun for one less person.) Sooner or later, someone's going to make bad phone calls via Bellster. The problem is that these phone calls come from YOUR phone line. So, when the SS investigates the latest terrorist threat, and finds it came from your line... ouch. I'd expect nothing less than a personal visit. Depending on how that goes... good luck. In the USA, I can only imagine what would happen. Sure, eventually you will probably get cleared and be OK. Meanwhile, are you willing to risk being imprisioned, questioned, perhaps having your computers confiscated, etc. etc.?

In light of those two things, who on Earth would use Bellster? My local calls are more money than what I pay to call half the world with VoIP (yes, even at my commercial, retail rates, not wholesale carrier rates). So *I'm* not going to share my line to call Canada when I can already do that for very cheap (not to mention that if I did share my line, within a month or two it'd be cut). Plus, I'm at the whim of whoever is running the service. I doubt the service level is gonna be that great.

So... potential risk... zero benefit... why would I do this? THINK people, THINK!

I hope the days of running arbitrary CPU instructions to perform every single task come to an end soon.

I hear people complaining about how MS doesn't make them secure enough. I hear from the other end (i.e., the pros) that we have to have user education. I read about parents having to filter their kids' computers, ensuring they don't run malicious code (not “bad content“, such as pro-Bush propaganda, but code to take over a PC). People run anti-virus software. People are now running Anti-unwanted-commercial-software programs. Heck, in some cases, there's even Anti-anti-spyware code out there.

We hear about having to “ensure we trust the source”, as in, “do I trust Bob to send me a web site link”? Not even a program, *just a link*! We have the “don't execute attachments” and “don't install code from websites”, on and on and on. Some people even think there should be a “Internet drivers license” or even some sort of basic PC user training/license.

This has got to stop. It's been shown that we'll never be able to get average people to make correct trust decisions. It's also stupid to want to do that. If someone writes up a cute “Flying Bunnies.exe” game, I WANT to be able to run it, without worrying that it's some kind of attempt to hack me.

.NET gives us the first level. We have code access security, which can ensure that certain code running can't do certain things. Next, we need an OS that takes this home.

It looks as if we'll be having a little girl this May. By the time she's old enough to have her own real PC, I hope these things will be an issue of the past. When I got my first computer, I was 5. I was already somewhat familiar with DOS; I knew my way around. How different would that have been, had I have to understand a full set of security and trust related data? How much slower would I have gotten into things if it had to be accompanied by a ton of overhead just so that I wouldn't get hacked?

If Microsoft embraces managed code fully (and it looks like they are), this should not be hard. Managed programs should just run. Get an email attachment? Just run it! See a cute game that needs rich UI controls from the web? Should be automatic. Only when an unmanaged EXE comes along should we run into roadblocks. Indeed, any program requiring trust should require us to login as admin (or elevate to admin) and allow it.

So, in about 5 years, I hope to be buying a nice little PC for my child. I want to flip it on, use biometrics as her password, and LET HER PLAY dammit! If she finds a bunny program, I want her to be able to run it. Now, I'm hoping my kids will follow after me and understand computers enough to make those decisions for themselves (heck, and for other people :)), but I sure don't want that to get in the way.

The same applies to pretty much everyone else (yea, I'm saying a lot of users aren't much more advanced than a 5-yr-old). We can't expect people to make security decisions. We simply MUST have a way for things to get done, without security implications. I think at this stage, this is entirely possible.

Apparently some congressman in Guatemala found that the Internet has porn. And that kids can use the Internet. Why this took him X number of years to figure out is beyond me. At any rate, the Congress is apparently discussing requireing all Internet cafes to install filtering software. They claim that 90% of kids looking for content to do with their homework run into porn. They're more gullible than I thought! “Hey! What's that stuff on your screen junior?!” “Ahh um.. it just came up! I was just trying to find out how to calculate the surface of a vortex, honest!”

The congressman says this will stop them from “losing youth”. Perhaps getting a decent education system in place, killing all funds to the military (who they gonna invade?) and getting their police force back in line might help more. [As a side note, the police here are given 5 gallons of gas per 24 hours of patrolling. And they have to pay for their own bullets.]

These are the same people who just recently voted themselves a substantial salary increase as “some of us have to travel to the capital city to do our jobs”. And believe it or not, this is the GOOD party that was running.

At any rate, I sure hope this law doesn't pass. Not because I think kids have some kind of right to go look at naked hotties, goats and sheep, or whatever, but because this kind of law is an implementation nightmare, and just leads the way for more government intervention. When a private establishment is required to do something like this, especially from a group of people who have absolutely zero technical skills, it is a receipe for disaster.

Oh, one more thing, if they're really that concerned about this kind of stuff, why don't they outlaw prostitution as a first step? (Not like that's anything that should be illegal, but hey, while we're on the subject...) Oh wait, no, that'd piss off a lot of people. Let's screw with the Internet instead.

Sigh... why is it that the Dilbert principal applies to government and not just corporations?

One thing I had done before and decided to try again was inline (embedded? inline isn't the right term exactly) ASM with C#. Remember, the CLR JITs your IL code down to native code when it runs. There's no interpreter or likewise going on -- your C# code is x86 when it runs (on an x86 platform). However, when writing in C#, it's rather hard to get out to x86 directly. Probably the easiest way would be to use Managed C++ and an inline asm section there. But, if you want to keep it all in C# (say, you want something extra hard to decompile), you can achieve that.

[I must note, the more I learn of internals, the more I learn I need to learn more. Thus hopefully, some true expert will read this and give me more insight.]

The most straightforward way that occurred to me was to use a delegate. As far as I know, C# won't issue calli and ldftn IL opcodes for us in any way we can neatly control. There will be ldftn when a delegate is created, but we can't set that value directly. So instead, we'll create a delegate and modify it. Delegates have a private field named “_methodPtr”. This, as far as I can tell, points to the code to be executed by the delegate. It's important that our delegate is accurate regarding the number of parameters, and the return value.

We will store our x86 in a byte array. Then, we'll pin the array, and stick the address of the first element inside the delegate. When we call the delegate, everything will be set.

As far as I can tell, methods in the CLR use the fastcall convention, so the first two parameters will be in EDX and ECX. The return value is expected in EAX. My demo is going to be simple, performing a ROR (ROtate Right) by 1 on the parameter and returning that. 3 lines of ASM.

Compile with /unsafe obviously, else I'd be writing to secure@microsoft.com. I'm not sure how terribly useful this is, but it seemed cool to me. At the very minimum, it serves to tell people to STFU when they claim that C# / .NET can't do pointers, or raw code, or whatever.

using System;
using System.Reflection;

class Program
{
    public delegate uint Ret1ArgDelegate(uint arg1);
    static uint PlaceHolder1(uint arg1) { return 0; }
    
    public static byte[] asmBytes = new byte[]
        {        
0x89,0xD0, // MOV EAX,EDX
0xD1,0xC8, // ROR EAX,1
0xC3       // RET
        };
        
    unsafe static void Main(string[] args)
    {
        fixed(byte* startAddress = &asmBytes[0]) // Take the address of our x86 code
        {
            // Get the FieldInfo for "_methodPtr"
            Type delType = typeof(Delegate);
            FieldInfo _methodPtr = delType.GetField("_methodPtr", BindingFlags.NonPublic | BindingFlags.Instance);

            // Set our delegate to our x86 code
            Ret1ArgDelegate del = new Ret1ArgDelegate(PlaceHolder1);
            _methodPtr.SetValue(del, (IntPtr)startAddress);

            // Enjoy
            uint n = (uint)0xFFFFFFFC;
            n = del(n);
            Console.WriteLine("{0:x}", n);
        }
    }
}

When I started working with Linux for my current projects, it was on a severly underpowered box (a Celeron 400MHz, 128MB RAM, 3GB HDD). Thus, running Gnome and so on, in addition to my development projects, wasn't a really good idea.

After a bit, I got tired of waiting forever to compile, so I got a 2.something GHz Pentium 4, 512MB of RAM, nice disks, etc. Since I was going to do a bit more than I had done before, I decided to install and use Gnome, as well as RedHat's cute little GUI tools to configure stuff.

Soon, I was using X/Gnome a good portion of my time (X-Chat seems to be the best free IRC client on any platform, and I use IRC for work on Asterisk a lot). Also, it can be nicer to use Gnome than have a bunch of SSH sessions open at once. So, at first, I tried out VNC. I didn't like it. I wanted to get a logon screen, and I was having trouble getting VNC to do that. Also, the RealVNC client I had for Windows seemed pretty crappy.

Then I discovered GDM and XDMCP. Now I have integration like this:



Here are the steps to get XDMCP/GDM working rather nicely with Windows (at least on RedHat systems):

1. Edit /etc/X11/gdm/gdm.conf. In the [xdmcp] section, set Enable=true. That'll allow you to connect remotely using xwin or other XDMCP clients. Next, in the [daemon] section, set KillInitClients=false. This allows xwin's clipboard integration to work correctly.

2. Next, install cygwin, ensuring to install XWin. This has the tools we need to make the connection.

3. Create a shell file inside cygwin to start xwin. I called mine “startsungx“ (sung is my Linux machine's name). Here's my file:
    xwin -query sung -notrayicon -clipboard -rootless -nowinkill -keyhook -xkbmodel microsoft

Do xwin -? to find out about those options. The interesting ones are -rootless, which prevents a “root“ window from appearing (which will manifest itself as an ugly background).
-nowinkill stops the Windows Alt-F4 from killing xwin.
-keyhook allows you to use Alt-Tab and the Menu key inside the session.
-xkbmodel microsoft allows you to use a nice big Microsoft keyboard with all the keys. You can also specify pc101 and similar.

With that, everything should work. But, the downside is that you now have a Cygwin window sitting on your taskbar. Hardly elegant.

4. Create a batch file to start cygwin, and run xwin, while hiding itself. I have a SungX.cmd file:
D:
cd \Linux\cygwin\bin\
cygstart.exe --hide -- bash --login  -i -c /startsungx

That'll start up cygwin, hidden, and run your xwin script. Enjoy!

Now, what I'd REALLY be interested in having is a way to have each application that registers for the Gnome application list panel appear on the Windows taskbar. Or maybe not, as it'd add to the clutter. Either way, I'd like to try it for a bit. If anyone knows, drop me a line.

This post is because of Micah, who had the most classic expression when he saw the Gnome Fedora Core 2 splash screen load up right in the middle of Windows XP. (Yea, I've since moved to RHEL, err, TaoLinux.)

I ran into an issue with Asterisk, mainly that you can't dynamically control which codec gets accepted. You have to make your choice “up front”, when you define a user/peer. This means, for example, if you want to say “for this call, use the GSM codec”, you can't. You've got to let Asterisk's code work things out, and even it works out on your side, the callee might decide to use a different codec anyways. This means that I end up declaring various peers: peerX-g729, peerX-ulaw, etc., and then have to swap them out when I call Dial.

Even worse, there's no easy way of completely avoiding transcoding when you want to. For instance, I have several phones connected to my server. Some use GSM, some use ULAW, some use G.729. They all use the same dialplan, and ulaw is usually negotiated for the termination. That means my little server gets nailed doing all this transcoding. This is even sillier when you realise that my termination provider has big hardware and will handle transcoding for me. So, without making a seriously complex dialplan, I'm stuck.

Well, IMO, that sucks.

So, I actually dove into the code, and patched it: http://bugs.digium.com/bug_view_page.php?bug_id=0003346 I've yet to see if this will get into the actual codebase. I sure hope so, since I *hate* forking. Indeed, that's one major criticism I have of the “you can just modify it to suit your needs“ claims of OSS. But, the ones in power seem quite rational, so there's some hope... maybe :).

Asterisk is a large project, but thanks to Visual C++ 2005, I could navigate it (New Project From Existing Code is very useful!). Unfortunately, I think there's a bug, as VS takes up 1.4GB of memory when editing this project. However, it's still quite responsive -- except for the Virtual Memory Warning from Windows, and the initial slowness, I'd never notice it was eating all that memory.

MVP Patrick MacKay down in Chile has finally gotten his Spanish primer on encryption up on the MSDN site. Check it out here: Desmitificando la Encriptación (Parte I). Not to boast or to brag, but I drew the little face that's used to show off the cipher modes :).