Welcome to MSDN Blogs Sign in | Join | Help

October 2004 - Posts

Awesome article on how a hacker can compromise a network

Jesper Johansson just posted an article in TechNet magazine describing how a hacker might take over your network. One tidbit from the conclusions: Once a network has been thoroughly hacked, the system administrator has three options: update their resume, Read More...
Posted Friday, October 29, 2004 3:48 PM by LarryOsterman | 13 Comments

What's in a WAV file?

So yesterday , I mentioned that a WAV file is just a wrapper around raw PCM data. Well, that’s not entirely accurate (it’s not inaccurate either, but…) A WAV file is in fact a RIFF file, that contains waveform (discrete PCM audio samples) Read More...
Posted Thursday, October 28, 2004 5:14 PM by LarryOsterman | 11 Comments
Filed under:

Really cool new app just released

I just learned that the PhotoStory 3 team finally released their app today. I’ve seen demos of this puppy, and it is pretty darned amazing. Basically it takes your photos and turns them into a WMV video slideshow. Scoble’s promised to have Read More...
Posted Wednesday, October 27, 2004 7:25 PM by LarryOsterman | 13 Comments

So how do I play sounds anyway?

Well, the answer to that is WAY more complicated than I can answer, there are LOTs of different ways, and I’m not qualified to talk about most of them. But I can talk about some of the easier ways to make noises. The first, and simplest one is PlaySound Read More...
Posted Wednesday, October 27, 2004 7:03 PM by LarryOsterman | 11 Comments

What IS audio on a PC anyway?

This may be well known, but maybe not (I didn’t understand it until I joined the Windows Audio team). Just what is digital audio, anyway? Well, at its core, all of digital audio is a “pop” sound made on the speaker. When you get right down to it, that’s Read More...
Posted Tuesday, October 26, 2004 6:48 PM by LarryOsterman | 35 Comments

Wow, Jim Horne's blogging too...

Darned, Everyone’s getting into the act. I’ve known Jim for a really long time (back in the Lan Manager days, it’s cool to see he’s publishing (non technical, but…). His blog can be found here . Found via Danny Glasser’s Read More...
Posted Monday, October 25, 2004 5:44 PM by LarryOsterman | 2 Comments
Filed under:

Sharron absolutely Rocks!

Sharron and Oliver (and the rest of the family) spent Sunday at the Whidbey Equestrian Center, Sharron was participating in the Whidbey Equestrian Center ’s Fall Dressage Schooling show. I previously blogged about her first competition back in March. Read More...
Posted Monday, October 25, 2004 4:04 PM by LarryOsterman | 2 Comments
Filed under:

Fascinating article on Passphrases just posted

I just ran across a totally fascinating article by Jesper Johansson about the use of passphrases instead of passwords. I switched to using passphrases after reading Robert Hensing’s blog post from July, and I’ve not gone back. Robert’s Read More...
Posted Friday, October 22, 2004 3:48 PM by LarryOsterman | 10 Comments
Filed under:

The crazy things they're using computer games for these days.

Valorie pointed me to this article at the Washington Post (Free registration required, sorry :(). Everyone knows about the current crop video games - Doom 3, Halo 2, Half-Life 2, The Sims 2, GTA: Vice City, etc. Even the U.S. Army's gotten on the bandwagon Read More...
Posted Thursday, October 21, 2004 11:26 AM by LarryOsterman | 12 Comments

Fuzzy interfaces

Mschaef took my challenge up, and submitted the Michal Zalewski article to Slashdot the other day, and the editors at Slashdot decided to run it. I found the reactions on Slashdot (and my blog) to be rather fascinating. First off, I'm not the person who Read More...
Posted Wednesday, October 20, 2004 4:46 PM by LarryOsterman | 19 Comments
Filed under:

What's wrong with this code, part 7: The answers

To fix the newsgator issues, I switched to using blogjet to post to my blog. Unfortunately, apparently there are some issues with my workflow that need to be resolved, this was posted yesterday, but didn't get noticed on most peoples aggregators (I've Read More...
Posted Wednesday, October 20, 2004 9:41 AM by LarryOsterman | 3 Comments

Hey wait, I'm a published author now!

As a couple of people have noticed, November's MSDN magazine just went online, and the article I wrote for it is included :) Yay! It looks much better in print btw :) Read More...
Posted Tuesday, October 19, 2004 10:14 AM by LarryOsterman | 0 Comments

IE Code quality commentary...

I just saw this post by Michal Zalewski on BugTraq. From the post: It appears that the overall quality of code, and more importantly, the amount of QA, on various browsers touted as "secure", is not up to par with MSIE; the type of a test I performed Read More...
Posted Monday, October 18, 2004 1:30 PM by LarryOsterman | 47 Comments

IIS vs Apache vulnerabilities chart.

Michael Howard just posted this analysis of relative vulnerabilities between IIS6 and Apache 2.0 during the year after their respective releases. A fascinating post, and it goes to show that maybe we really DO understand what we're doing . Edit: I make Read More...
Posted Monday, October 18, 2004 1:16 PM by LarryOsterman | 15 Comments
Filed under:

What's wrong with this code, Part 7: The answers.

As I mentioned in yesterday's post , there are two intentional bugs in the code. The first bug is a huge one. Remember my comment about the context of the API: "a service author decided that...". The problem is that the HKEY_CLASSES_ROOT predefined registry Read More...
Posted Monday, October 18, 2004 11:26 AM by LarryOsterman | 4 Comments

What's wrong with this code, part 7

This rather fascinating issue came up in an internal DL on Friday. Consider the following hypothetical code that return TRUE if a particular class is registered with COM: bool IsClassRegistered(CLSID ClassID) { HKEY classesKey = NULL; HKEY clsidKey = Read More...
Posted Monday, October 18, 2004 10:52 AM by LarryOsterman | 22 Comments

So what exactly IS COM anyway?

A couple of days ago, David Candy asked (in a comment on a previous COM related post) what exactly was COM. Mike Dimmick gave an excellent answer to the question, and I'd like to riff on his answer a bit. COM is just one of three associated technologies: Read More...
Posted Friday, October 15, 2004 12:27 PM by LarryOsterman | 25 Comments
Filed under:

Cool Speaker: Ben Mikaelsen

Last night, I was privileged to be able to go to my son's school and listen to Ben Mikaelsen speak. Ben's an author of children's books (really YA, but they're incredibly sophisticated for YA books), and he lives in Montana with his companion Buffy - Read More...
Posted Friday, October 15, 2004 11:02 AM by LarryOsterman | 0 Comments

Fall Foliage

As I mentioned last week, I spent last weekend in upstate New York. As a part of that, I drove from western Massachusetts to NYC down the Taconic Parkway (possibly the most beautiful piece of highway in the northeast). I had an opportunity to drive around Read More...
Posted Thursday, October 14, 2004 9:54 AM by LarryOsterman | 12 Comments

Can my STA object create worker threads?

For some reason, a bunch of COM related stuff's been coming onto my radar lately, so for some reason, I've been dealing with a lot of COM related issues. Go figure this one out. The other day, I received a message from a co-worker asking me (roughly) Read More...
Posted Wednesday, October 13, 2004 12:23 PM by LarryOsterman | 9 Comments
Filed under:

How does COM activation work anyway?

One of my co-workers came to me the other day and asked why on earth COM had this "dwClsContext" parameter. In particular, he was concerned about the various CLSCTX_XXX_SERVER options. In order to explain what the point of the CLSCTX_XXX_SERVER options, Read More...
Posted Tuesday, October 12, 2004 1:16 PM by LarryOsterman | 5 Comments
Filed under:

Innovation in the computer industry

The germ of this post was a comment I made on Robert Scoble's weblog, but it deserves broader distribution (that also explains why it's sort-of two ideas mashed together) :) One of the memes that I see going on in the boards (especially on /.) is that Read More...
Posted Monday, October 11, 2004 7:07 PM by LarryOsterman | 29 Comments
Filed under:

Oh wow, Bruce Schneier's blogging.

I just discovered that Bruce Schneier , author of Applied Cryptography is blogging. His blog (including a full content RSS 1.0 feed) can be found here . Bruce's one of those people I truely respect in security, he's been highly critical of Microsoft in Read More...
Posted Thursday, October 07, 2004 5:43 PM by LarryOsterman | 8 Comments

Canons

I recently received an email message with the following: "....involves the canonicalization (it's a word. I swear.) of ..." I went through a long period of discussion with a tester once about my use of that word, he also insisted that it wasn't a word Read More...
Posted Thursday, October 07, 2004 4:12 PM by LarryOsterman | 21 Comments

Larry's rules of software engineering, Part 3: "Zero Defects" doesn't result in zero defects

I've held off on writing this particular post for a while, since it's somewhat controversial, but what the heck, you only live once :) . As Fred Brooks pointed out in his seminal " The Mythical Man Month " (a title that EVERY engineer should have on their Read More...
Posted Wednesday, October 06, 2004 8:08 PM by LarryOsterman | 21 Comments

Ok, so I lied (a bit)

Last week I posted that work was getting busy and the blog would likely go dark. Well, that was a bit of a white lie. In fact, the blog went dark because the kids and I went east to attend a surprise birthday party for my Father's 70 th birthday. Unfortunately, Read More...
Posted Tuesday, October 05, 2004 7:24 PM by LarryOsterman | 2 Comments
Filed under:
 
Page view tracker