PREVIEW: How fast are FindFirstFile/FindFirstFileEx, and CFileFind – actually?

•September 28, 2014 • Leave a Comment

I have a post in the works about the performance of enumerating a directory with FindFirstFile/FindFirstFileEx, and CFileFind.  I also investigate the various performance “tricks” (more like myths) used to speed these APIs up.

 

HowFastAre_preview

(sneak peek)

 

Two key findings:

  1. They’re actually fairly – but not terribly – fast
  2. FIND_FIRST_EX_LARGE_FETCH doesn’t do what you think it does.

An INVALID_POINTER_READ_EXPLOITABLE (buffer overrun) in Notepad++

•August 17, 2014 • Leave a Comment

Earlier this week I tracked down an insidious bug in Notepad++.

Continue reading ‘An INVALID_POINTER_READ_EXPLOITABLE (buffer overrun) in Notepad++’

CrashPlan log categories

•July 1, 2014 • Leave a Comment

I’m a very happy customer of CrashPlan. Offsite backup is a critical component of any backup plan!

Without advanced¹ filesystems² like btrfs³, maintaining up-to-date backups is an arduous task. CrashPlan’s fire-and-forget nature lifts that weight from my shoulders, freeing my mind & time. Better yet, CrashPlan supports Windows & Linux.

However, like many large-scale cross-platform programs, it’s far from perfect. There are many cases where certain files fail to backup, where scanning for files slows the entire computer to a grinding halt, backups take longer than they should, file upload is not fully utilizing available bandwidth, or memory usage seems inordinate.

Fortunately, CrashPlan has a mature logging infrastructure. Code42 provides some insight on their website (mirror). If you investigate these logs, you’ll notice that they (a) are marked as a logging “level” (ERROR, WARN, INFO, DEBUG, TRACE, ALL, OFF), and (b) are categorized.

For (a), CrashPlan PROe “ADMINISTRATION CONSOLE COMMAND-LINE INTERFACE OVERVIEW“(mirror) suggests that the levels are actually [Error, Warn, Info, Fine, Trace], but I’ve never seen ‘Fine’ in the home edition.

For (b), the aforementioned document says only “The complete list of options is  available by contacting our Customer Champions.”.

Continue reading ‘CrashPlan log categories’

Goals: The Intended Outcomes of Higher Education

•June 27, 2014 • Leave a Comment

This chapter, written by Howard R. Bowen in “Foundations of American Higher Education” is a brilliant read.

Marx sought to change the world through changing social institutions, Jesus through changing the hearts of men. Higher education tries to do both.

Update: The Windows Phone app for WordPress makes no distinction between “save” and “post”. Here’s the chapter: Goals: The Intended Outcomes of Higher Education

Make VC++ Compiles Fast Through Parallel Compilation

•April 16, 2014 • Leave a Comment

Alexander Riccio:

Random ASCII always writes brilliant in-depth analyses!

Originally posted on Random ASCII:

The free lunch is over and our CPUs are not getting any faster so if you want faster builds then you have to do parallel builds. Visual Studio supports parallel compilation but it is poorly understood and often not even enabled.

I want to show how, on a humble four-core laptop, enabling parallel compilation can give an actual four-times build speed improvement. I will also show how to avoid some of the easy mistakes that can significantly reduce VC++ compile parallelism and throughput. And, as a geeky side-effect, I’ll explain some details of how VC++’s parallel compilation works.

Plus, pretty pictures.

View original 3,184 more words

“destroyed in a heartbeat”

•April 15, 2014 • Leave a Comment

I’ve recently stumbled across this slashdot article (mirrored)wherein the comments, MadX says:

*If* such a mechanism was coded in, the nature of open source would mean it would be found by others. This in turn would compromise the trust of the ENTIRE kernel. That trust can take years to build up – but be detroyed in a heartbeat.

Now that has a special irony.

Heartbleed?

“detroyed in a heartbeat”….or a heartbleed?

Arduino device driver trouble? A simple fix!

•April 13, 2014 • 2 Comments

Have you tried fixing an “Unknown device” error with your Arduino? If you’ve failed to resolve the issue, you likely saw a screen like this:

arduino_uno_driver

 

And maybe you even tried disabling driver signature enforcement as such:

disable_signature_enforcement

That is a very bad idea – and also unnecessary. Driver signature enforcement is a critical security feature, as a tremendous number of modern rootkits (and other malware) install drivers to do their dirty business.

Continue reading ‘Arduino device driver trouble? A simple fix!’

Rush post: heartbleed-masstest

•April 10, 2014 • Leave a Comment

The Heartbleed Bug (CVE-2014-0160) is not just a run-of-the-mill bug, it’s a damn scary bug. Most “nasty” vulnerabilities are quite limited in scope – maybe an attacker has a tiny chance of exploiting the vulnerability to execute (a tiny segment of) code, or they corrupt the appearance of files (ahem, winRAR) so the user is tricked into executing malicious code.  The heartbleed bug however, can be exploited without leaving any evidence of exploitation, and requires NO user interaction. The Heartbleed bug lets attackers read from arbitrary locations in the OpenSSL address space, including those used to store the PRIVATE keys.

 

As a result of this danger,  Mustafa Al-Bassam created a tool to scan websites for this vulnerability. I forked it on GitHub, and quickly hacked it to scan in a multithreaded fashion, much faster than the original serial method.

 

It’s really ugly at the moment, but you can clone it here: https://github.com/ariccio/heartbleed-masstest/

Malaysia Airlines Flight 370 …..and Paul Sajda?!?

•March 15, 2014 • Leave a Comment

In aid of the ongoing search for Malaysia Airlines Flight 370, millions of individuals are volunteering to screen satellite imagery for signs of the missing 777. Paul Sajda, whom I’ve written about before, has developed software that, with an EEG, allows an individual to screen hundreds of images per minute for “interesting” information. Maybe that software could be used to help search for Malaysia Airlines Flight 370?

That’s just an idea, some food for thought.

iMPCs: Cell Reprogrammers Take Aim at Liver Disease

•March 6, 2014 • Leave a Comment

Originally posted on NIH Director's Blog:

Cross-section of mouse liver

Caption: Cross-section of mouse liver containing iMPC-derived human liver cells (red), some of which are proliferating (green). All cell nuclei appear blue.
Credit: Milad Rezvani, Eli and Edythe Broad Center of Regeneration Medicine and Stem Cell Research, University of California, San Francisco

Over the past few years, researchers have learned how to reprogram skin or blood cells into induced pluripotent stem cells (iPSCs), which have the ability to differentiate into heart, nerve, muscle, and many other kinds of cells. But it’s proven a lot more tricky to coax iPSCs (as well as human embryonic stem cells) to differentiate into mature, fully functional liver cells.

Now, NIH-funded researchers at the University of California, San Francisco (UCSF) and the Gladstone Institutes appear to have overcome this problem. They have developed a protocol that transforms human skin cells into mature liver cells that not only function normally in a lab dish, but proliferate…

View original 685 more words

 
Modern

The Modern C++ Library for a Modern Windows

Krypt3ia

(Greek: κρυπτεία / krupteía, from κρυπτός / kruptós, “hidden, secret things”)

Andrzej's C++ blog

Guidelines and thoughts about C++

Bromium Labs

Call of the Wild Blog

fuzzing.info

the art of unexpected input engineering

Video Encoding & Streaming Technologies

Fabio Sonnati on video delivery and encoding

Freedom Embedded

Balau's technical blog on open hardware, free software and security

Paolo Bernardi

Paolo Bernardi, ramblings and notes (and Crypto-Gram for ebook readers)

The Embedded Code

Designing From Scratch

Bughira's Weblog

There is no such thing as closed source software...the processor sees every instruction, and so does the reverse engineer...

mov ah, 9<br>mov dx, hello_world_msg<br>int 21h

Just another WordPress.com weblog

Running the Gauntlet

Tank and Siko's Security Blog

mbrownnyc

so watch me do the funky dead butterfly.

The ThreatSTOP Blog

Stop Botnets Stealing from you

clevomods

home of the Custom light controller and LightFX library

Naked Security

Computer Security · News · Opinion · Advice · Research

root labs rdist

Embedded security, crypto, software protection

Biosingularity

Advances in biological systems.

Strategic Cyber LLC

A blog about Armitage, Cobalt Strike, and Red Teaming

Assumption Parish Police Jury

http://assumptionla.com/

Alexander Riccio

"Change the world or go home" -Microsoft Employee Slogan

Liquid Metals Project

Stuff that never made it into the paper.

We Are Made In NY

Learn, Launch and Find a Job in NYC Tech

Home Awesomation

It all started when I wanted to turn my fireplace on from my TV remote...

Mind Hacks

Neuroscience and psychology news and views.

tronixstuff

fun and learning with electronics

Cedar's Digest

Cognitive science, perception, teaching and ed reform

Walking Randomly

"Change the world or go home" -Microsoft Employee Slogan

"Change the world or go home" -Microsoft Employee Slogan

"Change the world or go home" -Microsoft Employee Slogan

Ken Shirriff's blog

"Change the world or go home" -Microsoft Employee Slogan

YouTube Blog

"Change the world or go home" -Microsoft Employee Slogan

Google Testing Blog

"Change the world or go home" -Microsoft Employee Slogan

Google Student Blog

"Change the world or go home" -Microsoft Employee Slogan

Google Research Blog

"Change the world or go home" -Microsoft Employee Slogan

Politics & Elections Blog

"Change the world or go home" -Microsoft Employee Slogan

Google Public Policy Blog

"Change the world or go home" -Microsoft Employee Slogan

Google Open Source Blog

"Change the world or go home" -Microsoft Employee Slogan

Google Online Security Blog

"Change the world or go home" -Microsoft Employee Slogan

Google Enterprise Blog

"Change the world or go home" -Microsoft Employee Slogan

Gmail Blog

"Change the world or go home" -Microsoft Employee Slogan

Inside Search

"Change the world or go home" -Microsoft Employee Slogan

"Change the world or go home" -Microsoft Employee Slogan

"Change the world or go home" -Microsoft Employee Slogan

Follow

Get every new post delivered to your Inbox.

Join 966 other followers