portable UI tip #1

if there is a blinking caret in the field then show a keyboard. There is nothing more annoying than having to ‘repick’ the text field that is currently active, with the blinking caret

what are you thinking android? focus is something explicit, not implicit. You do not have to have an active control on a form at all times. that and the fact that the keyboard is very tough to get rid of when you want to.

Is that a DLL in your pocket…

Shock! Horror! Bug found where Windows applications will open DLLs that are in the current working directory of a process!

Except it’s not a bug. It’s by design, and it’s existed since NT.

Microsoft is being smacked in the head by a required feature of Windows due to the initial weakness of the LoadLibrary call. If you don’t specify a path to the file to load, it uses the standard library search path.

Dear god, you would think that this was news. It is not news, nor has it been since the goddamned operating system shipped. Granted, the issue is severe, but the fact of the matter is if an application is executed using a working directory that isn’t under your control, then what can you do? if there are libraries in the same directory that launched the program that happen to share the name of system libraries then you’re hosed.

Hey, guess what asshole, if you link a linux binary with a search path containing ‘.’, then you get the same problem. It’s just as well that nobody links their binaries with -R. …. eh?

The documentation is blatant in this regard. I’ve known it was a security issue since I first learned of the LoadLibrary call, as any even half decent developer should have known when they started using the damned function.

The rule is simple. Resolve the full path to a library before you load it. Validate that it ‘looks right’ at that point. Then load it.

BTW .init section in .so files – so totally a security hole. You can’t dlopen a file to determine if it’s good without executing the .init code. Game over man, game f**king over!

My .init code does a setenv(“LD_LIBRARY_PATH”, “.” + getenv(“LD_LIBRARY_PATH”)) … now piss off and write secure code for once…

Virtual PC connection to the host while on the road

This advice is for Microsoft Virtual PC. When you use software like VMWare, it automatically allows the host to connect directly to the client using the virtual interfaces that have been created.

Most of the recommendations with regard to connection to/from the Virtual PC client recommend configuring the connection to share/bridge one of the network connections.

All very good and well when you’re on a network. I regularly use the system when I have no network available – i.e. I’m completely disconnected. Most of the connection sensing code for network adaptors prevent you from using it while it’s not active, plus I don’t like having to configure the connection manually and then reconfigure it when I’ve got a real network.

The simple solution is to add a Microsoft Loopback Adaptor to the host machine, then create a second network interface on the Virtual PC that uses this interface. Manually configure the IP addresses to be on the same private network, making sure that you don’t accidentally configure it to use an IP address range that you may end up using for a VPN connection.

  1. Add the Network Adaptor: XP, Vista, Windows 7
  2. Configure the IP address manually. Use a Private Address Range. I chose an IP address of with a netmask of for the host, then chose for the Virtual machine. XP, Vista, Windows 7 – Use the instructions for Vista.
  3. Shutdown the Virtual Machine, Don’t hibernate as you can’t add the second network interface.
  4. Edit the properties of the virtual machine (in the Virtual Machines folder). Either Right Click on the Virtual Machine Icon, or use the Settings Option in the menu bar.
    Settings Option
  5. Configure the network to have 2 interfaces, one of which is linked to the ‘Microsoft Loopback Adaptor’
    Settings Dialog
  6. Boot up the virtual machine, and follow the instructions for manually configuring the IP address of this new network interface.

Direct connections to the IP address of the client virtual machine now work, and you can use it for anything you want.

Following the instructions here, even if they’re confusing, once you add a dword key called ‘*NdisDeviceType’, with a value of 1, you don’t see the connection as an unknown connection; thus enabling sharing and other features in Vista, Win 7.

Password recovery from open applications

Well I had a minor hiccup today when I decided it was ‘password change day’. I duly went around changing the password on all my systems. Then I got back to work. 10 minutes later I turned to my other system and typed in the password.
… It didn’t work …
I smacked my head and said to myself “D’oh”, I need to use the new password. But I couldn’t remember all of it. All I had was a few characters I could remember and the fact that my mail program was checking the mail every few minutes and still working.

First I got the pid of thunderbird…

~% ps -fe | grep thunder
1000     17509     1  0 13:19 ?        00:00:00 /bin/sh /usr/bin/thunderbird
1000     17521 17509  0 13:19 ?        00:00:00 /bin/sh /usr/lib/thunderbird/run-mozilla.sh /usr/lib/thunderbird/thunderbird-bin
1000     17526 17521  0 13:19 ?        00:00:24 /usr/lib/thunderbird/thunderbird-bin
1000     19101 19006  0 14:09 pts/10   00:00:00 grep thunder

Then I got the address of the heap from the process’ maps

~% grep 'heap' /proc/17526/maps
08d02000-0a9ad000 rw-p 08d02000 00:00 0          [heap]

I compiled up memory_dumper, and ran it against the process and heap addresses listed.

% ./memory_dumper 08d02000 0a46a000 17526 heap

Then I ran strings on the resulting file, looking for the pattern that matched my remembered password

% strings heap | grep t%7

4 copies of the password in memory in the program. That is just in-freaking-sane. It should be present in the program only once, and should probably be concealed using some form of obfuscation. Mind you, it has kept the new password in my mind now, so I should be grateful.

And just in case you feel like trying the password listed, don’t. It’s not the real password 😉

Very heavy requirements

I have been buying sound cards for a loooooong time – my first add-on card was for a 512K Amsdrad PC512 and it produced either MIDI-based sound or replicated sample audio. It was not a cheap purchase at the time – I can’t remember the price any more, but it was quite a bit of savings at the time.

It came with a literal ‘wodge’ of 5.25" driver diskettes. you could use it to steady a table there were so many of them.

Later on, the disks changed to 3.5". This meant that they were thicker than the older disks, and amounted to a pile that simply got progressively larger. By the purchase of my last soundblaster card, I was looking at IIRC 10 disks, only a few of which were usable for drivers for DOS, the remainder were ‘assistant’ programs such as Dr. Sbaitso, which were to purposes useless.

I spent a long time kind-of caring about my sound card. I bought an SB live card for my main desktop and for several years things just worked. About 2 years ago got an SoundBlaster X-Fi card for notebooks for my Dell Insipron M1710. Honestly, the internal card was better than the add-on card. I didn’t really care as I paid for it in Yen, so it didn’t count towards cost.

In the last 6 months I bought a new rig. Reasonable price, and harkening back to my memories, I got an SB X-Fi XtremeGamer card. Not a large outlay (<€80). It no longer comes with a wodge of disks – it downloads software and updates from the internet.

The smallest update for this software seems to be 50MB. The sum total of the latest software update (to fix problems and to increase compatibility on Vista) is 235MB. I am 44MB into the update and I’m being told that there’s another 2.5 hours to go. I’m not on a slow link either. It just seems to be on their side.

Just to put this into perspective – The download for my soundcard is about 1/2 the size of a reasonable Linux distro… and it’s as slow as a wet weekend in June. By the time this update has downloaded I could have watched the entirety of the latest Harry Potter movie and still had time for a pint. It’s damned slow.

This is a sound card. Not the World Management Software Suite®. The update for my graphics card was 90MB and that was Driver + Support Software + PhysX Drivers. And it downloaded in less than 10 minutes.

Now that I recall, all the problems I seemed to have on the older machine could always be traced to limitations or issues with my sound card. A driver that wasn’t playing by the rules. Maybe it thought it was being edgy? I’ve seen too many BSODs to want edgy. I just want something that works…. and doesn’t need a 250MB update (that’s twice the size of OpenOffice)…

Oh, and Windows Live Writer — please convert euro, trademark and em-dash symbols before posting… we’re not all using UCS-16 encoding here. Some of us actually try to use the web in a platform independent manner…

Can you people please collate FFS

Nothing more than a rant….
It’s not that tough – when using most english locales, we sort case insensitively. a==A, B==B and so on. Pragmatically, the only reason for picking a locale other than UTF-8.generic is because I would really, really like these rules obeyed.
I am sick to death of having to work around stupidity.
I’m just complaining as I look at the output from ls and it’s pretty much a case sensitive sort. I’m sure that accents are sorted correctly in EN_ie – after all á is the same as a, but apparently it’s different to A.
Sorting it difficult… the rules are so complicated… stop complaining! you’re able to perform at least 600 million operations per second, and a table lookup for a case insensitive sort is probably going to cost 20.
Bear in mind that the number above was a quick back of the envelope number of an iPhone. I’m sure a real computer will be able to do something a little better…


Looks like it’s not Linux, it’s only Leopard that doesn’t understand EN_ie collation. Oh well, that’s life I suppose…

Vodafone Ireland IPCC file for the iphone

Created a little icon (it’s the white quote mark in the red loop), added MMS information and tethering support.
To install it, rename the downloaded file without the .zip extension (it should be Vodafone_ie.ipcc). Quit iTunes.
On the mac open a terminal and type: defaults write com.apple.iTunes carrier-testing -bool TRUE
On windows(32 bit) in a cmd prompt type: “%CommonProgramFiles%\Apple\Mobile Device Support\bin\defaults.exe” write com.apple.iTunes carrier-testing -bool TRUE
On windows(64 bit) type: “%CommonProgramFiles(x86)%\Apple\Mobile Device Support\bin\defaults.exe” write com.apple.iTunes carrier-testing -bool TRUE
Restart iTunes, option/alt click on the ‘Check for updates’ button in the iphone’s Summary page.
Get the Vodafone Ireland IPCC file.

URL shortening…

Not a lot of code. We create a rewrite rule for apache to remap any 5 character requests at root to this script.
RewriteRule ^/([A-Za-z0-9][A-Za-z0-9][A-Za-z0-9][A-Za-z0-9][A-Za-z0-9])$ /cgi-bin/shorten.cgi?$1 [PT].
Requests for http://site/….. lookup the entry in the database, requests to shorten.cgi?URL return the shortened uri in a text/plain output when it works.
There isn’t a lot of checking, and you probably need to create the db/ directory with mode 777 so you can update the database under cgi, but it… works on my box 😉

#!/usr/bin/perl -w
# shorten or unshorten a url passed in
use strict;
use DBI;
use Sys::Hostname;

my %keys;
my $value=0;
# 26 + 26 + 10 = 62
my $keys = join("", A..Z) . join("", a..z) . join("", 0..9);
my @keys = split(//, $keys);
for my $i (@keys) {
    $keys{$i} = $value++;

my $file = "shorten.db";
my $dir;
my $var;

if (defined($ENV{SCRIPT_FILENAME})) {
} else {
    $var = $0;

($dir) = $var =~ m/(.*)\/[^\/]+/;

$file = $dir . "/db/" . $file;

if (! -d $dir . "/db") {
    mkdir($dir . "/db", 0777);
    chmod(0777, $dir . "/db");

my $dbh = DBI->connect("dbi:SQLite:dbname=$file", "", "") || die "Could not open $file";
chmod(0666, $file);

$dbh->do("create table if not exists mapping (id INTEGER PRIMARY KEY, url TEXT)");
$dbh->do("create index if not exists mappurl on mapping(url)");

exit(0) if (!defined($ENV{QUERY_STRING}));
my $qs = $ENV{QUERY_STRING};

if (length($qs) == 5) { # from short -> long
    my $key = 0;
    map { $key = $key * 62 + $keys{$_} } split(//, $qs);
    my $ary = $dbh->selectall_arrayref("select url from mapping where id = $key");
    if ($ary) {
        my @ary=@$ary;
        print "Location: " . $ary[0][0] . "\n\n";
} else {
    my $sth = $dbh->prepare("select id from mapping where url = ?");
    my $ret = $sth->execute($qs);
    die "Failed to execute " . $sth->errstr unless($ret);
    my @row = $sth->fetchrow_array();
    my $value;
    if (!@row) {
        $sth = $dbh->prepare("insert or replace into mapping (url) values (?)");
        $sth->execute($qs) or die "Failed to insert" . $sth->errstr;
        $value = $dbh->last_insert_id("","","","");
    } else {
        $value = $row[0];
    if (defined($value) && ($value > 0)) {
        my $op = "";
        while(length($op) != 5) {
            $op = $keys[$value % 62] . $op;
            $value /= 62;
        my $base;
        if (!defined($ENV{HTTP_HOST})) {
            $base = hostname();
        } else {
            $base = $ENV{HTTP_HOST};
        print "Content-Type: text/plain\n\nhttp://" . $base . "/" . $op . "\n";
    } else {
        print "Content-Type: text/plain\n\nFailed to shorten $qs.";

# vim: ts=4:sw=4:et

Classy error from XCode

XcodeScreenSnapz001 - nullity null
Apparently I forgot to plug out my null before quitting the application. That’s a shame as I thought I had two or three nulls floating around

Lies my computer told me… (threads != processes)

So there I am looking at the sysinfo from a particular machine and I look at the content of the procs field. It looked to be a bit out. Went hunting through the kernel source and noticed that the procs field is filled with the value of the number of threads in the system. This is a little bit odd, as I’m used to separating my threads from my processes.
Turns out that there is an nr_processes() call, which returns the number of processes in the system, rather than the number of threads. A little bit of a change, rebuild and testing now gives me the correct number of processes from the proc field, and I also have a separate result for the number of threads.
There we go, much more sensible 😉
diff -Naur linux- linux-
— linux-      2008-10-09 03:58:32.000000000 +0100
+++ linux-  2009-03-16 16:23:39.000000000 +0000
@@ -415,7 +415,8 @@
        unsigned long totalhigh;        /* Total high memory size */
        unsigned long freehigh;         /* Available high memory size */
        unsigned int mem_unit;          /* Memory unit size in bytes */
–       char _f[20-2*sizeof(long)-sizeof(int)]; /* Padding: libc5 uses this.. */
+       unsigned int threads;           /* Number of current threads */
+       char _f[20-2*sizeof(long)-2*sizeof(int)];       /* Padding: libc5 uses this.. */
 /* Force a compilation error if condition is true */
diff -Naur linux- linux-
— linux-     2008-10-09 03:58:32.000000000 +0100
+++ linux- 2009-03-16 16:43:31.000000000 +0000
@@ -1031,7 +1031,8 @@
        u32 totalhigh;
        u32 freehigh;
        u32 mem_unit;
–       char _f[20-2*sizeof(u32)-sizeof(int)];
+       u32 threads;
+       char _f[20-2*sizeof(u32)-2*sizeof(int)];
 asmlinkage long
@@ -1076,7 +1077,8 @@
            __put_user (s.procs, &info->procs) ||
            __put_user (s.totalhigh, &info->totalhigh) ||
            __put_user (s.freehigh, &info->freehigh) ||
–           __put_user (s.mem_unit, &info->mem_unit))
+           __put_user (s.mem_unit, &info->mem_unit) ||
+           __put_user (s.threads, &info->threads))
                return -EFAULT;
        return 0;
diff -Naur linux- linux-
— linux-      2008-10-09 03:58:32.000000000 +0100
+++ linux-  2009-03-16 16:20:02.000000000 +0000
@@ -37,6 +37,7 @@
 #include <linux/delay.h>
 #include <linux/tick.h>
 #include <linux/kallsyms.h>
+#include <linux/sched.h>
 #include <asm/uaccess.h>
 #include <asm/unistd.h>
@@ -1166,7 +1167,8 @@
                info->loads[1] = avenrun[1] << (SI_LOAD_SHIFT – FSHIFT);
                info->loads[2] = avenrun[2] << (SI_LOAD_SHIFT – FSHIFT);
–               info->procs = nr_threads;
+               info->procs = nr_processes();
+               info->threads = nr_threads;
        } while (read_seqretry(&xtime_lock, seq));

The Full patch.