The Old New Thing

"Section 419" scammers arrested in Netherlands; Danish flag flies proudly

Dutch police have arrested 52 people suspected of defrauding gullible Internet users in one of the largest busts of the infamous "Nigerian e-mail" scam. Hooray for the Dutch police. Their next target: Web sites that illustrate a Dutch article with the Danish flag. (I must sheepishly admit that I too mistakenly identified the home of Ikea as ...

Integer overflow in the new[] operator

Integer overflows are becoming a new security attack vector. Mike Howard's article discusses some of the ways you can protect yourself against integer overflow attacks. One attack vector he neglects to mention is integer overflow in the new[] operator. This operator performs an implicit multiplication that is unchecked: If you study the ...
Comments are closed.0 0
Code

Ikea walk-through

Jeff Davis tipped me off to this Ikea walk-through. Frustratingly, the walkthrough doesn't include any cheat codes. Even though Ikea was founded by a Swede, its company colors match the Swedish national colors, all its product names are Swedish, and it is clearly associated with Sweden in the minds of everyone, it is in fact headquartered in...

Another reason not to do anything scary in your DllMain: Inadvertent deadlock

Your DllMain function runs inside the loader lock, one of the few times the OS lets you run code while one of its internal locks is held. This means that you must be extra careful not to violate a lock hierarchy in your DllMain; otherwise, you are asking for a deadlock. (You do have a lock hierarchy in your DLL, right?) The loader lock ...
Comments are closed.0 0
Code

Passenger announcements in the airport

While in Seattle-Tacoma International Airport yesterday, waiting for my flight to eventually be cancelled due to weather, then waiting for a replacement itinerary (um, the weather is the same at the destination; doesn't matter which plane you take), then waiting for the replacement to be cancelled also (wow imagine that), I heard an ...

Some reasons not to do anything scary in your DllMain

As everybody knows by now, you're not supposed to do anything even remotely interesting in your DllMain function. Oleg Lvovitch has written two very good articles about this, one about how things work, and one about what goes wrong when they don't work. Here's another reason not to do anything remotely interesting in your DllMain: It's ...
Comments are closed.0 0
Code

Undermining your own proclamation

I'm pulling for the Mars rovers as much as the next geek, but you still have to scratch your head at the following statement: Charles Elachi, the JPL director, said: "I am completely confident, without any hesitation, that I think we will get that rover back to full operation." So he's absolutely sure that he "thinks" something...

Blog going on autopilot for a while

I will be out of town for a few weeks, so I have set my blog on autopilot. There will still be an article every weekday at 7am Pacific time (assuming the autopilot machine doesn't suffer a power outage or something), but I won't be around (much) to respond to comments...