The Old New Thing

If you measure something, people will change their behavior to address the measurement and not the thing the measurement is intended to measure

November 16, 2010 Nov 16, 2010 11/16/10

Raymond Chen

We all know that once you start measuring something, people will change the way they behave. We hope that the change is for the better, but that's not always the case, and that's especially true if you are using the metrics as a proxy for something else: People will manipulate the metric without necessarily affecting the thing that your ...

The program running in a console decides what appears in that console

November 15, 2010 Nov 15, 2010 11/15/10

Raymond Chen

James Risto asks, "Is there a way to change the behavior of the CMD.EXE window? I would like to add a status line." The use of the phrase "the CMD.EXE window" is ambiguous. James could be referring to the console itself, or he could be referring to the CMD.EXE progarm. The program running in a console decides what appears in the console. ...

Why does the common file dialog change the current directory?

November 12, 2010 Nov 12, 2010 11/12/10

Raymond Chen

When you change folders in a common file dialog, the common file dialog calls to match the directory you are viewing. (Don't make me bring back the Nitpicker's Corner.) Okay, the first reaction to this is, "What? I didn't know it did that!" This is the other shoe dropping in the story of the curse of the current directory. Now the question...

Using delayload to detect functionality is a security vulnerability

November 11, 2010 Nov 11, 2010 11/11/10

Raymond Chen

We saw last time that your debugging code can be a security vulnerability when you don't control the current directory. A corollary to this is that your delayload code can also be a security vulnerability, for the same reason. When you use the linker's delayload functionality to defer loading a DLL until the first time it is called, the ...

Your debugging code can be a security vulnerability: Loading optional debugging DLLs without a full path

November 10, 2010 Nov 10, 2010 11/10/10

Raymond Chen

Remember, the bad guys don't care that your feature exists just for debugging purposes. If it's there, they will attack it. Consider the following code: When you need to debug the program, you can install the DLL into the application directory. The code above looks for that DLL and if present, gets some function pointers from it. For ...

The curse of the current directory

November 9, 2010 Nov 9, 2010 11/9/10

Raymond Chen

The current directory is both a convenience and a curse. It's a convenience because it saves you a lot of typing and enables the use of relative paths. It's a curse because of everything else. The root cause of this curse is that the Windows NT family of operating systems keeps open a handle to the process's current directory. (Pre-...

Is there any vendor bias in the way the Start menu determines which programs are most frequently used?

November 8, 2010 Nov 8, 2010 11/8/10

Raymond Chen

Chrissy wants to know if there is a bias towards Microsoft products in the selection of most frequently used programs on the Start menu. The only bias is in the initial default MFU list, the one that appears upon a fresh login. In Windows XP, the default Start menu MFU contains six slots. The first three point to Windows applications, ...

The story of MUI, as told by others (with some commentary)

November 4, 2010 Nov 4, 2010 11/4/10

Raymond Chen

First, the story as told by others: Now the question you're all going to ask so I may as well answer it: Why is this information kept in a file instead of being attached to the file itself (say, in an alternate stream)? If it were in an alternate stream, then it would track the file when it was moved or copied. First answer: Because ...