There are a variety of message digest algorithms out there, MD5 being a particularly popular one. These generate a "message digest" (essentially, a hash) so you can detect whether somebody has tampered with a file, the theory being that it's hard to tamper with a file without changing its hash. But make sure you record the file size as well as t...
When do you put "..." after a button or menu? For example, some menus say "Save as..." and some buttons say "Customize...". What is the rule for dots? Many people believe that the rule for dots is "If it's going to display a dialog, then you need dots." This is a misapprehension. The rules are spelled out in the Windows User Interface D...
When you're displaying a menu item or a dialog option, and the option is not available, you can either disable it or you can remove it. What is the rule for deciding which one to do? Experiments have shown that if something is shown but disabled, users expect that they will be able to get it enabled if they tinker around enough. So leave a...
The commentary after my entry on taskbar grouping drifted into people asking for still more features in taskbar grouping. Writing the code is the easy part. Designing a feature is hard. You have several audiences to consider. It's not just about the alpha geeks; you have to worry about the grandmothers, the office workers, the IT dep...
As if there isn't enough to worry about. Everyone knows about the dangers of open SMTP relays. But how many people realize the dangers of an open HTTP relay? Many web sites do arbitrary redirection. If I were a spammer, I could create a link to myself that redirects through some well-known web sites, thereby granting my spam link false aut...
Hereby incorporating by reference Junfeng Zhang's discussion of the Image File Execution Options registry key.
A three line VB script will disable your firewall. The advantage of scripting is that you can control so many things with just a few lines of code. The disadvantage of scripting is that bad people can control so many things with just a few lines of code. I wonder how long it will be before there's a virus that disables the firewall.
Okay I know I'm going to get into a lot of trouble for even bringing up this topic... This past weekend, Ulf Harnhammar discovered two buffer overflow and two directory traversal vulnerabilities in LHA, a library of data compression functions. Since the code for this is public, it has been copied all over the place. At least one commerc...
Follow-up question to Where does the taskbar get grouped button titles from?: Where does the taskbar get grouped button icons from? The icon for grouped taskbar buttons comes from the icon for the underlying EXE, the same icon that appears when you open the folder that the EXE resides in and scroll down to the EXE. For example, if you ha...
During the development of Windows 95, a placeholder dialog was added with the title, "In order to demonstrate our superior intellect, we will now ask you a question you cannot answer." The dialog itself asked a technical question that you need a brain the size of a planet in order to answer. (Okay, your brain didn't need to be quite ...
