Microsoft has introduced the MSIX packaging format, the successor of the MSI. The format is also being open sourced to spur innovation. This is the recommended format for UWP applications. Windows 10 version 1809 or later is required (as well as admin privileges on your machine). More information on the various types of packages can be found here.
Saturday 1 December 2018
Monday 1 October 2018
Projections, Projections Everywhere - C++17 comes to Town
In a nutshell.
- C++/CX ("component extensions") are extensions to C++ to create Windows Runtime (WinRT) applications in as native a C++ style as possible
- C++/WinRT is the recommended alternative to interacting with WinRT (available in the Windows 10 SDK from version 1803 onwards) and is C++17 language compatible
- Projections are thee new name for bindings
Roughly speaking, WinRT is the Win32 API ported from C to C++, with a whole load of new stuff for Windows 10 and beyond.
Developing for the Surface Requires Embracing UWP
If you need to develop applications for the Surface, start learning the UWP API. These are for UWP (Universal Windows Platform) applications on Windows 10.
Friday 28 September 2018
Let's Talk Octets Baby, Let's Talk About IRC
Let's talk octets baby
Let's talk about IRC
Let's about text communication
And Application
Layer Protocols
Let's use TCP
And TLS optionally
Let's use client server
Networking models
Layer 7 OSI
Does not stop decline
But bucking this trend
Is Freenode
Freenode is an IRC network used to discuss peer-related projects. It was formerly known as the Open Projects Network.
Protocol details are available on the IETF website. From there you will learn that IRC is an 8 bit protocol (made up of octets, which in some cases, can be control codes).
Let's talk about IRC
Let's about text communication
And Application
Layer Protocols
Let's use TCP
And TLS optionally
Let's use client server
Networking models
Layer 7 OSI
Does not stop decline
But bucking this trend
Is Freenode
Freenode is an IRC network used to discuss peer-related projects. It was formerly known as the Open Projects Network.
Protocol details are available on the IETF website. From there you will learn that IRC is an 8 bit protocol (made up of octets, which in some cases, can be control codes).
VLC Media Player - Free Software Can Change the Windows World
VLC Media Player is a free and open source cross-platform media player that plays most multimedia files as well as DVDs, Audio CDs and various streaming protocols. It started off as a student project at École Centrale Paris.
Turning off Cortana
Cortana is a memory hog in Windows 10.
55MB is the norm which is sizable, next only to a web browsers in memory usage, however this is memory lost when the computer is idle so double wastage. Hovering over the Windows search bar, Right Click -> select Cortana -> Hidden, will make the search box disappear but Cortana will still be running. In fact, not just Cortana, but Cortana and "Runtime Broker" (potentially also Cortana Background Task Host).
Cortana is removed from Windows 10 Education editions including Windows 10 Education and Windows 10 Pro Education.
55MB is the norm which is sizable, next only to a web browsers in memory usage, however this is memory lost when the computer is idle so double wastage. Hovering over the Windows search bar, Right Click -> select Cortana -> Hidden, will make the search box disappear but Cortana will still be running. In fact, not just Cortana, but Cortana and "Runtime Broker" (potentially also Cortana Background Task Host).
Cortana is removed from Windows 10 Education editions including Windows 10 Education and Windows 10 Pro Education.
Thursday 13 September 2018
Azure Vendor Partnerships
Azure has a bunch of vendor partnerships that punters can exploit. Examples include:
- Symantec Endpoint Protection (SEP) on VM
- Trend Micro's Deep Security and SecureCloud
Tuesday 11 September 2018
AutoScaling in the Cloud - Like Load Balancing, But Different
Autoscaling allows scalability in the cloud by allocating the "right" number of active servers for a given "load". There is also a resiliency element as loss of capacity due to application or hardware failure can be compensated by autoscaling.
Companies like Netflix use autoscaling features in AWS EC2 (Elastic Compute Cloud) - note: autoscaling was officially added to EC2 in May 2009. Netflix declared a policy of aggressive scale-up and cautious scale-down had the optimal effect. In 2013, Microsoft announced addition of autoscaling to Azure.
Companies like Netflix use autoscaling features in AWS EC2 (Elastic Compute Cloud) - note: autoscaling was officially added to EC2 in May 2009. Netflix declared a policy of aggressive scale-up and cautious scale-down had the optimal effect. In 2013, Microsoft announced addition of autoscaling to Azure.
Securing Azure - A Multifaceted Problem
The following guide gives many dimensions to consider when securing an Azure environment.
At the storage level, Azure Storage supports the use of Azure Active Directory and role-based access control (RBAC).
At the storage level, Azure Storage supports the use of Azure Active Directory and role-based access control (RBAC).
Storage service encryption means data at rest is protected.
The OS disk used by virtual machines can in turn be secured via Azure Disk Encryption (ADE). ADE has no specific additional costs, but there is a cost for putting keys in the Azure key vault.
Servicing data subject requests (DSRs) in the context of EU GDPR, in the context of a secure Azure environment, is detailed here.
Servicing data subject requests (DSRs) in the context of EU GDPR, in the context of a secure Azure environment, is detailed here.
What is Service Host: Microsoft Passport Container in Task Manager?
Microsoft Passport Container is a Win32 service. It manages identity keys to authenticate users to identity providers as well as TPM virtual smart cards. It runs in a shared process of svchost.exe.
Background to TPM:
TPM or Trusted Platform Module was created by an industry consortium called Trusted Computing Group (TCG) and standardized by ISO and IEC in 2009.
Microsoft Passport provides two-factor authentication (often abbreviated 2FA) and also known as multifactor authentication. This adds an extra layer of security when you log in to an account , such as a mobile phone code/OTP, or some piece of information only the user knows.
Background to TPM:
TPM or Trusted Platform Module was created by an industry consortium called Trusted Computing Group (TCG) and standardized by ISO and IEC in 2009.
Microsoft Passport provides two-factor authentication (often abbreviated 2FA) and also known as multifactor authentication. This adds an extra layer of security when you log in to an account , such as a mobile phone code/OTP, or some piece of information only the user knows.
Saturday 8 September 2018
What is the COM Surrogate in Task Manager?
The COM surrogate (dllhost.exe) runs risky code inside it, so the surrogate crashes instead of Explorer. To understand the COM surrogate, it's important to understand DLL surrogates.
Using C# to Process Open XML Format Documents
To open up and process DOCX format Word documents you need the Open XML SDK, currently on Version 2.0. It is built on System.IO.Packaging. The SDK uses LINQ technology to provide strongly typed object access to the XML content in the Word doc.
Changing the Atmosphere of Office 365 - Alt FD
The default Office Theme is "Colorful". To change to a more serious, focused tone, select "Black". (The theme change can be accessed via Alt-FD - (File, Account)).
Finding out Version of Word and Excel in Office 365
How do you find out what version of Word or Excel you are using in Office 365?
The old, traditional Help->Version menu accelerators no longer work. The model of old is broken.
In the new world, go to File and then Account. All version information will be provided to you there.
The old, traditional Help->Version menu accelerators no longer work. The model of old is broken.
In the new world, go to File and then Account. All version information will be provided to you there.
Understanding Microsoft Word's XML Formats
MS Word has various options for saving documents as XML and other open/semi-open formats.
Let's look at them.
Let's look at them.
- Microsoft XPS - XPS Document (*.xps). XPS stands for XML Paper Specification. It can describe single page and multi page documents, similar to PDF. The key difference is XPS is tightly linked to the Windows operating system (since Vista - worldwide release January 2007). XAML (language used to describe Windows graphic elements) is a superset of XPS.
Tuesday 4 September 2018
Databases for Windows Developers - A Nod to SIGMOD
SIGMOD is the ACM Special Interest Group on Management of Data. PODS is an associated conference (Symposium on Principles of Database Systems) which has a best paper award each year.
Thursday 26 July 2018
Google Breakpad - Now on a Windows Desktop Near You
Breakpad is a library and tooling for creating crash dumps ("minidumps") and produce C/C++ stack traces from these dumps. It is used by Google Chrome, Firefox, Google Picasa, Google Earth and more.
Wednesday 16 May 2018
Tuesday 15 May 2018
Minimalist guide to git
What is git clone?
git clone will clone a repository into a newly created directory.
git clone will clone a repository into a newly created directory.
Wednesday 9 May 2018
WinJoe's Guide to (E)nginx
nginx ("Engine-X") is an HTTP and reverse proxy server (used by Dropbox, Netflix and Zynga).
What is a reverse proxy server I hear you cry?
A reverse proxy typically sits behind the firewall and routes requests to internal servers (thereby potentially acting as "traffic cop" to external traffic).
Unsurprisingly, load balancing is one of its main applications. They can also reduce network traffic by compressing inbound and outbound data (this is sometimes remarked very untechnically in marketing as "web acceleration") as well as caching frequently requested content.
The RP can also add to your security defence.
nginx is written by Igor Sysoev.
It can also do generic proxying of TCP and UDP requests.
What is a reverse proxy server I hear you cry?
A reverse proxy typically sits behind the firewall and routes requests to internal servers (thereby potentially acting as "traffic cop" to external traffic).
Unsurprisingly, load balancing is one of its main applications. They can also reduce network traffic by compressing inbound and outbound data (this is sometimes remarked very untechnically in marketing as "web acceleration") as well as caching frequently requested content.
The RP can also add to your security defence.
nginx is written by Igor Sysoev.
It can also do generic proxying of TCP and UDP requests.
Docker for Windows
Docker for Windows has a download size of around 374 MB for the Community Edition (aka Docker CE). The rival edition is Docker EE (Enterprise Edition). Added features of EE include security scanning of application images as well as vendor-certified plug-ins for example from networking and storage vendors. It requires Windows 10 Pro or Enterprise Version 14393 or Windows Server 2016 RTM to run.
Thursday 3 May 2018
Object.GetHashCode
GetHashCode is a virtual (overridable) function that returns an int (System.Int32). It is used to identify an object in a hash-based collection (Dictionary). A hash code is not a permanent value; it should not be serialized or stored in databases. They should not be sent across app domains or processes. A hash code can be negative.
Tuesday 24 April 2018
Calling a Base Class Constructor in C#
To call a base class constructor in a derived class in C#, define the constructor in the subclass and use the syntax :base after the signature to invoke the base class constructor.
Naming Conventions for Abstract Classes in C#
Unlike with interfaces which tend to begin with a capital I, abstract classes have no such convention in C#.
(A famous example of prefix I usage "in the field" is the ubiquitous IEnumerable in System.Collections).
Some possible conventions that can be used (though some people oppose any prefix or suffix) -
Abstract classes cannot be sealed and they cannot be private, for obvious reasons. Abstract members cannot be labelled virtual as they are implicitly virtual. Also an abstract member cannot be static - perhaps less obvious.
(A famous example of prefix I usage "in the field" is the ubiquitous IEnumerable in System.Collections).
Some possible conventions that can be used (though some people oppose any prefix or suffix) -
- Prefix : Abstract
- Suffix: Base
Abstract classes cannot be sealed and they cannot be private, for obvious reasons. Abstract members cannot be labelled virtual as they are implicitly virtual. Also an abstract member cannot be static - perhaps less obvious.
The internal keyword in C#
Internal types are only available in files in the same assembly (they have "assembly scope"). An example, would be an internal interface used to template for some specific classes used in the assembly.
Saturday 24 March 2018
Friday 23 March 2018
The End of Special Sequences - Removal of Trigraphs in C++17
A trigraph is a three-character sequence interpreted as a single character, as per a programming language's specification. (Digraph is a similar concept for two-character sequences).
Keyboard limitations spurred their use i.e. lack of sufficient buttons to encompass the full character set of a language.
The concept of trigraph was initially invented by the ANSI C committee. IBM have historically opposed the removal of trigraphs from C++.
Keyboard limitations spurred their use i.e. lack of sufficient buttons to encompass the full character set of a language.
The concept of trigraph was initially invented by the ANSI C committee. IBM have historically opposed the removal of trigraphs from C++.
Friday 9 March 2018
A Review of SSL/TLS - Preventing POODLE Attacks (Revealed by Google in 2014)
WJ has talked about this before in the context of IIS but it's always good to revise basic security concepts pertinent to the Windows world. These concepts are becoming increasingly important as programmers are expected to become more cyber-conscious.
SSL is the (now largely legacy) Secure Sockets Layer created in the mid 1990s (the first public version was released in 1995), designed for cryptographically secure data transport (now known not to be so secure). It is technically prohibited by the IETF. The first version was pioneered by Netscape.
TLS is the successor for SSL.
TLS is recommended above SSL due to the POODLE attack (impacting SSLv3) discovered by Google researchers (and publicised October 2014, when SSLv3 was already nearly 18 years old) allowing padding data at the end of the block cipher to be exploited, to iteratively degrade security. It also exploits the tendency of browsers to fall back on earlier protocols when connections fail.
The follow on recommendation was to advise against use of SSLv3.
The POODLE attack is an abbreviation for "Padding Oracle on Downgraded Legacy Encryption" and is a man-in-the-middle exploit.
Padding oracle attacks are associated with block ciphers, which encrypt information in blocks, and may incorporate "padding bits". The attack relies on the presence of a "padding oracle" that responds to answer whether a cryptographic message is correctly padded or not.
Some random facts on TLS, what it stands for etc.
TLS (Version 1.0) was first defined in January 1999. Tim Dierks is one of the original authors.
SSL is the (now largely legacy) Secure Sockets Layer created in the mid 1990s (the first public version was released in 1995), designed for cryptographically secure data transport (now known not to be so secure). It is technically prohibited by the IETF. The first version was pioneered by Netscape.
TLS is the successor for SSL.
TLS is recommended above SSL due to the POODLE attack (impacting SSLv3) discovered by Google researchers (and publicised October 2014, when SSLv3 was already nearly 18 years old) allowing padding data at the end of the block cipher to be exploited, to iteratively degrade security. It also exploits the tendency of browsers to fall back on earlier protocols when connections fail.
The follow on recommendation was to advise against use of SSLv3.
The POODLE attack is an abbreviation for "Padding Oracle on Downgraded Legacy Encryption" and is a man-in-the-middle exploit.
Padding oracle attacks are associated with block ciphers, which encrypt information in blocks, and may incorporate "padding bits". The attack relies on the presence of a "padding oracle" that responds to answer whether a cryptographic message is correctly padded or not.
Some random facts on TLS, what it stands for etc.
TLS (Version 1.0) was first defined in January 1999. Tim Dierks is one of the original authors.
Monday 26 February 2018
Subscribe to:
Posts (Atom)