That’s right.  The most powerful piece of software that could ever be made!  It’s a command line program.  You type in machine code instructions and it executes them!  This program can literally do anything a computer can be programmed to do.  Here’s a nifty screen shot:

This exciting instruction moves the value of 2 in 32-bit to the EAX register in preparation to calculate 2+2.

All you have to do to use it is learn hexadecimal, memorize the entire binary instruction set for your computer’s processor, and spend months typing in a few hundred million instructions before it does anything useful.

Ok, so I didn’t really make a program like this.  But the point is I could, and it would only take me a day or two.  And it would literally be, by definition, the most powerful and flexible program ever made, but it is obviously impractical.  And if you can write machine code in hexadecimal, you might as well save it as an .exe file and execute it directly.

The reason I’m talking about this is to illustrate a point about software that is actually not that far from being as absurd as the above program.  I have found that software that is regarded as “powerful” and “flexible”, but is archaically impractical due to its lack of a good user interface and requirement to learn custom command syntax and edit configuration files that have their own custom syntax, far outnumbers software that is both powerful and intuitively easy to use.

I think there is something seriously wrong when the thought “You know, I could write a better program to do this that would be much more practical to use in about half the time I have already spent trying to figure this program out” crosses my mind when I try most programs, especially open-source or freeware programs.  To me, saving time has always been one of the primary purposes of software, if not the primary purpose.  A program that takes more time to learn than it would take to write defeats the whole purpose of software, because it wastes time.  And haven’t we moved out of the stone age of command prompts and editing INI files?  I thought we transitioned into the realm of flexible, informative, intuitive graphical interfaces ages ago.

Is it too much to ask that a program come standard with an intuitive, time-saving, simple yet powerful graphical user interface?

But what’s wrong with a command prompt?  Don’t get me wrong, I love a good command prompt from time to time.  I use PowerShell just about every day for various things, because it’s a good alternative to coding an entire program from scratch that you’re only going to use once or twice.  But the problem with command lines and configuration files is that it is difficult if not impossible to make them intuitive.  Now since “intuitive” can be a rather vague term, let me define what I mean by it with regard to software: A user interface is intuitive if it can be easily learned by a user without instruction of any kind.  That instruction includes, but is not limited to, verbal instruction or written instruction from books, the internet, help files, or the program itself.  The instruction does not include information related to the software’s domain.  For instance, it is reasonable that a person using a VPN server or client would need to know something about VPNs (the software’s domain), but given that he or she knows about VPNs, how to use the software to set up a VPN server or connect to one should be self-evident, not requiring instruction or research.

But how could that be accomplished via command prompt?  The program could give initial instructions when you first start it, but no matter what it would be inherently limited in its ability to self-evidence its use.  Asking the user to know through intuition what commands to enter with what syntax is like asking someone to enter somebody else’s password in.  There’s a reason passwords are used for security, because it is inherently difficult to know through intuition what to type in.  What if our security mechanism was to put a button on the screen somewhere that said “Let me in” and the user had to just know to click that button?  That would not be secure, because it would be ridiculously easy to figure out.  That’s what a graphical user interface does.  It makes things, by comparison, ridiculously evident.  A program displays all its options in front of you.  You don’t have to know what command to enter or even what command displays a list of available commands.  The information can be organized in any way that makes sense for the given domain.

As the phrase goes: “A picture says a thousand words.”  And the great thing about that picture is that you get the sense of it after glancing at it for a second, while it would take minutes to read a thousand words.  (Actually, this post is about exactly one thousand words.  If only there was a picture to convey the importance of user interfaces so people wouldn’t have to read my thousand-word post…)  While I’m not promoting fancy, stylish graphics, a functional graphical interface can communicate so much more information in much less time due to its graphical nature.

“But I don’t like making user interfaces.  I make great back-end code and I like to focus on that.”  Congratulations, you’ve made what we developers call a “class library”.  Find somebody who makes good user interfaces to make a front-end to use your library.  Then you’ll have a complete program.  Some people think the user interface is like the paint and polish on a car—it just makes it look pretty.  But a program without a user interface is actually like a car without a steering wheel, pedals, or other controls of any kind!  It’s of no use to the driver without the interface components.

The user interface is an intrinsic part of a complete and useful program, and it both requires and deserves as much attention as the other pieces.

Back in the day, we used to have to keep track of all the dynamically allocated objects and arrays we created and make sure they eventually get deallocated or we’d have memory leaks all over the place.  But so-called “managed” programming frameworks like .NET did away with that.  Now all we have to do is forget about the object and the garbage collector will magically detect it is no longer being used and reclaim the memory it was using—all transparently behind the scenes.

Or so the theory goes…

I actually ran into a scenario recently, though, where the garbage collector just didn’t cut it.  The objects were “forgotten” (meaning no strong references to them existed anymore) yet the memory used by the application would continue to rise as new objects were created in their place, almost as if there were a memory leak.  Here’s a short description of my application:

My Application

It’s actually a quasi-personal project.  What happened was at work one day, for some unknown reason, our internet was going insanely slow.  We could tell by our network appliance that it was because we were using all our bandwidth, but we had no way of knowing who or what was using it.  There was a sense of urgency to find out, since it was hindering people’s work.

Meanwhile, one of my personal projects involved using sockets to sniff packets to spy on network activity.  So I got an idea.  I quickly wrote a program using my packet sniffing code to calculate how much bandwidth each IP address on the network was using.  Then I hooked up an old network hub (not a switch or router, a hub, because it repeats all traffic to all ports) in series with one of the physical network cables that all the internet traffic was going through, and hooked up my work computer to that hub.  With all the internet traffic being forwarded to my machine, I used my software to determine which computer was using the bandwidth.

After those events, my boss expressed a desire for a long-term solution that could be used if that scenario ever happened again, although he never officially assigned me to work on it, and since it is based on code from a personal project, that is why I call it quasi-personal.  In any case, since then we added a second network adapter to our development server and configured the network switch to “mirror” the port going to the network appliance allowing us to do packet analysis on a long-term basis.

However, my software was in great need of improvement.  Up until that point, it was just a class library that I was invoking using PowerShell with no user interface of its own.  My vision for it was simple: Something like Task Manager’s processes tab where there’s a list of IP addresses and the bandwidth usage of each and you can sort by one of the columns and it will update the sort order periodically.

So that is my application.  A simple network traffic usage monitor.

Why does it need so much memory?

This is one of those things that seems like it should be easy, but it is in fact much more involved to implement.  The application needs to process every single packet traveling across the network.  For each packet, it needs to store information about it for a time in a buffer and categorize it by IP address.

The problem has to do with the objects that are created when a new IP address is encountered.  At first, just to get it working, I did not implement any logic to “forget” these objects once the address is no longer active on the network.  I knew this would have to be implemented eventually, though.  Before implementing this, after a 24 hour period, the application was using gigabytes of memory!  So I implemented the logic to remove objects related to addresses that have been inactive over a configurable period of time.  This improved things drastically.  But I used a PowerShell script to log the CPU and memory usage of the program on a minute-to-minute basis, and I noticed a disturbing trend:

Those areas of higher CPU usage are during business hours when network activity is higher.  You’ll notice during those periods the memory usage rises significantly, which is to be expected.  But it does not fall completely afterward!  Instead, it continues to climb higher and higher over time instead of remaining about the same.  It’s over 300MB after 3 days, when it started out around 50MB.

So what’s the deal?  My program was properly forgetting the objects.  Why wasn’t the garbage collector working its magic?  Well, the other peculiar thing about this chart, is that the CPU usage is never much below 10%.  This makes sense, because it is constantly processing network packets.  It never gets a break.

I wish I could remember the article I read on .NET garbage collection so I could link to it.  But in any case, the reason this is significant is this: The garbage collector needs to move objects around in memory in order to reclaim memory.  Thus, it would be dangerous to have any other thread in the program running while this takes place.  So the garbage collector actually freezes every thread in the program (except its own, of course) while it does its collection magic.  Because of this, it is designed to wait for a convenient time to run; namely, when the program is fairly idle.  However, as you can see above, this never really happens with this program.  As a result, the garbage collector runs much less frequently in this scenario.  Those sharp decreases in memory usage in the chart are likely when the garbage collector runs, and as you can see, they are hours apart.  The garbage collector also does not check every object every time it runs.  It uses an algorithm based on the age of an object to determine the likelihood that it needs to be collected.  The less frequently the garbage collector runs, then, the worse it is at reclaiming the majority of unreachable objects.

What’s the solution?

Well, the first thing that comes to mind is the Collect method of System.GC, which forces a collection to take place.  But there is a reason the garbage collector normally does not want to run when the application is busy.  It could adversely affect performance—in this case, the program’s ability to process every packet on the network.  Some might be skipped because the thread was frozen when the event took place.

Now I know many of you will cringe when you read this, but I implemented recyclable managed objects.  Here’s the code:

public interface IRecyclable
{
    bool Recycle();
    void Reclaim();
} 

// NOTE: This is simplified code.  See below for an improved version. 

public class RecycleBin<T>
    where T : class, IRecyclable
{
    private Queue<WeakReference> _Queue; 

    public RecycleBin()
    {
        _Queue = new Queue<WeakReference>();
    } 

    public void Recycle(T @object)
    {
        if (@object.Recycle())
        {
            _Queue.Enqueue(new WeakReference(@object));
        }
    } 

    public T Reclaim()
    {
        T @object = null; 

        while (_Queue.Count > 0)
        {
            WeakReference reference = _Queue.Dequeue();
            if (reference.IsAlive)
            {
                @object = (T)(reference.Target);
                break;
            }
        } 

        if (@object != null)
        {
            @object.Reclaim();
        } 

        return @object;
    }
}

First is a simple interface called IRecyclable that defines two methods: Recycle, which notifies the object that it is being recycled allowing it to release any resources that are not reusable and returns a boolean indicating whether or not it should be recycled in its current state, and Reclaim, which indicates that the object is being reclaimed and should be put into a usable state.

The RecycleBin class then implements the recycling logic.  You’ll notice that it keeps weak references to recycled objects.  This way, if the garbage collector does run, it will collect the recycled objects.  The RecycleBin class, then, will only reclaim recycled objects if they haven’t been collected.  Thus, it works in harmony with the garbage collector.

The idea is that the recycle bin is checked for a reusable object before a new one is created.  Therefore, between garbage collections, objects are reused if possible instead of creating new ones.

Now before you bash me too much for going against the core principles of managed code, check out this chart:

Although the scale could be reduced significantly to offer more detail, I kept it the same as the above chart to illustrate the improvement.  Where the former code reached close to the top of the chart at over 300MB, this code peaks at about 30MB, and it does not continue to rise over time.  Note that no other code was changed between the gathering of these two data sets than the use of the above recycling code to reuse the objects that handle a given IP address.  Interestingly, the CPU usage is also significantly lower, especially during the periods of low network usage.  This is presumably because there is less allocation of new objects taking place, and the garbage collector has less objects to analyze, less memory to reclaim, less objects to move around, etc.

Improvements

I since made a few improvements to the above code, although they were not running when the above data was gathered.  First, I replaced WeakReference with GCHandle.  WeakReference uses GCHandle internally to do its thing, but WeakReference is a reference type, which allocates memory and requires garbage collection to a small extent defeating the purpose of recycling, whereas GCHandle is a value type, so its data would be stored within the queue object’s array and wouldn’t require reclamation by the garbage collector as long as the queue is in use.  However, this also means each handle has to be manually freed when it is no longer needed.  Also, I added to the IRecyclable interface allowing objects to determine whether they are referring to the same incarnation of the object.

public interface IRecyclable
{
    int RecycleGeneration { get; }
    bool IsRecycled { get; } 

    bool Recycle();
    void Reclaim();
} 

public sealed class RecycleBin<T> : IDisposable
    where T : class, IRecyclable
{
    private Queue<GCHandle> _Queue; 

    private bool _IsDisposed; 

    public RecycleBin()
    {
        _Queue = new Queue<GCHandle>();
    } 

    public void Dispose()
    {
        if (!_IsDisposed)
        {
            while (_Queue.Count > 0)
            {
                GCHandle handle = _Queue.Dequeue();
                if (handle.IsAllocated)
                {
                    handle.Free();
                }
            } 

            _IsDisposed = true;
        }
    } 

    ~RecycleBin()
    {
        Dispose();
    } 

    public void Recycle(T @object)
    {
        CheckDisposed(); 

        if (@object.Recycle())
        {
            _Queue.Enqueue(GCHandle.Alloc(@object, GCHandleType.Weak));
        }
    } 

    public T Reclaim()
    {
        CheckDisposed(); 

        T @object = null;
        while (_Queue.Count > 0)
        {
            GCHandle handle = _Queue.Dequeue();
            if (handle.IsAllocated)
            {
                @object = (T)(handle.Target); 

                handle.Free(); 

                if (@object != null)
                {
                    break;
                }
            }
        } 

        if (@object != null)
        {
            @object.Reclaim();
        } 

        return @object;
    } 

    private void CheckDisposed()
    {
        if (_IsDisposed) throw new InvalidOperationException("Object is disposed.");
    }
}

Problems

I am not advocating this solution, however.  I know it is wrought with problems.  First of all, there is no way to know whether all references to the recyclable object have been released before the object is recycled.  Therefore, a reference could be kept somewhere which would then refer to an object whose normally immutable properties have changed.  This could wreak havoc on a lot of common design patterns.  If only .NET gave us more flexibility when it comes to memory management instead of implementing it for us in a completely fixed and unconfigurable way.  In any case, though, this solution did manage to work wonders in my application…

I found a great post about how the skills that make us great programmers make us lousy communicators. lol.  Check it out here: http://www.secretgeek.net/program_communicate_4reasons.asp

I knew this day would come.  The day I forget the "where" clause of an SQL delete or update statement and delete or update every row in a table.  Here's the code I used:

update tblNCM
set CLOSED = 0, CLOSED_BY = null, CLOSED_DATE = null

Imagine my dismay when SQL Server Management Studio reported that this statement affected 970 rows!!  Here's what I meant to put:

update tblNCM
set CLOSED = 0, CLOSED_BY = null, CLOSED_DATE = null
where NCM_NO = 980

Yes, this was only supposed to affect one row.  So I inadvertently re-opened all of our NCMs and deleted all the closed by and closed date values.  Great.  All I have to say now is thank God for backups!  In this case, it might have cost me my job!  But, within 20 minutes I was able to restore yesterday's backup to a temporary database, copy all of yesterday's values, and check the change log for any NCMs that were closed since yesterday.  Whew!!  In any case, though, the real issue here is that it is too easy to affect every row in SQL.  For select statements, that's ok.  It doesn't cause any damage to select every row.  But had I designed SQL, I would have made it so you would have to explicitly indicate that every row is intended with update and delete statements instead of assuming it when the where clause is missing.  Something like:

update all MyTable
set MyField = 'Value'

Or, even better from a programmer's mindset, make the where clause required:

update MyTable
set MyField = 'Value'
where true

Ok, ok, so "true" isn't exactly an SQL keyword, but it looks so much better than "where 1"...  In any case, I've never liked the SQL language as a language.  This is just one reason why.  It does not communicate intent very well.  For instance, look at my first code snippet above.  How well does that communicate that you intend to update every row?  From the way it looks to me, it seems like CLOSED, CLOSED_BY, and CLOSED_DATE would be scalar variables.  In any other programming language, when you put "set CLOSED = 0", CLOSED is a single variable with a single value.  There is no loop indicated in the language that would iterate every row and update multiple variables.  But when you say "where" afterward, then it implies that changes are made in possibly more than one place.  Omitting the "where" clause omits the part that implies that multiple rows are affected; therefore, the statement doesn't make sense.

"But I'm a lazy programmer," you might say, "and I don't want to have to write 'where true' every time I want to update or delete every row."  What, though, really, is more important?  Saving a few keystrokes?  Or avoiding a situation where a small oversight on your part could cost you your job during a time of economic hardship?  Or, from a less selfish standpoint, avoiding data loss, lost work, potential bugs, etc.?  Fortunately, we do daily backups.  But what if this was a database that was updated thousands of times a day?  Everyone's work on a particular table that day could potentially be lost because of a minor mistake.  Ugh.

For those of you who don't already know, Windows PowerShell is a command shell that pipes .NET objects between commands instead of text.  You can use it to directly create and manipulate full-fledged .NET objects with the entire .NET Framework at your disposal.  It's sort of like a live .NET programming language where your statements are executed line by line as you type them.

So I was writing a class library and got to a point where I wanted to test it.  I could have written a small test application or a unit testing project, but it occurred to me:  What if I just used PowerShell?

Working with your class library in PowerShell

As far as I know, PowerShell doesn't have any Cmdlets or other mechanism specifically for loading external libraries.  But, it doesn't need one!  Remember, you have the entire .NET Framework at your disposal.  A simple call to the System.Reflection.Assembly class will do the trick.

[Reflection.Assembly]::LoadFrom("MyLibrary.dll")

You could capture the resulting Assembly object in a PowerShell variable if you want, but all that is needed is to load it into the application domain of PowerShell, which is exactly what this method does.  Now that it's loaded, you can access your types the same way you otherwise would in PowerShell:

[MyNamespace.MyClass]::MyStaticMethod()
$obj = New-Object "MyNamespace.MyClass"

Setting up Visual Studio

Of course we want to easily start debugging by pressing the "Play" button, and we want Visual Studio to be able to pick up breakpoints and detect exceptions.  Also, we want some PowerShell commands to be executed automatically every time, such as the one that loads the library and possibly some that instantiate some test objects for you.  I opted to create a PowerShell script file in the project folder called "Debug.ps1".  Setting the project's properties in Visual Studio to get it to work, though, was tricky.

Under the Debug tab in the properties for the class library project, select the "Start external program" option.  Browse for powershell.exe.

Now for the command line arguments.  Here's what I used:

-noexit -command . ..\..\debug.ps1

First, "-noexit" specifies that PowerShell is not to exit after the command is executed.  We want this so that we can type our own commands after the initial script is executed.  Second, "-command" specifies that the rest of the command line arguments is actually a command to be executed.  The command is ". ..\..\debug.ps1".  However, if you use quotes, it will think the quotes are part of the command which will make it simply think it's a string, not code to execute.  The initial dot is there so that the script is "dot-sourced".  "Dot-sourcing" a script means that it executes in the current runspace instead of a new one.  This way, any variables set by the script will be preserved so they can be used afterward.  Finally, if you don't specify a working directory, Visual Studio defaults to the output directory for the project.  I kept it this way in case the project is copied to a different directory; for example, if it were added to source control and someone downloaded it to a different local directory.  So to reference the script that exists in the project directory, I used "..\..\" since the current directory is in \bin\Debug inside the project directory.

Here's an example of what your debug.ps1 script might look like:

# Since the current directory is the output directory for the project, simply pass in the name of the DLL file:
$assembly = [Reflection.Assembly]::LoadFrom("MyLibrary.dll")

# Here's how to create an object using a constructor with two arguments:
$testObj = New-Object "MyNamespace.MyClass" -arguments "First argument.", "Second argument."

And as I mentioned before, since the script is "dot-sourced", the variables $assembly and $testObj will remain after the script is done executing.  Also, if you haven't tried to run scripts in PowerShell yet, you might run into a security issue.  Simply type "set-executionpolicy RemoteSigned" into PowerShell to allow unsigned local scripts to execute.

You ever get those e-mails?  You know, the typical ones people get and forward on to all their friends.  They are usually reminding you to tell your friends how much you care (no doubt by forwarding that e-mail to them) or reminding you to stop and smell the roses, etc., etc.  Some even call for some kind of action on your part, which may seem harmless.  But they always end with an appeal to forward it to all your friends.  I've seen my share of superstitious ones, like "if you don't send this to X number of people, something bad will happen to you."  But today I saw an interesting one:

"FORWARDED E-MAILS ARE TRACKED TO OBTAIN THE TOTAL COUNT."

Tracked???  Hahaha, let me tell you as a software developer--one who is familiar with the protocols, etc. used for e-mail and how it is transmitted:  The former superstitious claim is actually more likely of being true! Lol!  E-mail technology does not permit a person to track if a sent message is forwarded.  Transmission is handled by the e-mail server responsible for the domain of the sending e-mail account, which would be different for each person forwarding the e-mail.  I hate to burst your bubble, but the only feasible way a person could do such tracking is to include a virus in the e-mail.  I checked, and there was no virus in the aforementioned e-mail, but wouldn't that be an effective means to distribute a virus?  Imagine that!  Hundreds of unsuspecting (not to mention gullible) people unknowingly e-mailing viruses to their friends!  All under the guise of showing them how much they care...  How ironic.

Besides, isn't the whole concept silly, really?  "Oh! You received a forwarded e-mail explaining someone else's feelings and took a few seconds of your time to pick my name out of a list in order to forward me this message that you didn't even write and thus add it to my junk mail.  I'm so touched."  It's one thing if it's something amusing that you decided out of your own want to forward to me because you thought I would personally appreciate it.  But here's a clue: If you want to show me how much you care, open up a new e-mail addressed to me and tell me!  Lol.  That's right, a spontaneous personal e-mail in your own words from you to me.  Now that's something I can appreciate, and I may even find it touching.

But what about the ones that guilt you into forwarding?  "Don't you care enough to forward this e-mail??"  For all you know, it could be a virus; don't you care enough not to?  Besides, is your friend really going to be upset that you didn't forward him an e-mail he never even knew about?  And is the original sender going to be upset that you didn't forward the e-mail when they don't even know you received the e-mail in the first place?  Much less whether or not you forwarded it?  I say take the hint and tell your friend how you feel, but in your own words and in your own way.

So in conclusion:  Forwarded chain e-mails cannot be tracked.  No one will ever know the extent of how widely it was distributed.  Furthermore, there is no chain-mail deity that rewards people for forwarding chain e-mails and punishes them for not doing so.  In fact, if you don't forward a chain e-mail, no one will ever know and nothing bad will happen.  It's all a ruse to get people to forward the e-mail.  The fact is, there's no way to verify the original source of the message; therefore, there's no reason to trust it.  In fact, if they're willing to lie to you to get you to forward the e-mail, how can you trust the rest of the e-mail?  For all you know, it could contain a virus.  Something to think about...

It seems to be a popular business model with software vendors to offer two classes of licenses--a less expensive license for personal/home/non-profit use, and a more expensive license for professional/business/profit use.  They may even try to feign this business model as natural and necessary by having two different versions of the software.  (Many vendors actually do have feature-limited versions for less than professional use.  This article does not concern those.  It concerns scenarios where the two versions are actually identical except for what they allow themselves to be used for.)  How is a vendor to enforce this restriction on use, however?  Well, unfortunately, many have made the following mistaken assumption:

"Only businesses use Windows Server.  Windows Server is never used by home users for personal use."

Well, you could say I'm not your typical home user.  My home server is running Windows Server 2008, and I use it for nothing but personal use.  I have no business, and I make no profit from its use.  However, soon after I installed Windows Server on my home server, I discovered that certain home versions of software that I was using before will not install on Windows Server, either claiming that it is not licensed for professional use or that the operating system is not supported.

So I was faced with a moral dilemma.  Do I give in and pay a significant amount of money for the same software just so it will run on Windows Server when I already have a license to use it for personal use?  Or do I find a way to trick the installer program to think it's not actually running on Windows Server?

Windows Version "Masking"

I'm sure anyone who knows me already figured that I chose the latter.  Two days ago I found success, installing a program that supposedly does not support Windows Server on my server.  It installed perfectly and is working flawlessly ever since.

You see, I made the correct assumption that at their core Windows Server 2008 and Windows Vista are the same operating system, that the program did not actually depend on any features exclusive to non-server Windows versions, and that any features included in Windows Server would not interfere with the program.  In fact, the restriction on Windows Server was entirely artificial.  That being the case, it was totally unnecessary to do any emulation.  All that was necessary was to get past the code that checks what version of Windows is running.  Hence, what I needed was a "mask".  I use the term "mask" because a mask is very superficial.  It superficially changes the apparent identity of the wearer, but underneath, they are still the same person.

Now just how would I go about masking Windows Server?  And for that matter, how would I limit it so it only affects certain programs?

Let's start by considering how one would detect what version of Windows is running.  Well, I'm a programmer, so if I were writing that code, how would I figure out how to do it?  Well, Microsoft makes it easy: Getting the System Version (Windows)  This article tells you exactly how to do so.  It even gives source code.  In short, it calls a few Win32 API functions, such as GetVersionEx.  Of course!  API functions!  But how do I intercept API calls and change their behavior?  It turns out this concept is called "API hooking" and there is lots of information online about how to do it.

API Hooking

I found this article extremely helpful: API hooking revealed.  I determined that injecting into a single process and using a "user-level" hook (since I needed to hook a Win32 API, not a native NT API) was the answer.  Modifying the Import Address Tables sounded like my best bet. 

Then I found some source code: HookAPI source code.  This solution was not quite right for a number of reasons.  First off, it was designed to inject into every running process.  I just want to inject into a single process right when it starts.  And more importantly, when I ran the demo application, it crashed every process it injected into!  So it doesn't even work!  (At least on Vista/Server 2008)  When I tried to troubleshoot it, I found out that the author used a massive amount of inline assembly code.  But, I saw what it was trying to do.

It wasn't modifying the Import Address Tables at all.  It was so simple, actually.  It used GetProcAddress to get the address of where the function was loaded into memory, then it overwrote the first 5 bytes with a jump instruction!  That would transfer execution to the address given in the jump instruction, which was the address of a different function, thus overriding the underlying API.  Of course, gaining write access to that memory was a trick, not to mention injecting the DLL into the remote process.

My Proof-of-concept

So, I wrote my own API hooking and DLL injecting code (using no inline assembly, I might add) based on my newfound knowledge, and after some troubleshooting, I was in business.  After I discovered (of course) that the installer extracted some files into a temporary folder and executed one of them, I used the solution on the extracted installer and what do you know?  It called GetVersionEx to check the Windows version, and my hook function returned all the same version information a normal call to GetVersionEx would on Windows Server 2008 except the product type - "workstation" instead of "server".  Voilá!  It downloaded and installed the application.  Interestingly, the application itself runs fine on its own.  It does not check the Windows version.  Only the installer did.

So this is, of course, only a proof-of-concept.  I'm working on making it into a polished solution.  It needs to cover some other ways programs could detect the Windows version and automatically inject into processes started by the masked process before I'd be comfortable offering it for others to use. :)

It has been a cause of annoyance for me when software authors confuse the words "remove" and "delete" in their interfaces, especially since it often involves the sensitivity of your data.

Remove means taking an item off of some sort of list, but by definition, it does not imply destruction of the item itself.

Delete also means crossing off an item, but it implies that the item is also forever destroyed.

The worst case where these are confused is when "remove" is used to describe a process that actually deletes the item, because then the user might click "remove" thinking that the underlying item will still exist, but it is instead deleted.  Also annoying is when "delete" is used to describe a process that only removes the item, because it feels weird clicking "delete" when I know I only want to remove the item, and a user might click "delete" thinking that the item will be destroyed, but it is not.

I wish I had an example of the former case to reference, but I can't think of one off hand.  But I know I have seen it more than once.  An example of the latter case is in Free Download Manager.  The "Delete download" option only removes the download from the list.  It does not delete the downloaded files, as one would think it would.

I had an interesting idea.  See, there's a good reason .NET does not allow multiple class inheritance, although multiple interface inheritance is allowed.  But there are some cases when it would be nice to be able to inherit the behavior of a class while still inheriting from another class.  Consider a simple example.

Say we have a class named Dog and a class named Cat.  As logic would tell us, there is no way something could be both a Dog and a Cat; hence, we cannot inherit both Dog and Cat.  An interface, however, has a different purpose than a class.  Instead of representing a type of object and including its implementation, an interface is intended to describe one or more capabilities of an object.  For instance, we might have an interface called IBarkable, which the Dog class would implement, describing its ability to bark.  Similarly, an IMeowable interface.  Now while there is nothing that is both a dog and a cat, there easily could be an object that has some of the capabilities of both.  For instance, a human can both imitate a dog's bark and a cat's meow.  So it makes sense that a class can implement more than one interface.

However, say we wrote the Dog and Cat classes already and now we're writing a Human class.  We've already written the code that performs the bark and the meow, how do we get that implementation into the Human class?  Now this is a very simple example and could probably be easily done a number of ways, but there are more complex situations similar to this where multiple inheritance would be helpful.  But it still does not justify allowing a class to inherit two base classes.

Here's where my idea comes in:  A new kind of type called a behavior.  Its purpose would be to define an implementation of a capability that is inheritable in a class.  Here's how a behavior would differ from a class:

• A behavior would be implicitly abstract in that it could not be directly instantiated.
• Polymorphism would not apply to behaviors.  Meaning that an implementing class could not be referenced as an object of a behavior.  As a result, variable types, parameter types, etc. could not be behaviors.  This would prevent the poor designs multiple inheritance would normally enable.
• A behavior could implement interfaces and inherit other behaviors, but it cannot inherit a class.
• A behavior could specify a constraint similar to a generic constraint where the class that implements a behavior must inherit a given base class.
• All protected and public members of a behavior must be overridable.

Thus, to solve the above example, a Bark behavior and Meow behavior could be defined, which implement the IBarkable and IMeowable interfaces.  Dog could inherit Bark, Cat could inherit Meow, and Human could inherit both.

Another example that comes to mind are the various WinForms control classes.  You'll notice that Form inherits ContainerControl which inherits ScrollableControl which inherits Control.  But does it logically follow that every container control is also scrollable?  What if the container and scrollable capabilities were implemented as behaviors?  Then a control could inherit the container capabilities without inheriting scrollability, and Form could still inherit both.  Both behaviors would specify a constraint that the class must inherit Control so that they would have access to the members of the Control class.  (That would be one strong advantage over using a simple aggregate relationship instead.)

Unfortunately, I was not able to attend the PDC 2008.  But I have read some blog posts from some who attended yesterday.  It looks like C# 4.0 will support many dynamic typing concepts including co- and contra-variance, and although "duck typing" was not explicitly mentioned, it seems to be implied by what I read.  (Since duck typing is a principle of dynamic typing and not necessarily a feature in its own right, I am not surprised it is not named specifically.)

Now don't get me wrong, it was fun writing the duck typing library, but I would have no problem whatsoever if it were made obsolete by this.  Having the features integrated into C# would be awesome, and I'm sure it would eliminate the initial overhead caused by the dynamic compilation used by the duck typing library.

I think I will have to actually use C# 4.0 before I know how it will affect the usefulness of the duck typing library, but I am thinking right now that it may still be useful for interacting with "vintage" code libraries.  That, as I understand it, is actually what Jordan uses the library for most.  So whether C# 4.0 will fit the bill in this respect hinges on whether the dynamic typing features can be used when interacting with libraries that were not written or compiled in C# 4.0.

Unfortunately, I haven't had the chance to spend a lot of time working on the new duck typing library, which may actually have equaled wasted effort, but if such a library would still be useful with C# 4.0, I think it will change significantly from what I originally thought.  It will probably be designed specifically to complement C# 4.0 features.

It seems inevitable that whenever I run into problems because something isn't working right, it's because some programmer out there somewhere (whoever programmed the tool I'm working with) overlooked something obvious or made some other stupid decision.

For instance, I just finished an ASP .NET program that complements another ASP .NET program already published in my company's intranet.  So, it seemed logical to put it within that program's folder, making it a nested ASP .NET application.  Should be easy, right?  Just copy it in, make it its own application in IIS and bam, you're set.  Wrong.  Some programmer at Microsoft decided that nested ASP .NET applications should inherit all the configuration of the parent application by default (or should I say "dofault" since it's an initial setting that does cause a fault instead of preventing one).  This includes configuration that would cause dependencies to the parent's assemblies, which of course would be missing from the child's bin folder (since they have absolutely nothing to do with the child application).  And, of course, broken dependency equals completely nonfunctional application.

So I thought, "Well, this is a pain in the neck.  Now I have to tell the child application not to inherit configuration from the parent."  Wrong again!  There is actually no way to do that.  No, instead, you have to tell the parent application not to make the child applications inherit its configuration!!  I hope, I really sincerely hope that I don't have to explain what makes that a really really bad design...

Another thing I run into all the time happens when you import from Excel into SQL Server.  If a column contains some number values and some text values, making the column type textual instead of numeric, instead of converting the number values to text like any sane person would do, it omits the number values altogether!  (I would say anyone with half a brain, but I actually know of someone who had half her brain removed due to brain cancer and she's actually pretty smart.)  Guess what, I need those values too!  Otherwise, they wouldn't be there.  So the only solutions I have found are A) Manually convert every numeric value cell to a number stored as text, B) Write a Visual Basic macro to do this for you, or C) Save the spreadsheet as a CSV file and import that into SQL Server.  All of these solutions are either tedious and time-consuming or really really crude and ugly.  I hate resorting to crude methods...

So this has me wondering:  Do people purposely do stupid things?  Like, it's hard for me to imagine that these people actually think these ideas are good ideas.  I mean, they have to realize at least to some degree how stupid they are.  The only reasonable explanation that I can come up with is that implementing a good idea would require more effort up-front and they were simply too lazy for that, and since they don't care, they just went with the bad idea.  So really, it wouldn't be "stupid programmers", it would be "lazy, careless programmers".  Which is worse?  Well, "stupid" is not as bad since a "stupid" person doesn't know any better.  But a "lazy, careless" person can be held accountable because they know better.

Now for me, I simply cannot stand to do anything a certain way when I know there is a better way to do it.  Or even if I know there might be a better way to do it, then I am driven to find it.  I am always thinking of how decisions will affect the project in the long-run, always doing things now to save time on an ongoing basis later.  I won't comment on my smartness, but while I may be lazy at times, I am definitely never careless, and my carefulness at least prevents me from being lazy in a way that will affect the quality of my work.  For me to knowingly implement something stupid would be cruel and unusual torture for me.  I would be ashamed to be associated with such work.  You could not pay me to do it.  I would find a new job if I was forced to cut corners regularly.

Am I the minority?

Is it because many programmers aren't very smart or is it because they don't care?  You know, I would argue that the two are not mutually exclusive.  Since computers and software are constantly changing, you have to be constantly learning in order to succeed in this profession.  If you don't care, you won't want to learn, and you'll end up doing stupid things.  If someone were to ask me if they should enter this field, I would tell them the same thing one of my instructors in college told me.  He said, "If this is what you really love doing, and you really really want to do it for a living, then go for it.  But if you're not that into it, and you just want a job to make money, you might want to consider a different major."  I stuck with it because I live, eat, and breathe programming.  I was programming before I went to college.  I go to work and program, get home from work and program, and constantly read and learn about programming.  I do it because I love developing software and I am passionate about it.  I think that's what makes me good for this job.  It's not knowledge or skills; my current knowledge and skills will no doubt be obsolete in little more than a few years.  But I won't be because I will be continuing to learn.  So if you're a programmer who doesn't care about programming, you're going to be left behind and probably find yourself out of work.  That may be sad for you, but ultimately good for software.  But will that nature of the field be enough to weed out the careless programmers?

Now, the concept is certainly good.  Have a program automatically check for new versions so that people can keep up to date.  But the fundamental flaw I find is that this check always takes place when you first start the program.  At this point, you're trying to use the program immediately and don't want to wait for it to download and install an update first.  So I always cancel out and never get the needed updates.  So the notification turns into nothing more than a nuisance.

So I thought of a solution, but it would be quite a feat to pull off, and it's not without problems.  What we need is an update agent that checks for updates behind the scenes and informs the user in a non-intrusive way based on how the user set it up.  A single program that will support checking for updates for multiple products.  That way the user would have a central place to view and optionally install these updates, or could configure them to automatically install when that program is not in use.  No more annoying pop-ups when you're trying to use the software.

But here's where the difficulty of such a solution comes in:  As far as I know, there is no standard for distributing updates.  To implement a standard, it would require the cooperation of the vendor for each piece of software.  The other option would be to make the program extensible so that anyone can write a plug-in for it to add support for a particular piece of software.  Now I could certainly write a framework to support this in my sleep and use duck typing for cross-version plug-in support, that would not be a challenge.  The problem is that I can't possibly write a plug-in for every piece of software in existence, or even most.  I'm not exactly good at promoting standards either.

But I'm wondering if I should make the solution for myself anyway, and implement plug-ins for the software that I use, and make it available for free and see what happens...

It has been quite some time since the last release...  (10 months to be precise...)  But a good friend of mine is now onboard and we're resuming development.  We have some pretty cool changes in store, and as always, suggestions are welcome.

We will be tying some loose ends for version 1.0 and rolling in some new features like "loose" duck casting where casting will always succeed, it will simply throw an exception if a member is called that is not implemented, which will more closely resemble how duck typing is implemented in most dynamic languages.  Then we'll be working on 2.0 which will include a name change to something along the lines of "dynamic typing" instead of "duck typing" to reflect the implementation of more dynamic typing concepts than just duck typing.  2.0 will also add some .NET 3.5 features like extension methods.

But I've only scratched the surface...  Just thought I'd give everybody an update!

I'm talking about exceptions here.  Which is better, avoiding throwing exceptions as much as possible by trying to safely recover from errors, or throwing exceptions that will contain useful information for debugging purposes?  I ran into this issue today...

The company I work for uses a program called Fourth Shift.  It comes with managed libraries for client access in .NET.  I am using a feature called impersonation, whereby transactions can be executed as if a different user was logged in.  There are a few things you have to do in order for this to work:

• Grant the logged in user permission to impersonate a given user.
• Enable impersonation when connecting the client.
• Supply a non-null impersonation user name when processing a transaction.

I had to figure all this out because the developers of the client library decided to go with safe execution.  Here's what will happen if the above conditions are not met:

• If the user does not have permission to impersonate the given user, the transaction will proceed normally without impersonation.  No exception will be thrown.
• If impersonation is not enabled but a non-null impersonation user name is supplied, the transaction will proceed normally without impersonation.  No exception will be thrown.

This behavior is about as useful for debugging as the "Failed for some reason" exception message I ranted about in an earlier post, which involved the same client library I might add.  All I knew was that for some reason impersonation was not taking place.  In any case, here is the behavior I would normally expect from a .NET class library:

• If the user does not have permission to impersonate the given user, an exception is thrown indicating this.
• If impersonation is not enabled but a non-null impersonation user name is supplied, an exception is thrown indicating this.

Now sure, this would help debugging immensely, but won't it make the program less stable?  Well, in the case of the latter, no.  Whether or not impersonation is enabled is hard-coded and will not change at run-time.  It will either always throw an exception (not work at all) or never throw one (always work).  In the case of the former, do we want the transaction to succeed if the user does not have permission to impersonate?  Sure, if they don't, the program will fail, but at least we'll know exactly why and it's a no-brainer to fix.  Another thing to consider is security.  If impersonation does not take place, the transaction will be executed under the security context of the logged in user, which in this case, most likely has more security rights than the user that should be impersonated.

So in this case, I would say throwing exceptions would be a better approach.  But is it always?  Or is this one of those trade-offs like high cohesion vs. low coupling that needs to be weighed in every design?  Or is there a way to have both safe execution and easy debugging?

There was a lot of negative hype surrounding Vista during its development.  It seemed that I heard nothing but bad things about it.  So naturally, I wasn't very excited for its release.  But being impartial as I am, I was willing to give it a chance.  So I asked some people who have used Vista some simple questions:  What advantage does Vista have over XP?  What are the new features besides the spiffy graphics?  The fact is that no one could give me a straight answer.  So for me, it wasn't worth spending that much money for something that really didn't seem to have any benefit.

Well, being an IT professional, I managed to get my hands on a free copy of Vista Ultimate.  Now that cost was not a factor, I installed it on my laptop.  Just as with XP SP2, I had to make numerous tweaks to get the interface right, a new one for Vista being disabling the annoying and useless "User Account Control", of course.  Besides that, I had no problems with hardware compatibility or anything else.  In fact, I made quite a surprising discovery...

Vista is fast.  I thought the extra graphical effects would slow down the interface, but in fact, it's significantly more responsive.  Programs load and close much faster.  I've even experienced faster file transfer rates over my home network.

Microsoft just might have made a believer out of me.  And if you think about it, it makes sense.  XP has been around for over 6 years, and has since been hacked to pieces and bloated with thousands of updates.  Vista seems fresh and light-weight in comparison, with many of its sub-systems rewritten to work well with modern hardware.

So why all the fuss?  Do people not like change?  Are they afraid they won't be able to do as many illegal things anymore?  Are they upset that Vista won't work with their ancient hardware?  Welcome to the world of computers.  Things change.  Get with the program and upgrade your stone-age Pentium.

I used to agree with people who criticize Microsoft's business tactics.  What I realized, though, is that all of Microsoft's competitors are doing all the same things, and nobody points the finger at them and complains.  Microsoft gets picked on because they're the biggest.  I, for one, do not use Microsoft's products because I am somehow conned into it or because it is the most popular standard.  For instance, I used Java and IBM WebSphere and Eclipse for quite some time at one job I had.  Yet, the reason I prefer .NET, C#, and Visual Studio is because they are, in my opinion and for very specific reasons, better.  So yes, Microsoft is a formidable foe for competitors because they make really, really good software, and Vista is no exception.

So in conclusion, don't knock Vista until you've tried it.