BASeCamp Programming Blog

Gamers are an enterprisey bunch. You don’t give them enough X, so they go prodding around your game’s memory to try to give themselves more. Programs that have this purpose are called “Cheat engines”. Usually, how they work is a multi-step process.

1. The obvious first step is for the cheater to decide what they want. Lives? More Gold? Maybe they want to up their players attack power?
2. This is usually fairly easy, and you can usually tell the data type just by the amount of screen space reserved for a value. Though sometimes you just have to guess. Many cheat engines can search for values regardless of the actual data type, too.
3. Now, the cheater looks for every value in the game’s memory that has the current value of the item they want to ‘hack’. The results will usually be collosal.
4. In order to revise the search parameters, the gamer/cheater will now “change” that value somehow; by perhaps losing a life or getting a new one, getting more score, using a “attack upgrade” pill, or what-have-you. Armed with the new value, they can now tell the cheat engine program to show them all the values that were the old value before that have now taken on the new value. If they are lucky, this will be only one entry, and they can use the cheat engine and change it, and BAM they have the new value they hacked in.

The typical, and perhaps smartest way, to deal with this problem is to ignore it. A well architected game system will have any multiplayer values centralized on a server which means that a cheat engine will only mess around with a client of the game, and there are ways of checking for those hacked clients as well, (because they can give players a minor advantage). However it bears an interesting topic of discussion- how do you prevent this?

With some considerations, I have determined a method to do this- each time a value is assigned, generate a new random value, store that, and then only store a version of the original value that was encrypted. The idea being that the existence of the “actual” value- the value the cheater would be able to identify- is transient and only exists in limited scopes, making it nearly impossible to find the correct value to change, and even if they do find it, the method of encryption/hashing means they would need to know the corresponding algorithm and number in order to turn a new value they wanted and store it in memory so the Obfuscated class to which said value is associated will decode it properly.

The trouble with this method lies in the fact that it is anything but transparent, and requires copius code changes all over the place.

Enter Generics & Templates

Generics and Templates are the obvious solution to this problem. With C++, this sort of class nearly writes itself, actually; since templates are a compile time feature. you could then replace values that are int with something like Obfuscated and not have to change anything else.

Being that I work primarily in C#, however, this was the focus of my attentions. And it is not quite as simple, though thankfully the addition of dynamics to the language really helps make the code more concise for this sort of purpose.

Everything seems to work fine initially; you can create a generic class Obfuscated , then define operator methods that can cast a T to an Obfuscated and vice-versa without too many problems. problems start to arise as you realize that the original code is using operators and the implicit casts are not being performed (because there is no reason for the compiler to think that casting the two values from Obfuscated to the type T will make the operation valid). So you define operator overloads. The typical result in C# 3 was rather messy. Since there was no way to define a constraint that said to only allow arithmetic operators, nor is there an interface you could cast to to check if the Type T for which your generic instance was constructed supports arithmetic operators, you were left in the cold. For many types you could use the built-in operator methods themselves, op_Addition, op_Subtraction, etcetera. What you would end up with is a large else-if ladder that checked for all of the primitive types, with an else block that used reflection to call the appropriate operator method that way; and failing that throwing an InvalidOperationException.

Dynamics to the rescue, however. Thanks to C# 4.0′s addition of the dynamic keyword, which introduced late-bound variables, we can actually make the call relatively simple. we can perform operators on dynamic variables and the call will be resolved at run-time, and will be handled appropriately even for the primitive types.

With that out of the way, there was only one question left: the encoding. I decided on a simple interface that allowed to decode and encode a arbitrary set of bytes. I implemented a simple xor encryption and used that for my tests. The tricky portion is of course getting some arbitrary set of bytes representing a variable of your generic type; this isn’t something you can really force with constraints. You really need a Type T that is either a structure or a serializable value. For this purpose I created two general purpose generic methods:

First, the method to convert a given value of a Type P to a array of byte [] :

If it is a ValueType, we use the Marshaller to get the actual in-memory representation of the structure, copy it to a array of bytes of the appropriate size, and then return that. Otherwise, we try to save it to a MemoryStream using a BinaryFormatter, slurp out the contents of that memorystream, and return that array of bytes to the caller. The corresponding function that turns a given array back into the corresponding type is obviously just the reverse of this:

by replacing a variable of a given type T with an Obfuscated , you get almost completely transparent obfuscation of the in-memory representation of that type. Assignments result in the generation of a new random number, encrypt the passed value, and store the encrypted value, and retrieving the value or an implicit cast to the type will deobfuscate the value and return that.

The Full source to my test project which contains and uses this class is attached:
Memory Obfuscation Class

824 total views, no views today

This is a old blog post that I seem to have forgotten to publish when I originally wrote it.
-BC_Programming

When you write a computer program, you are providing the computer with instructions on how it should work with values in memory using the Processor to perform a task. managing the allocation and deallocation of blocks of memory is memory management.

With some programming languages, the burden of implementation is on the programmer. For example, in C, most non-trivial applications are going to need to allocate and free blocks of memory. These are done by the now ubiquitous malloc() and free() functions, present in the C standard Library. What makes this interesting is that it breeds a pattern of memory usage, whereby— with the exception of bugs — memory is only allocated when it is being used by the program; the idea is to deallocate memory blocks as soon as they are no longer going to be used. This has an advantage in that it is ideal for reducing the memory footprint of a program, which is essential if that program runs on an embedded device or otherwise needs to keep a close eye on what it’s allocated. However, there is a tiny drawback with this approach- freeing memory, of course, takes processor time away from other tasks. A negligible amount, but it does; particularly when you perform a bunch of free() calls on smaller memory blocks as opposed to freeing the entire thing a single time.

In any case, with this pattern, there was of course a lot of repetition- Every allocation needs a corresponding free- and only one, otherwise you end up with bugs from freeing the same block of memory twice. This bred Design patterns- basically, constructs both within the language as well as via frameworks that made this task more automatic, so that developers could focus on their goal. With the advent of C++ and Object oriented constructs, there came RAII, or “Resource Acquisition Is Initialization”; the basic idea is that resources are allocated in the constructor of objects, and deallocated in the corresponding destructor; since destructors are guaranteed to run when an error occurs (well, with the exception of using balls-up hardware or a power failure or something) this generally guarantees that the memory is reclaimed. But, on the other hand, if an error occurs, the program will probably be left in an inconsistent state, to the point where it ought to be restarted; and once a process exists, all major operating systems will deallocate the process memory. (that is, leaks cannot last past the lifetime of the application leaking), so it’s questionable whether it is all that important. Also, all it really does is move the semantics; now instead of initializing and deallocating variables, you are initializating and deallocating class instances and calling members of those instances that correspond to the values you would have allocated as variables. Generally speaking, the concept is to manage the larger data structures in your application in a fashion that means destructors will deallocate it if anything goes wrong.

Garbage Collection

PCs have, for quite a number of years, had plenty of memory; even “low-end” machines like a Pentium 2 with 256MB of RAM don’t need to have program that use the absolute minimum amount of memory at all times; there is quite a bit of “leeway”. As a result, methods of trying to deal with the allocation and more specifically the deallocation of memory so that there is less worry on the programmers side as to whether they free’d a variable, should  free a variable, or may have forgotten to free a variable, as well as allowing a slight speedup from not forcibly deallocating everything at the first opportunity. The use of a “Garbage Collector” typifies the implementation of this sort of technique.

Contrary to what some might believe, Garbage Collection is not tied to your language; you can use a conservative Garbage Collector in a language like C or C++ if you wanted to. However, typically, there are two things people are arguing against when they argue against the use of a Garbage Collector:

• the Microsoft .NET CLR (Common Language Runtime)
• The Java Virtual Machine

Sometimes, they bring up the point to argue against any sort of language that doesn’t leave clean-up in the programmer’s hands, such as Python or even D. These are the two most common, though. Both of these employ a Garbage Collector for memory management. Neither has a clear way to explicitly deallocate a class instance you created; you generally just allow variables and instances to go out of scope and become inaccessible at which point the Garbage Collector will determine it can clear it and will do so.

The arguments “Against” garbage collection generally come in the form of something like “it makes programmers lazy” or “it’s not REAL programming” or “it’s slow/wasteful”.

All of these, however, are false. It doesn’t make programmer’s lazy, programmers are lazy by definition, that’s why we use functions and subroutines rather then duplicating that code all over; that’s why even in C and C++ design patterns have sprung up to make it easier to deal with manual memory management. Having to manage memory manually doesn’t mean a programmer is lazy; and anybody who thinks managing memory manually is somehow “better” is simply stubborn; especially since they are already using predefined routines for allocation and deallocation anyway (malloc()/free()) what they are usually arguing about is deterministic memory usage; with manual memory management (malloc/free) you can practically tell how much memory your program is using by simply keeping track of what you allocate and deallocate. With Garbage collection, you don’t actually deallocate anything, and when that memory is actually deallocated is not deterministic. This results in two things:

People using System.gc() to force the garbage collector to run, and people complaining about the “jumpy” nature that the allocated memory looks like in a graph. One should never run the garbage collector manually unless they have a good reason; running the garbage collector takes time, and that time is almost always better spent doing other things in your application. The Garbage collector will run on it’s own when needed. The second is overanalysis- the overall footprint of memory usage remains the same, the only thing that changes is how much of that memory is actively holding “active” data. eg. A game written in C++, assuming no memory leaks, might appear to only use more memory during some scenes or intense action, then quickly go back down after that scene is over. A Java or C# Game may instead appear to have it’s memory balloon and stay there for some time. This is simply because they are different; C++ programming typically employs the RAII pattern- (Resource Allocation Is Initialization)- which will result in unused memory instantly being deallocated/destroyed. C# and Java’s Managed memory model puts that task in the hands of the Garbage Collector, which cleans up in a generational fashion. Eventually, the memory is freed. The real question is, Do you really need that memory? Worst case scenario is it get’s swapped out due to other memory demands, but by that time the GC will have kicked in. And even if it does get swapped out, deallocation by the GC will not “touch” the page so it won’t actually need to be swapped back in to be deleted unless something needs to be read from it.

436 total views, no views today

The next version of BASeBlock, which I have dubbed version 2.5 since that seems like a sensible update from 2.4- will use the .NET framework 4.0 and will be compiled with C# 4.0. Previously, all work was done in Visual Studio 2008, which of course doesn’t work with anything past Framework 4. After working in VS2010 some with BCDodger and starting to shift to it for general programming, I decided it was time to at the very least upgrade BASeBlock so I can enjoy the new features of VS2010. After doing so, I figured- in for a penny, in for a pound- and upgraded the targeted .NET framework to 4.0.

Some big advantages from this move, aside from having a few more language features at my disposal, include the DLR (Dynamic Language Runtime) which should allow the relatively easy addition of scripting capabilities much like I have for C# and VB.NET for languages like Python And Ruby. Another advantage that I wasn’t expecting was the improvements to the CLR which actually give the game another +20 frames per second on average just for the debug build.

Another nice thing is that this upgrade does not affect Mono compatibility- though it doesn’t work there because I use some windows specific platform/invoke in a few locations. Replacing those with appropriate platform specific equivalents as needed would fix those issues.

Open Sourcing

The idea for BASeBlock was to have it Open Source. The problem with that is that my connection is no longer uber awesome like it used to be, meaning that even uploading the binaries can take upwards of an hour. The source files would take significantly more time. THe Source for earlier versions is still available on the main downloads page entry for BASeBlock . When I get the ability to do so I will either upload the source separately or have it as part of the same installer package (optional feature).

The source will probably be licensed under the BSD license. Note however that this will only extend, at least for now, through the actual BASeBlock program. It uses a few satellite assemblies, such as “BASeCamp Update Library” Which will probably remain closed for the time being.

Currently, I am trying to get Polygon blocks working properly with the GameCharacter. Naturally, this is not that easy since a lot of the code with collision detection on the Gamecharacter is reliant on the fact that all blocks are rectangular. I have something that half-works so far, with a few errant issues that I need to fix; if I can’t I will simply revert it to the old detection and declare Polygon blocks and gamecharacters incompatible for the time being.

298 total views, no views today

Breaking completely from my usual programming topics, which surround C# most of the time, today I will be looking at Some VB.NET, and, more generally, the topic of iterator methods. For quite some time, Visual Basic.NET has been something of the younger brother to C#; it usually got features long after C# did. Iterator methods are no exception.

What is an “Iterator Method” Anyway?

An iterator method is a coroutine. The best way to describe it is to see it in action. Take the following C# Code as an example:

In this example, the code would output the values 0 through 24. The difference between this and say something like this:

Is one of both semantics as well as performance. In the first case, the iterator routine is only executed until the next yield, or the iterator routine returns. At which point, either the next element will be passed through the foreach body or the foreach loop will be finished. So, for example, the iterator version of SomeRange() will not iterate past 24 in this example, but the latter does, since it constructs the entire list, and that resulting list is then dealt with using the list enumerator.

One particularly useful purpose is for endless sequences; the second method is impossible for this, since you cannot simply fill a list with an infinite sequence. The iterator routine pattern allows you to define a sequence based on a larger code block by yielding specific values to the enumerating routine. Many other languages have support for the concept of iterator functions. Python, for example, has them, and they work very similarly:

In that example, itertest() is a “generator” or iterator function, just like the C# Example above. Because Python is a strongly-typed dynamic language, it has very few special things you need to do; basically, all you have to do is use yield instead of return. the C# Example has to use yield return, as well as having the function signature return a IEnumerable. C++ has a concept of iterator classes, which doesn’t make the syntax simple and “language-defined” but provides a well-defined set of abstract classes that can be relied on.

Visual Basic 6

Visual Basic 6 is an interesting case. The language itself is quite limited. Of course it has absolutely no concept of iterators; it’s For…Each loop acts on an IEnumVariant interface, but you cannot even implement this interface yourself easily. Implementing IEnumVariant in VB6 is possible, but it requires a lot of manual hacking of virtual call tables to point to module-level functions, exacerbated by the fact that the IEnumVariant Interface has method names that are Visual Basic 6 reserved words.

Visual Basic .NET

Visual Basic .NET has been a bit better off than VB6 since inception; it doesn’t directly support iterator methods/coroutines yet (it will in VB10) But you can at least implement the IEnumerator interface. You do lose the ability to have the nice iterator syntax that C# and Python have, though.

Faking it

It is, however, possible to sort of fake it with VB.NET, by creating your own implementation of an enumerator that accepts a delegate; that delegate is passed a single argument- the iterator object- which has two methods- Yield, and Break. Yield returns the next value in the sequence, and Break cancels the iteration. Note that the implementation I came up with does not work like the versions in either Python or C#; in both those cases, the compiler/interpreter turns the iterator function into a state machine. My implementation uses a threaded model- the MoveNext() routine waits until Yield or Break is called before returning. Here is the implementation I came up with. Bear in mind I don’t usually work with VB.NET…

Usage of this class is relatively simple, compared to having to write your own full blown Enumerable implementation. First, you need a method satisfying the delegate:

Note the use of ih.Yield() and ih.Break(), which “emulate” the appropriate statements from C# (Or Python, for that matter). Using it would look like this:

 
  Sub Main()


        Dim iterate As Double

        For Each iterate In New Iterator(Of Double)(AddressOf testIterator)


            Console.WriteLine(iterate)

        Next




        Console.ReadKey()

    End Sub
 

It’s not as succint as the C# version but still a lot shorter.

On the horizon

Thankfully VB10 will remove this goofy problem- it adds support for iterator methods. Though it’s still a bit goofy, it does allow some things C# doesn’t such as anonymous iterator methods.

672 total views, 2 views today

Today, on most computer configurations, the CPU is basically the “main” processor, and various add-on cards off-load some processing from the CPU. Let’s look at a history of these particular devices, and how they perform their CPU off-loading, and why.

Video

Originally, a Video card was basically just something that the CPU sent data too; the CPU, or software, had to deal with drawing things like rectangles, circles, ellipses, and all that guff. This was fine early on. The only thing you could truly tell a Video card to do was to set a specific pixel to a given colour. Most graphics libraries provided with Programming languages, or separately, handled this stuff- they did all the math and geometry and other stuff to rasterize lines and other primitives based on being able to set a single pixel.

However, as Graphics became more prevalent, And particularly with the release of Windows 3.0, this simply wasn’t enough oomph. What happened then was Video card manufacturers created “Video Accelerator Boards”. What these cards did in tandem with their software drivers was basically offload the tasks of drawing some graphics primitives to be done by the on-board processor on that accelerator card. This accelerated the drawing of things like circles, rectangles, and so forth. This was faster, even though the Graphics Accelerator chips were typically a far lower clock speed than CPUs at the time. The primary advantage here was that the processing was localized; all the CPU had to send the video card was the instructions to draw- for example, instead of having to send the data to draw several hundred pixels, the software only had to say “hey, draw a circle here, with this radius and this aspect ratio” and the Processor on the Video card did the heavy lifting. This was a HUGE advantage at the time, because in those days everything used the ISA bus, which was quite slow- it was limited to transferring iirc something like around 10 megabits in a second, which wasn’t nearly enough for graphics intensive programs like windows or AutoCAD.

Around Windows 95, Video accelerators were standard with PCs. The standard Bus was standardizing around PCI, which also allowed a lot more data transfer- this meant Video accelerators were made even faster, so that you could send more of those instructions to the card in a given time frame to take advantage of the higher bandwidth of the bus. However, on the horizon was 3-D graphics. 3-D games were done long ago- back to before Windows itself, and many games performed admirably (Doom, Duke Nukem 3d, etc) under those conditions. However, This required direct addressing of the graphics cards registers and direct control of the hardware, which under the Windows environment was not allowed- instead everything was done through the Device Driver. Even with Video accelerators helping with primitives, drawing and rasterizing 3-D objects was very software intensive, which limited 3-D games to having very low poly counts, very small textures, and/or a very low resolution.

Thus, the concept of 3-D Accelerator cards was devised. A 3-D accelerator card worked in a similar idea to a 2-D accelerator card, but instead of being told “hey, draw a circle” it was told about the polygons, the view matrix, the projection matrix, and other information about the scene it was to create, and then did the work of rasterizing that scene. This still had the problem that there wasn’t really a universal way to address these new capabilities. Some early 3-D vendors created their own APIs- for example, the Voodoo cards used an API they called “Glide”. If this continued, with each manufacturer having their own special API, games would have to support all sorts of different APIs to work on different 3-D Accelerators. Thankfully, unification prevailed- in this case, the two unifying factors were OpenGL and Direct3D. OpenGL was first, and basically defined a Library interface that a driver vendor could implement. The DLL provided by the manufacturer would work with the hardware driver directly, since it knew about it (and usually the OpenGL driver was provided and installed in the same package). The Game or program would just treat it like any other OpenGL implementation. DirectX, and in particular, Direct3D, addressed this similarly, by providing a way to address various bits of hardware directly, the aim was to allow Windows to be a viable platform for game development, which at the time most gamers were on the fence about. In those days, a “PC gamer” would run DOS. Direct3D pretty much works in a similar way to OpenGL, but is dealt with using a object-based COM object model. the Manufacturer provided a set of DLLs implementing proper interfaces and Direct3D used them to talk directly to the driver to use it’s acceleration features. It was weak in early versions (and it had another name which I cannot remember, something like Windows Game Library), but at this point, they are both pretty much functionally equivalent. One nice advantage of Direct3D, particularly early on, was the fact that, unlike OpenGL, you did not require hardware acceleration at all. Direct3D came with a software-based implementation of everything. this was naturally slower, but at least it let you play the game. (And since most developer machines of the time didn’t have accelerator cards, this made it a lot easier to test games as well). Another advantage was the software rasterizer allowed for any effect in Direct3D to be used. As an example, some early cards didn’t support texture mapping, or things such as Transform and Lighting. With OpenGL, you were pretty much fucked if you needed those. With Direct3D, the software implementation handled those features.

Sound

Originally, Sound cards worked in a similar way to Video cards- that is, they just sorta got used for the software to pump some digitized sound to play. The only early thing that could be called a “acceleration” feature was the use of MIDI synthesis, which in many ways off-loaded the task of digitizing sound to the driver or card. Some Sound cards that have this feature include the Sound Blaster AWE32, which let you load some installable SIMM memory with high-quality digital samples of instruments for use with said MIDI playback.

Off-loading the more traditional usage- playing digital samples- didn’t really come to the fore until the release of DirectSound and DirectMusic. Manufacturers of course wanted their products to say that they were “accelerated” to add bullet points on their product box, so they rushed to do so. At the same time, however, some of this acceleration isn’t actually off-loading, but merely being done at the driver level. a Good example of a card that fakes this is the Sound Blaster Audigy SE, the Sound Blaster Live! Value, and the X-Fi extreme Audio, all of which lack the titular Audigy, Live!, and X-Fi DSP processor for their names. Instead, their “acceleration” is handled by the driver, but instead of delegating it to the chip on the card, it just performs the task using the CPU. For example, with an Audigy SE, a program will say that the system has hardware accelerated EAX and DSP processing and all that, but it’s actually being done on the Processor. An additional note is that most Integrated Sound solutions actually do the same thing.

The actual effect this has on your games and programs really depends. When I replaced my generic Sound Blaster PCI card with a Audigy SE, I expected a nice boost in performance, but instead, most of my games became downright unplayable! This was because my processor was only 350Mhz, and the software-based processing being used the the driver- which usually had negligible impact on a good system- pretty much monopolized the processor.

Overall, the off-loading of CPU time to dedicated chips installed on add-on cards was done almost by necessity, but it continues to be done because the gains are massive, and really there is no reason not to; sure, we can always have faster CPUs, but why not have special chips to deal with some parts of the processing task? This is really helpful, particularly in the emerging domain of parallel processing which is the road we are inevitably heading down, as the actual speeds of a single core start to reach an asymptote.

990 total views, 2 views today

Important Note: In a system management setting, Or a corporation, this is NOT something I prescribe. managing and dealing with a PC that only you would use is one thing, handling them for others is, well, another thing entirely. In those cases a good AV is required and keeping it up to date as well. (With the possible exception of Linux/BSD, where you still need to be aware of any problems that crop up in the software being used)

Personally I do not use a “On-demand” or background scanner. I do have tools such as MBAM and the like installed which I will run when I notice odd processes in task manager, svchost hogging resources, or general “odd” behaviour from my system. I’ve never felt it was worth the processing overhead; The task of AV scanning takes time, and having it occur on nearly every file access is a rather hefty price. And of course, even the best AV application isn’t going to catch everything, so you need to be cautious anyway, means that, for me, I’m actually safer when I don’t have an AV installed.

When I did have one installed (after a nasty Virut infection on Windows XP to keep me from reinfecting the system using existing executables on my data drive) I actually found that a lot of activity I found suspicious and thought “oh no, I’m reinfected” could be traced to the AV. While their purposes are far more noble and good, I’m sort of felt that AV software is sort of like “fighting fire with fire”; rather than a Virus or malware building a huge root system in your machine, the AV software does. That’s why they all seem to need special software to fully remove. That, and a lot of the systems I’ve fixed for others that they blamed on “Viruses” were in fact caused by the Anti-virus software they were using, which if you ask me is utterly unacceptable. (I’ll say I’ve only seen those issues with one or two “Free” offerings, Mcaffee, and older versions of Norton, though.

Basically, my “protection” amounts to healthy cynicism. Almost all malware infections these days are trojans. So few infect a system by way of things like exploits and “drive-by” stuff that it’s hardly worth the effort to waste time thinking about. More importantly, the first line of defense even for those is the same. After all, in order to download a trojan you need to trust a website, and in order to visit a web page, you need to trust the link. Typically, when dealing with an unfamiliar executable, I’ll just run it. (unless it has a blatantly suspicious name). I might run process explorer and keep track of what the program does as well to make sure there is no funny business. I usually have that running in the background anyway. If the program requests administrator permission- it doesn’t get it. Not at first. This has prevented a good lot of “infections” if you ask me, since you can’t well infect a machine without administrator permissions. Naturally, software installers do need those permissions so depending on the software I will allow. Or, if I’m in a forgiving mood I might just say yes and deal with whatever happens later. When I am infected, I usually catch on rather quickly and am able to either kill the malware processes, or, if they are the type where they autorespawn each other, suspend all the suspicious processes and kill them all at once. Visit regedit and delete the offending entries (generally in the Run key), reboot, and typically everything is back to the way it was. In 7-8 years I was only infected once, and since moving to Vista/7, I’ve had hardly any problems.

An important Note: Typically, “manual” Virus removal is not something that just anybody does. It really requires a intimate knowledge of how Windows software works, the PE file format, and of course a willingness to “get your hands dirty”. At the same time, it really is only an extension of what you should do even when you have a AV installed- keeping a system clean requires constant vigilance and you need to constantly be assessing what possible security repurcussions your actions could have. “Does this application REALLY need admin permissions?” type stuff. More importantly, a single screw-up can cost you dearly. This is NOT something I recommend. Heck I don’t even recommend it to myself. I just don’t like the “cloud” surrounding Windows being inherently insecure to the extent of requiring an AV to function, so I don’t use one.

BC’s tips for AV-free operation

Sometimes your applications will crash; this is pretty much inevitable. Sometimes you’ll need to run Task Manager for various reasons. While there, glance over the processes. Again, this requires a familiarity with the type and number of processes you would typically see running on your machine, so it’s useless unless you are familiar both with your operating system of choice as well as your “normal” software configuration. Things like rundll32.exe showing up in there out of nowhere will make me reach for Process Explorer, where I can determine the “threat” posed by that process.

As I type this, my desktop machine does in fact have a rundll32.exe process running. Which piqued my curiousity. You can use the “Select columns” menu in the view menu of Windows Task Manager to enable columns such as “command line” which can give additional information on the process. you can also use various features of Process Explorer for that same task, or further investigation of a suspicious process, such as examining it’s in-memory layout, stack frames, loaded Libraries, etc. in the case of this particular rundll32.exe, it turns out to be used to launch a function called “GameUXShim” in C:\Windows\System32′ gameux.dll, which according to it’s description, is “Games Explorer”. the parameters, and function name, passed make it clear this is designed to “Shim” an older game to work in the newer Windows 7 environment. Again, familiarity with the Windows System helps here, the compatibility settings provided by the windows shell itself pale in comparison to what is actually provided “under the hood” which involves a massive network of shims, compatibility hooks, and databases on the sorts of the two needed for various games and older applications that were, for lack of a better word, written badly. In this case, it seems to be for “Halo.exe” the executable for the popular Halo game, which I bought and never played hardly until yesterday where I played for 5 minutes and got stuck. Knowing that I played the game, and was no longer, I can safely terminate this process and know it wasn’t malicious, and is required for proper gameplay. Same for a variety of other older games I have. {Edit: As I discovered previously , this gameUX.dll mess was actually caused by something else}

Obviously, this isn’t for people that just want to “do work” on their computer; it’s more useful for people who want to learn about how it works, and I don’t purport it as being safe, or even really that smart. An AV solution is only as good as it’s user, which is a nice way of telling people “you keep getting infected because your stupid, not because your AV sucks”. Usually I can get them to understand.

More critical that what AV a person uses is learning how to use that AV software effectively. You can’t just install an AV and forget about it; they each have their own nuances and settings that you should configure to your unique usage scenario. Learning what causes their various “popups” to appear warning you about things and how severe they are is important, particularly since the way a lot of AV suites present their messages is using skinned messages and gaudy pop-ups with stupid images that depict “virus infections” or other images that are wholly unimportant. Installing an AV and blindly following it’s advice and getting all worked up because it says it quarantined something merely feeds the ignorance, it doesn’t absolve it. It just adds confusing terms. “Quarantine” for example, is just a silly term in a software environment. All it amounts it is a backup folder where the files are moved to. Why? Because AV software has false positives, so it moves it there so that if it turns out that “woops that wasn’t infected” it can be moved back. It’s sort of like the equivalent of a society where, if anybody is identified as “sick”, they are euthanised. (a bit harsh but that’s essentially the analogy as far as software goes). For “cleaning” and disinfecting files, basically at this point the analogy would be that they can cure your cold, but they will have to rip off all your limbs and cut off your ears. (the resulting program very rarely still works as it used to and you need to reinstall anyway). In such a scenario, false positives could be disasterous. Instead of just having a call to your house telling you that your test results were wrong and you don’t actually have the flu, the doctor would have to interrupt your funeral to say “oh, yeah turns out he wasn’t sick”, which usually means he is no longer invited to the reception. As such AV software does what might be done in such a scenario: instead of outright deleting/killing the victims, it moves them to a special holding area, where they are forgotten about and usually deleted anyway, but at least that way if the doctors/AV software balls’d up they can just release them back into society. This only outlines that AV software is far from perfect. using medical terminology like “quarantine” and “virus” and “heal” and “infection” only serves to confuse the issue, since it actually makes people think that the entire area of malware removal is a “profession” like your standard medicine on which the analogies are based. It’s not, certainly no where near the level of the field they have taken the terms from. At this point, Anti-Virus software as a “medical” field is about the equivalent of when we would drill holes in peoples heads to release their inner demons. That isn’t to say it’s useless, just that a lot of what it does is a tad drastic.

508 total views, no views today

What is a Pointer?

To understand a pointer, one must better understand variables. In a statically typed language such as C, a variable has three properties- it has a type, it has a name, and it has a value.

In the above example, int is the type of this variable, variable is the name, and 400 is it’s value. A Pointer is essentially a variable that has a type and a name, but get’s it’s value from elsewhere. For example, in the following C program:

a has a type, name, and a value. b and c, however, are declared as pointers. This is done by placing a asterisk between the type and the variable name. For the most part, a pointer is just a memory pointer, usually a long integer. in this example we set b to point to the address of a, and then set c to be the same as b. When we change a, the “values” of the other variables change to.

Since pointers are fundamentally integers of some description, all operations assume you are dealing with the pointer value (as in, the integer pointing into memory) as opposed to the value stored at that location. In order to get the value stored at the location a pointer points, you need to dereference the pointer. In C, this is accomplished by prefixing the variable name with a asterisk, as shown in the above printf()’s for b and c. dereferencing a pointer returns a non-pointer value of the type of that pointer, in this case, while b is a int*, *b is a int. Without the dereference, printf() will print out the numeric value of the pointer, which is not desired.

Why are Pointers important?

Pointers are important simply because they are used for a vast number of implementations of algorithms. Pointers form the basis of References, which are used in other languages like C# and Java. Pointers are essentially what a number of algorithms are built on; Sorting algorithms deal with pointers within a larger structure, Linked Lists deal obviously with a set of elements linked via pointers, and so on.

The Dangers

The Dangers of pointers are pretty easy to understand. In order to dereference a pointer, the memory it points at has to be valid. The most common problem stemming from this is dereferencing a NULL Pointer. (NULL being 0). in C and C++, doing this will either crash the program (without an error message, unless special care is taken), or cause undefined results. C++ has a number of library classes and templates (such as auto_ptr and smart pointers) designed to make these problems easier to identify by using C++ capabilities such as operator overloading. C#, Java, and other higher level languages are of course not exempt from the problems with pointers, because Pointers are references and both are accosted by the same set of problems. These come about in the form of NullReferenceExceptions. These managed languages do mitigate some common problems such as creating a pointer but making it point to the wrong location, or faulty pointer arithmetic, and so forth, by making those unnecessary (C# makes it possible using unsafe{} code blocks, though). The Core capability of Pointers is aliasing- that is, being able to refer to one thing in multiple locations by different names. in C, if you pass a pointer to a function, that function can change the contents of what pointer is pointing at, but it cannot change where the pointer points.

Function Pointers

Before we talk about Function pointers , one needs to understand Functions themselves. a function is in a programming sense very much the same as a function in the scientific sense; it takes one or more inputs and returns a result. For example, in C:

This C code actually does a lot “under the covers” within the assembly:

Functions in low-level Assembly language consist of three parts: a prolog, an epilog, and the body. the prolog does the task of “housekeeping” and setting up the stack frame for the function. The epilog tears it down. Without getting into to many details, sometimes these parts of code need to be done before calling the function, or from within the called function. Either way, it boils down to a Assembly “CALL” instruction. The CALL Instruction (again, without going to in depth because if I do that I’m bound to make numerous factual errors, assuming I haven’t already) essentially moves the instruction pointer (which indicates the current location of program execution) to a new location. It also saves the return location for the subsequent RET instruction that is usually the last instruction executed in a function. the CALL instruction takes one thing: a Pointer.

Of course, we don’t usually work in assembly, do we? So how does this work in higher level languages, such as C? C actually does the work for you in many respects. In the above program, for example, we didn’t have to know about epilog, prolog, the stack frame, or any of that sort of stuff. We simply defined functions and used them. A Function pointer is a pointer which points at a function, rather than a storage location. Because of the Prolog and Epilog code needed to handle parameters and return values and stack frames, the Function pointer type needs to include information about Function parameters. a Function Pointer is defined in C this way:

This creates a function Pointer ptFunction which is made to point at a function accepting two int arguments and returning an int, and that Pointer is initialized to NULL. In order to use it, it needs to have a value, this is done by making the pointer actually point to something:

Obviously, the real power in Function Pointers comes from being able to change what they point at. Add to this you can have functions that return other functions, and you have the beginnings of Functional Programming style.

In my next entry on this subject, we will move into C# and explore what C# delegates add to this and how they differ from your standard Function Pointer.

566 total views, no views today

I don’t know how but somehow I’ve been awarded the Microsoft MVP award for my contributions to C# technical communities (C# MVP). Of course I am very surprised at this, but I guess I have a short memory. I do have a number of posts and blog entries regarding C#, as well as a lot of forum posts across my various profiles that assist with it. My initial response was actually self-deprecating- “I guess they give them to anybody these days” Which is of course not true.

I cannot help but feel like I got it “by accident”. Most MVPs really are industry professionals with professional expertise, a college education, and a myriad of other qualifications. I feel like an imposter, since I don’t have any post-secondary education and certainly no formal education in any of the domains that I am essentially being awarded for, nor have I actually worked in the industry (well, arguably, that’s not true, if my failing attempt to start a company counts).

That isn’t necessarily to say I don’t deserve the award- I imagine the people responsible for the MVP program are a lot more qualified to make that decision than me.

At this point I’m forced to wonder how it helps me. It does make a very nice thing to put on a resume, but the thing is, I have no place to submit that resume where that award is going to matter. At my last job I think the most my skills were actually used was when I told the manager that, “yes, the monitor needs to be plugged in to work”, or something to that effect. I quit my last job nearly a year ago (Last October) Because I wanted to find something working with computers. The closest things to this are still retail (places like Staples, Best Buy (*Shudder*) and so forth. I applied at every single one I could find, and even got a few interviews, but nothing came of it. Arguably it’s equally likely the fact that shortly after the day I had all those interviews my phone got cut off made follow-ups impossible, so I have absolutely no clue if they ever tried to call me after that (in fairness they did have my E-Mail addresses and I’ve not received anything about it, though it’s more likely they tried to phone, and then just went to the next applicant).

Regardless, let’s be honest. Even that is below my pay grade. I wrote about “getting one’s foot in the door” previously, and this just goes to show how damned impossible it seems to be. The idea of a person who received a MVP Award for sharing C# technical expertise working a minimum wage crap job- or even those above- is almost laughable, but there is absolutely nothing else around here, with one exception.

There is, however, one place I haven’t tried. Pelican Software (which is actually owned by Northwest Forest Products, if memory serves). Well, that’s not quite true, I did in fact try them back when I was a spunky kid whose expertise was pretty much just VB6 and feeling smugly superior… More recently, I did have some dealings with them regarding a Freelance program I had written, “BCJobClock” since it is very similar in many ways to their product, “Tallys”. Things were looking up in that regard but the eventual decision they reached was that BCJobClock was too similar to it. (With the exception that it’s UI is not confusing and it doesn’t cost several thousand dollars). I never actually applied there since to my understanding they really aren’t doing to well and I doubt they’d take the business risk of hiring more staff in their situation. But I may try that anyway. It’s known statistic that companies that employ at least one MVP Award winner are more successful.

At this point I sort of have two options: I can either pursue this BASeCamp thing and try to market BCJobClock (which currently has not appeared on my site at all) for a nominal price, by integrating the existing ProductKey code that I already wrote and used for BASeBlock. But the thing is that the BASeBlock situation really tells me everything I need to know- it’s pointless. Nobody has actually bought a registered copy. And there are very few downloads. It’s online, but in many ways it may as well not be online at all. It just represents 3 years of my spare time that I’ve essentially wasted on a bloody game. It’s still “my product” and I’m proud of it and all that, but pride doesn’t pay bills. And I don’t want to lock away the editor behind the requirement for registration because the Editor is perhaps the part I like the most about the entire thing. Honestly when I was dealing with NWFP regarding the program I just wanted to sell the entire thing and get rid of it. I was sick of it and in some ways I still am. Come to think of it, I’d be more than happy to sign something that gives the complete IP to BCJobClock to NWFP as a condition of working there. Of course it probably wouldn’t get used, but this really would be the only guarantee that I won’t at some point be in direct competition with them, which could very well happen- and this guarantee might be worth it. (I would say so- my program is a heck of a lot easier to use and if I do release it in some manner it’s going to be a lot cheaper, too; though despite their notations it won’t be cutting into any of their market anyway- but in that case it will still be my market share, and not theirs.

Of course, BCJobClock is aimed at a different market. In some ways it’s a Time Management application. I suppose I haven’t discussed the program much since I hadn’t decided what I was going to do with it (well actually there was a page on the main landing site that was a little exuberant on the entire thing at some point, but I removed it when reality punched me in the face with BASeBlock). To Summarize, it basically manages workers and orders for a Repair shop or similar shop. This can be automotive, like the client I originally wrote it for (Somewhere in Iowa, to my understanding) Or it could easily be used for Repair shops or other locations that need a Worker < -> Task management system. The Client program allows employees to clock into and out of orders using a touch-screen interface (naturally I don’t provide the hardware, just the software here), which is done through a WPF C# Application. This program interfaces with a remote MySQL Server using the SQL/Connector which allows the use of ADO.NET Connection and similar objects to work with the MySQL Remote database, which manages all the… data… involved. The Administrator program allows the addition/removal of users, inspection of all orders and users and the time taken on each order as well as each user in total, and all sorts of other information. There is also another little “Watcher” program that is designed for use by people tasked to surpervise work orders and assign tasks to other employees, but aren’t able to have full access to the administrator panel for adding and removing users, getting reports, and all that. Because it is designed for watching users, it also shows Notifications when Users become available for work or when Users or tasks are being “ignored”, and little coloured indicators to show when users/orders are working/being worked on.

It still needs a bit of work to streamline some speed problems that have been encountered by the sole user of the program (which we hacked away with a few INI file changes for their immediate use case), which is related to the fact that the admin program tries to keep it’s view “up to date” by refreshing from the database on a given delay. Unfortunately it picks up a lot of data in the process. Ideally, it would only proceed to actually carry out the “refresh” from the database when it actually knew there was a change, but I’m not really sure how to implement that. Working with databases is frustrating, in that these seemingly basic capabilities seem impossible. (Q.How do I detect when the results of a query changed? A. you perform the query and look through the entire resultset). Of course at that point if you find no changes you just wasted that entire time, so it’s just begging the question.

Actually, with some thought, there is another solution. Relocation. There is simply nothing around here for the type of person who has skills and abilities relevant to a C# MVP Award, so in many ways having it as a bullet point echoes as hollow as the sepia-toned aged mention of my High-School awards from almost ten years ago. So, Maybe it’s time to leave Nanaimo. There simply aren’t any tech jobs here (or I’ve become blind). Not even some sort of more general IT job dealing with servers or the network of a office building or what-have-you.

As I noted however, I never actually inquired NWFP for a career or job, since that wasn’t really my intention at the time. In fact it never even occurred to me. The MVP Award I think helps me here; those aren’t exactly given away freely, there are only two recipients in Nanaimo, Me, and a fellow whose expertise lies in SQL Server; I think there are a dozen on Vancouver Island (though I cannot check).

And if that doesn’t work- well, I guess I’ll have to relocate. On the bright side, My website will still be in the same place

608 total views, no views today

BCSearch, one of the larger applications I’ve made available, was written in Visual Basic 6. I use it quite frequently myself, but it has a few issues that I wanted to address today. Since I have since moved on to C#, D, Python, and other more expressive languages, going back to my old code was an interesting experience. One interesting thing about BCSearch is that it doesn’t, immediately, look like a Visual Basic 6 application.

Visual Basic 6, of course, is not really all that similar to VB.NET. Many die-hard VB6 users, such as Karl Peterson, for example, extend it as saying it is a different language. This is 100% true. But at the same time, VB.NET addresses SO many language problems with VB6, that it pretty well has to be a different language to fix them. Many of the problems VB6 developers had were deeply rooted in the architecture of the language core. An excellent rebuttal Progress Report about these perceived differences can be read here .

There are some rather glaring problems with using Visual Basic 6 today. For one thing, it was designed and written in 1998, with a service pack released in 2003, to my recollection. This means that it’s architecture is solely stuck in 1998. The current year, as I write this, is 2012. 14 years later. Windows has gone from Windows 98 and NT4 through Windows ME, 2000, XP, Vista, and now Windows 7, with Windows 8- which promises to yet again change the UX programming model- on the horizon. Visual Basic 6 is a curiousity- a novelty. Even so, there are a myriad of tools for the dedicated to create modern applications. VBAccelerator is one such site. The creator has moved on to VB.NET and C#, but his older controls and libraries are extremely powerful. Add to this some shell type libraries that can be leveraged from VB6 as well. Visual Basic 6, however, shows it’s age nonetheless.

In particular, looking at my BCSearch program and thinking about how the various things would be implemented in C#, the C# code I imagine is far more concise and therefore easier to maintain. The Search program itself uses my “BASeCamp File System Objects” Class Library that I wrote several years ago, which attempts, and for the most part succeeds, at giving a very good object-based heirarchy for accessing Files and Directories that goes beyond the VBScript FileSystemObject and extends as low as Binary File Streams, Stream “filters” and NTFS alternate data streams. IN particular, it leverages the FileSearch and CFileSearchEx classes rather extensively, the latter of which I wrote specifically for use in a search-type application.

The code attempts to work asynchronously. Anybody with experience in VB6 is probably facepalming right now at the mere thought of trying to get threads in VB6. And I agree. The VBA and VBRUN libraries are not what I would call thread-safe or re-entrant, and some of their structures are in Thread Local Storage so basically you can fake threads, as long as you don’t use anything from the runtime, which is easier said then done. This is not how BCSearch does it, however. In order to “fake” asynchronous access The FileSearch class starts a timer, whose entry routine starts the search. What ends up happening is we have two concurrent lines of execution which yield to one another with doevents. This allows the main form to respond to User input.

Another thing that highlights the deficiencies of VB6 is it’s lack of Object-Orientation. Now, it has classes, and you can do Interface inheritance, but there is no implementation inheritance, and many of the things you take for granted in some other languages, such as constructors, indexers, and operator overloads, simply are not available. Some of these can be “faked”- for example, constructors could be faked. Let’s say we have MrPoint.cls:

Creating an instance of this class requires something like this:

Some VB users may be going “AH HA! but you can do this and make it a tad shorter:

True, but this has a bit of a performance implication. in VB6, the New keyword in a Dim statement doesn’t allocate the value immediately, but instead will add more logic so that every access of the variable has a check; the above is the equivalent of this:

Which adds a bit of extra logic and can slow down accesses in a deep loop or other intensive operation. Either way, this sort of initialization is pretty slow, isn’t it- having to create the object, then set properties. Most Languages that support classes allow for Constructors. VB6 is unsurprisingly an exception to this. You can fake it by creating a GlobalSingleUse class (By changing it’s instancing property) with a Function or Property that returns a new instance of that type. The typical name of such a member is the name of the class it creates. For example:

One could even create ‘overloads’ by using optional arguments:

The typical approach is to add the GlobalSingleUse class to a ActiveX DLL, and reference that DLL in the “main” project. Since the Instancing property is only usable in ActiveX Components anyway

In some ways this is reminiscent of Python’s method of object instantiation, which forgoes a “New” keyword. Even with these types of hacks, VB6 as a language leaves much to be desired, as does it’s IDE.

Being that it is from 1998, the IDE has actually aged quite well. In another twist, The Visual Studio version from that era no longer works on later versions of Windows at all, due to a few issues it seems to have. For those that might be scratching their head- Visual Basic 6 and earlier were in Visual Studio, but you didn’t use Visual Studio for them. That is, while things like Fortran Powerstation, Visual J++, Visual C++, and so forth used The save development environment (msdev.exe) with “changes” applied through various add-on libraries, Visual Basic was a standalone program that stood apart. In this sense it is similar to it’s adopted cousin in the Visual Studio family, FoxPro.

Thankfully, While the IDE as it is now can be a massive annoyance to work with, (particularly if you are used to things like Eclipse, MonoDevelop, or Visual Studio 2008 as I am), it has a rich extensibility framework that has been fully leveraged by various plugin and addin developers. Giving us tools such as the free MZTools6, AxTools CodeSMART, and several others, which improve the general capability of the IDE and bring it up to more modern standards.

The above is a Application I wrote some time ago in VB6 to leverage a Object-Based File Library I also wrote in VB6. At a glance, it looks nothing Like a VB6 Application. Visual Basic 6 and earlier didn’t support alpha channel bitmaps, and the toolstrip and stuff look “new”! what is this insanity? Thanks to enterprising Visual Basic “Classic” devotees, there is a wealth of information on modernizing a Visual Basic 6 Application. From hacking the VB6.EXE program to change dialog sizes to be more convenient on larger monitors, to adding manifests to it to make the IDE work with the Vista/7 Glass look (as above), so showing Alpha Icons for your form icon. Many of the tools I leverage I found on the excellent vbaccelerator.com, as Mentioned earlier.

However, while the end result looks nice, it’s filled with Gross hacks. Even within my own File Library. A Quick Overview- the File Library is similar to the MS FileSystemObject’s, but more full featured. the base object is “BCFSObject”, which methods not unlike FileSystemObject. One can enumerate directories too.

This was a sticky point. It still doesn’t work. Right now it reads all the directories and returns them. The Ideal case would be an iterator, but VB6 doesn’t support iterators. There is an IEnumVariant interface, which you can define using IDL and add as a reference, but in order to actually implement the interface, you need to literally hack your classes Virtual Dispatch Table. It’s as gross as it sounds. This is because VB6 won’t let you have functions as reserved words; the IEnumVariant interface happens to have a method called Next() which also just so happens to be the core logic of the interface. What you end up doing is remapping your virtual function call table to point to a Module level variable that quite literally takes a first argument as a Long Pointer which it manually dereferences into an Object, and all sorts of hairy gunk. Add to this that the references are often weak and merely mousing over a variable at the wrong time could very well cause the IDE to crash.

I had a working implementation, but it would randomly crash, which obviously put a crimp in it’s capabilities.

The shame is that this same code is dead easier to make in VB.NET, and dead easi-er to make in C#; with C#, just write an iterator coroutine; with VB.NET you have to do more hairy stuff and implement a specific interface, but you don’t have to muck around with Virtual Dispatch tables or anything like that. A lot of stuff you get for free in VB.NET, C#, and other later languages, you have to work on to get working in VB6. For some this can be a point of pride, but when you think about it, it doesn’t really matter if you happened to write a program in a certain language and worked around limitations to get it to work a certain way- to the user, they are all programs. So why spend hours hacking around in memory pointers with Visual Basic 6 when you can do the same thing, and much safer, with C# or VB.NET? There is no reason. Unless you want your program to run without the .NET Framework, which seems to be a common goal which seems to forget that the user doesn’t really care that you went to all that trouble to avoid a framework they probably already have installed if you happen to be missing any number of things that you would have had to reimplement from it.

1,124 total views, no views today

One might have noticed I’ve been posting “filler” content for the last while, at least to some degree.

However I have some real whoppers on the way. One is a rather large, and in-depth comparison of Visual Basic 6 to more modern languages, and how far we’ve come development wise. This is because I still see a few people trying to cling to the old Visual Basic, which is pretty silly. Another topic I wanted to properly explore was the Windows Forms PropertyGrid control, particularly dealing with UITypeEditor and properly implementing custom Editors using it as well as ValueConverter’s. I will probably explore the WPFPropertyGrid available on codeplex as well, but I suspect that works a bit differently (aside from the obvious difference of being in WPF rather than Windows Forms).

Quite a few others as well. Long posts tend to simply be text files on my HD until I decide to post them (as opposed to, say, drafts). And proper fact-checking and making sure the code looks right (I have to replace any < and > marks with the HTML entities (major annoyance).

236 total views, no views today