Understanding Adware, Spyware, Logging, Hijackers & Phishing
Mac Attack Is Preferred To Weasly and Rascally Entry (WARE)
Saturday, June 25, 2005 by Chuck | Discussion: Personal Computing
What risk, you meekly ask with a wry smile? Why the risk of spyware, malware, hijacking, logware. viruses, worms, trojans and phishing to name the more popular ones with new ones propagating faster than earthworms in summer. The bad guys are constantly creating nasties to invade the good guys' systems which many owners are not even aware of. I was recently called to aid a nervous friend who had no idea whatsoever what was happening to her system. She had recently subscribed to broadband (and I won't mention ComCast by name) and the tech had installed everything by the book. Yes, by the book, except he did not inform her she need a current antivirus, antispyware or firewall to protect her investment. My diagnostics found and removed 1,263 pieces of spyware, 8 viruses, 4 trojans and 6 worms which fortunately had done no permanent damage to the unit. She was encouraged to contact that company I won't disclose (ComCast), but probably didn't since chances are no responsibility would have been taken. Also, this company doesn't offer any free security software for subscribers like Cox Communications does. So it goes.
The first step in diagnosing any problem regarding WARE (weasily and rascally entry) is to closely examine your computer operation. Turn on the unit and then set back to watch the booting up. Here is a checksheet to help you:
1. Turn on your system, set back, relax and watch the advertising show. Quite a show will be displayed if you have sufficient inundated adware (advertising spyware) and you will notice continuous popups. The products displayed are many, but more so is the rapidity of each popup taking up your windows memory as well as bandwidth while demonstrating subliminal advertising to the hilt. It is safe to assume you are infested with adware if this occurs, but the products shown aren't that good. Make one check mark.
2. Lets say you turn on your system and it has difficult booting up. In fact, you have problems entering safemode and mutter to yourself: "damn Microsoft." It may not be Microsoft's entire fault, but a small portion is. Spyware can invade many different portions of your system and be transporting worms or viruses to make your life more exciting as well. Where did they come from, you ask? Probably not from the bar you were hanging at last night nor from the date experienced, but could have came from the email received afterwards; or from that free piece of software you installed; or from just being on the internet. WHAT!!!!! Yup, just by being on the internet.
The internet has changed substantially from years ago. Duhhhhhh!!! A system is at risk these days simply by going on the internet without sufficient protection-nasy bots hang out there testing individual computer protection and zoom onto an unprotected one after sending back sufficient information to bring the equivalent of the Red Sea spyware to you computer's front door. This may sound exaggerated, but not that much since the nastie technology has advanced substantially and for every protection released by a recognized laboratory, a counter-nastie is devised by someone out there to attack it. It can be described as evolutionary to the full extent and is an ever crusading battle for truth, justice and the American way. Where is Superman when you need him?
Back to spyware which plants itself on your computer and sends back information to a server ranging from your marketing habits, sites visited, personal information, etc. It is not a good thing to have on your computer and should be removed as soon as possible.
3. Hijackers-these little devils do exactly what the name implies>hijack your computer and without you even being aware of it. Hacks come onto your system, look around for personal information like passwords, financial information, telephone numbers, etc., and then proceed to do things like download illegal software onto the harddrive, make numerous phone calls, credit card purchases, etc., while your computer is identified as the one used for all transactions. Normally, they are discovered when the credit card or telephone bill arrives indicating $3000 worth of charges in Singapore and you scream!!; and perhaps when something peculiar happens with the computer like bouncing around or programs not there before. Either way, by then the damage is done and the culprits have skipped out leaving you with the aftermath of perhaps identity theft, numerous long distance and international phone calls, tons of credit card purchases and the need to cry all night long. All you can do is prevent it from even happening again after reporting identity theft to the authorities and Barney.
4. Loggers-these devices are implanted on your system to record and transmit everything you log onto your keyboard. Imagine, everything you key into the system has been transmitted to a server somewhere with the idea of obtaining personal identity such as social security numbers, checkings/saving accounts, and any other preferably financial information that can be gleaned. It's mind boggling!!
5. My new favorite is entitled Child Protection or Surveillance TV...in reality its another device which takes snapshots of your entire harddrive or individual files for transfer to a server located in some unknown place where another computer examines for personal information. Very advanced, very sophisticated and demands a good antispyware with current definitions to find on your system.
6. Malware, also called Riskware, is anything that poses malice or risk to your system. This can range from a latent threat which may lay dormant for awhile and then come forth to deliver a potent virus, worm, logger, or hijacker. It depends upon which form deviousness the programmer had in mind when conceiving or if he or she had been to mass recently. Regardless, they can be identified with a good antispyware and dispatched to nastie heaven in the manurepile of digital bliss.
7. One last latter day creation Phishing. Phishing involves professional looking email from what appears to be your bank, ISP, etc., usually stating they are reorganizing financial information and would like for you to resubmit yours again. NOTTTTTTTT!! Its not the real thing and will go only to a server probably out of country where good use will be made of the information given. New security packages now have developed anti-phishing packages, but the best thing is common sense. REMEMBER THE FOLLOWING:
1. Nothing is free completely.....you will always receive something in the background if download.
2. Never open emails you don't recognize. Opening one is sufficient enough to insure an abundance of spam and possible unleashing of nasties upon your system.
3. Never respond to spam. They take it as consent has been given. Best thing is to simply brand it as junk mail, let your system remove it, or delete it, and then report it to your ISP.
4. Don't be taken in by official looking email that resembles your financial institution, ISP or something similar. It probably isn't and could prove far more devastatin than you can imagine. Ignore all Selective Service Draft Notices.
5. Always beware if downloading something, like software, and it comes in a bundled package. Generally, this is an indication it provides products for you to evaluate which involves spyware. Always go to reputable sites for software.
6. USE COMMON SENSE with everything. Keep you antivirus definitions current; update your antispyware consistently; and be aware of your firewall, keep it current and see what it stops.
7. Check your checkings/saving account statements; any other financial investiments; phone bill; credit card statements, etc., to insure nothing out of the ordinary is happening.
8. Never give a contribution to anyone named Barney who claims to be purple and sings a weird song beginning with "I love you, you love me..." Chances are its not Barney, but someone named Bluto seeking enough scratch to find Popeye for a hit. Don't be fooled.
We now come to the part where a discussion of good antispyware products is necessary. Well, this must be prefaced by determining broadband including DSL or using dialup yet. I heartily recommend the use of a router with NAT for broadband/dsl even if only one computer is used. Secondly, choose a good antivirus, firewall and antispyware. I currently utilize an excellent D-Links router with NAT and two anti-spyware programs, SpySweeper and counterSpy. You can't lose with two antispyware programs, but may have difficulty running two antivirus programs simultaneously, i.e. Norton and McAfee. My system only uses one antivirus, Kaspersky Personal Professional and one firewall, Zone Alarm For Wireless. In total, they all work superbly and provide excellent protection for my needs.
I run a wireless for my laptop and use the same two antispyware programs, Kaspersky Anti-Hacker and Kasperky Personal Professional. Again, the protection is superb and no noticeable problems have been noted since configuring both the desktop and laptop.
Now, do you know enough to go out there and fight the good fight. Probably, but you will learn a great deal in the future as the evolutionary struggle continues. You can always visit sites like McAfee, Symantec, Kasperksy, etc., to view the latest virus/worms/trojans; and there are excellent sites for spam like The Spamhaus Project (www.spamhaus.org) or the following for WARE: www.kephyr.com, www.spyware.guide and www.webroot.com has a wonderful guide entitled Truth About Spyware and Adware. There are also psychiatric/psychological sites if you ever become confused to the point of believing you are one with your computer. Feel free to write the following in Google: whyme, hit enter and wait for the results. Help is on the way and you will find your personality again!!!
Graphics Unleashed Article: Object Desktop
Check it out!
Friday, June 24, 2005 by Cordelia | Discussion: OS Customization
Where did I lose control??
DO you suffer from TMIM?? (Too Much Instant Messaging?)
Wednesday, June 22, 2005 by ShadowWar | Discussion: Virtual Communities
Then why do I have the five accounts? I tried one then the other and found that they all worked in different ways. I liked some things about one and not some on others. Then I found my friends all used different IM’s and so I had to have accounts in all the different IM programs. I hated it. I had to run several at the same time and see who was where and when. What a hassle. Then I found Trillian and BAM all in one place all in one interface. I love it.
I was also wondering when looking at Trillian, how many other people have multiple IM accounts? And if so do you have a program like Trillian that puts them all together or do you have several open at the same time? BTW here are my IM names in case you do and want a IM chat sometime.. LOL, when Im not teaching, out of the office or catching bad guys.
Yahoo – cwcrash
ICQ – 7204092
AIM – cwcrash
IRC – ShadowWar
LOL..
Why Mac OS for Pentium but not Itanium? Seriously.
Some thoughts on the economics of personal computers
Sunday, June 19, 2005 by Leauki | Discussion:
Of course, once the chip is established as the new standard, like x86 before, the price would have gone up, since users need the chip as much as the operating system. The result would have been a monopoly of standard microchips compatible with the Intel Itanium just as there is a monopoly of standard operating systems that are fully compatible with Microsoft Windows. Patents and copyright guarantee the monopoly, just as it was intended.
Microsoft, of course, knew about that danger. It is in Microsoft's (and every operating system vendor's) best interest for processors to be commodities (aka cheap and interchangeable). Thus Microsoft made a few moves to make sure Intel and HP could not succeed (while still supporting the Itanium chip as promised).
Microsoft knew about this danger in the late 90s and acted accordingly:
1. Keep everybody 32 bit until the arrival of a commodity 64 bit architecture.
2. Support Apple with Mac OS applications to keep other processor architectures around.
3. Move Xbox to PowerPC.
4. Support the commodity 64 bit architecture when it appears.
Intel also knew and were thus working to make operating systems the commodity.
1. Start and support a Linux-port to Itanium.
2. Try and convince software vendors to port operating systems to Itanium (including AIX).
3. Get HP to port HP-UX and VMS to Itanium.
4. Get Microsoft to offer Windows for Itanium.
The perfect situation for Microsoft is many competing vendors for all products that complement Windows: application software, games, utlities, hardware including graphic cards, microprocessors etc..
Thus Intel and AMD (and Cyrix and Transmeta etc.) producing what is understood as a commodity chip is what Microsoft want. But Intel alone offering the new standard chip without competition, that is as bad for Microsoft as Microsoft's monopoly (again, in the market for fully Windows-compatible operating systems) is for everybody else.
Note that this "everybody else" is makers of computer components (including software), not customers. Customers already pay as much as they will for a computer and this pricepoint is not affected by exactly which component of the computer is a commodity and which is not. An Itanium-based computer with Windows would, in the long run, cost as much as a Windows computer using a commodity CPU, namely as much as customers will pay for the entire solution. The only difference is the percentages of the money Microsoft and Intel or other chip makers receive.
If the processor is a commodity, Microsoft's percentage will be higher. If the processor is not a commodity (say an Itanium standard which only Intel can supply products for), Microsoft's percentage will be lower by exactly the amount Intel have gained.
Customers directly profit from commodity components when every single required component is a commodity. If the operating system as well as all the hardware is a commodity, prices for the entire system will fall, because none of the suppliers has a monopoly on anything and thus none of the suppliers would be in the position to earn the difference between cost of production (the price of a commodity) and what customers are willing to pay (which can be a lot more). The amount paid in excess of what commodity components would cost is what economists refer to as "rent". In this case the rent is a "monopoly rent" since it exists due to a monopoly power. This is similar to the reason for why an apartment in a nice neighborhood costs more than the same apartment in a bad neighborhood, in case you have ever wondered.
There are degrees between the two extremes. For example the operating system could be replaced by something that is not exactly the same thing but sufficiently like it. This would bring the price of the operating system down, i.e. commoditize it a bit. Linux has that effect. OS/2 did. Novell DOS did.
Sometimes no operating system at all can replace Windows. The customers in question don't need it and replace it with anything. In that case the operating system becomes a commodity, and I think one might notice that in these cases a computer with Windows and without Windows will cost the same, because the pricepoint is not affected by the exchange.
Think "Corn Flakes with Milk".
If both Corn Flakes and Milk are commodities, "Corn Flakes with Milk" will cost as much as it costs to produce them, say the amount C+M, with "C" being the cost to produce Corn Flakes and "M" being the cost to produce Milk.
If both Corn Flakes and Milk are produced by only one source, "Corn Flakes with Milk" will cost X, with "X" being the maximum amount customers are willing to pay for "Corn Flakes with Milk". This is the "pricepoint" referred to above and in extreme cases (if there is absolutely no other food at all) it will be infinite. [0]
If Corn Flakes are a commodity and Milk is produced by only one source, the product "Corn Flakes with Milk" will also cost X, with one of the Corn Flakes makers making C and the Milk maker making X-C (which is more than M).
If Corn Flakes are produced by only one source and Milk is a commodity, the product "Corn Flakes with Milk" will again cost X, with one of the Milk makers making M and the Corn Flakes maker making X-M (which is more than C).
If Corn Flakes are produced by only one source and Milk is a commodity and Corn Flakes can be replaced by something that is not quite the same as Corn Flakes but a somewhat acceptable replacement, say Rice Flakes, which are produced by only one source, the product "Rice Flakes with Milk" will make Y, for which we know is true: Y
And if a customer only wants Milk and doesn't care about Corn Flakes, even if only one source produces Corn Flakes, the customer will pay for "Corn Flakes with Milk" the same amount he would pay for just Milk, whatever that costs. Thus, for this customer, Corn Flakes would be a part of the commodity "some product I don't need", which is, of course, the ultimate commodity (the price is below even production costs at zero).
Thus Intel's Itanium chip would have cost less than what a PC costs but the price of it would have been a greater percentage of the price of a PC than Intel's chip is today.
And Microsoft certainly did not want that.
Thus Itanium now competes against SPARC and POWER in the server market where CPUs are expensive and operating systems tend to be commodities.
And that is, simply put, why Mac OS was ported to Intel x86 but not to Intel's IA-64 architecture.
Microsoft did not want it to happen. And Apple must see it the same way.
[0] This is not quite true, or at least it is possibly not quite true. The monopolist might not be able to sell anything if the price is too high because all customers wait for the price to fall and nobody wants to be the first buyer. The price will eventually fall because the monopolist can make a greater profit by selling to more customers. In order to sell to more customers the monopolist has to offer the product for a price more customers can afford. Customers can know that and thus don't want to be the first buyer. And the cycle repeats.
Fun with GEL!
A Tale of Two Character Encodings
Sunday, June 12, 2005 by GreenReaper | Discussion: Software Development
This friday I finished up some work on a new version of one of Stardock's products, which'll probably see the light shortly after the company finishes moving to Plymouth. So what do geeks do with their down-time? Well, in my case, it's often pretty much the same to what I do for money, only for the communities I'm interested in. Recently, a lot of my time has been spent on the Creatures Community, the group of people who've played the Creatures series of artificial life games. When I'm not contributing to the Creatures Wiki, I'll be writing some sort of tool, like this sprite thumbnail viewer, or polishing the next version of JRNet. But enough about my projects, as this one is actually about someone else's . . .
GEL is a genetic editor for Creatures 2. It is used to edit the genes for the various creatures (Norns, Ettins and Grendels). There are other editors, but people get attached to their favourite programs, and GEL is no different.
The trouble is, although GEL worked great on Windows 98, it didn't seem to want to work on XP. OK, so that wasn't great, but the real problem was that the source code - the words that the programmer types and gives to the compiler to turn into a program - had been lost in a hard disk accident, and so he couldn't fix the problem. Without the source code, you just have the "compiled" version, and it's very hard to make any changes to that.
There were several people upset about this, though and it's always a shame to lose a useful program, so I decided to see if I could do something about it. Overall it took about two days of work to get it back up and running, which I thought was pretty good. I figured it would be kinda neat to tell you how I did it, and show you some of the different tools I used, so I wrote this article. Just skip over the bits that get too technical!
Let's start with what I got when I installed the program and tried starting it up myself:
OK. I got this error, and then when I pressed OK it closed on me. That didn't work out that well. I'm sure you've seen similarly confusing errors on your own computers! Turns out, it's not always easy for programmers to figure out what it means, either . . .
So, we have a problem. But where? "Path not found" isn't a very helpful message - it doesn't tell you what path, for a start! I decided this would be the first thing to try and find out, so I started up FileMon, a utility that monitors what files are accessed by running programs. I was looking for any "not found" messages, and there were a few, but they all turned out to be dead ends.
By now it was clear that it wasn't going to be as easy as a missing file or a permission problem. The next thing I tried was another of the Sysinternals tools, RegMon. This does much the same thing as FileMon - monitor what's happening - but for the Windows Registry, so you can see what settings are being written and read. I consider both of these tools essential if you want to know what's really going on.
This was the last registry read before the error
As it happens, RegMon did turn up something - the last thing that GEL read before it all started to go wrong was the main path of Creatures 2. The thing was, this registry read didn't fail. This just happened to be the last thing that it did with the registry that I couldn't narrow down to other causes. I did try modifying this value in the registry, but this just resulted in slightly different errors.
After that, I briefly tried using another utility called API Monitor in order to see what calls the program was making to the operating system. This program is rather like a general version of Regmon and Filemon - while they monitor specific things, API Monitor "hooks" pretty much every system function that there is and records their use. Unfortunately, I couldn't find what I was looking for; I later found out that it didn't even start sending messages until a window had been created.
A small aside . . .
One thing I did notice using API Monitor was the amazing number of calls that were made - almost ten thousand of them - just to display an error box on the screen.Of course, it wasn't just displaying the box, it was:
- Loading the code to process the error
- Looking up the error message
- Playing the error sound, which meant:
- Loading sound libraries
- Checking what sound devices were available
- Figuring out what sound was the error sound
- Loading and playing the sound
- Loading up the screen reader library in case it needed to read the message to me
- Lots of other things that might have been useful if it had actually done anything after showing the error
There's a simple reason CPUs keep getting faster - they have to, because if they didn't, there's no way we'd be able to use all the things our computers do for us! The really crazy thing is that displaying such a box (with all the above features) just takes one line of code; something like this:
MsgBox "Hi there! This is the message" & vbNewLine &, vbInformation, "This is the title!"
Truly, we live in an age of wonders.
To recap: I'd found it wasn't a case of failed registry entries or a file not being there. It was time to bring out the big guns.
My first tool is recognizable to pretty much all Windows programmers, even if they don't use it themselves - Microsoft's Visual Studio. This is the number one tool for Windows development, and although it has its detractors, it's pretty good as development environments go. I would use this to run the program and stop it halfway, examining and changing the memory that it used.
The second might be a little less familiar to most programmers - IDA, the Interactive Disassembler. A disassembler is a program that turns compiled programs back one step into "assembly code", the last point at which it can be considered remotely readable. Few programmers actually write code at this level - most use a higher-level language like C++, Pascal, Java or Visual Basic - but it is usually possible to get a good idea of how parts of a program works through reading it in assembly.
Disassembling programs (also known as reverse-engineering) is something of a shady activity - one of IDA's most popular uses (though not one they advertise) is to figure out how to get around serial code checks, and this is one reason why disassembly is forbidden in most software licenses. However, all tools have their uses, and when you need to know exactly what a program is doing in order to fix it, but don't have the source, a good disassembler is a requirement.
Anyway, I started the program running in the Visual Studio debugger - a mode in which you can control exactly how a program executes, and modify the variables it is using - and ran through the code to see where the problem occurred. It was pretty easy to see what part of the error was in - a file called glsupcts.dll that came with the program. To see exactly what the code did, I set IDA running on it; after a few minutes it had an assembly listing of the code ready for me to read.
A note about DLLs
DLLs are not that much different from EXEs - they're both files that contain "code" (and sometimes other things like icons or embedded sounds). The main difference is that the EXE files contain the bit of code that starts the whole thing going, whereas DLLs tend to get called up by those EXEs to do their share of the work.
Of course, the assembly code wasn't actually all that easy to read. Something that made it even difficult was that the program had been written in Visual Basic, a language that I like which has a very easy to use system of programming, but which is often more general than required. As a result, it often did things in an odd way, and the code made a lot of calls to functions in the Visual Basic library. Of course, since these library calls were not documented, I ended up having to decompile this library as well, just to figure out what the program was doing! Hopefully nobody from Microsoft who cares is reading this. 
Reading through the IDA output, I found the check for the registry value just before the error occured. It certainly seemed these were linked in some way. Then I found a reference to "AllChemicals.str", a file that contains the names of chemicals in Creatures. It made sense that GEL would try to load this file, so that it knew what each of the chemicals was called!
Now I had a clue - since I knew from reading the FileMon output that it never actually managed to load that file, it was probably failing while trying to. Using Visual Studio to look at the memory when the program crashed, I saw there was something odd about the path it had given to the "open file" function. It started off fine, but the end didn't look at all right. Here was my problem!
The system had used part of the memory given to it to work out the path (see the end for details), and GEL had thought this was part of the path itself. It was all clear now - the buffer was not being trimmed of the working copy, and this was getting left after the path name, so when the program put "AllChemicals.str" on the end, the middle of the path was invalid. This was the reason it wasn't showing up on FileMon - it didn't even get to the point where it looked for the file on the disk.
So what could I do? Well, I knew it was trimming off the last part of the string - the trouble was, it thought it was twice as big as it actually was, so it was keeping twice as much as it should. The length had to be stored as a number somewhere. Eventually I found the number being returned from a call to a function called vbaLenBstr - which naturally calculated the length of the incorrect path. Now I just needed to divide it by two and it would only use the correct portion of the string.
Remembering my computer operations, I knew that the best way to divide by two was to shift the number to the right. What does this mean? Well, you can think of numbers inside a computer as being like a group of people all standing in a row, with flags with numbers on - starting from the right, they'd go 1, 2, 4, 8, 16 . . . all the powers of 2. When you shift right, the people all look at whoever's holding the next-highest flag, and do what they're doing. It looks like this:
Flag num 128 64 32 16 8 4 2 1 Before: 1 0 1 0 1 0 1 1 = 128 + 32 + 7 + 2 + 1 = 171 After: 0 1 0 1 0 1 0 1 = 64 + 16 + 4 + 1 = 85Voila - division by two! Of course, you lose any remainder, since there's no 0.5 flag. Fortunately there's no such thing as half a character.
Of course, I'm not a whiz at assembly, so I had to look up exactly how to do the shift - I actually found the one I needed elsewhere in the code, so I could just use that. Now I had my instruction, and I knew where it had to go. It should be simple from here, right?
Well, no. The trouble is, you can't just add another instruction to the middle of a compiled program, moving all the others along. It would be like rearranging pages in a book and not updating the index (which is regenerated each time you "compile" a book). Worse, since machine instructions usually take more than one byte, moving them means instructions would start in the wrong place, changing their whole meaning - imagine what would happen if you kept all the spaces in a book in the same place but moved each letter along one position! When things get out of order in a computer, programs crash.
One thing I could have done would be to overwrite what was there already (perhaps something that didn't matter much). It had been enough trouble figuring out what one piece of assembly did, though - I didn't want to have to go through that all over again!
Fortunately, I didn't have to try that, because there was a convenient area of NOP instructions nearby. NOP stands for "no op" - it's an instruction that does nothing but move onto the next instruction. This seems useless, but it can in fact be useful for various things.
In this case, it was useful because it meant I had some space to work with. Because this space was free, I could fill it with more code. I needed to add just one instruction, but to get to that instruction I needed to put a jump instruction in. I looked these up, and it turned out the one I needed was a whole five bytes long, including the place to jump to.
That meant I had to move the code it replaced down into the section of NOPs as well, after my right shift. I then needed to jump back up to the point after the first jump instruction, so that the code could continue as if nothing had happened.
So, after that, the big question is did it work?
. . .
Yes! It finally loads!
For those who've read this far, congratulations! I hope you found this little view into my world educational. 
This is a bit more than you'd usually have to do when debugging a problem, but it's pretty representative of what most programmers do in real life - it's not all fast cars, mansions and stock options! Sure, you don't usually have to go as hardcore as writing assembly-code patches for broken DLLs (I'm sure I'm going to get nasty comments from the real hardcore folks out there who do stuff like this every day , but a lot of the time you're figuring out problems with existing code, not just writing new code.
Often it's not our code, either - it'll be written by someone else (who left six months ago) in a way that seems totally nonsensical. Sometimes you're right to think that, other times you just don't understand it yet; either way, you have to fix it, and probably add a few new things, too! Ahh, well, all in a day's work . . .
Bonus! (warning: very techy)
If the program was buggy, why did it work on Windows 98? Well, the difference is the way in which the operating system works with text. On Windows 98, the standard is to have one byte per text (UTF-8), which is nice and fast, but which means you only get 256 different characters to choose from at any one moment; not enough for many languages. In Windows XP, the standard (called UTF-16) is to have two bytes, which gives you 65536 characters, which is good enough for most purposes.
Asking for a value from the registry is done by preparing a memory buffer - an area of memory to hold the result - and telling the operating system how you want the data. Because GEL had to work on both operating systems, it used the Windows 98 method, asking for a UTF-8 string (step 1 on the text diagram), and expanded the text later (step 2). But on Windows XP, this meant that the operating system had to reduce the size of the text, since it stored everything in UTF-16.
What was the easiest way to do that? Why, to read the output into a buffer and then collapse it down to UTF-8 by copying each character back just the right amount (computers rarely "move" data, since it costs twice the time it takes just copying it - deletion is an extra step) - first 0 steps, then 1, then 2 . . .
Where should this conversion take place? Since the memory space to store the text in was already available, it used that, safe in the knowledge that any extra text in the buffer should be ignored by the program, which was told how much had been returned. At least, that's how it should have worked . . . but instead, the program used the whole string and just counted the length of it rather than relying on the value it was given. On Windows 98, that space was never filled with text, as it was UTF-8 to start with. Although the bug was still there, it had no actual effect, since counting the length of the text came up with the right answer.
By the way, this explains why the "extra" text is quadruple-spaced - it was UTF-16 to start with, and it was left there because it was the second half of the text, which was not overwritten by the UTF-8 version of itself. It was then incorrectly read as part of the UTF-8 string, and expanded again by GEL into UTF-32.
The irony is that if it had been read straight from the registry as UTF-16, no conversion would have been necessary, and the application would probably have worked. Such are the ways of code!
Icon-A-Day, Icon # 103, Recycle Bin - Full
The last of our IconPackager 2.5 Icons.
Monday, June 6, 2005 by mormegil | Discussion: Icons
| Icon 103 (Recycle Bin - Full) Today we will finish up our IconPackager 2.5 icons with the "Full" Recycle Bin. We will do this primarily by using many elements from our file icons, as well as making a few minor tweaks to our Empty Recycle Bin icon. This will work out to be several steps, but they are all pretty simple for the most part. | ||
| Step 1: First we start by making a copy of our "Empty" Recycle Bin icon from last week. .jpg) |
Step 2: Now we are going to do some layer management. I have not talked much about this during the tutorials, but I have an extensive tutorial on it in the Corel For Skinners videos. I have 3 layers that we will use. .jpg) |
Step 3: I group all the objects that make up the back of the Bin, and move them to a layer in my file called "Folder Backs" .jpg) |
| Step 4: Now I Group all the parts of the front of the Bin, and place them on a layer called "Folder Fronts" .jpg) |
Step 5: |
Step 6: Now I ungroup the file icons and start stealing pieces from them. I start by taking the Document file, removing the bitmap from it, then using the Perspective Tool to slant it back. Because it is one "Folder Content" Layer it aromatically sits between the font and the back of the bin, making it look like they are inside the bin. .jpg) |
| Step 7:
Now we repeat the last step, but with the BMP file. I have to remove the Bitmap, and the Mesh fill on the tile of the file, because they will not work with the Perspective Tool. I will put them back later. |
Step 8:
Now we continue, placing our pieces-parts in the Bin. Next we add the Sharpie, rotating it and skewing the shadow a bit to make it look like it is being cast on the files. |
Step 9:
I have a green Shear in the PNG file. I take it and place it behind the files in the back of the bin. |
| Step 10:
Once more we grab our music note from the Wav file and place it inside the Bin. This one looks fine just how it is, so it is simply set in the proper place and we call it done.
|
Step 11:
Now I want to stick in one more element, so we take the paint brush, rotate it and flip it and place it inside the bin.
|
Step 12:
Last I take the bitmap from our BMP file and skew and crop it a bit and place it behind the brush and note. So it is back at home on our BMP file.
|
| Step 13: Now by turning off the visibility of our "Folders Front" I can look clearly at what's inside the bin, and make sure it is what I want. When I am happy with it I simply turn the layer back on. .jpg) |
Step 14: Now I need a new reflection, so I take our existing reflection bitmap, turning off the transparency that I gave it before. Then copy all the bin Context, flip it, and using our reflection Techniques, we give the new bin a nice shadow. .jpg) |
Step 15:
Last we need to add a bit to the bins shadow. We do this with our standard Drop Shadow Techniques. |
|
Finished Icon Image. |
||
|
.Well, that wraps up our IconPackager 2.5 Icons. If you have an Icon package, and you have not already done so, you can simply open it up, go to package builder mode, and assemble a completed pack. | ||
.jpg)
.jpg)
.jpg)
.jpg)
.jpg)
.jpg)
.jpg)
.jpg)
.jpg)
SS.jpg){kind=icon}
Memory use myths
Customization software is not resource intensive
Sunday, June 5, 2005 by Frogboy | Discussion: OS Customization
I'm not sure where the myth began. But somewhere down the line, a false belief has turned into pseudo-fact amongst some people that customization software uses a lot of memory. That's never been the case. Not even in the beginning.
At the dawn of Windows customization, software had to run on Windows 95 which only had 128K (that's kilobytes) of GDI resources. Customization software ate up a lot of those GDI resources since they were reserved for the user interface. But even in 1995, 16K of memory was trivial. It's just that early versions of Windows were so limited in their GDI resources that it was a problem.
But Windows 2000 and Windows XP have never had any such problem. And yet, we still see some uninformed, but vocal, user claim that <Program X> is "bloated" and uses a "ton" of memory. Those people come in two forms: The guy who really has no idea what he's talking about and the guy who thinks 10 megabytes of memory is a "ton" of memory.
The former guy is annoying because he matches his ignorance with his prolific posting. The latter guy makes you wonder if their source of income is mom's allowance or something. I can buy a 256 meg stick of memory for my PC for around $20.
So let's get this out of the way: Desktop customization programs do NOT use much memory.
Here's WindowBlinds wbload.exe process use:
That's 576K.
Here's DesktopX:
That's only a couple megabytes of memory and it's running a useful object in this instance.
I could go on through a variety of programs both made by Stardock and made by third parties. None of them are "memory hogs". You can certainly load up enough stuff with something like DesktopX to make it use a ton of memory. Graphics, animation, etc. has to be stored somewhere. But that's not the desktop customization's fault any more than it's Photoshop's fault if the user loaded a gigabyte sized image.
So next time someone tries to claim that some desktop customization program is "bloated" or something, point them here.
Icon-A-Day, Icon #102, Recycle Bin (Empty)
Let us sum up what we have learnd, and make a important Icon.
Thursday, June 2, 2005 by mormegil | Discussion: Icons
| Icon 102 (Recycle Bin - Empty) At last we come to the much anticipated and much dreaded (by me) "Recycle Bin". This icon is always somewhat daunting since it is seen the most of any, with exception of the folder perhaps. You can count on people judging your entire pack by it. The pressure is not so bad in this pack, since it is not being done to "wow" but rather to instruct, but still we want to do something nice. This is the second to last icon for a standard IconPackager 3.0 icon pack, and since many of you have been following along closely I decided to be a bit more thorough on this one, using it as a kind of summery of what has been shown through out the tutorial series. We will use almost all of our techniques in this one, and I will show a bit more detail on some of the fanciers steps. So without further ado, I bring you, da, da, da... The Recycle Bin. | ||
| Step 1: As has almost always been the case, we start with some rectangles and the Mesh Tool. You can see here how we start to give the bin some shape. At this point we only have four shapes, two of them are almost entirely hidden behind the others. .jpg){kind=spacer} |
Step 2: Now the theme of this set has become, more or less, Metal and Glass. So what I have decided to do is make the body of the bin glass, and the bottom and rim metal. So I create a few more mesh rectangles and start shaping them to our needs. You can see that the top and bottom are actually only one shape each, even though they show two sides of the can. .jpg){kind=spacer} |
Step 3: Now to get our glass we do a few things. First I edit all of our glass sections with the Mesh Tool to give them some gradients, like in our first gloss tutorial. Then using the Interactive Transparency Tool, I set the rear piece of glass to a 50% uniform opacity, and give the two front pieces nice Transparency Blends; each slanting away from the other, to give the illusion of dimension. .jpg){kind=spacer} |
| Step 4:
Now we give the front, and side faces of the bin some simple glare. Just like in our Gloss tutorial. |
Step 5: |
Step 6: Now we go in and do some more detailed mesh editing, making sure that we are keeping with the paneled style we have established thoughout the icon pack. In this case, I make an end panel on the rim and tint all the nodes slightly darker. .jpg){kind=spacer} |
| Step 7:
I more or less repeat this same thing on all the edges of our rim, giving it the same kind of panel effect we have used in most of the metal icons of the pack.
|
Step 8:
We move down, doing the same thing to the bottom of the bin, except in this case I only add two two grooves.
|
Step 9:
One mesh shape to note here is the back of the bottom of the tray. It is pretty simple, but since it is beside the glass, it adds a lot of believability to the overall image. The little details can make or break the "reality" of an icon.
|
| Step 10:
Now we have the basic Empty Bin done, we need a shadow. Since we want our shadow to reflect that the bin is made up of two different materials, glass and metal, I draw a few template shapes where I want my shadows to end up.
|
Step 11:
Now I put a 50% shadow on the gray piece, which is the shadow of my glass. Then I pull a 100% shadow off my black shape, which is the shadow of my metal pieces. Once I have this, I delete the template pieces, select both of my new shadows, and convert them to one bitmap. I also send it to the back of our image.
|
Step 12:
Last we take our resulting bitmap and bleed it out with the Interactive Transparency Tool.
|
| Step 13: One thing we have on all the metal of this pack is the brush texture. So I copy our rim, and bottom shapes, give them a grey fill, and a Brush Transparency. See Icon # 1 and the Interactive Transparency Tool tutorial for more on this. .jpg){kind=spacer} |
Step 14: Now we need our reflection. This will be done with our standard reflection techniques, but I wanted to point out a few details. In this case we could not simple mirror the image because it has a lot of dimension to it. So I had to copy the can and skew and edit the new image quite a bit to make it match up with the bottom of our bin. .jpg){kind=spacer} |
Step 15:
Last we convert the resulting image to a bitmap. Crop it to the bottom of our guide box, and blend it out with the Interactive Transparency Tool. |
|
Finished Icon Image. |
||
|
This has turned into one of the longest, and most detailed tutorials in our series so far. Hopefully it will be useful. Tomorrow we will add some more detail and color in the "Full" version of the Recycle bin. This will use all the techniques we used today as well as everything else that we did not cover. | ||
.jpg){kind=spacer}
.jpg){kind=spacer}
.jpg){kind=spacer}
.jpg){kind=spacer}
.jpg){kind=spacer}
.jpg){kind=spacer}
.jpg){kind=spacer}
.jpg){kind=spacer}
.jpg){kind=spacer}
.jpg){kind=spacer}
SS.jpg){kind=spacer}
Icon-A-Day, Icon # 101, Briefcase
Almost there, 3 more to be done with the 2.5 Package
Wednesday, June 1, 2005 by mormegil | Discussion: Icons
| Icon 101 (Briefcase) Well, we are almost done believe it or not. My original plan was to end with the full and empty Recycle Bin icons. However, due to popular demand I have made a few tweaks to my schedule. IconPackager 3.0 is scheduled to come out next week and my plan is to release the finished icon package at the same time. For that we still need about 10 icons. I realized that there were only three (3) icons left to have a completed IconPackager 2.5 icon pack, and since most of the people who have been following these tutorials have been building an icon package as we have gone, I figured we should jump ahead a bit. So today we will start wrapping up the last of the IconPackager 2.5 icons with the Briefcase, tomorrow we will do the Empty Recycle Bin, and Friday we will finish up the 2.5 pack, with the Full Recycle Bin. After that we will go ahead and polish up the rest of the IconPackager 3.0 pack and finish up in about a week more with a Tutorial and Video on building the final IconPackager 3.0 icon package. I am going to use IP3 because it has a very cool new Packager Builder, which will save me tons of time and make life a lot easier for us all. With that, let us begin. | ||
| Step 1: As usual we will start with some mesh rectangles. .jpg) |
Step 2: Now we start molding our Mesh Rectangles with the Mesh Tool. .jpg) |
Step 3: Here is a bit more detail of how the meshes are being done. .jpg) |
| Step 4:
Once we get a nice look to the body of the briefcase we go ahead and give it a nice Brush Texture, using our Transparency Techniques. |
Step 5: |
Step 6: We need to give our briefcase a handle; we do this with 3 more rectangles, the mesh tool, and a bit of Gloss. .jpg) |
| Step 7: Here is a closer look at our handles done with the Mesh Tool. .jpg) |
Step 8: Once we have the handle, we give the case a nice drop shadow, using our Drop Shadow techniques. .jpg) |
Step 9:
As usual we will finish up with our Reflection Technique. |
|
Finished Icon Image. |
||
|
Check in tomorrow for the much anticipated, Recycle Bin. | ||
.jpg)
.jpg)
.jpg)
.jpg)
SS.jpg){kind=icon}
10 years at Stardock
From "office staff" to VP of Operations in 10 crazy years.
Wednesday, June 1, 2005 by KarmaGirl | Discussion: Internet
Today marks my 10th year of working at Stardock. It's been 10 crazy years of learning the business and changing the business.
When I started, Stardock was *very* new. I spent the first days before I was officially employed helping build furniture. I was the first official employee of Stardock...my how things have changed. I had no idea how much my life would change, or how much Stardock would change over the following 10 years.
We started out as an OS/2 ISV. We didn't have a network in the building. We went months with dial up before we could get an ISDN line installed. We took all orders over the phone, and when "online order" technology came out, it meant that the online order was faxed to us. The "internet" was new, and it was a big deal to have free Compuserve accounts.
We quickly grew out of our first office, and found a new office where we currently are. We grew...then we fell. In 1998, the bottom dropped out of our market when IBM decided to drop OS/2. We went from a dozen people down to 4 in a matter of months. At this point, I took the most perfectly planned maternity leave and was away for 8 months.
But, Stardock didn't die. Through the vision of our CEO Brad Wardell, and the brilliance of Neil Banfield (WindowBlinds only at the time), Stardock picked itself up and dusted itself off and was reborn as a Windows developer. After seeing WindowBlinds in action, and being asked by Brad a few times: "so, when are you coming back?" I rejoined the very small Stardock crew. The day I came back, one of our staff members left (he returned a year or so later) and a new staff member started (who now works at Microsoft). Things were really changing.
The Stardock that we now know is really only about 6 years old. The Windows market is nothing like the OS/2 market was, and the staff that we have is a lot different (mainly, larger). I can remember everyone that ever worked here, even Tamra who only worked here for one day back in 96, because we have such a low turn over rate. We've lost a few to larger companies (mainly Microsoft) and we lost a few due to downsizing, but we still have managed to maintain our great company culture.
So, today I am remembering the past, and looking forward to the brilliant future that is ahead. We are growing like crazy, and we are about to move into a new building (buying this time instead of renting). It will be interesting to see what the next 10 years will hold.