Peter Herzog, Betreiber von Spotlight.de, hat heute bekanntgegeben, daß er Spotlight als Projekt einstellt. Worte des Bedauerns, aber kein Wort darüber was mit den Benutzerdaten passieren soll. Aber was soll es denn auch - spätestens seit er als Forenbetreiber beschloß, daß es okay sei das Forum nachts in einen Wartungsmodus zu schalten, war das Ding für mich gestorben. Leute wie ich oder Nico waren meistens in den Nachtstunden unterwegs, so daß es durchaus einschneidend war. Irgendwann verabschiedeten wir uns dann mehr oder weniger nach mehreren Jahren von Spotlight (bei mir gab es selten auch mal Ausflüge zurück), weil es einfach langweilig geworden war. Ich schwankte damals dann zwischen verschiedenen Delphiforen, und landete schließlich in der Delphi-PRAXiS (DP), die ich aber heute nur noch gelegentlich besuche. Der Grund dafür ist einfach: erstens habe ich kaum noch mit Delphi zu tun (was allerdings dem Wissen in Sachen Win32 API keinen Abbruch tut) und zweitens verkamen mit dem Erscheinen von Google (und anderen Suchmaschinen) viele Delphianer zu Copy&Paste-”Programmierern” (da rollen sich mir die Fußnägel auf, sowas Programmierer zu nennen) und die Foren zu sowas wie “Hausaufgabenforen”. Die DP sticht aus den Delphiforen aber dadurch hervor, daß sie gerade diesen Trend nicht fördert, was der Qualität meines Erachtens nach zuträglich ist. Leider kommt es natürlich partiell weiterhin zu diesen Erscheinungen und die ansäßigen Forengurus sind auch nicht immer so qualifiziert wie sie sich geben … 
Aber wer auf der Suche nach einem Ersatzforum ist, dem kann ich die
… nur ans Herz legen!
// Oliver
In einem Blogbeitrag (Englisch) habe ich meine Meinung sowie die Fakten zum Thema “Unicode und Delphi” dargelegt und beschrieben, warum ich die Umstellung der Bedeutung von PChar auf PWideChar ablehne. Da sich eine rege Diskussion angebahnt hat und es so scheint, daß nicht jeder meine Kritikpunkte nachvollziehen kann, möchte ich meine deutschsprachigen Leser doch einmal auf die exzellenten Tutorials zu den Themen Pointer und String aufmerksam machen. Es lohnt sich in jedem Fall, auch wenn man an der eigentlichen Diskussion nicht interessiert ist.
Mal sehen wie sich die Diskussion entwickelt.
// Oliver
Today the news of the purchase of CodeGear by Embarcadero Technologies transpired. I am wondering what this brings us (the developers), given the interesting past of Borland.
First it was “Borland” with products like “Borland Pascal” (and “Turbo Pascal”) and at the end of the 1990s it called itself suddenly “Inprise” and we could buy “Inprise Delphi” … wow. After a short interlude under this changed name, we landed back at “Borland” until the point when they “forked” and created a subsidiary responsible for the developer tools, called “CodeGear” and fully owned by them, after failing to sell the branch. Now Embarcadero Technologies was obviously willing to purchase this subsidiary and this will in my opinion be a defining moment for Delphi and C++ Builder.
It felt a bit like these tools all landed in an orphanage called “CodeGear”, rather than a subsidiary fully committed to the development of these formerly great products. I have bought BDS 2006 (which includes Delphi 2006 and C++ Builder 2006) in May 2006 and was very much disappointed. The product is creeping slow. I cannot override any of the prerequisites when installing it and I am even forced to install the .NET SDK 1.x, although I am not at all interested in any of the .NET “personalities” offered by BDS 2006. Hint, Visual Studio 2003 offers the ability to override the prerequisite requirements for those who are anyway not interested in the parts of the product suite that require those.
Now that they have released BDS 2007, and the future version - codenamed Tiburon - is on the doorstep, I have lost all my trust in that company and find the upgrade prices from the failed product BDS 2006 to the newer versions is ridiculous, given that I might just get another failed product. Borland/Inprise/Borland/CodeGear isn’t known to provide trial versions that allow you to actually try all aspects of their products. For example the command line compiler is known to be missing or crippled. So what am I supposed to do? Believe some of the pro-Delphi zealots once again to get disappointed once again?
Waiting for input …,
// Oliver
PS: I’ll certainly observe the developments in these products, but it’s getting a bit more scary at the moment, rather than exciting or at least reassuring.
Update: looking at this, “Commodore” seems to be the one I am waiting for, not Tiburon.
In the scope of WinDirStat I had to take the little hurdle of branching in the past. Now, supposedly I could have simply opened a support request to the staff, but then I thought of it again, since I had done it locally on a Linux machine before. There was a problem, though: I wasn’t able to establish a shell connection to the CVS server. So the only thing left was to go the “classic” way. As mentioned before, I had done similar things before on a Linux machine, but that was at the same time the CVS server. So no fiddling around with protocols, establishing connections and so on.
This time it was a bit trickier, although not too tricky. But in order to save me (and perhaps others) from searching the command line options again and again, here it is for archival and for those who may face the same problem in future. This assumes that you have CVS access with your SF.net-username:
set CVS_RSH=plink.exe
cvs -z6 -d:ext:username@project.cvs.sourceforge.net:/cvsroot/project ↵
tag -b -f -R -D yyyy-mm-dd BranchName ModuleName
The green parts are the variable parts. “ModuleName” can also be a “.” (dot), which means all modules.
// Oliver
Wow, look at that Quality Central article. Now look at the reply. Now look closer at the affected version and the date when it was reported.
It’s unbelievable, but now - after working a while with Borland C++ Builder 6 (BCB6) - I found out by accident, that a huge portion of the final size of the executables created by BCB6 is made up of exports. And I am not talking about DLLs here, for which it is normal to export functions - I am talking about ordinary programs which under normal circumstances don’t even have an export table. What the heck were the Borland engineers thinking and why the heck wasn’t this fixed with one of the updates? This ignorance is amazing. Apart from the threat of crackers or other reverse engineers who just get half the job done by Borland kindly exporting my symbols and with name for them, there are other concerns. How about the garbage in my executable? Shouldn’t this alone be convincing enough to rid us users off this “feature”? Also I have serious doubt that the so-called “smart-linking” is totally unaffected by this, since exported symbols cannot be subject to optimization. They’re needed, because they are exported. This may not reflect the actual necessity of the symbol to remain in the binary, but now that it is exported, it has to be left in the binary.
From experience I can only tell that Delphi doesn’t build so huge binaries for similarly sized projects. But then, Delphi also doesn’t export hundreds and hundreds of garbage symbols.
At least there are people in the Delphi community who have solved some of the common usability and speed issues you have had for about a decade now with Borlands Win32 products. Andreas Hausladen is one of them and he offers such nice tools as DDevExtensions and DelphiSpeedup. Both also work, despite the name, on Borland’s C++ products. And even better, Andreas has provided a tool which offers a partial solution to the above discussed problem: LibExportRemover. This tool literally comments out those export declarations in the LIB (OMF) files of the package LIBs. In the case I am facing, about 1000 exports - and even many Windows system DLLs have less exports than the resulting EXE in my case - can be attributed to the excellent Virtual Treeview component. Don’t mistake it: I am not blaming the component, but the compiler and the linker and the rest of those tools behaving so silly.
// Oliver
… the guys from OSR have put up the fixed DDKBUILD versions now.
Consequently I have mirrored the DDKBUILD.BAT version 6.12 on the DDKWizard website.
// Oliver
… waste system resources all the time? Did you notice that, although computers are nominally a few hundred times faster than 15 years ago, software still tends to run sluggish and is overloaded with features?
How comes we’re so careless about resources on the user’s system? Not that I am against a little overhead that allows to make the software safer, but why for example use the .NET framework and put even more of a burden on the user’s system? Or why load DLLs that are not even used under some circumstances and could be dynamically loaded for the single case where it is relevant? Is it laziness or simply carelessness or maybe something completely different?
// Oliver
PS: This is indeed intended to get comments.
Although the manual is still perfectly valid for version 1.2.0a of DDKWizard and covers also older versions, I took the time to completely revise it. This means that it contains some updated information, some additional information and some corrections.
If you are using DDKWizard or DDKBUILD.CMD you may want to have another look into it. As usual, the latest version can be found here.
// Oliver
Have a look at RunEl and don’t miss out when Chris presents the implementation of his newest idea. An UAC implementation which works on XP and Vista but is more user-friendly.
// Oliver
PS: I understand it’s still April, but as far as I can tell this is not a joke
One issue was reported by Vladimir Zinin in the article about DDKBUILD on OSR Online already back in October 2007. However, since I hadn’t actually built any x64 code with the newer 6001.* WDK, and since Vladimir had mentioned that he used the WNETAMD64 configuration I had basically discarded his comment as a mixup of the wrong WDK/DDK with the respective configuration. Sorry about that, Vladimir. Your comment was right, although the configuration you used was obviously WLHNETX64.
Anyway, the fix proved not to be as easy as anticipated. The problem is, that the WDK team at Microsoft changed the setenv.bat in a way that breaks compatibility between the Vista WDK (6000) and the Windows 2008 Server WDK (6001.18000). Instead of adding the flag x64 for x64 builds, the flag AMD64 was replaced by x64. This makes it a bit tricky. I solved it by introducing a detection of the string “Windows Server Longhorn” inside setenv.bat. Since this file has to be in the ./bin folder inside the base directory of the used WDK, this should be pretty safe. Also, since it has been released now as “Windows 2008 Server” it is unlikely to change back to “Windows Server Longhorn” (at least I hope this!). This brings me to a little rant. The WDK team could easily ignore the base directory parameter and detect it from the location of setenv.bat … but well 
… (rant over)
Continue reading ‘DDKBUILD.CMD 7.1 released’
While many of us who are involved in driver development to some degree have already downloaded a few of those updated WDK documentation packages, I didn’t actually know that it’s now even separate when shipped with the WDK. Installing the 6001 WDK on the Vista installation showed me, that the documentation is now being put into a separate start menu entry and installed in a different folder. This is pretty cool, since it will finally allow to get the updated documentation directly once it’s released and just install it while removing the older documentation or simply keeping them in parallel.
Well thought!
// Oliver
I am pleased to announce the release of DDKBUILD.CMD 7.0 final. User input has helped a lot to define the feature set and refine the features once introduced. It has been almost two years since the first public beta, so you can expect a mature version and you get it.
Thanks for all the feedback and support. Thanks to OSR for hosting DDKBUILD, thanks to Mark Roddy who wrote the very first version of DDKBUILD.
Download here.
// Oliver
I never had any problem with Visual Assist X (VA) until recently. Oh, you don’t know what VA is? Check it out! This is probably the biggest improvement for any programmer using Visual Studio. I use it in Visual Studio 2003 through 2008 and I have also told some friends and colleagues about it. Most of them have been convinced and have this feeling of “this is like stoneage” or “this system feels naked” whenever they encounter a system without VA. And if you’re unsure, fetch the trial from their page and install it …
Oh yeah, back at the topic. Never had a problem until this week. My company had purchased yet another license for VA and suddenly it hung when I tried to install (doesn’t matter whether it had been registered before). The affected system is a Windows 2003 Server R2 (Standard) with all latest patches and service packs. Apart from that it has AQTime 5.4 and Visual Studio 2003 and 2005 installed. Now, I looked a bit what could be the reason for the hanging installation, but couldn’t come up with a solution. However, when contacting the VA support, I was pointed to this FAQ entry.
Continue reading ‘Problems to install Visual Assist X?’
On 2008-01-11 AutomatedQA sent out the notification about AQTime 5.4 being available. Today I had the chance to test my private license on my own machine and it appears that it integrates just as nicely into Visual Studio 2008 as it did into 2003 and 2005. Sidenote: I am using it only with Visual Studio and BDS, so please check their website in order to find out more.
// Oliver
I had just bought the WD MyBook World Edition a while ago, since I needed some kind of storage solution that wouldn’t occupy yet another USB/firewire port and could be accessed from different machines at the same time. As such, the MyBook World Edition appeared to be an inexpensive NAS solution for my case and since I already owned a MyBook, the decision wasn’t too hard either.
Of course I wouldn’t want to use those strange MioNet components, be it on the NAS itself or on the client side and since I knew it was based on Linux, I used Google to get informed. Now, I made a mistake there. I followed the (slightly incomplete) recipe on this page just to find out that it was inconvenient to start SSH “manually” over and over again after a reboot of the MyBook. Now, there is another page which offers about the same as the first one, but in a variation. Slight problem, the first script (which I ran) contains the somewhat inconvenient line:
/usr/bin/passwd -d root
which sets the root password to be empty.
Continue reading ‘WD MyBook World Edition’
… and no more excuses from those pirating IDA. Datarescue made a freeware version 4.9 of IDA available for download. In the scope of IDA Palace, I have mirrored the files on two more servers. One of the servers is likely going to disappear in the long run, but I’ll make sure the links will work regardless.
Feel free to link.
// Oliver
Please check out the link named MSKLC in the navigation in the header, if you’re interested in some customized keyboard layouts to use out of the box.
// Oliver
I just built and released DFHL 1.2a. This version has some minor improvements over the 1.2 version. One is, that the version number shown by the program got finally fixed. Another one is, that it links to the version 6 of msvcrt.dll which has become a well-known DLL in recent systems (i.e. Windows 2000 and later).
Three other functional changes are: 1.) if the program encounters a problem hardlinking two files it won’t stop at all, instead it will show the error and which files were affected. 2.) if you specify /m for small files, zero-size files won’t get hardlinked!!! and 3.) MoveFileEx is now being used instead of CreateHardLink.
Furthermore the project is now of Visual Studio 2005 format, wrapping a DDKBUILD project.
Please also note, that Jens has released version 2.0 of DFHL some time ago. I haven’t had the time to test it thoroughly.
Download with source: here.
// Oliver
Scientists have shown that the attack method devised against MD5 in 2004 is usable and can even trick code-signing tools into “believing” that the binary is the same.
We announce two different Win32 executable files with different functionality but identical MD5 hash values. This shows that trust in MD5 as a tool for verifying software integrity, and as a hash function used in code signing, has become questionable.
(Quote from the linked page)
What are the implications? Well, the worst and foremost is, that an attacker can put malicious code under the disguise of a valid and trusted signature. As an example: an elaborate attack could use a driver signed by Microsoft, and his own rootkit to create a content that is indistinguishable by MD5 hash. Thus allowing the attacker to trick the victim into believing that the code was signed by Microsoft - which is ultimately trusted on most Windows systems by default.
// Oliver