A mere hour after I ran across Don Burn’s new blog, I read on the PCAUSA network driver development mailing list that Thomas Divine has started blogging again. For those that don’t know Thomas: as nearly as I can tell, he knows everything that is to be known about NDIS. If you do network driver development, you’ve surely benefitted from his www.ndis.com site.
*RSS reader grows by one more blog*
I just ran across Don Burn’s new(ish) WDK-focused, at http://msmvps.com/blogs/WinDrvr. Don is a longtime contributor to the community and I like the direction he’s gone with his first few posts.
In addition to the basic driver dev stuff, he’s getting into some important higher-level stuff like source control and using undocumented features. I bet I could have guessed his opinion on both topics before reading, though. 
*Added to my RSS reader*
Bill McKenzie reported on NTDEV that he re-discovered a nasty crash bug in MmGetSystemRoutineAddress. Apparently, all versions of Windows XP and everything before Windows Server 2003 SP1 will bugcheck if they’re passed an invalid system routine name.
This bug is fixed in Vista and is scheduled for fix in XP SP3.
Meanwhile, Peter Viscarola from OSR offers this advice:
The work-around is to always call MmGetSystemRoutineAddress from within a try/except block. If you get the exception, I guess you can assume the routine you’re seeking isn’t there…
UPDATE from Doron Holan:
FYI, using SEH to recover from this bug is *NOT* recommended. SEH is not a formal contract for this API and as such, we (MSFT) cannot guarantee that the OS is still in a stable state after you have caught the exception. I am working on a better solution, but for now, SEH is not the answer.
I’ve had a long-running argument with anyone that will listen that multi-core computing will require a fundamentally different programming model. Of course, I’m remotely the only person saying this, but it seems to be a bit of a contentious topic regardless.
I just ran across an article on ArsTechnica in which a Microsoft exec discusses a future version of Windows that deals with massively multi-core computers. There is some interesting stuff in the article. I’d heard through the grapevine that this was underway, and if I weren’t so busy with PhoneFactor, I’d love to code on it!
I worked up a lock-free doubly-linked list last summer, and had intended to try it out in a couple of drivers, but predictably enough, I ran out of time. That, and Doron Holan promised me that it was a waste of time, and who am I to argue with him.
This stuff is going to have a massive impact on usermode software when it eventually happens. For more on the topic, there is a good list of podcasts over at Xerox PARC on the topic, including one by Herb Sutter of Microsoft.
OK, one last post on PhoneFactor, and then I’ll try to get back to regularly scheduled programming.
I finally got a dedicated PhoneFactor blog set up; for those interested, it’s at blog.phonefactor.net. I have had to fight with WordPress 2.2 quite a bit to get all of the feeds working, and I’ll probably switch to FeedBurner soon just to screw things up some more. Anyway, there are a couple of posts up now, and that’s where I’m going to confine my PhoneFactor rambling to from now on. Probably.
Someone pointed out that my white paper was missing off of phonefactor.net. I have added it, and I’m not quite sure how it was missed. It’s linked from the How It Works page, for anyone interested.
I continue to keep the del.icio.us PhoneFactor list up-to-date as well. Please send me anything you find if you don’t see it on the list.
Finally, Jason did a podcast at Interop that is finally posted. For those with 10 minutes to spare and nothing better to do, here’s the link to the podcast..
For those that are celebrating, have a happy and safe Memorial Day weekend.
It looks like Longhorn Server is officially going to be Windows Server 2008. Beta 3 is avialable at connect.microsoft.com.
I haven’t had time to download it yet, but hopefully I’ll have some time over this extended weekend. Maybe!
Someone at my office had the bright idea of using Google to translate. Man, I work with some really bright people!
Wow, what an amazing 24 hours! I’ve been doing everything from coding to PR to writing for the website to… well, you get the idea. PhoneFactor has caused quite a splash already at Interop, and we’ve been getting some really good press out of it.
One of my favorite quotes is this one, from an Infoworld article:
It’s neat. Instead of having users carry a smart token, Positive’s new PhoneFactor deal waits for an auth request (and not just using Positive’s VPN service; this works with any VPN platform). When it gets the request, it clicks back to a server managed by Positive that matches the user request with a supplied phone number. The phone number gets called and a keyed response is required to make sure you’re on your phone.
The most interesting coverage we got was actually from a Japanese site — interesting because I have no idea what it says! But, there’s a nice picture of Jason Sloderbeck and Chris Austin. Interop Las Vegas.
I’m tracking PhoneFactor publicity on my del.icio.us account here: http://del.icio.us/dispensa/PhoneFactor.
Anyway, I promise I’ll get this blog back to Windows soon, but at the moment, my head is full of PhoneFactor, so the blog is too!
UPDATE: Thanks to Karthik for pointing out my broken link.
After months of development and a couple of years of research and planning, I’m thrilled to announce that Positive Networks is readying its new two-factor authentication service, PhoneFactor, for launch this summer.
PhoneFactor is a phone-based two-factor authentication system. It works like this:
You’ll notice that there are a few distinct advantages to this system. Most obviously, users don’t have to carry around Yet Another Device. IT departments don’t have to manage Yet Another Device (mailing them out, RMAing them, doing token synch, yada yada yada). And because it’s just a phone call, it works on literally any TouchTone phone in the world – you don’t need a smartphone, a J2ME environment, or anything of the kind.
One of the biggest advantages of PhoneFactor, however, is that it’s free. From the first day it launches, Positive Networks will be making the PHoneFactor service available for free to everyone. More details are available at www.phonefactor.net, but the basic idea is that Positive is going to sign up to providing the standard PhoneFactor service for free, permanently. If you have a VPN product (including, of course, PositivePRO), or a public-facing web application, or a Citrix server, or virtually any other kind of networked application, you can add PhoneFactor two-factor authentication to it for free. Positive will even pick up the tab for the outbound phone calls, as long as they’re to domestic US phone numbers.
The PhoneFactor service is a legitimate free service, in the mode of GMail or Flickr. We plan on keeping it free permanently. It’s not crippleware, adware, shareware, or any other kind of badware. It’s not a trial, and it’s not time-limited. It’s simply a free service.
Now, we also have to pay to keep the lights on, so we’re planning on selling add-on modules to PhoneFactor that we think will deliver even more value than the standard service. We’re also going to provide our world-class administrative and end-user support services and our advanced integration service for a fee. More about the add-ons can be learned at www.phonefactor.net. It’s my honest belief that the standard PhoneFactor service will provide a lot of value to a great many organizations without the add-ons, and will probably be all that most organizations need. But, if you’re a Fortune 500 company considering an enterprise-wide deployment, some of these modules will probably be of great benefit to you.
You can probably tell I’m pretty excited about this. It’s not every day that you get to go out and solve a real problem with cool new software, and to top it all off, I get what every coder wants: the chance for my software to be widely used and appreciated.
The precise launch date isn’t fixed yet, but I expect to hear fireworks when we release it, if ya know what I mean.
There is a ton of additional information over at www.phonefactor.net, including a particularly fine white paper by yours truly. You can also sign up for the mailing list to be notified when we release.
I’ve been heads-down for the past six months focusing virtually all of my attention on two very special projects.
Tomorrow, Positive Networks will be announcing its newest service to the world: a two-factor authentication service for everyone. Readers of my blog will recognize by now that I’ve never been a fan of usernames and passwords, and I have long believed that the breaking point is near, when single-factor authentication simply won’t be practical any more.
I don’t want to jump the gun here, but I’m really excited about it – there are a couple of aspects of this service that are quite a bit different from what Positive has done in the past. Anyway, check back tomorrow for all of the details!
As for the second project, she’s been helping me code the first project for the last few weeks. If she keeps this up, I’ll have to add her to the credits. 