Archives

• April 2008
• October 2007
• September 2007
• August 2007
• July 2007
• June 2007
• May 2007
• April 2007
• March 2007
• February 2007
• January 2007
• December 2006
• November 2006
• October 2006
• September 2006
• August 2006
• July 2006
• June 2006
• May 2006
• April 2006
• March 2006
• February 2006
• January 2006
• December 2005
• November 2005

Categories

• AI (1)
• authentication (4)
• Blogging (38)
• Culture (27)
• DDK (89)
• General nonsense (29)
• Intellectual Property (9)
• Microsoft (52)
• Networking (23)
• PhoneFactor (5)
• Positive Networks (8)
• Programming (115)
• Security (46)
• two-factor (4)
• Uncategorized (37)
• Vista (34)
• WDK (23)
• Windows (55)

Links

• A Hole In My Head
• Alex Ionescu's Blog
• Antimail
• Buggin' My Life Away
• craigrow: blogging about developing, testing and getting a logo for your drivers using the Windows Driver Kit and the Driver Test Manager
• Dana Epp's ramblings at the Sanctuary
• DebugInfo.com - Oleg Starodumov
• Fabulous Adventures In Coding
• Joel on Software
• Larry Osterman's WebLog
• Lori Pearce's WebLog
• Mark's Sysinternals Blog
• Metasploit
• Michael Howard's Web Log
• Nynaeve
• Pointless Blathering
• Positive Networks
• Positive Networks Blog
• Q & Stuff
• Schneier on Security
• Schwieb
• Sorting It All Out
• The Old New Thing
• Under The Hood - Matt Pietrek

Meta

• Register
• Login
• Valid XHTML
• XFN
• WordPress
• Domain
• Website Design
• Web Hosting

IE7 Crashing?

I have noticed in the past few days that IE7 has been crashing a lot on msdn2.microsoft.com. Is anyone else seeing this or did I somehow screw up my system? Vista, latest updates, blah blah…

General nonsense, Microsoft 3 Comments June 15th, 2007

Please at least Authenticode-sign your drivers

I am a happy user of Parallels Desktop, which, for those that don’t keep up with this sort of thing, is virtual machine software for Mac. It’s a great product overall, although it has a few rough edges.
One of the rougher edges is the fact that their drivers are unsigned. I suspect they’re probably doing […]

Windows, WDK No Comments June 15th, 2007

Whence came function hooking?

A friend is digging around trying to find out when function prologue hooking was invented, and who did it. Does anyone out there know of any old-time uses of function prologue hooking?
I’m NOT talking about:

Interrupt hooking
system call hooking
window hooks
VxD service hooking
hot patching
any “architected” hook

I’m interested only in programs that disassemble a C (or similar) function […]

Programming 8 Comments June 13th, 2007

Is it just me…

…or are LookupAccountName and LookupAccountSid named backwards?
Annoying.

Programming 1 Comment June 11th, 2007

A documented way to get loaded modules

This is a new one on me. I just saw this mentioned on NTDEV for the first time yesterday. AuxKlibQueryModuleInformation is a documented way to get the loaded modules, replacing some of the functionality of ZwQuerySystemInformation.
In fact, the entire Auxiliary Kernel-Mode Library Routines section is interesting. I had no idea it existed until […]

Programming, DDK, WDK 1 Comment June 5th, 2007

Recent Posts

• PhoneFactor video
• Interesting peek at Win7
• No more single-core chips
• I guess it depends on what you’re hex editing
• Metasploit as the security Mendoza line
• The return of err.exe
• Security lessons from MULTICS
• BlueHat
• Opera, anyone?
• New Niagra debuts

Recent Comments

• Manny
• dispensa
• doug
• dispensa
• Yossi