Sunday, November 29, 2009

I'm Off!

But not in the way most people think :)

Off on vacation, You may not see anything from me for a few weeks.

Wednesday, November 25, 2009

Upcoming events...

Tomorrow, I run a 10K in the morning, and have Thanksgiving dinner in the afternoon.

On Monday, I board a plane for a warm, sunny destination.

And, as a followup to Apple Update, I have bought a PMP -- a Viewsonic VPD400. 800x480 4.3" screen, plenty of CPU horsepower, lots of codecs. Only 8GB of flash, but it takes MicroSCHC cards so I can carry all the video I can afford...

I would have preferred the VPD500 (5" screen, 16GB of flash), but while it has been announced it is not yet available.

And, for the curious, it's a lot like the Onda 535 (Yah, that's the 545, not 535. I couldn't find a link to the 535, but they are the same in all respects except a 5" screen on the 545). I considered the Onda545 (or even the 797, with a 7" screen!) but
    1) I'd prefer a brand name (and vendor) that was better known in the USA
    2) I was not sure that mp4nation could deliver in time.

And if you are interested in other PMP info, check out PMP Today.

Monday, November 23, 2009

A day that will live in infamy...

Happy Birthday to me,
Happy Birthday to me,
Happy Birthday dear me...
Happy Birthday to me.

What, you thought the subject has some other meaning?

Thursday, November 19, 2009

Not gone and Not forgotten!

This blog, that is.

Right now, it's crunch time at work and I'm getting ready to go on vacation.

No spare time to do anything, including writing blog entries (besides this hastily typed entry).

Sorry, I'll try to make occasional weird comments just to let you know I'm still around...

Friday, November 13, 2009

Personal computing history (part 7)

Despite what we could do with virus scan/removal, the company I worked for (names withheld to protect the guilty^H^H^H^H^H^Hinnocent^H^H^H^H^H^H^H^H^H^H^H^Hno one in particular) was losing it's customer base. We did not have a standout "Windows" program, and the business shrank.

Eventually, it folded.

I took a temporary job doing support work (that stretched to a year and a half, I'm lucky that I got out of there without it being permanent).

There was the "dot-com" boom, where I put in my time with a web startup (they were doing tech support via web interface, and wanted a virus scan component). They wound up with most of the rest of them...

Looking around, I remembered what a friend of mine had told me years ago -- that my skills were a good match for embedded programming. So I went after jobs there.

He was right -- while I had to get "up to speed" on the particular embedded controllers, my experience in assembly language and programming in C right down to the bare metal of the computer was just what they were looking for.

I settled in for the long haul...

Monday, November 9, 2009

Personal computing history (part 6)

And, after a while, DOS was no longer king. Windows ruled.

And with Windows came Microsoft's Word for Windows. Version 6.

And then came macro viruses...

From the anti-virus vendors came much shouting "How do we parse these files? What is in these files?"

And from Microsoft came the grudging reply "We cannot tell you."

Not "Will not". "Cannot".

You see, back then Word files (and Excel files) were saved C++ object streams. To save a WORD file, you had C++ write the associated objects to disk. To read it back, you have C++ read the associated objects from disk.

So nobody had "designed" the file. It was just C++ objects.

If you use the right C++ compiler and objects, everything just works. Use something else...

So, the best that Microsoft (again grudgingly) could do was to provide a "reference" implementation of C++ objects to read/write an appropriate OLE file, and some documentation on the internal WORD objects (complete with bugs...)

So, what do you do with this? Well, the anti-virus vendors split into 2 camps:
      1) Use the reference implementation as the basis of the scanner
      2) Use the reference implementation to figure out the actual binary contents of a .DOC file.

The company I worked for went for option #2. I had much "fun" (for strange values of "fun") translating object streams into actual binary data.

But in the end, we knew what was in a Word file (or Excel file or...). Down to the bit. And could parse a Word file in ANY language...

Wednesday, November 4, 2009

Personal computing history (part 5)

So, I now have a pair of tools:
     VIMas a debugger
     CODEGEN as a disassembler.

What do I do with them?

Well, around this time, the company I was working for became involved with the first computer viruses.

And I had tools that would let me simulate running any software, and rip apart programs with ease.

Of course, some viruses tried to make it hard. They didn't want to be traced, or encrypted themselves, or even kept the parts of themselves that were not currently executing encrypted (i.e. decrypt the currently required subroutine before executing it, and re-encrypt it when done. This was the "Whale" virus). None of it mattered. One or two virses (like the "Whale" virus) made me create a "tweaked" version of my tools, but that was hardly even a speed bump.

And so I spent many years disassembling viruses and writing anti-virus software...

Monday, November 2, 2009

Personal computing history (part 4)

As I mentioned last time, the debugger I wrote has 2 instruction decoders. One of which creates both instruction string and executable information.

This turned out to be VERY useful.


Well, after a while, I also wanted to disassemble programs, not just debug them.

And I had an engine that allowed me to decode instructions and execute them. So I could know not only that a DOS call or BIOS was being made, I could determine what function was being asked for.

Add an algorithm to separate code and data, and you have a very powerful disassembler...