"VM Size" is also called Page File elsewhere, the amount of virtual memory that the application has allocated, but swapped out to disk.
Come to think of it, this may not quite be the case. It might be the total amount of pagefile space allocated to the application. This would include paged-out memory, as well as memory that was in RAM, but would need to go to the pagefile if it were swapped out. (ie, nothing that came directly from an executable or memory-mapped file)
Trying to find out exactly what all the memory usage numbers mean in Windows can be VERY confusing. AFAIK, there is no stat for physical memory used exclusively by a given task. And I'm pretty sure disk cache isn't counted as memory used by an application.
In Windows, Task Manager has a number of columns related to memory usage, notably "Mem Usage" and "VM Size." (Process Explode, "bin/winnt/PView.Exe" from Microsoft's Platform SDK, gives FAR more memory stats.)
"Mem Usage" is the only one on by default, thus most likely to be read by someone who doesn't know anything. (Unless they use something other than Task Manager, which would surprise me.) It corresponds to the application's Working Set, aka how much physical memory it is actively using. (not necessarily exclusively, some of that is shared with other apps)
"VM Size" is also called Page File elsewhere, the amount of virtual memory that the application has allocated, but swapped out to disk.
Right now, I have Firefox 1.0PR (Gecko/20040913 Firefox/0.10.1) running with 9 tabs and it's got 130MB Mem Usage and 198MB VM Size. It's been running for about 2 weeks. I can close several tabs and it won't go down by that much. (If you wait a bit, it drops by a about a few hundred k for each.)
Why, I don't know. I haven't been bothered enough to investigate. Still, I'm a bit impressed that it can manage to keep 130MB in its working set and still stay below 2% CPU on a 600MHz machine. Maybe it's locking stuff unnecessarily or something...
*crashing* on malicious code is *GOOD*, while *running* malicious code is *BAD*.
There is some truth to this, but it seems to have been lost in over-generalization. Crashing is better than data corruption. Detecting the bad data and recovering (even just throwing out the whole set of data) is better still. In some situations, crashing intentionally is a valid recovery method.
The only difference between crashing and taking control is exactly WHAT bad data you feed into the program.
Highly likely, but not necessarily true. It's hard to exploit a bug that causes it to crash on a division by zero. Still, if you don't know whether or not it can be exploited, it's safer to assume that it can.
Wrong, there are quite a lot of messages you can use to cause another program to run arbitrary code.
Very closely related but different holes.
That hole was patched but there are other messages with similar properties, searching MSDN will reveal them.
Searching with what? Not that it would surprise me, but I'm not aware of any others. Presumably you've already done this and know what to look for. All I could find was a callback for capturing frames from playing AVIs, for which you need to be using a specific control.
New messages are added all the time, you cannot filter them all.
Sure you can. Only pass messages known to be safe to DispatchMessage. Or create your own private desktop and put your window there. Ever more inconvenient, but not impossible.
Actually you can't filter WM_TIMER anyway. It's dealt with directly inside GetMessage(), iirc.
According to MSDN, DispatchMessage calls the TimerProc. Of course MSDN has been wrong before, but usually it's not blatently false.
It's already possible to root Windows through an edit control,
You do need to find an edit control running as "root" on the same desktop though. Which means that if someone really hates you, "Run As" is not safe.
you can send a WM_TIMER message to it and tell it to callback to a function pointer, and execute arbitrary code.
You can avoid that hole. Well, sometimes you can avoid that hole. Anywhere that you control the message loop, you can validate WM_TIMER messages before handing them over to DispatchMessage. Of course this means that you have to handle any modal operation in your own code, including message boxes and common dialogs. Not pleasant at all, but somewhere within the realm of possibility.
The problem comes from the fact that any user can send a message to any other HWND, and the code executes as the owner of the control, not the person who sent the message.
The problem comes from the fact that WM_TIMER passes a code pointer in its parameters, that it execute the code at all. And it's not that messages are insecure, allowing anyone to send messages to any window is a valuable IPC pathway. (well, blocking cross process WM_TIMER would probably be fine.) It's that Windows trusts them despite their insecurity.
A similar bug probably exists with window properties and drag&drop. (I haven't actually tried changing the pointers from external code.) Windows trusts code pointers stored in insecure locations. Bad stuff.
How long until sites carry the serial numbers and the decryption key?
I've got a better idea: custom per-user executables, use their credit card number as the registration key. You wanna share your serial number? Go ahead. You've got more to lose than I do.
and maybe I'll just disable Javascript and steal your images out of spite
No need to disable JavaScript: - "Tools" menu - "Page Info" (Ctrl+J) - "Media" tab - "Save As..." button Also works for flash and other weird things that you usually can't right click on to save.
Corel had a huge deal with the Ontario Board of Education a few years back, to get WordPerfect onto every computer. They got it installed... but nobody used it. The Microsoft hold was too strong by then. And this was like 2000. I don't think this had changed...
Apple tried this too. They figured that getting Apple machines into schools would mean that people would want to use their machines elsewhere because they knew them.
The truth is that it works the other way around. Businesses use Microsoft/Intel. People trained only on Apple machines aren't as valuable, so schools that can afford it start getting Microsoft/Intel machines to train their students with.
Furthermore, the adults who learn Windows at work buy Windows for home, because they know it. So now the children learn that as well, regardless of what the schools use. Children generally wouldn't have the income to buy a computer at home, let alone Apple stuff.
Who knows, maybe the world has changed enough for this to work, but I doubt it.
Heh, IE already has a triple-click function built in:)
So does Mozilla Firefox. And Word. And SciTE.
It's a common feature wherever there are large amounts of selectable text: - single click positions caret - double click selects word - triple click selects line/paragraph
Sorry, this is unclear. I meant "one virtual address space". You almost never have only one virtual address space, but if you did you'd still have ample space to remap 100MB.
Specifically, you have one physical address space,
Usually, as far as we are concerned at the moment.
and the CPU's MMU makes it so that every process' virtual base address is 0.
I'm not completely sure what you're trying to say, but on some architectures that is both wrong and irrelevant. On x86, you usually have all of the segment bases set to 0, but that has nothing to do with paging.
From what i gather one of the reasons swap is considered necessary is that its not possible to shift pages around in physical memory to optimize things.
Paging takes care of that. Even if you only had one address space, any virtual address can be mapped to any physical address. (with a resolution of some page size)
But applications often allocate more memory than they're actually using at one time. Eg, open a second tab in Mozilla and ignore the first for a while. It has to keep all the data for that allocated, but it's just sitting there. Without swap, you might have to close tabs and reload the data later instead of keeping it up for reference.
The reason that those permissions share the same bit is that 'execute' doesn't apply to directories and 'directory transversal' doesn't apply to files.
I know that, but it's not like bits are expensive.
To create an ACE (access control entry) that affects only one, change the way it is inherited. For example, you want to make everything under 'profiles' to deny execute permission to 'users'. Open the security tab on the profiles directory, go to advanced, press add. Select users. Change the 'Apply onto' listbox to 'Files only'. Select deny for 'Transverse folder/execute file' Then press OK, set 'Replace permission entries on all child objects...'(optional), press OK.
Hm, I thought I tried that... It does sound like that does exactly what I wanted, thanks. I guess I haven't played with it enough...
About the first thing any Windows program does is to attempt to acquire a mutex to see if the program is already running. In the case of this worm, that's "Jobaka3l." If that exists, the worm dies off without running.
As someone who has written a number of Windows programs, I can tell you that that is not true at all: Most programs don't care if you run multiple instances.
Aside from that, there's a number of people who still think FindWindow is a pretty good way to ensure single instances. There's a good reason for this (a few actually, but never mind the others because they're not as good), which is that it appears to work, sometimes. For a worm, that would certainly be good enough, since failure isn't terribly worrisome. There's a number of other techniques that almost work, any of which would be fine for a worm, where customer satisfaction is approximately 0% of the author's concern.
What I'd rather see is a separation between "don't allow files to execute" and "don't allow subfolder traversal" in the ACLs. Then you could deny execute permission to various temp directories without breaking subdirectories.
Actually, it's not too much of a problem, because another thing that most worms try to do right away is right into %windir% or system32. If you make people run as a restricted user, email worms are pretty well neutered. (mind you, I wouldn't trust that alone, not at all.)
I know you mean this as a joke, but I want to take a second to remind people why biometric authenticaion is stupid:
* Your biometrics are not secret
* Your biometrics are not changeable
It sounds like biometrics could work well as a replacement for your username rather than your password.
The only problem I see is that they're a bit more private than a username. This will tend to lull users into considering the secrecy of their passwords less important. "Who cares if they know my password, they can't use it without my fingerprint." And that's true, but then your fingerprints are everywhere.
I'm not sure what "in general, no" is supposed to mean. The only restrictions in the EULA related to this are about using the redistributables that come with the compiler, which aren't your code. All I can guess is that it's an ass-covering answer.
The only term in the license that says anything about the code you write yourself is:
1.1 General License Grant. Microsoft grants to you as an individual, a personal, nonexclusive license to make and use copies of the Software (i) for your internal use; (ii) for designing, developing, testing and demonstrating your software product(s); and (iii) for evaluation of the Software.
1.1(ii) seems to basically cover anything you'd want to do with it.
The word "benchmark" does not appear anywhere in the EULA, and I'm pretty sure this package will let you develop for the.NET framework. (if you're into that sort of thing.)
There are also 2GB CF cards that are made out of real flash memory. That's where the $184 -> $330 price jump comes from. I believe they also make 4GB solid state CF cards, and possibly larger, but they get prohibitively expensive.
I believe that approximations are the best we can do.
That depends. If you're dealing with a discrete value, you can measure it exactly. Continuous ones can sometimes be calculated exactly, but you can't actually measure them exactly. (Actually, I think the typical use of measurement involves mapping from some space, discrete or continuous, to a discrete one. Discrete space can map 1-to-1 to another discrete space (on a given interval), continuous space cannot.)
This is a different concept from needing a reference point. The position of the mouse cursor on my screen in pixels is a discrete value, but I can choose from a number of reference points and get a different (yet exact) measurement each time. You can even choose different scales with discrete values and still measure exactly.
Color perception has the same problem.
Color is worse: it doesn't exist in the real world. What exists in the real world is wavelength, color is how our brain interprets our eyes' measurements. The effect you saw is because the brain uses the environment as a reference. This has nothing to do with the imprecision of measurements.
With the definition above, you could say that the actual measurement happens not when the wavelength is translated into perception, but when the perception is translated into a name. I'm sure there's some wavelength between red and orange where you could get the same person, under the same lighting conditions, to say that it's red on one occasion but orange on another. That is where approximation comes in.
Now let's see, numbers...
I don't even believe in 1 as a physically measurable number!
I can measure the number of people in this room exactly: 1.
I don't believe in the square root of 2 in any physical sense.
I'm having a bit of difficulty with the square root of 2... been too long since I took geometry. (and I'm trying to avoid a fixed reference point) Would the square root of 3 suffice?
3 photons, each travelling in a direction perpendicular to the other two, intersect in a vacuum. As they continue on, they form the corners of an ever-growing equilateral triangle. Imagine a line from one photon to midway between the other two. This creates two triangles with sides in the ratio of 1:2:sqrt(3).
At the risk of being called flamebait, that won't do spit of good toward a true Desktop Linux end-user solution. Those of us developing software can give as well as take. But Joe End-User just wants to get their job done. Take take take.
No, the end user does have something they can give you: Linux on the desktop. You want it, they can give it to you.
If that's not enough, why do you care? Shouldn't you then be saying "well, we could give you Desktop Linux, but what are you going to give me in return?"
Yeah, I dunno... That cell is empty (not missing), the other unchecked ones have a single in them. The question is, what's really supposed to be there?
I guess I'll report it via their "contact us" link and see what happens. Who knows how quickly they're able to read those reports though...
there was a polymorphic virus that changed it's signature on each infection to such a degree that each infection only had one byte in common.
Ya know, I don't think it's actually impossible for an email borne virus to hide itself like that... Not so long as.com files are still supported, and even if they have to be a full exe, you could do the same cleverness. DLL linking isn't really a problem, since they just need LoadLibrary and GetProcAddress to be in the clear.
I guess it's just a good thing that it's not being done... Though it would be nice to see antivirus software go back to detecting viruses by behavior rather than signature, you wouldn't have to worry so much about people keeping up to date.
Slashdot Mirror
"VM Size" is also called Page File elsewhere, the amount of virtual memory that the application has allocated, but swapped out to disk.
Come to think of it, this may not quite be the case. It might be the total amount of pagefile space allocated to the application. This would include paged-out memory, as well as memory that was in RAM, but would need to go to the pagefile if it were swapped out. (ie, nothing that came directly from an executable or memory-mapped file)
Trying to find out exactly what all the memory usage numbers mean in Windows can be VERY confusing. AFAIK, there is no stat for physical memory used exclusively by a given task. And I'm pretty sure disk cache isn't counted as memory used by an application.
In Windows, Task Manager has a number of columns related to memory usage, notably "Mem Usage" and "VM Size." (Process Explode, "bin/winnt/PView.Exe" from Microsoft's Platform SDK, gives FAR more memory stats.)
"Mem Usage" is the only one on by default, thus most likely to be read by someone who doesn't know anything. (Unless they use something other than Task Manager, which would surprise me.) It corresponds to the application's Working Set, aka how much physical memory it is actively using. (not necessarily exclusively, some of that is shared with other apps)
"VM Size" is also called Page File elsewhere, the amount of virtual memory that the application has allocated, but swapped out to disk.
Right now, I have Firefox 1.0PR (Gecko/20040913 Firefox/0.10.1) running with 9 tabs and it's got 130MB Mem Usage and 198MB VM Size. It's been running for about 2 weeks. I can close several tabs and it won't go down by that much. (If you wait a bit, it drops by a about a few hundred k for each.)
Why, I don't know. I haven't been bothered enough to investigate. Still, I'm a bit impressed that it can manage to keep 130MB in its working set and still stay below 2% CPU on a 600MHz machine. Maybe it's locking stuff unnecessarily or something...
*crashing* on malicious code is *GOOD*, while *running* malicious code is *BAD*.
There is some truth to this, but it seems to have been lost in over-generalization. Crashing is better than data corruption. Detecting the bad data and recovering (even just throwing out the whole set of data) is better still. In some situations, crashing intentionally is a valid recovery method.
The only difference between crashing and taking control is exactly WHAT bad data you feed into the program.
Highly likely, but not necessarily true. It's hard to exploit a bug that causes it to crash on a division by zero. Still, if you don't know whether or not it can be exploited, it's safer to assume that it can.
Wrong, there are quite a lot of messages you can use to cause another program to run arbitrary code.
Very closely related but different holes.
That hole was patched but there are other messages with similar properties, searching MSDN will reveal them.
Searching with what? Not that it would surprise me, but I'm not aware of any others. Presumably you've already done this and know what to look for. All I could find was a callback for capturing frames from playing AVIs, for which you need to be using a specific control.
New messages are added all the time, you cannot filter them all.
Sure you can. Only pass messages known to be safe to DispatchMessage. Or create your own private desktop and put your window there. Ever more inconvenient, but not impossible.
Actually you can't filter WM_TIMER anyway. It's dealt with directly inside GetMessage(), iirc.
According to MSDN, DispatchMessage calls the TimerProc. Of course MSDN has been wrong before, but usually it's not blatently false.
It's already possible to root Windows through an edit control,
You do need to find an edit control running as "root" on the same desktop though. Which means that if someone really hates you, "Run As" is not safe.
you can send a WM_TIMER message to it and tell it to callback to a function pointer, and execute arbitrary code.
You can avoid that hole. Well, sometimes you can avoid that hole. Anywhere that you control the message loop, you can validate WM_TIMER messages before handing them over to DispatchMessage. Of course this means that you have to handle any modal operation in your own code, including message boxes and common dialogs. Not pleasant at all, but somewhere within the realm of possibility.
The problem comes from the fact that any user can send a message to any other HWND, and the code executes as the owner of the control, not the person who sent the message.
The problem comes from the fact that WM_TIMER passes a code pointer in its parameters, that it execute the code at all. And it's not that messages are insecure, allowing anyone to send messages to any window is a valuable IPC pathway. (well, blocking cross process WM_TIMER would probably be fine.) It's that Windows trusts them despite their insecurity.
A similar bug probably exists with window properties and drag&drop. (I haven't actually tried changing the pointers from external code.) Windows trusts code pointers stored in insecure locations. Bad stuff.
How long until sites carry the serial numbers and the decryption key?
I've got a better idea: custom per-user executables, use their credit card number as the registration key. You wanna share your serial number? Go ahead. You've got more to lose than I do.
Ah, but what if the moon falls from the sky and collides with Earth?
and maybe I'll just disable Javascript and steal your images out of spite
No need to disable JavaScript:
- "Tools" menu
- "Page Info" (Ctrl+J)
- "Media" tab
- "Save As..." button
Also works for flash and other weird things that you usually can't right click on to save.
Corel had a huge deal with the Ontario Board of Education a few years back, to get WordPerfect onto every computer. They got it installed... but nobody used it. The Microsoft hold was too strong by then. And this was like 2000. I don't think this had changed...
Apple tried this too. They figured that getting Apple machines into schools would mean that people would want to use their machines elsewhere because they knew them.
The truth is that it works the other way around. Businesses use Microsoft/Intel. People trained only on Apple machines aren't as valuable, so schools that can afford it start getting Microsoft/Intel machines to train their students with.
Furthermore, the adults who learn Windows at work buy Windows for home, because they know it. So now the children learn that as well, regardless of what the schools use. Children generally wouldn't have the income to buy a computer at home, let alone Apple stuff.
Who knows, maybe the world has changed enough for this to work, but I doubt it.
Heh, IE already has a triple-click function built in :)
So does Mozilla Firefox. And Word. And SciTE.
It's a common feature wherever there are large amounts of selectable text:
- single click positions caret
- double click selects word
- triple click selects line/paragraph
Even if you only had one address space
Sorry, this is unclear. I meant "one virtual address space". You almost never have only one virtual address space, but if you did you'd still have ample space to remap 100MB.
Specifically, you have one physical address space,
Usually, as far as we are concerned at the moment.
and the CPU's MMU makes it so that every process' virtual base address is 0.
I'm not completely sure what you're trying to say, but on some architectures that is both wrong and irrelevant. On x86, you usually have all of the segment bases set to 0, but that has nothing to do with paging.
From what i gather one of the reasons swap is considered necessary is that its not possible to shift pages around in physical memory to optimize things.
Paging takes care of that. Even if you only had one address space, any virtual address can be mapped to any physical address. (with a resolution of some page size)
But applications often allocate more memory than they're actually using at one time. Eg, open a second tab in Mozilla and ignore the first for a while. It has to keep all the data for that allocated, but it's just sitting there. Without swap, you might have to close tabs and reload the data later instead of keeping it up for reference.
Besides I had a four-digit account but hated the resentment that came after 2000. And I lost my password.
My four-digit account came with two bonus digits.
The reason that those permissions share the same bit is that 'execute' doesn't apply to directories and 'directory transversal' doesn't apply to files.
I know that, but it's not like bits are expensive.
To create an ACE (access control entry) that affects only one, change the way it is inherited.
For example, you want to make everything under 'profiles' to deny execute permission to 'users'. Open the security tab on the profiles directory, go to advanced, press add. Select users. Change the 'Apply onto' listbox to 'Files only'. Select deny for 'Transverse folder/execute file' Then press OK, set 'Replace permission entries on all child objects...'(optional), press OK.
Hm, I thought I tried that... It does sound like that does exactly what I wanted, thanks. I guess I haven't played with it enough...
About the first thing any Windows program does is to attempt to acquire a mutex to see if the program is already running. In the case of this worm, that's "Jobaka3l." If that exists, the worm dies off without running.
As someone who has written a number of Windows programs, I can tell you that that is not true at all: Most programs don't care if you run multiple instances.
Aside from that, there's a number of people who still think FindWindow is a pretty good way to ensure single instances. There's a good reason for this (a few actually, but never mind the others because they're not as good), which is that it appears to work, sometimes. For a worm, that would certainly be good enough, since failure isn't terribly worrisome. There's a number of other techniques that almost work, any of which would be fine for a worm, where customer satisfaction is approximately 0% of the author's concern.
What I'd rather see is a separation between "don't allow files to execute" and "don't allow subfolder traversal" in the ACLs. Then you could deny execute permission to various temp directories without breaking subdirectories.
Actually, it's not too much of a problem, because another thing that most worms try to do right away is right into %windir% or system32. If you make people run as a restricted user, email worms are pretty well neutered. (mind you, I wouldn't trust that alone, not at all.)
\0 is like a period.
\0 is the beginning of an octal character constant. It's most like a period when it's followed by 56.
I know you mean this as a joke, but I want to take a second to remind people why biometric authenticaion is stupid:
* Your biometrics are not secret
* Your biometrics are not changeable
It sounds like biometrics could work well as a replacement for your username rather than your password.
The only problem I see is that they're a bit more private than a username. This will tend to lull users into considering the secrecy of their passwords less important. "Who cares if they know my password, they can't use it without my fingerprint." And that's true, but then your fingerprints are everywhere.
The only term in the license that says anything about the code you write yourself is:1.1(ii) seems to basically cover anything you'd want to do with it.
The word "benchmark" does not appear anywhere in the EULA, and I'm pretty sure this package will let you develop for the
IANAL, of course.
There are also 2GB CF cards that are made out of real flash memory. That's where the $184 -> $330 price jump comes from. I believe they also make 4GB solid state CF cards, and possibly larger, but they get prohibitively expensive.
The smallest CF microdrive is about 340MB, iirc.
I found a box for this in a local store which had the same chart printed on it. No optimizing compiler. :P
I believe that approximations are the best we can do.
That depends. If you're dealing with a discrete value, you can measure it exactly. Continuous ones can sometimes be calculated exactly, but you can't actually measure them exactly. (Actually, I think the typical use of measurement involves mapping from some space, discrete or continuous, to a discrete one. Discrete space can map 1-to-1 to another discrete space (on a given interval), continuous space cannot.)
This is a different concept from needing a reference point. The position of the mouse cursor on my screen in pixels is a discrete value, but I can choose from a number of reference points and get a different (yet exact) measurement each time. You can even choose different scales with discrete values and still measure exactly.
Color perception has the same problem.
Color is worse: it doesn't exist in the real world. What exists in the real world is wavelength, color is how our brain interprets our eyes' measurements. The effect you saw is because the brain uses the environment as a reference. This has nothing to do with the imprecision of measurements.
With the definition above, you could say that the actual measurement happens not when the wavelength is translated into perception, but when the perception is translated into a name. I'm sure there's some wavelength between red and orange where you could get the same person, under the same lighting conditions, to say that it's red on one occasion but orange on another. That is where approximation comes in.
Now let's see, numbers...
I don't even believe in 1 as a physically measurable number!
I can measure the number of people in this room exactly: 1.
I don't believe in the square root of 2 in any physical sense.
I'm having a bit of difficulty with the square root of 2... been too long since I took geometry. (and I'm trying to avoid a fixed reference point) Would the square root of 3 suffice?
3 photons, each travelling in a direction perpendicular to the other two, intersect in a vacuum. As they continue on, they form the corners of an ever-growing equilateral triangle. Imagine a line from one photon to midway between the other two. This creates two triangles with sides in the ratio of 1:2:sqrt(3).
an eye for an eye and 5 ears for a foot?
At the risk of being called flamebait, that won't do spit of good toward a true Desktop Linux end-user solution. Those of us developing software can give as well as take. But Joe End-User just wants to get their job done. Take take take.
No, the end user does have something they can give you: Linux on the desktop. You want it, they can give it to you.
If that's not enough, why do you care? Shouldn't you then be saying "well, we could give you Desktop Linux, but what are you going to give me in return?"
Yeah, I dunno... That cell is empty (not missing), the other unchecked ones have a single in them. The question is, what's really supposed to be there?
I guess I'll report it via their "contact us" link and see what happens. Who knows how quickly they're able to read those reports though...
there was a polymorphic virus that changed it's signature on each infection to such a degree that each infection only had one byte in common.
.com files are still supported, and even if they have to be a full exe, you could do the same cleverness. DLL linking isn't really a problem, since they just need LoadLibrary and GetProcAddress to be in the clear.
Ya know, I don't think it's actually impossible for an email borne virus to hide itself like that... Not so long as
I guess it's just a good thing that it's not being done... Though it would be nice to see antivirus software go back to detecting viruses by behavior rather than signature, you wouldn't have to worry so much about people keeping up to date.