Debugging Optimized Code in Visual Studio 11

Good to know

VC11, the compiler in Visual Studio 2012, has a new undocumented switch. Add /d2Zi+ to your builds. This blog post was written before 2012 was released, but I guess this feature never got out of the undocumented phase, which might mean it’s not entirely stable.

I’m still going to try it.

Image File Execution Options – evil

I always forget about this. Viruses like to stuff hundreds of entries into

HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options

This is a very old bypass that was put in to aid in debugging, but it can also be used to completely hijack a program. You add a key that’s the name of an executable, and then you add a string value named Debugger; the contents of this are what’s used to “debug” the program. If you put something that’s not a debugger but always present, then your program won’t run. Malware tends to stuff this with svchost.exe. So if you had

Windows Registry Editor Version 5.00

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\mbam.exe]

then you’d be unable to run any program named mbam.exe. This is a surprisingly effective technique, especially when you add an entry “regedit.exe” preventing the Regedit.exe editor from being used. Programmers can still use reg.exe on the command-line, this seems to be immune to this interception technique. Or maybe the last time I saw this on a computer, the virus missed that loophole.

Note that there is still a semi-legitimate key to add to an entry in Image File Execution Options, and that is a REG_DWORD named DisableExceptionChainValidation. This is another hack that Microsoft added – if your program is crashing a lot, this gets set and makes things a little better. I forget why, I should look it up.

Mac VM automation


Fingerprints are user ids, not passwords

This was a “of course!” moment for me.

Yes, exactly, fingerprints are authentication, not authorization. The fingerprint is a moniker, a hash, a “true name”. In fact, it’s a pretty awesome username, because it’s hard for me to forget it.

But any biometric value is horrible for a password. Once it’s copied, I am screwed, because I can’t change it. This is why biometrics should never be used for passwords, because even if they were hard to copy (and they currently are not), you can’t change them.

Now, one big challenge is that authentication in the current parlance combines identification with proof of identification – the combination of userid and password is the authentication. So we should have three things:

  1. identification – who you are. Anyone can know this.
  2. authentication – id + password. You prove that you are you.
  3. authorization – authentication + rights. You can now access some specific thing

Authorization without authentication is just “here is a set of things that anyone is allowed to access”. Public domain is a set of rights attached to the user “anyone”.

I’d love to see iOS 7.1 with the fingerprint just being the id, and then there’s still a traditional and optional password. This would be far more secure for most people, because most people don’t use a password on their phone, but it doesn’t pretend to be actually secure, you need a password for that.

Or a second phone to do the phone-in authentication to use the first one :)

Windows + cmd.exe + Python + colored output

It’s not a make-or-break thing, but sometimes you want to make console output more readable.

And sometimes you want to know if you’re connected to a terminal or are redirecting to a file.