Useful Tools for Examining Windows Systems

https://learn.microsoft.com/en-us/sysinternals/downloads/process-explorer

System Internals at Microsoft has a large toolkit of pretty capable tools.

Process Explorer is a much more capable version of task manager.

Rootkit revealer can help uncover more sophisticated malware that isn’t caught by defender.

The sysinternal suite link downloads a single zip file with most of the sysinternals tools.

These tools can give visibility into the internals of windows and diagnose problems. Doing diagnosis successfully will require a good bit of learning curve and digging but the more you learn the more you can do and much of that knowledge comes in handy when doing system level coding as well.

Third day at my new job…

Got the basic on-boarding stuff completed and started assessing the things I need to wrap my arms around in order to be effective in the long term. Lots to still get on top of and lots to get done.

Very, very glad to have a job to do…I’m happier when I have things to get done and tools to do them with.

At this point I am the software engineering manager at Excelitas/Axum. While I have no direct reports I have lots of things to think about getting done 🙂 I expect that the reports may change but the lots of things is likely a permanent condition…and I like it that way.

I will certainly be happier and less stressed once I can feel as if I have my detailed goals and objectives in hand and have a better idea of what my priorities are. It is nice that I’m in a position to mostly ferret those out and define the path forward but until I know enough and have had the time to understand the people and the process needs here it feels a bit like walking a tightrope without a net…but I do know it will get better and sooner than I think so that is good 🙂

The commute isn’t bad so far and the people are great (if a bit busy at the end of the quarter). I’m mostly looking at making progress each day and building day after day until things are humming along…

Another week of tech refresher and job search

Starting a new week and still spread out on tech topics to visit but a little more focused after the weekend.

Looking at a week of OpenGL, OpenCL, WPF, WinForms, C# and Java as I keep at my tech refresher work on things I haven’t touched recently.

———-

I keep running into opportunities where embedded and UI are both relevant. Some also add in 3D rendering. I have done a modest amount of work in both, but generally as a prototyping/tooling/home project thing and it has been a while since I dipped my toes in there (the crypto work at Draeger was pretty intense). The most recent home project work has involved VR and Unity rather than the lower level APIs so that doesn’t necessarily translate directly.

I ramp fast so part of this is refresher and part of this is a demonstration (if all goes well). This will still be a bit spread out as there have been quite a few areas that job descriptions have pointed to.

At this point I’m planning to spend most of my 3D-ish time in OpenGL and OpenCL as Vulkan and Direct3D 12 seem to be more appropriate to high performance video games and I’ve done some work in the past using OpenGL and done substantial reading on OpenCL.

On the UI front I may very well do a little MFC work to support the OpenGL coding as the sample frameworks in C++ that are provided by the books I have (‘OpenGL Superbible: Comprehensive Tutorial and Reference 7th Edition’ and ‘OpenCL Programming Guide (OpenGL) 1st Edition’) are pretty rudimentary. Once I have C++ based code running I’ll probably step over to trying some things in WinForms (on place seems to really want WinForms and 3D) and WPF using PInvoke or helper DLLs in C++.

I’m also going to look at back-filling some areas of C# where I’m weak…particularly LINQ and the async/await patterns.

Java has come up on the cloud side lately as well. Since it has been a few years since I wrote any Java I picked up the latest ‘Core Java, Volume I: Fundamentals, 12th edition’ and ‘Core Java: Advanced Features, Volume 2, 12th Edition’. Looks from a quick scan as if Java has changed less in recent years than C++ or C# so some refresher exercises and reading seems like it should do. I haven’t really used my IntelliJ IDEA license in some time (other parts of the JetBrains Toolkit have been of great value) so this will be a welcome chance to get that up and in service as well.

New computer is up and running…

Finally have an upgraded gaming machine. I’ve been putting off as video cards stayed crazy expensive and I was doing ok with the only but capable machine on my desk (beside really). I finally took the plunge this spring to get moving on something more modern. Nice to have a more responsive machine that isn’t slowly aging out 🙂

Now I’m helping my sister’s son spec out parts for a machine of his own. Should be at the point soon where he can order parts as well and I’ll help him handle the integration process.

Next steps (see pandamallet where that sort of stuff lives) will be to get some Unity coding going, put together some WebGL stuff and see where things can go in terms of fun coding.

Facebook account hack frustrations

Definitely feeling @facebook frustration here.

Lorna had her @facebook account hacked in March (sometime around March 23). She has had the same account for 20+ years and uses that account to stay in touch with our daughter Alyssa who is in the navy and stationed in San Diego.

That account (and our netflix account) were compromised in the middle of the night and by mid-day the following day we had recovered both accounts. At that point we thought things were basically dealt with.

She appears to have chosen a poor password (the name of one of our pets from some time ago) and it was guessed. I was a bit concerned when facebook asked for a scan of her driver’s license but in the end we sent what they asked.

The account was reclaimed and then instantly disabled for ‘violating community standards’. Lorna thought this was just a 30 day thing as nothing she had posted caused it and we assumed facebook had removed whatever the hacker posted and was punishing her for having a poor password.

It is now June and her account remains disabled. I have had no luck finding a way to work with facebook to recover the account or address whatever may have been done during the hack. Friends have suggested just creating a new account but that violates facebook terms of service and loses 20 years of history that her real account contains.

At this point I’m going to have to just keep trying avenues to contact them and see if I can work this out. If I had a bigger presence on the web I’d be able to post public comments and perhaps force a response. As is I’ll just have to keep at it and hope that I’ll eventually find someone who can provide assistance.

Fun with Facebook Bans

My wife had her account hacked a while back. At 1 AM here someone guessed her password and appears to have hijacked the account and broken some of Facebook’s terms of service. In the morning when she was notified that something wasn’t right with her account we recovered the account and found a ban notice.

She followed the steps for appealing the ban (which seemed a bit scary as they involved sending facebook a picture of her driver’s license) and nothing much seemed to happen except that the lock-out page now said no appeal was possible.

We’ve been waiting now to see if the ban expires and she can get back on. I didn’t make a note of when this started because I expected the time to go by and everything to reset. It still hasn’t and facebook is notoriously unhelpful to those who use their service.

I’ve finally sent an email to disabled@fb.com which appears to be the email address for discussing disabled facebook accounts. Hoping this works and gets us some information on the state of affairs. I also saw that there is appeals@fb.com for information specifically related to appealing actions taken by facebook. If this email doesn’t get a response I may try that one next.

Frustrating that there seems to be so little access to feedback from facebook. Even more scary that if this happened to me I’d lose the ability to do much with my Oculus Quest 2 VR headset and have no easy way to figure out what was happening or how to make things right.

Long time no posts…

The site here has been quiet for some time. I really need to talk to GoDaddy and get my hosting migrated from the legacy unix hosting I’m on currently. The current version of PHP is not supported here so my wordpress version is locked down until I do that. I’ve been avoiding adding content so that I have less to lose the transition gets messed up. I backed the whole site up a few months back…

Still moving the network cryptography design forward at work. Many, many details to lock down and several teams to keep on track. Feedback is wonderful but making sure it all gets propagate to the right places is always challenging.

Started playing in a friend’s online D&D 5e game a few weeks back. Only been two session so far as scheduling has made it hard to get everyone online at the same time. This is a zoom and foundry virtual tabletop based game as the players are not co-located. So far the games have worked pretty well. I’d like a slicker virtual game system but the one we’re using is probably the best that can be found out there…not a lot of money in building such things I expect.

It has been a long time since I played in a game and still pretty long since I’ve run one (3.5e last time around). I have been watching some YouTube pieces by Seth Skorkowsky that have me thinking I’d love to try some Traveller SF gaming or Call of Cthulhu. I used to do lots of board wargaming and tended to avoid combat light games with more investigation and less fighting but I’m intrigued after seeing his descriptions of running these. Who knows, perhaps some day 🙂

I’ve been bringing my C# up to date with some tool code for home projects lately. That should also flow into working with Unity once I get back to VR coding again. For now I’m just working on my command of modern C# idiom and best practices while coding up some tools to help manage my photography and other archives using a MongoDb back-end to locate duplicates and ensure I have the right number of backup copies for things.

I’ve tended to dump snapshots of important data on a new large hard drive periodically. This leaves me with (probably) far more duplicate backups of some things and perhaps too few of others. Building some code to scan the file systems and record file paths and cryptographic hashes for everything should allow me to locate duplicates and clean things up a bit. Hoping I end up with gobs of free space when I’m done. Worst case I polish my C# a bit and have some handy tools when I’m done.

Second Life and VR INteractions

A friend asked me about second life recently. I thought I’d comment here is a bit more detail than my facebook response…

I have limited exposure to second life. I do have an identity there as NineCrows. Haven’t used it in some time but I checked after you mentioned it and reset my password to something I know.

It would be cool to try that environment with room scale VR and I’ll look to see if they have software for that sometime soon. I did check and it looks as if they took a run at a VR product but gave up and sold off what was left.

My take on web- next with them is that they have the AOL or CompuServe walled garden model and that is limiting.

The web took off when HTTP and HTML were released openly and without royalties. Add in the free mosaic browser and free web servers (i admit that apache is the earliest I can remember…there may have been earlier options) and the web exploded.

I would think that an immersive VR web could happen if some group put together the equivalent for VR worlds with an open and relatively uncluttered protocol, a free open source client and server (these don’t need to be fancy, just work reasonably well with an assortment of hardware) and a URL equivalent for doorways between independent servers.

That would make it possible for a merchant or site to host their own environment with various implementations of fancier servers and clients in the mix and doors acting like links in the VR environment. Would be cool, I suspect we need more good quality VR systems and better internet links (lower latency?) out there for something like that to retake off.

I’m thinking that the protocol design would be the hardest part. You need to be able to push the complex information needed to render a virtual environment out quickly, handle the interim situation as assets load in a way that doesn’t make people upset and end up with high enough quality at the end that users would enjoy the experience.

Interesting challenge but one that is huge enough in scope that I’m not currently in a position to even poke at it 🙂 I do have a friend who wants to try VR chat sometime soon though so I may be able to get a basic idea from that as to how things perform in terms of latency and overall experience.

On reflection, if I take the random dungeon generator toy project in Unity far enough this might be an interesting ‘stretch’ goal. Allow doors to pull layout and assets from a remote machine (on my local net for simplicity) and render them in VR. Cool idea, probably too challenging to get to any time before something else catches my attention for home projects though…

Moday, September 7, 2020

Got the work bench in the basement cleaned up (finally). Not perfect at this point as much of the clutter that was on the bench is not in boxes of bins…but usable.

Installed the latest blender on several decently capable machines. The learning curve to get to a level of proficiency I want/need remains dauntingly steep. Challenges to be surmounted 🙂

I’m also probably going to look deeper into either WPF or Angular UI building so that I can build some tools I really could use. Probably WPF as some of these tools really want access to low level windows APIs and control of where windows show on the screen.

I think I want to become more comfortable with simple graphical editing in WPF (could go with MFC but that is really old-school) and see if I can build the tools I want to laying out things for Unity projects.

Friday, September 4, 2020

Looking to get back to some personal software projects as the fall approaches.

Got the VR system back together in the basement again. Software updates have been done. Needing to decide whether to pick cluster back up or head off in a different direction.

It has been a crazy year (almost) since I went from KMC to Draeger.

Started during a busy time for the team and spent a couple of months designing and prototyping an architecture for modern password management. Kind of a fun exercise building out samples for windows in C++ and C# and for linux in C using OpenSSL.

Dug in a bit and found that the bcrypt password hashing algorithm is obsolete. SCrypt partially replaced it and PBKDF2 seems to be the modern, tunable option.

Around December the member of the team who was leading (and mostly building) the proposal for the overall security architecture for the networking aspect of our devices gave his notice. As I was available and know my way around cryptography and cyber-security I stepped in and have spent the time since then taking his rough sketch and getting it much closer to a final product.

This has been particularly interesting as the devices on the network span three different operating systems. Some of the devices are rather old with low powered processors on no frills on the CPU selection. This needs to pass muster at FDA in the recent climate there where cybersecurity is being taken seriously and it has to drop into the existing network architecture without too much dislocation.

Fun challenge made even more challenging by the arrival of covid-19. I’ve been working from home and communicating with the rest of the team by teleconference and email. Nice to avoid the commute for a while and it has been a very pleasant summer but everything is harder when you can’t easily take everyone into a conference room and hash things out on the white-board.

I’m hoping that things will calm down a bit now so that I can get some VR work going again. I’m still toying with buying a resharper license to make C# development a bit more pleasant. I’m looking at VR headsets and newer CPUs and the 3000 series graphics cards that NVidia is about to release but probably won’t make a move on that front any time soon. If a new and exciting VR headset came out I might go for that…so far I’m not sold on any of the latest crop over my old first generation vive.

I’m still doing some photography though with our vacation plans for this year totally cancelled I haven’t had anything more photogenic than the pond to shoot. We did get the kayaks back in the water this summer and I’ve been getting a decent amount of paddling in. I’ll probably get out on the water some more this weekend and likely bring the camera along.

Thoughts and Considerations…