Remember how I write a blog about drivers and Windows and stuff? SURPRISE! Your drivers girl is now a security engineer. As a kid, I actually went through a phase where I wanted to be a hacker when I grew up - guess I’m livin’ the dream now. A lot of people are curious about what it’s like to be a penetration tester (which is a person who is paid by the good guys to hack into things before the bad guys can. That way, the good guys can fix it).
This little piggy found an exploit - discovering and reporting my first XSS vulnerability in the wild
Recently, I participated in a couple of Capture the Flag (CTF) security events at Microsoft (my employer) for the first time.
A while ago, one of my friends was testing out ideas for potential interview questions for candidates at his company. One of the options:
If you’ve ever written code to fire a timer in x seconds from now, it’s generally pretty straightforward. Usually you just call some function and tell it “I want you to fire in 5 seconds” and “here’s what method to call once the timer goes off!”.
Loosely defined as “a commonly used, yet counterproductive solution to a problem”.
I’ve had a lot of free time the past week and a half because I had hip surgery last Wednesday. During my time on the couch, I watched the entirety of HBO’s highly-addictive sci-fi/Western series, Westworld. Here are some silly observations about the future of tech if the future is the one imagined in the show.
The folks behind the awesome Developer to CTO newsletter deigned me worthy of an interview. In their own words, “Developer to CTO is a weekly newsletter that provides career advice to software developers. We conduct interviews with senior technical leaders for our readers to gain insight into their career paths.”
One of my friends was recently trying to run Origin on her Windows 10 PC - it gave her a warning saying:
You already know that I’m a fan of the Easter Eggs in the !ndiskd WinDbg extension, but let’s talk business.
My employer doesn’t generally open-source code, so I am basking in the novelty of a driver sample I wrote being open sourced.
Solving Windows crash dumps (particularly bugcheck 9F, for which I have a post on debugging basics) brings me a lot of satisfaction.
I have recently enjoyed the opportunity to write some blog posts as part my job (which, if you’re new here, is a software engineer at Microsoft for the Buses team, most lately working on USB Type-C). Since I view this personal blog as a way to share my technical writing, I’ll post links to them here and update the list whenever I write more at work for our official team blog.
This post is for driver or kernel developers/enthusiasts who have encountered a Blue Screen of Death on Windows where the bugcheck code is 0x9F, DRIVER_POWER_STATE_FAILURE, and parameter 1 is 0x3. There are a few variants on DRIVER_POWER_STATE_FAILURE, but this one is when a device object has been blocking an IRP for too long a time.
Everyone knows Ctrl + Alt + Del, but do you know Ctrl + Shift + Esc?
When I tell people that I work on USB at my job, a startlingly high number of you say something like “Can you do something about the problem where it takes 3 tries to plug the darn thing in? HAhahahaahahHAAA!!”.
The links for the specialized problems no longer work, but you can still try your hand at regex golf at Regex Golf.
I recently read and extremely enjoyed The Martian by Andy Weir, so I thought a little The Martian themed post is in order. Don’t worry if you haven’t read the book (or seen the movie) – this post doesn’t require any knowledge of the book (you should still read it, though. It’s that good.) or even of priority inversions. There are also no spoilers about The Martian beyond what you could get from reading the back cover, so read on.
I unabashedly love C. I opened the C Standard for something yesterday. I am not an expert in C, but it is most assuredly my favorite programming language. There’s this silly article someone sent me called If Programming Languages Were Harry Potter Characters. Whoever wrote this article decided that C is Voldemort. Well, if that’s the case, just call me a Death Eater.
When I first learned to program in high school and college, the emphasis was on correctness and not on performance. When I taught students programming in college as a teaching assistant, I would often point out a suboptimal code path to the student. I can’t tell you how many times I heard the following phrase: “Well, processors are fast enough these days that it doesn’t really matter. Even still, the compiler will optimize it away”.