From a recent linkfest on The Old New Thing blog come the following links:
Some C++ Gotchas – yes, C++ is hard, and if you can keep all the rules in your head, you are a genius (or at least somebody working in C++ for 10+ years). On a related note: Java is also hard too, but most of the times this isn’t a problem because processes like boxing/unboxing are transparent. Also: the general “hardness” of languages come from the number of features and the way they can interact (this means that we are close to combinational complexity), so it is normal that more feature-rich languages have more gotchas. A good example is Perl – it has a ton of features, but you can make weird things in it that will make your head spin. Just watch the presentation below from Oscon2008 (unfortunately the video cuts off at the end):
- Two similar posts: Milestones, Cuts, and what you aren't going to ship and Why doesn't Office just fix all of the bugs before they ship it – the summary is: you can’t fix all the bugs, even in moderately complex software.
- Hardware bitflipping – very cool – verifying that the parameter we got is the same which got passed to the previous function, and using this to detect memory failure
- The four stages of file growth – a little peek into NTFS
From ReverseEngineering Reddit: Keeping the Pirates at Bay: Implementing Crack Protection for Spyro: Year of the Dragon. Very true quote (which companies advertising “100% crack protection” should take to heart):
We may not be able to stop the pirates, but we can have enough of an impact to make pirating a much less attractive option. Given the choice of buying a game or waiting two to three months for a pirated version, a lot of pirates are going to start buying games. Or at least they'll buy their favorite ones.
Also from ReverseEngineering Reddit: A blog describing vulnerabilities in Open-Source software – before you jump to any conclusions: the depth of analysis is possible because the source is available and the fact that this focuses on OSS software doesn’t say anything about the relative security of open vs closed source software.
It seems that some Anti-Malware products detect(ed) VirtualDub as malware. This of course spurred a discussion about the merits of packing with UPX (see my opinion on the matter). Some more ideas on how ensure (or at least make very probably) that your application will not get erroneously included in the malware category.