Abiathar Online - Open by link

It might be useful for people to share links to Abiathar Online level sets so that others can easily browse or fork the levels. So today I added a bit of code that checks for query parameters on the load of the editor page. If all four resources are specified there, the level editing mode launches. It even takes an optional parameter to set the ID of the level to show first.

All of that works perfectly fine, but I started seeing weird graphical artifacts today - it's like only a few tiles get carved out and the rest need a refresh of the level to show up properly. I didn't change anything related to the graphics, and I didn't test before making my changes, and everything looks fine in Edge, so maybe there's something up with Chrome. I will investigate.

The client rectangle only considers the scroll bars sometimes

.NET controls have a ClientRectangle property that gives the measurements of the inside of the control, not counting borders or scroll bars. Weirdly, it seems that scrollbars are not always considered. In Policy Plus's Loaded ADMX Files window, where a column header in a list view is resized to barely fit without creating a horizontal scrollbar, the width of a vertical scrollbar only needs to be subtracted out when the dialog is first being set up. After that (during the resize handler), it can be safely ignored; the client rectangle shrinks to make way for it.

Policy Plus - ADMX details

Previously, Policy Plus provided no way to view all objects defined by a given ADMX file. It could show the path of the ADMX responsible for an object (in the Details window), but there was no way to detail an ADMX.

Now there is. Currently the only way to get to an ADMX Details window is through the new Loaded ADMX Files window, which lists the file title, the containing folder, and the namespace. Double-clicking a row opens that individual ADMX file's window.

As expected, double-clicking an entry here opens the details for that policy object.

These changes are live on GitHub.

SelectedText in a ComboBox isn't necessarily what it sounds like

The Windows Forms ComboBox control has, among others, properties named SelectedItem, SelectedValue, SelectedIndex, and SelectedText. It sounds like all of those refer to the entry selected in the dropdown, and that was my mistaken assumption. Actually, the last one there, SelectedText, is the text highlighted in the editable text box part of the combo-box. All the others really refer to the current drop-down choice. This seems like a good example of surprise being created by naming two different things in the same style.

Markeen - Equal opportunity for first ring

One of the problems remaining in Markeen is that the first position consulted in the spiral sets the starting weights for the space under consideration. This would not be a problem if the consultation of the other first-ring (immediately adjacent) positions each diluted that contribution so that all four weigh equally. That is, unfortunately, not how the algorithm currently works. So today I tried to fix that and allow other positions to have a fair say in the selection.

First I tried rewriting the scoring algorithm to add up all the possibilities for the first ring, then whittle down the chance of those that don't appear in later rings, but something didn't work out and it just made a huge mess, filling the level with disjointed vertical stripes. Unable to understand the issue, I opted to adjust the previous algorithm instead. Now it averages the weights from each first-ring position and goes back to the old behavior once past that. I'm not yet convinced that it actually makes better levels, but at least it doesn't look too bad for deep profiles, which used to be very broken.

ASP.NET postbacks cause Load first

I've been working on an ASP.NET site - pretty much my first serious project with the framework. Many pages do a lot of work in the Load handler to verify that the user should actually be able to see the page, and then fill the page with data. Some of those have buttons on them, which cause postbacks to deliver the notice to the server. This runs the page object setup again, including Init and Load. Therefore, it's not necessary to repeat authentication checks in individual controls' event handlers, since that code won't be reached if Load's code ends the request.

Sending text to a printer in PowerShell

Notepad offers some command-line switches to print a document, but if you want to print out some text without an extra process launch or without writing text to a file, PowerShell supplies the Out-Printer cmdlet. You can specify the printer with the -Name switch; by default, without that, the text will go out your default printer. If you want to print an existing file, pipe in the output of Get-Content (gc).

Not all Windows updates respect the download speed policy

Group Policy offers a policy to limit the BITS background transfer bandwidth. This used to be effective on Windows Update. A commenter on Super User noticed that, at least sometimes, Windows 10 doesn't respect that setting. For them, Windows Update did the download at the maximum possible speed. It's likely that the Creators Update was the item being downloaded, and they speculate that large updates like that one might be considered very important and deserving of fast download. I have no information yet one way or the other, but it does seem that Windows doesn't completely obey that setting for its updates.

Somewhat larger amount of hope for users hit with WannaCrypt

A while ago, someone published Wannakey, a program that can, under some circumstances, extract the private key generated by WannaCrypt. It was only guaranteed to do its job on Windows XP, and was not at the time paired with anything that uses that key to save the encrypted files.

Someone else built on that foundation to create Wanakiwi, which extracts the private key from the running WannaCrypt process and then uses it to repair all the files it can find. It works on Windows 7 as well as Windows XP. There is still an element of chance - the keys could have been overwritten in memory - and a reboot after infection would blow away the whole prospect, but Wanakiwi is much more hope for affected users.

Keeping hashtable keys in order in PowerShell

These two expressions produce the same thing in PowerShell:

@{'A' = 'one'; 'B' = 'two'}
@{'B' = 'two'; 'A' = 'one'}

The A key always gets output first. If you want to keep them in the supplied order - say, if you're trying to get a CSV with columns arranged in a specific way - you can use [ordered]. This correctly keeps B first:

[ordered]@{'B' = 'two'; 'A' = 'one'}

Registry data types are just labels

If you poke around the Registry Editor enough, you might find some values of the Data column that say something like "invalid DWORD (32-bit) value." This happens when the data held in that value is not the right length for the supposed data type. DWORDs should be 4 bytes long, but there's nothing stopping them from being anything else. The function responsible for setting values, RegSetValueEx, takes a data length and pointer to the data. To view and edit these entries of unusual length, double-click them in the Registry Editor to open the binary data editing window.

Small amount of hope for XP users hit with WannaCrypt

The ransomware WannaCrypt generates both halves of its key pair client-side, but it releases the private key so that its victims can't decrypt their files. On Windows XP, though, the function responsible for destroying the key does not immediately erase it from memory.

Someone created a tool to take advantage of those facts. Wannakey searches a WannaCrypt process's memory for the private key, saving it to disk. The caveats are that it only works if the system hasn't rebooted since the infection and that the memory occupied by the key could have been repurposed for something else in the meantime. So this provides a small but nonzero amount of hope.

The Windows CloudStore

Windows stores some desktop/shell-related settings in this Registry section:

HKCU\Software\Microsoft\Windows\CurrentVersion\CloudStore\Store\Cache\DefaultAccount

Each subkey is one setting. After the first dollar sign in the subkey name is a GUID for the object, or nothing if there can be only one of that type. After the second dollar sign is the object's type. For example, there are tons of windows.data.curatedtilecollection.tile but only one windows.data.bluelightreduction.settings. Inside that key is a Current subkey, which has a single value: Data, of the binary type.

It appers that the first four bytes of that data are always 02 00 00 00, perhaps a version signature. Then the next eight bytes are the last-modified time as a FILETIME. Then there are four more zero bytes. After that, it gets into type-specific data, which I have not yet managed to figure out.

Configuring blue light reduction settings with PowerShell

Windows 10 1703 introduces the "night light" feature, also known as blue light reduction. Its settings are stored in the Registry, but it's a binary blob under CloudStore, rather difficult to manipulate. One user was interested in automating the setting in some way. They already found this GitHub script that sets some values, but it only supports a handful of predefined configurations. So I took a look.

Wild speculation brought me to the SettingsHandlers_Display.dll file, which I suspect is responsible for the relevant part of the Settings app. I got a hold of a 32-bit version so IDA could disassemble it, but it appears to be written in C++ and so is a huge mess to reverse engineer. There seems to be COM involved as well, and though IDA mentions some class names and even some structs' members' names, I couldn't figure out where the saving/loading took place. Looking for struct definitions to get some ideas on the blob's layout, I acquired the PDB file for the DLL, but couldn't accomplish anything with it.

So I was back to plain old pattern recognition. One run of bytes changed every time I edited the blue light settings, no matter what control I altered, and I deduced that to be a FILETIME indicating the store entry's last-modified time. Flipping some switches caused the blob to grow in size, which was puzzling, but most changes just replaced one or two bytes - at least those were easy to track down. It was in that way that I figured out where the color temperature slider's state was kept. The actual numeric value that it changed, though, did not make sense. Changing the Registry value in certain slight ways inexplicably jammed the slider against one end of the other. It didn't help that I didn't know what value the bytes were serializing from the slider.

Use of the Inspect tool revealed the numeric value of the slider. Like f.lux, it remembers color temperature in Kelvin. Some seriously bizarre binary math goes on in the serialization. Nevertheless, I figured out the formula. And though I don't quite have a handle on why the blob expands and contracts, my script works consistently. Interestingly, some of the UI elements in the Settings app immediately update when the script is run.

The script itself is in my Super User answer.

PowerPoint has trouble with images over MTP

While working on a PowerPoint presentation, I needed to add a picture I had taken on my phone. So I connected my phone to the computer over USB and did the normal Insert | Picture thing, selecting the desired photo in the resulting standard file browser. But instead of inserting the image into my presentation, PowerPoint just froze and would not do anything at all. I had to end the process. Then I tried opening the picture in the Photos app off my phone, copying it with the context menu, and pasting that into PowerPoint, but that brought up a message about PowerPoint being made unstable. Copying the actual image file off the phone onto my disk then inserting that file worked perfectly fine.

Apparently, PowerPoint doesn't handle embedded images well from MTP (Media Transfer Protocol). I suspect other Office programs have the same issue, but I have not checked those.

Test mocks are definitely worth it

I'm currently working on an application that interacts with a system outside the machine it runs on - specifically, it sends and receives text messages through an Internet SMS gateway. That gets rather unwieldy in test environments, since obviously I can't use real people's data, and I only have one or two phones available to me at any given time. Besides, using the SMS gateway costs money.

It used to take me a while to get the SMS gateway connected for tests, and waiting for the texts to go through one direction and back the other also took up several moments, but it was never too much of an inconvenience. Then one day while planning a large round of tests on new features, I decided to finally sit down and write a mock for the gateway. Instead of actually sending the texts out to the Internet, this message provider (a drop-in replacement for the real library) just puts them up in a window. Instead of me needing to text back on a phone, I just type the "from" number and the text into some fields and click a button.

This is fast and exceptionally convenient compared to the old system. I wasn't sure before creating it whether it would be worthwhile, but it unquestionably was. Of course, this presupposes an architecture that allows easy drop-in replacement of the component being mocked, but if you have that infrastructure, strongly consider making a test mock.

Making Chrome render web page fonts the same as UI fonts

One user found that Chrome rendered web page's fonts in a way that made them very challenging to read - the characters were effectively less than one pixel wide. They found, however, that it rendered text in Chrome itself perfectly fine.

What solved the problem was disabling LCD text antialiasing (lcd-text-aa) in chrome://flags. My answer also mentioned disable-direct-write as another thing to try, but that flag appears to no longer exist.

Windows is not necessarily downloading anything when it says "downloading updates"

I've noticed that the phase reported in the Windows Update part of Settings isn't always a great description of what's actually going on. Today I updated a VM that I had sitting around for a while. During the "downloading updates" phase, barely any actual downloading is going on, which is verifiable with the Performance tab of Task Manager. Both the host and the guest reported virtually no network activity of any kind during the majority of that phase.

Instead, there's a lot of hard disk activity going on in the Windows Update service and the System process. Quite a lot of it is just reading, so it's possible there's unpacking or inventory-taking happening instead of downloading.

Get-ChildItem can be far slower than classic dir

A Super User member noticed that PowerShell's directory listing command Get-ChildItem is dramatically slower than a simple dir in the normal command prompt. He tried launching the command prompt from PowerShell to do the listing (cmd /c dir) and found no noticeable difference in speed.

The explanation is that starting processes is an expensive operation. For short listings, the process launch overwhelms the cost of doing the PowerShell listing. When I tried it with long listings, like in System32, the command processor beats PowerShell hugely: by an order of magnitude, at least on my machine.

I suspect the PowerShell slowness comes from managed overhead: the creation of .NET FileInfo objects and the filling of all their properties. Then to be displayed in the console (assuming the user is just browsing around), those objects have to be formatted, while the dir output is already a string.

Exporting Windows certificates as PFX files

The Certificates snap-in for MMC sometimes doesn't allow a certificate to be exported as a PFX. In that case, the exporting has to be done with PowerShell.

Navigate into the appropriate store under the cert:\ drive. Then use the Export-PfxCertificate cmdlet, supplying the certificate object's path in -Cert, the output filename in -FilePath, and the desired PFX file password as a secure string in -Password.

Windows 10 1703 features a new .NET version

The newest update to Windows 10 - 1703, the Creators Update - includes a new version of the .NET Framework. .NET 4.7 includes small improvements to a handful of components, from Windows Forms (better high-DPI awareness!) to WCF (more security protocols). The new framework version can run on Windows 7 and newer; both online and offline installers are available.

Further reading: the Microsoft Docs article on what's new and the API differences.

Improvements to regedit in Windows 10 1703

The Creators Update (1703) to Windows 10 includes a little-publicized but very welcome improvement. The Registry Editor now has two extra Explorer-like features, and one new advanced feature.

An address bar (replacing the status bar) shows the current full path, and allows copying. A path can be typed or pasted to navigate quickly, which will be excellent for people following Internet guides.

Second, there's now a Favorites feature. A key can be added to the favorites list, where it shows up under the Favorites menu. These locations can be managed with Favorites | Remove Favorite.

It also introduces the View | Display Binary Data option. Clicking that menu item opens the current value's data as the raw bytes. Relatedly, there's a new Modify Binary Data entry on the value context menu that allows editing that data, like the binary data editor from the past, but with more convenient selection ability.

Not all of PowerShell works on Linux

As great as it is that PowerShell has a Linux version, not all features are there quite yet. There are two major classes of things that are only supported on Windows:

• Types provided by unmanaged libraries, especially COM. The ParsedHtml property on the objects returned by Invoke-WebRequest, for example, is of a COM class provided by mshtml.dll - an Internet Explorer component. Since that functionality has not been ported, that property is null on other platforms.
• Cmdlets to manage Windows-only systems. Linux doesn't have the Windows concept of Modern apps, so all the Appx-related cmdlets aren't there. Similarly, Linux PowerShell is missing cmdlets for Hyper-V, Windows Firewall, and so on.

Though lots of things do work perfectly fine on any platform, it's advisable to test a script on at least one non-Windows OS. I find Bash on Ubuntu on Windows a convenient way of doing that - installing PowerShell in there is just the same as on a real Ubuntu machine.

Policy Plus hits the road

A while back, I showed Policy Plus at my school's tech fair. Since they liked it, I got to advance to the region's tech fair (the east ITEC one), which was held today.

This time, I brought not one, but two laptops: one to display an automatic looping PowerPoint and the other for me to use for live demos. A pair of judges arrived fairly quickly. Neither were familiar with Group Policy, so I summarized that first. After showing the similarity of Policy Plus and the Local Group Policy Editor, I demonstrated the new features of Policy Plus. The judges seemed interested, and told me that they would send some more people to look at my project.

Sure enough, I got quite a few people talking to me throughout the day, so many that I didn't dare to go around and examine other projects for too long lest I miss a visitor. Thankfully, a couple of the judges had at least some familiarity with Group Policy. One was even a Windows sysadmin - that was a good conversation. He had some ideas for further development.

At the end of the event, red or blue ribbons were handed out to each project. Most of the projects from my school, including mine, received blue ones. Then to close, four purple ribbons were given out, conferring the privilege of presenting the project at the main ITEC convention (for technology teachers) this fall. Policy Plus got one of those, so sometime in October I'll need to arrange for it to be shown at the convention - apparently I don't have to personally be there for it to be there.