April 2008 - Posts

Microsoft SLPS (Part 1)
16 April 08 11:17 AM | adrian | 1 comment(s)

Decompiling means converting a program back to the original source code. Previously, decompilation is difficult because you need to understand assembly (which is the least human readable language). Assembly code is translated into machine language (readable by CPU) by the operating system. In .NET, this is not the case. Decompiling is easy.

.NET Compilation

Before we jump into how to decompile, we need to undestand compilation first. In .NET, compilation means converting from .NET language (Visual Basic or C#) to MSIL (Microsoft Intermediate Language).

DLL and EXE file you distribute will contain MSIL. When run, the .NET runtime will do another set of compilation before execution (that's why it's called Just-In-Time Compilation) to the platform's assembly language. The assembly language then sent to the platform's operating system.

This means, one set of DLL and EXE file can be run on multiple platform without changes, since translation to the platform's instructions are done after distribution or just before execution. The .NET runtime is also called virtual machine, since it acts as an intermediate machine.

The bad thing is, since the compilation does not generate assembly language, instead a standardized intermediate language, someone can easily take this and translate it back to the original source code with little difficulty.

.NET Decompiler

In fact, the .NET Software Development Kit includes a tool to help you open up the DLL and EXE file to retrieve the MSIL code. This tool is called ildasm.exe (IL De-Assembler). For example, we will decompile a simple Hello World application.

1. Run ildasm tool. This tool is included with all Windows SDK distribution. You can run it from the Start Menu > Programs > Microsoft Windows SDK [version] > Tools > IL Disassembler.
2. Once the window is opened, drag and drop the file you want to disassemble. You can use the attached HelloWorld.exe file or any .NET assembly.
3. To see the IL code, just double click on any method. For this demo, you can double click on Main to see how the console application retrieves the current user name.

   .method private hidebysig static void  Main(string[] args) cil managed
   {
     .entrypoint
     // Code size       29 (0x1d)
     .maxstack  8
     IL_0000:  nop
     IL_0001:  ldstr      "Hello {0}!"
     IL_0006:  call       string [mscorlib]System.Environment::get_UserName()
     IL_000b:  call       string [mscorlib]System.String::Format(string,
                                                                 object)
     IL_0010:  call       void [mscorlib]System.Console::WriteLine(string)
     IL_0015:  nop
     IL_0016:  call       string [mscorlib]System.Console::ReadLine()
     IL_001b:  pop
     IL_001c:  ret
   } // end of method Program::Main

4. I won't dig in to the details of the IL, but suffice to say, you can see that the application calls System.Environment.get_UserName() method to retrieve the current user name. Easy enough.
5. If you need a more developer-friendly code, you can download Reflector (at http://www.aisto.com/roeder/dotnet/). This tool will convert the IL code back to the language of your choice.

Why Do I Need to Worry?

So people can easily get back my source code. So what? Well, there are several reasons why source code is important.

1. With source code, you can modify and recompile a modified code. This is easier than changing a compiled binary file. To overcome this, .NET have a feature called Code Access Security. With CAS, you can sign a compiled DLL or EXE with a private key. During execution, you can enforce that the DLL you create have the specific sign. Any tampered DLL will have a different sign.
2. With source code, your intellectual property; like algorithm, process, or even secret, can be exposed. Imagine you have a product key generation algorithm. Anyone with access to your source code will be able to reverse engineer and generate a valid key for your product, without even paying. This is the part where Microsoft SLPS comes in.
    

What is Microsoft SLPS Then?

In short, Microsoft SLPS enables you to encrypt parts of your source code. The encrypted parts will not be able to be decompiled. Second part, Microsoft SLPS also enables product feature management. You may want to create three version of your product with different features (and price). You can easily do this with Microsoft SLPS.

I saved the discussion about how to use Microsoft SLPS in the next topic. For those eager to know may visit Microsoft SLPS web site at http://www.microsoft.com/slps. MSDN Subscribers can request for a limited account to try the service.

Share this post: | | | |

Filed under: .NET Framework, Life of An MVP

More and More Quality Readings!
12 April 08 11:56 PM | adrian | with no comments

I went to a computer book store today, and found lots of interesting books that we can only download back in Indonesia.

They are pictured sitting on top of my trusty laptop.

• The Wisdom of Crowds, James Surowiecki
• The Mythical Man-Month, Fred Brooks
• Code Complete, Steve McConnell

I already went 2/3rd of Wisdom of Crowds, after that I'll re-re-read MMM (I went through it twice during my undergrad years - read on computer screen, bad for eyes).

I spent around $200 for all three. This should keep me reading for the next 2 or 3 months... :D

I also found more good books (which I can't buy yet, out of budget):

• Design Patterns, GoF (this is definitely the next buy!)
• Refactoring Databases, Scott Ambler

Another book is also coming from U.S. together with my new mouse, it's about the history of personal computer... Fire in The Valley by Paul Freiberger. This book have been turned into a movie titled Pirates of Silicon Valley. Can't wait to read this one.

Share this post: | | | |

Filed under: Life of An MVP, Singapore

I am Hiring
06 April 08 01:58 AM | adrian | 1 comment(s)

Yes, I am hiring...

I am looking for several freelancers for the following positions:

1. Web Designer
2. Application Developer
3. Technical Writer

General requirements for all position:

1. Reads, speaks, and writes English fluently. Do submit proof of English fluency (be it a TOEFL cert, IELTS cert, sample writings, or anything that shows off your English). I am very sensitive to bad English, if you can't read MSDN properly, you are not encouraged to apply.
2. Have good access to Internet, preferably during meeting sessions (usually Saturday mornings). Anywhere, anytime access is even better. Work is exclusively online, from anywhere, anytime you like.
3. Citizen of Indonesia. I want the work produced by an all-Indonesian team. Reason: http://wss-id.org/blogs/narenda/archive/2008/04/03/berbuat-sesuatu-demi-bangsa.aspx.

Specific requirements for Web Designer:

1. I will use Microsoft Visual Studio 2008 and Microsoft Expression Design exclusively. Your Photoshop/Flash/Dreamweaver skills does not count.
2. Have the ability to create XHTML 1.0-compliant page. If you don’t know XHTML, you are not encouraged to apply.
3. Have the ability to use CSS 2.1 effectively. If you don’t know CSS, you are not encouraged to apply.
4. Be able to create a Web 2.0-style design. Do submit proof of your past designs / design concepts.

Specific requirements for Application Developer:

1. I will use Microsoft Visual Studio 2008 and C# exclusively. Express editions does not count (since we are going to use Team Explorer add in).
2. Have the ability to write unit test. If you don’t know what unit test is, you are not encouraged to apply.
3. Have the ability to write code that conform with a written coding guidelines. If you don’t know what coding guidelines are, you are not encouraged to apply.
4. Be able to write working code to satisfy application requirements. Do submit proof of your past code.

Specific requirements for Technical Writer:

1. I will use Microsoft Visual Studio 2008 and Microsoft Word 2007 exclusively.
2. Have the ability to understand a code and write documentation for it. If you can’t do either or both, you are not encouraged to apply.
4. Be able to write technical document for public consumption (both techie guys and business users). Do submit proof of your past writings.

I will personally test all applicant which passes the written requirements (unlike some lazy HR guy who just skips through applicants who does not have a famous university degree, for example). Accepted applicants are expected to do 5 hour work week, with payment billable by hours worked. Do submit your expected hourly rate.

Accepted applicants will work on an open source product.

Send your application to me, e-mail address below.

--

Adrian Godong
adrian.godong@gmail.com
Microsoft MVP
https://mvp.support.microsoft.com/profile/adrian

Share this post: | | | |

Filed under: Life of An MVP, Web 3.0

Windows 7 Private Alpha
01 April 08 09:30 AM | adrian | 10 comment(s)

I just got the latest bits of the next Windows this morning. I've been playing with it on a Virtual PC on my trusty 10-core laptop.

Here's a little bit of review of what I have found:

You now have access to truly everywhere computing. Microsoft has finally created a product that's true to my vision of future computing. No longer are you tied to a specific computer to do your entire computing task. With Windows 7, all computing is in the clouds (a.k.a. Internet)! Amazon have jump started this trend with Amazon S3 (storage in the clouds) and Amazon EC2 (computing in the clouds). Now Microsoft pushes these two together to build a truly virtual private desktop to users.

How do they achieve this? Well, the OS is built on top of proprietary communication protocol (I don't think this is part of WCF released earlier with .NET Framework 3.5). All processing and storage is done via the network to Microsoft centralized server farm. Local resources are shared via Hyper-V technology to the farm, so everyone gets maximum available performance, limited only by the network bandwidth.

Installation is a breeze, or should I say, installation is instant. Basically it will install every time you boot your computer. The boot up time itself is very fast, since the OS only needs to initialize audio, video, and network devices. Once all three drivers are up, you will see the now-familiar Windows Vista startup animation. They’re still using it to save resources. If you see this animation, you’ll know that audio and video drivers are loaded and running properly.

Next up is network log in. All the functionality is delivered via network. Processing, storage, even logging in is handled via network. You might think Windows 7 will work like Internet browser and Google applications. Well, Microsoft took one step further. By implementing their proprietary communication protocol, you don’t need a browser anymore. Your OS is your “browser”. In this preview version, the Vista taskbar is still there. But if you click the Start orb, what you will get is the list of application available on the cloud. Any computer you use will always have the same application/settings/layout, since all of them are stored in the Internet.

How about USB accessories? If you recall, Windows Server 2008 and Windows Vista SP1 with the latest Remote Desktop version have the ability to forward a USB device to terminal server. In other words, you can do Remote Desktop from your laptop at work to your home server, plug your Zune, and sync the Zune as if it is plugged to your home server. Windows 7 took this approach, so you can plug your USB device from any computer in the world, and it just works! No driver installation is required (after the first one, of course), since the USB port is forwarded. No one can beat this, even Macs!

For applications, Windows 7 preview have very simple applications available; Notepad, calculator, and FreeCell to show off the system’s capabilities to date.

Notepad is just your standard notepad. And since it is based on the existing code, the “bush hid the fact” Unicode trick is still there. Improvement to it is web-based dictionary, spell check, and grammar. These feature use to be available on Word, but since the Web 2.0 era, several web sites provide the service for free. So why not leverage them and put it to Notepad? Dictionary is from Wiktionary, spell check is from SpellCheck.net, and grammar is from proprietary Microsoft service (based on Word).

Calculator is also your standard calculator. Although now it does provide a Web 2.0 finish, there’s a new option of “post to community”, just like the one in Visual Studio. It’s not working yet right now, but I’m envisioning something like community-based home-work discussion portal that revolves around Calculator.exe. Cool.

FreeCell is now multiplayer-only. Since you will need to go online to access it, why not implement a transparent multiplayer lobby? You will have the same problem set, and compete with others to solve it. You now have three empty cells, and four empty shared cells between other three players.

OK, my laptop configuration is a 10-core processor with 10 GB of RAM. If everything runs on the network, then what would my top-of-the-line hardware will be used for? Well, Microsoft knows this, and they are surely tapping it up. While all the operations are being done on the server, what you don’t know is, they forced you to donate your computing powers for public use. So when you’re playing Starcraft 2, one of your units could’ve been rendered on your rival’s processor! This grid computation is derived from Hyper-V technology, again from Windows Server 2008. Microsoft promises to tweak this technology to improve load balancing with peer to peer communication. Since this is a preview version with very few users, my CPU never hit 10% on idle. Memory usage is even lower than Vista, clocking only 50Mb on idle.

I will also hear IT Administrators complain. If everything is stored on Microsoft servers, then how do they manage data security, policy, etc? Well fear not, Microsoft will launch the server part of Windows 7 to corporate enterprises. This server will enable you to act like Microsoft servers. In fact, during log in, you will be able to choose which server you want to connect. You can optionally sync these servers to achieve the same look and fell between accounts on different servers.

Unfortunately under NDA, no pictures/video/screen shot will be available for public consumption. Can’t wait for the public beta!

Share this post: | | | |

Filed under: Life of An MVP