I was reading through slashdot.org, and I found a post that asks members of the slashdot community how they “reverse engineer” large software. Numerous replies did not agree with the original poster’s use of the term, “reverse engineering.” Many people held the incorrect notion that reverse engineering is an illegal or unethical practice. I have always believed that “reverse engineering” is the best phrase that describes the practice of taking a given solution and discovering the design decisions that influenced the given solution’s implementation to better understand the solution’s structure. There is a negative perception on reverse engineering, because it has been popularized as the central activity in certain kinds of software theft: algorithm theft and software piracy. Among the uninformative posts, I was able to find a response that had a better understanding of what is reverse engineering and provided reading material that may interest software engineers who join a major software project after a significant portion of the project has been implemented.
Developers are sometimes asked to support older software systems that utilize obsolete technologies. This may be difficult when the development tools used to implement the older software system are not available and have been replaced by newer tools that do not seem to support the former tools’ technologies. Faced with the need to replace a COM component that is used by VBScript in an ASP application, a developer may need to create the replacement using Visual Studio .NET. This guide is motivated at helping developers create COM components using Visual Studio.NET and C#.
Creating the COM Object
- Launch Microsoft Visual Studio .NET and create a new Visual C# Project with the Empty Project template. In our example we will create the project and name it “COMTest.” Save the project.
- Open a console window and navigate to the project’s folder.
- Create a key pair that will be used to sign the .NET assembly with a strong name. At the command prompt, enter:
sn -k key.snk
- Under Project->COMTest Properties, set the Output Type to Class Library. Output Type is found within General, which is found under Common Properties.
- Add a class called “COMObject” to the COMTest project, which will create COMObject.cs.
-
Add an assembly attribute to COMObject.cs.
[assembly:System.Reflection.AssemblyKeyFileAttribute( @"..\..\key.snk" )]
- Generate a globally unique identifier for use with COMObject.
- Start guidgen.exe (this should be easily done when opening a console window and entering “guidgen” at the command prompt).
- Select the Registry Format option in the guidgen utility, generate a new guid, and copy the GUID.
- Use System.Runtime.InteropServices.GuidAttribute to generate an attribute for class COMObject. Pass the GUID as a string to GUIDAttribute, but remove the curly braces that surround the GUID that was copied onto the clipboard.
- Create a public member function for COMObject that is named “COMObjectFunction” with the following code:
public string COMObjectFunction()
{
return "Hello, COM!";
}
- Build the solution.
- Register the Assembly. While in the directory that contains COMTest.dll, enter the following at the command prompt:
regasm COMTest.dll /tlb:COMTest.tlb /codebase COMTest
- The assembly is now accessible using COM.
Testing the COM Object
Test procedures for the COM object that was created above:
- Create a file called “test.vbs.”
- Place the following into test.vbs:
dim o
set o = createobject( "COMTest.COMObject" )
Wscript.Echo o.COMObjectFunction
-
Execute test.vbs.
Running test.vbs should cause a MessageBox, which contains the string that was returned by COMObject’s COMObjectFunction, to be displayed.
To be truly a COM component, the developer may need to utilize the DispId and other attributes for the member functions and properties. This mini-howto was written to meet the immediate need of replacing a COM component used by VBScript ASP applications. The components created through this mini-howto may not work in environments that do not have the .NET framework installed, or they may not work with applications that use the IUnknown and IDispatch methods.
According to this article, Google and NASA are teaming up. Google is becoming less focused on Internet search and broadening its reach around information management.
The article quotes Google’s Eric Schmidt, “Google and NASA share a common desire, to bring a universe of information to people around the world.” Google has collected a good number of highly respected researchers. I’m sure that there are people at both companies that respect the researchers of the other. Perhaps, there is a lot of employee movement between Google and NASA. I can easily recall Peter Norvig, who was part of NASA and is now working for Google. I would seriously consider employment from either of these two companies.
Probably the most frequently asked interview question that I have received is one that explores the difference between C++ classes and structs. Such a question was asked by a Northrop Grumman recruiter during a career fair at UC Irvine. I was also asked this sort of question during an on-site interview at Heavy Iron Studios. Recently, it has been asked during a phone interview with Amazon.com.
My answer typically states that members of a class are private by default, whereas members of a struct are public by default. Inheritance between classes is also private by default, and inheritance between structs is public by default. The interviewer was usually satisfied with this answer, which Dr. Raymond Klefstad fed to my first computer science class. Lately, I was interested in the nontrivial cases that bring me uncertainty: a struct inheriting from a class and a class inheriting from a struct.
Code to test the behavior for these cases is presented below:
class A
{
public:
int a;
};
struct B : A { };
struct C
{
int c;
}
class D : C { };
int main()
{
B b;
D d;
b.a = 1;
d.c = 2;
}
Although a recent version of the GNU project C++ compiler treats the assignment of 2 into d.c in the above example as a compile-time error, a programmer who is more interested in standards compliance should refer to the C++ standard. After all, compilers do not determine standard behavior; standards prescribe standard behavior for compilers. The GNU project C++ compiler is consistent with 11.2.2 of ISO/IEC 14882-2003, which states that the kind of inheritance is determined by the derived class being declared as a class or struct when an access specificer for the base class is absent. The standard also clarifies the second part of the answer to the above interview question.
I received an account statement for my Chase Platinum Visa credit card today and was shocked to discover new charges. It is surprising, because this credit card has never been used for purchases. There was one balance transfer that was done at the opening of the account to take advantage of a 0% APR for a year promotion. Since the opening of the account in September 2004, I have only made payments with a consistent value. During this statement period, fraudulent purchases were made at various online retailers. My statement had charges that totaled approximately 800USD, and after I contacted Chase Visa, I learned that there were additional charges made since the statement was printed that totaled an additional 2000USD.
This is the second time that I have been a victim of credit card fraud in the last two years. The other credit card that was compromised was a Fleet Platinum Visa card. I also opened that account with a balance transfer (this is actually the same balance that I transferred to Chase), but the credit card was compromised before I even received the physical credit card through the mail. Basically, two balance transfers were done on my credit card, one that was actually mine and another to credit an unknown person’s account.
There was an instance where Discover credit card actively contacted me to verify purchases that I made at a city that was approximately 35 miles from my home. Those purchases totaled less than 100USD, but Discover became concerned because I used my Discover credit card at several places in a city that I previously had not frequented. Obviously, the Discover representative did not give me special attention nor continually watched my account throughout the month. The representative was most likely alerted by a software application.
Apparently all the computational power that Chase possesses could not detect the drastic change in spending behavior that credit card companies are known to track. I had a purchase history with Chase: I have never made a purchase on their card. Yet, their systems did not alert a representative when the credit card balance exceeded my credit limit and expensive purchases were made at an alarming rate within a very short time interval. The change in purchasing behavior is so obvious, I would expect even a piece of poorly written security software to have detected it. I can only hope that Chase’s resolution is more timely than that of Fleet.