Brandon Live!

The best story I’ve heard this week by far was told today over lunch.  Apparently, a co-worker of mine named George listens to the Rush Limbaugh show in his car, and yesterday heard him discussing Barak Obama’s comments about similarities between the recent housing crisis and the lead-up to the Great Depression (link goes to transcript).  I imagine the comments were referring to the obvious similarities between those who obtained ridiculous sub-prime loans and those in the 1920s who bought stock they couldn’t afford on margin.  However, Limbaugh decided that Obama’s comments were the result of a crazy “liberal education” - and even remarks how “lucky” he is that he didn’t graduate from college, thus allowing him to escape the perils of actual knowledge.

To prove his point, Rush says he did some Google searches for “Great Depression” and then proceeds to attack each of the results as liberal propaganda.  Because we all know that college professors teach straight off of Google results pages.  So my friend is listening and hears something rather striking… the name of one of our mutual colleagues - Paul Alexander Gusmorino (”The Third!” - I love the way Limbaugh says that).  

Limbaugh found among the top results an essay written by Paul, entitled “The Main Causes of the Great Depression,” (link goes to essay).  He quotes Paul’s essay and refutes each of its claims, dissecting them as if they were part of a Harvard professor’s lecture on the subject.  He doesn’t pull any punches either.  “Mr. Gusmorino, you better check Karl Marx and see if you plagiarized him in putting this piece together.”

Ouch.  Those words would be harsh if they really were for a Harvard lecturer.  But that’s not who wrote this essay.  It was my friend who works as a Program Manager at Microsoft.

When he was in 10th grade.

The key to getting Explorer to do your dirty work lies in the IShellDispatch2 interface.  Particular, the ShellExecute method. 

IShellDispatch2 is one of the shell automation objects used to support scripting languages.  However, that doesn’t mean you have to use VBScript to gain some value from it.  In this case, IShellDispatch2::ShellExecute is exactly what we want, because it wraps the normal ShellExecute call but runs it from the context of the object implementing the interface - in this case, we want the IShellDispatch2 associated with the desktop shell.

Knowing this is only half the battle, though.  The next trick is to figure out just how to get to the right IShellDispatch2 object (the one for the desktop shell instance of Explorer.exe).

Fortunately, one of our architects, Chris Guzak (seen on C9 here), was able to point me in the right direction and connect up all the dots.

Our hunt begins with the IShellWindows interface, which can be used not only to reliably find the HWND for the desktop shell window, but also to get an IDispatch interface for it:

IShellWindows *psw;
    HRESULT hr = CoCreateInstance(CLSID_ShellWindows, NULL, CLSCTX_LOCAL_SERVER, IID_PPV_ARGS(&psw));
    if (SUCCEEDED(hr))
    {
        HWND hwnd;
        IDispatch* pdisp;
        VARIANT vEmpty = {}; // VT_EMPTY
        if (S_OK == psw->FindWindowSW(&vEmpty, &vEmpty, SWC_DESKTOP, (long*)&hwnd, SWFO_NEEDDISPATCH, &pdisp))
        {

Next, we need the IShellBrowser interface, and we get that by querying for IServiceProvider and asking the SID_STopLevelBrowser service for an IShellBrowser interface.  And from there we can get the IShellView.

IShellBrowser *psb;

hr = IUnknown_QueryService(pdisp, SID_STopLevelBrowser, IID_PPV_ARGS(&psb));
if (SUCCEEDED(hr))
{
    IShellView *psv;
    hr = psb->QueryActiveShellView(&psv);

From there we need to get to that IShellDispatch2 interface that started this whole adventure. 

IDispatch *pdispBackground;
HRESULT hr = psv->GetItemObject(SVGIO_BACKGROUND, IID_PPV_ARGS(&pdispBackground));
if (SUCCEEDED(hr))
{
    IShellFolderViewDual *psfvd;
    hr = pdispBackground->QueryInterface(IID_PPV_ARGS(&psfvd));
    if (SUCCEEDED(hr))
    {
        IDispatch *pdisp;
        hr = psfvd->get_Application(&pdisp);
        if (SUCCEEDED(hr))
        {
             IShellDispatch2 *psd;
             hr = pdisp->QueryInterface(IID_PPV_ARGS(&psd));

At this point you should be able to figure out where to go from here.

If that’s not easy enough, watch out for Part 3 of this series in the next day or two.  It will contain a sample and describe how the Start++ installer makes use of it.

Some people seem to think that calling ShellExecute or ShellExecuteEx and passing the path to an executable will have the effect of telling the shell to launch an application for you.  However, that’s not quite what happens.  These functions simply allow your application to take an action (like launching a process) in the manner the shell typically would (for instance, recreating the behavior of using the Run box).

What’s the difference?  Well, child processes inherit several things from their parents.  They inherit processor affinity, for example.  Most important these days, it seems, is the fact that processes inherit Integrity Level from the process that started them.  That is, except in the case of elevation from medium to high IL (the operation that causes the UAC dialog to appear).

So let’s say you write an installer, and you want to run the application installed at the end of the installation process.  Or heck, maybe you just want to call the application once with a special “/setup” parameter that tells it to do something you couldn’t do from your chosen setup utility.

Where do problems begin?  Well, installers typically run with admin rights.  When your installer launches your application as a convenience to the user, it’s now running with admin rights.  The primary concern here isn’t even the security implications of running at high IL.  After all, the next time your program starts it will run at its normal privilege level.

The problem is that your program is now running in a manner you may not have accounted for when writing it.  For example, users won’t be able to drag-and-drop anything to your application from normal processes.  If your program interacts with other non-admin processes, you may face other problems.  My own Start++ application faced this problem, as it needs to inject a small amount of code into Explorer.exe and then communicate with that code to coordinate its magic.  It can’t do this when running as an admin.

The recent 0.8.x release of Start++ solved this issue, and Start++ now runs immediately after install, in the proper non-admin context.  This is accomplished by having Explorer launch the application on the installer’s behalf. 

Others have addressed this problem in the past.  However, the proposed solutions always seem to take one of these forms:

1. Write an invoker process that runs with non-admin privileges, starts the elevated installer, and then runs your app at the end.
2. Use the task scheduler to launch the app.
3. Inject some code into Explorer and launch from there.

I don’t like #1 because it’s cumbersome and limits how you can name your installer.

#2 also seems cumbersome to me, and is a bit hacky.

#3 is totally hacky, and not something I trust people to do without accidentally destabilizing Explorer (there’s a reason the code Start++ injects into Explorer is incredibly tiny and very carefully crafted).  It can also introduce complications when dealing with multiple target platforms (x86 versus x64).  For example, the CodeProject sample linked to above doesn’t even restrict its WH_CALLWNDPROCRET hook to the thread that it’s targetting.  That means this hook code is immediately going to be loaded by every process on the desktop with a window.  Yuck.

Fortunately, there is a better way.

In Part 2, I describe a better way to get Explorer to run code for you, without having to inject anything into Explorer or use cumbersome workarounds like those described above.

I posted this on BrandonTools.com yesterday, and figured I may as well copy it here.

It’s been a long time since I’ve released an update to Start++.  Since then I’ve been working sporadically on a major overhaul to Start++, which will likely be released as version 2.0.  However, due to time constraints imposed by my real job, and the fact that I have lots of ideas and no PMs to tell me which ones are actually worth implementing - it will likely take a while longer for that to see the light of day.

So in the meantime, I decided to backport several of the fixes I have made in the 2.0 branch.  This does not address all of the known issues with the last update, but I think it provides several worthwhile enhancements.  These include:

• Better responsiveness to queries for Start Gadgets
• Fewer intermediate Gadget updates while you’re typing, no longer a chance of “lost characters”
• Better keyboard and mouse interaction with Start Gadgets
• Fixed the default Dictionary gadget to have an OnSubmit handler as it was meant to
• Fixed the calculator gadget (and problems with any gadgets that use OnSubmit but have SubmitNewWindow set to false)
• Small UI clean-up for gadget rendering
• Fixed tab ordering for most of the configuration UI
• Fixed focus of UAC prompts when using commands like “sudo” from the start menu if the Secure Desktop switch is disabled

That last one is tricky, but this fix seems to work well.  Unfortunately, I discovered today that it only works if the Secure Desktop switch is disabled (as you might guess, that’s how I run most of my systems).  This is unfortunate, but hopefully something I can fix in a future update.

Also, the installer is back to its leaner size of 1.2MB or so.  This coincides with a change to ensure the hook installation issue from the past never returns.  The installer no longer includes the merge modules for the 32-bit and 640bit C++ runtimes as the hook DLL now statically links the CRT.

As always, your feedback is appreciated.

More info and download link here.

Gary Morgenthaler of Business Week is the latest in a series of tech journalists to really disappoint me.  Why?  Just look at his latest rubbish posted on Business Week’s website today.

Consider the following paragraph and tell me that bias and sensationalism haven’t taken over tech “journalism.”

With last year’s arrival of Vista, Windows has swollen to 1 billion bytes (a gigabyte) or more of software code. The “Mach” kernel of the Mac OS X, however, requires less than 1 million bytes (a megabyte) of data in its smallest configuration, expanding modestly with the sophistication of the application.

So the iPhone kernel is smaller than all of Vista and its included applications.  Sound the alarm, get the president on the line, this is huge news.

What Gary forgets is that the CPU of my Dell workstation is hundreds if not thousands of times smaller than an entire Mac Pro.  I think, advantage Dell.

Of course I’m joking, these comparisons are absurd.  Yet in the very next sentence Gary piles on the bull crap.

This bloating has saddled Vista users with increased costs and poor performance on average computers.

If you look at Apple’s own website, they state that Leopard requires 9GB of available disk space to install.  Not surprisingly, this is almost exactly the same amount of space required for Windows Vista.  But how can that be?  Windows is bloated!  OS X is not!  We know these things, and working backward from this knowledge we can’t possibly come to the conclusion that they’re both just about the same size.  So why bother with the facts at all when you can work backward from what you want to be true?

The facts, in fact, are even worse for Gary’s argument than you might think.  You see, while Leopard and Vista require about the same amount of disk space to install to, one of them does have a far larger kernel image than the other.

The more portly of which is by far OS X.  I just rebooted my Macbook into Leopard to see just how large the kernel was.  The Mach kernel alone, which is only part of the OS X kernel, is 10MB in size.

So how big is the 64-bit Vista kernel on my desktop machine?  4.5MB

But this is hardly a fair comparison.  After all, that’s the size of a 64-bit Windows kernel.  We can’t reasonably compare it to a 32-bit Mac OS kernel (there is no 64-bit Mac OS kernel at the time of this writing).  So what about the 32-bit Vista one?  That weighs in at a massive 3.4MB.

Alright, the sensationalist “journalists” have won me over.  Come on NT guys, 3.4MB?  In 2008?  What’s with all the bloat?

I’m pleased to announce that the second tool to join the BrandonTools.com collection is now available!  It’s a new Sidebar Gadget for those who want to see what the indexer is up to and to easily control its behavior.

Click here for details.

Note that the screenshot depicts the gadget running on WS4.  The "index now" button is not available on versions prior to Windows Search 4.

Today I saw, for the first time, a software release where an update had to be released to address 32-bit compatibility issues, as the initial release was apparently only tested on 64-bit machines.

Neat. 

Not really, but this was my attempt at an April Fool’s joke this year.  I don’t usually participate in these, but I guess there’s a first time for everything.

REDMOND, Wash. — April. 1, 2008

Today Microsoft Corp. announced the official name of its next-generation Windows® client operating system, formerly code-named “Windows 7.”

Steven Sinofsky, head of Windows engineering, made the announcement at a special event in Los Angeles, California early this morning.  “We really think it’s important to go out there with a brand that users already know and love,” Sinofsky said at the announcement event.  “With all the talk of iPhones and iWorks and iLifes, I think it’s great that we’re bringing the focus back to Me.”

While some in the audience questioned the association of the new brand with an older Windows release, Sinofsky put their fears to rest.  “Windows Me was the most people-centric and consumer-friendly brand of Windows we’ve ever done.  While it may not have ever been our best selling operating system, I think it holds a special place in all our hearts.  We’re going to leverage that.”

With the recent completion of Windows Vista Service Pack 1, Sinofsky says that the Windows engineering team is ramping up development of the next-generation operating system, now called Windows Me Decade Edition.  “We think it’s important that people know we’re not designing this thing for the 21st century.  We’re designing it for the 202nd decade.”

Windows Me Decade Edition Beta

The timeline for releasing Beta 1, targeted at developers and IT professionals, will be announced in the coming months.

Video

Microsoft employee Waggener Edstrom tries out an early build of Windows Millennium Decade Edition, the next-generation operating system.  Los Angeles, California, April 1, 2008.

Watch the “Windows 7″ announcement video.

About Microsoft

Founded in 1975, Microsoft (Nasdaq “MSFT”) is the worldwide leader in software, services and solutions that are hilariously named to help people and businesses realize their full potential.

Note to editors: If you are interested in viewing additional information on Microsoft, please visit the Microsoft Web page at http://www.microsoft.com/presspass on Microsoft’s corporate information pages. Web links, telephone numbers and titles were correct at time of publication, but may since have changed. For additional assistance, journalists and analysts may contact Microsoft’s Rapid Response Team or other appropriate contacts listed at http://www.microsoft.com/presspass/contactpr.mspx.

In this morning’s article, Windows: A Monopoly Shakes, Joe Wilcox paints a grim picture for Windows.  Apparently, about 90% of surveyed enterprises adopted Windows XP in 2007, and about 6.3% adopted Vista, mainly taking away from Windows 2000 adoptions.  I don’t know about yours, but my boots are shaking.

Is anybody really surprised?  Enterprise IT isn’t exactly a new thing, and this isn’t the first time Windows has shipped.  These guys refresh their PCs in cycles.  Lots of all-Windows 2000 shops who never started rolling over to XP are now beginning their early rounds of rolling out Vista boxes.  They’re in more of a hurry, since Windows 2000 is pretty ancient.  So much so that it originates from a time when we appended “2000″ after product names and thought it sounded cool and futuristic.

The Windows XP guys sticking with it through 2007 doesn’t shock me.  Most of the XP-based enterprises I’m familiar with are in the pilot stages for moving to Vista.  Lots of them have been working closely with Microsoft to make sure that updates like SP1 and Windows Search 4.0 address their deployment issues.  This is just how it goes.

Some number will even decide to “skip” Vista.  I’m sure it’s not a prospect Microsoft likes to acknowledge, but just look at how many companies held onto Windows 2000.  Throughout the entire (long) lifetime of XP!

Joe says that Windows adoption on the whole declined 3.7 percent over the course of the year (98.6% in January to 94.9% in December).  I have no idea what that means.  Is there some comparison to the year before that might put those numbers in context?  Or are we saying that all months of the year are equal?  Did anyone consider that the impending release of Vista SP1 might have led some Windows-based companies to hold off purchasing for a few months?

I don’t mean to belittle the apparent gains made by the Apple and Linux camps in the last three months of 2007.  I just think it’s silly to make a big deal about three months of “decline” for Windows in light of those other factors.  Joe says that “Vista is in real trouble.”

And yet it looks like last year more companies bought Vista machines than Macs and Linux PCs combined.  I’d say that’s pretty darn good for an OS that was released at the beginning of the year.

Well, that’s my take anyway.

Following up on the Windows Search 4.0 Preview release, I will be writing several posts about some of the new features and changes enabled by this release.  One such feature, and this first one I will dive into here, is the capability to remotely search the index of another Windows PC.

This features isn’t entirely new.  Windows Vista shipped nearly a year and a half ago with the ability to query the index of another Vista machine when searching file shares.  The same capability extends to and from Windows Server 2008.

Windows Search 4.0 brings this capability to Windows XP machines, as well as Server 2003 - and perhaps more importantly, Windows Home Server.

So how does it work?  First let’s take a look at how the user sees it.  Let’s say I have a folder on Machine A called “Cool Stuff” that I want to share out.  One simple way to do that is to browse to the folder in Explorer, select it, and click “Share.”

You’ll then get a friendly dialog that asks you who you’d like to share with.

“Everyone” is a simple answer for information you want to be accessible to everyone.  Select it from the drop-down and click “Add” to add Everyone to the list of people the folder is shared with.

What else do I have to do on Machine A?  Nothing!  Windows Search 4.0 will automatically index any folders you share out, on both XP and Vista.

On Machine B, you simply navigate to the share as you normally would.  That could mean typing a UNC like \\MachineA\Cool Stuff\ or it could mean using a mapped drive, redirected User folders, the Network browser, etc.  Once there, just type a query in the Search box (or on XP, click the “Search” button to bring up the Search Pane) and you’re off!

Unfortunately I don’t have any XP machines to get a screenshot from, but I’ll try to add one soon.