.NET breaking the LSP

Trying to implement cleaner than before, I noticed that it’s sometimes hard to do, especially if you allow .NET framework classes to be passed as arguments. Within just a few days, I stumbled upon the following base classes that do not respect the Liskov Substitution Principle (LSP):

A Stream in .NET has the CanRead, CanSeek and CanWrite methods. Depending on these properties, the Read(), Write() and Seek() methods may throw a NotSupportedException. If you have designed an API that takes a Stream as parameter, I can certainly break it by passing in a Stream that has no capabilities at all. There is no sort of contract between your API and the Stream that require it to be readable, writeable or seekable. But that’s exactly what LSP wants: a reliable contract.

Collections are similar to Streams, except they do not expose their capabilities, e.g. there’s no CanRemove property that a ReadOnlyCollection could set to false. As a result, the Remove() method throws a NotSupportedException, thus breaking your API’s implementation like the Stream did.

Bitmaps do not look dangerous at first, except that the owner might dispose it at any time. If however, you allow to change the format of the bitmap as used in the Save() method. Because some images formats are read-only and cannot be written. This is not documented on MSDN but in KB 316563. So, if you API accepts an ImageFormat, missing compliance of the .NET framework to the LSP may break your application again.

Free commercial tools for open source development

As an open source developer you may be eligible for special offers. This post lists some of them.

Visual Studio development

For ReSharper, a Visual Studio plugin, you can apply for a 1 year Open Source License. For debugging, watch OzCode‘s offer. CppDepend, an architecture analysis tool, is available to projects that use C/C++ as the programming language. PVS Studio can do static code analysis.

Java development

For Java UI components, JIDE makes an offer. Excelsior JET converts your Java code into an executable. IntelliJ offers a 1 year license. JArchitect helps you keep the architecture right. Gluon, a Java cross platform development framework, happily provides 1-year licenses as well. You can also get Chronon, which monitors your Java performance.

Others / programming language independent

Open source projects may use Atlassian products (you have heard of JIRA) for free.  Xamarin, a mobile platform framework, wants to help open source developers.  If you need a cross platform installer, InstallBuilder might be your choice for the open source project. Doesn’t fit? Maybe Advanced Installer does if you’re on Windows only. Mockups might be created with the free license of Balsamiq. If you’re keen on Python and the Pycharms IDE does not suit you, Wing IDE works on Linux and iOS. Perhaps Aquafold database is also helpful. Like IntelliJ and Resharper, PHPStorm is also available.

What did I say? A background voice recorder

What did I say? is a software that continuously records audio from an input device (e.g. a microphone) and saves it to disk on demand.

Features:

  • continuously record audio from an input device
  • discard audio after a configurable time span
  • keep the recorded audio in memory only
  • run in the background (no window, just a notification icon)
  • write to disk upon request (WAV format)

Possible usages:

  • take notes during brainstorming when someone said something interesting
  • provide evidence in cases of defamation or sexual harassment
  • “pilot recorder” / “black box”

Screenshot

Command line options:

  • -s: Sample rate (44100, 22050 or 11025 Hz)
  • -b: bits per sample (16 or 8 bit)
  • -c: channels (1 = mono, 2 = stereo)
  • -t: recording time in minutes (buffer time)

System requirements:

  • Windows 8 or higher
  • .NET Framework 4.5

Download What did I say 0.1.1.8 Setup.exe.zip (1 MB)

License: MIT, closed source at the moment.

Known issues:

  • when saving to a file and then canceling the save dialog, the recorded audio is lost

Missing features:

  • Hotkey support
  • Support for external triggers (e.g. alarm contact)
  • Integrated playback

Please post bug reports and feature requests to whatdidisay.yyyy-mm-dd@lockerflockig.de where yyyy-mm-dd is the date you send the email (that’s my spam filter).

Huge JSON Viewer

Inspired by a Question on Software Recommendations, I wrote this Viewer for very large JSON files. It can open files of 1.4 GB in size or even larger, as long as you have ~7 times the amount of RAM on your machine.

System requirements: Windows 7 SP1 or higher, .NET 4.5, 64 bit recommended

License: MIT, closed source at the moment

Download: Huge JSON Viewer 0.3.6.10 Setup.exe.zip (14.5 MB)

Bugs: report bugs to jsonviewer.yyyy-mm-hh@lockerflockig.de where yyyy-mm-dd is the current date.

Known issues:

  • This software is in beta
  • The progress bar window can be closed while the JSON file is opened

Screenshot of the version with menu and tabs:Screenshot

Screenshot of an older version with a 1.4 GB file loaded:

hugejsonviewer

Shutdown with warning

Shutdown with warning is a small tool inspired by a Software Recommendations question.

It shuts down your PC at a given wall clock time and displays up to 2 warnings before that time with the option to shut down the PC.

Download Shutdown With Warning

Supported OS: Windows 7 SP1 to Windows 10

Prerequisites: .NET 4.0

License: MIT

Report bugs to: shutdown.yyyy-mm-dd@lockerflockig.de where yyyy-mm-dd is the current date.

Settings

Shutdown warning

Make KeePass more secure: compile KeePass yourself

Heise recently published an article about KeePass not using HTTPS. The article turns out to be a canard, since KeePass cannot update itself. This article reminded me that I have attacked KeePass in 2009 to see how secure it is. Since it offers security features like password encryption, dual channel auto-type obfuscation, secure desktops etc., I thought this is a well-written and totally secure application.

Unfortunately I had to find out that my first two approaches of attacking KeePass worked very well (I don’t want to go into details here and provide full source for script kiddies; if you’re a developer you’ll probably be able to implement the attack based on the modifications I make to KeePass). Therefore I contacted the author, Dominik Reichl. However, he explained that such issues cannot be fixed. A few days later (2009-02-27 according to archive.org), the following text was added on the KeePass website, Security section:

All security features in KeePass protect against generic threats like keyloggers, clipboard monitors, password control monitors, etc. (and against non-runtime attacks on the database, memory dump analyzers, …). However in all the questions above we’re assuming that there’s a spyware program running on the system that’s specialized on attacking KeePass.

In this situation, the best security features will fail. This is law #1 of the 10 Immutable Laws of Security [4][5]: “If a bad guy can persuade you to run his program on your computer, it’s not your computer anymore”.

For example, consider the following very simple spyware specialized for KeePass: an application that waits for KeePass to be started, then hides the started application and imitates KeePass itself. All interactions (like entering a password for decrypting the configuration, etc.) can be simulated. The only way to discover this spyware is to use a program that the spyware doesn’t know about or can’t manipulate (secure desktop); in any case it can’t be KeePass.

If KeePass is not that secure, let’s try to make it a little more secure by yourself. Are you allowed to do so? Well, KeePass is released under GPL2 so you can modify it. You even don’t need to publish the modified source code as long as you don’t distribute your version and keep it for yourself. Only with publishing you need to publish under the same license. The relevant paragraph is

6. Each time you redistribute the Program (or any work based on the Program), the recipient automatically receives a license from the original licensor to copy, distribute or modify the Program subject to these terms and conditions. […]

Step 1: Compiling KeePass

  1. Download and install Visual Studio 2015 Community Edition if you don’t have VS 2015 already
  2. In the Download section, scroll to the bottom and download the source code for KeePass 2
  3. Unblock the ZIP file in the file properties (otherwise you might get strange security questions)
  4. Unzip the ZIP file
  5. Ideally, add all the source code to a version control system (SVN) just to be able to make changes without breaking anything
  6. Open the solution file KeePass.sln, which is a VS 2008 project, in VS 2015
  7. Confirm the one-way upgrade warning
  8. Try to build the solution. You’ll get some errors regarding PFX files which are used for the digital signature.
  9. Open the properties of all projects. Choose “Signing” and remove the checkmarks for the PFX file. I’ll assume that you don’t have an own PFX. If you do have an own PFX file, you’re probably familiar on how to use it.
  10. Try to build the solution. For me, it still failed due to “sgen.exe” not working well. Open the KeePass properties, go to “Build Events” and remove the post build step. This also has to do with the digital signature
  11. Try to build. This time it should work.
  12. Set “KeePass” as the startup project.
  13. Commit your work to SVN (if you have)

Step 2: Make it a bit more secure

For a specialized attack on KeePass, the attacker needs to find out that KeePass is KeePass. The attacker might look at the executable name, so let’s change it.

  1. Open the KeePass project properties
  2. Change “Assembly Name” to something you want, e.g. “PwManager”

So the executable name is better now. An attacker may still identify it as KeePass from the title etc., so let’s change that as well.

  1. Open KeePassLib\PwDefs.cs
  2. Change all “KeePass” to something else as well, e.g. “PwManager”
  3. As you’re there, change all URLs to “about:blank” if you like

Our modified KeePass version still uses the KDBX file extension, so an attacker may notice that and gather interest.

  1. Open KeePass/App/AppDefs.cs
  2. Find a class called FileExtension
  3. Change the extension from kdbx to something else, e.g. pwmg
  4. Change the “ExtId” from “kdbxfile” to “pwmgfile”. This would probably affect the Registry in case you want to register the file extension. Personally I recommend running it portable and not registering the file extension.
  5. Below those definitions, you’ll find some more items with “KeePass” in the name. Change it as well.
  6. Compile it and run it
  7. Commit your work to SVN

Step 3: recognize a potential replacement

Whatever efforts we take, an attacker may use other techniques to identify our application as a KeePass clone and replace it with a copy to fool us. Let’s mitigate that by changing the color of the password form. A replacement may not be able to imitate this, so you’ll notice the replacement, because it has the default KeePass color and not your color.

  1. From the KeePass project, open Forms/KeyPromptForm in designer mode
  2. Change the background color, e.g. to blue
  3. Compile it and run it
  4. Create a demo database and check the password dialog. It should have your color now
  5. Commit your work to SVN

If you followed this tutorial, you should now have a version of KeePass that it a little bit safer and looks similar to this:

KeePass password entry form

Sure, it still does not cover all attack vectors but at least the following:

  • Stealing *.KDBX files: your password file will not be found since it has a new extension now
  • Replacement of KeePass by a malicious clone via the Image File Execution Options Debugger Registry key (since this would require the executable to be named KeePass.exe)
  • Replacement of KeePass by a malicious clone in any other way, since you’ll likely detect the replacement due to the wrong color

What else could you consider? Based on my attacks I would do the following two things next:

  • Add a part of the password to the password via code. This will prevent someone from recording your complete password with a generic keylogger. So even he has your “KDBX” file and a recorded password, he’ll still need your program to get the second half of the password.
  • Detect if KeePass loses the focus and regains the focus very quickly. A user will need ~100 ms or longer to switch between applications. If the time is shorter, it’s likely that an attacker opened an invisible window and returned the focus to KeePass. Using Auto-Type will type into the attacker’s invisible window. The attacker may choose to forward the input to the original destination window so you won’t notice that it got lost.
  • Display the title of the window that KeePass is going to send the password to.
  • Display a list of DLLs loaded into the process. That way you might detect keyboard hooks etc. To shorten the list you could exclude DLLs signed by Microsoft, exclude known DLLs etc.

I have not yet described these modifications in detail.

TaskJuggler Installer for Windows

Developing software often needs some project management and planning. Unfortunately I regularly break Microsoft Project schedules in a way that leveling the resources does not work any more.

I have tried alternatives like GanttProject and ProjectLibre, but they all don’t fit my needs. Then I saw a recommendation for TaskJuggler. Unfortunately, TaskJuggler is not very convenient to install, especially behind a company firewall which prevents downloading missing Ruby gems.

After much pain, I figured out that I need to download and install the following in this order:

  1. Ruby
  2. RubyGems
  3. Tins gem
  4. Term-ansicolor gem
  5. Mime-types gem
  6. Mail gem
  7. TaskJuggler gem

Luckily, RubyInstaller covers steps 1 and 2.

After installation, I found that I need even more adjustments for convenience:

  1. Icon to better recognize the TaskJuggler .TJP files
  2. A file association for editing the .TJP file in Notepad++ (or at least Notepad)
  3. A context menu entry to “compile” the project to avoid the long Ruby command line “C:\Ruby22\bin\ruby.exe” “c:\Ruby22\bin\tj3” “myproject.tjp”. In addition, stop in case of errors.
  4. Syntax highlighting in Notepad++ to detect mistakes while typing
  5. A template for the New entry in the context menu (because starting with a totally empty file is hard)
  6. Support for Windows Explorer’s preview pane

Those convenience features need a lot of Windows Registry tweaking and are thus error-prone.

Nevertheless, once installed, TaskJuggler is a really great product. To lower the hurdle of using it, I have created the TaskJuggler Windows Installer which performs above steps.

Download

TaskJuggler 3.5.0 Installer 0.7 32 Bit (20.0 MB)

TaskJuggler 3.5.0 Installer 0.7 64 Bit (20.6 MB)

Be aware that this is a version which has not been tested much.

Reporting bugs

Report bugs to taskjuggler.yyyy-mm-dd@lockerflockig,de (where yyyy-mm-dd is the current date).

Visual Studio File Size Extension

I posted a Code Puzzle on StackExchange. When solving it myself in C#, I found out that it is hard to tell whether the latest refactoring made the file smaller or larger. Therefore I asked for a Visual Studio file size extension on Software Recommendations. Unfortunately, nobody answered, so I checked whether I could implement it myself.

Here it is, a small extension with no features except displaying the number of printable characters in the text buffer of the editor, measured correctly using StringInfo.LengthInTextElements().

License

The MIT License (see opensource.org)

Download

Code Golf File Size Visual Studio Extension 1.0.0.1 (11 kB)

The VSIX file is digitally signed for “Thomas Weller”. If not, please contact me.

Screenshot of Visual Studio File Size Extension installation

Screenshot of Visual Studio File Size Extension installation

File size extension in action

File size extension in action

Known bugs

Starting from 1.000.000 characters, the character count starts hiding under the editor’s scroll bar.

WinMerge plugin to compare SilkTest files

I recently started doing test automation with Borland SilkTest Classic. Unfortunately, the collapse/expand state is stored directly in source code, which can result in many differences when comparing sources in WinMerge.

To mitigate this issue, I have implemented a PreDiffer plugin for WinMerge. It simply ignores the leading boxes when comparing the source, see the following screenshot (without plugin and with plugin).

The plugin is configured to be suggested on test files (.t) and include files (.inc).

Download IgnoreCollapseBoxes 1.0.0.0 (4 kB)

License: Freeware. You’re free to use this plugin also in commercial environments.

The plugin was developed in Visual Basic 6. If you find bugs, please contact me at winmerge-plugin.<yyyy-mm-dd>@lockerflockig.de, where <yyyy-mm-dd> is replaced with the current date (to bypass the spam filter).

SNMP password guess list

Did you ever want to hack a factory or plant? Hirschmann HiVision uses the following SNMP password guess list to log in:

Username  Password
 -        manager
 -        operator
 -        admin
 -        user
 -        private
 -        public
 admin    Emerson1
 admin    abbadmin
 admin    admin
 admin    private
 manager  manager
 operator operator
 user     Emerson1
 user     abbuser
 user     user
 user     public