Release of WinDbg Preview for Windows 10

Microsoft have decided to release a new version of WinDbg with a new UI. The UI has been designed to provide WinDbg with a more contemporary appearance, and more importantly, provide easier access to some of the important features of WinDbg such as the Registers window and the Command output window.

WinDbg Preview – Dark Theme

I’ve only started to use the preview version of WinDbg today, however, I have noted that once a dump file has been loaded into the debugger, the last line of the call stack is also printed. In addition to this, you’re also now able to switch between a light and dark themed Windbg, which is a feature that I quite enjoy using, especially if you’re potentially using WinDbg for long periods of time.

The underlying engine is the exact same at the moment, and therefore all the usual extensions and commands will work with this version of WinDbg. Although, I feel that debugger is rather sluggish against its current counterpart, despite the fact, that Microsoft have stated it has been designed to be smoother!

For more details, please visit the following blog post on Debugging Tools for Windows, which also provides the download link for the debugger. Please note that Microsoft have made no intentions yet to release the preview version for other operating system builds such as Windows 7. Although, I suspect that further alterations will be made to this version of WinDbg in the future, which will hopefully allow backwards compatibility with earlier operating systems.

 

 

 

Advertisements
Posted in Debugging, WinDbg | Leave a comment

Some Notes on the Goldbach Conjecture

The Goldbach Conjecture is a very simple conjecture to understand providing you have some basic knowledge about primes. It is one of those conjectures which is very easy to comprehend, but fiendishly difficult to solve. It was first conceived during a letter written by Goldbach to Euler in 1742. There is currently a strong and weak version of the Goldbach Conjecture, with the weak conjecture actually being the original conjecture.

goldbach_conjectures

xkcd: Goldbach Conjectures

The original conjecture asks to prove that all positive integers greater than 2 are equivalent to the sum of three primes, the only problem with the original conjecture, is that Goldbach considered the unit “1” to be prime, which has now been dismissed in Mathematics. However, the conjecture has been restated by Euler to the following modern equivalent, which is known as the strong Goldbach Conjecture (sometimes referred to as the binary Goldbach Conjecture):

Strong Goldbach Conjecture: Every positive even integer greater than or equal to 4, can be expressed as the sum of two primes.

The conjecture can also be expressed using the totient function:

\phi (p) + \phi (q) = 2m,

where m is a positive integer and p and q are both prime numbers. The totient function can be defined as the following (p is prime):

\phi(p) = p - 1

The weaker version of the Goldbach conjecture asks a slightly different question, and is as follows:

Weak Goldbach Conjecture: Every odd integer greater than or equal to 9, can be expressed as the sum of three odd primes.

Similarly, Levy’s Conjecture claims that all odd integers greater than or equal to 7, can be expressed the sum of prime and twice a prime.

p + 2q = n, where n is a positive integer greater than or equal to 7, and p and q are both primes.

Goldbach Number:

Goldbach numbers are any positive even integers which are the sum of two odd primes.

Goldbach Partition:

The Goldbach Partition is the number of ways in which a positive even integer n, can be written as the sum of two primes. The function which produces these partitions is called the Goldbach Partition function G(n). It is defined in the following manner:

G(n) = #{(p, q) | n = p + q, p \le q}

 Methods for proving the Goldbach Conjecture:

The two most common methods which have been used for solving the Goldbach Conjecture involve the Hardy-Littlewood Method along with a number of different sieving methods which have been used to produce greater asymptotic bounds on the distribution of which natural numbers can be written as Goldbach Partitions.

References:

Goldbach Conjecture – Wolfram MathWorld

Goldbach Partition – Wolfram MathWorld

Goldbach Number – Wolfram MathWorld

On Partitions of Goldbach’s Conjecture (Woon)

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

Posted in Uncategorized | 1 Comment

Project Euler: Problem 29

Problem 29 is actually a very easy problem to solve, but I will not provide the direct code, however, instead will provide the answer to the problem along with some insight into how to solve the problem using Java or a similar programming language.

The solution for the problem is 9183.

There are three key constructs which you will need to include in your code, and these are:

  • Nested For-loop
  • Power function
  • A collection to hold the sequence of numbers generated from the power function.

If you use the above programming constructs within your problem, then you’ll the solution to the problem almost instantly. A important point to remember is to consider the size of the numbers which will be generated, and which data types will be able to hold such large numbers (integers won’t work!).

 

 

 

Posted in Uncategorized | Leave a comment

Understanding Atom Tables

Atom Tables have been a structure on Windows which I wanted to investigate for a while, but only have managed to find the time to write about now.

Atom Tables enable strings to be encoded by with a 16-bit integer (an atom) which can then be shared among different processes. The encoded strings stored within the table are then referred to as atom names. There is two forms of Atom Table: Global Atom Table defined for all processes on the system and Local Atom Table which is defined privately for process which created the table.

Following from this, there are two types of Atom; String Atoms and Integer Atoms. The type which I had mentioned in the first paragraph refers to String Atoms.

For a String Atom, a string is passed to GlobalAddAtom or AddAtom, either function then returns a 16-bit integer which can be used to access the string stored within the atom table. We can use the GlobalFindAtom or FindAtom functions to do so.

Properties of String Atoms:

  • The values returned are within the range of 0xC000 to 0xFFFF.
  • The string can be no longer than 255 bytes in size.
  • The reference count associated with each atom name, is incremented when the string is added to the table, and decremented when a string is removed from the table. The atom is only removed from the atom table when the atom name reference count has decremented to 0.

Properties of Integer Atoms:

  • The values given are within the range of 0x0001 to 0xBFFF.
  • There is no reference count or storage limitations associated.

The Atom Table has the following structure:

0: kd> dt _RTL_ATOM_TABLE
nt!_RTL_ATOM_TABLE
+0x000 Signature : Uint4B
+0x004 ReferenceCount : Int4B
+0x008 PushLock : _EX_PUSH_LOCK
+0x010 ExHandleTable : Ptr64 _HANDLE_TABLE
+0x018 Flags : Uint4B
+0x01c NumberOfBuckets : Uint4B
+0x020 Buckets : [1] Ptr64 _RTL_ATOM_TABLE_ENTRY

Each entry within the atom table is then represented with the following structure:

0: kd> dt _RTL_ATOM_TABLE_ENTRY
nt!_RTL_ATOM_TABLE_ENTRY
   +0x000 HashLink         : Ptr64 _RTL_ATOM_TABLE_ENTRY
   +0x008 HandleIndex      : Uint2B
   +0x00a Atom             : Uint2B
   +0x010 Reference        : _RTL_ATOM_TABLE_REFERENCE
   +0x028 NameLength       : UChar
   +0x02a Name             : [1] Wchar

You can dump a Local Atom Table with the !atom extension, and dump a Global Atom Table with the !gatom extension. Here is an example of !gatom:

6: kd> !gatom

Global atom table c00c( 1) = Protocols (18) pinned
c031( 1) = Button (12)
c042( 1) = msctls_updown32 (30)
c00d( 1) = Topics (12) pinned
c00e( 1) = Formats (14) pinned
c024( 1) = TaskbandHWND (24)
c04b( 1) = SysIPAddress32 (28)
c023(47) = OleEndPointID (26)
c04a( 1) = RichEdit20W (22)
c02b( 1) = _IDH_ALTTAB_STICKY_PREV (46)
c032( 1) = Static (12)
c02d( 1) = _IDH_WINALTTAB_PREV (38)
c045( 1) = SysTreeView32 (26)
c018( 1) = UxSubclassInfo (28) pinned
c03c( 1) = msctls_hotkey32 (30)
c044( 1) = tooltips_class32 (32)
c046( 1) = SysMonthCal32 (26)
c047( 1) = SysDateTimePick32 (34)
c007( 1) = StdShowItem (22) pinned
c053( 1) = ClipboardDataObjectInterface (56)
c011( 1) = True (8) pinned
c03f( 1) = SysListView32 (26)
c04c( 1) = UIAE{46a56456-04b6-4a08-a2bd-9a764fc58246} (84)
c010( 1) = EditEnvItems (24) pinned
c01c( 1) = PROGMAN (14)
c02a( 1) = _IDH_ALTTAB_STICKY_NEXT (46)
c04e( 1) = MozillaPluginWindowPropertyAssociation (76)
c012( 1) = False (10) pinned
c02c( 1) = _IDH_WINALTTAB_NEXT (38)
c03e( 1) = msctls_trackbar32 (34)
c015( 1) = Close (10) pinned
c021( 4) = AllowConsentToStealFocus (48)
c038( 1) = ToolbarWindow32 (30)
c04d( 2) = MSAA_*FCFFFFFF00000000 (44)
[...]

The first column is the entry within the atom table, the number represents the unique 16-bit decimal representation of the string assigned to that atom; I believe the second column is the the number entries within that bucket and the last column is the number of references. Atom Tables are based upon the Hash Table data structure.

References:

Posted in Computer Science, WinDbg, Windows Internals | Leave a comment

Learning the Importance of Mathematics

Tonight, I thought I would write about how I came to become so interested in Mathematics; and the importance of Mathematics in scienfic disciplines; and more importantly the importance of Mathematics in our everyday life.

Mathematics, in my opinion, is a universal language which can be understood by everyone providing they know how to write and read Mathematics; it is very much like how English has become the universal language within Business and Latin has become the universal language when classifying new species; Mathematics is the fundamental language of scienfic disciplines and the language which we speak everyday.

I would not consider myself to be a Mathematician of any sorts, since quite honestly, I do not like every area of Maths. I loathe Differential Equations and Calculus. However, the main areas of interest to me are the following: Graph Theory, Number Theory, Set Theory/Logic and Abstract Algebra. There is something about these areas in which I have a particular interest with.

Alan Turing, one of my heroes and favorite Mathematicians.

Alan Turing, one of my heroes and favorite Mathematicians.

I never really appreciated or learned Maths until after leaving secondary school at the age of 15. The culture of the school at the time, was that Maths is one of those subjects which is useless and abstract and a pass in the subject would be suffice. Ironically, I had a deep interest in the Natural Sciences (Biology, Chemistry and Physics), achieving two A*s and an A. I only bothered to pass my Maths class since I adopted the culture which was a popular at my school, a serious mistake which I regret and wish I could reverse.

I believe Mathematics is poorly taught at schools – it certainly was at my school – and the importance of Mathematics isn’t fully expressed by teachers, ask any person who doesn’t have an interest in Maths, and I guarantee that if you asked them, what do you think Maths is about? They will immediately answer with either Numbers or Equations. This is not what Mathematics is about, it is about rigorous and rational thinking; an application of intuition and abstract though to find solutions to complex puzzles which provide important applications to our understanding of our beautiful and weird Universe.

Once we overcome the stereotypical perception that Maths can only be exploited by intellectuals and academics, we will finally begin to overcome the bottleneck created by ourselves, to enable everyone learn, appreciate and apply Mathematics to their everyday life. Mathematics can be learned and appreciated by anyone, it is finding that dedication, enthusiasm and motivation to begin exploring a very interesting subject!

 

 

Posted in Mathematics | Leave a comment

The Fundamental Laws of Logic

The Fundamental Laws of Logic or the Classic Laws of Thought may be redundant in some respects; the introduction of propositional logic and fuzzy logic has meant that some of the axioms (some disrupted to be axioms) these laws are not always applicable when discussing situations regarding logic like the construction of mathematical proofs. The three laws are still used in most systems of logic, and consist of the following:

Law of Contradiction:

Let P be any proposition, then the law of contradiction states that:

\forall P, \sim (P \wedge \sim P)

The above statement states that it is impossible for both P and the negation of P to both be true at the same time. For example, an even number can’t also be odd (or non-even), it is either even or odd.

Law of Excluded Middle:

Let P be any proposition, then the law of excluded middle states that:

P \vee \sim P

The mentioned statement asserts that the proposition P is either true or it is false, it is not possible for both P and the negation of P to be both true.

Principle of Identity:

Let X be some proposition or variable, then the principle of identity asserts that:

\forall X, X = X

The principle of identity implies that for all instances of the object named X, each instance is exactly the same as each other.

Extensions to the Fundamental Laws of Logic

There have been some additions by Logicians to the traditional laws of thought, Leibniz added two of these laws, which are as follows:

Principle of Sufficient Reason:

The principle of sufficient reason is simple and self explanatory within the name; it states that nothing is without reason, and thus every event has a cause. This forms the basis of our rational thinking and of scientific method.

In some aspects, the principle of sufficient reason can be used to contest the notion of free will; the paradox of free will indicates that while we are given free will, we are not truly free since God created us and the rules which are used to control the game known as life.

The principle additionally shows us that for something to not exist, then there must be a reason for that object’s non existence; the principle also has given rise to the philosophical concept of Necessitarianism.

Identity of Indiscernibles:

This is slightly more interesting than Leibniz’s other principle, it implies that no two distinct objects are exactly identical, even though that it may appear to be that way. This statement can be summarised in the following formula:

\forall P (Px \leftrightarrow Py) \rightarrow x = y, where P denotes the property.

The above principle can be counter intuitive in some circumstances, especially when considering hypothetical situations. For instance, what if the property which distinguishes the two objects is shared by both of the objects?

————————————————

In the future, I’m intending to write some more philosophical posts regarding Logic and Mathematics, however, due to other commitments it may be a while before anything else is written on this blog.

 

 

 

 

 

 

 

 

 

 

 

Posted in Uncategorized | Leave a comment

The Rise of Fake BSODs

There has recently been an increasingly number of occurrences of fake BSODs, all of which appear to be malware related. The BSODs are usually poorly designed and easy to spot if you have any experience with Windows or debugging BSODs.

blue screenHowever, the issue becomes rather alarming since many users will not understand the difference between a true BSOD and a fake BSOD, this can lead to several problems for the user.

Furthermore, it has also been found that these fake BSODs do not create any form of dump file in the following two directories:

C:\Windows\MEMORY.DMP

For Minidumps, the directory path is:

C:\Windows\Minidump

It is important for users to understand that a true BSOD will never ask you to contact a Microsoft technician or provide any guidance on how to contact that said technician. The latest BSOD screen designed by Microsoft can be found below:

bsodFortunately, most of these BSODs do not actually commit any malicious actions with regards to the system, but are mostly intended as poor phishing attempts to scare users into contacting a certain telephone number.

The main purpose of this post was simply to increase the awareness of these fake BSODs, and thus to conclude, please find a list of some example of these scams:

Malwarebytes have provided a blog post which explains the internals of one of the fake BSODs – TechSupportScams And The Blue Screen of Death

 

 

Posted in Uncategorized | Leave a comment