Rob Kraft's Software Development Blog

Software Development Insights

How To Protect Against “Man Over The Shoulder” Attacks

Posted by robkraft on June 24, 2018

Replacing the characters we type in a password field with asterisks or dots is so common that we don’t question the value or purpose of it.  Most people don’t realize that the technique serves just one purpose, and that is to protect people from “Man over the shoulder” attacks.


So when do we need this protection?  Only when we are in coffee shops, or airports, or other public places where someone is looking over our shoulders to find out what password we are typing.  And possibly also in our work environments when we are sitting with co-workers and one person is logging in to a system or application.  But when you are in your home alone, or when you are at your desk alone at work, or when you are out in public but in a place where no one is looking over your shoulder to see what you type, hiding the password you type is unnecessary.  In fact, hiding the password we are typing is sometimes worse than unnecessary, it is counter-productive.  How so?  Being unable to see the password we type causes us to choose passwords that are easier to remember and get correct.  A complicated long password is more difficult to enter correctly when you cannot confirm what you have typed than is a shorter password that meets the minimum criteria required by the application.  Thus people are more likely to use a simple password when they don’t have the ability to review it later as they type it again.

The best resolution to this conundrum is probably to have an option to allow the user to see the password they are typing.  Perhaps a checkbox next to the password field to show the password to the user as they type it.  Or, as we see in some browsers, a little eyeball icon that lets users reveal the password they have typed so far.

If you are concerned that revealing passwords assists hackers and spyware and malicious JavaScript that may be running on your computer to discover your password, your fears are unfounded.  That malicious code that is already running on your computer can reveal the password for itself without human intervention in just the same way that the application using the password does.  The one exception to this rule would be software that is recording a video of what you are doing on your computer.  Most tracking and monitoring software do not use this approach, but some do.

I recommend we keep masking passwords, but all password fields should also provide an option to allow the user to see the password they have typed.






Posted in Security | Leave a Comment »

I Was A Victim of Microsoft’s Attempt to Fix Meltdown and Spectre

Posted by robkraft on April 15, 2018

If you’ve come here hoping for a rant against Microsoft, prepare to be disappointed.  Microsoft released a patch on January 5th, 2018 to attempt to fix Meltdown/Spectre problems.  That patch prevented one of my computers from booting after it was applied.  I am not upset with Microsoft for causing this problem while attempting to fix another program because I understand that fixing some problems are really difficult, and what works on one CPU may not work on another.  Fortunately for me, the computer affected by this patch was a computer I do not use often.

Unfortunately, this is a problem that would cause most people, anyone that does not consider themselves pretty good at fixing computer problems, from using the computer until they took it to someone else for repair.

Today I sat down to fix the computer.  The computer runs Windows 7.  The computer failed to boot on January 11th, 2018.  I discovered the boot failure a few weeks later and then discovered that I could not even enter Windows Safe Mode after rebooting the PC.  Knowing it would take some time to resolve the problem and that I might have a corrupt hard drive and never be able to resolve it, I put an attempt at resolution on hold.

Until today.

I used a Windows 10 bootable jump drive I already owned.  My HP machine allows me to press the ESC key to get to the “Boot Menu” and from there I could select the Jump Drive.  I chose to go to the command prompt.  From there, I found my C: drive (which was named E: in this boot) and found that all my backup files still existed.  I breathed a small sigh of relief then searched (dir /od) looking to find when the PC last successfully booted (which was January 11th), and I looked for an explanation of the problem by looking for what last happened on the machine.  I saw that Windows Update had activity just prior to the failure.  I then searched the Internet from another computer and quickly found the exact article I needed to fix the problem.

I used the information in the January 8th post by Wolfie1307 to run the following command and the command told me it succeeded (meaning that it successfully rolled back the attempted Windows Update).

dism /image:E:\ /remove-package /packagename:Package_for_RollupFix~31bf3856ad364e35~x86~~7601.24002.1.4(or whatever you copied) /norestart

It did not work for me on my first attempt because I was lazy and used the exact package name that Wolfie1307 provided in his/her post.  I needed to change the package name to include x86 instead of amd64 for mine to succeed, and I found the name of that package in the WindowsUpdate.log

I rebooted my computer and it is working again!



Posted in Home Tech, I.T. | Leave a Comment »

Ending Net Neutrality Will Cost You!

Posted by robkraft on December 3, 2017


Posted in I.T. | Leave a Comment »

iTunes 12.7 Problem – Podcasts missing from Library

Posted by robkraft on October 22, 2017

It seems that most iTunes Upgrades either cause problems or remove features I use for managing the podcasts I listen to and 12.7 was no different.  This one took me an hour to resolve.  Unfortunately Apple has no information about this on their site and it is not easy to submit or get responses to support requests.  But I found the answer on another blog:

I am reposting the resolution on my blog in case I need to again, and maybe to reduce the time it takes for others to resolve the problem.

Posted in Home Tech, Uncategorized | Leave a Comment »

Flawed Logic in W3C Spec 3.2 of HTML-Design-Principles “Priority of Constituencies” – AutoComplete Bug

Posted by robkraft on April 28, 2017

I believe there is a concept flaw in the W3C spec regarding “priority of constituencies” (

I agree with this explanation for sites like facebook where users own their data, but not for company sites where companies own the data and users are just performing a role regarding company data.  Owners of data, a category not considered as separate from users in the 2004 W3C spec, should be given priority over the users of the data.  Company owners of data desire to keep users from making poor security decisions and choosing to store their password in their browsers, thus company owners should be allowed to ask their authors to remove the ability for users to store passwords to company roles in their browsers.  By not allowing this ability, Chrome and other browsers cause developers needing this ability to implement techniques that may introduce new security flaws.

Here is a workaround for Chrome:
Here are some other approaches:

Posted in Security | Leave a Comment »

Malware for Neural Networks: Let’s Get Hacking!

Posted by robkraft on March 24, 2017

I don’t intend to infect any artificial intelligence systems with malware. But I do intend to provide an overview of the techniques that can be used to damage the most popular AI in use today, neural networks.

With traditional hacking attempts, bad actors attempt to plant their own instructions, their own computer code, into an existing software environment to cause existing software to behave badly. But these techniques will not work on neural networks. Neural networks are nothing more than a big collection of numbers and mathematical algorithms that no human can understand well enough to alter in order to obtain a malicious desired outcome. Neural networks are trained, not programmed.

But I am not implying that damage cannot be done to neural networks, or that they can’t be corrupted for evil purposes. I am implying that the techniques for malware must be different.

I have identified five types of malware, or perhaps I should say five techniques, for damaging a neural network.

1. Transplant

The simplest technique for changing the behavior of an existing neural network is probably to transplant the existing neural network with a new one. The new, malicious, neural network presumably would be one that you have trained using the same inputs the old one expected, but the new one would produce different outcomes based on the same inputs. To successfully implement this malware, the hacker would first need to train the replacement neural network, and to do so the hacker needs to know the number of input nodes and the number of output nodes, and also the range of values for each input and the range of results of each output node. The replacement neural net would need to be trained to take the inputs and produce the outputs the hacker desires. The second major task would be to substitute the original neural network with the new neural network. Neural networks accessible to the Internet could be replaced once the hacker had infiltrated the servers and software of the existing neural network. It could be as simple as replacing a file, or it could require hacking a database and replacing values in different tables. This all depends on how the data for the neural network is stored, and that would be a fact the hacker would want to learn prior to even attempting to train a replacement neural network. Some neural networks are embedded in electronic components. A subset of these could be updated in a manner similar to updating firmware on a device, but other embedded neural networks may have no option for upgrades or alterations and the only recourse for the hacker may be to replace the hardware component with a similar hardware compare that has the malicious neural network embedded in it. Obviously there are cases where physical access to the device may be required in order to transplant a neural network.

2. Lobotomy

If a hacker desires to damage a neural network, but is unable or unwilling to train a replacement neural network, the hacker could choose the brute force technique called the lobotomy. As you might guess, when the hacker performs a lobotomy the hacker is randomly altering the weights and algorithms or the network in order to get it to misbehave. The hacker is unlikely to be able to choose a desired outcome or make the neural network respond to specific inputs with specific outputs, but the random alterations introduced by the hacker may lead the neural network to malfunction and produce undesirable outputs. If a hackers goal is to sow distrust in the user community of a specific neural network or of neural networks in general, this may be the best technique for doing so. If one lobotomy can lead a machine to choose a course of action that takes a human life, public sentiment against neural networks will grow. As with a transplant, the hacker also needs to gain access to the data of the existing neural network in order to alter that data.

3. Paraphasia

Of the five hacking techniques presented here I think that paraphasia is the most interesting because I believe it is the one a hacker is most likely to have success with. The term is borrowed from psychology to describe a human disorder that causes a person to say one word when they mean another. In an artificial neural network, paraphasia results when a saboteur maps the response from the neural network to incorrect meanings. Imagine that Tony Stark, aka Iron Man, creates a neural network that uses face recognition to identify each of the Avengers. When the neural network inputs send an image of Captain America through the neural network layers, the neural network recognizes him, and then assigns the label “Captain America” to the image. But a neural network with paraphasia, or I should say a neural network that has been infected with paraphasia, would see that image and assign the label of “Loki” to it. Technically speaking, paraphasia is probably not accomplished by manipulating the algorithms and weights of the neural networks. Rather, it is achieved by manipulating the labels assigned to the outputs. This makes it the most likely candidate for a successful neural network hacking attempt. If I can alter the software consuming the output of a neural network so that when it sees my face it doesn’t assign my name to it, but instead assigns “President of the United States” to it, I may be able to get into secret facilities that I would otherwise be restricted from.

Open and Closed Networks

The first three hacking techniques could be applied to neural networks that are open, or that are closed. A closed neural network is a network that no longer adjusts its weights and algorithms based on new inputs. Neural networks embedded in hardware will often be closed, but the designers of any neural network may choose to close the neural network if they feel it has been trained to an optimal state. An open neural network is a network that continues to adjust its weights and algorithms based on new inputs. This implies that the neural network is open to two additional forms of attack.

4. Brainwashing

Many neural networks we use today continue to evolve their learning algorithms in order to improve their responses. Many voice recognition systems attempt to understand the vocalizations of their primary users and adapt their responses to produce the desired outcomes. Some neural networks that buy and sell stocks alter their algorithms and weights with feedback from the results of those purchases and sales. Neural network designers often strive to create networks that can learn and improve without human intervention. Others attempt to crowdsource the training of their neural networks, and one example of this you may be familiar with is captcha responses that ask you to identify items in pictures. The captcha producer is probably not only using your response to confirm that you are a human, but also to train their neural network on image recognition. Now, imagine that you had a way to consistently lie to the captcha collection neural network. For dramatic effect, let’s pretend that the captcha engine showed you nine images of people and asked you to click on the image of the President of the United States. Then imagine that, as a hacker, you are able to pick the image of your own face millions of times instead of the face of the President. Eventually you may be able to deceive the neural network into believing that you are the President of the United States. Once you had completed this brainwashing of the neural network, you could go to the top secret area and the facial recognition software would let you in because it believed you to be the President. I am not saying that brainwashing would be easy. I think it would be really difficult. And I think it would only work in the case where you could programmatically feed a lot of inputs to the neural network and have some control over the identification of the correct response. For best results, a hacker might attempt to use this technique on a neural network that was not receiving updates through a network like the Internet, but was only receiving updates from a local source. A neural network running inside an automated car or manufacturing facility may operate with this design. Brainwashing is similar to paraphasia. The difference is that in brainwashing, you train the neural network to misidentify the output, but in paraphasia you take a trained neural network and map its output to an incorrect value.

5. OverStimulation

Like a lobotomy, the overstimulation technique only allows the hacker to cause mischief and cause the neural network to make incorrect choices. The hacker is very unlikely to achieve a specific desired outcome from the neural network. Overstimulation can only occur on poorly designed neural networks and essentially these are neural networks that are subject to the overfitting flaw of neural network design. A neural network that is not closed and designed with an inappropriate number of nodes or layers could be damaged by high volumes of inputs that were not examples from the original training set.

Layers of difficulty

To all you aspiring hackers, I also warn you that our neural networks are getting more complex and sophisticated every day and I think this makes it even more difficult to hack them describing the techniques mentioned here. The deep learning revolution has been successful in many cases because multiple neural networks work in sequence to produce a response. The first neural network in the sequence may just try to extract features from the incoming sources. The identified features are the output of the first network and these are passed into a second neural network for more grouping, classification, or identification. After that these results could be passed on to another neural network that makes responses based upon the outputs of the previous neural network. Therefore, any attempted hack upon the process needs to decide which of the neural networks within the sequence to damage.

I am not encouraging you to try to introduce malware into neural networks. I am strongly opposed to anyone attempting to do such things. But I believe it is important for system engineers to be aware of potential ways in which a neural network may be compromised, and raising that awareness is the only purpose of this article.

Posted in CodeProject, Security | Tagged: , , , | Leave a Comment »

Run Visual Studio As Admin, Without The As Administrator Prompt

Posted by robkraft on July 10, 2016

I run visual studio as admin just by clicking the icon in the task bar:


If you would like to do this same thing so that it does not prompt you to “run as admin”, and so that you don’t need to right-click and select “Run as administrator”, you can set up a windows task do this using the following steps:

Open Task Scheduler (click start and begin typing:  Task Scheduler).

  • Select “Create Task”.
  • On the General Tab, give the task a name such as “VS as Admin”.
  • Click on the “Run with highest privileges” checkbox to select it.


On the Actions tab:

  • Create a new Action.
  • Action = “Start a Program”.
  • Program/script = “C:\Program Files (x86)\Microsoft Visual Studio 14.0\Common7\IDE\devenv.exe”.
    • Note: 14.0 references Visual Studio 2015, use 12.0 for VS 2013
  • Click OK to save the task.

Right click on your desktop and select New, shortcut.

  • Set the value to
    • C:\Windows\System32\schtasks.exe /run /TN “VS as Admin”
      • Replace “VS as Admin” with the name of the task you created above
  • Click Next and enter a name for the shortcut, then click Finish.

Right click on your shortcut and select Pin to Taskbar.  It should be ready to use!

Posted in Coding, Dev Environment, Uncategorized | Leave a Comment »

Robert’s Rules of Coders: #11 Separate User Interface Logic From Business Logic

Posted by robkraft on July 10, 2016

One goal to keep in mind as you write software is to write software that is easy to maintain and enhance in the future. We can do this by organizing code so that things that might change will be easier to change. Consider this example:



In the code above, User Interface (UI) code is mixed together with the business object code. We should try not to pass details about how the UI implements a feature unless the business object really needs to know. In this example, the Products business object really only needs to know three pieces of information from the UI:

  • The Price
  • Should a discount be calculated because this is for a nonprofit agency? (yes or no)
  • Should a discount be calculated because this is a bulk purchase? (yes or no)

If we change the code to pass boolean values to the Products business object instead of the checkboxes, we gain the following benefits:

  • The UI can easily be changed in the future to use something other than checkboxes, and this change will not require also changing code in the Products business object.
  • We increase our potential to use the Products business object with different types of user interfaces. This business object may currently expect a C# WPF checkbox control, which means the business object would not work if someone had a C# Windows checkbox control, or perhaps a C# Silverlight checkbox control. But if the Products business object accepted a boolean, which is a datatype common to more platforms, the business object will more likely work with different user interfaces.
  • Unit tests that we write won’t need to reference the specific UI components needed for building the user interface.

A more common way that developers often entwine UI code with business object code is shown below. This example is the opposite of the case above. Here logic that could, and should, reside in the business object is performed in the UI.



The reason we don’t like this code is that logic to calculate the discounted price should be moved from the UI to the Product business object. In doing so we would gain the following benefits:

  • We could reuse the Product business object in another program without needing to also add logic to the UI of the other program to calculate the discounted price.
  • If we need to change the calculation for the discounted price, we need to make the change in only one place and every program using that business object automatically is affected.
  • We can easily write a unit test on the Product business object to make sure that the code calculating our discounted price works correctly.

A better way to write the code from both examples above so that the UI and business logic is not entwined is shown below. I will admit that this is not the best example, because it does not use TryParse, nor does it have input checking and error handling, and it could use an interface, but those topics are not the point of this article, which is to encourage you to separate the UI logic from the business logic in your applications.



It is not bad sometimes to write code that entangles UI code and business logic, knowing that you will refactor the code to move the logic to the correct place before you consider the feature complete. It is often helpful to have all of the code in one big method until you have it correct, then you can improve the code by refactoring it.

As with any of Robert’s Rules of Coding, you don’t need to adhere to them all of the time and there are cases where it is better not to. But most programmers should follow the rules most of the time. I hope you agree.

Go to Robert’s Rules of Coders for more.



Posted in Code Design, CodeProject, Coding, Uncategorized | Leave a Comment »

Did your .Net Build Server Run out of Disk Space? Perhaps it was Fusion Log Viewer.

Posted by robkraft on June 26, 2016

A few months ago our nightly build failed because the build machine was out of disk space.  We cleaned up the usual temp files and got it running again, but decided to dig deeper to find things filling up the hard drive.

We discovered we had a folder with millions (literally millions) of small .htm files.  The folder was C:\windows\syswow64\config\systemprofile\appdata\local\content.ie5 and we learned that the source of these files was Fusion Log Viewer from this post by Rich Beales:

I am just blogging about it here so that I can find this post in the future if it happens to me again, and also to elaborate on some details.

The HTML files were small and the content of every one of them was something like this:

<meta http-equiv=”Content-Type” content=”charset=unicode-1-1-utf-8″><!– saved from url=(0015)assemblybinder: –><html><pre>
*** Assembly Binder Log Entry  (2/1/2016 @ 12:00:34 PM) ***

The operation was successful.
Bind result: hr = 0x0. The operation completed successfully.

Assembly manager loaded from:  C:\Windows\Microsoft.NET\Framework\v4.0.30319\clr.dll
Running under executable  C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\aspnet_compiler.exe
— A detailed error log follows.

=== Pre-bind state information ===
LOG: DisplayName = System.Configuration, Version=, Culture=neutral, PublicKeyToken=b03f5f7f11d50a3a
LOG: Appbase = file:///C:/Build/ourapp.Internal/
LOG: Initial PrivatePath = C:\Build\ourapp.Internal\bin
LOG: Dynamic Base = C:\Windows\Microsoft.NET\Framework\v4.0.30319\Temporary ASP.NET Files\ourapp.internal\085749fe
LOG: Cache Base = C:\Windows\Microsoft.NET\Framework\v4.0.30319\Temporary ASP.NET Files\ourapp.internal\085749fe
LOG: AppName = f1c160c1
Calling assembly : (Unknown).
LOG: This bind starts in default load context.
LOG: Using application configuration file: C:\Build\ourapp.Internal\web.config
LOG: Using host configuration file:
LOG: Using machine configuration file from C:\Windows\Microsoft.NET\Framework\v4.0.30319\config\machine.config.
LOG: Binding succeeds. Returns assembly from C:\Windows\Microsoft.Net\assembly\GAC_MSIL\System.Configuration\v4.0_4.0.0.0__b03f5f7f11d50a3a\System.Configuration.dll.
LOG: Assembly is loaded in default load context.


The really odd thing for our team is that none of us know what Fusion Logger is about, or that it existed, or how it could have been turned on.  We are suspicious that a .Net or Visual Studio update may have turned it on.  Regardless, to shut it off we tracked down the FusLogVw.exe and changed it from “Log all bind to disk” to “Log disabled”.


Final note, when you decide to delete the files, do so by deleting the whole directory (rd foldername /S), otherwise it make take you days to delete the all.

Posted in Coding, Dev Environment | Leave a Comment »

Robert’s Rules of Coders: #10 Scope minimally, scope private

Posted by robkraft on May 22, 2016

A big ball of mud is a designation for some software programs that are very difficult to maintain. We never set out to create a big ball of mud, but it happens to many programs over time. One technique to reduce the entanglements that lead to a big ball of mud is to expose the functions in your code as little as possible to other parts of your program. In many programming languages the term “scope” is used to determine if your function can be used anywhere within the program, or just within a small area of the code.

The two most common scopes are “public”, which usually means that any part of your program, and perhaps other programs, can call the function; and “private”, which usually means that only other functions within the same region of code, within the same “class” or “namespace”, or perhaps within the same compiled assembly can call the function.

Some languages include additional scopes such as “internal”. .Net allows methods that are scoped private to only be called by other methods within the same “class”; but the use of the “internal” scope allows other classes within the same compiled dll to call the methods with an internal scope, but code in other dlls cannot.

When you write a method that is only used within one class, you should always set the scope of that method to private. This provides the following benefits:

  1. You do not unintentionally provide access to sensitive data.
  2. The code will not be accidentally called from another class, by another developer or yourself, creating an unexpected and undesired entanglement.
  3. The code will not be called by third-party developers, particularly if the class you are writing is part of an API that you expose to third-party developers.
    1. Of course, if you desire that third-party developers have use of the method then scope it public, but do not do so by default because you may be unable to change the method in the future without breaking the third party dependencies on your API.
  4. If you have scoped the method privately, you can be sure that other code is not using the method if you later decide to refactor or rename the method.
    1. This is not entirely true for languages that support alternate methods of calling even private functions from outside of the functions class. For example, the .Net language provides a feature called reflection that can be used to call the private members of another class. Developers using the reflection technique usually understand the risks.
  5. If you have a method that could be accessed by another class, you should spend a few minutes reconsidering the design of your classes instead of quickly and simply making the class public.
    1. Perhaps you should create a new helper class; perhaps you should refactor the code in the method to make accessible just what is needed in the other class.

In the two examples below, the developer desires to use the Base64Decode method in another class.  In the first example the ExampleOfWhatNOTtoDo class is made public as are all of the methods.


But it would be better to move the Base64Decode method out of the ExampleOfWhatNOTtoDo class, so that nothing is made public that does not need tobe public as shown below.


When the language allows a level of scoping besides public and private, such as internal, you should generally consider changing the scope from private to internal if that is sufficient rather than from private to public.

I have two final tips for .Net developers.

Tip 1: You can scope methods internally, yet allow other applications that you write have access to them but using “Friend” assemblies as described here: The InternalsVisibleTo attribute can be provided to the class in code or to the entire dll in the AssemblyInfo.cs file.

Tip 2: You can use an interface for internal methods, thus making your methods accessible through an interface from other dlls in your solution. You just need to explicitly implement the interface as described here:

As with any of Robert’s Rules of Coding, you don’t need to adhere to them all of the time and there are cases where it is better not to. But most programmers should follow the rules most of the time. I hope you agree.

Go to Robert’s Rules of Coders for more.


Posted in Code Design, Robert's Rules of Coders, Uncategorized | Leave a Comment »