Rss Feed
Tweeter button
Facebook button
Technorati button
Reddit button
Myspace button
Linkedin button
Webonews button
Delicious button
Digg button
Flickr button
Stumbleupon button
Newsvine button

How to speed up Memory Validator by changing DbgHelp version

By , September 6, 2015 9:26 am

Recently we’ve had a few customers contact to tell us they have experienced a dramatic reduction in speed when using C++ Memory Validator.

We found this puzzling as we hadn’t really noticed this. We investigate and found that some parts of our code were hitting the disk a bit too much. To address this we implemented a buffered file read/write system so that we hit the disk once rather than many times. For our test case (which was a substantial program being monitored) this worked wonders. Performance improved enormously. Smiles all round.

But our customers still reported problems. This was puzzling. We started logging everything in one particular code path (which we knew was the problem). Nothing obvious. Next step, start timing all the logging. But just before we got to that we did a simple test. We iterated through each version of DbgHelp.dll that C++ Memory Validator can supply – if you remember we let you specify which Visual Studio version you used and we supply a version of DbgHelp.dll that ships and works for that (not all DbgHelp.dll are equal!).

Imagine our surprise when we found that DbgHelp.dll ( shipped prior to Visual Studio 2013 are blazingly fast and the DbgHelp.dll we supply for use with Visual Studio 2013/2015 (6.3.9431.0) are slow. If you’re paying attention you’ll also notice the DbgHelp.dll version number has decreased rather than increased – ask Microsoft, we have no idea why they decreased the version number with more recent releases.

For now, until we can get a new release out to address this anomaly we recommend that you ignore choosing the Visual Studio you are using and deliberately choose Visual Studio 2012. This will select DbgHelp and you should find the usual blazing speeds you are used to are restored.

To change the version of DbgHelp used, open the settings dialog, go to Symbol Lookup then change the version in the combo box. Click OK.

Any problems, as usual, please contact support.


Changes to injection behaviour

By , July 23, 2015 4:16 pm

We’ve just changed how we launch executables and attach to them at launch time. We’ve also changed how we inject into running executables. This blog post outlines the changes and the reasoning behind the changes.

The injected DLL

Microsoft documentation for DllMain() states that only certain functions can be called from DllMain() and you need to be careful about what you call from DllMain(). The details and reasons for this have never been made very explicit, but the executive summary is that you risk getting into a deadlock with the DLL loader lock (a lock over which you, as a programmer, have no control).

Even though this dire warning existed from the first alpha versions of our tools in 1999 until July 2015 we’ve been starting our profilers by making call from DllMain when it receives the DLL_PROCESS_ATTACH notification. We’ve never had any major problems with this, but that’s probably because we just tried to keep things simple. There are some interesting side-benefits of starting your profiler this way – the profiler stub just starts when you load the profiler DLL. You don’t need to call a specific function to start the profiler DLL. This is also the downside, you can’t control if the profiler stub starts profiling the application or not, it always starts.

Launching executables

Up until now the ability for the profiler to auto-start has been a useful attribute. But we needed to change this so that we could control when the profiler stub starts profiling the application into which it is injected. These changes involved the following:

  • Removing the call to start the profiler from DllMain().
  • Adding additional code to the launch profiler CreateProcess() injector to allow a named function to be looked up by GetProcAddress() then called.
  • Changing all calls to the launch process so that the correct named function is identified.
  • Finding all places that load the profiler DLL and modifying them so that they know to call the appropriate named function.

Injecting into running executables

The above mentioned changes also meant that we had to change the code that injects DLLs into running executables. We use the well documented technique of using CreateRemoteThread() to inject our DLLs into the target application. We now needed to add the ability to specify a DLL name, a function name, LoadLibrary() function address and GetProcAddress() function address and error handling into our dynamically injected code that can be injected into a 32 bit or 64 bit application from our tools.

Performance change

A useful side effect of this change from DllMain() auto-start to the start function being called after the DLL has loaded is that thread creation happens differently.

When the profiler stub starts via a call to the start profiler from DllMain() any threads created with CreateThread()/beginthread()/beginthreadex() all wait until the calling DllMain() call terminates before these threads start running. You can create the threads and get valid thread handles, etc but they don’t start working until the DllMain() returns. This is to part of Microsoft’s own don’t-cause-a-DLL-loader-lock-deadlock protection scheme. This means our threads that communicate data to the profiler GUI don’t run until the instrumentation process of the profiler is complete (because it all happens from a call inside DllMain()).

But now we’ve changed to calling the start profiler function from after the LoadLibrary() call all the threads start pretty much when we create them. This means that all data comms with the GUI get up to speed immediately and start sending data even as the instrumentation proceeds. This means that the new arrangement gets data to the GUI faster and the user of the software starts receiving actionable data in quicker than the old arrangement.

UX changes

In doing this work we noticed some inconsistencies with some of our tools (Coverage Validator and Thread Validator for instance) when working with an elevated Validator and non-elevated target application if we were injecting into the running target application. The shared memory used by these tools to communicate important profiling data wasn’t accessible due to permissions conflicts between the two processes. This was a problem because we were insisting the the Validator should be elevated prior to performing an injection into any process.


A bit of experimentation showed that under the new injection regime described above that we didn’t need to elevate the Validator to succeed at injecting into the target non-elevated application. It seems that you get the best results when the target application and the Validator require the same elevation level. This is also important for working with services as they tend to run with elevated permissions these days – but injecting into services is always problematic due to different security regimes for services.

This insight allowed us to remove the previously mandatory "Restart with administrator privileges" dialog and move any potential request to elevate privileges into the inject wizard and inject dialog. In this article I will describe the inject dialog, the changes to the inject wizard are similar with minor changes to accommodate the difference between dialog and wizard.


Depending upon Operating System and the version of the software there are two columns that may or may not be displayed on the inject dialog. The display can be sorted by all columns.

Elevation status

When running on Windows Vista or any more recent operating system the inject dialog will display an additional column titled Admin. If a process is running with elevated permissons this column will display an administrator permissions badge indicating the elevation may be required to inject into this process.

Processor architecture

When running 64 bit versions of our tools an additional column, titled Arch will be added to the inject dialog. This column indicates if the process is a 32 bit process or 64 bit process. We could have added a control to allow only 32 bit or 64 bit processes to be displayed but our thinking is that examining this column will be something is only done for confirmation if the user of our tools is working on both 32 bit and 64 bit versions of their tools. As such having to find the process selector and select that you are interested in 32 bit tools is overhead the user probably doesn’t need.


Changes to how we build our software

By , January 4, 2015 8:25 pm

Starting with our first software release of 2015, we will start shipping software that uses the Visual Studio 2010 C runtime and MFC libraries. The purpose of this article is to explain why we’re making this change and how this will affect users of our software.

Some of our past choices have been about technology and some about ease of doing the work. If the operating system or development environment fights you, you are less likely to use it.

Compiler History

When we started the company the current version of Visual Studio was Visual Studio 6.0. So naturally our software shipped with C runtime and MFC libraries for Visual Studio 6.0.

We didn’t really like the direction the Visual Studio team went in with subsequent releases,in particular with some subtle changes to the debugger that, it seems, many people have never noticed. These changes removed a particular feature from the debugger that we find very useful (drag an address to the disassembly view and automatically get the disassembly displayed – the workaround to do this in current versions of Visual Studio is clumsy, error prone and occasionally fails). Because of this we continued using Visual Studio 6.0 to build our software. Anything requiring support for more recent versions of Visual Studio would be built using that version of Visual Studio (library stubs, Visual Studio editor support, etc).

When we started exploring 64 bit support we started with Visual Studio 2008 because that was the current toolset at the time. Our 64 bit tools ship with the Visual Studio 2008 C runtime and MFC libraries.

For our .Net tools we’d be using Visual Studio 6.0 for the GUI, but Visual Studio 2010 (or 2012) for the profiler backend.

This resulted in our routinely using multiple versions of Visual Studio to do development.

OS History

Historically we have supported all operating systems from Windows NT 4 onwards. We have always wanted to support our customers using Windows NT 4 and Windows 2000. Many people using Windows embedded are still on old versions of Windows.

We made the rather unusual decision to develop on Windows XP x64 but to test on Windows 7 and Windows 8. This decision was mainly due to UX blunders Microsoft had made with the Start Menu on both Windows 7 (no fly out start menu) and 8 (no start menu!), and also to the file search functionality which is very easy to use on XP x64 and very hard to use from Windows Vista onwards.

These may seem like trivial things but we use file search a lot and often the Visual Studio file search is not the tool you need. Simply put we found XP much, much easier to be productive with compared to anything that came after.

Reason for change

Since April 2014, Microsoft no longer supports Windows XP. From a security standpoint this isn’t good. For us, or for you (if we get compromised, how can you rely on us?). As such we had to move away from Windows XP x64 whether we wanted to or not. We’ve written some tools to allow us to do fast easy searching without needing to go near the UX disaster that is the current version of Windows search. The removes one of our main objections to working on Windows 7 or Windows 8 on a daily basis.

We also tested a lot of start menu replacements. We finally settled on Classic Shell as this not only provides a very useful start menu on Windows 8 but also allows you to have a proper fly out menu (like XP) rather than the cramped and very awkward to use compressed menu you get with Windows Vista/7 (no wonder Microsoft’s UX metrics showed start menu use was down – they’d made it too hard to use).

So that’s the two UX reasons out of the way, what about the software?

We would also like to take the software tools in new directions – to support .Net alongside C++ rather than in separate tools. This can be done using our current arrangement but it’s harder than necessary. In particular it makes automating our builds harder. Visual Studio 2010 is a lot easier to control from the command line that Visual Studio 6.0. So moving to one Visual Studio for this is a major bonus. Also, debugging software built using multiple different versions of Visual Studio, some of which can’t read debug info from other versions of Visual Studio, that is horrible.

We noticed that no one has discussed Windows NT 4 or Windows 2000 with us for quite some time so we decided to drop support for Windows NT 4 and Windows 2000. Removing this constraint meant we could move to the Visual Studio 2010 runtime and thus use one main version of Visual Studio to do most development work.

The reasons the Visual Studio 2010 runtime is important is because this is the most recent runtime that supports Windows XP and many people are still using Window XP.


An unfortunate consequence of this change to Visual Studio 2010 runtimes is that if you are using more than one of our 32 bit tools or more than one of our 64 bit tools then you will need to install new versions for all of the 32 bit tools (or all of the 64 bit tools). The reason for this is due to DLL dependencies and memory allocated by DLLs all needing to come from the same allocator. Mixing VS 2010 built DLLs with VS 2008 built DLLs or VS 6 built DLLs will give unspecified results.

We realise this is inconvenient and certainly not ideal. We won’t be changing the runtime we use again until none of our customers need support for Windows XP. We anticipate people using XP for many years into the future (based on comments made to us by customers).

The Future

We aim to roll all the functionality of our .Net tools into our C++ tools. C++ Coverage Validator will be able to collect coverage data for .Net code, C++ Memory Validator will be able to collect and analyse .Net memory data, C++ Performance Validator will be able to profile .Net code. The .Net specific tools will then be phased out.

If you are using our .Net tools, you will still be supported – we’ll move your .Net licences to the C++ licences where you will get the .Net data previously provided by the .Net tools.

If you are using our C++ tools, you will get additional .Net data in the tool.

The intention is that the tools will simply get better. We aren’t going to damage the C++ side of the tools to provide the .Net support. I mention this because we’ve had some questions from customers asking about this (having seen what some of our competitors did when they decided to support .Net).

Visual Studio

We will continue to support every version of Visual Studio from Visual Studio 6 through Visual Studio 2013 (and what comes after it, Visual Studio 2014 CTP, now renamed Visual Studio 2015 CTP) and future versions.

Windows NT 4, Windows 2000 support

If you need support for Windows NT 4 or Windows 2000, please contact us. We will be able to support these operating systems, but only via a special build facility.


How to be more productive

By , December 30, 2014 11:57 am

A few weeks ago @BobWalsh asked on twitter how to be more productive.

I dashed off a simple reply about turning various things off. I thought I’d expand upon this topic.

Productivity isn’t just one thing. It’s many things and they all need to be aligned to allow you to be productive.

Know your topic

Seems obvious, but how many times have to tried to do something that you aren’t that good at and it’s taken forever? And the result was OK, but you know it could have been better. Would this particular task have been better delegated to someone else or even outsourced to a trusted third party?


You have limited willpower. Concentrating on a task, or many tasks requires effort. You only have so much energy available for that effort before your energy reserves are depleted and you either need to eat, rest or sleep. Choose what you spend your energy on wisely.

Don’t multi-task

There is this myth that some people can multi-task and some people can’t. In particular this myth is biased in favour of women. However in neurological terms, humans are not wired to multi-task. We can appear to multi-task (just as single core CPUs did) by context switching. Context switching in humans is slow and consumes energy. If your blood sugar is low you will not be good at this. This StackExchange question discusses the penalties associated with context switching.

Remove distractions

Every distraction is a request to context switch to attend to that distraction. And then context switch back to the previous distraction or on to a new distraction. This is why the job of receptionist in a hotel, a hospital or a veterinary surgery is not as simple as it seems. Each micro task isn’t hard. But it’s the sheer volume of them and often multiple balls in the air at the same time – this takes energy.

In terms of your working life, if you are tech then the chances are you have these things around you:

  • Twitter
  • Facebook
  • LinkedIn
  • Smart phone
  • Text messaging
  • Wired phone
  • Email
  • Other productivity tool
  • Work colleagues
  • Open plan work environment
  • Office politics
  • (and possibly minority/sexist micro-aggressions)

But you’re actually trying to workout how to write some software for your company to meet the company product release deadline. Or you’re trying to debug someone else’s software and you need to get your head into their software space to understand what’s happening, or it’s a code review, or you’re examining the DNA of this interesting cancer, or something equally taxing. In short what you really want to be putting your energy is this interesting task but you are constantly pulled away from it by all these other sources of distraction.


Turn off your twitter client. You don’t need to be on twitter all day, every day. You can always check in when you have a break or at the start/end of the day.


Log out of facebook. Same as twitter, but it’s even less realtime so you definitely don’t need this open in your browser all day.


Log out of LinkedIn. Same as twitter and facebook.

Smart phone

Turn it off. Completely off. No notification pings, no vibrates, no calls, nothing. So many apps on your phone to distract you and pull you away from work.

Text Messaging

Seriously. I know people under 25 seem to live in their text messaging world but I have news for you. If you turn off your phone the world will keep spinning. And your friends will still be there when it comes to lunch time and you can check up on what hasn’t happening in the (gasp!) last 4 hours.

Wired Phone

Unplug it. Turn off the ringer. Turn down the volume on the answerphone.


You don’t need your email client open all the time. Check it once per hour, or once every two hours. For an extreme take, do it like Noah Kagan. Twice a day – once at the start of the day and once at the end of the day. OK, so some conversations won’t go as fast but everything will get attended to. And you might even focus on those emails a bit more because you’ve dedicated time to them rather than trying to time slice them with everything else in the day.

Trello / Other productivity tool

There are loads of planning/scheduling tools out there. Trello has taken off in a big way. Great. I have nothing against them. But you don’t need to fixate on it all day. Close the browser page. You can check the status of something when you actually need the information, not just because something has moved and you need to know, RIGHT NOW, what that was.

Work colleagues

Not a lot you can do about these. They need your help. You need theirs. If you can’t interact nothing will get done. But you can give strong hints as to when it’s OK to talk to you and when it’s not. Some folks put a red flag on their desk (or something equally unusual) to signify “I’m busy, don’t bother me”. Try it.

Open plan work environment

Yes, these are great. And they can be awful. Good for fostering openness and communication. Bad for controlling noise. For some tasks you may be better trying to get an office for an afternoon or take the work home.

Office politics

Er, not sure how to turn this one off.

Go for a walk

I’m serious. If you can’t get your head around a problem. Go for a walk. Preferably in the countryside. I live in a small country village. An average house on a housing estate. But I’m surrounded by farmland and the largest wetland in Europe (The Ouse Washes). Lots of the engineering problems at Software Verification have been solved while walking on this farmland enjoying the scenery, letting my brain wander and then out of nowhere a solution or partial solution appears. Back to the office and usually have a working demo by the end of the day.

Alternatively, a long soak in a hot bath (optional bottle of wine) often does the same job. Don’t try this one at work!

Alternatively, learn to meditate.

If it’s not obvious the key thing is getting your mind to relax and wander. Turn off the concious problem solving part of your brain and wait.


Get Caffeine out of your life. I really enjoy Caffeine (when provided by Tea, but not by Coffee) but I’m glad I stopped consuming Caffeine. It’s a myth that it makes you better at your job. I should probably also do the same with alcohol, but I have considerably reduced my consumption of that as well.


Make a list of all the things you need to do today. Identify the order of importance and how big/small a task it is. If you have lots of short tasks that are easy to do, do them. This reduces the list size and gives you a sense of progress, which is a good emotional boost. Then tackle the important and big tasks first. Cross each task off the list as you complete them. It’s trivial stuff to do, but this is emotional recognition of progress. Surprising what such simple tricks can do to your inner sense of “getting stuff done”.

If you find that you are not comfortable with the list on any given day that’s a good indicator that the tasks on the list – you haven’t fully decided how each task will be completed. So work on understanding each task a bit better. This may mean breaking the task into subtasks, or it may mean you just need to think about the task a bit more.


The days when I feel the most distracted, the least at ease, can’t decide what to work on it’s when there is nothing on the list that interests me and I have all these distractions turned on. The solution is to remove the distractions and then work on the contents of the list.

I’m not saying twitter, facebook et al are bad. I’m saying that they need to be used with care. So turn them off when you are working and turn them on when you need to plug in.


Brianna Wu, Nine ways to start helping and stop hurting women in tech

By , October 6, 2014 8:42 pm

Business of Software Conference 2014

In September I travelled to Boston, MA in the USA for the 2014 Business of Software Conference. As conferences go I think Business of Software is quite simply the best software conference in the world. The speakers are carefully selected by the organisers – they don’t just throw them together and hope for the best. It’s single track, which means everyone has the same shared experience. So no awkward “oh I didn’t go to that talk, I was in the talk about snail protogenesis protocols” moments. And the speakers – well they are human beings – approachable, no ego, no attitude. There are no sponsor-advertis-talks, and no panels. Fantastic! There are sponsors, it’s very low key what they do. It’s a great conference. And worth every penny you spend attending.

Each year I’ve attended there are usually some speakers that don’t do much for me, some which are useful and a few that change and/or challenge what you thought you knew about a particular topic. Last year Greg Bauges spoke about Depression and people felt able to talk about the untalkable subject for the first time. Great and inspired topic choice.

This year the conference did it again. This time with Brianna Wu’s talk about Women in Technology and the issues women face day to day working in the technology world. Brianna works at Giant Spacekat, producers of Revolution 60. Giant Spacekat is a mostly female game dev team. They work with Unreal.

Brianna gave a passionate, in some places angry, talk. Often pausing as she tried to come to grips with the right way to communicate some of the issues she wanted to talk about. Despite the nature of the some of the subject matter there is also humour in the delivery (which I’m sorry, doesn’t come over in this writeup).

I was going to try write up the main points of the talk but given the nature of the talk I’ve been reluctant to try to condense some of this material for fear of materially, if unintentionally changing the intent. As such it’s not a straight transcript, but it’s also not super condensed. Some of this is straight quotes, others paraphrased and some bits skipped because they rely on graphics for context. Unfortunately I didn’t take photos of the many slides Bri used in her talk. A such some of this transcript misses data only displayed but not described by Bri in her talk. You’ll need to watch the video when it’s realised to grok those details.

In a few days time the Business of Software Conference will be making a video and full transcript of the talk available. When that happens I’ll include a link to the talk here.


“I’d rather be talking about anything else. Entrepreneurship. The exploding role of women in game dev. We women have same aspirations as you. We want to build cool stuff, start companies, work with tech, etc. No different. So why do we have to be here today talking about this? The sad reality is these issues make or break our careers.”

“How many gamers in the audience? How many of you have been following Zoe Quinn and #gamergate? How many people know what I’m talking about? Pornography spam, hate mentions, 1000s of times, bank account hacks, restraining orders over gamergate. Bubble of anger over women in gamergate. Losing women over fear of being the next target of angry mob: Samantha Allen, Jan Frank, Matty Brice. This isn’t superfluous stuff, this is about careers, it’s very important. So that’s why I’m going to be talking about this today.”

Bri then briefly lists a few women in tech issues


“These are things that women know (ask any woman here and they’ll confirm it). But apparently most of the rest of you don’t know this stuff.”

  • “Myth: Women in tech need to grow thicker skins.”
  • “Truth: Women in tech receive a lot more scrutiny than men. So for any given issue there are more hurdles to cleared to be accepted.”

#1 Nina

Bri has to scrub this story. Too raw to turn into words.

#2 Nicole Tanner, IGN

  • “Myth: Women get special treatment in the industry (‘our looks get us ahead, our feminine wiles’).”
  • “Reality: Celebrated journalist. Starts podcast that is really successful. Gets on a discussion panel at PAX East. but if you examine the comments they are only about the women’s physical appearance, not about their ability, etc. These are women at the top of their field and the only comments are about their appearance.”

#3 Elise

“Good looking woman in her 20s. Game writer for a major studio. Guy become sexually obsessed. Writes a fan fic. about her. Graphic, pornographic about her. She is reading it having to deal with it and it starts infecting the rest of her life. She goes to game dev events and wonder if the person she is talking to is the person writing all this stuff about her. Causes her to start distancing herself from everyone else. This has a long lasting effect on her personally.”

#4 Bri’s own story

“One of the things about game dev is that we’re constantly told ‘if you don’t like women being represented in video games, as bimbos, as the eye-candy, the girlfriend, the reward, just go make your own game’. That’s exactly what I did! The amount of blowback, harassment, anger, threats, people calling me, garbage I get is crippling. I’m just trying to do the same thing that every single male in this room is trying to do today. Build a career, build cool stuff, make a product I believe in, give my team jobs, build a company and to do that I have deal with an avalanche of BS on a daily basis. It’s exhausting to have to deal with.”

What guys tend to do

“Guys tend to think that talking about the subject of the latest women in tech issue is simple. But if you’re a woman it’s not – it’s personal. If I’m standing up here to get this taped to go up on the internet, talking about the harassment I get – or the people that write me, or spam me pornography, or I had one person that wrote a spambot that did nothing but spam my phone… it’s personal. It’s not easy to talk about.”

“So even if you don’t get what women are dealing with, but a woman expresses a personal opinion, countering that with logical arguments why it isn’t so – that isn’t fun, it’s basically invalidating that woman’s experience”. (which if you think about it is crazy, she really did experience that). “When you’re starting a conversation and basically saying ‘I’d like to not get beaten up so much in my job’ and you’re coming up to me and saying ‘Yeah, well I kinda agree with that, but have you considered this other stuff…?’ it takes a toll on me. It sends me a message that you don’t consider me a person. And what you maybe don’t realise what you are doing is when you have a conversation like that you are dismissing my experiences.”

What guys could do better

“Don’t argue with us. Don’t say ‘That’s a great point, but…’. Just show basic humanity that you would to anyone talking about something difficult they went through.”

“If you had a friend getting a divorce would you really say ‘you know that’s a really good point but did you really try your best to make it work with her?’. If you had a friend giving up a child for adoption would you say ‘I support you no matter what.’ or would you start lecturing her? Amazingly this is what happens to women all the time when we voice our opinions. We are constantly told our perception of reality is wrong. It’s amazing.”

“Even if you disagree with the woman factually on what we should do these issues in tech about diversity just know that her own emotion about that is true. Speaking to that emotion is basic human respect.”

“Would you tell a black person, or a gay person their perception is wrong? No. What amazes me is how freely people feel able to do this to women. It happens to us all the time. The best explanation I can come up for it is I think there is an unconscious bias that men have that is inculcated into them very early on and that everything they say has value and that woman needs their input to kind of make up her own mind about things. I think you see this everywhere in our culture. It’s simply not true.”

“When you respect our points of view, when you let us talk, when you let us be emotionally accurate and honest about what we are feeling. Respecting that is respecting us.”

“If we are having a conversation about promoting women or promoting women or talking about more diversity and instantly some guy jumps into the conversation ‘yeah, no we must hire the best person for the job, it must be this, it must be that, how is it going to affect me if more women get a job, is it going to be fair to me?’, it’s not respectful. This view is the status quo, it doesn’t need to be so over represented as it is in the discussion.”

Ring Theory

“This is good for any issue, not just women in tech issues. It’s called The Ring Theory. In this theory I would be in the centre of the circle, the aggrieved person being spammed, harassed etc. The next layer out would be people affected by this, say my Husband and friends. The next circle out would be my team, etc. As long as you follow this formula you’re never going to say the wrong thing.”


“I don’t have kids. I had no idea about women in tech with children. A few years ago my cofounder came to me and told me she was pregnant. The result of this is I’ve had my eyes opened to the problems in this area and the solutions to this. This is a huge subject you could do a whole talk on. Generally speaking networking in tech is setup for men, by men. Asking a woman with a child to go to a bar at 9pm on a weekday for a networking event isn’t going to work out so well for them. Networking events in general are not very structured to help women with children. My cofounder having a child gave us a much deeper perspective on this whole issue.”


When you need help you turn to your friends and peers in your network. For men these are probably men and for women these are probably women. One of the problems is that guys are not so well networked with women that are engineers or entrepreneurs etc. How to fix? You have to make a deliberate effort to network with women. It takes conscious effort.

Double Standards

“I think that another thing that guys don’t understand is the double standards that women are held to. For instance my company, Giant Spacekat… there is this drastic change in the market, adult women now play more games than teenage boys. For a company like Giant Spacekat that produces games with strong female characters this is a huge opportunity. But one of the big problems that happens is guys see our game and pop it into the mental box of ‘girls game, that’s that company of chix over there’. We’re mentally put in another category. So when I go to talk to bigger players, Sony, Microsoft.. we are discounted in some way. And because of that we face a lot of intertia that guys don’t. It’s a barrier to entry. There’s these structural barriers to keep us out that guys don’t really think about.”

“It’s not that you’re a bad person or that you’re an outright sexist. It’s just these systems – you don’t realise you’re doing it. So if there is one thing I’d ask you to take from today is if you could raise your conciousness about it.”


“One thing that has never happened when I give one of these talks is that I’ve never had someone come up to me afterwards and say ‘I’m part of the problem’. It’s always these other guys. Always someone else doing this stuff. Everyone is awesome, they support women, they really would stop those other people. It doesn’t work like that. I promise you, there are people in this audience today, with all respect they are part of the problem in ways they don’t realise. And as best as I can tell with guys, you put this label on yourself as being a nice person, it’s very painful mentally, psychologically there are mental blocks to admitting there is room for improvement, you’re a nice person. What this does, labelling yourself as a nice person, it stops you from taking any criticism, changing any behaviour. This is a huge barrier women face. What we need from guys it to put away just a little bit of that defensiveness.”

“We can’t change anything if no one thinks they are part of the problem.”

“We all agree that sexism is part of the industry. We all agree that women face barriers. But how can we all agree that this is all here but that no one is a part of it? It doesn’t make any sense.”

“We all have a part to play in making this better. I have a part to play. I try to keep an open mind to other people’s experiences in this industry. We’re talking about women but there are more women in tech than there are black people. There are all kinds of concious biases that keep people out of this area.”

Bri shares an anecdote about a black engineer being left out of tweets streams, so he created a new account with a picture of a cat rather than his face and now he gets more credibility. That’s a real problem.

“We all have a part to play at getting better at understanding the problems other groups face whether they are parents, black people, etc. You’re an entrepreneur, you should know there is no shame in making mistakes. They are inevitable. The problem is not learning from mistakes.”

Death by a thousand cuts

“People think of sexism in tech as like Mad Men, two guys in an office drinking bourbon talking about how ‘Chix can’t code’. That’s not the way it is. But if it were this simple we could solve that. It’s a much more insidious, darker problem than that. A recent New York Times article referred to women leaving tech as death by a thousand cuts. Women do leave the industry at rates 3 times higher than men do. Sexism in tech is not some horrible moment in Mad Men, it’s constantly being told that your opinion about your own life is wrong, it’s being told “you are included, if you get more inclusivity it will affect me”, it’s these little things all day long. If you want to see what I deal with look at my mentions stream on twitter after this. I have a lot of awesome support from a lot of people, but I get harassment non-stop. Every single one of those things is a cut. And I think that what guys may not realise in this field is that in tech very often feels like you are a child again and the boys are in the club house with a big sign up saying ‘nobody else is welcome’. It’s very much what it feels like. It’s like all these little things in the culture that like, push you away.”

“I was playing a really good game this weekend. And what we found after playing it some time and getting emotionally involved in some of the characters is that the game would reward you with some lingerie. And what that sends to women playing the game is “you’re not supposed to be here”. It’s assumed that the player is male. This is told to you all the time in this industry.”

“A friend of mine works at Harmonix” (may not be correct spelling), “and she was sitting in on an interview and the team lead, someone who thinks they are very for women kept on using the male pronoun all the time. My friend call him on it and he still wouldn’t back away from it. That’s just another small thing that says you’re not welcome here.”

Bri shows a slide from WWDC illustrating another problem.


“One of the things is that when we start talking about this I get mansplained to all the freaking time about this stuff. Example: I was at a party this year. Apple had just announced their Metal API. This is something as an Unreal expert I am extremely qualified to talk about. So I had written an article about Apple’s Metal API which basically bypasses the OpenGL layer to do things like particle effects much more efficiently. So I had written this very technical article. I’m sitting there at a party with someone and we having this chat about Metal and this guy starts explaining to me all this stuff about Metal and literally as I am doing this he is quoting the article I have written at me at this party. I call him on it, trying to stop him talking over me. And there’s this awkward bit where he stops, looks at me then keeps on going. It’s a funny story but it’s demoralising when this happens to you all the time. As a woman who leads an entire software engineering team on this it’s often assumed I don’t understand this stuff and it’s very frustrating.”


“Right now we’re on a precipice. We’re about to start seeing big change. More women, more black people, more gay people, more minorities. It’s happening in US startup culture. It’s going to get very different from here. As best as I can tell, and this is my theory about this, I gave a talk at MIT a while back and a friend of mine told me what the reaction after the talk was afterwards. And there was this really introverted MIT engineer was there, he was talking about how scared he was the culture would change. He enjoyed his beers at the bar and was scared that more women would destroy what he liked about the culture. What that guy didn’t understand is the absence of his privilege, the absence of him not having an all male group to hang out with, the absence of his comfort was not oppression, that is equality. It is going to change in ways that make men in this industry have to be more inclusive. But that’s just making it more equal for everyone. That is not oppressing you.”

“I wonder all the time how many guys would last in this industry if they had my job. I had a meeting with a high level person at a company I can’t name a while back and it came up that I was going to be giving this talk and he, literally, someone at a major copmany, starts laughing at the fact that I speak out on Women in Tech issues. That really hurt me. It made me wonder how many guys would last in this field if they had to deal with this all the time.”

“The truth is that tech has been built for men by men from the beginning. This is what my inbox looks like. Shows image of an email with very insulting abusive language of the worst kind you can imagine (Possibly toned down for the conference.) This is a day of the week people. How many of you would truly be able to stay in this field if you had stuff like this hitting you every day? Do you know how demoralising that is? ”

“It is to your benefit to raise your conciousness on these issues. It is to your benefit to get a wider perspective. In 2014 it’s no longer cool to be a homophobe, for instance. If you have a real problem with gay people, that’s going to hurt your career. It’s going to make people not want to work with you. Tech is changing right now. There will be more women here. There will be more inclusivity. It is to your benefit to raise your conciousness on this and get with the times.”

Peer Pressure

“I used to work with a guy and on the day I’d been threatened with rape and my team had been threatened with rape we had this discussion and he said ‘who do I need to beat up?’ and I said that the best course of action was to add his voice to mine. Speak out, say this isn’t cool. He laughed and said that I don’t think I’m any louder than you are. I understand that some of men just want to bow out of this issue and not touch it, it doesn’t personally affect you, but if you have daughters it may make you feel distantly connected, but the truth is if I speak out on this stuff people just disregard me as ‘that angry feminist’. But if guys talk to other guys about this you have a power that I don’t, you are a peer. You are taken more seriously. ”

Martin Luther King preferred outright racists to the “moderate white man” because with a racist you know what you are dealing with. But the moderate white man was happy to accept a slow simmering injustice rather than justice. “I’m telling you right now that the biggest challenge women face is we need guys that are decent people that understand this stuff affects all of us to stand up and help us. Because if you just bow out and say ‘this is not my problem, this doesn’t affect me, I don’t want to get involved, this is going to get anger sent at me’, it’s just perpetuating all this stuff.”

“We run into this all the time. It just makes me crazy, because if you talk about this stuff then you very often get men who come and paternalisticly, they feel like they are in charge of this. It’s so lukewarm. It really hurts.”

Internet Comments

“We’re going through #gamergate right now. So Anita Sarkeesian does a talk at X0X0 this weekend. She’s basically saying the most radical thing you can do to support women in game is to simply believe us when we talk about our experiences. And the response is people not getting it and going after her in the Verge article. This is going on all the time. So the bonus thing you can do to stop hurting and start helping is simply don’t feel like a noble warrior on the other side of the keyboard putting down the women talking on this. And don’t do it online. Every conversation you have on this gets hijacked really quickly.”

Question and Answer

Bri’s talk concluded with 15 minutes of question and answer.

#1 (Peldi, Balsamiq). Should conferences have a code of conduct?

Bri: It’s not important to me. If something happened here I’d go talk to Mark. But many women do feel strongly about it. Just having it and pasting it on the website would get more women at your conference. That’s a better outcome.

#2 (Jonathan, Axosoft). What is gamergate? Could you talk about gamer culture?

Bri: Long story short there is a developer called Zoe Quinn and an ex boyfriend of hers got very jilted at her and created a website with the sole purpose of discrediting and attacking her. What you have is this blowback from this. Gamers feel their identity is under attack. But the reality is that they are attacking and harassing women until they leave the industry. The underlying thing is that as women play more games and women like slightly different games than men do, you have this portion of the gaming market that sets their entire identity as being gamers and they feel like that’s being taken away and they are very defensive about it.

#3 (Speaker is a black man, didn’t provide his name). Thank you for your talk. What I found amazing about your talk is literally every point you mentioned applies to being black. When I talked about that twitter experiment I did it’s amazing at least 10 people told me it had nothing to do with your being black or whatever. People sending me direct messages asking me what’s wrong with me. People sending me emails, people sending me the same type of emails you were showing except with the word nigger, etc, I get pretty much the equivalent of that. So thanks for giving this talk.

Bri: Yes, it’s the same playbook. It is frequently the same people. It’s the same structural issues that black people face in this field. I think we can say it’s at least double digit women in this field but we can’t say that of black people. It’s hard for women, but it’s harder for black people. To get your foot in the door of this tech culture. This is a systematic thing that affects absolutely everyone.

#4 (Austin Dimmer, Effective Computing). Where is you dividing line between the nice understanding guy and making a difference?

Bri: I would suggest that just asking this question means you are not part of the problem. The Supreme Court quote about pornography: “You know it when you see it”. If you are thinking actively about what you need to do to change things you are probably cool. If you’re “I’m perfectly OK, I know what I’m doing, thanks” you’re probably not. That to me is where the line would be.

#5 (Mark). Hi, two daughters. My wife is a physician. She was staying in a residency in Boston. Someone was looking at pornography. She spoke out about it. Everyone else shrugged it off. Now we’re in San Francisco. That “bro” attitude doesn’t exist in SF. Is there another industry with a pattern we can look to to move forward?

Bri: From what I’ve seen of the industry my husband works in I’d say Hard Science is almost half women, half men. It seems me that in that industry women are taken seriously. I don’t have a better example.

#6 (Jo, from Australia). It was Madeleine Albright who said “there is a special place in hell for women how don’t look after other women”. Could you comment on your experience in tech, women against other women?

Bri: I’d love to. This is a difficult issue to tackle. Just because you have a vagina does not mean you are an ally to women. It’s very socially rewarding to be like “oh I’m not like those other women, I’m not gonna cause a problem, just go do your boys thing, and talk about women in graphic detail, I don’t care I’m just one of the guys.”. That is so unbelievably rewarded socially. So it’s very understandable that you have women in this field that disdain this and don’t look out for other women. One of the biggest sexists I know is actually a woman in my field. She’s older, she has literal disdain for other women in the field. Her approach is “I’ve got mine, you’re not getting yours. I’m gonna kind of protect this”.

We’re very programmed to go after each other. If you look at the war between stay at home moms and moms that work it feels that we’re culturally programmed to go after each other. Parents and non-parents, I think we go after each other for these scraps of the pie.

I have a few specific policies that I do because I really believe in supporting other women in this field.

i) Unless its crazily egregious I do not talk smack about other women publically in my field. If I have a problem with them I take it privately. I don’t want to tear another women down in public.

ii) I look to network and introduce other women to opportunities whereever I can. I just started a podcast called isometric on 5×5. Last week we did this thing on how diversity is a literal market demand and how it’s good for you. Our show has exploded. It’s super popular.

#7 (Greg, Bendiworks). One suggestion I have is follow more women on twitter.

Bri: If you listen to different voices you are going to be more informed. You may change your opinion.

#8 (Amy, Techsmith). I’d like to give some examples of things that don’t help. It the subtle thing. It’s being in a meeting and making a valid point and watching it be dismissed. But just speaking up and reinforcing our point is supporting us. That’s what we need more of. Even more infuriating if made the point, it got dismissed then a guy makes the point an it’s accepted.

Bri: I agree. Raise you hand if you’re a woman and had that happen to you. (Lots of hands go up).


A great talk. Made people think. We need more talks like this.

You may be thinking to yourself “I’ve never witnessed such awful behaviour to women, or blacks… is this really happening?”. I’m in the same place. I’ve never witnessed such behaviour. Wonderful. That’s a sample size of one. It’s meaningless. It’s effectively an opinion formed by your own experience. That doesn’t mean it isn’t happening elsewhere.

When we hear of world events (competitions, elections, wars…) we don’t react with “I’ve never seen that, that isn’t happening” do we? I know people that I’ve met in this industry that are affected by these issues. It’s very much real. And that hurts me a great deal. The fact that Kathy Sierra, a top of the tree expert in her domain can’t be a part of the community on twitter is, well, words fail me.

The people that discriminate, harass, troll etc. They aren’t just ruining that one person’s life, they aren’t just damaging that one person’s career, they aren’t just damaging that one person’s family, they damage the entire community because that person, their knowledge, their input is lost to the community, to the industry. That feeds out into lack of input on real world projects, commercial and non-profit. And ultimately retards the progress of our world.

I care about this stuff. It matters. And it should matter to you to. Just because you haven’t witnessed it doesn’t mean it isn’t happening.

Or, of course, you can pass and say this isn’t happening. Know this, if you do that you are wilfully ignorant.

(Kathy has posted an article today about trolling and harassment which you can find on twitter. I’m not linking to it here as the post won’t be up for long and is not linked to from her own blog. You can find it using #seriouspony).


Follow some women devs on twitter.

Not all women post a lot. Some don’t want the aggravation it may bring. But some women do post a lot. Follow them. You don’t have to interact if you don’t want to. Just pay attention to what they tweet. Quite often it’s a precis of what’s happening to them right now. You’ll be shocked and appalled by it. And that will educate you. Then come back and re-read this. You’ll have a deeper appreciation of the problem. I’ve learned more about the problems transexuals face by following a friend on twitter than any other method. This applies to any topic you want to know about – follow people involved in that topic.

I’m not going to tell you who to follow, but if you want some suggestions, take a look at myself (@softwareverify) and Mark Littlewood (@marklittlewood) on twitter and see who we follow. Mark follows many more people than I do. Both of us follow some outstanding women.

Further Reading


Visual Studio 2014 CTP

By , August 12, 2014 3:54 pm

A few months ago Microsoft released the Community Technology Preview of Visual Studio 2014, also known as Visual Studio 2014 CTP.


Because this is a community technology preview it only runs on Windows 8. Microsoft recommend that you do not install this on any machine that is important to you. This caused me some frustration. I had any number of Windows 7 machines I could have put this on, but Windows 8 machines – the ones we have are being used for important tasks. This meant creating a VM I could use. I spent probably the best part of 2 weeks futzing around before I finally got a Windows 8 VM working that would succeed in installing Visual Studio 2014 CTP. I tried creating virtual machines from other virtual machines, creating virtual machines from existing Windows 8 machines. All failed.

The only thing that succeeded was with a brand new Windows 8 install from DVD followed by installing Visual Studio 2014 CTP. And even then for the install to succeed it had to be a web install. The download and .iso, burn it and install from that always failed (just like for 2012 and 2013).

As with 2012 and 2013 before the install process is horrible and un-informative. Gone are the days of an install dialog that tells you what it’s doing and that has a useful progress bar. Now we have these “I’m doing something bars” which tell you nothing about how far through you are and only serve to tell you that the thread that is running the animation hasn’t crashed. I hate these things. I really do. It’s an awful user experience.

The install dialog does tell you what it’s doing at each stage – but nothing while it’s doing it, so you have no idea it’s progressing or has hung. I’ve had so many failures installing 2012, 2013 and 2014 that I don’t trust the installer. And trying to uninstall any of them, that always fails. I know 2014 CTP is a preview but 2012 and 2013, they are released software.

User experience

This is the next version of Visual Studio, following on from 2012 and 2013 and continuing with the same theme, that very toned down, hard to use, monotone look, although you can choose the “blue” theme. Why they do this I have no idea. Apple excel at UX and at one time it appeared Microsoft did, but now it’s make everything as hard to use as possible. Colours on icons add information, so don’t take that away! (*) They seem to have got the message on mixed case text though. ALL CAPS is gone.

* I gave up with my Windows Phone because of the icons, it was a great phone except for that crucial bit of UX – I was continually guessing at what the icons meant, I could never be sure – no ease of use.

Version Number

The version number for Visual Studio 2014 CTP is 14.0. This is a change to the natural sequence which would have been 13.0.

This means the C Runtime and MFC dlls end with 140.dll, 140u.dll, 140ud.dll, etc.

What’s new? C Runtime DLL

If you’re a C/C++ developer the big news is that msvcrNNN.dll is gone. The old naming convention for the Microsoft C runtime has been done away with.

The new C runtime DLL is appcrt140.dll (and appcrt140d.dll for debug builds).

Other DLLs that ship with it are desktopcrt140.dll, msvcp140.dll, vccorlib140.dll and vcruntime140.dll

Full list of candidate redist DLLs:

  • appcrt140.dll
  • desktopcrt140.dll
  • msvcp140.dll
  • vccrlib140.dll
  • vcruntime140.dll
  • vcamp140.dll
  • mfc140u.dll
  • mfcm140u.dll
  • mfc140chs.dll
  • mfc140cht.dll
  • mfc140deu.dll
  • mfc140esn.dll
  • mfc140fra.dll
  • mfc140ita.dll
  • mfc140jpn.dll
  • mfc140kor.dll
  • mfc140rus.dll
  • vcomp140.dll

What’s new? DTE

If part of your work involves getting the Visual Studio IDE to do anything you want, such as opening source files for editing then you’ll be working with the Visual Studio DTE. The new DTE number skips a version and jumps from 12 to 14. So you’ll want:


Debug memory guard structure, x86

The debug implementation of the C runtime heap uses a linked list with helpful debug information and two guard regions before the debug header and after the allocated data. The helpful debug information sits in the debug header with the linked list pointers. Beginning with the introduction of the 64 bit support this header was modified to swap two data members (size and blockUse) around to improve the memory usage for 64 bit systems (alignment on 8 byte boundaries). This was handled via conditional compilation so that the data members remained in the original order for use on 32 bit systems.

That conditional compilation element has gone! This now means code that inspects the debug heap for 32 bit systems needs to know if it’s working with a heap layout that pre dates Visual Studio 2014 CTP or is from Visual Studio 2014 CTP. Failure to understand this heap layout change will likely result in code that inspects the heap and reports incorrect block sizes and/or corrupt data blocks when the data blocks are not corrupt.

This is a serious change. It’s also an obvious step to take. Visual Studio 2014 CTP cannot read debug symbols created with Visual Studio 6. This layout change also puts paid to debug heap support from that era. Along with dropping (or trying to drop!) support for Windows XP this is another sign that although many people are still using older operating systems (*) (and compilers) Microsoft is sending a sign that they really do want to drop the older way of doing things.

(*) Every now and then we field support questions asking if we still support Windows 2000 (yes), Windows XP Embedded (yes) or Windows CE (no).

Low level detail

The compiler continues to create ever more optimized code. As with some of the Windows 7 service pack releases we’ve noticed some optimized code sequences that do things differently to before. Visual Studio 2014 CTP doesn’t ship with source or symbols to APPCRT140.DLL (although you can get the latter from Microsoft’s symbol servers) so it’s hard to tell what’s going on inside the new C Runtime. But it’s clear it’s a new architecture and way of doing things. Many functions that once would have been called by linking to them and the call being redirected through the Import Address Table are now passed to a lookup helper function that does some sort of encryption, calls GetProcAddress, does more encryption and then passes the function back to be called. Why do I mention encryption? Because the function names hint at that. It’s quite a change from how things used to be done. Why it’s being done I can’t say, we don’t have the source to examine and I haven’t tried to reverse engineer the functions. These are just comments about things I noticed while I was investigating some unexpected behaviour as we were adding support for Visual Studio 2014 CTP to our C++ tools.

Updated – A day later!

Just after we published this article James McNellis from the Microsoft Visual C++ Team Blog contacted us to let us know a few things.

  • Apparently source code for the C Runtime is available but the reason you don’t see it in the debugger is because the symbols files on Microsoft’s symbol servers have been stripped – they only have function names but not filenames and no line numbers.
  • A solution to this is to build your C/C++ application linked statically to the C Runtime. This gives you symbols to examine the C Runtime. We didn’t notice this because the only occasions when we ran into any problems with our ports was working with code dynamically linked to the C Runtime.
  • Two articles detailing why the changes have been made have been posted to the Visual C++ Team Blog. These articles are worth a read and show that their thinking is looking forward many years into the future, mainly with an eye on improving things for developers and security issues. These articles are:

When you understand the refactoring and the desire for a wider platform support you can understand the reason for looking up functions by GetProcAddress() and calling the result rather than linking to them. Thanks to James for reaching out and letting us know their thinking.

From the above articles the standout thing for me is that most people will (for the short term at least) want to compile with _CRT_STDIO_LEGACY_WIDE_SPECIFIERS defined so that <tchar.h> continues to provide the string functions your code expects and not the C99 standard implemented in Visual Studio 2014.


Download problems, an apology

By , June 5, 2014 11:23 am

The last two software releases have not been as smooth as usual. To put it mildly there have been problems.

I’d like to apologise for the inconvenience we may have caused you. I’d also like to explain why these problems happened and what we are doing to put it right.

With the previous software release we supplied the correct binaries but the licence information was incorrect. With the current release the problem reversed itself – wrong binaries, correct licence information. Neither helps. Both problems were caused by different issues.

Problem 1 – case (in)sensitivity

We develop on Microsoft Windows, which has a case-insensitive filesystem. Our webserver runs Linux, which has a case-sensitive filesystem. This can cause problems. Especially when a file with incorrect case is uploaded to the webserver by mistake. The result is two files with similar names rather than one file. Consider a file memoryValidator.inf. If we upload memoryvalidator.inf to the server it won’t replace memoryValidator.inf (as it would on a Windows machine) but will co-exist in the same directory as memoryValidator.inf. When this happens out of date version information (which is stored in memoryValidator.inf) is read because the new version information is in memoryvalidator.inf (incorrect casing).

The above has caused problems with incorrect (out of date) version information being supplied alongside correct binaries.

Problem 2 – a tale of two installers

Our x64/x86 installer actually installs two installers – one for the 32 bit binary and one for the 64 bit binary. As such there is an order dependency – build 32 bit installer, build 64 bit installer, build the x64/x86 installer that installs the 32 bit and 64 bit installers. You must build the x64/x86 installer last. If this happens out of order for any reason you can have problems as the 32 bit installer or 64 bit installer may be out of date.

Why have these problems only surfaced just now?

2014 has been a rather unusual year for us. We’ve had numerous hardware failures, lost two months of email due to a disk encryption issue and had these software release issues. The hardware failures meant we had to move the email and software release systems over to new machines. The software release system has been moved twice. Prior to moving the software release system we’d ironed out all the problems by carefully arranging everything. The problem with that is that it requires human memory to adjust the special case issues every time you change things. We’ve now changed our release procedure to include additional software rule-based checks to ensure the process of doing a release is less error prone.


If you have been affected by this problem please login to your account and download the new binary that is available. Please ensure your browser doesn’t cache the file download and provide you with the previous version of the binary.

We’ve updated our software release controller software to include additional rules to check for incorrect build order. The webserver will be getting additional rules for case sensitive file name checking.


I sincerely hope the problems of the last two weeks are the last we’ll have to do with software releases. They cause inconvenience for you and cause me a lot of stress. I look forward to a return to our usual release process.


An End to Unwanted UAC prompts

By , May 25, 2014 7:29 am

We have just updated all of our software tools so that they no longer require administrator privileges to run. No more unwanted User Account Control prompts!

I’m going to explain why we used to require administrator privileges, why we’ve removed that requirement and what impacts that has for you the user of the software.

The past: Our software tools up until 24 May 2014


If you’ve ever used our tools on Windows Vista, Windows 7 or Windows 8 you’ll know that our tools required Administrator privileges to run.

Because of this each time you start the software you are faced with a User Account Control dialog. There is a pause, the screen darkens and then the User Account Control dialog is displayed. You can’t do anything other than interact with this dialog. It’s a “Yes I want to run this. No I don’t want to run this.” deal. But of course you want to run this software, you just started it. Hal really should open the pod bay doors.

This gets even more frustrating if you’ve used our command line interface to automate your testing or if you need the software under test to run without administrator privileges.


The ideal scenario would be for the software to run without requiring administrator privileges, just like most applications on your computer. This would improve the usability of the software, make automated testing smoother and just be better all around.

Reasons for change

When our tools require administrator rights to run there are multiple consequences of that requirement:


  1. A User Account Control dialog is displayed, interrupting the user’s flow.
  2. Automated tests require someone present to approve each tests’s run because a User Account Control dialog is displayed. This either partially or completely defeats the purpose of automating the tests.
  3. The software under test is now run with Administrator privileges. For most applications that isn’t an issue but for some applications this is not the correct privilege level for that application to run at.

The first issue isn’t ideal and adds frustration to the user’s life.

The second issue is horrible.

The third issue is a deal breaker for the few people that must test their application’s at a specific privilege level.

As you can see we had to change this state of affairs.

Working without Administrator Privileges

When running the software without administrator privileges the only thing you’ll notice is no administrator privileges. You can launch and monitor applications without administrator privileges. You can also monitor services that are linked to the NT Service API associated with the tool without administrator privileges. Only the Inject into Application and Wait For Application functionality (C++ tools only) prompt you for administrator privileges. Other than that the software works the same as usual.


If you run the software without administrator privileges the software will communicate with SVLAdminServiceX86 or SVLAdminServiceX64 as appropriate. The service will do the work required.

The C++ tools now work with desktop application, services running on LocalSystem account and services running on LocalService account.


You can still right click the software and run the software with administrator privileges. If you choose this the software will behave exactly as it did in the previous release, it will do all the actions itself and not ask the SVL Admin Service to do the work.

If you want to Inject into a running process or Wait for an application to start we can still do that with the C++ tools but you will need to run with administrator privileges to do that. This is principally because CreateRemoteThread from a service doesn’t work when the target application is not running in the same Windows session. This is a Windows security improvement. Until we can provide a workaround for this these two activities require administrator privileges. The software will automatically prompt you for this process elevation.

Similarly if you launch an application using CreateProcess (the recommended method) you don’t need administrator privileges. But if you choose any of the other options you will be prompted for administrator privileges.

Why did we require administrator privileges?

Our software tools are dynamic analysis tools that analyse the behaviour of software at runtime. As such our tools use a variety of techniques to invade the user space of the software under test and to communicate the collected data back to the user interface. If the software is a desktop application then different security environments are in force compared to if the software is a service. When dealing with a service such as Internet Information Server then you are dealing with a very locked down process. Some of these processes are very hard to interact with. You may be able to inject into the process but then not communicate with the user interface.

To cope with this early versions of our software simply used global shared memory (prefix the shared memory name with \Global) and ran with appropriate debug security privileges. This worked really well. Then came Vista with the new security regime. I’m sorry to say that our initial response was lazy. We simply put admin privileges on everything as a temporary workaround until we could get around to fixing things so they’d work without admin privileges.

So what happened? We got side tracked. We spent a lot of time focussing on other things, supporting different operating systems, different Visual Studio, porting the software to 64 bit, floating licences, improving the UX of tools like C++ Coverage Validator. And because we were at the time developing on Windows XP x64 we didn’t feel the pain of using the new security regime all the time. We’d use Windows 7 for our email machines, personal laptops and for testing but not for daily development.

Why were we using Windows XP x64? The answer is simple. The compressed start menu on Windows 7 is harder to use than the flyout menu on Windows XP. The search functionality on Windows XP is so much easier to use than that built into Windows 7, especially if you are searching for words inside a document (think Visual Studio project, manifest, source code, etc). Yes I know Windows 7 search has great power built into it, but it’s slow, hard to use as it’s crammed into one tiny window and in my experience often doesn’t work. Whereas the Windows XP search experience is simple, easy, reliable and fast (three fields, file name, content to search for, where to search). Sadly Microsoft has made search on Windows 8 even worse (right click on a search result and if you open the location you lose the search results – how is that useful?). And of course the start menu has gone.

Anyway, as the end date for Windows XP support, April 8th, loomed we started getting queries about our software that we’d never fielded before. Most were related to the User Account Control issues already described. People who had been using Windows XP and Windows XP x64 for development were abandoning ship, moving to Windows 7 or Windows 8. By the time we got to the start of March I knew we had to drop everything we were doing, annoy some of our existing customers by putting certain work on hold, and make our software run without administrator privileges. No User Account Dialogs!

Usually we issue one or two software releases per week. Or maybe one every two weeks. Our last software release was March 19th, over 10 weeks ago. This has been the longest break between software releases we’ve ever had. The scope of the work has been huge. We’ve had to write a service that the software talks to to do anything that would normally require administrator privileges. Then we had to identify every area that was impacted by the change in privilege levels. This meant some areas of the software had to be completely re-written. For example our Registry handling software now also has to be able to write to files and memory so that we can pass that data to the service so that the service can populate certains parts of the Registry on behalf of the software tool. Another area that has changed is shared memory. You can no longer just prefix everything with \Global and expect it to work. As such shared memory handling has had to change. This is particularly important if you are working with services. Copying files to certain locations is no longer possible. Writing files to certain locations is no longer possible. All these things we’ve had to address. We’ve had to update the installers to correctly install the service (and uninstall it first if we’re replacing it with an updated version). We’ve had to test on Windows XP, Windows x64 (to ensure our XP customers still get the experience they expect) and on Windows 7 and Windows 7 x64, Windows 8 to ensure everything works correctly. The different security handling for services between XP and Windows 7/8 causes some interesting problems to be worked around. We’ve tested everything to bits.

And along the way we’ve re-factored some of our software and also exposed and fixed some low level bugs in our hooking software (some of which are a side effect of recent optimisations in the way Microsoft build their operating system DLLs). Error reporting on the Diagnostic tab has improved.

Weren’t we dog-fooding?

You might think we weren’t dog-fooding. That is, using our own software to test our software. Yes, we do use our own tools.

But we were not using our tools in an environment that would cause these issues to be apparent to us. We had chosen to eat at our favourite restaurant rather than at the best restaurant in town. Having just spent two weeks on a cruise ship this analogy is sound, we quickly concluded that we preferred the Bistro over the fancy restaurant.

In fact we had deliberately chosen Windows XP x64 because we found it easier to use for the reasons already stated. In hindsight, although this was a good choice for ease of development it was a poor choice from the point of view of experiencing what the bleeding edge of our customers use.

Our new development environment

Our current development environment is Windows 7 but we’ll be moving to Windows 8 as soon as the new machines arrive. For Windows 8 we’ll be adding the Stardock Start8 Start menu. We’ve also written some search tools that although crude, allow us to search files more easily than using Windows 8 built in search functionality. We’re writing more tools to make our development work easier, even as Microsoft’s own UX efforts make what we want to do harder.


The move from administrator privileges required has been a time consuming, challenging experience. We’ve learned a lot along the way and had to change how our software works. However the result is that you, our customers, the users of our software now have an easier time using the software. I hope you agree the effort was worth it.


When things go wrong

By , January 16, 2014 1:10 pm

Sometimes you do things with the best of intentions and it all goes wrong. This week has been like that.


It all started out with the simple idea that we’d like to try to create a bit more business by contacting past customers that didn’t renew their software maintenance and see if they wanted to renew.

We’d had some feedback from some customers that they had missed the renewal notices that are included with their software updates and that they would appreciate a separate email from us to inform them. We took this feedback and created some appropriate emails that are sent 90, 60, 30 days in advance of the renewal date. We also send some email after the renewal date for a short period.

So far so good. Nothing wrong with keeping existing customers in the loop.


The problem occurred when we thought about the customers that had not renewed. Was it an error, an oversight or deliberate? Well of course we don’t know. I think the initial idea may have been to contact customers whose maintenance had expired just over 1 year ago. That’s borderline OK. CRM solutions such Hubspot, Act-On etc all recommend 1 year as the cut off threshold for contacting customers. Anyone over a year, you don’t contact. The reason we were going just over a year was to do with when we’d first introduced paid software maintenance. It fell just over a year.

We also thought that contacting these customers would be a good opportunity to get some feedback about why they hadn’t renewed. Where we doing something wrong? Or had their career changed? etc.

I produced lists of customers, organised by software product whose maintenance expired. The lists included their name, email address and maintenance expiry date. The intention was that customers would receive a personalised email that identified the product they used and did they know their maintenance had expired?

What actually happened

Normally we email customers evaluating our software in HTML email via our Hubspot account.

Customers that have purchased our software received email in plain text or very simply HTML email.

But customers receiving the maintenance renewal email received a HTML email in a different format to our normal Hubspot format, not sent via our Hubspot account, sent from an email account our customers have never heard of, with an incorrect email address in the body of the email. The emails were not personalised, not were they specific to the software tool the customer had purchased. In addition some of the email addresses in the list shouldn’t have been in the list. As a final nail in the coffin of getting this wrong, the emails were sent to customers well outside of the time boundaries initially specified.

I don’t think we could get it much more wrong if we tried. Well, I suppose we could have included some Not Safe For Work or some malware, but short of doing that we got this as wrong as we could have done. Very embarrassing. I’ve been writing email apologies to people left right and centre the last few days.

The Result

Some people unsubscribed. No problem. We expected that some people would. Turns out some people were using different languages or made larger changes in their career and no longer needed our tools.

Some people emailed asking if it was a phishing scam (mainly due to the format, incorrect email address, unusual sending email address, etc).

Some people complained that we were horrible unscrupulous people. Ouch.

In summary, we annoyed some people by being inept at this particular task. We could have done this so much better. And I’m embarrassed by it all.

If you have received one of these emails I humbly apologise. It won’t happen again.


As a result of this unintended email episode I’ve created some basic rules. We’ll probably extend these rules as we go.

  • If you can’t personalise it, don’t sent it.
  • If you can’t specify which product you are emailing about, don’t sent it.
  • Don’t send generic, catch-all emails. See previous two points.
  • Ensure all emails are within the date range you intend. Double check them.
  • Don’t accept excuses from marketing for why things are being done a particular way.

The whole purpose of this task was that apart from generating the lists it wouldn’t involve me and I could get on with the technical side of running the business. It hasn’t worked out that way. I’ve had to spend time reviewing other’s work, accepting their reasons for why this way or that way. I’ve paid for their labour and now I’m writing an article about what went wrong.

Email Addresses

All email addresses used were sourced from our own customer lists.

We don’t buy email lists. We don’t sell them either. We regard buying or selling email addresses as Bad for Business.


64 bit C++ software tool Beta Tests are complete.

By , January 9, 2014 1:33 pm

We recently closed the beta tests for the 64 bit versions of C++ Coverage Validator, C++ Memory Validator, C++ Performance Validator and C++ Thread Validator.

We launched the software on 2nd January 2014. A soft launch, no fanfare, no publicity. We just wanted to make the software available and then contact all the beta testers so that we could honour our commitments made at the start of the beta test.

Those commitments were to provide a free single user licence to any beta tester that provided feedback, usage reports, bugs reports, etc about the software. This doesn’t include anyone that couldn’t install the software because they used the wrong licence key!

We’ve written a special app here that we can use to identify all email from beta test participants and allow us to evaluate that email for beta test feedback criteria. It’s saved us a ton of time and drudge work even though writing this extension to the licence manager software took a few days. It was interesting using the tool and seeing who provided feedback and how much.

We’ve just sent out the licence keys and download instructions to all those beta testers that were kind enough to take the time to provide feedback, bug reports etc. to us. A few people went the extra mile. These people bombarded us with email containing huge bugs, trivial items and everything in between. Two of them, we were on the verge of flying out to their offices when we found some useful software that allowed to us to remotely debug their software. Special mentions go to:

Bengt Gunne (
Ciro Ettorre (
Kevin Ernst (

We’re very grateful for everyone taking part in the beta test. Thank you very much.

Why didn’t I get a free licence?

If you didn’t receive a free licence and you think you did provide feedback, please contact us. It’s always possible that a few people slipped through our process of identifying people.

Dang! I knew I should’ve provided feedback

If you didn’t provide us with any feedback, check your inbox. You’ll find a 50% off coupon for the tool that you tested.


Panorama Theme by Themocracy