In my post about Printf Tricks a couple of years ago,
I mentioned that "%n is dangerous and disabled by default in Visual Studio 2005."
I got email today from someone who was porting a large codebase to VS 2005.
He was getting an assert from %n and he needed a way to get past it.
He intends to fix the uses of %n when he has a chance.
I spent several minutes digging around in MSDN and came up with
set_printf_count_output. Wikipedia's Format string attack page
led me to Exploiting Format String Vulnerabilities, which
describes in detail how %n (and %s) may be exploited.
In short, if you …continue.
I blogged before about KeePass, a free password manager utility.
A few minutes ago, I added the 200th entry to my password database,
when I registered to download VMware Server.
At one point or another, I've registered on a hell of a lot of websites.
I also use KeePass to keep track of credit card numbers,
software registration keys, and so on.
KeePass not only lets me use distinct, strong passwords for each site,
but it also lets me remember which sites I've registered on.
Some sites want me to use my email address;
others prefer an alphanumeric username.
One friend reliably informs me that KeePass runs just fine …continue.