bugs
Installing Helvetica Neue Fonts with Google Chrome on Windows considered harmful
A few days ago, I visited the Xamarin.com website and noticed this. The word "Pricing" looks like "Prioing."
It's not an illusion. It looks wrong in Google Chrome. See this zoomed-in shot.
_2.png "The C looks like an O in Chrome")
Here's the same menu in IE. Note the subtle"bites" that have been taken out of the g and s, but the c is OK. The hinting is OK, but the font is somehow "wrong."
Windows task manager shows wrong CPU Speed when using Hyper-V
My buddy Damian and I both recently bought the Lenovo X1 Carbon Touch. It's got Intel SpeedStep technology so it changes the CPU speed dynamically based on load. These two laptops of ours are identical. However, here's Damian's Task Manager when mostly idle.
Here's mine.
_3.png "His speed is 2.49 GHz")
What the heck is going on? His CPU is reporting 0.60 GHz of a potential speed of 2GHz, indicating that the chip has chilled out. Mine is reporting "full speed ahead!" at a speed that it doesn't even support, 2.49GHz!
We went around and around on this for a while until we realized that I had turned on Hyper-V Virtualization for Windows Phone Development and my Ubuntu VM. He hadn't.
Help your users record and report bugs with the Problem Steps Recorder
A few weeks back I ranted in Everything's broken and nobody's upset and it found its way around the web. Some called it a poorly organized straw man and others felt it was a decent jumping-off point for a larger discussion about software quality. It was likely both of these and more.
On the subject of bug reporting, there's a wonderful gem of a program that ships with Windows 7 and Windows 8 that you and your users can use to report and record bugs. It's the Problem Steps Recorder and it's like TiVo for bugs.
Hit the Start button and type either "Steps" or even "PSR" or to run the Problem Steps Recorder.
A Bug Report is a Gift
There were lots of reactions to my blog post Everything's broken and nobody's upset. Some folks immediately got the Louis CK "Everything's Amazing and Nobody's Happy" reference. Some folks thought it was a poorly worded rant. Some folks (from various companies) thought I was throwing developers under the bus, accusing them of not caring. Others saw a meta-goal and started a larger discussion about software quality.
The questions I asked were these...but the most significant one was added a few hours later, suggested by a reader.
FormsAuthentication on ASP.NET sites with the Google Chrome Browser on iOS
A few people have said that they have noticed problems the new iPhone/iPad Google Chrome apps as well as trouble with applications that use hosted Safari inside of UIWebView (which is what Chrome is) or apps that host a website in PhoneGap. If you're using FormsAuthentication (in WebForms or MVC, doesn't matter) then Google Chrome for iOS might switch FormsAuth to Cookieless mode, which sucks for everyone.
This has been fixed in .NET 4.5 and you won't see this problem if you have .NET 4.5 installed, even if you're running a .NET 4 application. For example, Bing.com is running .NET 4 applications under .NET 4.5 RC and wouldn't see this. If you install 4.5 (now or later) ASP.NET will always assume clients support cookies.
If you want to tell ASP.NET 4.0 or earlier that EVERY browser supports cookies for FormsAuth you can do ONE of these things:
1. Change Generic.Browser for your app (or machine)
Make a file called generic.browser in a folder called App_Browsers and put this in it:
Free Public WiFi is A Zombie Network
In our residential apartment building my iPod Touch usually connects to a network called "Free Public WiFi" whenever I step into the lobby. The same "Free Public WiFi" is also available below my office building and it turns out that it is available in several other places including airports and restaurants.
However, connecting to this "Free Public WiFi" does not give you access to an internet, puzzling? Well, the Free Public WiFi is not actually a internet network and is a bug which exists in an older version of Windows XP.
Dealing with Images with Bad Metadata - Corrupted Color Profiles in WPF
Creating a Twitter client is a really interesting exercise in application development because, amongst many reasons, it's taking input from effectively an infinite number of people and places. Never trust user input, right? Input to your application comes not only in the form of text, but also images. Writing a Twitter client is effectively writing a web browser that only browses one website. Getting a browser stable is hard.
Long Zheng, Raphael Rivera and the MetroTwit team (MetroTwit is a lovely new Twitter client) have hit an extremely interesting crashing bug. The input comes in the form of a corrupted JPG image from the web.
Here's the bad image. Looks like a picture some folks speaking on a panel. However, even though this image looks fine, this specific binary version of it has a corrupted Color Profile.
Sometimes folks don't realize that image formats contain lots of metadata that you can't see. Your JPGs may show what camera you used, what lens, what settings, possibly even the geo-coordinates of where you took the picture!
Google now awards bug hunters up to $3133.7 for Chrome bugs
Mozilla has recently upped its bug bounty -- meaning that any critical security bug you found and disclosed to Mozilla could net you a cool $3000.
Not to be outdone, Google has just announced that it will be awarding up to $3133.7 for critical bugs. This is not only $133.7 over what Mozilla offers, but also an obvious play on the word "elite" in h4x0r-speak. It's also a typical example of Google's nerdy sense of humor.
If you look at the bigger picture, as ThreatPost has done in their coverage of the issue, you will see that this actually represents the beginning of a paradigm shift in the security world. Up until now, "security researchers" (which is, pretty much, a clean name for hackers) had a tough moral dilemma: Do I take this security hole to Microsoft (or Google, or Mozilla, or Apple) and quietly wait until they fix it while getting little to no pay and recognition? Or do I go to the black market and sell it to an evil group who will give me $50,000 and use it to publish a zero-day exploit that takes the world by storm?
This is a tough call for some to make, but fortunately, Google and Mozilla are making it a bit easier to be "the good guy." Hopefully, other companies will follow suit.