A little laughter...

Alex_Ionescu-2 · May 16, 2006, 5:35am

Hi all,

Well, I hope posting this doesn’t get me in trouble… this gave my
co-workers and I quite a laughter today:

http://en.wikibooks.org/wiki/Image:RevEngMSArch.JPG
http://en.wikibooks.org/wiki/Windows_Programming/Windows_System_Architecture

My favorite tidbits:

“NTDLL contains a number of kernel-mode functions that implement much of
the functionality of the Windows API”
“WIN32K.SYS is similar to NTDLL.DLL”
“In a Windows function, typically the programmer provides function
pointers to the system, and Windows will make calls into your program.”
“Developers working on writing device drivers for window are frequently
only allowed to use the Kernel-mode functions in NTDLL”

I really hope nobody starts developing drivers based on such “information”.

Best regards,
Alex Ionescu

OSR_Community_User · May 16, 2006, 6:07am

I enjoyed this post. Since it’s a wiki, perhaps you should update it
(fix it). My favorite was:

W2K - “It possesses an Application Programming Interface that consists
of thousands of mostly undocumented GUI functions”, yeah,
I think MS needs to document some of these w32 gui api’s :-)…

All these “Hello World” apps must be some cruel joke .

Alex Ionescu [397670] wrote:

Hi all,

Well, I hope posting this doesn’t get me in trouble… this gave my
co-workers and I quite a laughter today:

http://en.wikibooks.org/wiki/Image:RevEngMSArch.JPG
http://en.wikibooks.org/wiki/Windows_Programming/Windows_System_Architecture

My favorite tidbits:

“NTDLL contains a number of kernel-mode functions that implement much of
the functionality of the Windows API”
“WIN32K.SYS is similar to NTDLL.DLL”
“In a Windows function, typically the programmer provides function
pointers to the system, and Windows will make calls into your program.”
“Developers working on writing device drivers for window are frequently
only allowed to use the Kernel-mode functions in NTDLL”

I really hope nobody starts developing drivers based on such “information”.

Best regards,
Alex Ionescu

Questions? First check the Kernel Driver FAQ at http://www.osronline.com/article.cfm?id=256

To unsubscribe, visit the List Server section of OSR Online at http://www.osronline.com/page.cfm?name=ListServer

OSR_Community_User · May 16, 2006, 6:51am

> File:RevEngMSArch.JPG - Wikibooks, open books for an open world
I assume that the misconception about NTDLL might come from the fact that
NTDLL is the only UM module listed in the kernel list of loaded modules
(which is being used during hooking, for example).

But indeed it's quite a funny text ... and the description of the picture
("a quick and dirty diagram of Microsoft Windows architecture.") fits quite
well ...

Thanks for sharing,

Oliver

--

May the source be with you, stranger

ICQ: #281645
URL: http://assarbad.net

Maxim_S_Shatskih · May 16, 2006, 11:05am

I think that this article was written by some VB.NET or PHP developers

Maxim Shatskih, Windows DDK MVP
StorageCraft Corporation
xxxxx@storagecraft.com
http://www.storagecraft.com

----- Original Message -----
From: “Alex Ionescu [397670]”
Newsgroups: ntdev
To: “Windows System Software Devs Interest List”
Sent: Tuesday, May 16, 2006 1:34 PM
Subject: [ntdev] A little laughter…

> Hi all,
>
> Well, I hope posting this doesn’t get me in trouble… this gave my
> co-workers and I quite a laughter today:
>
> http://en.wikibooks.org/wiki/Image:RevEngMSArch.JPG
> http://en.wikibooks.org/wiki/Windows_Programming/Windows_System_Architecture
>
> My favorite tidbits:
>
> “NTDLL contains a number of kernel-mode functions that implement much of
> the functionality of the Windows API”
> “WIN32K.SYS is similar to NTDLL.DLL”
> “In a Windows function, typically the programmer provides function
> pointers to the system, and Windows will make calls into your program.”
> “Developers working on writing device drivers for window are frequently
> only allowed to use the Kernel-mode functions in NTDLL”
>
> I really hope nobody starts developing drivers based on such “information”.
>
> Best regards,
> Alex Ionescu
>
> —
> Questions? First check the Kernel Driver FAQ at
http://www.osronline.com/article.cfm?id=256
>
> To unsubscribe, visit the List Server section of OSR Online at
http://www.osronline.com/page.cfm?name=ListServer

cristalink-2 · May 16, 2006, 4:19pm

So what’s really wrong with that? Some brave author took the trouble to
explain unexplainable messy Windows kernel, for free. In general, the
explanation is more or less correct, for those this article is intended for.
Obviously, these are not kernel developers. Instead of laughing, write a new
article or edit the current one, and we will see if you got it right.

–

“Alex Ionescu [397670]” wrote in message
news:xxxxx@ntdev…
> Hi all,
>
> Well, I hope posting this doesn’t get me in trouble… this gave my
> co-workers and I quite a laughter today:
>
> http://en.wikibooks.org/wiki/Image:RevEngMSArch.JPG
> http://en.wikibooks.org/wiki/Windows_Programming/Windows_System_Architecture
>
> My favorite tidbits:
>
> “NTDLL contains a number of kernel-mode functions that implement much of
> the functionality of the Windows API”
> “WIN32K.SYS is similar to NTDLL.DLL”
> “In a Windows function, typically the programmer provides function
> pointers to the system, and Windows will make calls into your program.”
> “Developers working on writing device drivers for window are frequently
> only allowed to use the Kernel-mode functions in NTDLL”
>
> I really hope nobody starts developing drivers based on such
> “information”.
>
> Best regards,
> Alex Ionescu
>

OSR_Community_User · May 16, 2006, 7:32pm

I am *not* speaking for the company, but those articles are inaccurate
at best, and you can find plenty of good information on NT architecture
with a search engine or on MSDN, rather than relying on an inaccurate
wiki article that is clearly at about the same level as a phone doodle.

-----Original Message-----
From: xxxxx@lists.osr.com
[mailto:xxxxx@lists.osr.com] On Behalf Of cristalink
Sent: Tuesday, May 16, 2006 1:20 PM
To: Windows System Software Devs Interest List
Subject: Re:[ntdev] A little laughter…

So what’s really wrong with that? Some brave author took the trouble to
explain unexplainable messy Windows kernel, for free. In general, the
explanation is more or less correct, for those this article is intended
for.
Obviously, these are not kernel developers. Instead of laughing, write a
new article or edit the current one, and we will see if you got it
right.

–

“Alex Ionescu [397670]” wrote in message
news:xxxxx@ntdev…
> Hi all,
>
> Well, I hope posting this doesn’t get me in trouble… this gave my
> co-workers and I quite a laughter today:
>
> http://en.wikibooks.org/wiki/Image:RevEngMSArch.JPG
>
http://en.wikibooks.org/wiki/Windows_Programming/Windows_System_Architec
ture
>
> My favorite tidbits:
>
> “NTDLL contains a number of kernel-mode functions that implement much
of
> the functionality of the Windows API”
> “WIN32K.SYS is similar to NTDLL.DLL”
> “In a Windows function, typically the programmer provides function
> pointers to the system, and Windows will make calls into your
program.”
> “Developers working on writing device drivers for window are
frequently
> only allowed to use the Kernel-mode functions in NTDLL”
>
> I really hope nobody starts developing drivers based on such
> “information”.
>
> Best regards,
> Alex Ionescu
>

—
Questions? First check the Kernel Driver FAQ at
http://www.osronline.com/article.cfm?id=256

To unsubscribe, visit the List Server section of OSR Online at
http://www.osronline.com/page.cfm?name=ListServer