Welcome Guest.   Make a donation to an author on the site August 30, 2014, 11:23:36 AM  *

Please login or register.
Or did you miss your validation email?

Login with username and password (forgot your password?)
Why not become a lifetime supporting member of the site with a one-time donation of any amount? Your donation entitles you to a ton of additional benefits, including access to exclusive discounts and downloads, the ability to enter monthly free software drawings, and a single non-expiring license key for all of our programs.

You must sign up here before you can post and access some areas of the site. Registration is totally free and confidential.
Your Support Funds this Site: View the Supporter Yearbook.
  Forum Home Thread Marks Chat! Downloads Search Login Register  
  Show Posts
      View this member's profile 
      donate to someone Donate to this member 
Pages: Prev 1 ... 33 34 35 36 37 [38] 39 40 41 42 43 ... 51 Next
926  Main Area and Open Discussion / General Software Discussion / Re: Interesting Approach by the Profiteering Malware Author on: June 11, 2008, 06:51:37 PM
Probably more realistic to track down the bastard.
Why am I suddenly in support of waterboardingWink
Rubber hose cryptanalisys!  thumbs up

Maybe if the FBI or some other 'three letter agency' were to get infected...  I think this scheme would be 'broken' in short order.
927  Main Area and Open Discussion / General Software Discussion / Re: Interesting Approach by the Profiteering Malware Author on: June 11, 2008, 05:23:03 PM
why is Kaspersky going after the RSA key instead of the RC4 key?

Because the RC4 key applies to only a single instance of the infection.  If the RSA key is broken (actually it appears that there are 2 RSA keys - which one is used depends on the OS version of the machine that is infected) it will allow the recovery of any infection.

Now, if there's a flaw in how the RC4 key is generated (or in how the RC4 algorithm is implemented) then there might be another approach to recovering from the damage inflicted.  But I have no idea how likely that scenario is.
928  News and Reviews / Mini-Reviews by Members / Re: WebDrive Mini-Review: Caching FTP-to-LocalDrive Mapping Tool on: June 11, 2008, 05:13:52 PM
SFTPDrive is licensed 'per-user' so you can install on multiple machines.  This is the main reason I chose SFTPDrive over WebDrive.
Where did you find this information on the very limited website of SFTPdrive ?

Hmm, you're right.  I hope I wasn't mis-remembering something and passing on false information.  I've asked for a clarification from the vendor at their support 'forum':


Edit: and the vendor replied within 10 minutes: "It's per user"

I hope he also updates the website...
929  Main Area and Open Discussion / General Software Discussion / Re: Interesting Approach by the Profiteering Malware Author on: June 11, 2008, 04:38:28 PM
How the author can decrypt files protected by a randomly generated RSA private key I am unsure. Perhaps it is not his/her intention to ever provide the decrypter?

Note: In the following, I'm speaking about how the malware works based on what I believe to be the case from very sketchy information - I could be missing the boat entirely...

The RSA key is not randomly generated - the RC4 key is.  Then that key is encrypted using the RSA public key.  At this point only a person who holds the corresponding RSA private key can recover the RC4 key.

The approach that Kaspersky seems to be advocating is trying to organize a distributed network of computers (similar to SETI@home) to brute force the RSA private key.
930  Main Area and Open Discussion / General Software Discussion / Re: Interesting Approach by the Profiteering Malware Author on: June 11, 2008, 02:17:06 PM
The best bet would probably be catching the malware while it's doing it's nasty crap, and doing a process memory dump to extract the keys.

That, or find out how to link the "unique ID" with the key.

I'd guess that the "unique ID" is the RC4 encryption key that has itself been encrypted with the RSA public key.  I'd also guess that the RC4 key is a randomly generated value that gets created right before the encryption of your data files.  If you're able to "catch" the malware at this point, it's probably best to simply stop it rather than extract the keys.

One key to solving this problem (pardon the pun) for people who get hit with finding their data files encrypted is if there's a vulnerability in the RC4 key generation process - if that's the case it may be possible to recreate those keys without the help of the extortionist.  For example, if the malware author makes a mistake similar to the flaw found not too long ago for SSH key generation on Debian distributions, recovering the data would be pretty easy.  But that's a big "if".

931  Main Area and Open Discussion / General Software Discussion / Re: Ugly Softmaker Office icons? No more. on: June 09, 2008, 05:50:47 PM
I wouldn't want to hack the .exe files themselves. Isn't there a way to override the icons for specific files using desktop.ini or somesuch?

You can do this in Explorer's "Tools/Folder Options.../File Types/Advanced" dialog.  If you have just a few file types to do this for this might be simpler than getting application.

And, of course, for any program shortcuts you can change the icon using the Properties page for the shortcut.
932  News and Reviews / Mini-Reviews by Members / Re: WebDrive Mini-Review: Caching FTP-to-LocalDrive Mapping Tool on: June 07, 2008, 07:07:27 PM
SftpDrive - the main commercial competitor to WebDrive, cheaper, available for mac.  Looks good but not as powerful, and less protocols supported.

I have an SFTPDrive license, and it works very nicely (except for a proxy problem I have - see below). I'd like to mention a couple things:

  • SFTPDrive is licensed 'per-user' so you can install on multiple machines.  This is the main reason I chose SFTPDrive over WebDrive.
  • Unfortunately, SFTPDrive does not support HTTP proxies, so my use of it at work has been severely hampered when the proxy setup changed a while ago.  I don't know whether or not WebDrive supports HTTP proxies.
933  Main Area and Open Discussion / General Software Discussion / Re: Abusive Behahiour (Rant about Adobe Digital Editions) on: June 05, 2008, 05:31:25 PM
This is the fundamental problem with DRM  - it always ends up causing a hassle for the legitimate purchaser. 

I can sure understand the publishers' desire to ensure they get what's due, but heavy-handed DRM is nearly always something that'll get me to reconsider a purchase.
934  Main Area and Open Discussion / General Software Discussion / Re: Whatever happened to... <INSERT DEADWARE HERE> on: June 05, 2008, 02:07:08 PM
IndieVolume  - I was really hoping he'd get the Flash problems fixed Sad
CodeWright - a nice editor killed by Borland (or whatever their name is this year)
935  Other Software / Found Deals and Discounts / Re: Take Command Console LE from JPSoft on: June 04, 2008, 02:07:57 AM
No, I don't think misread.  "DOS box" is technically incorrect even if a common term for what is properly called a console window.
936  Main Area and Open Discussion / General Software Discussion / Re: Remote Desktop Manager alternative on: June 03, 2008, 02:29:50 PM
Well, if you love SpeedApps Remote Manager, but aren't comfortable with the reputation of the "author", then you might like to move to mRemote, which appears to be the open source 'inspiration' of SpeedApps Remote Manager:


Jeez - did that SpeedApps/App-zilla guy produce anything that wasn't stolen?
937  Main Area and Open Discussion / Living Room / Re: American Psycho on: June 03, 2008, 01:06:34 PM
I haven't read the book, yet, but here's my take on the movie...

But first a little bit of Roger Ebert's take:
All of the murders are equally real or unreal, and that isn't the point: The function of the murders is to make visible the frenzy of the territorial male when his will is frustrated. The movie gives shape and form to road rage, golf course rage, family abuse and some of the scarier behavior patterns of sports fans.

I think that while Ebert is right that an important point of the murder frenzy is to take to the extreme the various rage scenarios that we might see in everyday life, I believe that attempting to determine what's real or unreal is also an important point. One of the key aspects of the movie is that it leaves the true extent of Bateman's crimes ambiguous.  I think it's important for the viewer to try to figure out where the line of reality falls, and I'd be surprised if the director (Mary Harron) did not expect that.

I consider the movie to be outstanding (but it's definitely not something for everyone).  I particularly like the scenes with Dafoe and the shootout with the cops.  Bateman's reaction when the car explodes is worth the price of admission alone.
938  Other Software / Found Deals and Discounts / Take Command Console LE from JPSoft on: June 02, 2008, 01:22:15 PM
For people who are command line junkies, you might want to look at a new offering from JPSoft (makers of Take Command, formerly known as 4NT or 4DOS).

Take Command is a replacement for cmd.exe with enhanced commands.  The LE version is a free version that excludes the GUI component (DOS box only) and excludes some of the more advanced commands (in particular the ability to access files over FTP or HTTP).  However, it's more or less what 4NT was prior to version 9 and has some very nice command line and batch file capabilities.

If you find yourself doing a lot at the Windows command line, it's worth checking out TCC LE:  http://www.jpsoft.com/tccledes.htm

939  Main Area and Open Discussion / Living Room / Re: This might take some of you back - IBM laptop, can anyone give me some info? on: May 30, 2008, 03:31:49 PM
Here's a link to the support page for downloaind varisou support software and drivers for the ThinkPad 750:

940  Main Area and Open Discussion / General Software Discussion / Re: Is there a utility that will recurse a command down through subfolders? on: May 30, 2008, 11:17:06 AM
If you want to muck around with some of the advanced capabilities of NT's cmd.exe command processor, you can do this with a batch file:

941  Main Area and Open Discussion / General Software Discussion / Re: need IE6 in Vista home on: May 27, 2008, 05:33:02 PM
Also, I should have mentioned that you can of course run whatever virtual machine host software you want on your Vista Home laptop.  As far as I know, the following support Vista Home Basic as a host platform with WinXP or Win2K as a guest VM:

  • VMware Workstation
  • VMware Player (free)
  • Parallels Workstation
  • VirtualBox (free)
  • Xen (if you have the right CPU) (free)

Also, Virtual PC 2007 is not supported, but is reported to still work.  With any of these VM platforms you can install your own non-expiring WinXP or Windows 2000 guest and have IE 6 available for as long as you need.

The advantage to this is that you're not dependent on Microsoft continually updating their IE6 test VM image and you don't have to use potentially system destabilizing hacks to get IE6 to run on your Vista system.
942  Main Area and Open Discussion / General Software Discussion / Re: need IE6 in Vista home on: May 27, 2008, 05:10:36 PM
My understanding is the Virtual PC 2007 will install and run on Vista Home, but it's not a 'supported' configuration and it will give warnings during install.  However, it is reported to work.  If you go that route, you can try running Microsoft's virtual Machine image that has WinXP with IE6 installed on it:


This image will expire on 3 July 2008.  Microsoft periodically updates the image with a new one that has a later expiration date (no telling when they'll decide to stop doing that, though).

Some other URLs that should have helpful information:

http://tredosoft.com/IE6_For_Vista_Part_1 (install IE6 on Vista - sort of)

http://tredosoft.com/Multiple_IE (run multiple versions of IE side-by-side. This does not work on Vista, but might still have useful information)
943  Main Area and Open Discussion / General Software Discussion / Re: XPPro SP3 on: May 19, 2008, 09:38:15 PM
This discussion about activating the Volume License (VL) version of WinXP is a little confusing - the VL version of XP does not need to be activated.  The installer gets the key, and that's it - there's no communication with Microsoft.  If the key is valid, the installation is 'activated'.

Microsoft does however blacklist VL keys that it finds have gotten out into the wild.  That blacklisting can occur in a service pack update or via the infamous "Genuine Advantage" check.

There may be some confusion regarding non-VL WinXP keys that you get from MSDN - those keys allow you activate something like 10 times, so they may seem like they're VL keys because they allow for multiple activations.

Note that the volume licensing mechanism for Vista is completely different and requires that a site have infrastructure (ie., a validation service) to support the licensing scheme.
944  Main Area and Open Discussion / Living Room / Re: Why is all audio on websites so freakin loud?! on: May 17, 2008, 07:34:09 PM
Got a link to application that lets you adjust volume on a per-application basis?
Does anyone know of an app other than IndieVolume that does this for XP?  I have IndieVolume, but it has problems with Flash that make it so I'm unable to use it for browsers.
945  Main Area and Open Discussion / Living Room / Re: What to do when you receive bootleg videos? on: May 14, 2008, 07:25:06 PM
I don't like being a grass...

Took me a while to google-out what this meant ("grass" is such a common word).  For anyone else unfamiliar with the british-slang, it would mean something like "I don't like squealing..."
946  Main Area and Open Discussion / General Software Discussion / Re: I need a good DVD converter! on: May 10, 2008, 01:06:48 PM
DVDFab is free lifetime updates as well...

This policy has just recently changed - previous purchasers still have the lifetime upgrade policy, but after May 8 new purchases get 1 year of upgrades.  According to the purchase page, upgrade license renewal will be no more than 20% of the retail price.


Also new is that the module to convert to mobile formats is no longer included in the 'Platinum' product - it's a separate add-on license (I think the add-on works for either DVDFab Platinum or DVDFab Gold, but I'm not certain).
947  Main Area and Open Discussion / General Software Discussion / Re: converting divx to dvd? on: May 08, 2008, 11:21:26 AM
If you are not into any complex video tasks, there is no better than convertxtodvd (at least compared to winavi, TMPGenc and couple of other minors that I have tried). There is a trial version (which includes watermark).

You can also get a cheap license for ConvertXtoDVD (about €6) with a couple of caveats:

  • the version you get is 2.x and is non-upgradable (the current version is 3.x)
  • the site selling this is pretty much dead, but I was able to make the purchase a few weeks ago.

You can buy ConvertXToDVD 2.x for 4 'credits' at http://www.serialdealers.com, but be sure to *not* buy a Gold membership - in all likelihood nothing new will be offered on that site.  Also realize that even though credits are more or less equivalent to Euros, the minimum purchase for a block of 'credits' is €6 for 5 credits, so in order to make your purchase of ConvertXToDVD you will really be spending €6 not 4.
948  Other Software / Found Deals and Discounts / Re: PowerCmd on Bits du Jour on: May 01, 2008, 05:12:54 PM
Sorry for contributing to the drifted thread, but...

One thing to realize here is that TrialPay is not the store or the vendor - you don't go to trialpay.com and browse the products they offer then decide to 'buy' something there.  As far as I know Trialpay does not even provide a mechanism to do that.  Trialpay doesn't offer to sell you software - the software vendor offers to let you use trialpay instead of some other payment mechanism.  Generally in order to get Trialpay involved in a transaction, the customer has already decided to acquire the software (or has been enticed by the software vendor advertising the trialpay option as a way to get the software for 'free').  Trialpay is involved only as an alternative to using Visa, MasterCard, Paypal or whatever.

So I'm not sure why TrialPay would have significantly more burden to vet the products than Visa, MasterCard, Paypal, Plimus, regNow or any other payment middleman.

There might be more of a case if the stuff that you actually do pay for on Trialpay were 'rogue' or malicious (the offered flowers, gourmet coffee club membership, credit card or whatever offer you buy/agree to), but I haven't particularly noticed anything like that.
949  Main Area and Open Discussion / General Software Discussion / Re: How do I delete big folders with ease? on: April 29, 2008, 02:38:01 PM
You can't get much quicker and easier than this (be careful - you can do a lot of damage) - from the command line : 

[copy or print]
rd /s <folder name>

If you're adventurous you can add the "/q" option and it'll wipe the folder without asking for confirmation.
950  Main Area and Open Discussion / Living Room / Re: mail2web: any comments? on: April 29, 2008, 11:57:42 AM
Pages: Prev 1 ... 33 34 35 36 37 [38] 39 40 41 42 43 ... 51 Next
DonationCoder.com | About Us
DonationCoder.com Forum | Powered by SMF
[ Page time: 0.048s | Server load: 0.13 ]