Latest posts of: f0dder -
Welcome Guest.   Make a donation to an author on the site August 29, 2015, 11:57:32 AM  *

Please login or register.
Or did you miss your validation email?

Login with username and password (forgot your password?)
Why not become a lifetime supporting member of the site with a one-time donation of any amount? Your donation entitles you to a ton of additional benefits, including access to exclusive discounts and downloads, the ability to enter monthly free software drawings, and a single non-expiring license key for all of our programs.

You must sign up here before you can post and access some areas of the site. Registration is totally free and confidential.
Your Support Funds this Site: View the Supporter Yearbook.
  Forum Home Thread Marks Chat! Downloads Search Login Register  
  Show Posts
      View this member's profile 
      donate to someone Donate to this member 
Pages: [1] 2 3 4 5 6 ... 353 Next
1  Main Area and Open Discussion / General Software Discussion / Re: Windows 10 Privacy Concerns on: August 12, 2015, 04:55:38 PM
It's much ado over nothing.
No, it's not.

I haven't had time to look into the detail of most things, but enabling p2p updates as an opt-out is a big no-no. Yes, it's a good thing for the community as a whole, but it really isn't something an OS should impose on you, and it really sucks for people with metered plans. Yes, you can have an ethernet card and still be limited.

And the WiFi sense is just insane. Given how far MS has come the last 10 years in regards to taking security seriously, this is a big shock - there's some marketing and UX drones that have to be roasted slowly for this, and some upper middle management guys who need some proper old-fashioned viking-style torture for accepting the feature request - it's simply unacceptable.
2  Main Area and Open Discussion / Living Room / Re: New vulnerability found in older Intel processors on: August 12, 2015, 04:47:06 PM
I haven't had time to look properly at this, and the articles I've skimmed so far have been lacking, but...

1) SMM attacks are at least a decade old, and complicated to pull off - you need to write very specific code.
2) This exploit still needs ring0 access to pull off, right?
3  Main Area and Open Discussion / General Software Discussion / Re: Irfanview releases 64 bit Version on: August 12, 2015, 04:42:07 PM
So, what does the 64bit release bring to the table?

4  Main Area and Open Discussion / General Software Discussion / Re: Anyone running Firefox 40.0 stable release? on: August 12, 2015, 04:37:29 PM
I thought the thing about 32 bit software was it could not use up all your CPU huh
(edit// 4 cores)
32-bit software can't use up all your RAM if you have more than 4GB. (And maybe it was even limited to 2GB per application on 32-bit OSes?)
Depends on how the application was built - old 32bit Windows applications can only use 2GB (unless they're funky and AWEsome), whereas LARGEADDRESSAWARE linked applications can get really, really close to 4GB on a 64bit system, or 3GB on a 32bit system with that special boot option.
5  Main Area and Open Discussion / Living Room / Re: What books are you reading? on: August 12, 2015, 03:51:13 PM
I'm currently reading reamde. As other stuff by Neal Stephenson, it's pretty great, and even at page 380/1044 I'm not entirely sure exactly what the story is about, or how it's going to unfold - and that in a positive sense. It also features at least one shootout scene, which I'm not usually too big a fan of in books... but it's great in this one.

Richard Forthrast, a multi-millionaire marijuana smuggler, has parlayed his wealth into an empire by developing T'Rain, a billion-dollar online role-playing game with legions of fans around the world.

But T'Rain's success has also made it a target. Hackers have struck gold, unleashing REAMDE, a virus that encrypts all of a player's electronic files and holds them for ransom. They have also unwittingly triggered a deadly war beyond the boundaries of the game's virtual universe - and Richard is caught in the crossfire. Racing around the globe from the Pacific Northwest to China to the wilds of northern Idaho, Reamde traverses worlds virtual and real. Filled with unexpected twists and turns in which computer hackers and mobsters, entrepreneurs and religious fundamentalists face off in a battle for survival, Reamde is a brilliant refraction of the twenty-first century.
6  News and Reviews / Official Announcements / Re: DonationCoder Major Upgrades - Progress Report Thread on: August 12, 2015, 03:30:04 PM
I have a feature request: Ignore all topics (current & future) started by a certain user.
I'm not a fan of that kind of functionality here - it does run the risk of fragmentation (especially if extended to "ignore everything from <user>" later on), and I think it kinda clashes with my idea of DC as a friendly and respectful place where nobody needs to block anybody; I reckon your interest in the feature is from "I'm just not interested in that stuff" rather than "zomg, that dude is such a jerk", but still smiley
7  Main Area and Open Discussion / General Software Discussion / Re: Windows 10 Announced on: August 12, 2015, 03:21:23 PM
I cannot believe what I just read about the Win 10 start menu and "all apps" view (plus search!):
In Windows 10, it's... different. Windows creates a per-user database containing all the entries that are in Start, both the live tile portion and the All apps portion. This database is (inexplicably) maintained by a system service running as the super-privileged SYSTEM identity. And at the time of writing, this database has the oh-so convenient feature of being limited to around 500 entries.

Holy shit, it shipped like that!?!?!? What. The. Actual. Fuck!?
Ho humm - moving to a database might make sense for really fast lookups (especially if that part of the codebase is shared between desktop and mobile devices). Sounds a bit weird to limit this database (at least that much), though, since lookups should be that much faster. And it seems insane to make the indexing run as SYSTEM when it really only should require your local user privileges - the arstechnica article certainly makes that part of Win10 sound broken smiley
8  Main Area and Open Discussion / General Software Discussion / Re: Windows 10 Announced on: August 12, 2015, 03:10:37 PM
Apparently I just needed to RTFM ... It was a legacy setting that had gotten reset when I flashed the BIOS a few weeks back.
"Remap memory" setting in the BIOS, eh?

Kinda sucks that flashing a new BIOS reset all settings - it would be nice if settings-reset was an option you got after flashing (in case you were flashing because of FUBAR, and FUBAR was caused by bad settings).
9  Main Area and Open Discussion / General Software Discussion / Re: Windows 10 Announced on: August 12, 2015, 03:09:01 PM
He-he. Windows 10's "automated installation in the background" bluescreened me while trying to update my AMD driver...
10  Main Area and Open Discussion / Living Room / Re: Security: Stagefright Vulnerability (Android) on: July 31, 2015, 06:21:49 AM
People still use MMS?
Because it's a way to send/receive pictures for people who aren't on social media sites and don't use instant-messaging platforms?

Also, remember that just turning off MMS isn't enough to protect you from this exploit, it can be triggered in-browser as well. One of the worst exploits in a while...
11  News and Reviews / Mini-Reviews by Members / Re: Not-so-mini review of CrashPlan backup software on: July 31, 2015, 06:13:11 AM
Using Amazon Glacier or Google Nearline is cost prohibitive, but they're getting there. I would love to see a service using Nearline with some deduplication and a lean client. I have nothing against Java per se, but CrashPlan clearly hasn't optimized their client for memory usage.
Kinda impossible to do for Java. You need to reserve a heap that's large enough to handle your largest theoretical load, plus some extra for garbage collection bookkeeping. This can be grown dynamically, but I don't think the JVM ever shrinks the operating system allocated heap. Makes sense for server loads, isn't always a nice feature on client machines though.
12  Main Area and Open Discussion / Non-Windows Software / Re: Thoughts on "next generation" forum systems? (Discourse, nodeBB, etc.) on: July 27, 2015, 03:19:42 PM
I really, really, really dislike the "endless scrolling" method. It never really seems to work with how I want to use a site, it tends to get progressively slower (not sure if it's database access or too much crud in browser memory), and it's hard to search. I haven't checked discourse in a while, so it might have gotten better - but it sucked in this regard last time I checked it smiley
13  Main Area and Open Discussion / General Software Discussion / Re: AV testing: Is your antivirus app doing its job? on: July 27, 2015, 03:03:30 PM
even legit sites that you'd keep whitelisted might be compromised
As the manager of a web development team, this is something that I'm always paying attention to, much to the annoyance of some partners and even customers. You might be surprised how many third parties want us to directly reference js code that lives on somebody else's servers (for example, to show fancy interactive product info from the manufacturer).
I wouldn't be surprised, given I deal with both front- and backend code these days smiley

My position is that my users have agreed to trust *me*, but they don't even know that they'd be implicitly trusting *you*. I don't have the authority to transfer my users' trust like that, so I simply will not allow your code to run in my site.

We've made a couple of sort-of exceptions. If they'll give us the code to verify ourselves, and host on our own servers, it's much less of an exposure. At least I can still have control over the stuff that I have responsibility for, rather than just abdicating that security consciousness.
I'm opposed to pulling in just any random external link, but sometimes clients have desires that you just have to be pragmatic about. I don't much mind pulling in stuff from the google CDNs - if they get hacked, things are bad on so many other levels. You do have to consider *where* you pull in stuff, though, as referencing the google CDN serves as a tracking beacon even though you're just grabbing jQuery or Angular.

For most other stuff, I want a local copy, checked into the project's version control system. Better for security, and for project longetivity given how fickle a thing web development is.
14  Main Area and Open Discussion / General Software Discussion / Re: AV testing: Is your antivirus app doing its job? on: July 27, 2015, 02:56:27 PM
It's more important to avoid (or at least click-to-play) Java + Flash plugins than keeping JS disabled. The diagram it ignores the fact that Chrome has a special and somewhat-safer implementation of Flash, it ignores the smaller amount of malware targeting OSX, it ignores the browser used, and it ignores user behavior.

I do believe OSX has worse security holes than Windows, but given the combination of available malware and user behavior, I don't agree in the short-circuit. And fringe OSes are extremely unlikely to be infected with anything even with javascript turned on.
15  Main Area and Open Discussion / General Software Discussion / Re: AV testing: Is your antivirus app doing its job? on: July 27, 2015, 02:30:06 PM
Tuxman, that flowchart is not only elitist, it's also not very correct smiley
16  Main Area and Open Discussion / General Software Discussion / Re: AV testing: Is your antivirus app doing its job? on: July 27, 2015, 02:14:04 PM
You have to ask yourself what you're trying to protect against, and choose product accordingly.

Nothing whatsoever is going to be a 100% guarantee against 0days, not even behavioral monitoring. But most people aren't 0day targets, anyway; the biggest risk for ordinary people is accidentally surfing by one of the automated exploit kits, and those normally use relatively old exploits - but a whole bunch of them.

I personally can't be arsed with anything beyond MSE. I'm not arrogant enough to think I'd discover it if I were explicitly targeted with an APT, and while one might argue that my browser panzering + "don't run unknown shit outside of VMs" would probably be fine, I still keep MSE around in case I poke around on an external harddrive or the like.

For normal people, MSE would also be my suggestion. You just can't expect regular non-technical John Does to run NoScript, and even legit sites that you'd keep whitelisted might be compromised. MSE tends to suit those needs, it's less resource intensive than many competitors, it's gratis, and the people that manage to get infected anyway are basically helpless smiley
17  Other Software / Developer's Corner / Re: Syntax in Different Programming Languages on: July 27, 2015, 01:26:58 PM
How useful is a site like HyperPolyglot, though?

If you're at a proficiency level with the target language that you need to site, will you be able come up with something useful by looking at a cheat sheet? I don't think a"mechanical translation" like that wouldn't end up would result in good code, unless that languages are extremely similar (Java <> C#, for instance).

I think something that would be valuable would be samples of how to write ideomatic code in the target languages (requiring the user to be familiar with basic syntax) - but it's hard to do that with side-by-side comparisons, since different languages tend to solve different problems.
18  News and Reviews / Mini-Reviews by Members / Re: Not-so-mini review of CrashPlan backup software on: July 27, 2015, 11:23:32 AM
So clearly CrashPlan is doing something wrong, wrong, wrong.
Java? :-)

I'm fairly certain there are more effective approaches, such as using the NTFS file table to look for changed files, doing active file system monitoring (performance considerations?)
If I were to design a backup solution, I'd definitely use a combination of USN Journal scanning, if available, on program start-up, combined with filesystem notification events.
19  News and Reviews / Official Announcements / Re: DonationCoder Major Upgrades - Progress Report Thread on: July 27, 2015, 10:43:37 AM
Ok so those of you who use "unread since last visit" -- you click on the text link near your avatar, is that right? (see attachment in previous post)
And not the "UNREAD POSTS" button on the button bar, right (as that one is not "since last visit")?

When I go to DC, it's either directly to that URL from a LaunchBarCommander shortcut, or by a notification email, followed by a click on the link-to-the-right-of-avatar-image once I'm done interacting with the posts from the notification email.
20  News and Reviews / Official Announcements / Re: DonationCoder Major Upgrades - Progress Report Thread on: July 26, 2015, 04:31:39 PM
Nice new goto menu at top of form:
Hopefully doesn't replace the one-click "Show unread posts (since last visit)." link?
21  Main Area and Open Discussion / General Software Discussion / Re: Chrome Portable in a RamDisk = decadence? on: April 30, 2015, 06:26:10 AM
I personally can't see much advantage of putting the browser executables on a ramdisk - they're small enough to load fast even on a mechanical HDD, and (for most people's usage patterns) once the browser is loaded, it stays loaded most of the day.

What can make sense is storing the browser cache on a ramdisk (I wouldn't disable it even if I had a 100mbit connection - latency and throughput to a local disk is a lot faster than any network connection) and, even more so, the firefox profile. Firefox does a fair amount of small reads and writes all the time while you're browsing to various SQLite databases (cookies, browsing history, website offline storage, et cetera).

I would recommend SoftPerfect RAM disk - it's fast(*), free, stable and no-nonsense. It supports persisting the contents to disk, and doing so at regular intervals, making it optimal both for %TEMP%(**) and for keeping data around.

(*): yes, there's noticable speed differences between ramdisk products.
(**): some installers expect %TEMP% to be persistant across reboots...

Hopefully applications know enough to check available disk space before trying to park giant temp files, like for m2ts muxing.  smiley
They generally don't smiley - if you want %TEMP% on a ramdisk, you should dedicate a sizable chunk, and be prepared to do one-off reverts especially for installers. 1gig works pretty OK for me, additionally storing firefox profile and WebSiteWatcher bookmarks.

The problem is it handles a huge amount of memory just to display the pages. The engine is inefficient and it leaks like there's no tomorrow. To be fair, it was even worse.
"Leaks like no tomorrow" hasn't been true for quite a while, leaks are mostly caused by poorly written addons. The engine isn't inefficient either, but there's tradeoffs... Firefox can get unresponsive if you're trying to load a zillion tabs at once, since it happens in one process, whereas Chrome launches a new process for each tab. So yeah, Chrome is more responsive in that scenario, but also ends up using a heavy chunk of memory.

Anyway, as the working space used by Firefox approaches to 10 figures (in bytes), just occupying that large a space becomes a burden on the CPU. Hence we have the unresponsive Firefox problem.
That sentence makes no sense smiley
22  Main Area and Open Discussion / Living Room / Re: Kingston USB 3.0 for ISO usage on: April 28, 2015, 10:19:33 AM
What do you get for WRITE speed on your corsair?  btw, it is rated quite highly online.  Can you crack 100MBps?
Did a Windows reinstall the other day (now running Win8.1, yay!) and used the Coprsair for the install files - got a steady 50MB/s for the ~27gig vmware image I was restoring, that's decent enough write speed for a thumbdrive.
23  Main Area and Open Discussion / General Software Discussion / Re: Ad blocking add-ons in Pale Moon 25 on: April 19, 2015, 10:16:32 AM
Also would be nice for some of that ublock drama to die down as well.
Yes, indeed smiley
24  Main Area and Open Discussion / Living Room / Re: Kingston USB 3.0 for ISO usage on: April 19, 2015, 10:07:23 AM
check that...I'm rereading your response.  Correct me if I'm wrong, but you are talking about 2.5 disks, not thumbdrives right?  If you have a thumbdrive that is consistently getting over 50MB/s, i need the model!
My first post has benchmarks of a SanDisk (50MB/s) and a Corsair (200MB/s) thumbdrive, my 2nd post is a 2.5" WD harddisk smiley
25  Main Area and Open Discussion / Living Room / Re: Kingston USB 3.0 for ISO usage on: April 18, 2015, 08:11:00 PM
superboyac: well, "this guy tested it"... no, sorry.

I'm not a fan of USB myself, the protocol is a hackjob - as I mentioned before with firewire400 vs usb480. But it does work in practice, at least on recent systems... and the right ports. USB3 speed is a guesswork, "blue" ports on my motherboard seems irrelevant.

your corsair thumbdrive, i assure you, is getting nowhere near 200 MB/s.  reading is fine, nobody really has issues with reading speeds.  i'm willing to bet you're not even really getting over 50 MB/s sustained.
The results I've posted are from HDTune - it's real. Those are repeatable, sustained speeds. And we're talking old-fashioned megabyte/sec, not megabit or mibibiwhatever. Write speeds are obviously different, especially for flash memory, and I haven't timed those.


I'll exclude all the externally powered devices from my conclusion - they perform way too well, anyway. So: the USB3-self-powered passport disk does 52MB/sec min, 116MB/s maxx. I have three of those, and one of them has two platters. I haven't transferred a petabyte to them yet, but it's close.

My experience:
eSata: joined too early, (reproducable) random disconnects due to buggy firmware - nice speed
usb2: lame, slow speed, instability due to drivers

usb3 has nice speed - but it requires host compatibility.
Pages: [1] 2 3 4 5 6 ... 353 Next | About Us Forum | Powered by SMF
[ Page time: 0.078s | Server load: 0 ]

Share on Facebook
submit to reddit