Welcome Guest.   Make a donation to an author on the site November 23, 2014, 01:55:28 PM  *

Please login or register.
Or did you miss your validation email?


Login with username and password (forgot your password?)
Why not become a lifetime supporting member of the site with a one-time donation of any amount? Your donation entitles you to a ton of additional benefits, including access to exclusive discounts and downloads, the ability to enter monthly free software drawings, and a single non-expiring license key for all of our programs.


You must sign up here before you can post and access some areas of the site. Registration is totally free and confidential.
 
Free DonationCoder.com Member Kit: Submit Request.
   
  Forum Home Thread Marks Chat! Downloads Search Login Register  
  Show Posts
      View this member's profile 
      donate to someone Donate to this member 
Pages: Prev 1 2 3 [4] 5 6 7 8 9 ... 350 Next
76  Main Area and Open Discussion / General Software Discussion / Re: Folder protection on: March 30, 2013, 12:51:11 PM
Not sure what OS your using but on XP (and XP Mode) I use Microsoft Private Folder, just don't forget the password!
I wouldn't consider that smiley
77  Main Area and Open Discussion / Living Room / Re: Pirate Vinyl Records! :D on: March 30, 2013, 10:25:33 AM
In practice the situation is completely different. The Digital Era has created the plague of the "digital" sound in the worst sense of the word: a cold, cutting, caustic, harsh, metallic sound. I have never heard a such crap coming from a LP. Never.
Blame the musicians and the mastering engineers - not the playback media.

(In addition to that, there's of course subjective preference and the psychological/self-suggestive effects of putting a vinyl on your record player. Just like there's people who violently claim they can tell the difference between Monster Audio cables and electrical wire, even though they produce identical waveforms on an oscilloscope Cool).
78  Main Area and Open Discussion / Living Room / Re: Pirate Vinyl Records! :D on: March 30, 2013, 09:47:05 AM
I wonder how accurate that copy is... and what the risk of damaging the original vinyl is?

Also, the obligatory: "pfft, vinyl." - it's great for artwork, but anybody claiming that the sound quality is objectively better than a proper digital format doesn't really know what they're talking about :-)
79  Main Area and Open Discussion / General Software Discussion / Re: Registry cleaning software debunked... on: March 30, 2013, 08:40:14 AM
Just recently MS updated Silverlight, when I ran a registry cleaner on Windows 7 afterwards it picked up well over 700 items, nearly all of which were related to the previous version of Silverlight. The files had been removed (or updated) but not the registry keys. XP was nearly as bad.
How much disk space did you save by removing those 700 entries? Even if we assumed each entry occupied 1k in the registry hive file (which I doubt it would), you've saved a whopping 700kb. How much lookup time have you saved? Given the binary-search done on keys and the caching on top of that, I doubt you'd be able to measure a difference.

I understand that it feels wrong having garbage left behind. But the practical implications of this? Roll Eyes
80  Main Area and Open Discussion / General Software Discussion / Re: Folder protection on: March 29, 2013, 10:42:06 PM
For me the most missing feature on a ram drive software is 'Allow multiple ram drives'. The one I use doesn't offer this.
Quote
SoftPerfect handles that - I have a permanent (and file-backed) 1gig for %TEMP%, firefox profile and the like, and sometimes I'll create a scratch drive for whatever purposes - I sometimes work with datasets with a huge amount of very small files, it's much faster to do this on a ramdrive than a physical disk (NTFS journals filesystem metadata - i.e. not file data itself, but "create file", "rename file", "delete file", "file has grown/shrunk by XXX bytes").

You know why I can remember the freeware I just mention? Because I use one of the r-tools company product, their R-Wipe&Clean. Man, you should try that, they are very serious in their product. Compare to R-Wipe&Clean many other competitors looks just like toys.
Took a quick sweep over their feature-list, and it seems like a somewhat mixed bunch - I'm not too thrilled seeing a file/free-space wiper being combined with anything else, since it might give the impression those "other things" will also be secure wiped (i.e. IE history, removed registry keys, ...) which I kinda doubt. But I guess it makes sense from a marketing view smiley
81  Main Area and Open Discussion / General Software Discussion / Re: Registry cleaning software debunked... on: March 29, 2013, 10:31:15 PM
Tinman57: I'd agree with that back in the Win9x days - not so for NT. I honestly can't recall a "registry cleanup" having effect on speed ever since I moved to Win2k, and with a (granted, somewhat superficial) idea of the on-disk and in-memory data structures used for the registry hives, as well as caching optimizations done, I can't see why it would, either.

Now, there might be some specific situations that can be fixed which could cause slowdowns (references to network shares, system startup items that can be removed, et cetera) - but for a normal system, I'd be surprised to see any quantifiable performance effect just by removing "unused" registry keys/values. And some of the "clean up" too much for their own good.
82  Main Area and Open Discussion / General Software Discussion / Re: Folder protection on: March 29, 2013, 07:33:14 PM
Is the SoftPerfect Ramdrive actually install like a drive/device, I mean like when we install a physical drive where all inf file is involved. Or it just run like a program which create a virtual drive after windows bootup.
Yup, it's driver based (don't think you can do a ramdrive without drivers), it supports boot-time ramdisks, saving/loading to image file (and loading image during boot), does differential image save (i.e. only saving modified portions == fast) - and all the other stuff I need. It's not as fully-featured as, say, SuperSpeed RamDisk - but I don't need the additional features (like selecting which type it shows up as, or >4gb support on 32bit Windows), and it's gratis - and fast smiley

You have convinced me, I will try TrueCrypt. I find myself always a bit stingy in giving up another drive no.  Currently I have 14 drive number used up and each one has it special meaning to me. e.g. R for RamDrive, V for Virtual drive, B for Backup. In fact I know another similar freeware (for home use) long ago, but I don't know how good it is compare to TrueCrypt.
Darn, that's a huge number of drive letters in use! Even back when I did obsessive partitioning, I don't think I had more than 5 disk partitions or so. These days I'm down to three disk partitions (the SSD split in 'system' and 'data/docs', and the HDD as a single partition), 'R' for my persistent ramdrive, one DVD-burner and one virtual DVD drive - and when mounting a TrueCrypt disk, 'T' for that (and 'S' for an additional one if I need to move stuff from one disk to another) - but that's the max these days smiley

I wouldn't really use anything closed-source for encryption these days (how many years have I been promising to open-source fSekrit now?  embarassed), and the fact that TrueCrypt is both open-source and works on Win/OSX/Linux makes me comfortable. It also has a pretty clean no-nonsense UI, and generally just works. Don't think there's (m)any opensource Windows products that are still maintained - a coworker mentioned some other product a while ago, but I can't recall which.
83  Main Area and Open Discussion / General Software Discussion / Re: Registry cleaning software debunked... on: March 29, 2013, 06:45:38 PM
That's not really "Registry cleaning software debunked...", IMHO - it's "scareware taken for a test drive" :-)
84  Main Area and Open Discussion / General Software Discussion / Re: Folder protection on: March 29, 2013, 06:29:06 PM
OK, that gives some protection against the residual plaintext problem. But are you sure your RamDrive product uses nonpageable memory? Otherwise you might be (slightly - depending on ramdisk size) increasing the risk of residue in the pagefile.
I am not knowledgeable enough to see whether the ram drive memory is subjected to Windows paging system, but I can show you this: (see attachment in previous post)
Hmm, dunno - that's a pretty confusing dialog. And it doesn't really seem like their website provides any detail either (just finding the right website was bothersome enough tongue) - they do spend time discussing that each tick corresponds to 32MB, though. (The website currently hosting the ramdrive seems relatively fishy - selling an 'enterprise' version, but using a free web host and gmail address? You might want to take a look here smiley).

Now, #2 is questionable practice, but #3 by itself is enough that I'd recommend people to stay the heck away from this program. It's insecure design, and if something as basic as this isn't done right, one has to guess what else isn't in order.
Man... you have scared me...
I found something that looks like it could be the encryption routine (handles IRP_MJ_WRITE and loops over the data in 512-byte blocks, then the remainder) - I didn't spend a lot of time untangling it, but the code didn't look familiar. I think we can add "homebrewn crypto algorithm" to the checklist, which is the final nail in the coffin.

And once again: try out TrueCrypt. It might be slightly less convenient than Folder Protect (you'll have to manually mount the volume/container, rather than get a "enter passphrase" popup when navigating to a protected location) - but it's tried, tested, and opensource. No magic pixie dust and fantastic claims, just pure old software engineering.
85  Main Area and Open Discussion / General Software Discussion / Re: Folder protection on: March 29, 2013, 05:15:57 PM
What I am currently doing is to temporarily place a confidential file which is yet to be encrypted on a Ram Drive and when I am done with my work on that file, I move it into my confidential.rar

I do the above because when my machine is off, I don't even need to worry about temp file left by program or whatsoever.
OK, that gives some protection against the residual plaintext problem. But are you sure your RamDrive product uses nonpageable memory? Otherwise you might be (slightly - depending on ramdisk size) increasing the risk of residue in the pagefile.

The biggest problem I have on both is I can't clearly understand the actual difference between several different products they both offer. I don't even bother to try because I simply have no idea which one is my real interest.
That's usually also a warning sign to me - companies producing extremely minor variations over the same theme with hard-to-discern feature differences? Ugh.

Anyway, I've started looking into Folder Protect. On the plus side, it comes with a driver (flycryptor.sys which I'm currently looking at) - this is at least a positive sign, though not by itself enough to give a stamp of approval (I personally wouldn't even consider this product given that TrueCrypt is around, but it's still worth finding out whether it's a decent program).

A couple of other things so far:
1) You can't move files into a protected folder, only copy them - this kindasorta makes sense given how the operation works on filesystem level, but could break software.
2) When uninstalling, the "magic" disappears, and a protected folder can be seen containing a bunch of "con.xxxx" files - this naming convention is an extreme ├╝berhack ("con" is the name of a device in Windows, and any attempt to access one of the files will give you an error. This is unnecessary for protection, and means you cannot rename, move or delete the protected files after uninstalling Folder Protect.
3) I rebooted the VM with a Linux live-cd ISO, and copied the protected 1-megabyte-of-zeroes file and renamed it so I could access it from Windows. Rebooted, got the file to my host machine, and inspected it with a hex editor. The first 16 bytes repeats at a 512-byte interval throughout the file. Actually, keeping "find next" pressed, the only thing that updates on the screen is the file offset - in other words, each 512-byte block is encrypted separately: ohmy ohmy ohmy tellme

Now, #2 is questionable practice, but #3 by itself is enough that I'd recommend people to stay the heck away from this program. It's insecure design, and if something as basic as this isn't done right, one has to guess what else isn't in order.

I'll keep on digging a bit more, see if I can find out which encryption algorithm they use (oh, that's not listed on their website either, is it? That's also a pretttttty bad sign).
86  Main Area and Open Discussion / General Software Discussion / Re: Folder protection on: March 29, 2013, 04:18:55 PM
I assume you mean that someone that stole the machine will try to look for decrypted temp files left by program(s)that work on a decrypted copy of my confidential files, am I right?
Yep - a common thief probably wouldn't do that, but if your stuff is "confidential enough" and you're being specifically targeted... it's a very real concern.

I have been think the same thing, may be I can create a temp folder for all those programs and had that temp folder wiped by a wiping utility periodically.
That won't work, because of the way filesystems work - you'll need to wipe each file individually before deleting... or you can ensure your partition is always fully defragmented, and use a "wipe free space" tool (those can also leave a bit of residue behind: free disk space wiping is a best-effort kind of thing, there's no APIs to handle it - so a wiping program basically has to try allocating the largest possible file it can, then wipe that).

If you use TrueCrypt, none of that is necessary. It works at driver level, meaning your data never hits disk unencrypted(*), and since it's not just an explorer hack, there's no way around this encryption.

(*): again, unless windows decides to swap to the pagefile - or some program you're using likes to make temporary files somewhere else smiley

I just browse through the folder protect program mentioned by dr_andus on their web site, it seems that the program is doing encryption and decryption on-the-fly and not simply a block to the access of the folder.
I'm going to take a look at it in a few minutes - the information on their website doesn't leave me with a very good feeling; there's no mention of just how the protection is done, which is a big warning sign when dealing with protection software... and the ease with which using it on a portable USB drive is described also rings some warning bells. But I'll take a look smiley
87  Main Area and Open Discussion / General Software Discussion / Re: Folder protection on: March 29, 2013, 03:53:57 PM
It's not a recommendation, but just saw something called "Protect Folder" on sale at BitsDuJour today, in this sort of area...
Quote
Protect Folder lets you protect files, folders, and removable drives using a secure password, on-the-fly. With Protect Folder, there's no need to manually encrypt and decrypt files as you go about your business - instead, the program automatically performs encryption and decryption, silently and quickly, in the background as you work.

Haven't looked at that program, but my gut reaction to a claim like that is "stay the hell away" - a false sense of security is worse than no security.

Currently, my confidential data files are encrypted in a WinRAR file. Let's say someone stole it, it is really that easy to decrypt it? I mean, no matter what password I use?
Afaik RAR uses AES256 encryption - if you use a strong passphrase, the RAR archive should be safe enough (given that they haven't made any stupid security bloopers). This workflow means that you'll be extracting the files temporarily, working on them, and RAR'ing them back up - that would make the data very easy to retrieve if somebody stole the machine or its harddrive.

Treat me a newbie and tell me  whatever you think I should be aware in term of keeping something confidential on my PC (which of course is linked to the outside world with internet)
One could argue that it depends on how confidential something is - to me, confidential means "doing things right", which also means guarding against a stolen harddrive.

Programs offering "folder level protection" (and marketed) as such are likely to only offer only mediocre protection (like, using shell extensions to block access), and not do any kind of encryption (thus being useless against offline attacks).

TrueCrypt is tried-and-tested security, it's free and opensource, doesn't leave unencrypted residue around(*), and Just Plain Works. Yes, it does mount the encrypted partition or container-file as a drive letter - but if you can point your programs to a specific folder, you should be able to point it to the root of a drive (or a subfolder there) as well?

It has a bunch of auto-dismount options (logoff, power saving mode, idle-for-X-minutes, ...), it has panic key for the paranoid, et cetera.

(*): there's still the possibility of windows deciding to swap out memory to the pagefile, which can be a real problem - but you'd still have that with any other approach as well, and it's not as severe as recovering an entire plaintext file as the "extract-work-compress" workflow opens you up to.

88  Main Area and Open Discussion / Living Room / Re: The Supreme Court makes a rational decision! on: March 29, 2013, 03:30:35 PM
Does this apply to pharma meds?
Probably doesn't matter - given patents and the FDA smiley
89  Main Area and Open Discussion / Living Room / Re: Does anyone here use Bitcoins? on: March 29, 2013, 02:19:25 PM
But you know who are and will continue to really make out like bandits with this? The guys with the botnets, distributing malware with bitcoin miner software, getting unsuspecting users to generate BTC for them when their computers are idle.
Indeed - hence why I think the currency should be renamed "botcoin". The whole thing has always seemed extremely shady to me - like, the original author using a pseudonym, the guy who came to #doco and wanted *us* to write articles about it, et cetera. But I guess I wouldn't want to reveal my real name if I had conjured up a Get Rich From Botnets plan smiley

On top of that, I'm pretty much with 40hz. Enjoy the bubble before it bursts.
90  Main Area and Open Discussion / General Software Discussion / Re: Folder protection on: March 29, 2013, 01:44:39 PM
I know this isn't what you want to hear, but: use TrueCrypt or don't bother at all.

Pretty much anything else won't be anything but a false sense of security. And if you only want a half-hearted solution, why bother doing anything at all? smiley
91  Main Area and Open Discussion / Living Room / Re: In search of ... opinions on AMD vs Intel graphics cards on: March 21, 2013, 05:47:05 PM
Haven't compared specs (you didn't give much info on the Intel system anyway smiley), but the AMD one will likely have the fastest graphics - Intel has come a long way with their HDxxxx graphics, but still lag behind... AMD bought up ATi, so, yeah...

If you don't need fancy 3D graphics, you might want to look at power consumption instead - Intel is likely going to have the upper hand here, as well as on CPU grunt, depending on which Intel CPU is in the Toshiba laptop. AMD just haven't been able to keep up since core2 was introduced, which is a shame (and quite a few yeas ago now).
92  Main Area and Open Discussion / Living Room / Re: Wrigley Making Caffeinated Gum - New Alert Energy Caffeine Gum on: March 21, 2013, 10:05:59 AM
Hm, I think ThinkGeek used to sell caffeinated water - brew your coffee with that.

Caffeine pills used to be over-the-counter in Denmark. As usual, some stupid brats managed to mess that up smiley
93  Main Area and Open Discussion / General Software Discussion / Re: ironshield antivirus on: March 21, 2013, 07:46:12 AM
@f0dder - maybe you should ask the guys over at Cisco that question?
Yeah, saw that yesterday - efiin' insane.

Oh, and nice pic you chose to go along with the story Thmbsup
94  Main Area and Open Discussion / Living Room / Re: silly humor - post 'em here! [warning some NSFW and adult content] on: March 21, 2013, 07:45:20 AM
Lance Armstrong cycling on drugs: (see attachment in previous post)
BWAHAHAHAHA~~~~!!!
But... HOW high? :-)
95  Main Area and Open Discussion / General Software Discussion / Re: Data Execution Prevention notes on: March 20, 2013, 05:58:07 PM
I don't think I've come across (official) printer driver software in a long time that wasn't extremely tacky, garish, and completely useless. I usually try to find a way to extract just the necessary driver files, as I can't stand that "value-added" crap smiley. Goes for my Pixma ip2600, but at least the printer works decently, and I didn't have to work too hard to get the non-crap files (found a clean Vista driver that works on Win7, rather than the ├╝berbloated Win7 driver).

It sucks that there's so much poorly programmed software that b0rks with DEP enabled - it's due to bugs or pesky compression/protection software that's trying to be a bit too sneaky for it's own good. With such a relatively short list, I'd personally add DEP exceptions and keep EMET installed, though.
96  Main Area and Open Discussion / Living Room / Re: When it comes to EA, it just keeps getting better - or worse... on: March 20, 2013, 05:52:08 PM
Now, how much and what kind of REALLY BAD DRUGS does somebody need to come up with to design a system that launches local games by installing a custom URL handlers Wtf is wrong with these people?
I think Valve (Steam) was on some really strong drugs.  Everyone else just copied them without the high.
Ugh Valve did (does?) that as well? And started it? *sigh*

I generally like Steam pretty well, but protocol handlers to launch games is just... plain old fscked up.
97  Main Area and Open Discussion / General Software Discussion / Re: Data Execution Prevention notes on: March 20, 2013, 02:44:12 PM
Hm, with EMET 3.0 you should be able to set your system DEP to "Always On", but configure individual apps to not have it - not sure if that'd work for a printer driver (would most likely be a DLL loaded into the printing process' address space?) - but should work for other stuff.

Don't think I've ever run into crashing apps because of EMET - I've got DEP always-on, SEHOP app opt-out and ASLR app opt-in. Haven't seen it protect me from malware either, but in case anything should ever slip by my panzered firefox, at least it's an extra layer of mitigation smiley
98  Other Software / DC Gamer Club / Re: Bastion's dev announce a new game! on: March 20, 2013, 02:34:38 PM
Hm, heavily pushed? Yeah, you switch to new weapon immediately when you pick it up, which kinda sucks - they should've either made an armory very close to each new weapon so you could switch back, or there should've been some special game mechanics on the level requiring the new weapon...

But other than that "very special thing" at the very last level, you weren't really forced nor heavily pushed to use the new weapon?
99  Main Area and Open Discussion / Living Room / Re: Can you inagine a world without any personal privacy? Because it's here. on: March 20, 2013, 09:20:03 AM
I'll start it off with this one from Business Insider in that other thread and start the bidding at TWENTY!
I'm only seeing Ghostery block 6 on their front page - perhaps because of RequestPolicy? smiley
100  Main Area and Open Discussion / Living Room / Re: When it comes to EA, it just keeps getting better - or worse... on: March 20, 2013, 02:46:41 AM
Now there's news of a verifiable security flaw in EA's Origin platform can facilitate local vulnerability exploits on Origin user's PCs.
At first I was "meh, local exploit - whatever". Decided to take a look anyway, flipped through the ReVuln PDF (linked to from the Vimeo site), and turns out it's slightly more interesting - allowing you to launch arbitrary processes on systems that have Origin installed, if you can get it to launch an URL. It's still fairly boring technically, but could actually be dangerous.

Now, how much and what kind of REALLY BAD DRUGS does somebody need to come up with to design a system that launches local games by installing a custom URL handlers Wtf is wrong with these people?
Pages: Prev 1 2 3 [4] 5 6 7 8 9 ... 350 Next
DonationCoder.com | About Us
DonationCoder.com Forum | Powered by SMF
[ Page time: 0.058s | Server load: 0.07 ]