topbanner_forum
  *

avatar image

Welcome, Guest. Please login or register.
Did you miss your activation email?

Login with username, password and session length
  • December 07, 2019, 08:27 AM
  • Proudly celebrating 13 years online.
  • Donate now to become a lifetime supporting member of the site and get a non-expiring license key for all of our programs.
  • donate

Show Posts

This section allows you to view all posts made by this member. Note that you can only see posts made in areas you currently have access to.


Messages - neverlight [ switch to compact view ]

Pages: [1]
1
Hi skwire,

Yup. It would be great if you could workaround the issue if you have time. Thanks.  :up:

2
It seems 'Trusted vendor names' (SkipList) does not work with many entries. Try to copy-paste entries from my list (see attachment) & check config. Not sure what's happening. Looks like a bug.  :huh:

3
N.A.N.Y. 2017 / Re: NANY 2017: Feast Day / Fast Day (Android)
« on: March 06, 2017, 07:14 AM »
Hi neverlight.
If you can think of specific easy feature ideas I'm definitely interested in hearing them.

As for calorie counting -- my experience is that there are lots of very good full featured diet apps that do that kind of thing so I am hesitant to compete with them.
However I do have a very quick calculator type control I could add if we wanted some very basic manual calorie counting..

Hey Mousie,

Sorry if it wasn't clear. My bad. I find it unhealthy to not eat anything & was actually hoping for multiple methods (these are mentioned in provided articles). I'm not sure if there's anything similar on Play store though.

The 16/8 Method: Also called the Leangains protocol, it involves skipping breakfast and restricting your daily eating period to 8 hours, for example from 1 pm to 9 pm. Then you “fast” for 16 hours in between.

Eat-Stop-Eat: This involves fasting for 24 hours, once or twice a week, for example by not eating from dinner one day until dinner the next day.

The 5:2 Diet: On two non-consecutive days of the week, only eat 500-600 calories. Eat normally the other 5 days.


And yes, a very simple counter as you mentioned. (see 5:2 eating pattern)


Hopefully, I did not misunderstand app usage.

5
Just wondering-- Wouldn't it be better while using "Rescan list" action to filter existent list instead of re-using sigcheck (for example, it could be faster in the case where you add a trusted vendor and recheck the list)?

Thanks for the updates by the way.   ;D


Kind regards,
Marius


// added more details

6
"Copy files" action does not seem to work.  :huh:


Kind regards,
Marius

7
.....except the blue icon lines which appear with v2.2 but not with v2.1
Did you try running 'SigcheckGUI' as Administrator?

The reason why I'm asking is because I noticed the following :
1. Right-click on 'sigcheck.exe' ~ Go to 'Compatiblity' tab ~ Check 'Run this program as an administrator' ;
2. Run 'SigcheckGUI.exe' ~ You will notice that ALL files appear with a blue icon.
However, if you run 'SigcheckGUI.exe' as Administrator then the issue is gone.


Kind regards,
Marius

8
Another ignored case is related to altered (signed) files (files that are digitally signed but altered by malicious applications, hex editors etc). These are files where digital signature does not verify.
These are listed under "Unsigned" -- not correct.  Perhaps this is another category of signed files : "Invalid".

Please check my screenshots.

Kind regards,
Marius

9
Digital signatures get revoked for example when these are found to be malicious (but present a signature in order to be blacklisted, not by hash but by digital signature ; malicious/blacklisted vendor).

Kind regards,
Marius

10
I found one small issue. On the other hand, it might be intended (but limited) behavior.
To better illustrate this issue, please consider the following example: if I tick under "View" tab to display only "Signed" files then some cases are ignored. You will get the blue icon and this message under "Verified" : "A certificate was explicitly revoked by its issuer."
Thus, we have another category of files which are signed : "Revoked". This should be displayed under "View" tab. What do you think, @skwire ?  :-[

Additionally, please check my screenshot.


Kind regards,
Marius

11
@skwire, There's also a new version of Sigcheck as of March 10, 2015.  ;)

reveal/hide changelog
This release of Sigcheck, a command-line tool that reports file version, code signing, and hash information, introduces import-hash reporting and support for files larger than 4 GB.



Kind regards,
Marius

12
Right on.  I'm glad you like it.  I think we can call this one done, eh?

Of course.


Thanks,
Marius

13
Good work!! I like it. I'm also kind of impressed while looking trough memory usage.  :)

Thanks,
Marius

14
To clarify, I think you mean a list filter, right?  That is, you type a string in a field and the list is reduced (filtered) to only those processes that match the search string.  I say this, because you can already "type" while in the list and it should match on the filename and highlight it.  Am I correct?

A filtering function based on column data. As for example, searching for a certain vendor, hash, etc.

Also, you should add a message or something for missing <sigcheck.exe>. That might cause some trouble.


Thanks,
Marius

15
Thanks for the update, skwire.  :up:

Another suggestion would be search functionality.


Thanks,
Marius

17
sigcheck.exe itself not being able to handle those characters.  Run a "sigcheck -a c:\windows\explorer.exe

Those are not really important anyway. Future versions of Sigcheck might have it fixed.


Thanks,
Marius

18
The app does seem to handle Unicode paths and Unicode filenames without issue so I'll assume you're talking about the actual displayed data.  If so, can you provide me an example of what you're seeing?

"Product" & "Copyright" columns, for example. Please check attachment.


Thanks,
Marius




19
"Cancelling a scan" feature is forthcoming.  Regarding the process priority request, what do you expect to gain from such (honest question)?
Sometimes the window gets unresponsive while handling a lot of files. That's why I suggested priority similarly to how archive managers handle things. I'm not sure if it's possible.

Also, it would be very interesting to see a cache system that might speed up the process since some files might have been (already) processed.
Perhaps there should be another action in "View" tab that gives end-users the ability to show only unique files (not duplicates).

Another issue that I've observed is that it does not handle special characters well. Probably a display issue.

And another suggestion would be to rename "Trusted list" to "Trusted Vendors" as this might avoid possible confusion & make the box re-sizable.

I've seen that you get to choose from three different search providers. However, why not let the user choose additional ones? Perhaps it should be configurable since some users might have access to executable databases by using hashes (or other information). Thus, another useful suggestion would be to allow macros. As for example, the user could input $SHA1 (and other) in the url.
Example of such usage (but not necessarily limited to VirusTotal) : https://www.virustotal.com/en/file/$SHA256/analysis/

While I do like that you can use "Open VirusTotal URL(s)" from the right-click menu, it is unclear on how to actually use it from a novice user point of view. This action is available/enabled by default. I'm not sure if it is intended since you can spam this action while not doing anything and not being ok from aesthetics point of view.

Also, the clean action will not do anything if files are being processed. I'm guessing this option could be grayed out or/and inform the user that it is not possible, maybe.

Under "Help" tab > "Contents", users would expect a help file and not a pop-up that describes SigcheckGUI since there is an "About" button. Superseded.

Another suggestion that might be useful regarding quick access would be to add another action in the right-click menu named, for example, "Open File Location".

Maybe, the "Info Box" action from right-click menu should be grayed out for multiple files.

SigcheckGUI or SigCheckGUI -- Is it intended?
 

Thanks,
Marius

20
Thank you. I will spread the word about this amazing piece of software.
You should add a stop/pause/resume feature & process priority (foreground,background) feature.


Kinds Regards,
Marius

21
Awesome.

Hmmm...not sure what else you'd want out of this tool.
Well, imagine tons & tons of files- you have to sort/filter these by columns, copy/move files to other folders,  filter/hide files from signers that are loaded from a list, copy and paste displayed information such as hashes of files. These are most used operations.

Kind Regards,
Marius

22
[...]  I assume you would like all bits of information listed in columns?  [...]
Yes. It's a good start (for the first version) but this (suggested) application should not be limited (only) to the output though.  :up:

columns would be nice.
For sure.  I foresee something very similar to my PDFInfoGUI tool.

However, maybe columns should be opt-in. End-users should select which columns to be displayed.


Kind Regards,
Marius

23
In the meantime, I've found a (temporary) solution-- Sigcheck.
More information
Sigcheck is a command-line utility that shows file version number, timestamp information, and digital signature details, including certificate chains.


Interesting tool that does the job and it could be used in the "process". I'm guessing a GUI could be made based on this tool.
Hope it helps.


Kind Regards,
Marius Il.

24
I didn't expect such positive replies.


Please note,that it's (very) important to know which files have a valid digital signature in terms of #date. In other words, to less or equal to current date. That could be a method.
Now, extending the idea of complex verification, It could also use an 'offline database', perhaps a text file (list) that contains default/custom trusted vendors. The vendors that are listed in the respective text file will show in a color, let's say green while the others that are not in the list will be marked red. Of course, colors could be customizable/user-choice -- whatever seems appropriate to DonationCoder.

Thanks again for the great feedback.

Kind regards,
Marius

25
At the moment, I can not find such a tool.

This kind of tool could be quite handy since malware analysts/researchers look into digitally signed files for whitelisting/blacklisting purposes.
Possible (important) features (to be considered):
- display digitally signed files from a specific folder as a list;
- ability to view the specific folder using a right-click menu (or something similar) on the digitally signed file;
- ability to filter files using digital signature details such as "Issued by", "Issued to", "Valid from" - "to", etc;


Kind Regards,
Marius
 

Pages: [1]