topbanner_forum
  *

avatar image

Welcome, Guest. Please login or register.
Did you miss your activation email?

Login with username, password and session length
  • July 23, 2019, 05:16 PM
  • Proudly celebrating 13 years online.
  • Donate now to become a lifetime supporting member of the site and get a non-expiring license key for all of our programs.
  • donate

Show Posts

This section allows you to view all posts made by this member. Note that you can only see posts made in areas you currently have access to.


Messages - f0dder [ switch to compact view ]

Pages: [1] 2 3 4 5 6 ... 364next
1
General Software Discussion / Re: Stop using LaTeX!
« on: July 20, 2019, 09:54 AM »
LibreOfffce Writer is mentioned in the article. I used to use Scribus for such purposes. Now I use LibreOffice Writer to produce desktop publishing-ready PDFs.
Hrm, I don't find that Libreoffice output quality comes anywhere near LaTeX.
It's OK if you just need to do typical office or school work, but publish-ready quality? Nope.

It's very easy to use, allows you to flow text around pictures and if you use the "Hybrid PDF" option (see screenshot below) you can re-edit the pdf later in LibreOffice Writer.
Why would you do that?
PDF should be thought of as an export, read-only format. Keep your documents in source form for editing!

2
So... now, after reinstalling the Authy app on their new phone. They cannot add the site to the authy app - to get access to the site - without scanning a QR code from the site, that is apparently only on the site, that they cannot access... Did you just think of a word that rhymes with firetruck??? I did.
Erm... I don't know how Authy works, but that sounds pretty normal for TOTP-style 2FA. You need your phone/whatever authenticator to give you a time-based key in order to access the site. If you lose that (and recovery codes, which you've hopefully stored somewhere safe), you're f*cked, as well as you should be. "Scanning the QR code" would be adding a *new* phone, with a new seed for the time-based transform.

Which for me...begs the question: Is this kind of idiotic catch 22 level circle jerk "normal" for these (security theater fad) 2fa authentication schemes?!?
TOTP-based 2FA is probably one of the best things you can do security-wise today (that still isn't too much hassle) - it's definitely not security theatre.

Unless it's done wrong by the site, and you can just call and social-engineer them, of course.

3
Intel processors certainly do.  For example, here's a KB article from Microsoft describing an update that contains microcode to fix a Spectre vulnerability: https://support.micr...el-microcode-updates
Neither the Intel nor AMD x86 processors can be fully redefined with Microcode, though. The companies don't want to provide much information on what is possible, and the firmware blobs are undocumented, encrypted and digitally signed - but the general idea is that some of the more complex things can be tweaked, whereas a lot of the more common stuff is pretty hardwired.

4
General Software Discussion / Re: Firefox 67 upgrade issues
« on: July 18, 2019, 12:52 PM »
So, I ended giving up finding a "proper" solution.

Instead, I ended up installing the new Firefox, and creating a blank profile. Then (without Firefox running) I copied all the files from the root of the old profile that had been modified during the last month.

The I made a guesstimate of which folders I ought to copy - e.g. skipping stuff like "cache2" and "OfflineCache", but including stuff like "browser-extension-data" and "storage". (Worth noting: session state, like open tabs, are not in "sessionstore.js" anymore - when Firefox is closed it's written to "sessionstore.jsonlz4", and there's lz4-compressed backups in "sessionstore-backups"... as well as periodically flushed current session state in "recovery.baklz4").

With semi-cleaned-up profile, I was able to start Firefox and have everything working again, yay!

It would be nice to know wtf caused the problems, but there's so many files and folders in a Firefox profile that I can't stomach the detective work. But obviously it's files that haven't been modified for a month that's still being read and causing issues. There's files in my old profile folder that haven't been modified since 2007...

It would have been nice to be able to do an export/import kind of thing instead of the manual copying, there's still probably old crud in the fixed-up profile that's not necessary. But hey, at least things work now!

5
General Software Discussion / Re: Firefox 67 upgrade issues
« on: June 29, 2019, 07:36 AM »
firefox supports multiple "identities" -- you could try starting it with a different identity profile:
https://developer.mo...ox/Multiple_profiles
Yeah, I did try starting with a new, blank profile, and that works - hence my guess that my current profile might be semi-corrupted or something.

And that could definitely be used to try and identify files that have addon configuration, and manually copying them over, but... ugh :)

6
General Software Discussion / Re: Firefox 67 upgrade issues
« on: June 29, 2019, 05:57 AM »
I wonder if one of the disabled plugins could still be responsible..
Dunno, I would think they're supposed to be disabled when they're disabled :) - and FF67 works fine on my work laptop. I guess my profile on this machine might be partially corrupted or something, but the behavior certainly is weird.

Backing up and restoring addon data on a fresh install (profile) would probably be the best option, but I dunno how to do that - and the idea of tracking down the files manually seems so tedious, even if it's probably just uMatrix, uBlock and NoScript I need. Well, and the standard Firefox options.

7
General Software Discussion / Firefox 67 upgrade issues
« on: June 29, 2019, 03:30 AM »
Hey folks,

When I upgrade from Firefox 66 to 67 (which is a pretty good idea because of security issues and stuff), the browser seems to lose internet connectivity. It starts up and tries to restore my tabs, but all of them are blank and in the "loading" state. If I go to "Help -> About", even the "checking for updates" seems unable to connect.

I've tried disabling all my addons, but that doesn't make a difference. There's no proxy configuration or other network trickery. If I reinstall FF 66, stuff works again.

Does anybody have an idea what could be wrong? Or, alternatively (and perhaps better in general), how I can export and re-import all addon settings in a fresh installation? I have a whole bunch of uMatrix and NoScript configuration that I'd really, really hate to redo.

8
General Software Discussion / Re: Gmail complaint, fixed
« on: June 12, 2019, 11:11 AM »
Option one: "Stylish" is a firefox addon which lets you apply CSS to a page.
Have they stopped adding malware to that addon?

9
N.A.N.Y. 2019 / Re: This is an entry for NANY 2019 - SCrypt
« on: May 23, 2019, 02:12 PM »
I hope your "NumOfBytes" is badly named, and is really "NumOfInt64Blocks" :-)

Unless your "//      NextKey := *removed*" fetches a value from a One-Time-Pad with the same length as the data you're encrypting, that you're never re-using the OTP, and that you have a guaranteed non-surveilled channel for getting the OTP to the other side... then this is pretty useless.

I'm sorry if "useless" seems like a harsh word, but it's true nonetheless. If there's any reason to use crypto at all, use proper crypto. A scheme like this is definitely not good enough for "a crypted Chat-Session" - if you're discussing sensitive matters you need a whole lot more (there are perfectly good reasons Signal has a complex protocol), if you're not... well, who cares, send plaintext or use a HTTPS connection. Doesn't matter much if NSA knows when you're gonna hook up with your girlfriend, or what groceries you need to pick up on your way home from work :-)

Also, the code is pretty slow - no loop unrolling, and EMMS'ing for every block? Ouch! :)

10
fSekrit / Re: FSekrit 1.40 Error Saving File
« on: May 23, 2019, 05:32 AM »
Sorry for the late reply :-[

FWIW I've run into the same issue on Win 10 Pro 64 but only intermittently. 'Save As' and then replace the original version was a work-around.
Hm, I haven't seen any issue like this, and I'm running Win10 Pro x64 as well.

Intermittent problems are darn annoying, they're difficult to solve - even more so when they don't happen for me. And yeah, I still use fSekrit regularly myself :)

11
fSekrit / Re: LATEST VERSION: fSekrit 1.40 shrinkwrapped!
« on: May 23, 2019, 05:27 AM »
I happened to find a similar(actually i think the same) program Text-2-EXE
Ugh, missed forum reply notifications for this one!

At first glance, this seems to be a very clear ripoff of fSekrit (although with internationalization added?). The maxa-tools site seems to be down at the moment (Domain Status    On-hold (redemption Period)), but it seems the tool has been shared to a bunch of sites (portablefreeware, softpedia, heise, ...).

I've taken a quick look at the text2exe.exe downloaded from Heise in a hex editor, and... it looks like it's a Visual Basic application. So, not a hackjob that's just replacing resources, and not somebody doing a few modifications to the open-source version of fSekrit... but doing pretty much a reimplementation?

The mind, it boggles :huh:

12
Living Room / Re: Interesting, low-effort, blackmail-esque spam
« on: August 01, 2018, 11:29 AM »
One of the newer trends of these sextortion scams is to use hacked/leaked passwords to make them appear more legitimate. Lots of people are falling for it...

13
A heads up that DC is still broken.
Use a browser instead of a semi-broken wannabe OS ball of mud ;)

14

But yeah, I actually think it would have looked nicer if the legs were closer to front and thus more visible.
I, on the other hand, find the look pretty great. Having the legs flush with the rest of the structure seems... blocky, I guess. Current placement is good :)

And I'm still unconvinced as to whether I chose correctly going with this lighter reddish/orangeish stain, instead of my normal dark brown stain, but that ship has sailed.
Oh, this is the light color I slammed on IRC? Looks a lot nicer on the finished product!

If you were to pick a darker tint, I think a deep chestnut kinda thing would have been nice in that setting.

15
I'm curious about the placement of the feet. I would expect them to be almost flush with the outside corners, and maybe an extra one or two near the center. Why did you choose to place them the way you did?
Better support and weight distribution?

16
Right,

Disabling updates is not an option. Making updates non-automatic might work, but is a poor option.
I don't want to have to remember to go and check for + install updates - I want it to be a fairly automatic process.

wraith808: that link is just Microsoft really, really, REALLY not getting what people are complaining about >_<

17
Any clue as to why it's happening - ransom, specifically targetting us, or being a collateral damage of colocation?

18
I believe the necessary policies only work on enterprise versions, not even pro versions >_<

Removing the task files are not enough, they get re-created. The same goes for setting all ACLs to deny access, Windows will eventually go "Lol, I'm LOCALSYSTEM, bitch, what are you gonna do about it?" and reset/recreate the ACLs.

19
Hi,

This morning I woke up to a computer that was turned on - "oh great, Windows Update resumed from standby again, and even did it in spite of me turning off wake timers". That would have been a minor annoyance to start the day with, unfortunately it also turned out the image file backing my persistent ramdisk had been corrupted, and I had forgotten to add the folders on it I cared about to my backup set.

I'm sick and tired of the forced reboots in general, it's ******* bad attitude of Microsoft not allowing power users to turn them off, and that they're forced even when applications have unsaved data and tell Windows that they're not ready to shut down really ought to bring a class action lawsuit. Oh, and the

I could almost live with the forced reboots, except that windows update ******* resumes the device from standby in order to do the reboots. Yes, even though I've modified the power plan settings to not allow wake timers. This is... I mean, it's beyond contempt for us users.

I've tried several solutions in the past, like disabling orchestration services, deleting the UpdateOrchestrator task files, deleting the content of the task files and removing ACLs for even the SYSTEM user to the files, et cetera -they always get recreated at some point in time during a system update.

So... are there any existing solutions to bloody STOP this insanity from happening? Any gpedit policies (that don't require enterprise edition of Win10) and actually work?

Or do I have to write a tool that continually scan for the task files and delete them if they're re-added, check for the reboot dialog box and try to cancel it, etc?

Yeah, I guess Windows only resumes from standby, not poweroff - but I prefer standby for my desktop machine, so I can just pick up where I left off.

20
If this is something you're going to need often, you can look into XSLT - it lets you transform XML files in pretty flexibly ways.

It's pretty clunky to work with, though, so if you need a quick solution for a specific problem, there's probably easier ways.

21
Living Room / Re: Privacy (collected references)
« on: July 24, 2018, 04:45 PM »
Doesn't it help prevent tracking?
Not really, no. You have to consider that most people aren't on static global IPs, but will either have dynamic IPs, or even (a very large number) be behind cgnat. The tracking folks obviously want to be able to uniquely identify you even in spite of that, and across devices as well.

Trying to use VPN against that is absolutely useless.

You can avoid some of it if you use a combination of uMatrix (in whitelisting mode), conservative use of noscript, a decent adblocker like uBlock Origin, adding in HTTP Referer header control and Firefox Multi-Account Containers. But it's still not a 100% guarantee and it's a fair amount of work getting some sites to work the first time you visit them.

22
Living Room / Re: Privacy (collected references)
« on: July 24, 2018, 11:04 AM »
Please don't think a VPN is going to give you any form of privacy.

A VPN lets you access a remote network securely across an insecure line - this is the only thing it's guaranteed to do. It's the only thing you should be using it for. Stop spreading the damn misconception that it's useful for privacy.

If you want to watch Netflix content from a different region, fine, VPN will let you do that, but morally you might was as well then be torrenting the content.

If you're doing something shady and want to hide your tracks, a VPN is not what you want. Not even one of the paid ones. Not even one of the "WE DON'T LOG ANYTHING AND WE VALUE YOUR PRIVACY". Stop it. There's a few threat models where a VPN can be a viable solution, but for those you should be running it yourself on a cloud instance somewhere. If you don't know how to do that, or think it's too much bother, you shouldn't be doing something shady in the first place - or you're not doing something that warrants that use of VPN, and should just not be doing it.

And stay entirely away from the ones that don't require payment, the market is shady as fuck and they've been doing all sorts of nasty stuff.

23
I prefer the original, non-stained color, to be honest.

The two color samples you're showing remind me of furniture in old people's homes - so dark and brooding :)

24
Left undisturbed, operational HDDs don't usually "suddenly fail", they tend to progressively fail in incremental fashion, all the meanwhile logging their gradual deterioration in their on-board SMART data accumulators. Analysis of HDD failure can be quite enlightening and can enable the user to predict HDD failure, when they avail themselves of SMART monitoring to detect when it is time to migrate from a failing drive, rather than risk blindly waiting till forced to recover from an already-failed drive.
That's not the experience I've had as a consumer.

In some cases, I've seen "reallocated sector count" or some similar stat go up before an eventual full breakdown - but mostly, it's been "worked fine yesterday, now I can't get my data". And I've had disks with reallocater sectors that kept trucking along for years without flaw, and just ended up being too small.

SMART is a mess. The values are opaque, and you can't really compare them between brands. There's no guarantee you'll get reported errors before a failure, and reported errors are no guarante of a failure. And, moving from spinning magnetic platters to solid state drives, failures tend to be "oops, logic board died, all data is lost".

25
From my experience, it can be really powerful, especially using inline assembler to optimize code- a feature that I've not seen so easily used in many IDEs.  I have nostalgia for it- from my first real development opportunity being in Delphi 1
I learned programming with Turbo Pascal 6 back in the day, and spent a lot of time with Borland Pascal 7 as well, before moving on. Back then, the Borland IDEs were second to none, the integrated context-sensitive help system was unmatched. And because compilers generally sucked back then, and the machines were slow, the inline assembly feature was pretty good. I moved onto C/C++, but the first couple versions of Delphi were interesting because they made Windows development easy.

But after that? The whole Borland -> Inprise -> Embarcadero mess was reason enough to abandon the language, IMHO. Other, more powerful, languages appeared, several of them without costly licenses. If you want easy GUI, it's hard to beat .NET.

And inline assembly is IMHO useless these days - if there's a substantial speed gain to be had these days, it's usually from writing a large chunk in assembly, enough that you're better off writing it in an external .asm module in a proper assembler. That, or use a language + compiler that has good assembly intrinsics.

Pages: [1] 2 3 4 5 6 ... 364next