avatar image

Welcome, Guest. Please login or register.
Did you miss your activation email?

Login with username, password and session length
  • Monday April 6, 2020, 2:42 pm
  • Proudly celebrating 15 years online.
  • Donate now to become a lifetime supporting member of the site and get a non-expiring license key for all of our programs.
  • donate

Show Posts

This section allows you to view all posts made by this member. Note that you can only see posts made in areas you currently have access to.

Messages - Scott [ switch to compact view ]

Pages: prev1 [2] 3 4 5 6 7 ... 15next
TargetAlert has been able to show icons only on mouseover since "Version 0.8.5 - 6/10/05".  As I understand it, TargetAlert does not "affix" the icons to the mouse cursor the way Link Alert does.  I can't verify this, because I just installed TargetAlert, and it doesn't work at all for me.

ProcessTamer / Re: any plans to "force" stubborn programs?
« on: September 03, 2006, 12:52 PM »
phatmankerr has already been squared away.

But congrats on giving me a reason to unsubscribe from this thread.  I love it when people do that.  It's almost like being on the Wilders Security forums.

His objections begin: One, it doesn't hide your searches.  Well, that's a "No shit, Sherlock" statement, if I've ever seen one.  If you're searching for "al Qaeda recruitment centers," as Schneier uses as an example, I hope you are targeted.  I think of things like TrackMeNot and Random Submitter as being for those of us who don't have a legitimate reason for DHS to knock on our doors.

Who the hell ever said this idea was designed to hide genuinely nefarious activity?  The whole premise of that angle is idiotic.

Then he says Two, it's too easy to spot. There are only 1,673 search terms in the program's dictionary.  Well, my Random Submitter word list is many times that size.

Then, he says In any case, every twelve seconds -- exactly -- the program picks a random pair of words and sends it to either AOL, Yahoo, MSN, or Google.  I run Random Submitter from a command script.  Everything is randomized...  How many instances launch, what search engines are used, and even the submission interval within each instance.

Then, he says Three, some of the program's searches are worse than yours.  This is true--as I pointed out above, the default TrackMeNot word list contains really idiotic words to search on.  You have to sift through whatever list you'll be using, and remove crap like that.

Then, he says And four, it wastes a whole lot of bandwidth.  This may be true; I admittedly never worried too much about it.

Then, he says I suppose this kind of thing would stop someone who has a paper printout of your searches and is looking through them manually, but it's not going to hamper computer analysis very much. Or anyone who isn't lazy. But it wouldn't be hard for a computer profiling program to ignore these searches.  If you work a bit harder to randomize the submission intervals, I think this argument is quite mitigated.

He quotes another self-appointed security god, who says:

Imagine a cop pulls you over for speeding. As he approaches, you realize you left your wallet at home. Without your driver's license, you could be in a lot of trouble. When he approaches, you roll down your window and shout. "Hello Officer! I don't have insurance on this vehicle! This car is stolen! I have weed in my glovebox! I don't have my driver's license! I just hit an old lady minutes ago! I've been running stop lights all morning! I have a dead body in my trunk! This car doesn't pass the emissions tests! I'm not allowed to drive because I am under house arrest! My gas tank runs on the blood of children!" You stop to catch a breath, confident you have supplied so much information to the cop that you can't possibly be caught for not having your license now.

This argument relies on the search queries containing incriminating terms--but as I mentioned, you need to remove words like "mailbombs", "assassinate", and "rape" from your word list.

His suggested improvements are good, though:

If I were going to improve on this idea, I would make the plugin watch the user's search patterns. I would make it send queries only to the search engines the user does, only when he is actually online doing things. I would randomize the timing.  And I would make it monitor the web pages the user looks at, and send queries based on keywords it finds on those pages. And I would make it send queries in the form the user tends to use, whether it be single words, pairs of words, or whatever.

Random Submitter already allows you to do some of these things.

He suggests using something like instead.  But ... who runs that web site?  Why should I trust them?  Is it actually run by the DHS?  Do they log queries (regardless of whether they admit it or not)?  Could they not have a massive data leak?  Could their logs be subpoenaed or lost?

The bottom line, for me, is that if you take a bit of time to make it work, you can bury your real searches.

Paranoia goes one step closer to mainstream!  Oh, wait, it did that a few years ago...  Never mind.

This extension doesn't work nearly as well as Random Submitter does.  For one thing, it seems to only be able to submit two-word queries.  It also has--and this strikes me as insane--a word pool that includes strings like "letterbombs", "bombs", "mailbombing", and so on.  To me, polluting your search queries is one thing, but including search terms like that is just begging to make eyebrows go up.  This is especially true if some other strings in the word pool happen to be something like "embassy", "president", or something of the sort.  I don't think you want to be searching for something like "bombs embassy" or "letterbomb president" 400 times a day.  But that's just me.

ProcessTamer / Re: any plans to "force" stubborn programs?
« on: August 11, 2006, 03:11 PM »
Why not send me a PM instead?

ProcessTamer / Re: any plans to "force" stubborn programs?
« on: August 06, 2006, 12:49 PM »
If it were a problem with permissions, wouldn't the Process Tamer log at least show an attempt to modify the priority?

ProcessTamer / Re: any plans to "force" stubborn programs?
« on: July 23, 2006, 10:53 PM »
There are are a few services/processes that simply ignore Process Tamer.

I am seeing this problem now, and I can give a specific example:  mstDfrgS.exe, which is a service installed by mst Defrag Home Edition 1.9.  I've configured PT 2.05.02 to force mstDfrgS.exe to low priority, but it never does.

The strange thing is that Sysinternals Process Explorer can set the process priority class of mstDfrgS.exe to 4 (i.e. "low") without a problem.  Similarly, the command line utility Process.exe can set it to 4.  So why can't PT do the same?

I haven't tried running PT as a service, because honestly, I don't want to run it as a service.  And this isn't a "permissions" issue in that regard anyway.  In fact, PT's log doesn't show any attempt to set the priority of mstDfrgS.exe at all.  So, I guess we can never mind the question of why the other utils can set the priority and PT can't, and start wondering why PT doesn't seem to try in the first place.  :)

Living Room / Re: Anyone actually use rewriteable media?
« on: May 20, 2006, 04:53 PM »
Scott, have you considered that your experience of DVD and other optical media might be just a tad biased by such an extensive experience in the support field? :D I'll bet you mechanics who work in Honda shops could tell you about millions of stupid problems that happen all the time with Hondas, but they're still demonstrably some of the most reliable cars on the road. Likewise if you look around for opinions on the 'net you'll often find actually *more* complaints about Honda, Toyota, etc. cars than others. The reason however is not because they are more problematic, but because A: more people buy them than a lot of other cars and B: more of those people expect extreme reliability and thus they have higher standards for how reliable their car should be. Some people go a little too far in believing the Honda/Toyota reliability and expect that they should just never have to change oil or even do regular maintenance. :P
You're right, I am biased.  Biased heavily against current optical technology.  But "biased" doesn't mean "baseless" or "wrong".  It's precisely because I see so many support relating to various storage devices that I know what sucks and what works about each of them.

The Honda/Toyota analogy isn't a fitting one.  That implies I only have opportunity to see support requests relating to CD/DVD drives.  I don't--most customers use hard drives, many of them use external hard drives using IEEE 1394 or USB 2.0 interfaces.  So I'm not a Honda mechanic; I'm a general mechanic (or perhaps more aptly, just an "industry observer" :)) who has taken it all in, and figured out what sucks and what doesn't.  CDs and DVDs really do have more problems.  It's not too often that I see people being advised to upgrade the firmware in their hard drive, or to try writing to it slower, or trying a different platter maker for it.

Even if you could explain away the constant miserable failure and problem rate of CDs and DVDs (which, sorry, you can't), you're still left with the slowness and the miserably-lagging capacities.  Consumer hard drives are very close to reaching the 1-terabyte level, and you're honestly defending 700-MB and 4.37-GB removable media technology?  I wouldn't care if it was dead-nuts reliable, and blazingly fast; I'd still avoid it just because the capacity sucks.  I can't even fit more than about 17 normal-length songs onto a CD, unless I use lossy compression, and then screw around using a compatible playback device for it.  The next-gen (non-)solutions still suck, too.  What are they going to offer, 30- or 50-GB capacities?  The level that tapes and fixed disks had met eons ago?

[M]ost people don't have a lot of large stuff to backup unless they're unsensibly backing up their entire drive, with multi-gigabyte games, applications, etc. installed. So for most people 1 or 2 DVD's should be able to back up their entire system.
Well, I back up my entire hard drive, to the tune of around 120 GB (much of it music), and I feel it is completely sensible.  My time is too valuable to me to risk spending on reinstalling applications and all that nonsense.

Still there are many power users like myself, Scott, and others here that do have 10's or even 100's of gigabytes they want to backup, either regularly, or at least once and then do incrementals on it going forward.
And if that one original full backup gets lost or damaged, all your incrementals are meaningless, or pretty close to it.

Keep at least 4 generations of backup around.
Backing up 120 GB, that's 28 DVDs each.  You think I'm going to store 112 DVDs for backup?  And hope they all work when I need them to?  Despite the fact that a mere plastic CD case is a threat to their very survival?  No thanks!

I actually made the mistake of relying on a DVD backup not too long ago.  The backup was done with a byte-for-byte comparison done, meaning that it was stored with definitive accuracy.  Yet, after restoring from it, my system was flaky.  I suspected that something had gone wrong in the restoration process.  So, I restored from an older backup that had been stored on a hard drive (non-shit technology, in layman's terms).  Bingo, everything was fine once again.

And [tapes are] also prone to deterioration over time, although so are CD's and DVD's.
Tapes are a lot more stable in storage than DVDs are.

These days you can buy a 200GB [hard] drive for little over $100
You can actually get a 320-GB hard drive for very little over $100 ($106 as I write this).

Living Room / Re: Anyone actually use rewriteable media?
« on: May 11, 2006, 12:19 PM »
Scott, I can't say I disagree with you.  But what backup storage do you recommend besides hard drives?  Do you think Bluray will be any better, or probably worse?

The only thing I use for backup are hard drives.  They're not entirely ideal, but they're better for my purposes than optical media.  Too early to say how Blu-Ray will turn out, I think, since not too many average users have begun using it.  The best solution for you depends on how much cash you have.  The consumer-level stuff really blows.  There are some really good solutions if you happen to have a social circle that includes Warren Buffet and Bill Gates.  The rest of us get crap.

Regarding what Carol said...  Even if CDs and DVDs work well for you, there's no escaping the abysmal capacities they offer.  I backup a couple hundred GB of stuff regularly.  DVDs aren't even an option.  The people who request tech support related to DVD writing often mention things like "...I get an error on DVD number 9..."  Yeah, OK, I have better things to do with my life than babysit my DVD drive and watch a little LED turn on and off for eons.  (And my favorite thing is when the damned tray ejects with no warning, just to entice my dog or little girl to run into it or inspect it.  And even if that doesn't happen, I get a nice influx of dust.)

And as far as reading discs at a later date, well, better be careful not to scratch those discs in the slightest.  DVDs are really touchy about that.

Living Room / Re: Anyone actually use rewriteable media?
« on: May 10, 2006, 07:08 PM »
I've never tried DVD rewriteable technology, but I assume it's just as bad.

No, it's not.  It's worse, much, much worse.  They pack so much more data into the same overall amount of space, problems arise as a result.  I do work for a backup software vendor, and DVDs are probably the #1 support issue:  "The burn doesn't work."  "The disc can't be read." "I'm getting errors." "What does this sense code mean?" To which the reply is generally:  "Try new firmware ... Or a different brand or type of media, or, hell, even a different lot of the same media.  Did you check  Try a slower burning speed ... Enable the MY HARDWARE SUCKS setting in the BIOS ... Fart out magic pixie dust and sing a chant under the light of the full moon..."

DVD sucks, period.  It's unreliable and problematic as hell, and not nearly as long-term stable as the liars told us it would be during early adoption.  (Tape media is actually much better in that regard.)  The relative storage capacity is a complete joke.  Anyone who disagrees has a mystical, magical combination of hardware, software, and ordained luck that I could only dream of attaining.

I utterly despise all current optical media technology.  The capacity sucks.  The process is horribly slow and unreliable.  The inter-device compatibility sucks.  The media is fragile and a pain in the ass to handle.  I mean come on, why are we stuck with technology that requires sites like to exist?  Media that you can't even write on the reverse side of, or it may screw up?  Media that you are advised to store standing up, not lying flat, because even a slight bend, introduced over years, could also screw it up?

And writing the data is only half the battle--you have to then cross your fingers and toes that it'll actually be read correctly, too.  And, of course, if you read it using different hardware and/or firmware, your results may vary wildly.

I use forwarding proxies occasionally (usually with Ad Muncher), but not for Google.  They're always annoyingly slow.  Some use "forwarded-for" headers, which reveal the source IP (i.e. yours) to the end server anyway.  Even without that, everything you do gets logged by the proxy, so it's the same thing as contacting the web server directly, just one step removed.

But, it's an idea that may have merit.  I'm just more comfortable hiding my searches in the open.


I'm editing, not replying, so as not to bump the thread.

Does anyone want to goof on me NOW for requesting and/or using Random Submitter?


AOL has apparently released details of Internet searches performed over a period of three months by hundreds of thousands of its subscribers, raising privacy concerns.

The cached copy of the page said the data comprised about 19 million Web searches performed by 658,000 users from March through May.

The release of such information poses serious privacy concerns. Major search engine companies fought a request for similar data on user searches last year by the U.S. Department of Justice.,71579-0.html

AOL has apologized and taken down the data, but it is now widely available on the internet and some have set up search engines that query the records.

So far AOL has not contacted AOL users to let them know if they were one of the users affected.

AOL says it anonymized the data by replacing the AOL user ID with a randomized number. Is it possible for someone to figure out who I am just from my searches?

Possibly. Reporters for The New York Times tracked down a Georgia woman based solely on a review of the AOL logs. Wired News was also able to determine the identity of one 14-year-old from his queries and knows of one woman who was identified by an outside party and notified she had sensitive financial data revealed by the logs.

I've been polluting the absolute hell out of my searches for months.  Have you?

I can certainly identify with and respect that.  We pissants need all the anti-establishment types we can get.  Thanks for sharing the info.

I'd long known about, but is new to me.

I still don't see why I should trust them over anyone else.  Who is to say if or how long they really store searches, or if they'll be subpoenaed with everyone else?

I'll think I'll just continue to heavily pollute my Google searches with RandomSubmitter.

BTW, have I mentioned lately that you're awesome?  :)

Sorry I haven't donated lately.  I'm still poor hard up, ya see...

Seems to work fine.  Thank you!  File size is much smaller, too, not that it matters.

That's referrer, not user agent...

That would be awesome.  I didn't want to ask.  I'm thinking that just a plain text box (so you could enter whatever agent string you like) would be best.

I wonder if they have caught on to the fact that all the Random Submitter stuff comes in using the acHTTP component ( user agent...  They could just toss it all out I guess.

Some people have said that since the DOJ hasn't requested IP addresses, there is no privacy issue.

First of all, maybe they will follow up and request IP addresses.

Secondly, even if they don't, it is a privacy issue.  If the DOJ issued a subpoena for pages from the diaries and journals or millions of Americans, or the text of email messages*, wouldn't that have privacy implications, even without names being associated with it?  (This is a rhetorical question, to which the answer is YES!)

* I realize that they are already actively engaged in the illegal, warrantless reading of email messages; no need to point it out.

Finished Programs / Re: DONE - Memory utilization
« on: January 07, 2006, 03:37 PM »
Just FYI:  There was already in (long) existence an application using the name "ProcessGuard".  I don't give a shit, of course, but I don't know if the authors would or could raise a stink about it.

I have noticed a rather quirky bug in the latest beta of AdMuncher regarding Website-Watcher and FTP

I'm not sure why Ad Muncher (which only filters HTTP, not FTP) would affect this, but it may suffice to restrict WSW to port 80 in Ad Muncher.  That is, on the Filter Targets tab, use +"wswatch":80 and +"wswie":80.  Just a thought, and I'm not suggesting you avoid mentioning a genuine issue you may have found.

I can safely say that AdMuncher came out of nowhere and made it to my 'A list' in one swift blow. I cannot recommend this software highly enough (and two weeks ago I didn't think it would be possible for me to say such a thing for this 'type' of software).

I heard that.  I have always held up Ad Muncher as an example of how software should be.  While the Proxomitron lovers shout incessantly about how great their solution is, I've laughed at what a pain in the ass they go through just to get the damned thing to work.  (Or, not work.  Or, sort of work.  Or, does it work?  I can't tell.  Can you email me your 2,500-line Proxomitron config file?)

I began a sort of campaign awhile back, in which I remove any software I don't really need and use.  I have also been converting from overpayware to freeware and open source, whenever feasible and worthwhile.  Almost all (maybe even literally all) software I've been using for years has been told to "kiss my ass!", but Ad Muncher is the exception.  I have been using it for years (since 2002), and it's the only bit of software I have kept around so long.

Finished Programs / Re: IDEA: Titlebar Clock
« on: August 07, 2005, 11:30 PM »
I can tell that U R good at saving space.  :)

Finished Programs / Re: IDEA: Titlebar Clock
« on: August 07, 2005, 09:28 PM »
Hah, that's neat.  But what's the difference between having the clock on the left or the right?  :)

Finished Programs / Re: IDEA: Titlebar Clock
« on: August 06, 2005, 09:32 PM »
I found one title bar click utility (quite vicariously):


Edit:  I don't like TitleTime much at all--the date string isn't very configurable at all, but rather relies on you altering your Windows regional settings.  Blech, no thanks.

Pages: prev1 [2] 3 4 5 6 7 ... 15next