topbanner_forum
  *

avatar image

Welcome, Guest. Please login or register.
Did you miss your activation email?

Login with username, password and session length
  • Friday February 7, 2025, 5:21 am
  • Proudly celebrating 15+ years online.
  • Donate now to become a lifetime supporting member of the site and get a non-expiring license key for all of our programs.
  • donate

Show Posts

This section allows you to view all posts made by this member. Note that you can only see posts made in areas you currently have access to.


Messages - tmpusr [ switch to compact view ]

Pages: prev1 2 [3] 4 5 6 7next
51
Only when I need to read away from the screen. Otherwise I read dim gray, super legible standard fonts (with practically perfect pixel positioning and thickness - too thin usually - took me a while to find them among hundreds) on a black screen (also took a while to set up the colors) with display brightness and contrast turned almost all the way down. The result: no eye strain whatsoever. I no longer care whether I read screen or paper, especially since the fonts I use for printing are the same as on screen. I'm sure one can't improve this setup significantly, even in theory, ever. Only a better display, OLED, will improve this since, if I'm right, there's no backlight and the text will just float in absolute darkness. Want a link to the setup?

It would be perfect if you could force fonts in PDF readers like you can in browsers. Know any readers or some tricks that let you substitute fonts in PDFs? Because I usually disagree with the typographical choices in the PDFs, when reading long documents, I run them through some PDF2html program and read them in a browser.

52
A VM (a Virtual Machine, like VirtualBox, VMware, Virtual PC) pauses when the mouse is not within the window (or full screen in case using a virtual windowing manager like VirtuaWin or Dexpot). When the mouse enters the window it sends the resume hotkey to it. When it leaves, it sends the pause command to it. The number of VMs running will be limited only by RAM, not CPU. Includes and excludes by window title, because you don't want to pause a server VM.


53
DimScreen but just for the buttons and icons (though IconPackager helps with icons). If possible fade up when hovering. Ideally I'd like to have partially or fully desaturated or colorized with hue control icons and buttons, some % darker than normal, even 100%, so they'd only become visible when approaching them and light up when hovering.

If this UI magic is possible, please implement.

54
More precision:

4.2 Activity density (creation date). Example: a bunch of files have been created (usually downloaded) between 1830-1930 with little time between them. This pattern, the untypically small interval between creation/modification dates, would be recognized and they would be grouped under "20061116 1830-1930". Then some time has passed with few created files. Another rather continuous file creation stream occurs 2210-2240. They would be grouped too.

See the full post
https://www.donation...dex.php?topic=6196.0

55
Post New Requests Here / Auto Insert Notification
« on: July 02, 2009, 04:20 PM »
I'd like the same, but it should also auto-mount a TrueCrypt container file on the device. That either requires it to auto-type the password for TrueCrypt or to use the cached password (possible?).


56
How about making it easier:

If the first string of the paragraph is equal to any of the lines in a text file (containing the tags), append the paragraph and optionally the following paragraphs until the next tag to a file by that name and optionally remove the appended text from the original file.

A snack, eh?

57
The idea is to be able to gather paragraphs that have the same kind of content together for further editing.

Example: you've collected paragraphs of text dealing with several different topics into a single file, but they are in random order. To get them in order, you read each paragraph just enough to determine what it's about and add a tag. After you're done, you run this program and you've got all the tagged ones neatly together, in the same order as they were in the original text.

Huge messy text file:

Something about zeros 1.
Something about ones 1.
Something about ones 2.

Something about zeros 2.
Something about zeros 3.


Something about ones 3.

Something about zeros 4.


The user manually adds a tag to the beginning of each paragraph - to make it easy using perhaps some auto string expander, typing e.g. zzero, oone, or +z, +o:

[Zero] Something about zeros 1.
[One] Something about ones 1.
[One] Something about ones 2.

[Zero] Something about zeros 2.
[Zero] Something about zeros 3.


[One] Something about ones 3.

[Zero] Something about zeros 4.


The software sorts the paragraphs so that all paragraphs that have the same tag are together. It can export them into files that have the tag as a name (optionally without the special characters, like []):

[Zero] Something about zeros 1.
[Zero] Something about zeros 2.
[Zero] Something about zeros 3.
[Zero] Something about zeros 4.

[One] Something about ones 1.
[One] Something about ones 2.
[One] Something about ones 3.


(Notice the zeros were first, because the first occurrence of a tag was a zero.)


Options:

The tag as a subtitle before the paragraphs with optionally one or two empty lines above it and one, two or none below.
Add empty line between paragraphs.
Don't remove the tags from the result.
Sort tags alphabetically (the ones would be first).
The tag can be anywhere within the paragraph.


The tags could of course be anything, like -z and -o. The software determines it's a tag if two instances of the same string appear in front of paragraphs.



58
If the user stays within range, this would not work, though it would be a great additional layer of security. A corporation/government might not even give its employees the password. It could be unlocked only remotely or when the laptop is returned. This would enable controlling usage remotely so that the system can be used only when approved, in a secure environment. For such a system, one-time passwords would be good to have, too: https://www.grc.com/ppp.htm

59
The 'download and run termination software' attack can be made substantially more difficult - and time consuming - by removing the browser from the hardware system and running it only in a virtual machine. Getting the downloaded app to the host would be another obstacle. The watchdog solution is viable if you can't run an app built to terminate them, is it not? You can't terminate the watchdogs manually quickly enough - you can't terminate them at the same time - or can you?

60
Thieves today may know that the contents of the system may be worth something too and will keep on touching the keyboard/touchpad to prevent the screensaver.

This solution is created to address the particular problem where you abruptly lose physical access to the computer or forget to lock it and someone starts using it (the screensaver won't activate). It already provides great (practically perfect, if the timeout is short enough) security.

If the adversary is ready to "persuade" me to reveal the password, that's where plausible deniability is required, which TrueCrypt provides.

I think this is such a fundamental security feature that it should be part of the OS.

61
What makes you ask that? There's a huge security industry out there. You can ask them who they're trying to guard against. There are other threats than just common thieves. Capable adversaries include professional criminals, governmental and corporate espionage.

It's obvious to me that a screensaver will never activate. And all this 'keystroke-timeout-fumbling' is already doing its job.

The nuking watchdog solution must be tested. I don't think the strain it puts on the CPU can be significant. So you can prevent program termination in a limited account? Getting a BSOD when the process is terminated would be ok, too.


62
That's a good feature. Optionally you should be able to prefix and/or postfix it with your own string. Apparently you're somewhat security-conscious, too...

Don't give up so quick with the process termination security hole... using the "heartbeat" again looks like a solution:

You run a pair of processes that watch that each other exists (and/or that some file is getting written): if the other one is killed or suspended (checking if process exists is not enough) it will lock out. If two is not enough, use three. Since the termination software the adversary will use won't disable them simultaneously, though the time interval is very small, it should work. Even if all ports and drives are blocked, but it's still connected to the tubes, they will provide the adversary the software on the browser.

You'd need to create a termination/suspending app to make sure it's defeated. You should try to break into the system by all these means and fail.

Were trying to change the rules of the game here: the computer will eventually be bricked, no matter what you do. The time the adversary has available to upload data should be less than the time it takes to issue the commands. In high-risk situations it shouldn't be many seconds or your recent files will end up on someone's server. It seems that with this app running the game is over for the adversary, not for you.

This security hole is patched as long as the lockout time is short enough. With a webcam you could check if the user is present, and if not, lock out in 3-5 seconds.

63
Maybe the process needs to be run as a service or as a driver and named to look like an inconspicuous system process.

64
It can be used for something else too: I've set this up for 55 minutes now to remember to take a break - when it starts warning, I press the hotkey (since I don't use it for security now), get up and come back after 5 minutes and press the hotkey again. Which made me think of...


'Inevitable Lockout' feature

To make sure the system would eventually lockout even if the adversary knew the hotkey, it would be useful to have two timers running. The other one you can't stop. To use the system you must provide the password every n minutes. This requires preventing terminating/suspending the program - is it possible?

65
In a super-high-risk situation, where the adversary is watching you, unless you have something covering your hands (typing under a cloth, which is actually useful if the air is cold), having just one hotkey is not good. It provides practically no security. We must assume this security measure is common knowledge, and the adversary expects that you use it. Another layer of security would be to have a USB stick (or more) in the port, without which the system locks, tied to your limb or neck. The only drawback is that the moment of forced separation would feel uncomfortable.

Options to make it harder to detect what to do to keep the system from locking:
Changing hotkey.
N different hotkeys pressed in sequence, the equivalent of typing an n character password.


66
'Idle Fast Track - The user has apparently left' feature

If you take a break, the computer notices it: if the cursor and the keyboard have both been idle for n secs, despite still having plenty of countdown left, the countdown is switched to another timer that has only n secs left. If you touch either, the countdown switches back to the original timer. Unless you're just reading or watching without touching the computer this is a useful feature to have. But it can be made useful even in that usage scenario - it can adapt: option to detect the foreground application and if it's a media player, or a PDF reader, even perhaps a browser, it's not active, because it's likely your input frequency is down for a good reason. It increases security without increasing inconvenience so steeply. Option to have normal (+sound), or severe (+sound), or only sound, or no warning. I'll probably use the severe full screen blinker to wake me up or just the sound.


Example

2 min countdown, 1:40 left. You leave the computer without locking it or it's grabbed from you (the adversary avoids closing the laptop which might lock it). 5 secs passes without input. The process is fast tracked: IdleCountdownTimer takes over and only 5 secs remain, instead of 1:30.

67
If your "heartbeat" isn't rapid enough, there's still a vulnerability if you haven't disabled the USB ports (or passworded them - can it be done?); the thief can insert a USB stick and run a program that suspends/kills all non-system processes. How to prevent this from suspending/terminating? Some low level system code, perhaps a driver?

I'm pretty happy with the tooltip blinking (erratically because of sucky code) at the cursor. I usually don't miss it because it's where my eyes are, but when I have, the SevereWarningMessage that blinks the whole screen by drawing a transparent fullscreen tooltip, has caught my attention. This version often leaves a transparent tooltip on screen when I press the key. Information wants to be free and code wants to be wrong.

68
Something like this
<a href="http://www.mediafire.com/?wtgywzo2znt">AutoLockTooltipTest.ahk</a>
It plays accept.wav and warning.wav if in the same folder.
Since I'm no autohotkey coder there's plenty of suckiness, but you get the ideas.

69
A tooltip at the cursor (mouse or text or both) with a countdown. The necessary code is here http://www.autohotke...iewtopic.php?t=40165

70
Can you overlay (transparent) text on screen? You should see it even when you're in a full screen Remote Desktop. It could start in the corner counting down and during the last seconds move to the center and get larger. Or it could just be in the center of the screen big and bright so that it certainly catches your attention. Or a combination of subtle yet conspicious: a full screen very transparent font.

I prefer the notification to be as subtle as possible most of the time, but if you just don't notice it, it'll get "louder" just as people would. So it could start almost totally transparent and start getting less transparent and darker or brighter. The balloon isn't very subtle when it unhides a hidden taskbar, but it's too subtle sometimes if the taskbar is not hidden. Screens are big and you may have looked away when it appeared so you didn't notice the change.

71
Playing a ticking sound (wav) per second or just once, and when key is accepted, would be good features for no-visuals operation.

72
Appreciated. There's a small security hole: you can close it.

Looking for:
Ability to do the other things, not just lock, though lock does the job - unless you have no password relying on the pre-boot authentication of TrueCrypt (the system drive is encrypted).

If you miss the bubble and don't press the key in time, for example because you're in a full screen Remote Desktop, it should have a grace period of n seconds that displays a conspicuous countdown timer regardless of what is on screen (if playing a game, it switches to the desktop), during which you can press a key, or enter a password. Sort of like UAC, with the background dimmed.

No icon in the tray, especially not an animated one.

73
So that it doesn't annoy a lot, it could be once every 5-15 minutes, though within 15 minutes people could view/copy a lot of data. It's up to you to choose how tight security you want. You'd see the countdown during the last minute, optionally with (or only) a ticking sound during the last 30 seconds. Just press the key and you've got another 15 minutes. The point is that if you're not around, the computer won't just go on forever.

It's hard to believe this kind of utility doesn't already exist.

74
It'd be ok for version 0.1 to have just a countdown timer that will send a keystroke if it doesn't receive a key (combo) within n sec, that's all.

75
Your inability to see any use case is simply the inability to see a common scenario that has occurred many many times:

You're sitting in the public typing. Suddenly you notice you're typing thin air. Some guys are running away with a large bag (no laptop in sight) and disappear behind the corner.

Can't see any way a screensaver would help in this case. The thieves of course know about them, and keep on typing, moving the cursor, and then go and disable it. Just in case the drive is encrypted, they insert a USB drive and steal everything from your drive before letting the system shut down.

This is a basic security feature that is sorely missing.







Pages: prev1 2 [3] 4 5 6 7next