topbanner_forum
  *

avatar image

Welcome, Guest. Please login or register.
Did you miss your activation email?

Login with username, password and session length
  • Saturday June 14, 2025, 7:10 pm
  • Proudly celebrating 15+ years online.
  • Donate now to become a lifetime supporting member of the site and get a non-expiring license key for all of our programs.
  • donate

Recent Posts

Pages: prev1 ... 47 48 49 50 51 [52] 53 54 55 56 57 ... 65next
1276
General Software Discussion / Re: Interesting Approach by the Profiteering Malware Author
« Last post by mwb1100 on June 11, 2008, 06:51 PM »
Probably more realistic to track down the bastard.
-f0dder (June 11, 2008, 05:52 PM)
Why am I suddenly in support of waterboarding;)
-40hz (June 11, 2008, 10:13 AM)
Rubber hose cryptanalisys!  :up:
-scancode (June 11, 2008, 09:41 AM)

Maybe if the FBI or some other 'three letter agency' were to get infected...  I think this scheme would be 'broken' in short order.
1277
General Software Discussion / Re: Interesting Approach by the Profiteering Malware Author
« Last post by mwb1100 on June 11, 2008, 05:23 PM »
why is Kaspersky going after the RSA key instead of the RC4 key?
-Ehtyar (June 11, 2008, 05:07 PM)

Because the RC4 key applies to only a single instance of the infection.  If the RSA key is broken (actually it appears that there are 2 RSA keys - which one is used depends on the OS version of the machine that is infected) it will allow the recovery of any infection.

Now, if there's a flaw in how the RC4 key is generated (or in how the RC4 algorithm is implemented) then there might be another approach to recovering from the damage inflicted.  But I have no idea how likely that scenario is.
1278
Mini-Reviews by Members / Re: WebDrive Mini-Review: Caching FTP-to-LocalDrive Mapping Tool
« Last post by mwb1100 on June 11, 2008, 05:13 PM »
SFTPDrive is licensed 'per-user' so you can install on multiple machines.  This is the main reason I chose SFTPDrive over WebDrive.
-mwb1100 (June 07, 2008, 07:07 PM)
Where did you find this information on the very limited website of SFTPdrive ?
-megar (June 11, 2008, 02:07 PM)

Hmm, you're right.  I hope I wasn't mis-remembering something and passing on false information.  I've asked for a clarification from the vendor at their support 'forum':

http://getsatisfacti...ive_license_question

Edit: and the vendor replied within 10 minutes: "It's per user"

I hope he also updates the website...
1279
General Software Discussion / Re: Interesting Approach by the Profiteering Malware Author
« Last post by mwb1100 on June 11, 2008, 04:38 PM »
How the author can decrypt files protected by a randomly generated RSA private key I am unsure. Perhaps it is not his/her intention to ever provide the decrypter?
-Ehtyar (June 11, 2008, 03:52 PM)

Note: In the following, I'm speaking about how the malware works based on what I believe to be the case from very sketchy information - I could be missing the boat entirely...

The RSA key is not randomly generated - the RC4 key is.  Then that key is encrypted using the RSA public key.  At this point only a person who holds the corresponding RSA private key can recover the RC4 key.

The approach that Kaspersky seems to be advocating is trying to organize a distributed network of computers (similar to SETI@home) to brute force the RSA private key.
1280
General Software Discussion / Re: Interesting Approach by the Profiteering Malware Author
« Last post by mwb1100 on June 11, 2008, 02:17 PM »
The best bet would probably be catching the malware while it's doing it's nasty crap, and doing a process memory dump to extract the keys.

That, or find out how to link the "unique ID" with the key.
-f0dder (June 11, 2008, 09:34 AM)

I'd guess that the "unique ID" is the RC4 encryption key that has itself been encrypted with the RSA public key.  I'd also guess that the RC4 key is a randomly generated value that gets created right before the encryption of your data files.  If you're able to "catch" the malware at this point, it's probably best to simply stop it rather than extract the keys.

One key to solving this problem (pardon the pun) for people who get hit with finding their data files encrypted is if there's a vulnerability in the RC4 key generation process - if that's the case it may be possible to recreate those keys without the help of the extortionist.  For example, if the malware author makes a mistake similar to the flaw found not too long ago for SSH key generation on Debian distributions, recovering the data would be pretty easy.  But that's a big "if".


1281
General Software Discussion / Re: Ugly Softmaker Office icons? No more.
« Last post by mwb1100 on June 09, 2008, 05:50 PM »
I wouldn't want to hack the .exe files themselves. Isn't there a way to override the icons for specific files using desktop.ini or somesuch?
-CWuestefeld (June 09, 2008, 04:12 PM)

You can do this in Explorer's "Tools/Folder Options.../File Types/Advanced" dialog.  If you have just a few file types to do this for this might be simpler than getting application.

And, of course, for any program shortcuts you can change the icon using the Properties page for the shortcut.
1282
Mini-Reviews by Members / Re: WebDrive Mini-Review: Caching FTP-to-LocalDrive Mapping Tool
« Last post by mwb1100 on June 07, 2008, 07:07 PM »
SftpDrive - the main commercial competitor to WebDrive, cheaper, available for mac.  Looks good but not as powerful, and less protocols supported.
-mouser (June 06, 2008, 08:55 PM)

I have an SFTPDrive license, and it works very nicely (except for a proxy problem I have - see below). I'd like to mention a couple things:

  • SFTPDrive is licensed 'per-user' so you can install on multiple machines.  This is the main reason I chose SFTPDrive over WebDrive.
  • Unfortunately, SFTPDrive does not support HTTP proxies, so my use of it at work has been severely hampered when the proxy setup changed a while ago.  I don't know whether or not WebDrive supports HTTP proxies.
1283
General Software Discussion / Re: Abusive Behahiour (Rant about Adobe Digital Editions)
« Last post by mwb1100 on June 05, 2008, 05:31 PM »
This is the fundamental problem with DRM  - it always ends up causing a hassle for the legitimate purchaser. 

I can sure understand the publishers' desire to ensure they get what's due, but heavy-handed DRM is nearly always something that'll get me to reconsider a purchase.
1284
General Software Discussion / Re: Whatever happened to... <INSERT DEADWARE HERE>
« Last post by mwb1100 on June 05, 2008, 02:07 PM »
IndieVolume  - I was really hoping he'd get the Flash problems fixed :(
CodeWright - a nice editor killed by Borland (or whatever their name is this year)
1285
Found Deals and Discounts / Re: Take Command Console LE from JPSoft
« Last post by mwb1100 on June 04, 2008, 02:07 AM »
No, I don't think misread.  "DOS box" is technically incorrect even if a common term for what is properly called a console window.
1286
General Software Discussion / Re: Remote Desktop Manager alternative
« Last post by mwb1100 on June 03, 2008, 02:29 PM »
Well, if you love SpeedApps Remote Manager, but aren't comfortable with the reputation of the "author", then you might like to move to mRemote, which appears to be the open source 'inspiration' of SpeedApps Remote Manager:

http://www.mremote.o...iki/Screenshots.ashx
http://www.mremote.o.../wiki/Downloads.ashx

Jeez - did that SpeedApps/App-zilla guy produce anything that wasn't stolen?
1287
Living Room / Re: American Psycho
« Last post by mwb1100 on June 03, 2008, 01:06 PM »
I haven't read the book, yet, but here's my take on the movie...

But first a little bit of Roger Ebert's take:
All of the murders are equally real or unreal, and that isn't the point: The function of the murders is to make visible the frenzy of the territorial male when his will is frustrated. The movie gives shape and form to road rage, golf course rage, family abuse and some of the scarier behavior patterns of sports fans.

I think that while Ebert is right that an important point of the murder frenzy is to take to the extreme the various rage scenarios that we might see in everyday life, I believe that attempting to determine what's real or unreal is also an important point. One of the key aspects of the movie is that it leaves the true extent of Bateman's crimes ambiguous.  I think it's important for the viewer to try to figure out where the line of reality falls, and I'd be surprised if the director (Mary Harron) did not expect that.

I consider the movie to be outstanding (but it's definitely not something for everyone).  I particularly like the scenes with Dafoe and the shootout with the cops.  Bateman's reaction when the car explodes is worth the price of admission alone.
1288
Found Deals and Discounts / Take Command Console LE from JPSoft
« Last post by mwb1100 on June 02, 2008, 01:22 PM »
For people who are command line junkies, you might want to look at a new offering from JPSoft (makers of Take Command, formerly known as 4NT or 4DOS).

Take Command is a replacement for cmd.exe with enhanced commands.  The LE version is a free version that excludes the GUI component (DOS box only) and excludes some of the more advanced commands (in particular the ability to access files over FTP or HTTP).  However, it's more or less what 4NT was prior to version 9 and has some very nice command line and batch file capabilities.

If you find yourself doing a lot at the Windows command line, it's worth checking out TCC LE:  http://www.jpsoft.com/tccledes.htm

1289
Living Room / Re: This might take some of you back - IBM laptop, can anyone give me some info?
« Last post by mwb1100 on May 30, 2008, 03:31 PM »
Here's a link to the support page for downloaind varisou support software and drivers for the ThinkPad 750:

http://www-307.ibm.c...T&tempselected=5
1290
General Software Discussion / Re: Is there a utility that will recurse a command down through subfolders?
« Last post by mwb1100 on May 30, 2008, 11:17 AM »
If you want to muck around with some of the advanced capabilities of NT's cmd.exe command processor, you can do this with a batch file:

http://blogs.msdn.co...7/05/11/2532913.aspx
1291
General Software Discussion / Re: need IE6 in Vista home
« Last post by mwb1100 on May 27, 2008, 05:33 PM »
Also, I should have mentioned that you can of course run whatever virtual machine host software you want on your Vista Home laptop.  As far as I know, the following support Vista Home Basic as a host platform with WinXP or Win2K as a guest VM:

  • VMware Workstation
  • VMware Player (free)
  • Parallels Workstation
  • VirtualBox (free)
  • Xen (if you have the right CPU) (free)

Also, Virtual PC 2007 is not supported, but is reported to still work.  With any of these VM platforms you can install your own non-expiring WinXP or Windows 2000 guest and have IE 6 available for as long as you need.

The advantage to this is that you're not dependent on Microsoft continually updating their IE6 test VM image and you don't have to use potentially system destabilizing hacks to get IE6 to run on your Vista system.
1292
General Software Discussion / Re: need IE6 in Vista home
« Last post by mwb1100 on May 27, 2008, 05:10 PM »
My understanding is the Virtual PC 2007 will install and run on Vista Home, but it's not a 'supported' configuration and it will give warnings during install.  However, it is reported to work.  If you go that route, you can try running Microsoft's virtual Machine image that has WinXP with IE6 installed on it:

http://www.microsoft...F&displaylang=en

This image will expire on 3 July 2008.  Microsoft periodically updates the image with a new one that has a later expiration date (no telling when they'll decide to stop doing that, though).

Some other URLs that should have helpful information:

http://tredosoft.com...IE6_For_Vista_Part_1 (install IE6 on Vista - sort of)

http://tredosoft.com/Multiple_IE (run multiple versions of IE side-by-side. This does not work on Vista, but might still have useful information)
1293
General Software Discussion / Re: XPPro SP3
« Last post by mwb1100 on May 19, 2008, 09:38 PM »
This discussion about activating the Volume License (VL) version of WinXP is a little confusing - the VL version of XP does not need to be activated.  The installer gets the key, and that's it - there's no communication with Microsoft.  If the key is valid, the installation is 'activated'.

Microsoft does however blacklist VL keys that it finds have gotten out into the wild.  That blacklisting can occur in a service pack update or via the infamous "Genuine Advantage" check.

There may be some confusion regarding non-VL WinXP keys that you get from MSDN - those keys allow you activate something like 10 times, so they may seem like they're VL keys because they allow for multiple activations.

Note that the volume licensing mechanism for Vista is completely different and requires that a site have infrastructure (ie., a validation service) to support the licensing scheme.
1294
Living Room / Re: Why is all audio on websites so freakin loud?!
« Last post by mwb1100 on May 17, 2008, 07:34 PM »
Got a link to application that lets you adjust volume on a per-application basis?
-Deozaan (May 17, 2008, 07:25 PM)
Does anyone know of an app other than IndieVolume that does this for XP?  I have IndieVolume, but it has problems with Flash that make it so I'm unable to use it for browsers.
1295
Living Room / Re: What to do when you receive bootleg videos?
« Last post by mwb1100 on May 14, 2008, 07:25 PM »
I don't like being a grass...
-Carol Haynes (May 14, 2008, 06:27 PM)

Took me a while to google-out what this meant ("grass" is such a common word).  For anyone else unfamiliar with the british-slang, it would mean something like "I don't like squealing..."
1296
General Software Discussion / Re: I need a good DVD converter!
« Last post by mwb1100 on May 10, 2008, 01:06 PM »
DVDFab is free lifetime updates as well...
-Darwin (May 10, 2008, 08:41 AM)

This policy has just recently changed - previous purchasers still have the lifetime upgrade policy, but after May 8 new purchases get 1 year of upgrades.  According to the purchase page, upgrade license renewal will be no more than 20% of the retail price.

http://www.dvdfab.co...aq-detail.htm#sec1_6

Also new is that the module to convert to mobile formats is no longer included in the 'Platinum' product - it's a separate add-on license (I think the add-on works for either DVDFab Platinum or DVDFab Gold, but I'm not certain).
1297
General Software Discussion / Re: converting divx to dvd?
« Last post by mwb1100 on May 08, 2008, 11:21 AM »
If you are not into any complex video tasks, there is no better than convertxtodvd (at least compared to winavi, TMPGenc and couple of other minors that I have tried). There is a trial version (which includes watermark).
-Babis (May 05, 2008, 03:08 AM)

You can also get a cheap license for ConvertXtoDVD (about €6) with a couple of caveats:

  • the version you get is 2.x and is non-upgradable (the current version is 3.x)
  • the site selling this is pretty much dead, but I was able to make the purchase a few weeks ago.

You can buy ConvertXToDVD 2.x for 4 'credits' at http://www.serialdealers.com, but be sure to *not* buy a Gold membership - in all likelihood nothing new will be offered on that site.  Also realize that even though credits are more or less equivalent to Euros, the minimum purchase for a block of 'credits' is €6 for 5 credits, so in order to make your purchase of ConvertXToDVD you will really be spending €6 not 4.
1298
Found Deals and Discounts / Re: PowerCmd on Bits du Jour
« Last post by mwb1100 on May 01, 2008, 05:12 PM »
Sorry for contributing to the drifted thread, but...

One thing to realize here is that TrialPay is not the store or the vendor - you don't go to trialpay.com and browse the products they offer then decide to 'buy' something there.  As far as I know Trialpay does not even provide a mechanism to do that.  Trialpay doesn't offer to sell you software - the software vendor offers to let you use trialpay instead of some other payment mechanism.  Generally in order to get Trialpay involved in a transaction, the customer has already decided to acquire the software (or has been enticed by the software vendor advertising the trialpay option as a way to get the software for 'free').  Trialpay is involved only as an alternative to using Visa, MasterCard, Paypal or whatever.

So I'm not sure why TrialPay would have significantly more burden to vet the products than Visa, MasterCard, Paypal, Plimus, regNow or any other payment middleman.

There might be more of a case if the stuff that you actually do pay for on Trialpay were 'rogue' or malicious (the offered flowers, gourmet coffee club membership, credit card or whatever offer you buy/agree to), but I haven't particularly noticed anything like that.
1299
General Software Discussion / Re: How do I delete big folders with ease?
« Last post by mwb1100 on April 29, 2008, 02:38 PM »
You can't get much quicker and easier than this (be careful - you can do a lot of damage) - from the command line : 

[Select]
rd /s <folder name>

If you're adventurous you can add the "/q" option and it'll wipe the folder without asking for confirmation.
1300
Living Room / Re: mail2web: any comments?
« Last post by mwb1100 on April 29, 2008, 11:57 AM »
Weird.
Pages: prev1 ... 47 48 49 50 51 [52] 53 54 55 56 57 ... 65next