Recent Posts

1501

General Software Discussion / Re: SpiderOak - very nice people =)

« Last post by f0dder on April 17, 2011, 04:24 PM »

Just to crosslink things a bit: stay away from DropBox, SpiderOak ftw.

1502

General Software Discussion / Re: Deduplication, encryption, security and... Dropbox

« Last post by f0dder on April 17, 2011, 04:15 PM »

Given what we've heard about DropBox, the "how do the executives bypass security" is probably as simple as "grantAccess = (user.isExecutive == true);"

1503

General Software Discussion / Re: Please help me with a video card issue (April 2011)

« Last post by f0dder on April 17, 2011, 11:18 AM »

Yeah, no problem there cmpm - the memory on a discrete GPU is separate from the main memory.

1504

General Software Discussion / Re: Please help me with a video card issue (April 2011)

« Last post by f0dder on April 17, 2011, 09:08 AM »

I've heard similar problems before and I think one answer was to check if you need an extra power cable to the card - because it's easy to overlook that kind of thing. I know I've done it.

-nudone (April 17, 2011, 09:06 AM)

Ah yeah, that would result in a very unstable machine - I thought later-gen cards all refuse to even start if the additional power cables haven't been installed. Some even come with buzzers so you get some very nifty/nasty audio warnings

1505

General Software Discussion / Re: Please help me with a video card issue (April 2011)

« Last post by f0dder on April 17, 2011, 09:05 AM »

The GeForce 430 is probably (guesstimate, haven't looked at specs!) more power-hungry than the old card. Perhaps the PSU isn't delivering enough Watts, or is slightly flake and have voltages that drift too much? Could also be a motherboard problem, if it's voltage regulators are flunky; there's been known problems with too cheap capacitators on several motherboards.

1506

General Software Discussion / Re: Deduplication, encryption, security and... Dropbox

« Last post by f0dder on April 17, 2011, 07:59 AM »

More on Dropbox security.

-Cloq (April 14, 2011, 09:21 PM)

In addition to those security concerns, also keep this in mind:

...in other words, if somebody gets access to your hostid, changing you password isn't going to matter the tiniest bit in the world.

And then we've got this:

Business Transfers. Dropbox may sell, transfer
    or otherwise share some or all of its assets,
    including your Personal Information, in connection
    with a merger,  acquisition, reorganization or
    sale of assets or in the event of bankruptcy.

-http://news.ycombinator.com/item?id=389304

...all your data are belong to us. Might be standard business practice, but is it particularly confidence-inspiring?

Really, start the DropBox exodus already.

1507

Developer's Corner / Re: Virtualization to Create Single EXEs from Mixed Assemblies

« Last post by f0dder on April 16, 2011, 08:58 AM »

Virtualization is such a fluff word these days, and their "technology" page is very brief - but it seems like they're doing #2 from my post above. Be sure to test extensively on various Windows platforms... the base code to skip Windows PE-executable/DLL loader and do your own is relatively easy, but there's craploads of special case stuff to handle, and you need to hook a lot of API functions in the manually loaded image - and getting all that code right is not trivial.

1508

General Software Discussion / Re: Deduplication, encryption, security and... Dropbox

« Last post by f0dder on April 16, 2011, 08:48 AM »

... and encryption really shouldn't slow anything down unless you've got an insane-speed internet connection

-f0dder (April 15, 2011, 05:25 PM)

Wouldn't the act of encryption slow things down?  i.e. step 1 encrypt, step 2 upload instead of just step 1 upload?

-wraith808 (April 15, 2011, 07:24 PM)

A fast consumer internet connection has 100kb/s upload rate. A 3 year old dualcore laptop can do ~140mb/s AES encryption

I've asked Dropbox support if their FAQ statement that says that "Dropbox employees aren't able to access user files" were really true. Their response:

Yes. Dropbox employees can't access the file's contents. They can see the file names, move, delete or even restore files, but can't view them. The only exceptions are the executive staff who have a vested interest the company.

I have to admit that I am shocked about their slack interpretation of the word "employee". To be honest, I feel cheated by that FAQ statement. Already the fact that any employee could actually delete my files is unbelievable.

-phitsc (April 16, 2011, 12:19 AM)

W...T...F?  

1509

Living Room / Re: Growing Green != Going Green

« Last post by f0dder on April 15, 2011, 06:49 PM »

Let me add that I find it hysterically funny that countries who ban personal freedom don't ban alcohol and cigarettes while they're at it - wanna bet which causes most deaths, broken families and healthcare problems?

1510

Developer's Corner / Re: Virtualization to Create Single EXEs from Mixed Assemblies

« Last post by f0dder on April 15, 2011, 06:47 PM »

Hrm, if it supports both .NET assemblies and native DLLs, it has to either

1) unbundle the files to %TEMP% or whereever.
2) use manually coded and potentially fragile routines to load the native assemblies.

If the product does #1, please don't use it for your end-users' sake. Temp files == slow, and can trigger antivirus programs in the depressing way. If it's #2, test the result carefully across a wide range of Windows versions.

1511

Finished Programs / Re: IDEA: Remove duplicate entries from within a single large (text) dictionary

« Last post by f0dder on April 15, 2011, 06:45 PM »

bhuiraj: uniq only works on sorted files, thus you need 'sort' first in the pipe.

Not sure it's the most efficient way to go about the issue, though - if you need to uniqueify huge amounts of data, it's probably a good idea to look for a specialized tool, since there's various memory/speed tradeoffs to be made. Don't know any such tool, though, as I haven't had the need myself

1512

Living Room / Re: Growing Green != Going Green

« Last post by f0dder on April 15, 2011, 06:41 PM »

What are hippies going to do now? They either have to stop the marijuana habit or admit they really don't care about global warming.

-Deozaan (April 14, 2011, 03:51 AM)

Yeah well, if they smoke enough they aren't likely to care about anything

Prime reason all kinds of drugs isn't legalized is not public health issues, it's the cash flow. The corrupt politicians want their bribes, and the police/military/etc wouldn't want their funding cut or lose the ability to play with a lot of fancy toys. The general population would be better off, though, we'd see crime rates drop quite a lot, and organized crime would lose a helluva lot of their cash flow. But it just ain't gonna happen. Too bad, remember what happened once the alcohol prohibition ended?

1513

General Software Discussion / Re: Deduplication, encryption, security and... Dropbox

« Last post by f0dder on April 15, 2011, 05:25 PM »

For SpiderOak, they can't even intercept your data at server-side before encryption, because it's done client-side... and encryption really shouldn't slow anything down unless you've got an insane-speed internet connection

Also, if you expect the files themselves to be encrypted using your actual password as the key then we'd have to re-encrypt all of your files every time you change your password.

Doesn't really need to be "encrypted using your actual password" - generate a random encryption key, encrypt that encryption key using the password. Lets you change the passphrase without re-encrypting all the content...

After that reply of theirs, and the recent exploits against it, I don't think I'd touch dropbox with a 42 foot pole.

1514

General Software Discussion / Re: Deduplication, encryption, security and... Dropbox

« Last post by f0dder on April 15, 2011, 11:33 AM »

I don't see how they can handle cross-user deduplication if they aren't able to decrypt (if encrypted at all!) files at a whim. If you upload a file that's applicable for deduplication, upload is instant.

As for the dedupe not being a problem because only "unique" files are sensitive? Well, what about something like the weaked likipedia cables? I'm also concerned about it at a general honesty level, though. Oh, and the fact that dropbox is generally holed like a sieve

1515

General Software Discussion / Re: Mp3 split program that allows for multiple cut-points before execution?

« Last post by f0dder on April 14, 2011, 01:45 AM »

Curt, this is a big if, but: if you're currently de- and re-encoding MP3s "just" for the purpose of normalizing, may I suggest you look into Replay Gain^w? The idea is to simple scan the MP3s, and add tags with information of track and album volume levels, so a supporting player can do the normalization instead of destroying audio by re-encoding

1516

General Software Discussion / Re: Question about setting up a Tor router

« Last post by f0dder on April 14, 2011, 12:00 AM »

Are you sure that hasn't been because whoever have been able to snoop at the endpoints?

1517

Living Room / Re: The Evil Side of Nature

« Last post by f0dder on April 13, 2011, 06:07 PM »

Dunno if the image is real, but living stuff viewed in electron microscopes do tend to look absolutely foul.

1518

General Software Discussion / Re: Deduplication, encryption, security and... Dropbox

« Last post by f0dder on April 13, 2011, 01:28 PM »

Yup, thought it was worth mentioning here as well

1519

General Software Discussion / Re: Question about setting up a Tor router

« Last post by f0dder on April 13, 2011, 01:16 PM »

Hm, isn't there any encryption going on between the TOR nodes? Thought there was. Nevertheless, you do need SSL/whatever, otherwise some nodes inbetween could be sniffing traffic. Also, google around a bit, there's various attacks against TOR - it's not 100% security.

TL;DR: if you're doing anything risky (whistleblowing, hacking, or just about anything in China) you'll need to combine TOR with access from "somewhere not home" - preferably public or "borrowed" WiFi with a cloned MAC.

As for encryption overhead, it wouldn't be noticeable unless you had sick bandwidth - more than a saturated 100mbit link. And since TOR goes through a lot of little-guy home links, you'll be lucky to see 100kbyte/s.

1520

General Software Discussion / Re: Deduplication, encryption, security and... Dropbox

« Last post by f0dder on April 13, 2011, 12:51 PM »

On a related note:

Why SpiderOak doesn't de-duplicate data across users (and why it should worry you if we did)

One of the features of SpiderOak is that if you backup the same file twice, on the same computer or different computers within your account, the 2nd copy doesn't take up any additional space. This also applies if you have several versions of a file as it evolves over time -- we only need to save the new data blocks.

Some storage companies take this de-duplication to a second level, and do a similar form of de-duplication across all the data from all their customers. It's a great deal for the company. They can sell the bytes of storage to every user at full price while incurring zero additional cost. In some ways its helpful to the user too -- uploads are certainly faster when you don't have to transfer the data!

-https://spideroak.com/blog/20100827150530-why-spideroak-doesnt-de-duplicate-data-across-users-and-why-it-should-worry-you-if-we-did

...there's more in the blog article the quote is from.

1521

General Software Discussion / Re: Mp3 split program that allows for multiple cut-points before execution?

« Last post by f0dder on April 13, 2011, 12:44 PM »

What I don't like about Audacity? Well, first let me say what I like about mp3DirectCut

It's interface might be quirky, but the thing that's important is that it can do the cutting without re-encoding the file. Not only is this a lot faster than re-encoding, but it also doesn't destroy quality, which re-encoding does. If there's other programs that can do this direct cutting, let me know - does Code-it do that, Curt?

Next, Audacity... ugh.

The user interface is extremely clunky - I can live with that, but it's definitely a turnoff. It's somewhat feature-limited compared to commercial audio editors, but that's fine as well, it's entirely suitable for some very light editing tasks.

There's a few problems, though. Like when working with compressed files, it requires the entire file to be decompressed before it will even *open* the file - and it always uses %TEMP% with no way of overriding the scratch directory. And it just generally seems pretty slow.

It's fine for small and easy editing tasks; I just can't help wonder why Audacity is thought of as the best opensource audio editor - isn't there anything better available?

1522

Developer's Corner / Re: Partial (corrupted) downloads from a server (Not a valid win32 application etc)

« Last post by f0dder on April 12, 2011, 10:51 PM »

Works here now too, FireFox as well as wget from the Linux box. Seems to have relatively slow start, but I hit 330kb/s for one of the larger images . Hope it's Gothic that's been sprinkling magic dust on the servers

1523

Living Room / Re: Thoughts on switching to IPv6

« Last post by f0dder on April 12, 2011, 10:44 PM »

We'll probably see a lot of interesting schemes where you're still on IPv4, but are able to access IPv6 HTTP servers through proxies.

1524

General Software Discussion / Re: Mp3 split program that allows for multiple cut-points before execution?

« Last post by f0dder on April 12, 2011, 10:42 PM »

P.S. In my testing I found that leaving a bit more silence than I expected near the splits seemed to work better -- at least in one case, I got the sense that there was some lost audio.

-ewemoa (April 12, 2011, 08:38 PM)

Could easily be the case, since mp3directCut avoids re-encoding to MP3 - that does mean it can't work on millisecond intervals, but has to work at the MP3 frame size instead.

1525

Developer's Corner / Re: Partial (corrupted) downloads from a server (Not a valid win32 application etc)

« Last post by f0dder on April 12, 2011, 12:50 PM »

Not sure if it's in any way related, but FWIW I can't reliably grab the minecraft picture from this dcmember - displays a bit, and then stalls (FireFox 4). With wget, I'm seeing download rates at less than 10kb/s, and then massive stall. These images are relatively large, probably around a couple megabytes for some of them.

Apart from Microsoft Security Essentials, I'm not running any anti-malware or internet filtering junk - and the situation isn't any better when wget'ing from my linux server.