Recent Posts

23926

FARR Plugins and Aliases / Re: google dollar exchange rate plugin -- sketch

« Last post by mouser on March 08, 2008, 02:06 AM »

this is a nice idea.  i hope our resident farr javascript sdk experts (chezchboy and ecaradec) can help.  actually the answers to your question might make for some functions that could be useful for future plugins (caching support for example).

$ has a special meaning in regular expressions.  try \$ to match the $ character.

23927

Site/Forum Features / Re: Upcoming birthdays feature

« Last post by mouser on March 08, 2008, 01:59 AM »

i don't see why not.. i think the only reason i didn't add it was because i thought most people wouldn't be bothering to configure their birthday.  With 100,000 registered forum members i think we better restrict it to only show birthdays of people meeting certain criteria (over X posts, or supporting/honorary member, or have an avatar configured, etc.)

23928

FARR Plugins and Aliases / Re: Post your FARR v2 Plugin Idea Requests Here - Plugin Writers Read In

« Last post by mouser on March 08, 2008, 01:57 AM »

FARR could use a commandline tool to post to twitter as described here: http://www.downloads...ng-the-command-line/
and here: http://lifehacker.co...mmand-line-in-any-os

But what about a nice little javascript FARR plugin for interfacing with twitter and doing various things like posting?

23929

Find And Run Robot / Re: Alert: Bad Image; netsetup.cpl; invalid Windows image

« Last post by mouser on March 08, 2008, 01:55 AM »

It sounds like one of the control panel shortcuts is confusing farr.  that might solve it

Try deleting the "FindAndRunRobot/Scripts/Control Panel (cpanel)/Network Setup Wizard (cpanel).lnk" shorcut
(dont actually delete it, move it to some temp directory on your computer outside of FARR directory).

If that dont solve it, try deleting the entire "FindAndRunRobot/Scripts/Control Panel (cpanel)" folder.

23930

Find And Run Robot / Re: Default Hotkey Not Working - Vista on Dell XPS Notebook

« Last post by mouser on March 08, 2008, 01:52 AM »

you can set custom hotkeys for farr v2 now, as many as you want.
for my laptop i use alt+backspace and find it pretty convenient to type.

23931

Developer's Corner / Re: Delphi Contest: Create Fancy Applications for Fame & Glory

« Last post by mouser on March 08, 2008, 01:51 AM »

great to hear kip!

23932

Official Announcements / Re: Thread about the DonationCoder.com server Shutdown on March 2nd, 2008

« Last post by mouser on March 07, 2008, 04:09 PM »

only ntos.exe is evil. the ntosekrnl.exe is a normal file that you have nothing to worry about.

23933

Official Announcements / Re: Thread about the DonationCoder.com server Shutdown on March 2nd, 2008

« Last post by mouser on March 07, 2008, 09:46 AM »

It looks like they got in using an exploit in an older version of the Subversion Version Control System (SVN) that i had installed on the server a while ago.  It's a good lesson that the moment you install a service on your server, you need to forever after keep it updated, or disable it.  You cannot just install something on a web-accessible server and forget about it.

23934

Official Announcements / Re: Thread about the DonationCoder.com server Shutdown on March 2nd, 2008

« Last post by mouser on March 07, 2008, 09:06 AM »

A couple of good free antivirus tools:

• AVG
• AntiVir

By the way if anyone confirms that they were infected by this from our site (remember that the exploit was only in place for an hour or so on Sunday morning between 9a-11am ) please email me at mouser@donationcoder and let me know.

23935

Official Announcements / Re: The site is now back online (March 6th, 2008) - Come Say Hello!

« Last post by mouser on March 07, 2008, 08:57 AM »

Seeing all of these nice messages really cheers my heart.  Honestly speaking, I was completely devastated by what happened and it was all i could do to keep myself from totally losing it.  It was the help and support of everyone here on the site and in our irc channel (#donationcoder on efnet) that made the difference.

I think it also needs to be said that this site has been up for about three years now.  We've gone from a $10 a month server to now a $260/month server.  When the site was hacked we decided that we would take the opportunity to completely reinstall everything on a brand new server, with much better security, etc., as i described earlier.  While the donations to DC are not enough for anyone to make a full time job out of DC, the donations from everyday users has always paid the hosting bills, and these donations have made it possible for us to be able to always upgrade our server when the need arises.

Please note that ths is *not* a request from me that you donate now, it's my way of saying thank you to everyone who has donated in the past.  Money is not everything -- not by a long shot -- but I want to let you know that your financial support makes a significant difference in allowing us to keep the site online and running smoothly, so a big thank you to all of the silent and anonymous donators, as well as all of our regular forum participants.

23936

Announce Your Software/Service/Product / Re: Scanahand RC1 Released

« Last post by mouser on March 07, 2008, 08:30 AM »

Soon as a i get a chance to create it i'll post.. My handwriting is so bad i can't wait till i can inflict it on everyone.

23937

Official Announcements / Re: Thread about the DonationCoder.com server Shutdown on March 2nd, 2008

« Last post by mouser on March 07, 2008, 08:20 AM »

Let me quickly add a few words about the code that the hacker put on the homepage (actually it turns out it was also on a few more index.html pages on the site, like the Reviews/ start page).

We were fortunate to have a few white hack hacker types and some malware professionals take a look at what the code placed on the page was trying to do (thanks everyone on our irc channel -- #donationcoder on efnet).

Basically the code was some obfuscated javascript that simply opened a page on a far away site, which attempted to trigger some exploits in older versions of Internet Explorer.  It looks like it was some version of something called icepack/mpack, which believe it or not is a product that people SELL AND BUY for the explicit purpose of hacking computers.

The code was designed to try various tricks on people who were using Internet Explorer.  I actually tried in a virtual machine to let it infect me and it was a bit difficult since by default, the latter versions of Internet Explorer (v7 and on) have some pretty reasonable steps that try to warn you that something strange is happening and ask you if you want to install activeX components, etc.  But if you had an old version of Internet Explorer you may have been at risk -- please run an antivirus check to be sure.

I cannot tell you how distraught and angry i was when i found out that someone had put this code on our homepage.  I felt like I had let down the visitors to this site.  If i don't seem contrite enough at the moment, it's only because in the last 4 days since the server was down i have gradually calmed down from a state of hyperventilation.  The only thing now to do is go forward and work at making the site more secure.  Thanks to everyone on our IRC channel who put up with me freaking out, and who helped analyze the attack, and especially to DC member Jazper who alerted us about the initial intrusion so quickly so that we had the site wasn't exposed for more than an hour or so.

A few things to note about the code they added to the page that should give you some pause while surfing:

• The only thing they did to the page was add 1 line of javascript.
• That is enough to open a page on another site which can begin delivering you attempted exploit code designed to trick your browser into downloading and installing a virus.
• There is nothing special about it being on our server -- anyone who owns any site could put this code on their page without having to hack anything.
• In other words, the owner of any site on any page you ever visit could put code like this on their page to try to infect you.  It's just plain simple javascript.  No one needs to hack a site to put this code on their own created pages.
• What this means is that you should expect that if you do even a little bit of regular surfing, you need to be aware how important it is to have up-to-date software installed -- keep your browsers updated to latest versions, be on the lookout for announcements about possible security risks, have a good antivirus.
• Listen to your browser -- all new versions of IE and firefox will alert you if a site is trying to open and run some executable or active X.  If you get an unexpected pop-up question on a site asking if you want to run some addon or something, say no unless you know exactly what it's for.

23938

Official Announcements / Thread about the DonationCoder.com server Shutdown on March 2nd, 2008

« Last post by mouser on March 07, 2008, 08:03 AM »

I'm just going to start this thread now so that it's up, and then i'll add more in the coming days.

NOTE: A separate thread celebrating our coming back online after the outage is here.


Ct+paste of the message that was up on our server for the last 4 days for everyone that tried to access any page on the server:

What happened:

On Sunday morning, March 2nd, around 10:30am(EST), the server was hacked into by someone who used an exploit on a piece of older software to get root access.
Thankfully the attacker was only in the machine for 1-2 hours when the intrusion was discovered, and we immediately locked down access to all services.

There doesn't appear to be any data loss, but the attacker did manage to put up some sort of activex code on the homepage of the site which attempted to infect visitors of our homepage using older versions of Internet Explorer. If you visited the home page of the site on Sunday morning EST using Internet Explorer and noticed anything strange please make sure you run a virus scan on your computer. If the activex is allowed to run, it attempts to install a version of the ntos.exe virus on the users PC. To make sure you have not been infected, please go to the (C:\)Windows\System32\ directory on your PC and look for a file called "ntos.exe". If you do find a Windows\System32\ntos.exe file on your pc, then you need help removing the infection. Here is one page with some instructions. The virus is also detected by the free antivirus programs AVG and AntiVir.

Please note that none of our file downloads were ever compromised in any way.

We have decided that the best thing for us to do in order to be absolutely certain that the attack cannot be repeated is to reinstall new server software from scratch, with tighter security restrictions, and then restore the site content from known good backups.

We can't apologize enough for the downtime and inconvenience. It's heartbreaking to us that someone would do this to the site. The only thing we can do is re-dedicate ourselves to security and take the time to fix it properly so it never happens again.

Thank you for your understanding and patience. And thank you so much for your support while we work to bring the site back up.

-mouser, gothic, wordzilla, and rest of the DC team

23939

ProcessTamer / Re: Process Tamer - LATEST VERSION INFO THREAD - v2.08.01 - Oct 08, 2006

« Last post by mouser on March 07, 2008, 07:24 AM »

note yet i'm afraid.
not only that but Jeremy seems to have gone ahead and beat me to implementing it on Process Lasso!  Might be worth a try for Process Tamer fans: http://www.bitsum.com/prolasso.php

23940

Living Room / Re: Comic Strip Generator (and March Caption Contest Announcement!)

« Last post by mouser on March 07, 2008, 07:23 AM »

tuck, lol.

23941

Official Announcements / Re: The site is now back online (March 6th, 2008)

« Last post by mouser on March 06, 2008, 08:33 PM »

We should say that there are probably a few things broken here or there -- when you find something not working, can you email me ([email protected]).

23942

Official Announcements / Re: The site is now back online (March 6th, 2008)

« Last post by mouser on March 06, 2008, 08:28 PM »

The picture is from the site Cody (the donationcoder mascot) calls home, in his gallery:
http://wtfcody.com/c...es/main/gallery.html

23943

Living Room / Re: Comic Strip Generator (and March Caption Contest Announcement!)

« Last post by mouser on March 06, 2008, 07:59 PM »

I think we all now know what the conversation was:

Cody: It's ok to put the DCserver root password in my AOL email signature, right?
Mouser: Oh bother..

23944

Official Announcements / The site is now back online (March 6th, 2008) - Come Say Hello!

« Last post by mouser on March 06, 2008, 06:56 PM »

Too exhausted to type more.. Long update will follow later.

But the real credit for the site being back up is due to long time DC member Gothic (John Sennesael) who is single-handedly responsible for migrating us to an entirely new server.  He spent the last 5 days straight working on it, and there was a lot of work involved (we basically re-did everything from scratch and moved from a cpanel system to a manual configuration, and took the opportunity to tighten everything down, clean up a lot of old junk, etc.).

Words cannot express how grateful I am to John and how lucky we all were to have him be willing to put so much work into the process.  Thank you!

[thread discussing what brought us down has been started here]

23945

Living Room / Re: Comic Strip Generator (and March Caption Contest Announcement!)

« Last post by mouser on March 02, 2008, 10:03 AM »

i hate to break it to everyone but since i was there i can report the true captions:
Cody: "A fine cup of tea."
Mouser: "Quite so."

23946

Living Room / Re: Comic Strip Generator (and March Caption Contest Announcement!)

« Last post by mouser on March 02, 2008, 05:45 AM »

heheheh

Are we allowed to post more than 1 idea?

of course -- keep 'em coming 

23947

Best Firewall / Re: How Does Your Firewall Rate? - Outpost, Comodo, Jetico, ...

« Last post by mouser on March 02, 2008, 05:31 AM »

one thing i can say for sure: choosing your firewall based on how well it ranks in the leak-tests scores is a very very bad idea in my opinion.

of course top security should be your top concern, but if you go by scores alone you are basically asking to get a system that doesnt let anything in or out and doesnt let anything run that is even slightly out of the ordinary.  which probably means you will have to do a fair amount of customizing to get it to run the stuff you actually use..

just as important has to be how easy and flexible it is to customize it to behave more realistically.

i think we all have to beware these overly-simplistic firewall and antivirus tests.  they motivate companies to make their programs unrealistically paranoid and locked-down.  the result is an antivirus program that false alarms on everything, or a firewall which you will kill yourself over trying to get it to let your software connect to the internet.

23948

Best Firewall / Re: How Does Your Firewall Rate? - Outpost, Comodo, Jetico, ...

« Last post by mouser on March 02, 2008, 04:47 AM »

I have been a long time fan of Outpost.
I recently gave up on it -- just too many bugs, too much slowdown of my pc.  got tired of dealing with its issues.
It is without a doubt a very powerful, and very well thought out firewall in terms of interface.
But just too much instability for me to deal with any more.

I used Comodo for a while and was *very* impressed.  I thought i was going to stay with Comodo but eventually decided to use Eset's new firewall just because Comodo was a bit overwhelming for me in terms of options and stuff.

23949

TapTap / Re: most useful of all would surely be Alt+Esc

« Last post by mouser on March 01, 2008, 10:41 PM »

the point of tap tap is to be able to catch key combinations that cannot normally be assigned to hotkeys.  but i think normal programs can be configured on their own to catch alt+esc, can't they? if so there is no need for taptap to deal with it.

23950

Find And Run Robot / Re: how to un-minimize FireFox for URL's?

« Last post by mouser on March 01, 2008, 05:29 PM »

What a painful, *painful* little checkbox I checked oh, way back when I was younger.  Much younger.

 

by the way i prefer the "Tab Mix Plus" addon; maybe it will do what you want without causing this behavior.