Recent Posts

376

General Software Discussion / Re: Windows 10 Announced

« Last post by TaoPhoenix on July 03, 2015, 02:13 PM »

Something's bothering me, if they're only a month away, I'd hope it was rock solid! But it all still sounds like there are fundamental basic bugs going on!

Ps I wish Mark Russinovich was still on our side! He'd have a few useful things to say! But he's squirreled away into Microsoft now! : (

377

General Software Discussion / Re: Windows 10 Announced

« Last post by TaoPhoenix on July 03, 2015, 02:03 PM »

I wonder if some people will have to threaten to sue Microsoft to keep the Win 10 virus out of their computer or whether it won't take no for an answer. Did Microsoft really learn their lesson with Windows 8? If it is going to be free for a year, does that mean they expect it to be buggy for that long?

-Arizona Hot (July 03, 2015, 04:37 AM)

Well, I take exception to using the word "virus" even in sarcasm, because viruses don't normally run your whole computer with real software!

I'd settle for any of the other slants of MS just being slimy and so on. I really don't like their hubris of "haha, we'll wreck the comps of the piddly little home consumers (eew), make them do implicit forced bug testing for free, and 30,000 BSOD's and lost data later, oh look, it's nice and safe for our Valued Business Customers!"

378

Living Room / Re: Interesting "stuff"

« Last post by TaoPhoenix on July 03, 2015, 01:54 PM »

N.C. company rolls out new Bubble Wrap that won't pop

-Arizona Hot (July 03, 2015, 04:52 AM)

From "what is the point" department!
(Blah blah I know, cost savings, but still ! )

379

Living Room / Re: Peer Review and the Scientific Process

« Last post by TaoPhoenix on July 02, 2015, 07:54 PM »

Relevant to this topic (trust me on this)

A Quick Puzzle to Test Your Problem Solving Skills

http://nyti.ms/1JzqUrx

-app103 (July 02, 2015, 05:24 PM)

Yes.

380

General Software Discussion / Re: Windows 10 Announced

« Last post by TaoPhoenix on July 02, 2015, 07:04 PM »

Really, they have no fun anymore over there.
They couldn't name it "Gollum's Ring"?
 

381

Post New Requests Here / Re: Idea For A Reddit Reader

« Last post by TaoPhoenix on July 02, 2015, 07:03 PM »

 I'm no programmer but just adding a noisy voice for voting the project cool!
 

382

Find And Run Robot / Re: IE says FARR "Signature invalid" [?]

« Last post by TaoPhoenix on July 01, 2015, 08:13 AM »

That's infuriating.
The file is fine, the digital signature is fine, it's just internet explorer being stupid (probably what it's unhappy about is the use of sha1 in the digital signing key, which is being gradually phased out by browsers; they are supposed to report something like "the signature is valid but should be updated soon").
Just choose to keep the file when IE asks you, or use a different browser.

Hopefully they will fix this, until then just ignore it.
In the future I will have to experiment with changing the digital signature algorithm to see if there is something that can be fixed to appease the monsters.

-mouser (July 01, 2015, 05:07 AM)

(Blending two threads)

"Well hello there Mr. Mouser. Nice FARR you got there. It would be a shame if we pushed an unstoppable update to Windows 10 Consumer track that breaks the signature recognition in our Edge Browser! Wouldn't you like to buy a nice Microsoft certification for it?"

383

General Software Discussion / Re: Windows 10 Announced

« Last post by TaoPhoenix on July 01, 2015, 08:07 AM »

I've got 3 Win 10 VMs here at the office. One I'd left running and it had it (10158) ready to go yesterday morning. I just fired up one of the others, hit check for updates, and it came up with another newer build (10159) yesterday.

Maybe your check fell in between the build updates that were oddly (emergency?) close together?

-Stoic Joker (July 01, 2015, 06:49 AM)

Odd version number too?

384

General Software Discussion / Re: More Firefox-Clone(ish?) adventures - Alienforce

« Last post by TaoPhoenix on June 29, 2015, 07:26 AM »

Watch Microsoft decide to invent Bing://
 

385

General Software Discussion / Re: Windows 10 Announced

« Last post by TaoPhoenix on June 28, 2015, 08:47 PM »

Is anyone else terrified of that update process!?

We went from Win 7 "the new XP", to Win 8 "rumor has it decent engine under the UI mess", to ... Updates of Borg!
(And it took us twelve years on Slashdot to get rid of the Borg Icon from Microsoft stories! (facepalm)  )

Given how exacting we are about precision (sorta!) in modern Windows admin roles (for consumers too aka Win Update), who decided on this scary mess?!

Now I DEFINITELY don't want to upgrade right pronto in the early days, this just screams of hubris waiting for a figurative piledriver of MS's rep into the pavement and then some hasty backtracking when they break the comp of someone with a lawyer behind them!

The "you have no recourse on the update and it's different from what we did for decades" feels like it steps into Fitness for Purpose territory.

386

Living Room / Re: Be prepared against ransomware viruses..

« Last post by TaoPhoenix on June 27, 2015, 08:00 PM »

That too is something like what I was pondering Iain. Elsewhere it was a good point that AV programs are supposed to catch certain things, but your theme is an example of that "backchannel backup" because the malware shouldn't know to look for that file and fool the report etc.

As regards to "encrypting is a valid process", what if you took a whitelisted approach? Variations on things like "the only valid files able to be worked with right now are in this X folder, and are copies. No change of any kind is allowed to any other document files".

Then you summarize the contents of all other documents in a second folder, so then the comp can just do something like a 5 step check ultra fast all the time, maybe once a second? The second (literally!) it finds problems, then it goes into lockdown mode.

Comments?

Silly coda:
Other than "corp programs have to be boring, programmers can't have fun anymore", there's no reason you can't just invent a whole new kind of document file! bit-merge it onto the back of a picture of Baby Cody riding in Mouser's car and call it a BCC file!
 

387

Living Room / Re: Be prepared against ransomware viruses..

« Last post by TaoPhoenix on June 27, 2015, 02:45 PM »

With regard to the last comments: what you ask is just what any antivirus should do...

-Giampy (June 27, 2015, 02:12 PM)

So maybe I walked into that one! But in a bit of odd logic, since this thing happens and the AV's aren't working, I was wondering if a low level script could help, unless the malware hijacks the file creation registry first or something?

In some ways I'm thinking of things like a Rootkit Revealer upside down, where that takes some kind of raw dump of whatever bypassing normal Windows thingies, (which is how rootkits get to hide), and hopefully it would notice a malware performing similar nasty tricks when the script checks in and goes "hey! user! you were fine an hour ago! What did you do?"

388

Living Room / Re: Be prepared against ransomware viruses..

« Last post by TaoPhoenix on June 27, 2015, 01:51 PM »

Are there any fast global checks? Like are the ransomed files renamed to some bizarre file extension, or just ".zip" (that happens not to be unzippable)? So then you could put a list of all sane file extensions somewhere, and then some kind of deep background process that says "hey, if you find yourself creating anything evil, stop all activity and holler"?

389

Living Room / Re: Be prepared against ransomware viruses..

« Last post by TaoPhoenix on June 27, 2015, 12:53 PM »

I wonder if there's a really simple way to save all your files in an unusual fashion that the computer can read quite easily normally, but then the malware virus can't find them properly and tanks.

-TaoPhoenix (June 27, 2015, 07:37 AM)

Cryptoware cannot encrypt everything since that would simply disable the victim's computer. Instead, it targets specific file types that are associated with documents, media and other data.

All the cryptoware I am aware of uses file extensions to determine the files it will encrypt, which means there is in fact a simple way to protect most data:

Use 7-Zip, RAR, or some such program to create an encrypted archive of the files you want to protect, then change the extension to something not likely to be targeted.   Cryptoware will not target .exe or .dll files since that might disable the system, but something like .cryptic is likely to be just as good.  The archive should be in some format like rar or 7z that provides good security and is less likely than zip to be identifiable by a header scan, if the bad guys get a little more ambitious about identifying data.

-xtabber (June 27, 2015, 11:12 AM)

This is close to what I was after, as a part.

To me an interesting next step is a plugin for something (if not Word, what about LibreOffice or something?) that just chains the compression utility into the native "save" command of the software, so maybe with a few more seconds, your document is always saved and loaded from compressed form?

390

General Software Discussion / Re: More Firefox-Clone(ish?) adventures - Comodo IceDragon

« Last post by TaoPhoenix on June 27, 2015, 12:46 PM »

Sorry, this one is very brief!

It looks like a fairly generic copy of Firefox with some more secure DNS servers and stuff.

Anyone want to flesh this one out?

It's a Comodo edition - it still has a New Tab Speed Dial thing (where does it go?) - so does anything still report stuff back to Mozilla? Anyone's thoughts on IceDragon vs PaleMoon?

I'm too tired to do much more on this!

391

General Software Discussion / More Firefox-Clone(ish?) adventures - Alienforce

« Last post by TaoPhoenix on June 27, 2015, 10:23 AM »

"Well, it's 2015. Someone else has to be grumpy at Mozilla and doing something..."

So, each of the Big Name browsers creates its own little "Metaverse", where it becomes Big Name vs Variants. This thread is about Firefox-y things.

Sorry for the slightly odd structural layout of the post, there's just so much to cover!

This one I'll concentrate on first is the more mysterious of the two:

Alienforce

Name and theme points!


Basic links:
I found it written up here:
http://www.ilovefree...ree-web-browser.html

Good news(?) - it came from a Sourceforge link:
http://sourceforge.n...projects/alienforce/
(Dice meddling aside!)

First up, before we can really have fun with the cool theming, is it's sporting all kinds of strange tricks/features/(traps?) that are beyond me to really unravel!

When I start to search (in its version of the Awesomebar?), a screen flashes "powered by Yahoo Search" ... ?!


Then I think the first time I searched, it sent me to Google, because a popup-y thing in the corner showed up "do you want to sign into your account?" that led to this Google page (looks like the standard Google signup page, here offered more as bread-crumbing, see below for the twisty-maze-ness!)
https://myaccount.go...aign=Privacy_Checkup

But then future searches (performed at this stage with some kind of auto-complete I haven't looked how to turn off), lead to something called FVDSearch by Surf Canyon, such as this result for the browser itself
http://search.surfca...rowser&p=fvdffsb

EDIT: Okay, if you are really fast and type and hit enter, it goes to google. It grabs whatever else you're part way typing into Surf Canyon! Okay, so that's annoying! But it's all part of that speed dial thing. Once you make that go away, it SEEMS to revert to regular Firefox-y-something. I'll never know if it's doing back end tracking or something.

I was nervous about Surf Canyon; the Wiki page looks suspicious and people on the Wiki Talk Page for it agree, but what was even fishier is they apparently poisoned an About.com poll to make it the "search engine" to beat out Google.  Okay, make that a "To-Do list item" (as of this exact minute of the writeup! That's why it's a multi-layered evolving post!)

An early "New Tab speed dial" before you change it in settings.


An early SurfCanyon search result - a lot of ads early on.


Okay, so let's go look at a couple of add-ons.

First surprise is it comes with a (disabled!) copy of IDM CC Integration Download Manager integration module for Mozilla. I've never heard of that, but it's disabled, so I'll leave that alone for now.

First couple of unclear things:
- Something might be a bit odd with the add-on repository, because it pulled what looks like an older version of AdBlock Plus Signed compared to my (disabled) copy on Pale Moon. I had to fish for the setting and uncheck "allow non-intrusive ads".

- ViewMenu/Toolbar/Customize doesn't seem to behave the same, which is a clue to a big theory later!
------------------------------------------------------------------

FASCINATING THEORY:
(Not counting the Facebook homepage (which I closed, sorry!)), the other homepage (from Tools/Options) is one of those Speed Dial things. So especially with SurfCanyon wandering around, it's not a privacy oriented browser. (Okay, now I got the chrome local url in this post, let's go unhook a few things.)

But look at the URL of that speed dial!
chrome://speeddial/content/alienforce_speed_dial.html

What kind of local protocol is chrome://  
!?

Could this thing really be the elusive chrome back end with a Firefox front end (and it's one of the classic ones, with a dark theme, not the Aurora/whatever new ones), and taking (most of?) the Firefox set of add-ons!?
-------------------------------------------------
Downsides:
However, it looks like it hasn't been updated since 2012, and though I tried to switch the user agent, but that made things worse! Websites must have, in light of misc security incidents, put other detection code in besides just user strings. And whatever it all is, it breaks a lot of sites!


So, maybe all my work can save someone else the trouble!

Still, I'd luv if someone actively managed a Chrome-engine / FF FrontEnd combo! Did they at least do that?

Next up is Comodo IceDragon.

392

Living Room / Re: Be prepared against ransomware viruses..

« Last post by TaoPhoenix on June 27, 2015, 07:37 AM »

I got a call a couple of days ago from a relative in a panic -- all of their documents, images, etc. suddenly had new random file extensions and could not be opened.  Did I know what had happened and how to fix it?

Unfortunately it was all too obvious what had happened and there was no easy fix.

-mouser (June 26, 2015, 06:48 PM)

Hmm, you're pretty accurate so something here is intriguing me. Only the file extensions changed!? So MouserRulez.txt becomes MouserRulez.zzx? Was the content still there, so if you as a test manually changed it back, it would reappear?

Clearly that's not practical manually, but it was a test. Because if that's all the prog did, I'm thinking something like a Directory Read would have a complete list of every file including the file names, and you could run a program/script just to switch them all back.

However, if what it really means was that it's "encrypted for real, and just happens to have a new file ext", then back to your main point.

As the arms race is getting worse, it's making me wonder if there's ever room for really sideways low-tek additional aids, (certainly only a third line level defense!), using odd tricks that the run of the mill malware programs might not catch. The funniest one I ever did was eons ago when I renamed a file called by a virus to pull up MS Notepad! : )

So translated to this, I wonder if there's a really simple way to save all your files in an unusual fashion that the computer can read quite easily normally, but then the malware virus can't find them properly and tanks.

393

Living Room / Re: Be prepared against ransomware viruses..

« Last post by TaoPhoenix on June 27, 2015, 07:29 AM »

... there are lots of things you can do to protect yourself from being attacked ...

-mouser (June 26, 2015, 06:48 PM)

anyone got tips there?

A year of two ago, I got rid of one of the more basic ransomware viruses for a friend (it didnt encrypt any files). He had one of the better rated antivirus security suites installed but it wasnt able to stop it.
Afterwards I uninstalled Java from my desktop pc as a security measure - but have lately reinstalled it.

The tip of keeping external HDDs disconnected is a good one, and easy to do.

-tomos (June 27, 2015, 06:01 AM)

People keep saying they "uninstall Java", but then when I do stuff like that now and then (I can't remember very many specific examples at the moment) specific things say they need Java, so I have to put it back.

My fuzzy memory is suggesting that Netflix needs it... (?)

The alternate version of the tip I tried to use was to disable Java, but then months later couldn't figure out why something wasn't working, and forgot that until some sleuthing with a guy figured it out and we turned it back on. (But it was "silent non-working errors, with no clear clues).

394

General Software Discussion / Movies - "Where does that code come from?" - Tumblr

« Last post by TaoPhoenix on June 27, 2015, 07:20 AM »

This should be gently amusing to you gang, and I get to put a different nuance spin on it.

Computing tends to have two common (and a rare third) presentations in movies. One is varying levels of blunders by the writers, with a (moldy?) form of Fridge Logic because they play the odds of the audience actually thinking it all sounds good. (Ya know, you'd think the bean counters could override PHB managers by saying "hey, let's give That Techie Guy We Know a pizza and have him do a sanity check", but apparently not, because managers seems to have the strongest voice in a corp and say "Nah! I want another $1,000 explosion for three seconds!) For me, the funniest is the legendary NCIS "2 idiots 1 computer" example because it's not even "An IP Address can do anything!", but people playing a keyboard like a piano duet!

https://www.youtube..../watch?v=u8qgehH3kEQ

One step up is when they flash actual code on the movie screen, though it turns out not to be terribly dramatic. But at least it's real code, usually. That's where this site comes in. At your level, it's a nice organized time saver of where chunks of code at least come from, in classic internet fashion "1 man's research, published to all".

http://moviecode.tumblr.com/
--------------------------------------

*Coda
1. The rare third is when computing is actually used at least coherently, better competently, or finally brilliantly, to actually do something! That could be a fun separate thread!

2. However, the script of the NCIS scene clearly came from X writer, and the visual arts guy stuck with the episode decided to at least put a little more smoke and mirrors into it all. Because if you turn off the volume, there is an *epic* amount of *somethings* flashing by on the screen! I wish someone with Too Much Time On Her Hands (gender empowering!) would create a nice detailed list!

395

Living Room / Re: silly humor - post 'em here! [warning some NSFW and adult content]

« Last post by TaoPhoenix on June 26, 2015, 07:11 AM »

This is actually Interesting Stuff, but a few surprises in the details set up weapons of mass laughter. Presented in a certain concept order.

Slashdot's setup link:
http://science.slash...oms-that-detect-stds

(Mod by me)
"Three students ... won the Healthcare Category ..., for their idea to use antibodies to create color-changing condoms to recognize STDs. They say the material, which is still in the concept stage, will turn green for chlamydia, yellow for herpes, purple for HPV, and blue for syphilis."

Then it goes sideways:
"The three inventors are 13-to-14 year olds."


A typical "blurby quote" by a school official on auto-pilot before realizing it was too late:
"...the originality of their product, and the quality of the design work that went into its promotion, clearly stood out amongst entries from more than 500 other students in the UK and caught the judge's eye, taking them through to the final."

Then another one, from the BBC:
"The BBC reports: "The boys said they still have to test the science and feasibility of their idea. They want to work with a university on the science and say they've already been contacted by a condom company which is interested in working with them on developing the concept further."


Source articles:
http://phys.org/news...ing-condom-stis.html
http://www.bbc.co.uk...ontraceptive-company

396

DC Gamer Club / Re: Microsoft Tinker robot puzzle game - download for free

« Last post by TaoPhoenix on June 24, 2015, 07:24 AM »

Slightly sideways, but why is there a Softpedia watermark?

And I thought they were one of the ones with bundled download wrappers to keep an eye on... Why wouldn't Microsoft have their own link?

397

General Software Discussion / Re: Mustang Browser for Windows (chromium based)

« Last post by TaoPhoenix on June 22, 2015, 01:03 PM »

"My first impression is it is chrome with a sanity check on the number of running instances"

Does Chrome get bad for that stuff?

398

Living Room / Re: Internet freedoms restrained - SOPA/PIPA/OPEN/ACTA/CETA/PrECISE-related updates

« Last post by TaoPhoenix on June 22, 2015, 02:04 AM »

"Voluntary"

This is one of the more strange and dangerous words in English vs Legalese.

In English we think it means "optional"". But in many legal contexts it means "you provide something, rather than us sending a representative to take it". (That's the answer to the famous '80 's junk scam 'taxes are voluntary!!'  No, they're not optional. However, you also don't get your very own rep at your door most times either.)

399

Living Room / Re: Internet freedoms restrained - SOPA/PIPA/OPEN/ACTA/CETA/PrECISE-related updates

« Last post by TaoPhoenix on June 22, 2015, 01:58 AM »

"Dismayingly routine", because also on Slashdot, we get this entry:

Illinois Supreme Court: Comcast Must Identify Anonymous Internet Commenter
http://yro.slashdot....s-internet-commenter

An anonymous reader writes: In 2011, an anonymous person on the internet posted a comment to the Freeport Journal Standard newspaper's website implying that a local political candidate *******. The candidate, Bill Hadley, took offense to this, and tried to get Comcast to tell him who the commenter was.

Comcast refused, so Hadley took it to the courts. The Illinois Supreme Court has now ruled (PDF) that Comcast must divulge the commenter's identity. "Illinois' opinion was based in large part on a pair of earlier, lower-court decisions in the state, which held that the anonymity of someone who makes comments in response to online news stories isn't guaranteed if their opinions are potentially defamatory, according to Don Craven, an attorney for the Illinois Press Association."

Important Redaction mine! Because I purposely want the issue known, not the "hot button noun" running around.

Iain probably knows more than me about this next bit - If someone is gonna express "frustration" about someone, I think you can even graph it scientifically that it's gonna have "inflammatory content". So what all these nasty cases are doing, are setting up the gradient scale. Echoes of:

"First they came for the people who called someone a (A). Then they came for people who called someone (B). Then they came for me."

And

"I have altered the deal. Pray I do not alter it further."

 

400

Living Room / Re: Internet freedoms restrained - SOPA/PIPA/OPEN/ACTA/CETA/PrECISE-related updates

« Last post by TaoPhoenix on June 22, 2015, 01:57 AM »

"Perhaps equally astonishing (to me, at any rate) is this apparent US-sponsored stifling/censoring of free speech on the Internet"

... Unfortunately, to me it's becoming "astonishing that this is so routine"!


It's gonna be tough to roll this juggernaut back! Various people have remarked that even "Snowden" is just a new card-deal with a big new spin, going for "different mechanisms of control".

It reminds me yet again of that old venerable collectible card game Magic the Gathering, where you could have any number of specific kinds of "Control Decks", that just controlled different things. So let's say you were a moderately skilled player, and each gaming group has their local crowd of fifteen people who have their kinds of pet decks. Red Aggression (at the player), Green Monster Stomp, Black Weenie, someone's slightly flawed but always dangerous Flier deck, and so on. And then every group has their few Control specialists.

So your local group has the "Silence Stifle" specialist, that simply removes stuff from play, turning your hopes and dreams into a cross between the Sahara and Siberia. So you work around that.

Then you visit another city, and their group has instead a "Control Magic" specialist that borrows your stuff and uses it against you. That's what they're starting to shift to ... the old style was operating with the subpoena and gag order. But trust Reason of all places to have a good lawyer on retainer, so now it got out. Oops!

So now they have to go squash it around the edges.