451
General Software Discussion / Re: Six free security tools from Microsoft
« Last post by f0dder on April 04, 2013, 05:56 AM »What Jibz said 
Recent Posts
Alignment of HDD matters regardless of the sector size, the bigger the HDD capacity the worse (in term of performance) if a partition is misaligned. I remember I read an article discussing this issue.Got a link to something backing this up? I can't off top of my head think of a technical reason this would be a problem - the smallest unit a HDD can address is a sector, and as long as your requests are sector-aligned you should be going full speed; I've never seen partitions that weren't at least 512-byte aligned (probably because the old-style partition table entries addresses in units of 512 bytes?-tslim (April 01, 2013, 08:49 PM)
).I've owned a PC since W95, and the only time I have ever heard about "Alignments" was with the old C64 drives that had head alignment problems over time. So what exactly is this alignment that you speak of?Up until a few years ago, a sector was 512 bytes - "lots of people" used to hardcode this number when dealing with raw disk access. Then came SSDs and a bit later we got harddrives with 4k sectors. While the tech and reasons are different between the two, both share the same performance property: if you don't access the the drives native block size, performance suffers badly. Reads are bad enough, but consider what happens if your OS tries to write a misaligned 512-byte data block that crosses two 4096-byte drive blocks? The drive needs to read in those two blocks (8k), merge in the modified 512 bytes, and write back those 8k again. Instead of issuing a single aligned 4k block. Ouch.-Tinman57 (April 02, 2013, 07:52 PM)
As far as I know, the alignment matter is as important in the case of SSD. Misalignment can happen when one does not prepare the SSD with Windows itself during setup. That was exactly my case in the past when I transfer my Windows (originally install on a HDD) via Ghost image to SSD.Indeed - you'll want your SSD partitions to be aligned to the SSDs erase-block size - otherwise you'll both lose performance as well as decrease drive lifetime. XP didn't align partitions properly, Vista and upwards should be doing this automatically. For HDDs, I believe alignment only matters if you've got a relatively new drive with 4096-byte sectors?-tslim (April 01, 2013, 07:56 PM)
I'm on an XP puter, and I can tell a big difference. As far as why removing unused reg keys would make a difference, the registry is constantly being accessed by the system and running apps where most all preferences are stored, the difference between scanning a registry that's 60 or 80 MB to scanning one that's been cleaned down to 47 MB AND optimized (defragmentation) makes a whole lot of difference, the CPU don't have to work as hard.That's plain silly - keys are alphabetically sorted, so they can be searched with binary search... which means that doubling your registry size would require all but one extra comparison. And that's for infrequently-accessed keys, stuff that's used frequently is cached.-Tinman57 (March 31, 2013, 06:02 PM)
Not sure what OS your using but on XP (and XP Mode) I use Microsoft Private Folder, just don't forget the password!I wouldn't consider that-pilgrim-online (March 30, 2013, 12:17 PM)
In practice the situation is completely different. The Digital Era has created the plague of the "digital" sound in the worst sense of the word: a cold, cutting, caustic, harsh, metallic sound. I have never heard a such crap coming from a LP. Never.Blame the musicians and the mastering engineers - not the playback media.-Giampy (March 30, 2013, 10:13 AM)
).Just recently MS updated Silverlight, when I ran a registry cleaner on Windows 7 afterwards it picked up well over 700 items, nearly all of which were related to the previous version of Silverlight. The files had been removed (or updated) but not the registry keys. XP was nearly as bad.How much disk space did you save by removing those 700 entries? Even if we assumed each entry occupied 1k in the registry hive file (which I doubt it would), you've saved a whopping 700kb. How much lookup time have you saved? Given the binary-search done on keys and the caching on top of that, I doubt you'd be able to measure a difference.-pilgrim-online (March 30, 2013, 07:05 AM)
For me the most missing feature on a ram drive software is 'Allow multiple ram drives'. The one I use doesn't offer this.SoftPerfect handles that - I have a permanent (and file-backed) 1gig for %TEMP%, firefox profile and the like, and sometimes I'll create a scratch drive for whatever purposes - I sometimes work with datasets with a huge amount of very small files, it's much faster to do this on a ramdrive than a physical disk (NTFS journals filesystem metadata - i.e. not file data itself, but "create file", "rename file", "delete file", "file has grown/shrunk by XXX bytes").You know why I can remember the freeware I just mention? Because I use one of the r-tools company product, their R-Wipe&Clean. Man, you should try that, they are very serious in their product. Compare to R-Wipe&Clean many other competitors looks just like toys.Took a quick sweep over their feature-list, and it seems like a somewhat mixed bunch - I'm not too thrilled seeing a file/free-space wiper being combined with anything else, since it might give the impression those "other things" will also be secure wiped (i.e. IE history, removed registry keys, ...) which I kinda doubt. But I guess it makes sense from a marketing view-tslim (March 29, 2013, 07:48 PM)-tslim (March 29, 2013, 07:48 PM)
Is the SoftPerfect Ramdrive actually install like a drive/device, I mean like when we install a physical drive where all inf file is involved. Or it just run like a program which create a virtual drive after windows bootup.Yup, it's driver based (don't think you can do a ramdrive without drivers), it supports boot-time ramdisks, saving/loading to image file (and loading image during boot), does differential image save (i.e. only saving modified portions == fast) - and all the other stuff I need. It's not as fully-featured as, say, SuperSpeed RamDisk - but I don't need the additional features (like selecting which type it shows up as, or >4gb support on 32bit Windows), and it's gratis - and fast-tslim (March 29, 2013, 07:08 PM)
You have convinced me, I will try TrueCrypt. I find myself always a bit stingy in giving up another drive no. Currently I have 14 drive number used up and each one has it special meaning to me. e.g. R for RamDrive, V for Virtual drive, B for Backup. In fact I know another similar freeware (for home use) long ago, but I don't know how good it is compare to TrueCrypt.Darn, that's a huge number of drive letters in use! Even back when I did obsessive partitioning, I don't think I had more than 5 disk partitions or so. These days I'm down to three disk partitions (the SSD split in 'system' and 'data/docs', and the HDD as a single partition), 'R' for my persistent ramdrive, one DVD-burner and one virtual DVD drive - and when mounting a TrueCrypt disk, 'T' for that (and 'S' for an additional one if I need to move stuff from one disk to another) - but that's the max these days-tslim (March 29, 2013, 07:08 PM)
), and the fact that TrueCrypt is both open-source and works on Win/OSX/Linux makes me comfortable. It also has a pretty clean no-nonsense UI, and generally just works. Don't think there's (m)any opensource Windows products that are still maintained - a coworker mentioned some other product a while ago, but I can't recall which.Hmm, dunno - that's a pretty confusing dialog. And it doesn't really seem like their website provides any detail either (just finding the right website was bothersome enoughOK, that gives some protection against the residual plaintext problem. But are you sure your RamDrive product uses nonpageable memory? Otherwise you might be (slightly - depending on ramdisk size) increasing the risk of residue in the pagefile.I am not knowledgeable enough to see whether the ram drive memory is subjected to Windows paging system, but I can show you this: (see attachment in previous post)-f0dder (March 29, 2013, 05:15 PM)-tslim (March 29, 2013, 05:56 PM)
) - they do spend time discussing that each tick corresponds to 32MB, though. (The website currently hosting the ramdrive seems relatively fishy - selling an 'enterprise' version, but using a free web host and gmail address? You might want to take a look here ).I found something that looks like it could be the encryption routine (handles IRP_MJ_WRITE and loops over the data in 512-byte blocks, then the remainder) - I didn't spend a lot of time untangling it, but the code didn't look familiar. I think we can add "homebrewn crypto algorithm" to the checklist, which is the final nail in the coffin.Now, #2 is questionable practice, but #3 by itself is enough that I'd recommend people to stay the heck away from this program. It's insecure design, and if something as basic as this isn't done right, one has to guess what else isn't in order.Man... you have scared me...-f0dder (March 29, 2013, 05:15 PM)-tslim (March 29, 2013, 05:56 PM)
What I am currently doing is to temporarily place a confidential file which is yet to be encrypted on a Ram Drive and when I am done with my work on that file, I move it into my confidential.rarOK, that gives some protection against the residual plaintext problem. But are you sure your RamDrive product uses nonpageable memory? Otherwise you might be (slightly - depending on ramdisk size) increasing the risk of residue in the pagefile.
I do the above because when my machine is off, I don't even need to worry about temp file left by program or whatsoever.-tslim (March 29, 2013, 04:29 PM)
The biggest problem I have on both is I can't clearly understand the actual difference between several different products they both offer. I don't even bother to try because I simply have no idea which one is my real interest.That's usually also a warning sign to me - companies producing extremely minor variations over the same theme with hard-to-discern feature differences? Ugh.-tslim (March 29, 2013, 04:36 PM)
I assume you mean that someone that stole the machine will try to look for decrypted temp files left by program(s)that work on a decrypted copy of my confidential files, am I right?Yep - a common thief probably wouldn't do that, but if your stuff is "confidential enough" and you're being specifically targeted... it's a very real concern.-tslim (March 29, 2013, 04:11 PM)
I have been think the same thing, may be I can create a temp folder for all those programs and had that temp folder wiped by a wiping utility periodically.That won't work, because of the way filesystems work - you'll need to wipe each file individually before deleting... or you can ensure your partition is always fully defragmented, and use a "wipe free space" tool (those can also leave a bit of residue behind: free disk space wiping is a best-effort kind of thing, there's no APIs to handle it - so a wiping program basically has to try allocating the largest possible file it can, then wipe that).-tslim (March 29, 2013, 04:11 PM)
I just browse through the folder protect program mentioned by dr_andus on their web site, it seems that the program is doing encryption and decryption on-the-fly and not simply a block to the access of the folder.I'm going to take a look at it in a few minutes - the information on their website doesn't leave me with a very good feeling; there's no mention of just how the protection is done, which is a big warning sign when dealing with protection software... and the ease with which using it on a portable USB drive is described also rings some warning bells. But I'll take a look-tslim (March 29, 2013, 04:17 PM)
It's not a recommendation, but just saw something called "Protect Folder" on sale at BitsDuJour today, in this sort of area...Haven't looked at that program, but my gut reaction to a claim like that is "stay the hell away" - a false sense of security is worse than no security.Protect Folder lets you protect files, folders, and removable drives using a secure password, on-the-fly. With Protect Folder, there's no need to manually encrypt and decrypt files as you go about your business - instead, the program automatically performs encryption and decryption, silently and quickly, in the background as you work.-dr_andus (March 29, 2013, 01:57 PM)
Currently, my confidential data files are encrypted in a WinRAR file. Let's say someone stole it, it is really that easy to decrypt it? I mean, no matter what password I use?Afaik RAR uses AES256 encryption - if you use a strong passphrase, the RAR archive should be safe enough (given that they haven't made any stupid security bloopers). This workflow means that you'll be extracting the files temporarily, working on them, and RAR'ing them back up - that would make the data very easy to retrieve if somebody stole the machine or its harddrive.-tslim (March 29, 2013, 03:13 PM)
Treat me a newbie and tell me whatever you think I should be aware in term of keeping something confidential on my PC (which of course is linked to the outside world with internet)One could argue that it depends on how confidential something is - to me, confidential means "doing things right", which also means guarding against a stolen harddrive.-tslim (March 29, 2013, 03:30 PM)
Does this apply to pharma meds?Probably doesn't matter - given patents and the FDA-TaoPhoenix (March 29, 2013, 08:26 AM)
But you know who are and will continue to really make out like bandits with this? The guys with the botnets, distributing malware with bitcoin miner software, getting unsuspecting users to generate BTC for them when their computers are idle.Indeed - hence why I think the currency should be renamed "botcoin". The whole thing has always seemed extremely shady to me - like, the original author using a pseudonym, the guy who came to #doco and wanted *us* to write articles about it, et cetera. But I guess I wouldn't want to reveal my real name if I had conjured up a Get Rich From Botnets plan-app103 (March 27, 2013, 12:03 PM)
), but the AMD one will likely have the fastest graphics - Intel has come a long way with their HDxxxx graphics, but still lag behind... AMD bought up ATi, so, yeah...@f0dder - maybe you should ask the guys over at Cisco that question?Yeah, saw that yesterday - efiin' insane.-40hz (March 20, 2013, 10:19 PM)
But... HOW high? :-)Lance Armstrong cycling on drugs: (see attachment in previous post)BWAHAHAHAHA~~~~!!!-IainB (March 21, 2013, 01:10 AM)-Renegade (March 21, 2013, 06:43 AM)
. Goes for my Pixma ip2600, but at least the printer works decently, and I didn't have to work too hard to get the non-crap files (found a clean Vista driver that works on Win7, rather than the überbloated Win7 driver).Ugh Valve did (does?) that as well? And started it? *sigh*Now, how much and what kind of REALLY BAD DRUGS does somebody need to come up with to design a system that launches local games by installing a custom URL handlers Wtf is wrong with these people?I think Valve (Steam) was on some really strong drugs. Everyone else just copied them without the high.-f0dder (March 20, 2013, 02:46 AM)-wraith808 (March 20, 2013, 04:15 PM)