Recent Posts

5501

Living Room / Re: Why the popular antivirus products simply dont work

« Last post by app103 on July 23, 2006, 08:01 AM »

IMO, 'heuristic detection' shall always remain a joke if virus makers test their work against a/v products, and of course they do - you don't often see your a/v product pops up a message box that says "unknown virus/malware - cleaned", do you? 

-Mobysaurus (July 23, 2006, 07:00 AM)

It is a joke when the only malware found on my pc while scanning with A/V or anti-spyware, is the Delphi source code to projects I wrote myself. (there might be some crappy coding in them but they aren't malware...lol)

I have also seen way too many false positives that can threaten the reputation of honest up & coming programmers. It is getting to the point where you need to have a copy of about every anti-virus available to test on your own programs before releasing them. Otherwise you could become a victim of a reputation destroying false positive.

And antivirus vendors don't really do anything about it when this happens. I have submitted many files to McAfee and Symantec, along with the source code of those files, on behalf of people from my programming group. I have only once received a reply back, and none have done anything to correct the problems....not even an 'oops...sorry about that' apology.

I have had to pull about 8-10 files off my group's site within the last year because of this...one of them being something of my own. 3 of them were javascript games packed with 'HTML2exe Baler' (please read user reviews if you don't believe me).

Most of these false positives seem to occur with plugins made for other applications. They are misidentified as various keyloggers or unknown virus/trojan.

My tip for programmers that make plugins: Be very careful what methods you use to grab window handles or detect & hook into the applications you make plugins for. Something as innocent as a message box and grabbing mouse position when the user places it over the application and clicks the OK button, can trigger a false positive as a keylogger, depending on how you code it.

So much for 'heuristic detection'. 

5502

Living Room / PRODUCT RECALL: Did you buy your desk chair at Walmart?

« Last post by app103 on July 21, 2006, 06:22 AM »

Office Chairs Sold at Wal-Mart Recalled for Fall Hazard

Hazard: The legs and backs of these chairs can break, and the chairs can easily tip over, posing a fall hazard to consumers.

Incidents/Injuries: Wal-Mart has received nine reports of chairs breaking and two reports of tipping. There have been seven reported injuries, including a broken wrist.

http://www.cpsc.gov/.../prhtml06/06208.html

5503

Living Room / Re: Do you like/eat Sweet Potato?

« Last post by app103 on July 21, 2006, 05:09 AM »

Sweet potato pie tastes almost exactly like pumpkin pie. It's just a bit more orange in color.

http://www.delicious...nj.com/arch0330.html

5504

Post New Requests Here / Re: IDEA: Secure auto-deleting directories

« Last post by app103 on July 20, 2006, 06:01 PM »

I actually have some concerns about this and the potential for abuse.

What if someone puts it on someone else's pc and sets a pass and just walks away and acts like nothing happened. Then when their victim reboot and it asks for a pass, someone will be in big trouble and end up losing files. And someone else is likely to think it was very funny. 

5505

Living Room / Re: Do you like/eat Sweet Potato?

« Last post by app103 on July 20, 2006, 05:36 PM »

It's not really like a potato at all. More like a cross between a carrot and a pumpkin pie.

But yes, it is kind of sweet. but I wouldn't say sweet like a fruit would be.

5506

Post New Requests Here / Re: IDEA: (10+2)*5 Timer

« Last post by app103 on July 20, 2006, 01:25 PM »

no problem

I should have a first version done for you sometime tomorrow.

5507

Living Room / Re: Do you like/eat Sweet Potato?

« Last post by app103 on July 20, 2006, 09:09 AM »

damn i had no idea humans liked to eat these.

-mouser (July 20, 2006, 08:50 AM)

We are human? I thought I was a zombie*. 

Spoiler

the kind that likes brainy guys and vegetables

5508

Developer's Corner / Re: A good idea for web designers and site admins - Mirror your Site

« Last post by app103 on July 20, 2006, 08:15 AM »

I don't have any limits with Elected Hosting. I posted the terms of my account in my post. That is what I pay...and that is what I get...just as I posted it.

5509

Living Room / Re: Free blog hosting for members at DonationCoder - might be a good idea?

« Last post by app103 on July 20, 2006, 07:26 AM »

It is possible to move existing blogspot blogs to dc...Blogger lets you do that.

I have published a few off of blogspot before. It would require ftp access. The same static pages that would normally go onto blogspot would be uploaded to the server instead, including an rss feed file.

The rss feeds can be used to snatch posts and put them into an all-in-one dc group blog. Blogger users would just have to set up the Blogger account to publish full text to the feed and not just a teaser.

That could be an option for some with existing Blogger blogs. They could still use Blogger, but publish to dc.

Doing it that way may be less work to set it up too.

You would just have to give all bloggers an ftp account/space and know where the rss feed file is.

Another possibility is a Blogger account for dc...and a group blog where we all can post to the same blog. It could be published in the same manor as I described above. You can write a custom template for it to look like the rest of the site. I have done a group blog with Blogger before, too.

People that use tools like w.Bloggar can post the same post to multiple blogs. They would just have to check off the dc group blog in addition to their regular one when posting.

That way no matter where their existing blog is located they can still be a part of this, since w.Bloggar works with just about everything.

Just a few ideas.

5510

Developer's Corner / Re: A good idea for web designers and site admins - Mirror your Site

« Last post by app103 on July 20, 2006, 06:24 AM »

You could use what I use for hosting:

http://www.electedhosting.com

select Unix Shared Web Hosting on the page.

Unlimited Hosting Plan:

• Space: Unlimited MB
• Monthly Transfer: Unlimited MB
• Ads Displayed: None
• Email Accounts: Unlimited
• Sub Domains: Unlimited
• FTP Accounts: Unlimited
• Add-On Domains: Unlimited
• MySQL Databases: Unlimited
• Fantastico: Yes
• cPanel: Yes
• Site Stats: Yes
• Web Mail: Yes
• CGI/Perl: Yes
• PHP/MySQL: Yes
• Flash Support: Yes
• FrontPage Extensions: Yes
• Price: $18.00/Year or $1.50/month
• Payment method: Paypal

I have been very happy with them. I haven't had a problem with them since I started using them back in February of this year.

One thing though...if you are going to put any .mp3 files on your site (like podcasts) it won't work out very well...you have to zip .mp3 files or they are automatically deleted.

5511

Living Room / Re: Do you like/eat Sweet Potato?

« Last post by app103 on July 20, 2006, 05:11 AM »

I have never seen purple sweet potatoes before, only the orange ones.

I like mine baked in the skins with concentrated orange juice & brown sugar.

5512

Post New Requests Here / Re: IDEA: (10+2)*5 Timer

« Last post by app103 on July 19, 2006, 05:35 PM »

When I was thinking about this, I thought of displaying the time left as a tooltip when you hover the mouse over the tray icon.

But then a thought occurred to me...

Clock watching when you are supposed to be working is a distraction...not a good one either. You would probably get more done during your 10 minutes of working if you weren't thinking about how many minutes you have left to work.

If this is going to be an anti-procrastination tool, maybe it would be best not to tell you how much longer you have to work till your next break.

But for the break, you should be able to know how much time you have left.

I was thinking of when the program loads, showing you a message box that says 'Time to work!' and when you click OK, the 10 minute timer will begin. When your time is up, another message box will pop up that says 'Take a break!' and when you click it, your 2 minute break will begin. When your break time is up, another message box will say 'Back to work!'. After it has looped the 5 times, the final message box will say 'Good job! You are done!'

I can give you a small options panel where you can set the work time length, break time length, and number of times it repeats. (just in case you want to adjust it) I may use this myself with a 60-10-3 instead of 10-2-5.

I promise I will not lock your pc during your breaks, and I'll make sure you can keep working if you wish. The point to this is to get work done, right? Not force you not to.

Maybe someday if you break the procrastination habit, you will need the TakeABreak. 

So what do you think?

5513

Post New Requests Here / Re: IDEA: (10+2)*5 Timer

« Last post by app103 on July 19, 2006, 04:22 PM »

ok...i'll do this one :-)

5514

Living Room / One Year Later: What we love & hate

« Last post by app103 on July 19, 2006, 12:05 PM »

July 19, 2006:

After reading this humorous list of what digg users love & hate, I decided to find out what it is that the members here at Donation Coder love & hate.

We love: Windows Explorer Process Tamer Maxthon autostitch the Coderman site the idea the community AutoHotkey word games reading these reviews where the so called "Opera fans" have to resort to insulting a user Lifehacker Genie Backup Manager feeling vindicated my webhost that feature articles like these reading ebooks this guy's sense of humor their simplicity and approach to disseminating content win key to download and try software needlessly complicated terms glitter how you can drag it around *nix trees custom sounds if someone would do that kind of hard work for me and write up what they think the differences are, pro and con visualisation techniques old games computers

We hate: snoops CSS having to save the image the whole concept of marketing having to go to each merchant's site to track each individual purchase paint Linux MS receiving a canned response that doesn't even remotely address my problem from a company whose software I paid for desktop icons This Key Deluxe Edition those keys programs that freak out and dont offer you a way to override people with neat ideas when people quote stats like this haiku advertising to admit it installing the logitech drivers the ribbon 5 star reviews that say nothing more than "The best", "Nothing beats it" to imagine what it was like before that the sound of your voice when I hit a web site with a loud midi background theme at 2 AM and wake up everybody in the house

This was only from the first page.

Very strange that Cody didn't make the love list. 

5515

Living Room / Re: Really interesting post about new netscape digg-clone and paying bloggers

« Last post by app103 on July 19, 2006, 09:24 AM »

A few more blogs posting about it:

Among the top diggers are people who have submitted over 1000 stories to digg, with a 25-40% success rate in getting those submissions to the digg homepage! If you do some back-of-the-envelope calculations, you quickly see that paying those top diggers $1000 per month is a pittence for what Netscape will reap - hundreds of thousands of extra pageviews per month, maybe millions.

http://www.readwrite.../calacanis_offer.php

There is the question of whether or not this will fix this. Digg’s Achilles heel is that such a small group of active users drives so much of their success. However, even if those users bail to Netscape, others will certainly take their place at Digg. In my opinion, Netscape may gain some human assets and may get better story submissions, but Digg will probably continue to thrive.

http://www.techcrunc...ed-flag-at-netscape/

5516

Site/Forum Features / Re: DonationCredits CodyCoin Web Page Links!

« Last post by app103 on July 18, 2006, 08:05 AM »

Almost all the software on my site now has CodyCoin links on the pages. 

http://www.appsapps.info

5517

Borland C++ Builder Contest / Re: How to make it easier for people to donate to you, and other advice

« Last post by app103 on July 17, 2006, 04:11 PM »

Got a link for PADgen for ya! 

http://www.padgen.org/

This is the easy way to make a PAD file.

and a PAD faq:

http://www.padspec.org/padfaq.php

and a list of sites that accept PAD files:

http://www.asp-share...org/pad/padsites.asp

5518

Developer's Corner / Re: Virtualization Tools - What's Free, What's Not and What's it do?

« Last post by app103 on July 17, 2006, 07:23 AM »

BOCHS does full emulation of all instructions (S L O W!)

-f0dder (July 17, 2006, 07:01 AM)

I have heard that about it. But I have also heard that it is of more use to someone writing their own OS, rather than someone looking to run an OS virtually in order to try one out, or for testing applications on one.

5519

General Software Discussion / Re: Windows XP Myths

« Last post by app103 on July 17, 2006, 05:41 AM »

I think also the key missing in that that myth is "exploit", a vunerability needs to be expoited, i.e Windows may have had less vunerabilities compared to every other Nix varient under the sun, but there a damn site easier to exploit.

But hey im an MS user, i like to be kept on my toes. 

-mukestar (July 16, 2006, 08:17 PM)

The more popular an operating system is, the more that the exploiters will want to exploit it.

Windows is the most popular, so most of the efforts to find & exploit vulnerabilities is focused on it. Linux is less popular so not as much effort is put into exploiting it.

If you want to be even 'safer', then get yourself an OS that hardly anybody uses. The exploiters won't bother with it because it's not worth the trouble...too rare to be much fun.

Amiga OS4 could have a million+ vulnerabilities, but since hardly anybody uses it, they haven't been discovered, nor exploited.

Creating a web page that will do some nasty thing to a visitor isn't very practical if you are targeting something that may never see that page, like Amiga OS4. You could wait years before someone running OS4 with Ibrowse shows up (if ever).

It's more likely you will catch more and do the most damage if you target IE on Windows, which is the most popular combination.

That's why Windows isn't as 'safe' as Linux...and why running Amiga OS4 is 'safer' than both.

5520

Find And Run Robot / Re: Odd bug with FARR

« Last post by app103 on July 17, 2006, 05:16 AM »

Anyway, the problem I found is when I start cmd.exe the command prompt PATH is wrong. By wrong, I mean it's not what I have in the system properties. Very strange.
When I start cmd.exe from Start menu > Run it's correct.

Using procexp I noticed that when launched from FARR that the path was correct but the command line argument wasn't.
The shell started from Start > Run has a Command line of "C:\WINDOWS\system32\cmd.exe" while FARRs has nothing for the command line.

-chrisGrind (July 16, 2006, 07:58 PM)

That has a lot to do with where and how it's started. You will notice that when you start it from start>run>cmd.exe that the path is "C:\Documents and Settings\YourProfile>"

While if you start it from start>run>"C:\WINDOWS\system32\cmd.exe" it will start in "C:\WINDOWS\system32>"

I am not sure of the exact argument to pass on command line when starting it in order to start it in any directory you desire. Maybe someone else can post & explain how to do that....and then explain how to do it with FARR.

5521

Developer's Corner / Re: Virtualization Tools - What's Free, What's Not and What's it do?

« Last post by app103 on July 17, 2006, 04:55 AM »

and Bochs(free/open source):

http://bochs.sourceforge.net

Bochs is a highly portable open source IA-32 (x86) PC emulator written in C++, that runs on most popular platforms. It includes emulation of the Intel x86 CPU, common I/O devices, and a custom BIOS. Currently, Bochs can be compiled to emulate a 386, 486, Pentium, Pentium Pro or AMD64 CPU, including optional MMX, SSE, SSE2 and 3DNow! instructions.
Bochs is capable of running most Operating Systems inside the emulation including Linux, DOS, Windows® 95/98 and Windows® NT/2000/XP.

tons of screenshots here:

http://bochs.sourcef...net/screenshots.html

5522

ProcessTamer / Re: ForegroundLockTimeout Value

« Last post by app103 on July 16, 2006, 07:03 PM »

Wouldn't it be better to set a key on first run and check for that key each time it's run?

something like firstrun = 0

And if that key isn't present, change ForegroundLockTimeout back to 200000 and create the firstrun key so you won't have to change it again next time it's run.

5523

General Software Discussion / Re: Windows XP Myths

« Last post by app103 on July 16, 2006, 11:26 AM »

It's a good list, for the most part, but I think he's a bit clueless when it comes to blocking malware with a hosts file.

Special AntiSpyware Hosts Files attempt to associate a known safe, numeric address with the names of sites you want to block. When the user or any process on the PC then tries to access a blocked site, it is instead directed to the safe location. This works as long as the site's numeric IP address never changes. But IP addresses do change and they're supposed to be able to. The Web operates via "dynamic" naming, where a human friendly name (www.google.com) is actually an alias for the real address, which is numeric. The numeric address can and will change from time to time as a site or server is moved or reconfigured. 

-Hosts File

You are supposed to use the localhost IP of 127.0.0.1 as the safe location. I have never known that to change when some other site changes their IP. It doesn't point google.com to Google's IP. It points BadMalwareSite.com to your own pc, where you are not likely to pick up a malware infection from.

The Hosts entry will permanently point them to a dead location!

That's the whole point to it! That's how it works!

People with out-of-date addresses hardwired into their Hosts File will no longer be able to connect to any site whose numeric address has changed.

How can localhost be out-of-date? It doesn't change. And how can pointing the domain name of a bad site to yourself block a good site with a different domain name that wouldn't be in your hosts file to begin with?

It's almost impossible to update a Hosts file frequently enough to guard against all threats and even if you did, you'd probably also run into problems in accidentally blocking good sites that happened to move to new numeric addresses.

He is only partially right there...you can't add entries fast enough to block all malware, nor can you ever know all of the possible ones you should block.

But since you are only redirecting the bad ones to yourself, the good ones are not affected by an IP change....they were never in your hosts file to begin with.

When cleaning Malware/Spyware from a PC, it is much easier to check a clean Hosts File then one filled with thousands of lines of addresses.

How hard is it to open the Hosts file in Word (or a small free proggie like my AlphaSort) and alphabetize the lines?

All the malware entries will be the lines beginning with a different IP than 127.0.0.1 ...and they will either rise to the top, listed after the #comment lines, or drop to the bottom, when you alphabetize the whole list.

Notes - There is a much better solution for bad site blocking using SpywareBlaster which more intelligently use's Internet Explorer's built-in Zone Security settings and the registry.

That only works for IE and IE based browsers, which even though they are the ones that end up being the cause/victim of spyware most of the time, it is theoretically possible to get an infection while using Firefox, Opera, or something else....and sooner or later you will start hearing of it happening.

ActiveX isn't the only way malware gets onto a PC through a browser...Java & Flash are also exploitable paths to your PC.

Using a hosts file to block the same domains that would be entered into your registry by SpywareBlaster will accomplish the same thing that software does...only it will protect all users of any browser or any software on that pc. The domains will be unreachable with anything you could possibly run...not just IE.

And the InformationWeek article he references has nothing to do with using the hosts file for prevention of malware. It was referring to using the hosts file for speeding up your connection by including the IP's of sites you visit often.

There is one thing I have to say about a hosts file he didn't mention...and his SpywareBlaster solution would also fail miserably too. And that is in the case of scripts that reference an IP directly and not use a domain name at all.

You can't redirect an IP to yourself with a hosts file...only a domain name and be redirected.

And if you start adding IP's to your security zones, you will eventually end up in a similar hell to one he was warning you about, where websites you want to use end up not working right because their IP's may have changed to ones you added. And finding the IP in your registry that is the cause of a problem is tougher than you could imagine when you have a whole bunch in there. You would have to remove them all and add them back 1 at a time till you discovered the one that breaks the good site.

In a case such as this, I would add IP's to my firewall if I wanted to block them. And if a good site is somehow blocked, it would be easy to figure out which IP to remove from your list by checking the firewall log and see what was just blocked when trying to access the good site...that's the one that needs to be removed.

so in summary...

the hosts file is used for blocking domains you want no contact with, ever

firewall to block ip's you want no contact with, ever

and zones for sites & ip's you want contact with, but you want them to be broken.

5524

Developer's Corner / Re: A rant on syntax and verbosity, why ruby is not for me

« Last post by app103 on July 15, 2006, 08:11 AM »

What does "elegant" really mean, in the context of programming?  Does it mean anything at all?

-mrainey (July 15, 2006, 07:23 AM)

To me 'elegant' is code that is written so well, and so obvious, it doesn't need comments...it speaks for itself. And it's author thinks of everything...including the idea that some day someone may have to change it....or add a new feature. And it's ready for that, from the start.

And that can't be done by shoving it all in 1 line.

5525

Post New Requests Here / Re: IDEA: time in the title bar and also a scroll/num/caps indicator

« Last post by app103 on July 15, 2006, 08:06 AM »

oops...sorry...I thought jgpaiva's program displayed the key info in the titlebar.

I misunderstood.

nevermind