NANY 2011 Release: JottiQ

[Ath]

Just tested a few more platforms (though not requested, but I have them hanging around in VMWare)
Windows Server 2003 R2 32 bit: After installing all prerequisites it all works fine, but there is no Icon displayed in the context menu. But that's a W2K3 setting, AFAIK.
Windows Server 2008 R2 64 bit: Same prerequisited, and the Icon is shown as expected.

[worstje]

Just tested a few more platforms (though not requested, but I have them hanging around in VMWare)
Windows Server 2003 R2 32 bit: After installing all prerequisites it all works fine, but there is no Icon displayed in the context menu. But that's a W2K3 setting, AFAIK.
Windows Server 2008 R2 64 bit: Same prerequisited, and the Icon is shown as expected.

-Ath (December 28, 2010, 09:09 AM)

Awesome, thank you for the tests. I didn't expect to have someone test it at so many OSes.
As you already know (but I think it is nice to share with the rest of DC) I have fixed the issue regarding the icon on the post-XP, pre-Vista Windows varieties.

[Ath]

Now also tested on Vista x64 (in close cooperation with worstje), and we concluded that both the x86 and x64 VC++ 2010 redistributable packages need to be installed on a x64 OS to get this thing up and running. The new installer just takes care of that, and also installs the .NET 4.0 Client Profile, if no .NET 4.0 runtime is found. It's downloaded fresh from the MS servers during installation, and automatically includes the proper language pack for your OS, for as far as we could see.
Now worstje is ironing out the last wrinkles, so we won't have to wait much longer for the official release

[worstje]

With 2 hours and 50 minutes left according to the clock on my corner of this giant egg, I present the official v1.0.0 release of JottiQ.

• JottiQ v1.0.0 Installer
• JottiQ v1.0.0 .7z archive

Readme.txt and all the other good stuff can be found in the topic start.

The best wishes for 2011 everyone, and have a Happy New Year DonationCoder!

[mouser]

nany deadline is midnight CST:
http://www.timeandda...imezones/na/cst.html

[worstje]

Well, that's when I'll be asleep, so this will have to do. 

[Perry Mowbray]

nany deadline is midnight CST:
http://www.timeandda...imezones/na/cst.html

-mouser (December 31, 2010, 02:42 PM)

Next year we must get a countdown ticker... 

[kyrathaba]

Next year we must get a countdown ticker... 

Definitely!!

I tried to synch-up my laptop clock, but I find a 2-3 second discrepancy between the www.datetime.com website, and time.windows.com ...


NANY 2011 Release: JottiQ

[Ath]

Just installed it, and it has really gotten better! The extra features just make the difference, and the UI improved by applying 'Less is more' .

And thanks for the credits it was a nice job to do.

[worstje]

Just installed it, and it has really gotten better! The extra features just make the difference, and the UI improved by applying 'Less is more' .

-Ath (January 01, 2011, 05:52 AM)

Yeah, the aim was to polish and apply the final touches.

And thanks for the credits it was a nice job to do.

-Ath (January 01, 2011, 05:52 AM)

No, thank you for your work. It is very much appreciated.

[Bamse]

If blinded by polishing I think you will find that program is begging to be announced on security forums once you are done, like Wilders for example.

I just stumbled over program so have no other input - other than perhaps you should have a confirmation box for the "Adds the executables of currently running processes to the queue" Is a hefty task for Jotti and much "Avaiting processing" Cool feature though but should probably not be used without real intentions. No way to stop it once it sets off. Can delete individual entries I guess but a big task anyway - a "Are you sure?" box would be fine.

Good competition for VirusTotal 

[mouser]

This is definitely one of my favorite NANY entries this year.. really awesome. 

[worstje]

If blinded by polishing I think you will find that program is begging to be announced on security forums once you are done, like Wilders for example.

-Bamse (January 01, 2011, 02:59 PM)

If anything, I think Jotti's malware scan itself deserves the bigger praise. I only made the outside shell.

I just stumbled over program so have no other input - other than perhaps you should have a confirmation box for the "Adds the executables of currently running processes to the queue" Is a hefty task for Jotti and much "Avaiting processing" Cool feature though but should probably not be used without real intentions. No way to stop it once it sets off. Can delete individual entries I guess but a big task anyway - a "Are you sure?" box would be fine.

-Bamse (January 01, 2011, 02:59 PM)

Duly noted. I didn't originally intend to add the processes feature in the first place - I am afraid it will detract from its primary purpose to investigate specific objects. The more easily one adds things, the more likely one is to throw his/her entire PC over the internet. (Slow as a process as the throttling might make it, it is still a form of abuse that is very easy to achieve.)

Once I am done bugfixing the current release and aiming towards a v1.1 or thereabouts, I'll look into adding a progress window. I intended to add it at one point, but the delay wasn't all that noticeable to me originally. Not enough to make me feel the urge to throw a dialog up, anyhow.

Good competition for VirusTotal  

-Bamse (January 01, 2011, 02:59 PM)

I do not know VirusTotal at all, so I can't really comment. However, you did remind me of something else I feel needs mentioning.

The ability to add processes is severely limited in its current form. It only adds processes you have access to inspect, and far less than you might expect if you are for example used to using Process Explorer. It doesn't add the svchost.exe, nor lsass.exe, nor other things running as a service or otherwisely out of JottiQ's reach. (I intend to find out why though - PE seems to have no issues divining the executable of a process without needing to be elevated.)

To boot, one needs to remember that JottiQ _only_ adds the executable of the process, and that a process can be malicious even if its executable is completely harmless. svchost.exe is a good example of that - it is a Windows component that runs services, and those can very well be malicious in nature.

All in all, thank you for posting. I am glad someone else sees the purpose and usefulness of JottiQ.

[worstje]

This is definitely one of my favorite NANY entries this year.. really awesome.  

-mouser (January 01, 2011, 03:05 PM)

And you, stop it. One of these days you're going to make me blush in front of all of DoCo and its visitors.

[Bamse]

I don't know if Virustotal was the first of this type of service but it is the most popular. Does the same as Jotti but in a more slick packing. Also has upload tools http://www.virustotal.com/advanced.html I think yours will have more direct appeal to usage being a real application.

If you throw your self at security forums at some point be sure to mention dependencies, auto-download during installation. Harmless details like that can make some people go crazy in a non-productive way

[worstje]

I don't know if Virustotal was the first of this type of service but it is the most popular. Does the same as Jotti but in a more slick packing. Also has upload tools http://www.virustotal.com/advanced.html I think yours will have more direct appeal to usage being a real application.

-Bamse (January 01, 2011, 04:05 PM)

Whether or not VirusTotal was the first, I wouldn't know. According to Wikipedia it was launched in 2004. I know from personal use (and the footer on Jotti's malware scan) that Jotti also goes back to that same year. Either way, who cares who was first - it is good that other people thought of the usefulness of such a service, and even better that people have an active community such as the one VirusTotal seems to have.

If you throw your self at security forums at some point be sure to mention dependencies, auto-download during installation. Harmless details like that can make some people go crazy in a non-productive way

-Bamse (January 01, 2011, 04:05 PM)

This matter has been given plenty of attention in the Readme file. Or do you mean that the installer installs those dependencies without asking the user? I haven't tested the installer into cruciating detail myself - Ath was kind enough to offer his services and I gladly accepted that offer. If you confirm this, I'll let him know (or he might read) that asking the user might be preferable.

However, as far as I am personally concerned people can use the installer-less .7z archive. It will work just fine assuming said dependencies are installed.

Also, I am not sure if I will do much in the way of advertising JottiQ. The way I see it, a good product/application will sell itself, especially so when it is free. If you feel JottiQ deserves sharing with others, by all means go ahead - if JottiQ helps people I am more than satisfied.

[Bamse]

I was hinting that if you make a thread on X security forum it is not enough to have a perfect readme.txt. There are people who might freak out seeing installation doing visual c++ or .net downloads. Just how a few noisy people roll. On a very bad day you can get a "stay clear of this" label. No reason to such "marketing" risk so if you mention dependencies in post problem is not lack of info. Actually it is a nice feature program does not just crash, stall, refuse to install because of lacking parts. Many will have trouble finding them at MS site.

I think program downloaded or updated some visual stuff on my Vista 64bit, no problems with that.

I noticed Ghacks wrote about Quick Cliq yesterday with reference to this N.A.N.Y thing so marketing for a good free product probably do happen automatically Security forums are of course obvious targets for mass spreading or testing for that matter.

[mouser]

Also, I am not sure if I will do much in the way of advertising JottiQ. The way I see it, a good product/application will sell itself, especially so when it is free.

the unfortunate reality of this world is that you sometimes have to be the one to spread the word a little about your own software.  this is a program that deserves to be discovered by people so i think it's worth doing.  hopefully the nany event will get it some exposure, HOWEVER having a web page and a pad file for it would definitely help and be a step in the right direction.  let us know if you want some DC web space.

[worstje]

HOWEVER having a web page and a pad file for it would definitely help and be a step in the right direction.  let us know if you want some DC web space.

-mouser (January 01, 2011, 04:50 PM)

I already have the DC webspace - where did you think the downloads are hosted? I just totally lack the time to do anything with it. Between real life, Cautomaton and JottiQ, there's barely enough of me to keep things together.

Look into it however, I will. I think you said something about a tiny cms system some other members use for a similar purpose, happen to have an easy link handy to the one you had in mind?

[mouser]

Website Baker is used by several DC people on their DC web spaces, and works well.

See also this thread.

[worstje]

I'll look into it, thank you.

[cranioscopical]

Hey! 1.0.1 is out!

After listening patiently to a couple of trifling issues of mine and then being so accomodating as to eliminate them, worstje has released version 1.0.1 of JottiQ. 

Watch the first post in this topic for its appearance.

[worstje]

JottiQ v1.0.1 is brought to all of you by nobody other than our resident babblemouth cranioscopical.

_{The opening post has been updated to match, by the by.}

[Ath]

...auto-download during installation. Harmless details like that can make some people go crazy in a non-productive way

-Bamse (January 01, 2011, 04:05 PM)

As unfortunate as that (user)behavior may be, the JottiQ installer really throws a big Yes/No messagebox, listing all prerequisites and their sizes, at the user if (any of) the pre-reqs need to be downloaded and installed.

It might be a good practice to pre-announce that with the download-link (but not offer any links), so a really paranoid user can download these pre-reqs himself from the source he wants/trusts.
This installer downloads the proper web-installers from Microsoft and installs the frameworks, including their proper language-packs, as and if required by the OS at hand.

Undesirable workaround hidden here...

If it gets really problematic, I could add a feature to select something like changing the Yes/No to Yes/No/Cancel, to either Yes:download & install, No:skip the pre-reqs & continue or Cancel:halt the complete installer, but that could  lead to a non-working installation of JottiQ (or anything else that uses the script-parts I used) and would not really be desirable, IMHO.

[worstje]

If there is a proper messagebox, it is completely fine by me. I am against installing if the requirements are not installed - while with a .7z archive it is okay for stuff to break if people deny such a thing, people expect that if an installer completes the application will work. Thus, offering an option that would result in a non-working installation is lunacy by my book.