 |
|
|
|
|
|
| |
| |
|
|
|
|
| |
| |
|
|
On 09/10/2011 10:00 PM, Jim Henderson wrote:
> The point was that Andy said that binary blob data could be stored in the
> registry and not a Linux configuration file. Point is, it could be
> stored in a Linux data file, but since it's common to change
> configuration items with an editor in Linux, it's not common to use a
> binary format (though the timezone file is an exception to that IIRC).
The point being, if you want to store some binary data in the middle of
a textual configuration file, you have to base64 encode it or something
(which is less efficient). If you want to stick some binary data in the
registry, you can just store it as binary.
The next question is obviously "why would you want to do this?"
Obviously you shouldn't be storing /large/ amounts of opaque binary
data. That kinda defeats the whole point. But things like hashed
passwords, cryptographic data, product keys, etc are all reasonable
examples.
Post a reply to this message
|
|
| |
| |
|
|
From: Invisible
Subject: Re: Is this the end of the world as we know it?
Date: 10 Oct 2011 06:01:59
Message: <4e92c297@news.povray.org>
|
|
|
| |
| |
|
|
On 09/10/2011 10:39 PM, Darren New wrote:
> (Actually, I still giggle that I had a
> co-worker who had installed and uninstalled so much experimental crap on
> his machine that he got a yellow-on-grey-screen-of-death every time he
> logged out.)
Dude, that's *special*.
Although, if you're feeling left out, SysInternals has a tool to allow
you to set the colours of a regular BSOD to be anything you want...
Post a reply to this message
|
|
| |
| |
|
|
|
|
| |
| |
|
|
On 07/10/2011 11:53 PM, Darren New wrote:
> On 10/7/2011 15:04, Orchid XP v8 wrote:
>> No - that's just poor program design. Everybody has that... ;-)
>
> Actually, I think it stems from programmers targeting in-house experts.
Targeting a program at somebody other than who your eventual users are
going to be? Yes, that would be... "poor design". :-)
Or, if you wanted to be particularly generous, "feature creep"...
Post a reply to this message
|
|
| |
| |
|
|
From: Invisible
Subject: Re: Is this the end of the world as we know it?
Date: 10 Oct 2011 06:11:46
Message: <4e92c4e2@news.povray.org>
|
|
|
| |
| |
|
|
>> So, just because it does strong authentication, you think that means the
>> actual data is encrypted?
>
> It's actually a certificate verification message, not a 'strong
> authentication' message. It's asking about an SSL certificate that's
> used to encrypt the entire communications channel.
>
> You know, like actual security.
Fact: It doesn't matter how strong the authentication process is. This
does not automatically mean that the data that follows is encrypted in
any way at all.
> Don't believe me? Fine, I'll do a wireshark trace on it.
>
> Nope, 1200 packets, nothing in the clear.
And how do you tell whether random binary data is encrypted or not?
> "128-bit encryption, using the RC4 encryption algorithm, as of Version 6.
RC4? Man, how ancient is that? You realise it was a weakness in RC4 that
allowed WEP to be broken, right?
> Nope, I guess you're right. Adding 128-bit encryption isn't security.
Fact: The number of bits in the encryption key is not directly related
to how secure the encryption is. Triple DES has a 168-bit key, and it's
widely considered far too insecure to use.
> "Support for Transport Layer Security (TLS) 1.0 on both server and client
> ends (set as default)."
Now that's more like it.
(Sadly, on further investigation, it appears that TLS 1 still uses RC4
or Triple-DES. So much for HTTPS being secure...)
> Clearly I don't have a clue what I'm talking about.
I'm still left wondering how many of these features are actually turned
on by default. Every Windows protocol I know of sends everything
unencrypted by default, and most of them offer no possibility of adding
encryption. I'd be rather surprised if RDP is different.
> Oh, and I pointed you at an SSH server for Windows. It comes with Cygwin.
Right. I didn't know about that when I set this up.
Post a reply to this message
|
|
| |
| |
|
|
|
|
| |
| |
|
|
>>> Why do you need that? All that sort of thing is built into Windows.
>>
>> Really? So how do I create an encrypted video connection to the target
>> machine, while at the same time preventing anybody else from doing the
>> same?
>
> Have your target go to the help center and send you an email for "remote
> assistance", and have them tell you the password over the phone. (You
> might have to have them turn on "cp->system->remote->allow remote
> assistance" if they've turned it off.)
>
> If you have a non-"home" version of Windows, set up Remote Desktop,
> which is in controlpanel->system->remote settings->remote->allow remote
> desktop. Of course, once they've done the former, you can remote in and
> do the latter for them.
>
> HTH!
Have you ever tried explaining all that over the phone to somebody who
can't even work a mouse properly yet?
Of course, you would also need to poke a hole in the firewall for that
to work. And make sure I edit whatever settings it is necessary to turn
on encryption. And add a secure password. (The current admin password on
the machine is trivially breakable.)
...or I could set up a *real* VPN, which is *actually* secure...
Post a reply to this message
|
|
| |
| |
|
|
From: Invisible
Subject: Re: Is this the end of the world as we know it?
Date: 10 Oct 2011 06:16:34
Message: <4e92c602@news.povray.org>
|
|
|
| |
| |
|
|
>>> Sounds *so* familiar. Another reason to use Linux. ;)
>>
>> How the hell would that help?
>
> It helps because I can claim that I don't know much about modern versions
> of Windows and point my mom to someone who's local to get help with her
> problems. ;)
The force is strong with this one...
Post a reply to this message
|
|
| |
| |
|
|
|
|
| |
| |
|
|
On 10/10/2011 2:18, Invisible wrote:
> You learned Unix by reading a reference manual? How is that even possible?
The first entry in each section gives you the concepts.
--
Darren New, San Diego CA, USA (PST)
How come I never get only one kudo?
Post a reply to this message
|
|
| |
| |
|
|
|
|
| |
| |
|
|
On 10/9/2011 21:42, Jim Henderson wrote:
> Are you sure about that?
Pretty sure. Certainly people like suing Microsoft more than they like suing
open source projects. :-)
> If Acrobat Reader crashed a Windows box, it would be
> Adobe's problem regardless of if Microsoft distributed the file or if
> they got it from Adobe.
Yet, oddly, people blame Windows when a video driver crashes. Fancy that.
> But a "repository" for Windows is just a "download" site. It doesn't
> include actual software management elements per se.
The management elements are built into the software you download. That's
why, for example, you have things like "Programs\Common Files" and
"Add/Remove Programs" and things like that.
Now, yes, the fact that each program manages its own means you have to deal
with legacy software repositories, so it doesn't always work as cleanly as
it might. DOOM still installs to C:\DOOM or some such. However, there are
actual software management elements available, *if* you want to make use of
them. Many small projects don't.
--
Darren New, San Diego CA, USA (PST)
How come I never get only one kudo?
Post a reply to this message
|
|
| |
| |
|
|
|
|
| |
| |
|
|
On 10/10/2011 2:52, Invisible wrote:
> My favourite one is how inserting a CD is enough to completely lock up the
> entire Windows GUI. Or how if your DHCP server doesn't answer, Windows locks
> up until that times out. Or...
Neither of these statements is true. Not sure what you're smoking there. :-)
--
Darren New, San Diego CA, USA (PST)
How come I never get only one kudo?
Post a reply to this message
|
|
| |
| |
|
|
|
|
| |
| |
|
|
On 10/10/2011 2:46, Invisible wrote:
> In my humble opinion, if you need to *search* for a file on your local
> system, you're doing something horribly wrong...
Or you do real work with it. Or you're sitting at someone else's computer.
Or you collaborate with other people.
--
Darren New, San Diego CA, USA (PST)
How come I never get only one kudo?
Post a reply to this message
|
|
| |
| |
|
|
|
|
| |
