Jason: Hmm, yes, I've checked and you appear to be correct. I'm surprised, I'm /sure/ I remember there being a time when DVD-RW's didn't all burn CD's (and certainly it's possible to make one that doesn't)

Rose: You can have a DVD burner that won't burn CD's... not that this is germane to the issue.

TheLamer: Grab screenshot, edit it (i.e. destroy anything other than certain region (message box area), run OCR on it, push it to clipboard. Should work, but I don't do windows (for any cheaper than $100 a minute, anyway)...

TheLamer: Wow, was that a joke? Of course, it has a slight amount of truth in it; the GPL has been quite effective at making the world less closed source.

anastasia: I don't... but it really wouldn't have hurt to just ask. Worst thing that happens is no one knows, all delaying does is make you wait longer and possibly - though unlikely - someone leaves before you post the question.

Unless it's a very long question, in which case I suppose it might save you time.

Summertop: I'm sure you know that, it doesn't make it any more correct though ;) A NAT router that has just one IP address will make all computers behind it appear to have one IP address, yes. But it doesn't have too.

I've got a router sitting right here that doesn't, actually. I've got all of 2001:1b40:d::/48, router has 2001:1b40:d::1, this system has 2001:1b40:d:3:2c0:9fff:fe3c:131d and other systems have... umm.. other ones.

/me hopes IPv6 is adequate protection from script kiddies

Summertop: "Remember, to the internet, everycomputer behind a router appears to have the router's IP address.

Did I get this right?"

No. That's not even true for NAT (as you can have two computers sharing one IP address and two computers sharing another with NAT - still NAT, but they're not all the same IP).

OT, why is won't rather willn't? You don't say wo not, but you do say will not. Even wiln't would make more sense.

Hmm, Networking 101 ;)

Ok... assuming this is IPv4 were talking about (it is), an IP address is a 32bit number . It is included in IPv4 packets and is used by systems to route the data.

In the Internet, it works as so:
1. ICANN (Internet Corporation for Assigned Names and Numbers) delegates 'blocks' of IP addresses to RIRs (Regional Internet Registries)
2. RIRs delegate 'blocks' of IP addresses to LIRs (Local Internet Registries - typically your ISP)
3. LIRs delegate IP addresses to users.

There are proboably lots of rules governing RIRs and LIRs but I don't do internet politics.

Anyway, most end users will be given a 'dynamic' IP. In other words, your IP will be change and be within one of the ISP's blocks. It may change whenever you reconnect, hourly, daily, monthly, daily and whenever you reconnect, whenever you reconnect if you've been disconnected for more than n, when a full moon occurs at the same time as a solar storm is occuring, etc.

As for IP's being easily spoofed: yes. As I said, it's just a bit of data in a packet... BUT, it's not easy to get it out on the Internet anymore.

Most ISPs will block packets containing an IP address they consider based on differing criteria invalid. Even if they don't, you'll only be able to spoof the IP address within the ISP as whatever the ISP is connected to will most likely block packets not coming from within the ISP's network, etc. But it gets worse - or better (it mostly depends on which way you enjoyed rsh ;) - even if you manage to spoof your IP address, will you get the data back? Uh, no.. the person holding that IP address will or - as the case may be - won't. But you won't get it. And it's a lot harder to pretend you are (and there are good - or bad (it mostly depends on which way you enjoyed rsh ;) - reasons for doing so) now, too.

But, as mentioned, there are plenty of proxies aronud. And IP addresses change in some cases. And people get cracked. And people quit an ISP and somone gets their IP. So, very bad idea to use it even as just a possibility. Hell, it's profiling! It's discriminating against people who run Tor servers, for instance...

Andersp: mencoder.

Groucho: Errk, whatever happened to just teaching HTML rather than Frontpage? Or was that just a <strike>wonderful</strike> better dream?

ali: An SSE2 emulator is just a program that will.. ermm.. emulate SSE2.

There are a few ways to do it:

* Go through ALL the assembly and replace SSE2 with code that's equivelant, but isn't SSE2.
* Wait for invalid instructions to be hit (which should cause an exception/whatever your CPU wants to call it), then emulate them if they're SSE2. (I'm not sure this would work on x86.. but certainly it's a way of emulating instructions)
* 'Virtual machine': read the program and emulate all the instructions, updating it inside virtual machine (so change to eax register doesn't necesarily change eax register on real machine (it still could!)).

As far as finding one? Sorry, no idea. QEMU might do SSE2, but I doubt it... I think it just does PII.

ali: SSE2 emulator, but there WILL be a (proboably significant) performance decrease. Can't find any SSE2 emulator's, sorry.

BerniceC: "Britain 13mbps"... there's something very wrong there! You can't get more than 2megaBITS per second downstream normally and 256kBITS upstream. (Normally = phone line as Britain has a telephonic monopoly)

WhiteTower: Hmm.. need more information. How are you measuring the snail's pace - time taken to travel 100m's? What gradient is it at? What type of paint? What consitutes dryness (is it not sticking to your clothes with a brush against the wall dryness or when it has less than a certain amount of liquid content)?

If you expect an answer you must provide complete information! :P

AVI is actually a container format, so the quality has more todo with what it contains than it itself.

playBunny:

> Viruses can only affect Windows and programs, not the hardware. Reinstalling Windows will get rid of viruses and the like.

They can effect any OS if it's exploitable :) But getting away from technicalities, it is possible for viruses to affect the hardware: ACPI being a good example.

You could even consider using resources up as theoretical damage to hardware (overheating due to CPU being used constantly) - but then your hardware was fundamentally broken before that anyway ;)

ScarletRose: Awful they can use different file systems, it should be irrelevant for routing.

Hrqls: Well, although it's possible it's some odd (and incredibly stupid ;) security feature I find it unlikely; especially when the system is being routed through the 'authorized' system.

Also, I wonder whether XP drivers would work on ME? So that might not work; but certainly it is worth a try.

mrloupcity: I'm not quite sure what your trying, when routing through the XP box failed did you replace the network interface card (I'm hoping it's that rather than, say, a sound card ;) with another one and:

(a) Connect it directly to the internet connection
(b) Connect it to the XP box again

If it's b, are you using a straight-through or crossover Ethernet cable (I persume it's ethernet).

I would recommend trying to get the XP and ME box just communicating with each other; not connecting to the internet, just having a connection. ping will help you there.

ARGH, reading what I said it sounds like something a person set on UNIX domination would write; it also has a huge redundant chunk (redundant as I've already said it).

So, replace the second paragraph with:

+I don't think that ifconfig is harder to use than a graphical wizard; I doubt the man page info you need to know (do you *really* need to read all the flags? No?) is any longer than the text in the graphical wizard; but I certainly could be wrong.

playBunny: Sorry, that was ambigous. When I said "first presented with any graphical interface" I meant first presented with a graphical interface.

Theres nothing (IMHO) that makes configuring a network with tools like ifconfig any harder than a graphical interface; it's just unfamiliar. With knowledge of how to get help if your stuck (MAN PAGES! They're very good on some OS's ;) (No that's not a snide remark about Windows bad (non-existent?) documentation but a snide remark about another OS). Indeed, I feel ifconfig em0 10.3.1.3 is much simpler than Windows.

But yes, Microsoft doesn't seem to like shell users; it gets worse and worse each release from my very limited experience.

playBunny: Ah, proboably true. But how do you know what to do when first presented with any graphical interface? They've just learnt it.

On OpenBSD, the correct command to type would be 'help'. Quite useful.

WhiteTower:

> Of course the hardware doesn't matter

I wasn't talking about just hardware; I was saying that different OS's shouldn't make creating a network harder - notice "Windows" and "NetBSD"? Not hardware ;)

> but Windows XP has a nice "one-liner" itself - the Network Connection Wizard where very little information is needed by the user

It's not the information needed I'm talking about; it's that in Windows you have go to Start, something, Control Panel, something, Network, something, something, Interface name, something, IP address, something, ok, something, reboot (I don't know if you still have to reboot but my last experience you do).

> and the OS does all the dirty work "rewiring" its internals, resulting in a fully functioning wireless network

What dirty work? Configuring the actual physical network card with the information given? Yes, well UNIX does that too and I'm glad of it; I don't want to have an 'OS' being a nice little program that accepts machine code and executes it (the code must, of course, return back to the program that accepts machine code; it couldn't be as high-tech as doing that for you; no-no)

But I think you didn't mean that, but I can't see what dirty work there is; basic network configuration isn't complex (well, to me at least).

> in the same way that a true OS user would do, let's say, in Un*x :)

Well, things like that exist in the *nix world too; they come in Linux distros such as SuSE and Ubuntu. And of course, theres always dhcp (I dislike dhcp but I think the principle of dhcp is nice; I sort of like IPv6's autoconfiguration).

But, basically, my view is that you don't need a big program to do some basic configuration work; greater complexity does NOT make something easier or simpler.

I'd be intriguied to learn why you need a "Wizard" to configure a network; are people scared of the shell because it's (typically) black and white?

mrloupcity: Hmm, I don't understand what your question is.

WhiteTower:

> Unless you have Windows XP on all PCs involved (the "OS for dummies" <snip> then, yes, it is somewhat cumbersome to set up a nice wireless network

Heh, that reminds me of an image of a manual listing how to configure a network card on various systems. On all the UNIX'es it was a one liner, but on Windows it was an 11 step process :)

But going back to what you said, you said - effectively - that it is cumbersome to do a wireless network if not all PC's involved are Windows XP. Well, this may be true but it seems ridicolous if it is.

What's great about the internet is that there are standard protocols and that they don't care what the hardware, software or ANYTHING ELSE provided it all complies with the protocol.

As I believe Tim Berners Lee said, "People seem to yearn for the time when you couldn't read a document on another computer; never mind another network". But it's different now, a huge variety of systems and transportations - from the boring Ethernet to pigeons (yes, really) - all communicate with little problems. So a system on a network really shouldn't care about whether it's router is Windows or a toaster running NetBSD.

ali: Well, I don't know much about Windows but I don't see how NTFS is more secure. A quick google seems to indicate that NTFS is the only file system that supports permissions (or in other words has a bit of metadata that indicates permissions); ridicolous if that is true. So, from that perspective it is certainly more secure!

It's other 'security benefit' is that it supports file encryption; I'm not sure of the strength of it and I'd be curious to see how it is implemented - after all, it's not much use if the key is stored in plain text.

Also, according to "Forensic Discovery" decrypted text is still easily found in memory after it has been closed. And it's suprisingly hard to totally get rid of memory contents; especially with swap.

But, NTFS is proboably still the way to go.

----- START OFFTOPIC RANTING -----
From my plan9 view (proboably due to Ken Thompson and Dennis Ritchie's brainwashing) a more elegant solution of encrypted files would be to simply write a 9p server that provides it; it wouldn't fix the problem of information leaks but having swap space encrypted and erasing memory when used by another user should fix it - there doesn't seem to be any easy (and correct) solution, though.
----- END OFFTOPIC RANTING -----

temo:
> I would be glad to hear from playBunny and bitwisexor how they imagine safe system on Windows (XP or others) not Unix systems,

I'm not sure theres such a thing as a safe system. With Windows? A contradiction, surely ;)

Hmm... would QEMU on Windows runnning OpenBSD guest count? ;) I think that would proboably be considered cheating...

> so what application to use to protect agains worms, hacking attacts, viruses and other network threats.

Yes, well one of my points is using an application to defend against threats is the wrong approach; it's (sometimes) preventing the symptoms (exploits) rather than the cause (buggy software).

This is somewhat comparable to the view that quick patches makes the software somehow "more secure". If anything, after a few patches are released to fix security vulnerabilities I lose confidence.

If I had to (which unfortunately I have had to on a few occasionas) 'secure' a Windows box then I'd start by disabling all the unneeded (and theres a lot of that!) junk on it - which Microsoft seems to have intentionally made a harder task.

As you mentioned, don't use admin rights: in fact, I'd proboably suggest using a seperate user for tasks that involve untrusted data (something that should proboably done even on *nix).

As for not viewing "\"suspicous\"" web pages and not to open e-mail from "\"unkown\"" senders, that is - sadly - excellent advice. I say sadly because it shouldn't need to be done.

The problem with that advice is that of course it limits what you can do - indeed, I will often intentionally view (and dissect) "\"suspicious\"" things; something that admittedly, most people don't do (and as I use *nix it's not really a problem, but my point is that it limits what can be done).

Theres not really much else that can be done; maybye virus checkers will help but I have little experience in that area.

I wonder why people use Windows anymore. Perhaps I could understand why it was used, but - as much as I despise them (I take an elitist view to computing) - desktop Linux have made a lot of advancements and are not, I think, any harder to use than Windows; and at least they're less likely to have a mind of their own that's so evil.

P.S. I doubt theres anything you can do to defend from "hacking attacks" (attacks?); but I wouldn't worry, they won't do any harm. Or did you mean cracking? ;)

P.S. #2: Recently Microsoft seems to have been trying to make their software more secure; they have made some good decisions, but so far it doesn't seem to have worked.

temo: IMO a firewall well not stop you from being infected or attacked; at best it will reduce the likelihood of some attacks (firewalls themselves aren't perfect after all; in fact, many firewalls will end up reducing the security as they themselves can be exploitable - hardware firewalls are less likely to have the same problem (although it's not impossible, obviously) but can give a false sense of security). It will not stop passive attacks, for instance.

So far, the best use of a firewall I've found is to stop damn script kiddies polluting my logs...

I would be interested to hear why you feel a firewall is useful, of course.

I just noticed that this board accepts HTML (of some form)... lets see:

<script type="text/javascript">
document.write("Hello World!")
</script>

I do hope it uses whitelists, not blacklists :)

ali: clamav; <rant>though I personally despise anti viruses. They're a kludge (at best) that is working on preventing a known threat exploting a vulnerability (often due to design flaws more than anything) rather than fixing the root cause... </rant>

WhiteTower: I can't resist asking - if you dislike Microsoft, why are you using their products?

Badinage: The cache copy doesn't mean it's been withdrawn from the site, I just downloaded it right now. The cache was provided as it is in HTML, so users who don't have PDF wouldn't have to bother getting it or go to another site to convert it.

Whatever security features exist, screen capture is always an option.

Another google turns up http://www.verypdf.com/pwdremover/ - but I've got no way to verify it's claims since I don't use Windows.

I couldn't find any information regarding the new PDF technologies, could you give a link to the changes?

Interestingly, a look at my PDF viewer's (xpdf) site on page http://www.foolabs.com/xpdf/cracking.html suggests that a change of the code would allow for evasion of security.

Considering that the code is freely available, it would seem quite weak. But I could be interpreting it totally wrongly.

As you said, it'll keep 99% of people out of it.

Badinage: "O
bviously there are ways around these security settings (as with anything thesedays) but genrally they are secure!! "

Generally they're secure? I don't see how. Could you explain?

My logic goes that it is impossible to prevent editing. If you can read something, then you can edit it. You can put whatever DRM technologies you like in it but if at any point it reaches output, it is compormised.

It's like trying to stop music from being copied. You can put it in a DRM format, but the moment it reaches speakers then those speakers could also be recording it. And once it has been recorded, you can have it in any file format you like - and so, easily editable. You don't even need to reverse engineer the format if it's secret.

Well, I suppose the point is like many DRM technologies, it stops users who don't have the knowledge - in this case, how to use google...

A quick google turns up ww.cs.cmu.edu/~dst/Adobe/Gallery/PDFsecurity.pdf or in HTML http://216.239.59.104/search?q=cache:zTA8yxcJthYJ:www.cs.cmu.edu/~dst/Adobe/Gallery/PDFsecurity.pdf+PDF+security&hl=en

Don't rely on PDF or any format for stopping people editing. It's impossible! If you want to prevent people reading it, then encrypt it with some strongish encryption. (Recommendation would be PGP - although arguably the encryption of the data is done with IDEA cipher, IIRC.)

One notable exception to capturing and editing is a technology that I think (I could have imagined it, I can't remember it clearly) is distorting somehow (I said I couldn't remember it clearly) an image that a human would not notice (as the brain corrects it) but would make any recordings obfuscated. This, I would argue, is a failure in recording equipment and would still suffer the same problems if captured directly - i.e. not through a camera.

Jason: Hmm, I could be wrong but I'd expect it to be pretty expensive. You could write a proxy to convert brainking games into a text based format. Would reduce the bandwidth usage *a lot*. Might be a bit hard to write, but I'd expect it would be fun to code.

If your interested in doing that, I'd recommend a high level language that has a good HTTP interface. This allows you to skip over messing directly with the protocol and save you a lot of time. Regexp is proboably useful for gathering data, unless theres some other way to access brainking I'm missing (an RSS feed of games, for instance..)

fra: x+2? I don't see how that does anything. x += 2 maybye... And there should be a void rather than empty ().

I think the following illustrates it:

nrad@peregrine% cat test.c ~
int x;

int main(void)
{
x+2;
printf("%d\n",x);

return 0;
}

nrad@peregrine% gcc test.c -o test ~
nrad@peregrine% ./test ~
0

Infact, looking at the assembly it appears to have been seen as gcc (correctly) as a nothing instruction and optimized away.

Hrqls: I've taken free (most likely wrongly) to mean free in the terms of the FSF (Free Software Foundation) and in monetary terms, and a quick google turns up PDFcreator.

A screenshot (if you care) is here:
http://sourceforge.net/project/screenshots.php?group_id=57796

You can download it: http://sourceforge.net/project/showfiles.php?group_id=57796

You proboably want Patch02-PDFCreator-0_8_0.exe

Free as in speech and beer!