Like many of you, I had a drive that showed up in the “Safely remove hardware” tray icon, and was unable to remove it.
The trick is to subtract 4 from the Capabilities in the registry. Not easy, but it can be done. The only thing is that it keeps coming back after every boot ! And it looks like the value cannot be edited under Vista. Here is how to fix it for good.
I just put online version 1.4 of my replacement Gina ! Thanks to everyone who gave me a break while I was spending more time house shopping, buying and renovating. This release is very good, thanks to everybody who wrote me about problems they were facing… Here is what’s new :
Next up ? I am not sure. I am thinking about a self-service application, like a companion product, and when I get that to work, find a way to integrate that concept with Aucun. Something like after N bad logon, you are redirected to the self service application.
Enjoy !
I left a terrible bug in version 1.3 of my replacement Gina. I didn’t want to miss any test case this time, so I wrote a batch file that tests every one of them. That batch file adds a user to a group and a group to the registry. There are two possible groups in the registry, and the user can be a member of either two groups, making 2^(2+2) possibilities, 16 use cases.
After a few lines in, I realized that I would be less work to order the tests in a way that would minimize the change to the configuration between any two tests. In other words, when a n+1 test case required a change to the registry, then the user group membership should not change, and vice-versa. That would also make it easy to investigate a failed test, because only one thing would change between any two tests.
Then it hit me.
Well actually, I had to stop and think for a while. Kind of like my mind restoring a dusty old tape archive… I remembered that mathematician Richard Hamming had a code for that. It’s a numbering scheme where only 1 bit changes between any two numbers. The number of bits that change is the Hamming distance between two numbers. Using four information bits to represent each possible use case, I came up with the following table. The first two rows (MSB, in blue) are user membership to a group, and the two last rows (LSB, in green) is the presence of that group in the registry. Ordering my tests that way gave me a constant Hamming distance of 1.
| Decimal value | 0 | 1 | 3 | 2 | 6 | 7 | 5 | 4 | 12 | 13 | 15 | 14 | 10 | 11 | 9 | 8 |
| Unlock | 0 | 0 | 0 | 0 | 0 | 0 | 0 | 0 | 1 | 1 | 1 | 1 | 1 | 1 | 1 | 1 |
| Logoff | 0 | 0 | 0 | 0 | 1 | 1 | 1 | 1 | 1 | 1 | 1 | 1 | 0 | 0 | 0 | 0 |
| Unlock | 0 | 0 | 1 | 1 | 1 | 1 | 0 | 0 | 0 | 0 | 1 | 1 | 1 | 1 | 0 | 0 |
| Logoff | 0 | 1 | 1 | 0 | 0 | 1 | 1 | 0 | 0 | 1 | 1 | 0 | 0 | 1 | 1 | 0 |
| Expected test result | Gina | Gina | Gina | Gina | Gina | Force logoff | Force logoff | Gina | Gina | Force logoff | Unlock | Unlock | Unlock | Unlock | Gina | Gina |
The only drawback to this is that all the typing I saved writing my test batch file, I wasted on this blog post !
I noticed a new link in my GMail account (I am using gmail for your domain), showing the sessions used to connect to an account and the last time since it had activity on that session.
Pretty neat, although I doubt a regular user will be able to make sense of any of that… In my case, it shows that from the last time I was online at home (IP 66.x.x.x) and the next time I was online at work (IP 199.x.x.x), there were only seven hours.
| Recent activity: | |||||||||||||||||||
|
|||||||||||||||||||
And yes, I took time to sleep, wake up the kids and have breakfast with them.
Time for coffee now !
I wanted to test the relative strength of a password policy. I wanted to run a password cracking tool over different passwords, from a dictionary based password (like Banana42) to a random one (generated with Password Safe). Creating users setting passwords and running different password extraction tools was a lot of trouble.
I found a detailed explanation of the MSCASH format. Here is how you make your own MSCASH hashes to do close to reality benchmarks of your favourite password cracking tool.
This Notifu update allows you to concatenate multiple /m and /p switches. It is usefull when a paramater to Notifu is feed by a program you have no control over.
For example, this command line now works :
notifu /p Concatenate /p " this" /m "Hello" /m ", " /m "World"
Nothing is added to your parameters. If you want a space, you must add it.
Note to self : Got to fix my release script… A simple update takes longer to post online than to code !
I fixed a bug in notifu that made it ignore quotes that were escaped with a backslash. For example, this command line works now :
notifu /m "\"Theo Est\" test@example.com"
Thanks to Sof for the heads up !
IBM WebSphere stores its passwords in files. Everybody does that and it is hard to do otherwise. When I am confronted with the problem, I usually say that the only option you have is what file you want a password in. IBM (in WebSphere) went a little further by applying a hardcoded XOR. Each caracter is XORed with the caracter ‘_’, and the resulting string is encoded in base64. This is not cryptography, it is just enough encoding so that a casual glance at the file will not reveal the password.
If you have access to security.xml and need to know the passwords it contains, compile and run this tool. It supports :
grep -i password security.xml | waspassYou can get the source from my Subversion server with this command :
svn co http://src.paralint.com/spikes/waspass/trunk waspass
I am also posting the full source inline, just to show off that cool javascript code parser I just installed…
When ever I teach cryptography to beginners, they are confused with what you can do with the private and public key, in an asymmetric cryptographic scheme. I start by saying the your private key never leaves you, no matter what. No exception to the rules.
To help with the rest, I made this chart.
| Operation (below) key used (right) | Public key | Private key |
|---|---|---|
| Encryption (done by the sender) | Encrypt a message for an individual (that “message” is often a symmetric key) | Generate a digital signature (encrypt a document hash) |
| Decryption (done by the receiver) | Verify a digital signature (decrypt a hash of the message) | Decrypt a message destined to you (that “message is often a symmetric key) |
The colors in that chart indicate operations that are related to each other. To put it in words:
But most students need some time to reach the asymmetric cryptography enlightenment. When they do reach it, I have to convince them that it is not the silver bullet it looks like. I found that remembering this chart helps them cram study for an exam.
Hope this helps !