Skip to content

Notifu updated, now with Vista support

Monday, February 4, 2008

Here is just a little update to my Notifu utility. It is a drop-in replacement (no new command-line switches) that features

  • Vista Home Premium and Vista Business support (same binary works on XP and Vista)
  • Better error handling on platforms that don’t support IUserNotification
  • Option to specify pop-up delay in seconds (/d 5 or /d 5000 will give you 5 seconds)

I updated the main project page. There are a couple of typos and the email link is gone. I will fix that sometimes this week. Click on the bitmap here or on the project page to download.

IUserNotification (Notifu) screen shot on Vista

Enjoy !

Filed in Updates, Windows | | Comments (0)

Remplacement GINA now allows force logoff, administrator exclusion

Monday, February 4, 2008

I was a little overwhelmed by the reaction to my custom GINA. The good thing about it is that it motivated me to put a better version out that addresses all the comments I had so far, namely :

  • Allow force log off without being a member of the administrator group
  • Allow an arbitrary group to be excluded from this GINA unlock policy
  • Show a notice that a custom GINA is in place

I also put up a permanent page for the project. It has better documentation and fancy graphics. Enjoy !

Replament GINA hooks Winlogon and MSGINA

Filed in Updates, Windows | | Comments (1)

Gathering entropy from children

Sunday, January 13, 2008

Here is a trick I found that solved an old problem: How can coin flipping ever be fair if only one person chooses head or tail ?

I remember Chrissy complaining about that to Jack in an episode of “Three’s Company”. Above the humour, I remember thinking about fair coin flipping back then, many years before I learned anything about cryptography.

The other day, I was asked the very same question by my daughter. Children are great entropy generators (you can tell by the mess they make of their toys). I found a way to solve the problem by having both of them part of the coin flipping. Well I don’t flip a coin. I hide it in one of my hands, behind my back. Here is how it goes:

  1. I lay out the outcome first. Something like “If you get the coin, you’re the one who take her bath first”
  2. I start shuffling the coin from one hand to the other, behind my back.
  3. One of them says “stop”.
  4. I leave the coin in the hand it was when I was told to stop.
  5. I show both hands (fists, actually) to my other kid, who gets to choose a hand.

(The entropy gathering is at step 3). If she gets the coin, she knows the outcome. No more “it’s not fair” complaints ;)

Filed in Cryptography, Life (the real one) | | Comments (0)

My name is Guillaume, and I want to be a hacker

Wednesday, January 9, 2008

I was reading the FAQ on how to be a hacker, from Eric Raymond. I recognized in me many of the hacker traits - maybe even some of the skills. But I use a handle, ixe013.

One thing for sure, I love to solve problems and build things. When I started this web site, I pondered what license should I use for my software, or should I even publish the source at all.

Speaking with a friend, he asked me in pure Covey style : "What are you doing this for ?".

I gave it some serious thoughts. And I remembered all the times open source software helped me solve a problem or learn something. I read the list of all the software I use, most are open source. It is the way I think, and what gives me the most inner peace. I think I have the abundance mentality deep inside me. Any other way than open sourcing everything with the least limitations as possible seemed arrogant to me.

I didn’t want to be arrogant.

To be arrogant, people have to know you. You can build an aura around you and impose it to others. To avoid that, the easiest way I thought was to conceal my real name behind the ixe013 handle. But it is silly. The time I spend concealing my identity (while voluntary leaving traces all over) will be better spent trying and learning to hack.

No more hiding : My name is Guillaume, and I want to be a hacker.

2008 is going to be a big year. Not to mention the time I will spend trying to hack ;)

Filed in Life (the real one) | | Comments (1)

Unlock any user’s session without losing data or killing processes

Saturday, January 5, 2008

UPDATED Feb. 2nd 2008 : There is an enhanced version out, with better code, features and documentation.

A friend of mine wanted a special group of users to be able to unlock a workstation without losing any data. Putting those uses in the administrator groups was not a solution, because the default behaviour of Windows was to close or terminate every process and give the administrator a brand new session. Fast user switching added some tricks, but in the end there was no way to recover an open document with modifications in it from a locked Windows workstation.

The project has its own page now. If you are a computer historian, read on for the original first release.

(Continued)

Filed in Security, Windows | | Comments (14)

Denial of service on Vista using Resource Monitor

Saturday, January 5, 2008

Microsoft wants you to run with lower privileges. They went out of their way in Windows Vista. You are a member of the Administrative group in Vista, but you the group is for deny only in your token. When you elevate, you get a new token without that deny group. Just like an administrator removing its newbie mask.

But I don’t run Vista like that: I run it the hard way. I am a regular user, and in the rare cases I need it, I switch over to another account that has administrative privileges. I disabled user account control (UAC) alltogether.

If you’re like me, try this 2 step trick to render you Vista slow or completely DOS (denial of service) depending on CPU and memory.

Save you work before you try this, you might have to reboot…

Bring up the task manager with CTRL-SHIFT-ESC. Click the “Resource Monitor”. Watch your screen flicker as your CPU goes up and your battery goes down…

Filed in Windows | | Comments (3)

Getting the username from a desktop handle (HDESK)

Wednesday, December 19, 2007

I was struggling with an strange error message, trying to retrieve a username from a desktop handle (HDESK). The Windows function LookupAccountName would always return error code 0×534 (that’s 1332 in decimal). Looking it up with GetLastError gave this :

No mapping between account names and security IDs was done

It would have happened with a Windows Station handle (HWINSTA) also. It turns out there is a sensible and documented reason for that. But since I had to found out the hard (as in fun) way, I am posting it here.

If you are familiar with the ways SID (security identifiers) are handed out when you logon, here is the reason straight up :

The SID associated with desktops and window stations is not the SID of the logged on user, but the logon SID, a SID generated at logon time that identifies exactly and only this logon session. No account name is mapped to this transient SID, hence the error message.

Still confused ? Read on.

(Continued)

Filed in Security, Windows | | Comments (0)

Lettre d’opposition à l’introduction d’une loi DMCA au Canada

Saturday, December 8, 2007

Il y a présentement un mouvement d’opposition à l’introduction d’une loi semblable au DMCA américain. Le mouvement “Online Rights Canada” (ORC) a un outil qui permet d’envoyer une lettre à votre député ainsi qu’aux Ministres Prentice et Vermeer.

Cette lettre d’opposition à l’introduction d’une législation DMCA canadienne n’est disponbile qu’en anglais. Voici ma traduction de la lettre.

Vous pouvez utiliser l’outil d’envoi de courriel en ligne du site ORC et copier-coller cette lettre à la place du texte anglais suggéré. Vous pourrez ensuite l’imprimer et l’envoyer par la poste.

Je vais faire suivre le texte aux responsables du site, en espérant qu’ils puissent l’intégrer directement à l’outil.

(Continued)

Filed in En français | | Comments (0)

GSSP - Java self study reference links

Tuesday, November 27, 2007

This page contains links to useful, free content to prepare to your GSSP certification. I gathered these links as I was preparing for the exam myself.

Start by reading the exam blueprint here. All the links below are shown in hyperlink and in full text, so you can study with only a printed version of this page.

This page is probably not enough to pass the test. You won’t get by just by learning everything here by heart. But it will help you get your study started and quickly find the areas you need to focus on.

There are topics I do not cover. It’s not because they are not important, it’s just that I skipped over the stuff I was most familiar with. It doesn’t mean it’s not important !

Good luck …

UPDATE : I passed the exam, I am a certified GIAC Secure Software Programmer for Java ! That means that I have more letters to put after my name than my name contains ;)

(Continued)

Filed in Security | | Comments (0)

Counting on your 1024 fingers

Monday, September 24, 2007

Last week I went to a conference given by Mathieu Hébert. He was showing off, and somewhat teaching, his ability to do mathematical operations on his fingers (article in French), using each one as a binary digit. Ten fingers makes for 1024 combinaisons, allowing to represent number as big as 1023 since it starts with 0.

Many numbers in the linked article are wrong, stick to your calculator for accuracy…

The idea is rather simple, though having thought of it in 1940 is really avant-garde. The Z1 computer was built only a few years before !

If you look on the Internet, you will find many resources showing how to represent a number on your fingers. What was cool was his ability to add, subtract, divide and multiply just by fiddling his fingers. He identified some patterns and he reproduces them at each calculation step, without really knowing what number he is at. When he is done, he just reads the binary number back in decimal for a usable answer.

If you have bc, set obase=2 and give a try. Start by reprenting easy, one-handed 2-bit numbers, like 10, 20 or 24. Then add one bit on your other hand, with numbers like 74, 84 or 88. You should see a pattern right about now…

Come up with a few numbers and represent them on your fingers. Aim for accuracy, not speed. Then start to look for numbers around you: license plates, subway car number, the time or date. You are surrounded by numbers…

I am at the point of trying to do simple operations. Subtracting looks like the easiest one to do. M. Hebert is 86, and he would like for his tricks to survive him. I will try to whip up a tutorial - my laptop was stolen, so all my other projects are on hold.

Until then, I give M. Hébert a 48 (that’s two thumbs up, in binary) ;)

Filed in Math | | Comments (0)