Software

Chrome goes 64-bit

Dave Farquhar Software ,

Google released a stable 64-bit Chrome today for Windows. You can download it from the main page by selecting the Windows 64-bit build. It upgrades cleanly over the 32-bit version.

It’s really fast but not always pretty. Read more

PDQ Deploy looks like an interesting tool for a Windows sysadmin

Dave Farquhar Software ,

I’ve been looking into ways to manage Java where I work, and I have some ideas, but wanted to see how other people are solving the same problem I’m trying to solve.

PDQ Deploy looks like an interesting solution for someone who needs to remotely push a lot of software packages but wants something cheaper than Microsoft SCCM that has an easier learning curve. In a small or medium-sized environment, it looks like something that could save server and desktop administrators alike a lot of time. The $250/year price per administrator doesn’t seem hard to justify in my mind.

I’m sure one thing that’s kept some environments from replacing Microsoft Office with something like Libre Office is the time and effort required to keep it up to date. PDQ Deploy would take care of most of that problem.

Since we have a large investment in other tools at work, I’m not sure PDQ Deploy is really the answer there, but I think it would be helpful for some people.

Windows Vista’s market share is growing. After seeing 8.1, I know why

Dave Farquhar Software, Windows , , , , , , , , , , ,

I installed Windows Vista last week. I need a legal copy of a supported version of Windows to use to VPN in to work and run the corporate Citrix client. Vista fit the bill. It’s better than 8.1, and it’s supported until April 2017. I always hated Vista, but 8 and 8.1 made me realize it could have been a lot worse, and on recent hardware Vista does OK. It still prompts you for admin rights too much and too slowly and makes you work too hard to click yes, but at least you can find stuff. Read more

Vuescan: A review from a non-photographer’s perspective

Dave Farquhar Software , , , , , ,

Vuescan is a third-party scanning tool for most versions of Windows, OS X, and Linux. It supports hundreds of scanners, including those abandoned by manufacturers. It’s probably better than what came with your scanner. The pro edition probably costs as much as your scanner too, but comes with lifetime free updates, so you know you’ll be able to use your scanner for as long as it continues to operate, rather than rolling the dice on manufacturer-provided drivers working with your next upgrade. And you can run it on up to four computers at a time, which is nice.

Full disclosure: I bought this software myself. I was not provided a copy for review, nor am I receiving anything in exchange for writing this review. Now that’s out of the way, and you don’t to have to guess about my motives. Read more

Microsoft releases EMET 5

Dave Farquhar security, Software ,

Late last week Microsoft released a new version of EMET. I’ve written about EMET before and I still recommend it. EMET 5.0 adds a couple of new mitigations, tries to be harder to bypass, and offers improved compatibility, so there’s little reason not to upgrade.

EMET does more than anything else I can think of to protect you from the many things that get past your antivirus software and firewall’s defenses, and it’s free. I can’t think of any good reason not to run it. Of course, the people not running it at all stand to benefit the most from it, but if you’re already running EMET 4.1, upgrading to get better protection is worthwhile, too.

How to fix Firefox–really

Dave Farquhar Software , ,

I’ve been having problems with Firefox for a while now–crashes and other odd behavior. I’ve put up with it for a while, but I shouldn’t have to. It turns out the fix is very easy, but non-obvious.

Mozilla’s documentation is abysmal. When you move stuff around for no reason, change your docs to reflect the move, so people can find what you’re talking about. Or better yet, leave well enough alone.

If you actually want to fix the problem, don’t fiddle with the menus. Do this:

  • Type about:troubleshooting in the address bar
  • Click “Reset Firefox” in the upper right corner Read more

The browser tradeoff

Dave Farquhar security, Software , ,

I probably ought to know better than the venture into the topic of web browsers by now, but since I stepped into it Friday, I guess there’s no point in staying in the shallow end.

The problem with web browsers is that they all require you to trade one thing for another, and if anything, that’s more true today than it ever has been before. Read more

Steve Gibson on Truecrypt

Dave Farquhar security, Software ,

Dan Bowman sent me this link to Steve Gibson’s analysis of Truecrypt, a suddenly dear departed piece of full disk encryption software.

The important thing to remember right now is that we still don’t know what’s going on.

Johns Hopkins cryptography professor Matthew Green is heading up an effort to audit the Truecrypt code. Last month he said the code could be of higher quality, but at that point he hadn’t found anything truly horrible in there either.

That said, his analysis of the cryptography itself is phase 2. Cryptography is notoriously difficult to do–even when cryptography is your specialty, you can get it wrong.

So it’s premature to declare Truecrypt 7.1 as the greatest piece of software ever written. Green did find some flaws that need to be fixed. As far as we know, right now Truecrypt is better than nothing, but the most important part of Green’s work isn’t finished yet. Green has said he is going to finish his audit of the code. He probably won’t find perfection. He may find a fatal flaw that makes it all come crashing down. More likely, he’ll find something in between. But until those findings come out, it’s all speculation.

Truecrypt’s license allowed someone else to come along, take the existing code, act on Green’s findings, and make it better. It’s called Veracrypt. But going open source doesn’t guarantee people will work on it.

Gibson’s page on Truecrypt is a good reference page, but his cheerleading is premature. Gibson is a talented software developer in his own right, but cryptography isn’t his specialty. At the company where I work, we use Truecrypt for some things, and until we know otherwise we are going to continue to use it, but we haven’t made any final decisions on it yet.

Update: Here’s an analysis by Mark Piper, a penetration tester by trade, who explains the history and the issues today.

The ultimate command-line ZIP utility

Dave Farquhar Software, Windows ,

I accidentally find Ken Silverman’s utility page from time to time and can never find it again when I want it, so if you need the ultimate command-line ZIP utility (KZIP), or the ultimate PNG optimizer (PNGOUT), to squeeze just as many bytes as possible out of your recompressed archives or your images while maintaining 100% compatibility, save this link. You’ll thank me later when you need it badly, like when you’re e-mailing an archive and it’s a few dozen bytes larger than your e-mail system allows.

Also check out his clever ZIPMIX utility.

What makes his approach to ZIP archiving special is that he emphasizes file size over speed. His software is built to take a few extra seconds to save a few bytes, if it’s possible to do so. Mainstream Zip/Unzip programs will still decompress his archives just fine; they just won’t match it for compression ratio most of the time. And in the rare event that they do, his ZIPMIX utility will take advantage of that. Just zip up the same files with both programs, then run ZIPMIX on the two archives. So Ken Silverman’s utilities win even when he loses.

I first noticed this phenomenon when using Info-Zip, when I found its -9 option produced smaller archives than PKzip’s -max option. The first thing I did was make sure PKzip could uncompress the Info-Zip archive I’d created. It did, so I never used PKzip to create an archive again. And every once in a while I find another tool that does better than the last best one I found. Right now Ken Silverman’s utilities are it.

I have an unusual appreciation of smaller archives. That’s because I’m old enough to have downloaded files over a 300-baud modem (but also young enough to remember having done so). Ken Silverman practices a lost art, and maybe there aren’t a lot of people left who appreciate that, but I still do.

When Linux is easier than Windows

Dave Farquhar Software , , , , , ,

A few months ago I bought a Gigabyte GA-Z77M-D3H to learn computer forensics on, because at the time I thought that was the direction my career was going. I dropped it into a neglected Compaq case and installed Linux on it, since most of the free forensics tools run on Linux. The current version of Debian loaded effortlessly and ran nicely, as you would expect on a dual-core CPU with 16 gigs of RAM.

Then my career went another direction. Today I analyze Windows threats and vulnerabilities for a living. That’s a better match for my experience and the pay is the same, so I’m perfectly fine with that. But my mind turned to that hotrod computer in the basement. I suppose I could still use it to learn forensics, but I probably won’t, so why not see how Windows runs on it and bring it upstairs? Read more