pointertovoid

In the cases I consider it's completely a matter of computation speed on double floats. Did you (or someone else) check whether the compiler indeed uses the Sse or Mmx instructions when the programmer writes like double s[], a[], b[]; int i; for (i=0; i<max; i++) s += a*b; or if more detailed indications are necessary? It's not just a matter of the compiler knowing an instruction set. Here the compiler must make some formal transformations which are sometimes easy (here they're), sometimes far less.

Thanks Glenn9999! So, what shall the programmer write so that the compiler uses the Sse or Avx?

Hello dear friends! How do programmers make use of the Sse and Avx? A - I imagine it could be only through the call of library functions that are programmed in assembler. B - Or the programmer could give some (pragma) hint and write a source that suggests strongly how to compile. C - Or, if the compiler is smart enough (Visual C++ impressed me in the Pentium-1 era), it could analyze the source code and detect when loops are parallel enough and produce the faster binary. Example: double s[], a[], b[]; int i; for (i=0; i<max; i++) s += a*b; could be compiled (with additional parity tests on i) as: for (i=0; i<max; i+=2) {s += a*b; s[i+1] += a[i+1]*b[i+1];} if the target machine has the Sse, and with i+=4 if the machine has the Avx256. So what does the programmer need to do, and how autonomous is the compiler? Thank you!

I don't have my copy at hand, but expect a matrix inversion function to be given in "Numerical receipes in C, second edition" https://en.wikipedia.org/wiki/Numerical_Recipes usually programmed cleanly, with proper tests and for good accuracy. Programs copyrighted. The third edition is in C++, I don't have it. The GNU scientific library must be free of rights, and Wiki tells it offers linear algebra https://en.wikipedia.org/wiki/GNU_Scientific_Library Since it's meant as a library, integrating it (or cutting if really needed) must be easy. Most books for scientific programming should give such a function.

Grazie Jaclaz, thanks Phil! It will take me time before I try. I must first reinstall a trustworthy system before any attempt on the bricked disk.

Hello nice people! Recently, two Ntfs volumes were bricked separately by two Xp here. Nothing tragic, but it would be comfortable to recover the files - and it's a good opportunity to train. Live Linux Cd see some files on the Ntfs volumes, but complete subfolders are missing. The subfolder names still exist in the parent folders. The first time, I let Xp try to boot and "recover" the Ntfs errors, which was a mistake from me, since thereafter even Linux saw even fewer files. This time I avoided any "recovery" by Win. So: What software do you recommend to recover the files? Preferably running on W2k or Xp, easy to use. Thank you!

- A Cf card is, generally speaking, an excellent idea for such a machine. Much faster, silent, cold. - Depending on the disk host (often the southbridge) the access may be limited to Pio4, or Mdma2, or Dma/33 and so on. - BEWARE your Bios may very well limit the size of the disk! My Pentium 120MHz limits the boot disk to 4GB, but with a Pata-to-double-CF I could use an 8GB card as the second disk and supposedly more. Win95 and later have separate drivers to access the disk through sector number BUT my Bios uses CHS. Maybe the Bios could boot Win BUT this laptop also wants a hibernation file or volume and this fails even after days of tinkering. Partitions don't help that. - CF as disks are less than obvious! And I have no experience with that particular CF. - One common problem is that many CF use Udma only at 3.3V but the host works at 5V. That's the most important to check on your CF model. - Your CF is an MLC unless a miracle happened. Personally, I restrict this use to SLC CF because (1) they write faster (2) they're more reliable. - BEWARE the Transcend 300x that were excellent (up to 8GB, not 16GB) are now made of MLC, possibly by Transcend themselves. - I've bought several SLC CF used on eBay, and under heavy load (paging file, OS, data) they performed well. - The Pata-to-CF adapter seems uncritical. Generally, if you achieve a normal Win installation from the Cd, your system is likely to work. If you copied an existing installation from a mechanical disk on a CF (+boot) it may seem to work but fail later.

In my experience, Ntfs and Fat32 are equally fast for all uses, except when searching for a file through many subfolders, where Ntfs shows a significant advantage. Go Ntfs because: - It protects the files. Combine that with a poweruser session (or normal user if bearable), so that you can't destroy system files so easily when surfing and catching a malware. - It is less likely to lose data.

I have somehow in mind that, for Xp (not 2k), the F6 host driver files can be brought during the installation on a diskette or on a Cd, but I didn't investigate that. Is there anything true in it, or just wrong memories from me? Anyway, Windows and the drivers do offer standard methods to integrate the driver files in an install Cd, without using nLite. It is "explained" by Intel in one textfile of the driver itself. I didn't try to understand it up to now.

Meanwhile I've had an other Mlc fake of the TS8GCF300, slow on small accesses (which Transcend doesn't guarantee) but within specs on big writes, and now one more typical Mlc fake; small on small accesses and much slower on big writes than on big reads. This measure (click to enlarge) is made by Atto on a Sata-to-Cf adapter which gives excellent results with authentic TS8GCF300. I aligned the Ntfs on MiB boundaries, hence optimum for Flash cards. Again, I can't tell whether an other manufacturer achieved to mimick perfectly the aspect of Transcend's cards and print on the edge a serial number existing at Transcend, or instead if Transcend has enough disrespect for its customers to make its own fakes. For sure, this item doesn't even meet the specs.

Hi, it's true that the intended discussion resembles more a monologue, and includes more topics meanwhile. Perhaps my reasoning makes it clearer. Elsewhere I read that some programmers use the system clock and random() as a nonce for a stream cipher through EAS CTR and got horrified, as should everyone with some crypto background. Stream ciphers are known to be extremely difficult to program without introducing deadly weaknesses, and most dead ciphers are of stream type: RC2, RC4... Knowing that this mode brings no advantage over codebook or chained block modes, I wonder why the AES standard introduced it - and even, if this was meant to lure programmers into weak ciphers despite the core AES is considered safe. In addition, it's well know that the system clock should not be used for cryptography, and the random() generators even less so. Though, this is exactly what was recommended elsewhere. Then I saw the webpage by Chris Veness http://www.movable-type.co.uk/scripts/aes.html which does everything that shall not be done: stream cipher and system clock and random(). That author tells "as an example"... I can't decide whether this is a case of a programmer ignoring cryptography who imagined he could do it, or if a governmental agency offered this free model to be copied by as many programmers as possible to sabotage the encryption. Seasoned cryptographers wouldn't even consider any one of these, but as it seems, some (many?) programmers have just taken Chris Veness' horrors as they are, and programmed real web pages like this. Cryptographers wouldn't need a practical attack to stay away from what smells unhealthy, but well, I wanted to check how easy an attack is. Hence My query, which still stands, about the ease of programing it;My strongest warning against copying the frenzy from Chris Veness' page - also against the CTR more and using the system clock and against random();And a first description of a plausible attack against computers with an empty battery, when I imagined it.Cheers!

One additional worry is for computers whose mainboard battery is empty. Some won't start then, but many do and reset their clock to a fixed date like 01 Jan 1970. Encryption made not much later after the computer started would then get a limited set of system dates - the same set every time. Imagine a system time upated 18 times per second: from t+1min to t+5min, it provides only 4320 different dates. This may be less immediately exploitable by an attacker because it needs to hear more communications before some can be read - not necessarily the interesting ones - and works only for computers with an enpty battery, but it demands no intervention at all, no protection to break, nothing. Statistically, the attacker has to hear only 66 encrypted messages before having good chances that one pair (which he can't choose) uses the same system time for encryption. We are very far here from secure cryptography, for which experts seek risks like 2-128 to get broken. An attacker with economic goals can perfectly target millions of computers, among which many have an empty battery, and after few weeks he will have a wealth of collisions among the stream ciphers and be able to read some ciphertexts with valuable information.

Be reassured I'm interested in participating! It's just that I do too many things in parallel. Just checking what runs or not on Seven took me a day. Discovering the added protections on Seven, the Xp mode and the Dos Box, trying to assess what Paint Shop Pro and Oxford-Hachette do wrong - that's an awful lot of new information. Add that my new installation of Xp is already bricked, that my Internet data volume was exhausted, plus all the normal (I mean, computer unrelated) acitivites...

Many thanks for the hint to UAC which, as a W2k user, I completely missed as you guessed. http://windows.microsoft.com/en-us/windows7/products/features/user-account-control http://windows.microsoft.com/en-us/windows/turn-user-account-control-on-off#1TC=windows-7 UAC is annoying for sure, but for people who have only admin accounts to do everything, it is an added security. And as MS puts: "In Windows 7, UAC is now less intrusive and more flexible" - understand: Vista users complained. I had begun to imagine that Windows could sandbox the applications that modify files or keys they shouldn't: say, Paint Shop Pro would modify freely its own excerpt of [Hklm], find the values again next time, but leave the common ones untouched. Though, this has drawbacks: for instance the associations of file extensions cannot be local to one application. Probably insoluble, at least difficult. ---------- Don't be too hard with the early Windows applications programmers. The change from Msdos to W95 was so huge that they were happy to achieve anything that ran. MS has recommendations for many things - so much that one can't read it all. How many people outside the Scsi community seriously imagined that sector sizes could one day differ from 512B? At the W95 time when protections were lower, normal programmers would easily bypass any recommendation about [Hklu] versus [Hklm] that might make a difference in some nebulous future. ---------- One additional hardware that won't run on 64b Win is my good and recently acquired scanner: Canon LiDE 80. I didn't even need to try, this is perfectly known on the Internet, as Canon supplies no x64 drivers. Blistering barnacles! Though, XpMode would be a solution to this too, according to one user. Possibly for the Bjc80 printer as well. Or I install the 32b Seven instead - but I wanted to jump at once to 64b.

It does take some action, but I understand it as an security advantage. Drivers use to run in kernel mode on a PC. They access the whole machine, for instance they can read and write a sector on a disk without passing by the file system and asking the OS the permission to handle a specific file. Or they can set the fan speed and voltages on your mobo, or reprogram the Bios - potentially destructive. A user process can't do that, so the user session protects your data and hardware. It's correct for an operating system to limit the paths from user-mode (generally linked with user sessions) to kernel-mode (used by the system and on some OS by the admin sessions). Win95-98-Me didn't, Nt4 and followers try to (see the many "elevation of privilege" in Microsoft's patch list). For such an advantage, I gladly open an admin session (or shortcut) every time I connect a new hardware.

I've carried more trials on RunAsDate, the tiny application that provides a fake GetSystemTime() to an other application like FdTach. I had used the v1.05 up to now, on Win95a-95b-98-98se-Me-2kSp4r1-XpSp3: even from a limited user session, it runs silently and permits the expired FdTach to run. 64b Seven does not accept the v1.05 of RunAsDate, but Nirsoft provides a v1.40 for W2k-to-8 http://www.nirsoft.net/utils/run_as_date.html I had to launch RunAsDate "as admin", and then I could designate FdTach which launched without complaining that time about the date. So 64b Seven at least demands a user action (really every time? Can the user be fooled about the action or goal?) but still permits to fool an application. If this application is a crypto software that depends on the system clock as a non-repeating number source, that's annoying. And anyway, many computers still run Windows Xp - plus all other operating systems: which ones do protect the clock? An Internet page running on an undefined computer cannot depend on this.

I've carried on more short trials about what runs or not on 64b Seven. Hardware: My Bjc80 printer doesn't, because Canon provides no x64 driver, and I couldn't install the i32 Nt nor 9x drivers. Or is there some universal driver? I bought the Bjc80 in 1996 but it's the best printer I've ever had.My noname Chinese Usb-to-parallel adapter works but the Bjc80 behind it doesn't: still lacking a driver.The Soundblaster Ct4810 (Audio on Pci) doesn't work for lack of an x64 driver.But my noname Chinese soundcard in a Usb connector does.My mobo (P45) has sound, but I don't see my interest in smuggling Kb888111 in my machine.Seven brings a Geforce 9800gt driver seemingly as efficient as from nVidia directly.The ich10r in Ahci mode officiates silently.Excepted the Oxford-Hachette Dictionary, language software has run: The Bibliorom v2 runs fine after my improved installation method.Cordial 2005=v11 runs as usual.The Diccionario de la Real Academia Española, 22a. edición = v1.0 on Cdrom, installs (20min) and works - just as slowly as usual: 5s launch and relaunch from an X25E on an E8600! Improve v2 please!Drawing applications: Paint Shop Pro 4 would work in an admin session if granting some authorisation at every launch, annoying. In a user session it must be unbearable. One more serious obstacle to 64b Seven, because it's the bitmap drawing application that launches instantly, does what I need and isn't bloated with features I don't want.Paint Shop Pro 6 would work in an admin session (run as admin there), but is supposedly annoying in a user session. Serious obstacle again.QCad 1.5.1 seems to run.TurboCad 9.2 seems to run.Other applications: Maple 7 looks fine.Namo 2006 too.Colin Mc Rae 2005 rushes easily.CPropepShell too - last update was for Win95.RunAsDate v1.40 could launch FdTach 0.903, but I didn't check if FdTach operates.A bit more about RunAsDate in the Web development thread about setting the clock...

The picture about Xp accounts is clearer now. Some older applications didn't care about multiple users nor file and registry protection as Win didn't offer any or was permissive then. On W2k, I defined "power user" accounts because they allowed such applications to run, without investigating the cause. For Xp, Microsoft legitimately tried to encourage the safer "limited user" accounts instead of the "power user". The control panel only proposes "limited user" and "administrator" accounts. MS also created a label for applications that would run from a limited user account. Though, computer manufacturers and individual installers observed that too many applications couldn't run from a limited user account, and consequently they create only administrator accounts, which goes against the security goal. ---------- On Xp, "power user" accounts can still be created and modified, by C:\Windows\system32\compmgmt.msc which offers more flexibility than the Control Panel. This permitted me to run the older applications as they did in W2k with the "power user" accounts. Less safe than a "limited user" if this were possible, but safer than defining only "administrator" accounts. One example of application that ran badly is Paint Shop Pro 4, because it tried to create new keys in [Hklm] which the limited users can't. I tried to grant to limited users the right to write in the registry section but only managed to brick my Xp, and its install Cd won't repair that.

SaposJoint is back after several weeks down. It was indeed a problem with the hosting company. Thanks for your sensible suggestion, Seraph! I hadn't thought at it, and was seriously worried about the forum's admin.

Happy that the fine people (which I like all) could settle their dantesque divergence of interpretation. £15 or 50€ are for an app... I like to own forever software I buy, use it offline (some computers never touch the Internet in my home), go on using it when the editor has disappeared or lost a trial - and the software should start in <<1s please. All that speaks in favour of older applications and against online apps. Paper editions too would cost some $40, but for six languages from several editors, I appreciate the Cd-rom weight. Quicker too because I use to write on a computer. Which leaves me with the v2 of Oxford at £343 (which one Amazon buyer could run on 64b Seven but with an error window at each start ), possibly some adapter stack (I have to try), or switch to Collins-Robert or to Harrap's.

I've searched for newer editions of the Oxford-Hachette Dictionary, and while paper versions cost $40, the v2.0 of the Cd-rom costs £ 343 (used) to £ 2200 (new) http://www.amazon.co.uk/Oxford-Hachette-French-Dictionary-French-English-English-French/dp/0198614225 this isn't a typo error. Other sites too want $500 for a cdrom. I'll check the competitors of Oxford-Hachette. The other aspects are that - I don't really see why a compatibility should be dropped. This application doesn't try to bypass the OS to access the hardware, since it runs on Xp. - I wanted to check how compatible 64b-Seven is, and that application was a test.

Maybe I should tell first what the attacker may try, then you see concretely what it needs at the webpage and tell me what is feasible or not. This attacker can listen the Web connection, introduce data on the connection, doesn't know the encryption key but wants to read or modify the encrypted data - this is what cryptography shall protect against. The crypting method, which I fear is extremely weak, uses data from the system clock, plus a call to Math.random(), plus an incremental block number, as a "nonce" which is encrypted by Aes using the key to create a pseudo-random stream which Xors the plaintext to create the cyphertext, because the programmer was influenced by http://www.movable-type.co.uk/scripts/aes.html as seemingly many were. ---------- Most pseudo-random generators use successive multiplications modulo 2^32, or sometimes a Fibonacci sequence modulo 2^32 - or on bigger numbers. They offer a means to set the "seed" or initial value, and the ones I know keep one single state for all the calls of all applications and users. That is, if the attacker wanted to know the value used by the crypto program, he would just call random() from time to time, and knowing the algorithm (if needed by observation) he would deduce which value was skipped from the sequence he obtained, hence given to the crypto algorithm. Or, depending on the crypto algorithm, he would read this value in the clear data send over the Internet. Then he could seed() the necessary value so the crypto algorithm obtains and uses always the same random() value. If necessary, the seed() value that results in a random() value desired by the attacker is easily computed. Or the attacker could himself use always the same random() value to let encrypt a cleartext chosen by him. Or he could regularly seed() the generator to some value so the crypto program gets always the same random() value. Or he could provide a fake random() function to be used by the crypto program, or even only by the own attacker's webpage. ---------- The system time is often defined in milliseconds by the software, sure... But the computer clock I observed was updated about 18 times per second, in increments of 50ms and 60ms. In other words: you would not get a time like 12345.678 seconds but only 12345.050 and later 12345.100 seconds. So if an attacker estimates when the crypto software calls GetSystemTime() to 10s accuracy just by listening to the connection, he knows the value among only 200 possibilities - that's not cryptography. With an estimate accurate to 0.5s the uncertainty is among 10 possibilities. And if the crypto software transmits it in clear (normally it should hash it) then the uncertainty is gone. Anyway, even if the "nonce" results from a hash, the attacker has to hash just 200 possible times and compare with the transmitted value to know what system time produced it. What then? The attacker could (can he?) set the system clock regularly to this deduced value, and then the crypto software uses always the same "nonce" - you know, the one that shall differ at any cost. Or he could set the system clock right from the beginning, even before the crypto software uses GetSystemTime(), again and again and always to the same value. That must be possible from a separate webpage (is it?). Or he could (can he?) provide a fake GetSystemTime() if the crypto software uses it. And even worse: if the attacker can let the browser use the same crypto software and key for its own webpage (the crypto software may ask the user's key again, "as a confirmation" or whatever) then he can encrypt the plaintext he choses, which ends the game. In that case, the webpage can more easily provided faked rand() and GetSystemTime() functions since they are for its own use. There are variants. The attacker's webpage could send often the encrypted chosen plaintext, so that one attacker's texts is probably encrypted at the same SystemTime() as the user's plaintext. This only needs to set the random(). Or the attacker's webpage could listen to the encrypted message, and later try a few SystemTime() to obtain the desired nonce to let encrypt his chosen plaintext. ---------- My knowledge about browsers, their protections, and programmation is rusty. Your input is precious, thanks!

Hello dear friends! On W2k I always defined one admin and several "power user" identities. This does bring some better security than surfing as an administrator. Trying to reinstall my Xp better, I defined my usual identity as "user" since I didn't find a "power user". Though, many applications work badly: window size and position not remanent, bookmarks forgotten, registry error messages when opening, and so on. It happens more on not-so-recent (=Win95) applications, but nearly all these work well on W2k with power users. Meanwhile I've allowed users to write in all program folders, in the "all users" folder, and more. It seems that the register's protection makes more problems, and there, editing the protections didn't help much - some keys should be recreated everytime, unprotecting the existing one doesn't help, or something similar. Is that a known issue with Xp? Are there remedies? I slowly grasp that people have some reasons to define only identities with admin privilege on Xp, but that's a serious loss of security.

Peeping into the dictionary's exe file, it tells "Oxford-Hachette Dictionary Application for Windows 3.x" "Copyright © 1994-1996" "pure virtual function call" but not a single known entry to a win32 dll. That looks more difficult. Seven offers a compatibility more for Win95+, and enough people want to run Dos games to justify a DosBox, but who on Earth should want to keep a Win3.x program? Virtual machine or Win3.x in the DosBox, yes... This begins to be a bit convoluted. A little bird tells me: much time and many trials.

So, could someone shed light about what a webpage can do or can't abou the clock and random()? I could make trials, but I programmed last time during the stdio.h era or little later, and have no desire to spend again all my time on programmation. Like: can a webpage supply a fake GetSystemTime() to the system or to an other webpage displayed by the same browser? [This can be necessary or not, depending on the attack scenario] The previous explanation was sort of long, but not every reader is supposed to be a crypto expert - a crypto expert would in fact need no explanation at all to avoid stream ciphers and computer clocks, or worse, both together.