jaclaz

...as well as the identity of the scumbag who took that photo of the police officer beating up the homeless guy, or of the government minister taking an envelope from a drug kingpin at a fancy restaurant... --JorgeA As often happens, unfortunately, the peep that wrote the title has not understood anything of the actual paper, which is essentially non-news. It is years (and pre-dates the advent of digital photograph) that in most cases you can link an image to the camera that took it. The concept is very simple, every camera has slightly different "signatures". In the case of film, the rolling mechanism scratched the film with a recognizable pattern or the lens had a scratch or a tiny optical defect that often allowed the match. With digital images, what is used is the pattern of "malfunctioning" or "errors/noise" of the sensor, this concept is as old as digital photography. What the paper proposes: is simply to use this known technique on public photos on the internet's social network accounts. Something that may well be "news" in the academic world, but that not represents in itself anything but a "way of use" of a known technology. The usually lower quality of images published on the internet+the various manipulations done either by the user before publishing or by the site (to resize/strip metadata/etc.) give to this technique a very low rate of certainty, and as such - as the authors correctly state - can be used at the most as a triage method: additionally (IMHO) the test image sets represent a scenario that is limited to a rather narrow hypothesis. The testing was made largely with a "many-to-many" comparison - as an example #3 is Flickr (93), Google + (70) - i.e. analyzing 93 images it was possible - still with a rather low confidence - to connect them to an account by finding the similar patterns on 70 "directly attributable" images. If either of the two sets is smaller (i.e. you fall in the few-to-many or one-to-many comparison) the accuracy lowers much. All in all an interesting use of known methods , but little more than that. jaclaz

That's an easy one , between April 27, 1997 and November 16, 1997: http://en.wikipedia.org/wiki/Area_code_425 as there was a transition period: ... but you know how the good MS guys may have privileged access to some information jaclaz

Sure, I know. The point I was trying to make is that the info in the above link is "partial". The ExclCRC and AutoCRC are not only inside an added sector at the end, there are TWO instances of them, one in a sector appended and one in a sector "inserted" at a variable address inside the .iso. If you prefer, UNlike what would have been "logical" the difference between a same .iso created with or without the -x switch is not just an appended sector. Just another case of the good MS guys using the secret 7 on the dice : http://homepage.ntlworld.com./jonathan.deboynepollard/Humour/microsoft-monopoly.html jaclaz

Possibly one of the hugest bumps in the history of msfn.org, but just checked, and the file is available through Wayback Machine: https://web.archive.org/web/20060915000000*/http://tacobell.iexbeta.com/longhorn/crc.exe Just for information, the output of CRC.EXE (version 3.0) on a valid .iso image created with cdimage.exe -x switch is: CRC Verification Utility, Version 3.00Copyright (C) Microsoft, 1992-1996100% completeAutoCRC signature for file TEST.ISO is 0x003D685EAutoCRC indicates the file TEST.ISO is VALIDit's output for the SAME .iso created without the -x switch (and that is 2 sectors, i.e. 4096 bytes, smaller) is: CRC Verification Utility, Version 3.00Copyright (C) Microsoft, 1992-1996100% completeCRC of file TEST.ISO is 0x8EE79268"Normal" CRC32 of the first is FFFFFFFF, whilst the one of the second is 8EE79268. In my test there is an inserted sector @Sector 321 and one appended at the end of the image. 322 sectors x 2048= 659.456 which in hex is 0xA1000. In other tests this "inserted sector" is in other places, like 0x6D000, or 0x29800 (I did only a few "random" tests to get the "feeling" of it). It would be interesting to understand how exactly this "inserted sector position is calculated/implemented, as at first sight it seems a "queer" behaviour, but of course the relevance of this piece of info for all practical uses amounts to 0 (zero). jaclaz

@vicvan Ok, just for the fun of it, I had a look at the matter. If you go here: http://www.betaarchive.com/forum/viewtopic.php?t=21823 AND read ATTENTIVELY the post by johnye_pt about hex-editing CDIMAGE 2.39 AND know that: AND know that 2K disks have not the "SIGNATURE" as the NT 4.00 have You have ALL the needed info to go ahead in your (futile) plan. After all it is not "impossible" at all (and not particularly difficult IMHO). jaclaz P.S.: some additional and only seemingly unrelated info posted here: http://www.msfn.org/board/topic/128122-crc-verifycation-utility-version-300/

You are welcome . jaclaz

With reference to this: http://www.microsoft.com/en-us/download/details.aspx?id=42774 which is related to this kb: http://support.microsoft.com/kb/2932079 it is IMHO not a patch for a vulnerability, it is a patch for generic stupidity. jaclaz

No. Yes. Learn about FOR /F with tokens and delims: http://www.robvanderwoude.com/ntfor.php http://www.robvanderwoude.com/ntfortokens.php You don't really need a temporary file. Namely: @ECHO OFFSETLOCAL ENABLEEXTENSIONSFOR /F "tokens=1,2 delims= " %%A IN ('bcdedit /enum all /v') DO (IF %%A.==identifier. SET %%A=%%BIF %%A.==description. SET %%A=%%BIF /I %%B.==grub4dos. GOTO :out):outSET identifierSET descriptionPAUSEIf you really want to create the text file, replace the FOR line with: bcdedit /enum all /v>C:\List.txtFOR /F "tokens=1,2 delims= " %%A IN (C:\List.txt) DO (jaclaz

JFYI: http://www.techtangerine.com/2009/06/02/ten-reasons-why-cloud-computing-is-a-bad-idea/ jaclaz

Now I see. A sort of drivers-pack integrated Windows 98 "universal" install media, right? jaclaz

Thanks. But my question was not really "can you provide a ton of random extra .inf's, enough to make DRVIDX.BIN grow beyond 2 Mb?". It was more like "WHY one would add a ton of extra.inf?" or "In which (I guess particular) condition does it happen that the .inf are so many to make DRVIDX.BIN exceed 2 Mb?". jaclaz

Good. Why don' t you share your batch? This way next user needing to do a similar chore may be abe to find it. jaclaz

Look, I know that being a Mod on MSFN grants you special privileges , but allow me to doubt that you are authorized to write "MS" and "sense" in a same sentence. Remember that MS employees can use the secret seven : http://homepage.ntlworld.com./jonathan.deboynepollard/Humour/microsoft-monopoly.html jaclaz

It makes no sense, however (please read as IMHO an exercise in futility). However the 2.27 is the actual version used in original Windows 2K CD, according to a few sources. That version never leaked AFAIK, and in any case they are really-really for Microsoft Internal use only. Non-news: http://www.msfn.org/board/topic/18396-helpi-need-cdimageexe-version227/ jaclaz

May I respectfully ask what is the final scope of "bombarding windows with tons of extra INF files"? And what do you mean by "tons"? Can you post an example? jaclaz

Sure you can delete a sub-key. Basically you list the sub-keys of a given level (to get their names) piping the results in a FIND or FINDSTR expression and then proceed to delete them. The REG.EXE utility can do that fine. Examples: reg query HKCU\Software\Microsoft\Clipbook\ /s reg query HKCU\Software\Microsoft\Clipbook\ /s | FIND "Auto" http://www.robvanderwoude.com/ntregquery.php The point is different, however. Accordingly to the given resource, the user/password is also stored in Credentials Manager. You need to verify this piece of info, using the GUI methods/tools suggested. jaclaz

Still IMHO better than submarine flying tanks from Bacteria or flying dreadnoughts from Tomania. jaclaz

Yep. Just as an example, imagine that the "private" company knows about your income, knows about your politicla preferences and culinary tastes, can identify you online and filters your search results "pushing to the top" what you "should" like according to them. Are you really-really going to (say) page 38 of google results to find the first non-pushed article/site/resource/whatever? (and this provided that they just don't remove altogether what according to them might not suit you) Well, again, normally the GI are the "good guys", and directly or indirectly they are (or should be) controlled by *someone* (the people you contributed to elect to the Government), at least in theory. A "private company" has normally three points in it's agenda: money more money yet more moneywith "ethics" between 12th and 38th place . Having access to your habits, tastes, etc. is not a good thing, you personally may be technologically evolved enough to be able to deal with the traps that they may lay before you, bit the vast majority of people may be not. You are I believe confusing the technology with the "principles", the British intercepted (and opened with some steam from a teapot ) or simply kept letters sent by the US representatives all the time, it is called "spying" or "intelligence", nothing has changed much. Here is an example of a letter that President Washington might not have wanted to fall in the hands of the enemy : https://web.archive.org/web/20071111224808/http://www.clements.umich.edu/Spies/letter-1781may29.html (of no particular relevance from a military standpoint, though) jaclaz

I am notoriously personJ, no prob here. And I have one word for you: http://www.imdb.com/title/tt0061722/quotes?item=qt0282091 pssst, come closer, yes, like that: httrack jaclaz

Ah, well, if you say so. I guess that the several thousands (or more likely tens or hundreds of thousand) people that *somehow* managed to make in the 15 years since Windows 2000 release working install CD's using mkisofs or *any* version of CDimage or OSCDimg must have all been tricked into believing they installed Windows 2000 successfully from a CD. Just in case: http://homepage.ntlworld.com./jonathan.deboynepollard/FGA/put-down-the-chocolate-covered-banana.html jaclaz

@sumix8c About your hfslip on Altervista issue, it seems like it is "yours only", I can reach it fine: http://hfslip.altervista.org/ http://hfslip.altervista.org/index.html Have you tried through a proxy? jaclaz

@Flasche You may have not read "The Dead Past" by Isaac Asimov, a short story written in 1956, which I recommend you to read: http://en.wikipedia.org/wiki/The_Dead_Past In the immortal words of Thaddeus Araman: jaclaz

Because they are frank and honest with their customers? (just an idea ) jaclaz

Well, a lot of people is unhappy with the fact that the NSA (or other three or more letter Government agencies) are capable of snooping on your private life and communications. Some are even upset by the fact that with a Court Warrant this is actually legal. BUT, after all, these are the "good guys", and - mainly - they are in good faith. Imagine that the one snooping on your habits is Microsoft or the company you work for (or just the geekish IT guy in it). No, it's not going to end well. jaclaz

Sure it is compatible with XP (I believe only with SP3), but how many people have Office 365 running on XP (and how many people have a Lync Server) outside - maybe - a large enterprise? jaclaz