jaclaz

Actually, as always when someone mentions the goal, as opposed to the tool he thinks fit for it , thus avoiding the risk of slipping on a chocolate covered banana: http://homepage.ntlworld.com./jonathan.deboynepollard/FGA/put-down-the-chocolate-covered-banana.html I could also provide a link to: http://www.ecabinetsystems.com/ which may be of interest to you. If you are into woodworking AND you like the Sketchup approach, you may also appreciate this (maybe useful to re-arrange your workshop ): http://yda-online.com/shopmodels.htm jaclaz

You must be not married since many years , or you are not yet familiar with "marriage correct" jargon. those are not "unused", they are "saved for special occasions". You know, hypothetical things like "What if William and Kate invite us to Buckingham Palace for dinner?" You actually have to learn to live with the "saved for special occasions" stuff, as it might mitigate the otherwise disastrous "I have nothing to wear" effect . jaclaz

Sure , but that was exactly the reason why I posted about the article, the "recognized technology expert" seems like knowing actually nothing about the OS's he is so wisely commenting about (if not what MS marketing - not technical - department provided him with). He insists on the (flawed) argument (DEP, ASLR and UAC) that he mis-represents: and for which there is no rational, practical confirmation. However what I like the most is this part: The reported statement by Mr. Tyler Reguly, which is - I believe - accurate in itself carries to NO consequence whatsoever, and the "So" in the following sentence makes no sense whatsoever . I will make the SAME statement as Mr.Tyler Reguly, transposed to cars (instead of the usual Carpenter/Layman one). The above statement seems to me like leading (set aside the trucks off-topic) to the fact that the Beetle as a product was somehow "better" than the Pinto . And I presume that the manufacturers producing spares and accessories for the Volkswagen Beetle had also (and BTW still have ), all in all, a "better" experience than those producing parts for the Pinto. jaclaz [1] Of course this makes no sense, we are talking of cars and not of trucks (or of "mainstream consumer" Operating Systems, not "server" ones) [2] the total amount of Pinto produced is 3,173,491 [3] the total amount of VW Beetle produced is over 21,000,000, keeping the same, rough 1/7 ratio.

Just a guess, mind you, but the "underscore" in that name may be an "invalid" character. There are quite a few tricks one can play (at least on NT based system) using those "malformed" names, see (as an example): http://www.msfn.org/board/topic/131103-win-ntbt-can-be-omitted/ I presume that the "original" was Français.ini and *something* in your environment (codepage and/or Unicode and/or *what not*) makes it an invalid character. Cannot remember if 9x has the /x DIR option which would be the "right" way to deal with invalid characters under NT based systems. Possibly the easiest way is to access with a hex editor the actual directory entry on disk and change the offending character. Right now I cannot remember a suitable tool for Win9x usage, but if you cannot find any, just post and I'll have a look in the ol' toolbox for something that may do. jaclaz

Yes. http://homepage.ntlworld.com./jonathan.deboynepollard/FGA/questions-with-yes-or-no-answers.html There are tens (if not hundreds) of such tools. The most basic being dd. But - again - the "safe" way to image (and restore) is from outside the booted OS. You have been already pointed to: http://www.msfn.org/board/topic/157634-hard-disk-cloningimaging-from-inside-windows/ which contains a number of links to suitable tools. Personally, I would use "common" dd under Linux or if from a PE of some kind, any among DSFOK: http://members.ozemail.com.au/~nulifetv/freezip/freeware/ or the various versions of ports of dd for windows, a rather comprehensive list is provided here: http://reboot.pro/topic/15207-why-everything-is-so-dmn-diificult-a-web-quest-for-ddexe/ at least until you manage to understand which are the differences involved, and can judge the actual needs for a truly "forensic sound" image or the possibility of using less "strict" methods of imaging. jaclaz

I am not an expert on internation Law, let alone about authoritarian Governements, but here seemingly the point is more revolving about an extension of the Fourth Amendment and the need for "probable cause" ascertained by a Judge to emit the search warrant, see pages 11-12 of the Judge decision. Of course, it is entirely possible that the decisions of the Judge that emitted the original warrant were flawed, that he/she was "tricked" by false informations provided by the LE officers or that he/she was bribed or blackmailed, or pushed by the Government into releasing an otherwise illegal or simply unjustified warrant, but if we start thinking this, then there is no actual point of discussion, "All your bases are belong to them" . To recap. 1. Three letters US Governemnt agencies (and also the more letters secret ones ), three letters British corresponding ones, and most probably a whole lot of any number letters Governement agencies from all countries have seemingly the technical abilities to enter the global flow of internet communications (including e-mails) and process them the way they see fit, without having any legal authority to do so, and without being authorized by a Court (or by being secretly authorized by a secret court ) and possibly they also have some kind of access to the actual servers of the service companies (possibly with the complicity of the actual service companies) where these data is stored, no matter the actual locations of these servers. This is preoccupying. 2. A single case where a Judge of a (non-secret) Court determined that there were enough "probable cause" to emit a warrant to collect a single user data and another Judge (also of a non-secret Court) ruled that the particular warrant is valid and has to be interpreted actually as a (legal) subpoena, thus enforcing the warrant execution. This is (to me) normal, and also fair (according to common sense). In any case, even if you disagree with the above opinion, it would make a lot of sense to attribute to each a level of priority proportionated on the probabilities of each case to lead to generalized prejudice of freedom. If you prefer, there is IMHO no need to make a mountain out of a molehill, at least not until you have to go past (in this order) the Rocky Mountains, the Alps and the whole Himalayan chain. jaclaz

@submix8c @dencorso Sure, the difference is that the average user (considered demented by MS) is FORCED to have UAC in Vista and later. About DEP, there are some differences in XP/2003 when compared to VIsta and later, but more than that, on XP the default is "optin" (which implies a less wide use of the feature). But here we have to go back to the differences in concept between: vulnerabilityprotectionsecurityAs an example, the SAM (and Windows password) is of difficult (though possible) access. As such it is not (easily) vulnerable, and it is (relatively well) protected, but it provides NO security, as has been demonstrated by the use of very simple tools like (shameless plug ) PassPass or the whole generation of previous programs/tools to the same effect. This is (mainly) because the "security specialists" did their best to prevent access to the existing Windows password, and "forgot" (or implemented poorly) the protection for accessing to the system. If you prefer, they mistook the method with which they presumed the "hacker" will use (accessing/reading the existing password) with the actual goal of the "hacker" (accessing the system). If the hacker has physical access to the keyboard (but not to the actual machine) the only thing that can prevent him/her form accessing a Windows system is the BIOS password, not much different (for the practical purpose of accessing a system of which you know not the password) from having the password written in plain text in a .ini file . jaclaz

NOT exactly "like AUTOCAD", but Sketchup is exceptionally good at 3D. The "Make" version is Free (for non commercial use): http://www.sketchup.com/products/sketchup-make The tool went from a Commercial only version to have being bought by Google (and providing a Free version) to being re-sold, and the new proprietors also provide a free version but, understandably, push the Pro (Commercial) one. See also: http://en.wikipedia.org/wiki/SketchUp The interface/workflow is completely different from Autocad, but after a very little ( no more than a couple of hours ) time to get the hang of it, it is actually a very good usage paradigm, particularly for someone that actually learned to draw without CAD or that has some experience in building or prototyping. As a matter of fact it is IMHO much faster to learn and easier to use than any AutoCad or derivative. jaclaz

Not really "Centipede", but: http://www.topgear.com/uk/mercedes-benz/g-class/road-test/6x6-driven jaclaz

Not really. The actual Judge's decision, if you read it: https://www.documentcloud.org/documents/1149373-in-re-matter-of-warrant.html the decision clears the nature of such a warrant as "hybrid", giving it the relevance of a subpoena: It makes (to me) a lot of sense. jaclaz

Thanks a lot. You just gave me a very good comparison term to use with my wife about my having 5"1/4 drives and 14400 Modems/Faxes in the garage. jaclaz

Well, Mr. Tom Bradley has been busy lately , here is another recent article by him: http://windowssecrets.com/top-story/why-continuing-support-for-xp-is-bad-math/ The basic concepts are still the same old ones: since XP has not UAC, DEP and ASLR it is unsafe. Which of course (set apart - possibly UAC) does have some merits , at least in theory, as in practice we still have to see something malicious (unless I missed it ) that is effectively "defeated" by either DEP or ASLR (or by them alone). I am clearly missing something , however, in this: Who actually cares about "vulnerability ratings"? jaclaz

No. If a Partition is Primary, Partition=Volume hence PBR=VBR On BIOS: Bios accesses the MBR and the code in MBR (normally) chainloads the VBR (or PBR) of the active Partition. There are only two "pieces" of code: the one in the MBR (that chainloads the code in the VBR) - the MBR is first absolute sector of the hard disk and the BIOS loads it. the one in the VBR (that invokes the BOOTMGR loader)once BOOTMGR has been loaded, it has file access and goes on in the booting (reading setting in \boot\BCD and finally chinaloading WINLOAD.EXE). The ADK's bootsect.exe has been designed by the good MS guys to be used "online" and it should woork nicely from it, and it will effectively "fix" both the MBR and the VBR (or PBR) or bootsector or (on NTFS $Boot). But the point is (please do take some time to actually READ the provided thread AND links in it) that on UEFI/GPT the booting phase is DIFFERENT from the above and goes NOT through the MBR (which does not exist if not in the form of a "protective MBR") and not through the VBR code. jaclaz

If the long arm of the law can reach into other countries, then efforts by U.S. tech companies to grow their cloud services could be seriously impaired. (Hmm, maybe not such a bad thing...) --JorgeA Wait a minute. A line needs to be drawn somewhere. If someone submitted to the US Law is suspected of having committed a crime (and/or the crime took place on US territory) AND a Search Warrant is actually signed by a Judge, there is nothing "bad" about it, and it is not very different from the current, "normal" ways international justice agreements and treaties work, at least between countries like the US and Eire. The whole point about privacy was not denying access to e-mails in case of being suspected of a crime and along the lines of a search warrant from a Court, it was about three letter agencies free access to ALL e-mails of ALL people (not suspected of any crime) AND WITHOUT a Search Warrant issued by a Court of Justice (or actually existing but secretly issued by a secret tribunal of some kind). jaclaz

Sure, but still there are reasons why making an image offline is better/safer/foolproof. You have an added complication (at least for me) of being UEFI/GPT vs. BIOS/MBR. Cannot say if bootsect.exe is *needed* at all on those, and the related file is not BOOTMGR, but rather bootmgfw.efi, or maybe BOOTX64.efi, see: http://www.911cd.net/forums//index.php?showtopic=25596&st=0 AND links given in it. The bootsect.exe tool in WAIK (now called ADK) for Windows 8/8.1 contains (and can restore) the valid MBR and VBR (or $boot file on NTFS). The \boot\BCD is actually a Registry hive, which you will find if you open Registry Editor or similar Registry tool mounted as BCD000001 (on UEFI it should be \EFI\microsoft\boot\bcd ) As such it is "always open" when the System is online, and though there are a number of tools that are easier to use than BCDedit, most probably the safer way is still that of using BCDEDIT, using its export and import functions, but cannot really say which specific command sequences would be advisable. Please consider how the good MS guys made quite a bit of changes in 8 or 8.1, often adding switches/options to pre-existing tools, as you can see in the above thread about BCDEDIT, so be careful to look for information specific to Windows 8/8.1. In any case, doing a "forensic sound" image with the system offline is guaranteed to be an exact image, and as well restoring it guarantees that the restored disk or volume is identical to the original. jaclaz

The sequence involved in booting any Windows NT starting from Vista is the following (unless a third party bootmanager is used): BIOS->MBR->Active Partition VBR->BOOTMGR->\boot\BCD (and BOOT.INI if existing)->Screen choices->If a Windows Vista or later is chosen->Winload.exe I am not familiar specifically with "Native" VHD booting, but the files/sectors listed above are the first ones to check (if for any reason the Paragon tools or Macruim reflect changes any of them, this may affect the booting). It is also possible that the actual way you create the image causes the issue, if you are doing the imaging of an "online" system. Compare with this (seemingly unrelated) topic here: http://www.msfn.org/board/topic/157634-hard-disk-cloningimaging-from-inside-windows/ Next I would do an accurate check for (changed) NTFS permissions on the filesystem (which may possibly also cause a delay of the kind you are reporting). Next I would check the *whatever* driver Windows uses to do the "Native VHD boot" (cannot say which one it is ), but still this would come into play "later", so I doubt it can be related to your issue. jaclaz

NO. jaclaz

A good way to start would be to read the project title and description: http://en.sourceforge.jp/projects/sfnet_vcpu-64bit/ Gambas: http://en.wikipedia.org/wiki/Gambas http://gambas.sourceforge.net/en/main.html Now after you will have manage to "port" Gambas from the Linux environment to the Windows NT platform: http://gambasdoc.org/help/howto/windows then develop a few tens of new classes, headers and what not to interact with the new platform, you won't have any particular issue in making "compile them into dll libraries and create inf" Seriously, this is not something possible without re-writing a whole programming language (almost) from scratch. jaclaz

Good . I guess they could not do anything different after the news: http://www.usatoday.com/story/tech/2014/04/28/internet-explorer-bug-homeland-security-clandestine-fox/8409857/ of the actual Homeland Security advice: http://www.us-cert.gov/ncas/current-activity/2014/04/28/Microsoft-Internet-Explorer-Use-After-Free-Vulnerability-Being For the record (and ironically) the actual document that started it all: http://www.fireeye.com/blog/uncategorized/2014/04/new-zero-day-exploit-targeting-internet-explorer-versions-9-through-11-identified-in-targeted-attacks.html makes a clear distinction between the presence of the vulnerability (which is one thing) and the actual target of the existing exploits (which is another): in clearer words, people using Internet Explorer 6 to 8, though vulnerable, were/are not (yet) targeted, and thus their environment is/was more secure anyway. Also, unsurprisingly, the actual culprit (vector) seems to me - as often happens - the stupid Adobe Flash. jaclaz

Let me know if the idea is that I have to consider myself a codefendant or co-respondent in this trial so that I can put together a defense argument. (BTW, thanks goes to submix8c for not keeping his big mouth shut , squealer! ) jaclaz

I am surprised Tony Bradley (WHO?!?) And: http://bradleystrategygroup.com/about/who-we-are/ has failed to talk (besides with Mr. TK Keanini, Mr. Tim Erlin and Mr. Scott Kinka) with the reknown expert Armand Gracious http://www.msfn.org/board/topic/127283-experts-say/ jaclaz

I am pretty sure that if you ask (nicely) some of the resident programmers could put together a small plug-in (or whatever) that creates a little box which at random becomes a little green "OK" one. On average you will have the same (false ) sense of security that Norton Safe Web gives. but without any slowing down. Flippism is the solution. jaclaz

You could try in Qemu, though I seem to remember that the oldest simulated processor (on a simulate ISA machine) is the 486 Bochs surely has the 386 option: http://sourceforge.net/p/bochs/news/ though it seems like needs to be compiled expressly for this. jaclaz

You are not very convincing , you should SHOUT: FUD! jaclaz

Ok, I am missing evidently something. What is the reason why you cannot automate ProcessHacker via batch? ProcessHacker supports command line parameters (that's the essence of the link in my previous post). jaclaz