Wikipedia:Reference desk/Archives/Computing/2009 January 14

Computing desk
< January 13	<< Dec | January | Feb >>	January 15 >

Welcome to the Wikipedia Computing Reference Desk Archives
The page you are currently viewing is an archive page. While you can leave answers for any questions shown below, please ask new questions on one of the current reference desk pages.

January 14

Synthesis study?

Alright, I'm a nineteen year old college student, and I'm looking forward to a career designing and marketing analog synthesizers/guitar pedals. At this point I'm assuming a major in electrical engineering will be enough to help me realize my goal, but are there other fields I ought to look into? Kenjibeast (talk) 01:21, 14 January 2009 (UTC)[reply]

Unlike a lot of digital stuff which is just as commercial as sneakers, analogue stuff is now more then ever in the realm of real enthusiasts. Like Moog Music and Dave Smith Instruments, it's a dying breed, increasingly rare, some people might try to talk you out of it, not me, I own an Andromeda A6 and I love it.. I've found the communities based around these synths to be amazingly open and friendly. My honest opinion is shoot some emails to Dave Smith, or moog or Alesis / Numark or who ever else you can think of, and I wouldn't be surprised if you get the info from the horse's mouth, so to speak.. Vespine (talk) 03:06, 14 January 2009 (UTC)[reply]

The trouble with audio enthusiasts is that they are quite frankly mostly idiots trying to prop up the dying remnants of a golden age. The claim that analog is somehow magically better shows zero understanding about what's really happening in terms of signals, frequencies, etc. The idea that analog synthesisers and pedals will continue to have this bizarre cult appeal - and especially making an entire career around - it is a bad decision. If you want to be in the music business longer than the next one or two cycles of gear - get into analog AND digital AND software. Even modern analog equipment (such as the latest Moog stuff) is controlled digitally and with software. The effects you can produce with digital circuits and computer software are quite literally unlimited - you can do things with digital filters and delays that are quite impossible with analog techniques. So long as your sampling rate and bits-per-sample are high enough, you can always beat the quality of an analog system and reproduce precisely everything it does - and you can do it cheaper and more effectively. By all means learn the old-school stuff - but if that's all you learn, you'll be out of touch with the cutting edge before you're 25. SteveBaker (talk) 16:57, 15 January 2009 (UTC)[reply]

RIJNDAEL/AES and them Endians

http://en.wikipedia.org/wiki/Advanced_Encryption_Standard#Libraries says: "Care should be taken when implementing AES in software. Like most encryption algorithms, Rijndael was designed on big-endian systems. For this reason, little-endian systems return correct test vector results only through considerable byte-swapping, with efficiency reduced as a result."

I've spent several hours googling and haven't found much details on the issue. Does this return different results on big vs. little endian systems?

http://74.125.113.132/search?q=cache:QzXSa4SyBKEJ:www2.mat.dtu.dk/people/Lars.R.Knudsen/papers/rijndael-statement.pdf+rijndael+AES+%22big+endian%22+%22little+endian%22&hl=en&ct=clnk&cd=2&gl=us says "Absence of arithmetic operations: the description of Rijndael does not make any (hidden)assumptions on the coding of integers as a sequence of bits. One of the advantages of thisis that Rijndael is immune for so-called big endian/little endian confusion and conversionproblems."

So does AES/rijndael return different results or run at different speeds on big vs. little endian? Are you ready for IPv6? (talk) 02:24, 14 January 2009 (UTC)[reply]

Good catch. The basic message of that para from "AES#Libraries" is false. The "For this reason..." does not follow. As the Knudsen paper says, the algorithm does not care about endianness. Nor is there anything in Rijndael to indicate what it was designed on. -- Fullstop (talk) 02:48, 14 January 2009 (UTC)[reply]

Byte-swapping doesn't take that long anyway; on x86 it's just one instruction - bswap [reg] --wj32 ^t/c 05:50, 14 January 2009 (UTC)[reply]

So you're sure rijndael will return the same result on big endian vs little endian systems? Are you ready for IPv6? (talk) 10:57, 14 January 2009 (UTC) Anyone know??? Are you ready for IPv6? (talk) 16:23, 15 January 2009 (UTC)[reply]

If implemented properly, of course it will obtain the same result; the warning you saw was about care in that implementation. If you're writing your own, you'll want to check the results against a known standard as part of testing it anyway. --Tardis (talk) 03:32, 18 January 2009 (UTC)[reply]

Easy free wiki like database for personal local use. windows xp.

So I'm writing a setting backstory for something I'm working on and so far I have lots of characters and locations and lots of cross references, I've been thinking that creating a wiki for myself would be the perfect way to track all this info. It would be very basic, just a page for each person and location with links describing relationships and perhaps categories/tags, that's about it. a wiki would be perfect, dead simple to create new pages and dead simple to create links. I've downloaded mediawiki, and had a look at it and you have to get all web server running and all this stuff, I don't need it to be "online" or anything, I could do it with some basic html but it would take some mucking around which I'm reluctant to start since I'm sure there must be a basic application which pretty much does exactly what I'm after already. Does anyone have any ideas? Vespine (talk) 02:49, 14 January 2009 (UTC)[reply]

I've used MoinMoin for this sort of purpose. Specifically, I've used the Desktop edition, which is suitable for use on a single machine with no internet connectivity, which I think is what you want. I understand that the desktop edition is now an option in the main software. The main downside that I'm aware of is that the wiki markup is not the same as MediaWiki's, so any experience you have of editing on Wikipedia won't directly help.-gadfium 03:34, 14 January 2009 (UTC)[reply]

Page for MoinMoin Desktop edition-gadfium 03:41, 14 January 2009 (UTC)[reply]

This looks pretty cool, thanks for the suggestion, plus I already have python installed on my machine.. However, i've already hit a hitch trying to get this thing installed, and i'm trawling through the help and config files and I'm still thinking: surely there must be an easier way! all this command line configuration and installation, isn't there an app that just lets you create entries with links to other entries? That's pretty much all I'm after... Vespine (talk) 04:19, 14 January 2009 (UTC)[reply]

Actually!! you've helped me find what I was after, the problem was I wasn't 100% clear on exactly what I want in the 1st place, you've helped me realise what I need is listed on this page Personal_wiki, thanks.Vespine (talk) 04:27, 14 January 2009 (UTC)[reply]

Hard drive space

I'm getting a little nervous. I only have ~16 gb of space left on the main partition of my computer. This is just not a good thing. So I tried a little visual representation of my hard drive, via WinDirStat, and discovered to my surprise that almost 10 gb is unknown! Now what the heck could that mean? Where is 10 GB of storage capacity gone to!? How can I free up space on my hard drive?? I'm already running CCleaner to clear my cache, recycle bin, etc.. Thanks for suggestions and tips, and helping me figure out the unknown! --72.69.148.204 (talk) 03:21, 14 January 2009 (UTC)[reply]

I'm guessing here, but perhaps the recovery partition? You don't say what the total size of the HD is? If you're using CCleaner, you're already taking care of a lot of the buildup. If you're using a Windows OS, perhaps your System Restore area could be downsized. Of course, music, and videos (and to a lesser extent pictures) could be archived to CD/DVD to free up some room. Check to see if there are any programs that you're no longer using, some take up a great deal of space. Ched (talk) 03:53, 14 January 2009 (UTC)[reply]

wow ... completely missed link to graphic. obvious that I'm editing when I should be in bed. I must be on my way to wikiholic and in need of a wiki-break. Ched (talk) 05:02, 14 January 2009 (UTC)[reply]

Go to My Computer --> Tools --> Folder Options --> Show Hidden Files and Folders. Then go to the WINDOWS folder and delete all those $NtUninstall folders. That should save you about 400 MB ;).--K;;m5m k;;m5m (talk) 04:02, 14 January 2009 (UTC)[reply]

You do realize that 16GB is better than 25% of your C: drive? If you don't *need* 16GB free then I suggest you wait until you reach around 10%, say 5GB, before deciding to go on a delete-spree. If you really must free up some space, you could try seaching C: for files/folders of the name * then sort the results by size to see what the largest files are, then go down the list removing any that are unwanted. Getting rid of one or two forgotten DVD images is much faster than trying to recover 5GB from 10MB files. -- 74.137.108.115 (talk) 04:12, 14 January 2009 (UTC)[reply]

That space could be either taken up by System Restore backups or sparse files. The latter is more likely. Sparse files don't actually take up that much space on your hard disk though. Sparse files are common with torrent programs/other download apps. --wj32 ^t/c 05:54, 14 January 2009 (UTC)[reply]

IRC usage statistics

What statistics are available for the number of users globally connecting to all IRC networks over time? I get the impression that there are fewer people on IRC than there used to be, perhaps due to the rise in popularity of things like Second Life and instant messaging. Any pointers would be greatly appreciated – thanks. --Richardrj ^{talk email} 08:32, 14 January 2009 (UTC)[reply]

The website http://irc.netsplit.de would be worth a look, it has graphs and statistics going back a long way. Here's QuakeNet's usage graph showing a decline as a taster. Nanonic (talk) 09:00, 14 January 2009 (UTC)[reply]

Thanks, that's a great website. For most networks it looks like users reached a peak in 2004-05 and have been in steady decline since then. Unfortunately this graph combining stats for all networks only goes back two weeks; it would be good to have that data going back years. Thanks again for the link. --Richardrj ^{talk email} 09:14, 14 January 2009 (UTC)[reply]

Open a WDB File

STOP! BEFORE YOU ASSUME THAT I AM AN IDIOT, I AM NOT TALKING ABOUT AN MS WORKS DATABASE FILE!

The file name is WORLD.WDB.

I am playing the game LEGO Island.

I want to open the file and get stuff out of it, but everything i search for comes up with nothing. Can anyone help with this?  Buffered Input Output 14:22, 14 January 2009 (UTC)[reply]

You probably already know this, but anyway: Try to open it in Notepad - the file may be a simple text file, e.g. a XML file. If not and if it would be sufficient to recover some strings from the file, you could open it in a hexadecimal editor, e.g. XVI32. --Andreas Rejbrand (talk) 15:56, 14 January 2009 (UTC)[reply]

What kind of "stuff" are you trying to get out of it? --98.217.8.46 (talk) 16:46, 14 January 2009 (UTC)[reply]

Answering both responses. Neither notepad nor the hex editor work. I am trying to get music, pictures, and other resources out of it (i tried a resource hacking program, but those only work with executable files) for my own personal, noncommercial use. I've read that World of Warcraft uses WDB files to store the same kind of "stuff" i want to extract. Would a tool meant for WoW work for LEGO Island?  Buffered Input Output 17:10, 14 January 2009 (UTC)[reply]

It's probably encoded somehow. If you can find out how, then you can decode it. Are you ready for IPv6? (talk) 17:22, 14 January 2009 (UTC)[reply]

Well, without knowing anything about the file contents, it's hard to know what is likely. At the very least the files are all in there in some way that the program knows how to organize to get what it wants. They may be encrypted or encoded in some non-standard way. They may be organized in a very systematic fashion or they may not. They may be compressed, they may be not. You can poke around in a hex editor to look for file types one might recognize, but that's a crap shoot at best. It doesn't look like there is any easy, straightforward way to do it.

As for WoW—from what I can tell the WDB files that WoW use are just their own way of storing data. It is pretty idiosyncratic—what type of data, how long the columns are, etc. differs from file to file. More info here. I'm not sure there's any reason to think a WoW tool would work with Lego Island. --98.217.8.46 (talk) 00:49, 15 January 2009 (UTC)[reply]

If the original games programmers want you to get at stuff like that from their game, you'll find the information on how to do it all over the internet. If not, they'll smoosh it up in ways so complicated that you'd need to be extremely determined and have an awful lot of time and skill (and probably some 'insider' information) to even stand a chance. Since you are asking us - I presume you don't have the necessary skill & determination...so if you didn't find out how using a web search - you almost certainly can't do it at all. Every game is done differently - it's highly unlikely that Lego Island and WoW use the same tools even if the filename extension happens to be the same. SteveBaker (talk) 16:39, 15 January 2009 (UTC)[reply]

Question about Wikipedia database

is the wikipedia database one big file or does each page have it's own file? —Preceding unsigned comment added by 194.80.240.66 (talk) 15:30, 14 January 2009 (UTC)[reply]

You might find the Wikipedia Technical FAQ interesting. In general, however, database systems are not implemented with a file for each record (e.g. "page"), nor as a single file. --LarryMac | Talk 16:27, 14 January 2009 (UTC)[reply]

So how are they then if they are not on file or lots of files? I don't another option. PLEASE ANSWER —Preceding unsigned comment added by 194.80.240.66 (talk) 11:49, 15 January 2009 (UTC)[reply]

There is a logical schema for the Wikipedia database here. There is some information on the physical storage structure here. Gandalf61 (talk) 12:11, 15 January 2009 (UTC)[reply]

DON'T SHOUT PLEASE. The database itself will (usually) store the records in files, but the number of those files is not directly related to the number of objects (usernames, articles, edits, etc. in this case) in your application. --Sean 13:00, 15 January 2009 (UTC)[reply]

The "physical" arrangement of data into files is part of the role of a database management system (DBMS), in Wikipedia's case MySQL (although the MediaWiki software also supports using PostgreSQL). As far as the application (e.g. MediaWiki) is concerned, it is not a file at all, but a service which can be queried for (and updated with) data.

Generally, the DBMS will create a small number of large files for each database, unrelated to the tables and data within, and include complex algorithms to efficiently seek to parts of the file where the requested data can be found, rather than relying on structures supplied by the underlying filesystem. Some DBMSes provide functions to manually tweak this arrangement for performance or maintenance reasons, such as by assigning particular tables to a separate file, e.g. placing audit logs on a separate hard disk. - IMSoP (talk) 17:49, 18 January 2009 (UTC)[reply]

Websites

About how many websites are there on the internet? Of course, it is impossible to attain an exact figure, keeping in mind the rapid growth of the internet, but none the less, about how much? —Preceding unsigned comment added by 59.103.69.20 (talk) 16:20, 14 January 2009 (UTC)[reply]

Up to 188,000,000 depending on what criteria you use. See this survey for a more detailed breakdown. - Jarry1250 ^{(t, c)} 16:59, 14 January 2009 (UTC)[reply]

Duplicate Documents folder in Vista

Vista 64: In my folders view, I see 2 folders called Documents. It's not in the actual c:\users\name area, just in the area that lists:

• name
• public
• computer
• network ... etc.

anyone have any ideas on why this is showing as such? Both folders seem to have identical content, and one is not listed as a shortcut or anything. Ched (talk) 19:41, 14 January 2009 (UTC)[reply]

Oh well, asking here was worth a shot anyway ... lolChed (talk) 07:50, 17 January 2009 (UTC)[reply]

Backup algorithm question

I am planning on creating some sort of program or script to backup my entire Linux home directory to a USB hard drive once every couple of nights. It is supposed to create a "snapshot" of my entire home directory and erase the previous one it created earlier. But how I am supposed to go about it remains an open question. There are two very simple ways, both of which have drawbacks.

• Erase the old backup first and create a new one second. Drawback: If the backup fails for some reason, I am left with a snapshot missing files.
• Create a new backup first and erase the old one second. Drawback: Requires twice as much space, can also potentially create redundant, obsolete backup files.

So I have formulated a solution to backup each file separately, by first backing up the file and then erasing the old backed-up file. This would solve both of the above problems. But this is much more difficult than a simple copy and erase of the entire directory. So I have two questions:

• Is there a free, open-source program that does this for me already?
• If there is not, how do I go about creating my own? I think I know how to do it in Java, but C would be faster. Is there an easy Unix C API to get all files and subdirectories in a directory? Also, the program needs to be symlink-aware, otherwise it could get in an infinite loop upon encountering a symlink pointing to its own parent directory. JIP | Talk 20:23, 14 January 2009 (UTC)[reply]

Perhaps you could use tar to update an archive? (Technically it doesn't remove the old files, but you could manually do that on occasion.) -- 74.137.108.115 (talk) 20:57, 14 January 2009 (UTC)[reply]

I have only ever used tar to create handy single-file bundles of several files. man tar tells me tar knows how to update the archive by only adding new files and leaving old ones untouched. Because most of my important personal files, such as the 26000 pictures I have taken with my digital camera, seldom, if ever, change, this would be a good idea, but I would still want a solution that also deleted the old, obsolete versions after they have been safely replaced with fresh ones. JIP | Talk 21:03, 14 January 2009 (UTC)[reply]

Just a couple pieces of unrequested advice - A prudent backup strategy would have more than just one "generation", even if this might require more storage than you'd planned on using. You should also test your recovery process to ensure that it is at least as robust as your backups. Google something like "backup strategy best practices" for more. --LarryMac | Talk 21:18, 14 January 2009 (UTC)[reply]

Agree with LarryMac. Buy a second USB disk (and preferably third and fourth as well), and then

      for (each day you want to backup your files)
      {
          Use the disk with the oldest backup;
          Erase the backup;
          Copy your files;
          Store the disk at a different physical location than your house;
      }

--NorwegianBlue ^talk 09:04, 15 January 2009 (UTC)[reply]

JIP, you should use rsync. Although intended for remote (network) copies, rsync does fine for local copies too. And because it only copies the files that have changed since the last time you ran it, most times a copy takes a trivial time. Using its --delete option tells it to erase any file that has been deleted in the source (and not supplying that option means that the destination copy keeps that, regardless). So you'd do: rsync -a /home/jip /media/myusbdisk/tuesday Mimetic Polyalloy (talk) 12:57, 15 January 2009 (UTC)[reply]

I'l second the rsync recommendation, and point out another cool trick you can do with it: keep multiple generations of backup, but use hard-linked files to avoid storing multiple copies of unchanged files. Do something like

      rm -Rf /media/myusbdisk/backup_3
      mv  /media/myusbdisk/backup_2  /media/myusbdisk/backup_3
      mv  /media/myusbdisk/backup_1  /media/myusbdisk/backup_2
      mv  /media/myusbdisk/backup  /media/myusbdisk/backup_1
      rsync -a --link-dest=/media/myusbdisk/backup_1 /home/jip /media/myusbdisk/backup

...(only with some error checking added, please). This'll keep 4 snapshots (/media/myusbdisk/backup, backup_1, backup_2, and backup_3), but not need 4 times the space (unless all of your files change each time). BTW, this doesn't give you quite as much redundancy as NorwegianBlue's suggestion of using multiple backup drives, unless you combine it... If you care about your data, multiple drives, each storing multiple snapshots, is entirely reasonable. And if you update one drive every few days, one every few weeks, and one every few months, you'll be able to go back quite a ways if you need to (see SteveBaker's comments below). When it comes to backups, redundancy and diversity are both very good ideas. Speaker to Lampposts (talk) 07:50, 18 January 2009 (UTC)[reply]

I agree with NorwegianBlue's answer - except that it has a problem. If you trash an important but infrequently used file - but don't notice that you trashed it - then if you have three drives and back up daily - then after three days, the file is gone forever. So if you want to be truly secure, have longer term backups. Save a copy once a month - and recycle that drive less often. I also save annual copies onto DVD-ROM - so I have less frequent backups going back three years now - and I have had occasion to be glad I did. I also put files out on the Internet where possible. I have a web hosting service for my web site - and I check my linux 'home directory' into a 'subversion' repository on there as another backup. That's AMAZINGLY useful. SteveBaker (talk) 16:30, 15 January 2009 (UTC)[reply]

I created a 'subversion' repository for my home directory. Subversion is a version control system so it has some nice properties:

1. It only stores things that changed from the last time.
2. It allows you to restore individual files as well as entire directories or the entire thing.
3. You can restore the system to the state it was in at any time in the past...including files or even entire directories that you've deleted.
4. There are all sorts of web-based tools to let you examine what changes have happened and when - to make diffs of old and new copies of files, etc.
5. You can 'check out' the repository on some other computer - make changes there - and then make changes on your usual machine - and AUTOMATICALLY merge the changes from both machines back together into the repository.
6. Subversion is network capable - so you can put your repository on some remote machine so that if your house burns down you and destroys all of your computers and your USB drives and backup CD's - you can still get everything back.
7. You can even 'branch' your repository so that if you want a different version of it on your laptop and your deskside (or in the future - if you wanted a cut-down set for your Linux-based cellphone) you could easily do that and still keep track of changes in a rational manner.
8. Subversion is cross-platform so you can restore your files onto a Mac or a Windows machine if you need to look at files on those kinds of system periodically.

The main downside is that it can take up quite a lot of space if you are making a lot of changes to large binary files. But hard drives are insanely large these days - and with storage costing less than $1 per gigabyte - I'm not inclined to worry overly much. Generally, I can exclude those from the repository because I can usually recreate them easily enough...but YMMV. SteveBaker (talk) 06:59, 18 January 2009 (UTC) SteveBaker (talk) 06:59, 18 January 2009 (UTC)[reply]

Bypassing Passwords

My sister is using a log-in password and she has Windows XP. Also let me clear this point up, she is not banning him from using the computer forever he is on punishment right now and long story short she would like to know how he is bypassing the log-in password and getting onto MySpace? —Preceding unsigned comment added by 76.83.33.32 (talk) 22:16, 14 January 2009 (UTC)[reply]

Recently my sister put keeps changing the password on her computer so that her teenage son can't use the internet. Even though she has changed the password repeatedly she has caught him using Myspace. Firstly, how is it possible that he can get to Myspace or the internet without knowing the password? And how can she prevent him in the future from continuing to do this? —Preceding unsigned comment added by 76.83.33.32 (talk) 21:39, 14 January 2009 (UTC)[reply]

What "password on her computer" is she using, specifically? A log-in password? A router password? A third-party program? Or what? It's not clear to me what password she is setting, thus it's not clear to me what the issue is. In my opinion the best way to deal with it, assuming she is using Windows, is to set up separate user accounts with passwords, and make the one the son has access to have no internet access whatsoever. This is not so difficult to do, depending on the specific version of Windows she is using. --140.247.250.236 (talk) 21:48, 14 January 2009 (UTC)[reply]

(EC) Assuming this is a Windows PC . . . it's child's play to find and run a password cracking program, for example Ophcrack. How can she prevent it? Switch to a Linux based operating environment, perhaps? Although all her son would have to do is insert a bootable CD and run from that. Which would mean she has to reset the BIOS so that booting from CD is not possible. In which case he'll probably find another way. Sorry, but this sounds like a parenting problem, not a technical problem. --LarryMac | Talk 21:50, 14 January 2009 (UTC)[reply]

OMG she won't let him use the internet at all? Why on Earth not? My advice would be to put the computer in the kitchen or living room and allow the boy to use it as much as he likes where she can keep an eye on him. Trying to keep kids of myspace is futile and rather cruel, What about internet cafe's friends houses etc? The best way to keep kids safe online is to keep en eye on them and offer advice and guidance. But that's just my opinion. Theresa Knott | token threats 22:03, 14 January 2009 (UTC)[reply]

I suggest a BIOS level password, assuming the computer supports it. That way, he can't boot it from CD/DVD and use a password cracking program. Whatever keystroke the computer says to use to get into the BIOS at boot time, like Delete or F1, she can hit that to set the password. One warning, though, if she forgets her BIOS password she would be in trouble. StuRat (talk) 22:20, 14 January 2009 (UTC)[reply]

And then of course he could open up the computer and use the "clear password" jumper or just remove the CMOS battery for a while, etc. And then your sister would have to buy a lock to lock up the case, a decent one that he can't pick. But then maybe he could just saw or smash through it. --164.67.100.97 (talk) 00:20, 15 January 2009 (UTC)[reply]

Then it's time to consider adoption. :-) StuRat (talk) 06:28, 15 January 2009 (UTC)[reply]

Another suggestion is to take some item of hardware with her, like the keyboard and/or mouse, and lock it in her trunk, to make the computer unusable. Her son could buy or borrow replacements, I suppose. If he does this, she should take the whole computer with her (except maybe the monitor). StuRat (talk) 22:24, 14 January 2009 (UTC)[reply]

At the login screen if you hit ctrl-alt-delete a few times it brings you to a login box. Most people do not know this..but that can be used to log in to a hidden admin account. That admin account can have a password placed on it. To get to the admin account type "Administrator" then hit enter. You may have to try it with a small "a" instead of cap..not sure if it is case sensitive or not. I suggest doing that and checking in. Cause I doubt a kid would do any of the above. No offense guys. Rgoodermote  23:35, 14 January 2009 (UTC)[reply]

Is it possible that your sister didn't modify the passwords for *all* the accounts on the computer? There are (sometimes hidden--thanks Microsoft!) "Administrator" and "Guest" accounts, and the son could have created other accounts as well. To lock down all the accounts, navigate:

Start > Control Panel > Administrative Tools > Computer Management

Expand:

Computer Management (local) > System Tools > Local Users and Groups > Users

Then, for each account without a red 'X' _except_ your account, right-click, select "Properties" and check the "Account is disabled" box. If all the other accounts were already disabled then the son is using one of the other attacks listed here. -- 74.137.108.115 (talk) 23:58, 14 January 2009 (UTC)[reply]

If they have physical access to the computer - there is no form of security that'll work against a determined kid - period. I STRONGLY recommend putting the computer in the 'family room' - or the kitchen or wherever everyone hangs out. Treat use of the computer (whether for playing games, doing homework, web surfing, whatever) as a family thing, just like watching TV - so that the kid knows that someone will be looking over his shoulder from time to time. Hiding the computer away in some other room is simply asking for trouble of one sort or another. Locking him out of the Internet is unnecessary overkill - and in this day and age, it truly will cut the kid off from his friends and from the culture of HIS age - which will have results that are far worse (in terms of isolation, subsequent bullying, etc) than the worst that MySpace could do. SteveBaker (talk) 16:19, 15 January 2009 (UTC)[reply]

Signed Executables

Some executables like Microsoft Word (WINWORD.EXE) and Visual C# Express (VCSExpress.exe) are digitally signed (you can view the certificate in Windows Explorer or by seeing that it has CertificateData in its image data directory). Most Windows components, however, are not signed (explorer.exe, notepad.exe, rundll32.exe, many others). Why does Process Explorer say these are "verified", then, and how does it know these haven't been tampered with? Thanks in advance. --wj32 ^t/c 22:13, 14 January 2009 (UTC)[reply]

Just guessing: because Microsoft said so? The difference between "components" that ship with Windows and "programs" that are installed separately is that the former share the same trust as the shell that is (presumably) executing them since they were built at the same time. So, possibly the shell already knows what signatures these components should have, or perhaps Microsoft didn't bother since the certificates were probably intended to verify the software on install (and the components are already trusted/installed). Either way, you wouldn't want parts of the operating system showing as "unverified". It'd be interesting to copy notepad.exe, hex edit a string inside it, then run it to see if Windows still thinks it's "verified". -- 74.137.108.115 (talk) 00:12, 15 January 2009 (UTC)[reply]

Mmm... I tried that, and Process Explorer still said it was verified! Thanks for the suggestion! --wj32 ^t/c 11:13, 15 January 2009 (UTC)[reply]

When I go to Run... --> msinfo32 --> Tools --> File Signature Verification Utility, Windows confirms that all system files are signed. I'm not familiar with the intricacies of signatures, but when I also right-click on Explorer.exe and Notepad.exe and click on "Version," I see detailed metadata about the applications. To answer your second question, Windows has Windows File Protection (WFP). Whenever you remove a system file, Windows instantaneously replaces it with a new one. When you over-write one, a message box pops up informing you of the change and asking you to if you want to keep the modified file or replace it.--K;;m5m k;;m5m (talk) 12:29, 15 January 2009 (UTC)[reply]

That metadata can be easily spoofed. That's why we need digital signatures. Windows files don't have digital signatures (at least not the standard CertificateTable in the PE image data directory). --wj32 ^t/c 21:30, 15 January 2009 (UTC)[reply]