IDA 5.1 and Virtual PC 2007 released

Posted on 2007-02-22 by Oliver

Finally IDA 5.1 and Virtual PC 2007 have been released. I wrote about IDA during the beta-phase and I promise to write some more stuff (probably) the next weekend.

Virtual PC 2007, just like its predecessor Virtual PC 2004, is freely downloadable and comes free of charge. Although it is inferior to VMWare in several aspects, it seems there is one point where Virtual PC 2007 is better than VMWare … the support of VMX on 32bit hosts. However, I’ll have to verify that and will turn back to you with more information about it once I have it.

// Oliver

Posted in EN, Reversing, Software | Tagged | 2 Comments

Die sind schon da … wann dürfen wir endlich auch?

Posted on 2007-02-15 by Oliver

Wie einige vielleicht schon wissen, stamme ich aus der Gegend der deutsch-polnischen Grenze. Ich höre jetzt schon einige sagen: “Na hoffentlich ist das nicht ansteckend!”. Ich kann euch beruhigen, bisher habe ich noch niemanden mit diesem Problem angesteckt. Als Nachbar, lernt man natürlich auch einige Ticks – und eben die Sprache des anderen, wenn auch vergleichsweise oberflächlich – kennen. Einige aus der Gruppe der “einigen” von oben wissen ja vielleicht auch, daß ich inzwischen in Island lebe. Man muß nicht viel dazu sagen wo, denn in Island gibt es praktisch nur rund 300000 Hanseln und das schließt uns Ausländer schon ein. Davon leben etwa zwei Drittel in der Gegend um die Hauptstadt (Quizfrage: die heißt wie? :mrgreen:).
Continue reading

Posted in /dev/null, DE, Island/Iceland/Ísland | 2 Comments

Some knew it, others found out recently.

Posted on 2007-02-11 by Oliver

Since Corrine put it up so nicely I am not going to add anything for now. Maybe later. LS has finally trouble with the tax authorities. My Swedish is not good enough to translate it ad-hoc and I also lack the time. Therefore thanks to Corrine for the nice write-up.

The gist of the text was quite well matched. Here are the links to the original (Swedish) articles from Göteborgs Posten:
1. It-bolag har stora skatteskulder (IT-company has tax debts)
2. Det luktar skunk på Lavasoft (This smells “fishy” with Lavasoft)

Yes, it smells indeed,

// Oliver

Posted in EN, Lava-watch | 5 Comments

Fairness, where fairness is due

Posted on 2007-02-08 by Oliver

In this article back in November 2006 I complained about the way the security flaw was reported. This was apparently fixed. So in I think it is only fair to publish that fact here as well.

My apologies for the delay, some friends made me aware of the changes only recently.

// Oliver

Posted in EN, IT Security, Software | Leave a comment

Bugfix release 1.1.1a for DDKWizard

Posted on 2007-02-07 by Oliver

Only some cosmetic changes and one real bugfix, of a bug that would cause confusion for users, were made. The bugfix concerns the Win32DLL project type. The 1.1.1 release did not have the line
DLLENTRY=DllMain
which was supposed to be in the SOURCES file. Please add it yourself of simply update your version using this bugfix release. The effect without this fix is, that your DllMain will be ignored and the linker will use some default one.

Fetch the new release here.

Next planned features are compatibility with Mark Roddy’s DDKBUILD and some enhancements of the DDKWizard setup. I’ll probably include a page where the user can set the (DDKBUILD) variables for the installed DDKs and the installation directory will not be variable upon update/upgrade of an existing installation (probably that step will be skipped completely). Also on the page with the variables there will possibly be a download link for the currently supported DDKBUILD flavors.

// Oliver

Posted in DDKWizard/DDKBUILD, EN, Programming | Leave a comment

Eeek, the WDK build introduced a nasty change in behavior …

Posted on 2007-02-07 by Oliver

Today I noticed something very unpleasant when I tried to build a project that was initially created with DDKWizard with the WDK instead of the WNET DDK.

Only one .rc file is allowed per directory. You may however include one .rc file in another.

Eeek, that is nasty. Guess what, the WNET DDK builds it without any complaints. Not well thought, MS … 🙁

// Oliver

Posted in DDKWizard/DDKBUILD, EN, Programming | Leave a comment

Problems when upgrading F-Prot 3.x to 6.x?

Posted on 2007-02-04 by Oliver

The F-Prot 3.x uninstaller of the Windows version has apparently a glitch. Due to how Windows works, this may lead to a blue screen if the driver entry in the registry was not removed during an upgrade to version 6.x! To mitigate this issue until the next version is released, use the fix described here before you reboot the system after upgrading from F-Prot 3.x to 6.x!

// Oliver

PS: The next release of the 6.x installer will be aware of the issue and incorporate the fix.

Posted in EN, FSI/F-Prot, Software | Leave a comment

DDKWizard 1.1.1 released

Posted on 2007-02-04 by Oliver

Today I released DDKWizard 1.1.1 – fetch it here.

This version brings “only” some improvements and corrections over 1.1.0 and nothing sensational 😉

  • Introduced new project type Win32DLL, the purpose should be clear from the name.
  • The manual got an FAQ section now.
  • Correction of some spelling mistakes and minor glitches in the projects being created.

Enjoy,

// Oliver

Posted in DDKWizard/DDKBUILD, EN, Programming | Leave a comment

F-PROT corporate use version 6.0.5.1 released

Posted on 2007-01-29 by Oliver

Today, FRISK Software International (FSI) released in a not so surprising move – there have been rumors before – the F-PROT Antivirus for Windows, Corporate use which carries the version number 6.0.5.1, just as the recently released home use version.

Please provide FSI with feedback at the FSI forum or via the support.

// Oliver

Posted in EN, FSI/F-Prot, Software | Leave a comment

Der gemeine Isländer …

Posted on 2007-01-27 by Oliver

… auch bekannt als Homo sapiens stinkfischessus, scheint allgemein – und, das überrascht, auch in den eigenen Reihen – als dumm angesehen zu werden. Während man sich bei kulturellen Eigenheiten wie dem Essen von Gammelrochen, Schafseiern und Grönlandhai (Hákarl), dem Tick per-capita die Besten in allem zu sein und ein scheußliches Gesöff namens Brennivin zu mögen noch auf die Sozialisation im Land und die kargen Verhältnisse in Ísland bis zur Mitte des vorigen Jahrhunderts stützen kann, zieht dieses Argument in Sachen Bildung nicht mehr. Denn da schneiden die Isländer nicht so schlecht ab. Bliebe also die Frage wie es kommt, daß dieses eigenwillige Völkchen in den Weiten des Atlantiks von anderen für dumm verkauft wird – und, viel schlimmer, sogar aus den eigenen Reihen?
Continue reading

Posted in DE, Island/Iceland/Ísland | 2 Comments

IDA 5.1 Beta 2

Posted on 2007-01-27 by Oliver

Yesterday Ilfak released the second beta of IDA 5.1. Not only have several issues been fixed, but also were the IDC symbol and kernel function introduced as described in the updated blog entry from a few days ago.

// Oliver

Posted in EN, Programming, Reversing, Software | Tagged | Leave a comment

Some IDC scripts uploaded (update)

Posted on 2007-01-27 by Oliver

On my website you can find some IDC scripts which have been uploaded just lately. Some are related to kernel mode reversing and some (MFCxx.rar) at user mode reversing. Please find them here.

Update: If you downloaded the scripts before, please download the new version and apply it. This should possibly catch some of those functions which have been imported several times and not optimized to one import by the linker.

// Oliver

Posted in EN, Programming, Reversing, Software | Tagged | Leave a comment

F-Prot updated to version 6.0.5.1

Posted on 2007-01-25 by Oliver

For those not having noticed it, F-Prot 6 for Windows was updated lately. There are several fixes included so it is highly recommended to update. Please be aware that after the installation you will be asked to restart. So consider this when scheduling the update.

Soon to be released is the corporate version as slipped already out on our FRISK forum. QA comes first, though.

Enjoy,

// Oliver

Posted in EN, FSI/F-Prot, Software | Leave a comment

IDA 5.1 Beta 1 (updated).

Posted on 2007-01-22 by Oliver

Last week Ilfak released the first beta version of the upcoming IDA 5.1. I am one of the lucky ones who get to test IDA in beta stage already. And since everyone should know how I love IDA – a.k.a. the best disassembler in the world – I want to present some of my personal highlights of this beta Continue reading

Posted in EN, Reversing, Software | Tagged | Leave a comment

Da sieht man’s wieder …

Posted on 2007-01-05 by Oliver

Dieser vorauseilende Gehorsam ist ja mal wieder hanebüchen … und natürlich wiedermal die Kommentarfunktion deaktiviert *grummel*. :mrgreen:

Naja, wie dem auch sei, ich wollte Mathias ja eigentlich nur sagen, daß er sich als vorbildlicher Bürger auch einfach den Bundestrojaner installieren könnte, anstatt in seinem Beitrag scheinheilig seine Erotikbildersammlung auf Laufwerk P: zu verschweigen – so könnte sich das MfSdie GeStaPodie StaSider Verfassungsschutz nämlich selbst überzeugen und muß nicht auf die Worte jedes potentiellen Terroristen oder Amokläufersnormalen Bürgers vertrauen.
Continue reading

Posted in /dev/null, DE, Gedanken | 1 Comment

Problems with DDKWizard? (2nd)

Posted on 2007-01-05 by Oliver

Some days ago I asked you whether there are some problems with DDKWizard. The reporter of the alleged bug at that time has never responded and may never respond. However, I heard from a friend, that the installation of some .NET 3.0 wizards screwed up all other wizards. So if the reporter of the “bug” has done the same, this could be an explanation.

But again, without more details I can hardly do anything. Or maybe it was a (bad) joke?

// Oliver

Posted in DDKWizard/DDKBUILD, EN, Programming, Software | Leave a comment

Attempted money laundry?

Posted on 2007-01-05 by Oliver

Looks like the terrorists have done it again … these must have been terrorists, right? … trying to find out how far you can stretch the truth and get through …

Meeeee-ouch :mrgreen:

Posted in /dev/null, EN | Leave a comment

How to contact AutomatedQA???? (update)

Posted on 2007-01-03 by Oliver

I am trying to contact them since I am interested in buying AQTime, but three trials to contact them failed seemingly. What does it take to get through to the info or sales alias of their domain??????????????

Any clues?

Update: As can be seen from the comments, contact was meanwhile established. Thanks to those at AutomatedQA helping to establish the connection. I also have a license meanwhile and will start blogging about my experiences soon.

// Oliver

Posted in EN, Software | 4 Comments

Update to ddkbuild.cmd

Posted on 2007-01-03 by Oliver

I updated ddkbuild.cmd once more so it has turned version 7.0beta5 now. There is a fix for the treatment of build output in Visual Studio 2005 as described in “Memo to self: VS_UNICODE_OUTPUT” as well as some enhancements for the PREfast output and so on. So grab your copy if you are a user of the .cmd version.

// Oliver

Posted in DDKWizard/DDKBUILD, EN, Programming | Leave a comment

Memo to self: VS_UNICODE_OUTPUT

Posted on 2007-01-03 by Oliver

Since I lost the link already more than once I’ll use my blog as memory-extension :mrgreen:

In the NTDEV mailing list, there was lately a thread discussing problems of using a wrapper such as DDKBUILD around the build utility and compiler of the DDK/WDK. The problem surfaced with the WDK (Vista/Longhorn DDK) and VS 2005.
Continue reading

Posted in EN, Programming | Leave a comment