tansqrx

Another option that you might want to consider is Microsoft Virtual PC (https://support.microsoft.com/en-us/products/windows). It is similar to VMWare but is of course made by Microsoft and is free. I started out with Virtual PC but soon fell in love with VMWare. The price tag for VMWare is hard to swallow if the only thing you want to do is view your webpage.The above option is for VMPlayer which is different from VMWare Workstation. VMPlayer is like a read only version that only lets you run the OS and not create your own. Creating your own can be handy when some one has not been nice enough to supply you with an image. In any case Virtual PC is equivalent to VMWare Workstation as you can make your own OS image.In your case I would recommend the virtualization route. It would be much quicker than powering off your computer and rebooting for every single OS you want to test. Additionally you can have multiple OSes running so you can do all your testing in a matter of minutes and not hours. The major downside to this option is RAM and computer horsepower. Both Virtual PC and VMWare will eat your resources alive so you should have ample RAM and other resources.

Thanks but the requirement is not to have .NET on the target machine at all.

I am new to C++ but I do have a lot of .NET experience. I need to port an existing VB.NET application to native code because one of my production machines does not have the .NET framework installed. Unfortunately .NET can not be installed on this particular machine due to other restrictions.The current program creates a directory, extracts some embedded resources to that directory and then runs one of the extracted files on a periodic basis. The problem that I am having now is how do I create an embedded resource and then access it in C++? I am currently using Microsoft Visual C++ 2005 with CLR turned off. Any help would be appreciated as I have already searched Google for hours and came up with nothing.

I suppose that I am in a unique position where this is a very bad thing for me. I like to check my Yahoo! Mail from work but when I switched to the new layout it tries to sign me into Messenger automatically. This presents a problem for me as mail is allowed at work but any chat software is not. Every time my browser tries to sign into Messenger the request is stopped by the firewall. This might not seem like a big deal but my network administrators are on the VERY strict side and each time the firewall blocks something a log entry is made. Enough log entries and you get called to the principal’s office to get paddled. I don’t know about your but I don’t like the principal’s office.

In the past few months I haven’t had the need to create a new Yahoo! account (with several thousand I have been making by with what I have). Today was different and I decided to do it the dirty way and make the ID directly from the Yahoo! sign-up page. To my surprise the sign-up process has been redesigned and looks good. All of the same information is needed but the page will dynamically let you know that everything is filled in correctly. This is a great feature for us who use this feature regularly as nothing makes me more mad then filling out the entire form just to see that I misspelled the password verification. In addition to the dynamic alerts, new, better looking graphics have been added and a password strength indicator.I haven’t been through the process to see if YCC Bot Maker still works. I am assuming it still does as I haven’t had any complaints. Additionally it looks like functionality is still the same. If not Yahoo! usually leaves the legacy application running for several months before they completely change over. The next task is to see if all of the POST details are the same and see if this is a new version of the software. If it is new then there is always a possibility of new bugs.

Interesting. So what exactly is the problem? Is this a problem with Internet Explorer 7 and Visual Basic 6? I have Internet Explorer 7 and every Visual Basic install that you can think of and I never had any problems. Can you describe what I the problem that is being fixed in detail?

It looks like the update is being pushed out automatically now. I got a nice little pop-up today and I quickly and easily updated Messenger.

As a public service I decided to create a page that checks for this vulnerability. The start page can be found at http://forums.xisto.com/no_longer_exists/. On June 6, 2007 eEye (https://www.beyondtrust.com/?s=patch+Tuesday) security published a report stating the Yahoo! Messenger was susceptible to a buffer overflow. The next day a Yahoo! spokesperson let it slip that the problem was in the webcam ActiveX control that allows a user to display his webcam on a webpage. Shortly after that exploit code was published on the Full Disclosure mailing list (http://forums.xisto.com/no_longer_exists/). There are actually two different components that can be exploited, ywcupl.dll (Webcam Upload) and Ywcvwr.dll (Webcam Download). What to expect Here you can test to see if you are vulnerable to this particular exploit. Be warned that this may cause the following: ⢠Crash of web browser ⢠System becomes unstable ⢠Antivirus screaming bloody murder If you are vulnerable then your web browser should crash. I have found that it is more likely to happen in IE than Firefox. Ywcvwr.dll Runs Calc.exe This was the first proof of concept. It uses a fairly standard payload that starts the Windows calculator. ywcupl.dll Runs Freecell.exe The second proof of concept is certainly much more nasty. It will download a program from anywhere on the Internet and then run that program. In my example I download Free.exe and then run it. Free.exe simply opens a new process for the Free Cell Windows game. Free.exe is written in VB.NET so you will have to have the .NET Framework to run it. Certainly you could use your imagination and see that this is the ultimate exploit. References ⢠http://forums.xisto.com/no_longer_exists/ ⢠http://www.informationweek.com/critical-bugs-discovered-in-yahoo-messenger/d/d-id/1055907 ⢠http://forums.xisto.com/no_longer_exists/ ⢠http://forums.xisto.com/no_longer_exists/ ⢠http://www.securityfocus.com/archive/1/470861 ⢠http://www.zdnet.com/topic/security/?p=274

It looks like the fun may be over. Yahoo! has announced the release of a patch to correct the buffer overflow in the webcam ActiveX control. The official Yahoo! annoucment of the patch is located at http://forums.xisto.com/no_longer_exists/. This is a very quick turn around for Yahoo! as the exploit was only public for three days before a patch was issued. More detail can be found at http://forums.xisto.com/no_longer_exists/. The patch does require you to completely reinstall Messenger and has not been automatically pushed out as of late Friday on June 8, 2007. Since the patch is not automatic the fun may continue for at least a few more days.

This bug first came to light on Information Week’s website yesterday, June 6, 2007 (http://www.informationweek.com/critical-bugs-discovered-in-yahoo-messenger/d/d-id/1055907). The original research group is the well known eEye (https://www.beyondtrust.com/?s=patch+Tuesday), which said the vulnerability was serious and could lead to remote code execution. Since the original report it has also been posted by Computer World (http://forums.xisto.com/no_longer_exists/) that a separate research named “Danny” has released the exploit into the wild. In a follow-up today he also posted a second exploit. All of the discussions can be found at http://forums.xisto.com/no_longer_exists/.

This came out a few months ago but according to PC World (http://www.pcworld.com/), Microsoft One Care is the worst antivirus product you can buy. From http://www.pcworld.com/article/129521/article.html The best antivirus according to this report is Data Security's AntiVirusKit (AVK) (at 99.5%) which uses both the Kaspersky and Avast! engines. Microsoft came in dead last by only detecting 82.4 of the test viruses. The research firm that conducted these tests is av-comparatives.org which at no surprise can be found at av-comparatives.org. These results were from the February 2007 test and can be directly found at http://forums.xisto.com/no_longer_exists/.

Some how this doesn’t smell right to me. First off I have never heard of any of these sites. Second I went through most of the free listing and they all had the exact same listings. Third, the number of listing was pitiful (less than 200). I think I would be afraid that I was actually adding my site so a spammer’s address list.

To me it doesn’t sound that your current setup is too bad. I will be glad to take that process and board off your hands. The one that replaced current machine finally died so I am looking for a new “in the closet PC.” I run also sorts of things that do not take up that much processor power but needs to run all the time.I have a AMD 64 dual core right now and I am very happy with it. I got it about a year ago. I hear that Intel is currently the best game in town now. They have dropped their prices and the performance is better than AMD (I’m still a AMD fan). All in all it sounds like you are getting a pretty good deal.

An interesting post slipped through on Friday from the Official Messenger Blog (https://messenger.yahoo.com/). This is one of the few posts that has some meat to it and it basically outlines what the future of Yahoo! chat rooms are (the title is “Chat rooms: State of the Union”, I like it). According to Yahoo!, the entire backend of the servers has been rebuilt from the ground up. Hopefully they also incorporated security into their software life cycle which would make many of the common problems disappear. There is also a war against bots, and a MAC platform addition.Two quick commentary points. Perhaps this is why the current chat rooms have fallen into a state of disrepair. The developers were focusing on getting the new version going and simply neglected the current build. With the next version going live soon, the developer should be more focused in keeping the rooms in good condition. This brings me to my second observation. “Though Yahoo! is a big company with over 10,000 employees around the world, a very small number of them work on our chat rooms; in fact you can count them on one hand.” The last time I checked the most this could be is five. It looks to me that Messenger and chat is severely understaffed. With five people I will make the following guess: one is a graphics art person, one is a manager, one IT person, and two developers. With such a large footprint as chat has, it is hard to believe that this team has even had time to keep the servers running. I hope this is a good sign that chat will clean up but I will not make too many bets at the present.

Can you be more specific, I have no idea what you are talking about.

I have found that one of the best ways of getting by the password is clearing the BIOS. This is usually accomplished by one of the following:1. Take the battery out2. Short out a specific DIP pin. This usually called CMOS Clear or some other variant. This is usually near the BIOS itself but mileage will vary.3. Some times you will have to turn the computer on while the Clear CMOS DIP is shorted.4. You can also leave the battery out for a really long time (a few days).5. Any combiniation of the above.This of course will not get the actual password so this will not work if you are trying to be covert. The next time a person boots the machine, they will know something is wrong because there will be no password at all. You will also loose any changes you have made in your CMOS. I have never been a big fan of CMOS passwords because if you have physical access to the machine then it is only a simple matter of taking the case off to get rid of the password. My last machine was a little flaky so I had to reset the BIOS all the time so I had the DIP and procedure memorized.

I have been using Pidgin since it came out and I have had no problems at all with it. I would highly recommend it anyone who wants to talk across many networks. My biggest praise of Pidgin is the open source. Because I research Yahoo! a lot, the source has helped me out greatly.

I hate to keep bothering you but in regard to a previous request for SSL access (http://forums.xisto.com/topic/93099-topic/?findpost=1064369838), It doesnât appear to have been granted. I just logged in via Putty and it says

Ahhhh, ahhhh, ahhhhh. *Splat*…Sorry about that I now have to clean up my chair.I have been addicted to Starcraft for years and I still play on Battle.Net all the time. I knew they were up to something but I didn’t realize it was this far along. But on the other side of this they haven’t released a date so it may still be another year. Anyone remember Diablo 2?

It looks like this has mostly already been answered but I figured I would throw a little bit more on it.1. Label1.ForeColor = Color.Aqua as an example.2. Label2.Text = "First line" + vbCrLf + "Second line"The secret here is the vbCrLf (carriage return, line feed). One of my first problems in VB was finding the “/n” which this is it. Another way is to use Environment.NewLine. I think this is the perfered Microsoft way as this will be compatible across all platforms but I have never had any problems with vbCrLf.3. The way to inherit is to use the inherit keyword directly after the class definition. From my experience you should not have to use this very often. When I do it is usually creating a user defined control that is derived from a similar control. For example, a text box that already has a particular phrase in it.4. As said before most of the basics are built in. For some of the more exotic function you can use “Imports System.Math”.

I’m sure you already know this but as a reminder, MSN and Yahoo! can talk to each other now. I have several friends that are primarily on MSN but they are in my buddy list and we can carry on a conversation at anytime.

Since I posted my original comments I had a chance to do some packet sniffing. Apparently Web Messenger is nothing like I expected. It actually communicates very similarly to the traditional Messenger. I also have to take my previous assumption of Ajax back because it now looks like a Flash based application (.swf).The communication is done through a HTTP POST method that has the following payload.<Session ClientHash="xxx" SessionId="xxx-xxx" Channel="ClientPost" ClientCounter="43" ClientSeqno="43" Payload="yes"><Ymsg Command="6" Status="1515563606" Version="102" VendorId="402" SessionId="0">1^$User^$5^$recipiant^$241^$0^$14^$^a[#0B333Cm<font face="Arial" size="10" >Test of the system</font>^$</Ymsg></Session>On close inspection you can see that this is a YMSG 6 packet (the same of the regular Messenger). It also has the same payload structure such as 1 for current user, 5 for the recipient, and 14 for the message. The only big differences I can see is the Version is 102 and VendorID is 402.P.S. Another interesting fact is this is not protected by SSL (https).

Today Yahoo! announced a whole new way to communicate using Messenger. Itâs the âall-new Web-based Yahoo! Instant Messenger.â Ohh wait a minute, wasnât there already a web version of Yahoo! Messenger? Despite the fact that the official press release (https://yahoo.tumblr.com/) makes this out to be something completely new, a web version of Messenger has been around for years. I of course will be the first to admit that the old version was so bad that I would like to forget about it too. With the bad taste of my previous experience aside, I was egger to try out this new user experience. I was even more excited to see what it had under the hood and if this is the magic and mystical thing that has brought the servers down for the past few months. After logging in via the standard web password system I was greeted with a split view of my contacts on the left and a window on the right where my messages are displayed. To the top of the contact list is options for easily changing your status. When a new message is received, it is granted its own tab in the right window. The whole experience has a feel of refinement and some really good programming. As with other Web 2.0 applications, I believe Yahoo! is using Ajax. An interesting new feature is the history. Apparently now all conversation history is saved on the server just like your contact list. From the press release: âHereâs something I have been waiting to say for a long time⌠Yahoo! Messenger: Fast, Easy, Beautiful, and now with no download! Again, no download.â I will have to admit it is very nice but I canât say I will not be installing the next version of Messenger. Although the web version looks pretty it still can not do a lot of the heavy lifting. The two big features that are missing are voice and webcam. Arenât these two of the biggest features that distinguishes Yahoo! from the other major players? Another thing is this is still in the beta phase and it shows sometimes. While testing it out I had a few messages that were lost in the ether. I can see some use for this new toy but I will still be signing into my regular PC based application for the foreseeable future. I have on occasions had to use the previous web messenger and I will have to say that this is (at least) 30 times better. A few closing questions: ⢠Yahoo! posted previously that May 14 was going to be the day that the servers would stop acting funny. Is this what they were preparing for? ⢠Since the history is saved on the servers now, will we see a new version of traditional Messenger with the feature also? ⢠Will a new version of protocol be released for the history? ⢠And last but not least, what does this mean for security? Will this be another vector for bots and the like?

At one time I had SSL shell access to my account but not now. I presume I was dropped during one of the recent upgrades. I would like to re-request this for my account. I need to update my phpBB install and I would like to run the .patch file directly from the shell. I have done this in the past and it is the easiest way since I have several mods.

This is an interesting tid bit about the Yahoo! chat room problems. https://www.onmsft.com/ To be honest I am kinda scared. When a company has set a hard deadline to resolve âtechnical issuesâ I always get the feeling that something else is going to change. Maybe this is another protocol change or something specific to chat. On a personal note, I have noticed the problem getting slightly better over the past few days.