Archive

Archive for November, 2010

PE Explorer from Heaventools Software Wins 2010 Epsilon Award for Software Excellence

November 21st, 2010

Heaventools Software’s PE Explorer was named the winner of the 2010 Epsilon Award at the tenth annual European Software Conference.

The Association of Software Professionals (ASP) is a sponsor of the European Software Conference. And Heaventools Software is a developer member of the ASP.

Every year, the Epsilon Award recognizes the best software program from the European software and microISV community. Programs are nominated by software developers, a peer-review process that ensures that only the highest quality software is considered for the award.

PE Explorer is a software development application that lets programmers view, edit, and reverse engineer EXE and DLL files. In addition to inspecting the internal processing of your own software, PE Explorer lets you look inside third-party Windows applications and libraries.

PE Explorer makes it simple to open, view, and edit EXE, DLL, and ActiveX controls, as well as SCR, CPL, SYS, MSSTYLES, BPL, DPL, and other executable files, including files that run on the MS Windows Mobile platform.

Simply select a file to examine, and PE Explorer analyzes the file and displays a summary of the PE header information, as well as all of the resources that the file contains. In addition to being a powerful resource editor, PE Explorer includes an API function syntax lookup, a dependency scanner, a section editor, a UPX unpacker, and a built-in disassembler.

For more information about PE Explorer, visit http://www.heaventools.com/.

The eleventh annual European Software Conference will be held in November, 2011 in London, England. Additional information about the Epsilon Award, and about the European Software Conference, can be found on http://www.euroconference.org/ or http://www.microisv.eu.

News, Uncategorized ,

Laptop Security

November 15th, 2010

I recently bought a used laptop for travel (called TRV), hardware redundancy, and use as an additional screen. Since I only paid $150 for it ($250 after a display upgrade), I can afford the dollar loss if the laptop is stolen and because it is redundant, it would not be a crimp in my ongoing operation.

However, during travel, I want access to what I need for customer support (ecommerce, past email correspondence, etc.). I also want access to my telephone book and website passwords. For about a month or so, I have been running my TRV computer with these kinds of app running on it. However, I was at great risk if the computer itself got stolen because of the data on it.

A second issue has come up this month, with the release of the FireSheep program. This is a password sniffer which can pull passwords from an unsecured wifi access point. Even more, it can hijack most sessions in an unsecured wifi access point because only the logon session is secured and not the entire session. These are not new vulnerabilities but the ease with which this can be done is alarming.

Websites and wifi access points can resolve the FireSheep vulnerabilities. Open relays used to be widespread but now secured access to SMTP is the norm. So too, secured wifi will likely become the norm as well. In the meantime (i.e. now), there is a risk using any public wifi using protocols that pass information in the clear.

I have now resolved both issues quite simply. Now, all of my apps run on my main computer. This computer never leaves my office. I then use remote desktop (RDP) to connect and have access to *all* my programs. There are no programs a thief can use to compromise me.

I have deleted my previous programs on TRV and then copied over a movie file to overwrite the sectors holding previous data.

To run RDP, the target computer must have Remote Desktop enabled (Computer Properties >> Remote Settings >> Remote >> Remote Desktop. I have to allow the less secure version because I am connecting XP to Windows 7. Even so, I have used a network sniffer to verify that the login is secure. I have not yet locked it down and will use

http://www.mobydisk.com/techres/securing_remote_desktop.html
http://articles.techrepublic.com.com/5100-10878_11-6166676.html

as guides.

To run RDP, enter “mstsc” in a Run command from the Start Menu. You may also find it in the Acce4ssorries folder in the Start Menu Programs folder.

I have a static IP address for my home system and have given it a domain name. Rhino Software used to offer a great, free service called DNS4me to ASP members but has decided to stop offering it. They are advising people at http://www.dns4me.com/ to consider http://www.dyndns.com/index1.html or http://www.no-ip.com/.

A downside of the RDP approach is that my laptop has essentially nothing useful on it unless it is connected to the internet. In particular, I cannot work on anything in an airline seat unless the airline provides wifi. I don’t expect this downtime to be a problem as having people in front of you recline their seats makes airline seat computing a dicey proposition anyway.

Annother issue with RDP approach is if you are using sound. For example, you want to use Skype. With RDP, the sound will go to main computer and then to the remote desktop, introducing delays and consuming bandwidth.

Articles, Uncategorized