Re: About 3.51 release
Stuart Hemming wrote: It's more an issue of convenience. If I've got the files for 3.51.1 3.51.9 and 3.51.10 then windoze organises them in the order 3.51.1 3.51.10 3.51.9 if you used the format x.xx.xx then windoze would list them in version number order. And then it will break again when/if you exceed 99. And again if you exceed 999. And so on. So this is not a a real fix, it's just a postponing. And, BTW, this happens with every product I have seen. -- ..hggdh.. Current beta is 3.51.10 | 'Using TBBETA' information: http://www.silverstones.com/thebat/TBUDLInfo.html IMPORTANT: To register as a Beta tester, use this link first - http://www.ritlabs.com/en/partners/testers/
Re: Error Only one usage of each socket address (protocol/network address/port) is normally permitted
Marek Mikus wrote: I found conflict, two accounts used the same port. But it was very hard to detect this, I hope, Ritlabs will improve this error message to display, which account are in conflict. All I think could be done here -- and it *should* be done -- is to add on the error message/pop-up the offending IP address and port, and the module getting hit. I fully agree with Marek on this. Not doing so makes it very hard to solve this. It is difficult to predict this type of error, and you could have an altogether different program allocating the socket... but if you know what socket got a conflict, then you can hunt it down. -- ..hggdh.. Current beta is 3.51 | 'Using TBBETA' information: http://www.silverstones.com/thebat/TBUDLInfo.html IMPORTANT: To register as a Beta tester, use this link first - http://www.ritlabs.com/en/partners/testers/
Re: Error Only one usage of each socket address (protocol/network address/port) is normally permitted
Marek Mikus wrote: Hello all, I saw this error message today during TB's start, any further description about this error is missing. Max, what this means? This is a WinSock error. It means the socket in question (which one, I do not know, but I would guess it is related to TB!) is already in use. -- ..hggdh.. Current beta is 3.51 | 'Using TBBETA' information: http://www.silverstones.com/thebat/TBUDLInfo.html IMPORTANT: To register as a Beta tester, use this link first - http://www.ritlabs.com/en/partners/testers/
Re: 3.51
Sigh. Topologically speaking 3.5 is smaller than 3.5.1 (given a left-to-right ordering schema). And this is how, usually, software versions are set. On CVS you may (if you want) re-version to a new PRODUCT version base, but it is not necessary. So you can have a source file at CVS version 1.219 that corresponds to a product version 3.5.0. -- ..hggdh.. Current beta is 3.51 | 'Using TBBETA' information: http://www.silverstones.com/thebat/TBUDLInfo.html IMPORTANT: To register as a Beta tester, use this link first - http://www.ritlabs.com/en/partners/testers/
(OT) It worries me...
Liz wrote: As a developer I do know how hard it is to write something to suit everyone, however, if you broke something that used to work, rather than add new stuff, its much better for the confidence of your userbase to fix the broke stuff, before adding new. We all understand breakages, stuff happens, but when it remains broken, and ignored.. quite often people report bugs because they used that feature, and now their usage is hampered. I did not want to add to this already rather thick soup, but... my fingers itched :-) There is a detail here that we must not forget. RL indicated that they were doing a major code re-write (which sounds very much like a re-design: you only re-write major parts of your product if you decide you reached a limit, and a re-design is warranted). Usually, when a product reaches a milestone -- like a new version, re-design, whatever -- you branch on your source management tool. This means you create a new subtree, separate from the currently-available source code base. At this point in time work will then go on two radically different fronts: maintenance and support on the production (soon to be old) source code base, and development action on the new source code branch. As such, issues that have been discovered on the current support version *may* *not* be seen on the development version. Even more, if the development process gets to re-write major portions of the code, then the issue found on production code may not even be reproducible on development code. Also, usually development is left alone until a point in time when new (since the code branch) product issues are verified against the development, and the code bases are then synchronised. Obviously, as I pointed out earlier, sometimes you just cannot do it. And, of course, there are those that say development people live in a different world... having been on both sides of the fence (development and support), I have to say I agree with it. Also, every product issue is given a priority, and high-priority issues are worked on first. One way to give an issue higher priority is by showing the issue impacts negatively a large portion of the customer base. Issues that do not impact many customers, or that do not cause catastrophic failure of the product are, by consequence, left for later work. Take your own conclusions on how you can influence, folks. I am not saying, or even implying, this is what RL did, or does. I am just pointing out how this usually works on large development shops. I personally guess this is the *only* way this type of work can be done, in general... -- ..hggdh.. developers do not need rockets to reach the moon. I know. I have been there Current beta is 3.5.33 | 'Using TBBETA' information: http://www.silverstones.com/thebat/TBUDLInfo.html IMPORTANT: To register as a Beta tester, use this link first - http://www.ritlabs.com/en/partners/testers/
Re[6]: OT Couth Mary [Re: 3.5.30 MSI]
Hello Avi, Sunday, June 26, 2005, 1:44:57 PM, you wrote: If that person has broken the list rules then they require reminding of said rules but the mods are usually remind the whole list of the rules in order to stop repeated breaking of the rules by other people apart from those who are being trouted. So normally it is not just the person that the trout is being flung at that is being told. Agreed with reservation. I think this can only work if the moderators are unbiased in respect to whom they single out as whipping boys. Words carry power. This has been known for a very long time, and is used unreservedly by many religions. For example, many Jews use 'HaShem' to refer to, hum, HaShem; many Christians frown on words like 'hell', and others. OT One should also note that words are now used by the new religion out there -- politics (perhaps, not so new). /OT Depending on one's upbringing, some words will be either rude or blatantly offensive, while a different culture may consider the same words nothing special. This makes moderating an international list extremely complex, and almost impossible to be completely fair. This is probably where we can plug this un-natural thing called courtesy... and the knowledge that upbringing does not need to be coherent. In other words, fairness in moderation is a lost cause :-) Any one doing moderation will eventually find it so, or has already found it so. All we need is time. But, let's move on to bias. Every moderator is biased. This is no big deal -- we are *all* biased, one way or another --, see above. The difference is understanding that one is biased, and trying to find out if the inbred/developed bias is acceptable (to one's ethical being). So, yes, Marck is biased. So are you. So am I. Yet I do not find Marck's bias selective on whom gets the whip. He is doing what he is tasked to and, as far as I can see, doing it as correctly as possible, even if I do not completely agree with it. And... the fact that I do not agree with it does not bring any demerit to his moderation. And, at the end of the day, I find I still can live with you, Marck, and everybody else here. -- ..hggdh.. Using The Bat! v3.5.0.31 and Bayes Filter Plugin v2.0.3 on Windows 2000 5.0 Build 2195 Service Pack 4 pgp5nHQsLMYlE.pgp Description: PGP signature Current beta is 3.5.31 | 'Using TBBETA' information: http://www.silverstones.com/thebat/TBUDLInfo.html IMPORTANT: To register as a Beta tester, use this link first - http://www.ritlabs.com/en/partners/testers/
Re: 3.5.06 Again no way to close Windows with TB running
MaXxX wrote: I'm on a roll! I'm on a roll! Thanks, MaXxX. I needed something like that today. I just hope the rest of the people here take it on the lighter side... (p.s. -- there's also another identifying trait of a bat -- it defecates [censor action] all over you...) Current beta is 3.5.26 | 'Using TBBETA' information: http://www.silverstones.com/thebat/TBUDLInfo.html IMPORTANT: To register as a Beta tester, use this link first - http://www.ritlabs.com/en/partners/testers/
Re: Who sent this e-mail? (was: Global folders, multiple e-mail accounts, and replies)
Hello Greg, GS Define valid account please! By Global Folder do you mean common GS folder or has Ritlabs changed the terminology here? A valid account, as far as I am concerned here, is an account that has been defined in TB!, and on which one can send and receive e-mails. A valid account is composed of an e-mail user name (and, perhaps, more than one) and one or more e-mail servers which are used to send or receive e-mails. and yes, Common Folder. I stand corrected. :1,$s/Global/Common/g GS What is a fake 'From' field? First of all -- TB! is a client e-mail programme. This means that it is used to reach an e-mail server (perhaps more than one) and collect or send e-mails. TB! is not an e-mail server. For any e-mail client to be used one has to configure it with valid e-mail account names, servers, etc. An fake 'From:' field is, then, when the 'From:' (or 'Reply-To') is filled with an e-mail address that does not correspond to the e-mail account name (perhaps more than one). GS If one defines 'fake' in a broad sense, then one could say that my ISP GS should NOT accept my outbound email using a 'From' header of my own GS domain the does NOT correspond with [EMAIL PROTECTED] configuration. This could also be discussed -- if an ISP should, or should not, accept incorrectly-coded (as defined for the specific account in use) e-mail addresses. But I am not discussing the ISP, here -- my problem is with the client. GS If this is what you mean, then I totally disagree. Why? Because I use GS authentication to access my ISP's SMTP mail server. What this provides GS is the ability to use the same email address without regard to what GS ISP I use. I wouldn't be able to do this without an email client like GS TB unless I ran my own mail server. If I ran my own mail server I GS would have to have an ISP that does NOT restrict port 25 or prohibit GS such applications in their TOS unless I purchase a much more expensive GS business account. Authentication has nothing to do with this issue. Authentication is an issue between you and your ISP. I also use authentication on *ALL* of my e-mail accounts. I also use encryption when I connect to my ISP to send/receive e-mails. And, still, I was able to send, on an e-mail account, with an incorrectly-coded (for this e-mail account) 'From:' field. -- ..hggdh.. Using The Bat! v3.0.9.12 Return and on Windows 2000 5.0 Build 2195 Service Pack 4 pgpI1z1BeHvoq.pgp Description: PGP signature Current beta is 3.0.9.12 Return | 'Using TBBETA' information: http://www.silverstones.com/thebat/TBUDLInfo.html IMPORTANT: To register as a Beta tester, use this link first - http://www.ritlabs.com/en/partners/testers/
Re: Who sent this e-mail?
Hello Jernej, Sunday, April 3, 2005, 10:11:15, you wrote: JS That would make it very hard to use TB in my configuration - I use JS my own mail server, and it's configured to accept a lot of JS addresses and deliver them to me. I also send messages with some JS of these addresses in the From field (using TB's macros to JS automatically select the proper address), but I have only 1 JS address configured in the account properties. By doing this, it's JS easy for me to track where somebody got my e-mail address, and I JS can also easily disable the address server-side if I start getting JS too much spam on it. Your suggestion would make this impossible. JS The address I use for mailing lists is one such example. So we have two of us that use it this way. This is enough to say that such a rule cannot be absolute. I have nothing against this. What I still have against is TB! sending out e-mail *defaulting* to such behaviour. -- ..hggdh.. Using The Bat! v3.0.9.12 Return and on Windows 2000 5.0 Build 2195 Service Pack 4 pgpjycelhvV6W.pgp Description: PGP signature Current beta is 3.0.9.12 Return | 'Using TBBETA' information: http://www.silverstones.com/thebat/TBUDLInfo.html IMPORTANT: To register as a Beta tester, use this link first - http://www.ritlabs.com/en/partners/testers/
Re: Who sent this e-mail? (was: Global folders, multiple e-mail accounts, and replies)
Hello Zygmunt and Boris, ZW Using common folders (I think they are that what you mean) with different ZW SMTP servers and matching appropriate accounts is possible by reply ZW template. Place in this template a series of %IF macros like: ZW %IF:%OTOADDR=your_addr_account1:%ACCOUNT='account1' ZW It should resolve your problem with sending replies matched to 'valid' ZW accounts and servers. Of course, if your address is in BCC field then ZW this method fails. In such a case The Bat! will use default account. and, from Boris: BA But he could maybe use the Envelope-To or Delivered-To header to BA detect to which address the mail was sent. Thanks to both for pointing this out to me. It is a way out right now. But... my point is that one should not need to do that -- TB! should be able to easily do it. -- ..hggdh.. Using The Bat! v3.0.9.12 Return and on Windows 2000 5.0 Build 2195 Service Pack 4 pgp2m8l4Jzx7Y.pgp Description: PGP signature Current beta is 3.0.9.12 Return | 'Using TBBETA' information: http://www.silverstones.com/thebat/TBUDLInfo.html IMPORTANT: To register as a Beta tester, use this link first - http://www.ritlabs.com/en/partners/testers/
Global folders, multiple e-mail accounts, and replies
-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 Hello folks, BeforeI open a bug I would like your comments on the following. environment 1. I have multiple e-mail accounts, which are used for different purposes. These e-mail accounts are not under the same server -- for example, I have accounts under 'comcast.net', under 'gmail.com', etc. 2. I use Global Folders to aggregate related e-mail; usually the GFs will receive (via an incoming filter) e-mails from some, or all, of my e-mail accounts. 3. the account '[EMAIL PROTECTED]' happens to be the first account in TB! (this may have an impact on what happened). /environment So far, so good. Now. I received one e-mail (which was stored under a Global Folder) that I replied to. Much to my surprise the reply was sent under a different e-mail (and corresponding e-mail account) than the e-mail that received it. In other words: the original e-mail was received under my account '[EMAIL PROTECTED]', and the reply went thru my e-mail '[EMAIL PROTECTED]'. This is really not kosher, I thought to myself. So (I kept thinking to myself), maybe I need to set the 'From:' account when doing this. So I sent another reply (from an e-mail stored in a Global Folder) and I explicitly set the 'From:' to match my original e-mail -- for reference, '[EMAIL PROTECTED]'. It *did* go with such a 'From:' as I set, BUT... it used the e-mail server at 'comcast.net'! off-topic this also says something about security at Comcast, but is is completely outside this discussion. /off-topic NOW this is so un-kosher that even my grandmother would not complain on my (ab)use the the word 'kosher'. Here's what I would expect: (a) on Global Folders TB! should respect, when on a reply, the account that received the original e-mail; (b) on Global Folders, if you override the default 'From:' e-mail address, TB! should use the corresponding account to send this e-mail. What do you, dear colleagues, think about this? Cheers, - -- ..hggdh.. Suffering The Bat! v3.0.9.12 Return on Windows 2000 5.0 Build 2195 Service Pack 4 :-) -BEGIN PGP SIGNATURE- Version: GnuPG v1.2.5 (MingW32) Comment: public key at pgp.mit.edu iD8DBQFCTy1OVFMjkob7xf8RAjnpAJ4nPG/YZT9h3RAJCMPvrd2nblFHugCgp19g p5e9XGvcJXM6dKI6eJ9OR9o= =D5V4 -END PGP SIGNATURE- Current beta is 3.0.9.12 Return | 'Using TBBETA' information: http://www.silverstones.com/thebat/TBUDLInfo.html IMPORTANT: To register as a Beta tester, use this link first - http://www.ritlabs.com/en/partners/testers/
Who sent this e-mail? (was: Global folders, multiple e-mail accounts, and replies)
Hello Marcus, Saturday, April 2, 2005, 18:03:29, you wrote: MO On Sunday, April 3, 2005, 01:39, hggdh wrote: MO Multiple accounts I have used though. What you do when changing MO the 'From:' address is just that, changing the 'From:' address. MO Changing accounts is made either by right clicking the account MO name in the status bar of the editor window, or by selecting MO account in Options | Active account. MO This is intended behaviour and, according to me, reasonable behaviour as MO well. If a change of the 'From:' field would change account as well, I MO do not see how I could change the 'From:' address without changing MO accounts, something I need to do now and then. I do not quite agree (and, before we advance, I also have to state that I do not quite disagree). My personal view is that an e-mail client should frown on using a 'From:' address that is not configured under a valid account. In other words, the 'Reply-To' header field has to be a valid reference when the e-mail leaves the e-mail client. This, for an e-mail client, would go a long way on having said e-mail client taken out of some spammer lists. Which sort of throw us back into the the off-topic/ issue I raised in my first e-mail: Comcast should have rejected my reply with a fake 'From:' field -- because this is what is was: a fake email address, as far as the Comcast environment was concerned. Please do not get me wrong -- it is still easy for those of us that play in the Internet standards (IETF, etc) to find out where the e-mail came from; there is always the legal request to the ISP to provide this information, as a last resort... and, believe me, if you show cause, they will. But I still would rather prefer an e-mail client that enforces such a restriction. -- ..hggdh.. Using The Bat! v3.0.9.12 Return and on Windows 2000 5.0 Build 2195 Service Pack 4 pgpVDPgu0IjSt.pgp Description: PGP signature Current beta is 3.0.9.12 Return | 'Using TBBETA' information: http://www.silverstones.com/thebat/TBUDLInfo.html IMPORTANT: To register as a Beta tester, use this link first - http://www.ritlabs.com/en/partners/testers/
Re: Config: Registry - File
Hello NetVicious, Thursday, February 24, 2005, 14:31:21, you wrote: N jueves, 24 feb 2005 at 20:28, it seems you wrote: Currently, The Bat! keeps its files in two directories: 1. The read-only program files in the Program Files folder 2. The files that it modifies in the MAIL Directory We don't like to make one additional directory besides the MAIL directory, we don't like to have three different directories. N Well in this case, TB! should create or mark the ini files with the N Windows username it's using the program. If you don't separate this N the different users of the program will have the same configurations But if there is rationale for this third directory, please let us know. N The old ini files where deprecated with the registry because N with the old ini files each program had one only configuration. Later N in Win2000 M$ added the DocumentsSettings folder. N I only said one think. Now with the registry each user could have it's N config. If TB! uses ini files if TB! don't marks or uses different ini N files for each user all the users of the computer will have the same N configuration, and if one user changes something the others users will N get also the same changes. N BsPlayer (www.bsplayer.org) uses xml files marked with the username. N Example: BSPlayer.User1.xml and BSPlayer.User2.xml. You could create N folders on mail folder or where you like for the user ini files. Some things here: 0. the old .ini files were deprecated because every application put them under the Windows system directory -- which, even at the beginning (and I am talking about Windows 1.x here) was an atrociously bad idea. 1. even if this is getting not to be common anymore, you can have many users sharing a single Windows system. User-specific settings should *by default* be saved under the current user system folder; the user can be given an option to move it elsewhere. The reason here is a simple one -- privacy. 2. samewise, each user should be able to configure TB! as if this user were to be the single TB! user. This means that configuration data, be it in the Registry or in an initialisation file, should also be stored under the current user area (either HK_CurrentUser, or under 'My Documents', for example). This means, for example, that one user can use BayesIt! while another user, on the same box, can use Bayes Filter. 3. Except for system settings, using the Registry just makes life a lot more miserable for those of us that jump systems, or have to rebuild them -- for whatever reason. On the other hand, for corporate users that roam on a Domain, not having the settings under the HK_CurrentUser will, of course, be a major pain. 4. And, on the other hand (that's the third hand for those of you that did not count them) this is probably not a significant issue given that the roaming user will still need to access the mail base (probably on an altogether different computer that the one in use to execute TB!). So... right now, it is difficult to decide which way. I myself would go off the Registry, no questions asked -- I simply hate the beast, and the current abuse of what started as a good idea. My personal vote is for XML-based initialisation files. -- ..hggdh.. Using The Bat! v3.0.2.10 and on Windows 2000 5.0 Build 2195 Service Pack 4, waiting for an UNIX-based TB! Current beta is 3.0.9.1 Deep Alpha | 'Using TBBETA' information: http://www.silverstones.com/thebat/TBUDLInfo.html IMPORTANT: To register as a Beta tester, use this link first - http://www.ritlabs.com/en/partners/testers/
Re: Change password with On The Fly Encryption
Hello Tony, Tuesday, January 4, 2005, 13:07:03, you wrote: TB Create a backup. TB Delete RIT registry entries. TB Run The Bat. TB Choose OTFE with new password. TB Restore from backup. TB Voila. Huh, I am not sure I understand -- maybe I messed something on the OTFE. I understood the *base* was encrypted, and OTFE would write encrypted mails to the base, and un-encrypt when reading. If I am correct, then what you propose could not work. -- ..hggdh.. Using The Bat! v3.0.2.10 and on Windows 2000 5.0 Build 2195 Service Pack 4 pgpxydKPcSO5U.pgp Description: PGP signature Current beta is 3.0.2.10 | 'Using TBBETA' information: http://www.silverstones.com/thebat/TBUDLInfo.html IMPORTANT: To register as a Beta tester, use this link first - http://www.ritlabs.com/en/partners/testers/
Re: Problems at shuwdown with 3.0.2.8
Hello James, Friday, November 26, 2004, 10:01:03, you wrote: JO Is everyone experiencing this problem using BF, or any plugin for JO that matter? Does the problem go away if all plugins are JO disabled/deleted? JO Might be worth checking into... Happened with me with BayesIt!; after moving to Bayes Filter, I did not get it anymore, but... still waiting. -- ..hggdh.. Using The Bat! v3.0.2.8 and Bayes Filter Plugin v2.0.0 on Windows 2000 5.0 Build 2195 Service Pack 4 pgpDGYjmlMQK8.pgp Description: PGP signature Current beta is 3.0.2.8 Rush | 'Using TBBETA' information: http://www.silverstones.com/thebat/TBUDLInfo.html IMPORTANT: To register as a Beta tester, use this link first - http://www.ritlabs.com/en/partners/testers/
Re: UNIX text files
Hello Avi, Thursday, November 25, 2004, 01:34:03, you wrote: AY Whenever I receive a UNIX text file in TB, the file seems to be AY automatically converted to DOS format. I don't know if this is a AY behavior of TB or Windows XP. Is there some setting that I can impose AY that would prevent this conversion from taking place? You mean attached files? Can you expand a bit on what is going on? -- ..hggdh.. Using The Bat! v3.0.2.8 and Bayes Filter Plugin v1.5.6 on Windows 2000 5.0 Build 2195 Service Pack 4 pgpupIK04gMBF.pgp Description: PGP signature Current beta is 3.0.2.8 Rush | 'Using TBBETA' information: http://www.silverstones.com/thebat/TBUDLInfo.html IMPORTANT: To register as a Beta tester, use this link first - http://www.ritlabs.com/en/partners/testers/
BayesIt! strikes back
-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 This morning I found the computer I run TB! showing a pop-up with the following text: counter error in nspamdict, with a OK button. Ah well. I knew Alexey is still working out the bugs. So I decided to look up the bayesit.log. Last entry is on Nov 14th: 14.11.2004 19:59:12 Current recalculation session is interrupted.. Now, I do remember that I closed TB! two days ago at about 21:00. I am also very sure I restarted it yesterday at about 19:00. But, going on. There's a 'BayesIt1' folder, same level as my original 'BayesIt', with some files, and dated Nov 16th. All files under it, including the temp working folders are timestamped at about 03:45 Nov 16. Except... '.\BayesIt1\Base\Transact\autotrain.bys' is timestamped 07:18 this morning. So. 1. The BayesIt! log has not been updated since Nov 14th;2. There's a new 'BayesIt1' folder, out of the blue; 3. BayesIt! got (it seems) utterly lost. This is BayesIt! 0.74. I do not remember any new official version from Alexey -- is there one? - -- ..hggdh.. Using The Bat! v3.0.2.6 on Windows 2000 5.0 Build 2195 Service Pack 4 -BEGIN PGP SIGNATURE- Version: GnuPG v1.2.5 (MingW32) Comment: public key at pgp.mit.edu iD8DBQFBmgpPVFMjkob7xf8RAqBwAKCzb3hf2LiwX81AMI0WX7gYdd+XGACgnpMr dFCWL4eEKxe4oGNPPMMNe2w= =3087 -END PGP SIGNATURE- Current beta is 3.0.2.7 Rush | 'Using TBBETA' information: http://www.silverstones.com/thebat/TBUDLInfo.html IMPORTANT: To register as a Beta tester, use this link first - http://www.ritlabs.com/en/partners/testers/
Re: BayesIt! strikes back
-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 A bit more of info -- I looked up the BayesIt! configuration. I was magiacally changed to NO logging, and the directory was indeed set to BayesIt1. I do not mind auto-configuring software, but I really do expect it to at least notify me that it decided to change my settings. I am not very happy, right now. -BEGIN PGP SIGNATURE- Version: GnuPG v1.2.5 (MingW32) Comment: public key at pgp.mit.edu iD8DBQFBmg91VFMjkob7xf8RAh+VAJ9+xQyVjOFKVhdJIc/0HgLhYBG27ACffhwv a0BBAjcfyuL116eq67u+Ipk= =JmBi -END PGP SIGNATURE- Current beta is 3.0.2.7 Rush | 'Using TBBETA' information: http://www.silverstones.com/thebat/TBUDLInfo.html IMPORTANT: To register as a Beta tester, use this link first - http://www.ritlabs.com/en/partners/testers/
Re: BayesIt! strikes back
Hello Alexey, Tuesday, November 16, 2004, 09:01:32, you wrote: ANV hm... Believe me, there is no such code in the BayesIt! It makes ANV it's configuration during the first run by determining the ANV working folder of The Bat! (the value of ANV [HKCU\Software\Rit\Thebat!\Working Directory] plus bayesit). It ANV never tries to make the folders like bayesit1 or likely. The ANV ways it MAY be changed is a) manually do the configuration. b) ANV manually edit tbplugin.ini in The Bat! working folder (however, ANV this file contains plugin's settings being BASE64-encoded, and ANV so, it is quite difficult to edit it really manually); c) ANV restoring from backup copy where bayesit's settings were in ANV bayesit1 and logging was switched off. ANV If nothing from enumerated happens, it is really magic :) Welcome to the Brave New World, that has such magic in it :-) (Shakespeare, please forgive me) a) manually do the configuration: no I did not do it. Since this system is only accessible by myself, I can also guarantee nobody did it. b) manually edit tbplugin.ini: also negative (even thou it is not that difficult to work with base64-encoded files). c) restoring from backup: no. No backups have been taken, so no backups could have been restored. Still... it changed to .\BayesIt1, and it reset logging. The last update on TB! was when I installed TB! 3.0.2.6 on Nov 8th. Whatever happened, happened between Nov 14th and Nov 16th (when I found it). I do not doubt you at all. I am just stating what happened. -- ..hggdh.. Using The Bat! v3.0.2.6 and BayesIt! 0.7.4 on Windows 2000 5.0 Build 2195 Service Pack 4 pgpGg62DsadjJ.pgp Description: PGP signature Current beta is 3.0.2.7 Rush | 'Using TBBETA' information: http://www.silverstones.com/thebat/TBUDLInfo.html IMPORTANT: To register as a Beta tester, use this link first - http://www.ritlabs.com/en/partners/testers/
Re: Encrypting mail and national law - rather OT
Hello Mary, long time... Saturday, November 13, 2004, 06:54:09, you wrote: MB As no doubt was made clear earlier, in the U.S. this law exists, MB too, and for the reason just given above. And also the right, just MB confirmed on this thread as existing in Great Britain, to view MB encrypted material on hard drives. But to seize a hard drive in MB the U.S. for that purpose, it's my understanding that a court MB order must still be obtained. However, the U.S. Patriot Act MB seems to be under continual re-interpretation. Yes indeed. In the US a court order has to exist. But it may be sealed (meaning you cannot get to it, read it, or have your councellor/barrister read and counter the order), if it is given under the Patriot Act. See, for example, the now famous IndyMedia case, where hardrives were collected from IndyMedia servers from US and UK (and possibly other places). The UK government will not comment on the case, and in the US, a court order exists, but cannot be discussed. No charges have been made against IndyMedia (to my knowledge). But, still, charges *may* be brought in the future. BTW, the harddrives have been returned, seemingly intact. Also, the enforcement agency (usually the FBI in the US, I guess) can receive a 'blanket' warrant, allowing it to go to your home/office/whatever, and collect anything and everything that the enforcement agents consider interesting. That means, then, the harddrives, the CDROMs, any and all pieces of paper found, the trash can, the contents of the shelves, your cell, etc. You will not have a chance of calling in witnesses, and to argue on what can be collected. And, done that, if an encrypted file is found, you may be required to provide the keyphrase. And... you yourself do not know _why_. It is, after all, National Security. Need-to-know and all of that. It may happen that later they find nothing against you, and all collected materials will be returned. This may take some years (see Steve Jackson, some years ago -- and this was _before_ the Patriot Act!). By this point in time, if you depended on the collected material to survive, you are already under... Encryption of data will, then increase your privacy in relation to your peers, not in relation to the government. No key escrow is actually required in this process, since refusal to provide the encryption keys is a tacit admission of guilt. The most astonishing piece of it all is that you can be sued without actually knowing the real contents of the charges, and without being able to see/discuss/counter incriminating evidence collected against you. What was it, again, this guy Ben Franklin once said, about liberty, rights, etc? -- ..hggdh.. Using The Bat! v3.0.2.6 and BayesIt! 0.7.4 on Windows 2000 5.0 Build 2195 Service Pack 4 pgp2aLIrWpHFn.pgp Description: PGP signature Current beta is 3.0.2.7 Rush | 'Using TBBETA' information: http://www.silverstones.com/thebat/TBUDLInfo.html IMPORTANT: To register as a Beta tester, use this link first - http://www.ritlabs.com/en/partners/testers/
Re: Encrypting mail and national law
Hello Gonçalo, Saturday, November 13, 2004, 01:30:28, you wrote: GF Just like that? Just by wishing? You have absolutely no GF right to privacy or their desires must come with a good reason GF to demand your key? Privacy does not really exist in the US. There is a lot of hot air vented around the idea, but no real privacy -- it's bad for business. Europe is, in general, much more strict... -- ..hggdh.. Using The Bat! v3.0.2.6 and BayesIt! 0.7.4 on Windows 2000 5.0 Build 2195 Service Pack 4 pgpeKU3Iu7awC.pgp Description: PGP signature Current beta is 3.0.2.7 Rush | 'Using TBBETA' information: http://www.silverstones.com/thebat/TBUDLInfo.html IMPORTANT: To register as a Beta tester, use this link first - http://www.ritlabs.com/en/partners/testers/
Re: Encrypting mail and national law
-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 Hello rmorris, Saturday, November 13, 2004, 20:36:10, you wrote: r Where can I learn about using e-mail encrypting? I have read a lot r of posts on this and its getting me curious. For a pretty good treatment on it, have a look at 'Network Security - Private Communication in a Public World', Kaufman, C., Perlman, R., Speciner, M., Prentice Hall 2002. It covers the ideas, motivations, pitfalls, etc, with just a bit of mathematics. For a more formal treatment see 'Handbook of Applied Cryptography', Menezes, A., Van Oorschot, P., Vanstone, S., CRC Press, 1996. Also good are all of Bruce Schneier's books. Highly recommended. - -- ..hggdh.. Using The Bat! v3.0.2.6 and BayesIt! 0.7.4 on Windows 2000 5.0 Build 2195 Service Pack 4 -BEGIN PGP SIGNATURE- Version: GnuPG v1.2.5 (MingW32) Comment: public key at pgp.mit.edu iD8DBQFBltFgVFMjkob7xf8RAivuAKCgj5brm/GYQJQ+fsIryB1uQEAHygCeKp1D cn7mjwR8yphIE3//D5tXBCo= =Y+bU -END PGP SIGNATURE- Current beta is 3.0.2.7 Rush | 'Using TBBETA' information: http://www.silverstones.com/thebat/TBUDLInfo.html IMPORTANT: To register as a Beta tester, use this link first - http://www.ritlabs.com/en/partners/testers/
Re: Gmail is hot!
Avi Yashar wrote: Well, you got me curious, Alexander. And your signature tells us where to go to find out more about you. So I thought neurowerx - well, that sounds like it could be neurotic in English, and I wanted to know if you had done that much self-analysis. :-) So, lo and behold, what do I find at the top of a Web page from a man who has just identified his number one aversion as advertising and marketing? You guessed it - a PayPal Donate button and a sales pitch to go with it! Sigh. I will be flamed... and this is completely OT. Ah well. Such is life. 'neurowerx' sounds more like a play of words with 'neurowerks'. This may mean a lot of things, but I do not see it as 'neurotic'... And... Alexander is doing nothing out of normal putting a PayPal button on his page. He is not proposing to collect your information, analyse it, and provide you with needed feedback' in the form of commercial links. Peace, folks. -- ..hggdh.. Current beta is 3.0.2.7 Rush | 'Using TBBETA' information: http://www.silverstones.com/thebat/TBUDLInfo.html IMPORTANT: To register as a Beta tester, use this link first - http://www.ritlabs.com/en/partners/testers/
Re: Wish: HTML inline forwarding
Tony Boom wrote: Problem is so many people on this and the other lists fought long and hard to keep html of any description out of TB! completely. So whatever html capability TB! has is a bonus whether wrong or right. I'm not saying I agree one way or t'other but that's how it was. Well, it *does* make sense not to use HTML. Given that most HTML rendering is done by the MS-supplied DLLs (maybe TB! has it's own, I do not know), I am really, really, not willing to see HTML-based e-mails... We are getting one exploit after the other on this... last one is the IFRAME. It is much prettier, and easy to read, I agree. I just wish MS had not completely blown HTML into a monster. In summary: HTML-based e-mail is not safe (and, by extension, Windows is also not safe). Current beta is 3.0.2.6 Rush | 'Using TBBETA' information: http://www.silverstones.com/thebat/TBUDLInfo.html IMPORTANT: To register as a Beta tester, use this link first - http://www.ritlabs.com/en/partners/testers/
Re: Wish: HTML inline forwarding
Alexander S. Kunz wrote: And you I - we both have to deal with an HTML mail one day. Maybe. And on that day, it should work as expected (and I do not expect my mail client to blow an HTML message to pieces when forwarding/redirecting it), and thats what this thread is about. I stand corrected. You are, of course, right. It is, then, much more important that the HTML-rendering libraries be limited on what they can render... -- ..hggdh.., with a manual cut mark, since I have already eaten dinner with the magnificent forele blau Marck sent me :-) Current beta is 3.0.2.6 Rush | 'Using TBBETA' information: http://www.silverstones.com/thebat/TBUDLInfo.html IMPORTANT: To register as a Beta tester, use this link first - http://www.ritlabs.com/en/partners/testers/
[Fwd: [Full-Disclosure] The Bat! libpng bo?]
FYI
Original Message
From: 3APA3A [EMAIL PROTECTED]
Reply-To: 3APA3A [EMAIL PROTECTED]
Organization: http://www.security.nnov.ru
To: [EMAIL PROTECTED]
Dear [EMAIL PROTECTED],
It looks like The Bat! uses libpng 1.0.5 and zlib 1.1.3 and is
vulnerable to very old buffer overflow and double free bugs. At least
it catches exception on http://www.security.nnov.ru/files/libpngbo.png
and thread is silently closed... There is no any visual effect, but
you can see it in debugger. The rest of The Bat! is written in Delphi.
Can anyone confirm if this is exploitable (I know nothing about
Borland compilers)?
--
http://www.security.nnov.ru
/\_/\
{ , . } |\
+--oQQo-{ ^ }-+ \
| ZARAZA U 3APA3A } You know my name - look up my number (The Beatles)
+-o66o--+ /
|/
___
Full-Disclosure - We believe in it.
Charter: http://lists.netsys.com/full-disclosure-charter.html
Current beta is 3.0.2.4 Rush | 'Using TBBETA' information:
http://www.silverstones.com/thebat/TBUDLInfo.html
IMPORTANT: To register as a Beta tester, use this link first -
http://www.ritlabs.com/en/partners/testers/
Re: Fellow The Bat! Users?
Kian Andersen wrote: Hello, I would like to know if anyone of you know of a mail program for Linux that resembles the features I have in The Bat! ? Hum. mutt comes to my mind, but it's line mode. Current beta is 3.0.2.4 Rush | 'Using TBBETA' information: http://www.silverstones.com/thebat/TBUDLInfo.html IMPORTANT: To register as a Beta tester, use this link first - http://www.ritlabs.com/en/partners/testers/
Re: GnuPG 1.3.92 Problem
Kevin Coates wrote: Hi Peter, Yes we're getting a little OT, so this is the end of this thread unless someone can recommend a setting tweak in TB to fix my error. Here's a list of the changes in the last few GPG test versions: Noteworthy changes in version 1.3.90 (2004-10-01) - (...) libiconv is now used to support other character sets other than UTF-8, Latin-1,-2 and KOI8-2. The W32 version will only work correctly when iconv.dll is installed on the system. A binary version is available at all GNU mirror sites under libiconv. Current beta is 3.0.2.3 Rush | 'Using TBBETA' information: http://www.silverstones.com/thebat/TBUDLInfo.html IMPORTANT: To register as a Beta tester, use this link first - http://www.ritlabs.com/en/partners/testers/
Life with Betas (was: Re: 3022 is awfull)
Hello MaXxX, Thursday, October 28, 2004, 04:39:08, you wrote: M That is the risk of Betas that insist on acting like Releases. Sorry, MaXxX, but I fail to see the reason of a Beta that does not function like the release product. M Let me say it once more, for good measure, so that anybody concerned M hears... M BETA VERSIONS SHOULD NOT EVEN TRY TO INSTALL AS 'NORMAL' PROGRAMS. M THEY SHOULD HAVE A DIFFERENT PROGRAM ID AND INSTALL SEPARATELY, NOT M EVEN TOUCHING THE ORIGINAL CONFIGURATION. Please allow me to offer my version (it is, of course, still beta): ## BETA VERSIONS *ARE* DANGEROUS. THERE ARE NO GUARANTEES, IMPLICIT OR EXPLICIT, THAT YOUR MAIL BASE WILL SURVIVE. TAKE ALL NECESSARY PRECAUTIONS TO SAFEGUARD YOUR DATA. USE AT YOUR OWNRISK ## This is part of the game. The function of a Beta is to be used, AS IF IT WERE THE REAL THING, by a sample population. -- ..hggdh.. Using The Bat! v3.0.1.33 and BayesIt! 0.7.3 on Windows 2000 5.0 Build 2195 Service Pack 4 pgpaBsmQmwwEZ.pgp Description: PGP signature Current beta is 3.0.2.2 | 'Using TBBETA' information: http://www.silverstones.com/thebat/TBUDLInfo.html IMPORTANT: To register as a Beta tester, use this link first - http://www.ritlabs.com/en/partners/testers/
Re: 3022 is awfull
Hello Allie, Thursday, October 28, 2004, 12:40:49, you wrote: AM On Thursday, October 28, 2004, at 12:37 PM, Alexander S. AM Kunz wrote: But it does - no one forces you to participate in the beta test program, aye? AM Why not stop this? MaXXX wants to beta test. He just wishes to beta AM test without having to use his working installation as the beta test AM bed. AM He's looking for and asking for an easy way to run another AM installation in parallel to the one he relies on for day to day work. AM Prior to MSI installations, it was OK, but there are little glitches AM now that he mentioned. I don't find his concerns unreasonable. Clearly AM Ritlabs did too and offered something before. My own twopence: Yes, moving on to MSIs hase made testing betas much more difficult. And, yes, RL should help on this. And, YES, MaXxX is within reason with his request. And, now that I understand MaXxX's problem better, I do agree that RL should provide something that will allow two instances of TB! to be used. With due care -- for example, by setting the second (beta) one *not* to delete POP3 messages from teh server, one would be able even to concurrently run the production and the beta without impact. Of course, this still requires one to duplicate the message base, but this (I think) is a small problem. And, again I stress, it is up to RL to state HOW to do this. I am still right on what I said earlier, but I now think I was too limited in my view. -- ..hggdh.. Using The Bat! v3.0.1.33 and BayesIt! 0.7.3 on Windows 2000 5.0 Build 2195 Service Pack 4 pgpxBAICmGUFp.pgp Description: PGP signature Current beta is 3.0.2.2 | 'Using TBBETA' information: http://www.silverstones.com/thebat/TBUDLInfo.html IMPORTANT: To register as a Beta tester, use this link first - http://www.ritlabs.com/en/partners/testers/
Re: 3022 is awfull
Hello George, Thursday, October 28, 2004, 12:45:28, you wrote: GMM Thursday, October 28, 2004, 8:42:35 PM, George M. Menegakis wrote: beta test must take the decision and the implicit risk. GMM s/test/tester ahhh, an UNIX user... Good. I was thinking I was alone here :-) s/test/tester/ -- ..hggdh.. Using The Bat! v3.0.1.33 and BayesIt! 0.7.3 on Windows 2000 5.0 Build 2195 Service Pack 4 pgpHz3hRjYypf.pgp Description: PGP signature Current beta is 3.0.2.2 | 'Using TBBETA' information: http://www.silverstones.com/thebat/TBUDLInfo.html IMPORTANT: To register as a Beta tester, use this link first - http://www.ritlabs.com/en/partners/testers/
Re: Feature wish- allow user to permanently permit session with incomplete SSL/TLS server certs
Hello Army, Tuesday, October 26, 2004, 21:58:41, you wrote: AR Hello hggdh, AR Sunday, October 24, 2004, 5:46:31 PM, you wrote: (HUGE snip) I did not forget you... I just need time to read it all answer ;-) -- ..hggdh.. Using The Bat! v3.0.1.33 and BayesIt! 0.7.3 on Windows 2000 5.0 Build 2195 Service Pack 4 pgpJjd8rxhMAz.pgp Description: PGP signature Current beta is 3.0.2.2 | 'Using TBBETA' information: http://www.silverstones.com/thebat/TBUDLInfo.html IMPORTANT: To register as a Beta tester, use this link first - http://www.ritlabs.com/en/partners/testers/
Re: On S/MIME -- perhaps old news
Hello Dimitry, Tuesday, October 26, 2004, 14:36:50, you wrote: DA On 2004-10-26 at 21:28:44 Dimitry Andric wrote: Now, I had never used the TB! S/MIME certificate generator (usually I run openssl to do something like this). Where is this nice generator hidden? At least, I can't seem to find the magical sequence of commands to enable the Generate button in the address book properties dialog. DA Duh, I just found it... Never mind. :) I'm not sure why I didn't DA think of the account properties sooner. Probably because you do seem DA to have to do all other certificate stuff via the Address Book DA interface. A small hint in the help file indicating this would be DA nice, I guess. Well, Dimitry, now I do not feel so bad, after my rather dumb mistake. Also, you have to use the internal implementation, *not* the MS Crypto API for this to work. But there is still some more work to do here... I am not quite happy with the interface and the options... later I should have more to say on it. -- ..hggdh.. Using The Bat! v3.0.1.33 and BayesIt! 0.7.3 on Windows 2000 5.0 Build 2195 Service Pack 4 pgpqOUZJFLGfh.pgp Description: PGP signature Current beta is 3.0.2.1 Beta/1 | 'Using TBBETA' information: http://www.silverstones.com/thebat/TBUDLInfo.html IMPORTANT: To register as a Beta tester, use this link first - http://www.ritlabs.com/en/partners/testers/
Re: Feature wish- allow user to permanently permit session with incomplete SSL/TLS server certs
James Whitmoor wrote: (snip) I disagree, I control my local server and DNS, Redleg controls his local server and DNS. We could happily exchange messages in clear but for privacy would like the option to choose to validate each others certs by external methods. Yes, I know you control your DNS, and Redleg controls his/her. So... I leave your DNS (and Redleg's) alone, and go poison a DNS upstream. All I need is to have the remote user contact MY server first. Easy, unfortunately. And, what is worse, already done, many times over. End result: you will still believe you are all set secure... Of course, this is still rather different from broadcasting -- I would be the only one able to follow your conversations. And, again of course, I might decide it's a good enough conversation to post out to the public. If you have external methods to guarantee the key, then you do not need rootless certificates. In fact (except if you are using self-signed certificates), you do not need TLS/SSL at all. (snip) For private use, personal private verification works fine. Browsers happily let you import a non-CA cert and allow a user an option to do their own choice of verification first. Yes... but you can set yours to at least warn you something (potentially) fishy is going on. Unfortunately, not many of the users do that. Also, I do not like the amount of root certificates given to us, by default, on Windows. But I certainly am *very* careful whenever I get to a site where I receive a certificate that does not match common name, or for which I have no root. However this arguement assumes that I have not met my brother or friend and do not have another method of validation such as voice p2p. Also another thought, I may want to exchange mails with someone I do not trust - however I'd prefer the option to reduce the chance of someone else listening in at least for most of the journey. This is valid only when all parties involved do have other means of certifying each other (like, as you point out, private comm, in loco meetings, etc). This does not apply to open-ended systems, like a HTTP server. And, if you want to exchange secure e-mail with somebody else, all you both need is to generate exchange self-signed public certificates, and make sure both sides encrypt (or, of course, use PGP/GNUPG). An added bonus is signature and non-repudiation. But... you do not need, anymore, channel encryption. It can still be used, but you are not relying on it as the *sole* privacy measure. Please remember that most people (and web sites) use server-only authentication -- you rely on the server for all encryption, authentication, validation, and certification. This is a major part in my worries. If I have to rely on a third party (which I do not personally know), then I want a bit more of safety. Accepting a rootless certificate voids all inherent safety. Also, there are other means of securing a channel on a closed loop (i.e., where the parties know each other). You can use self-signed certificates here without any problems; you can use STS (Station-To-Station) encryption, which is pretty much like TLS/SSL, but without identification information; you can use PGP/GNUPG; etc, etc. TLS/SSL is built to allow you to secure a channel when the parties have *NOT* met, or do not physically know each other. It takes care of the key distribution problem for you. (snip) Cheers, ..hggdh.. Current beta is 3.0.2.1 Beta/1 | 'Using TBBETA' information: http://www.silverstones.com/thebat/TBUDLInfo.html IMPORTANT: To register as a Beta tester, use this link first - http://www.ritlabs.com/en/partners/testers/
On S/MIME -- perhaps old news
Hello folks, I have been trying to show another user how to generate self-signed certificates on TB!. Now, I had never used the TB! S/MIME certificate generator (usually I run openssl to do something like this). so obviously I hit some roadblocks, which were bypassed. All in all, quite easy, even considering that the Help sort of lacks on explanations of what fields should be populated. You either know what you need, or you are on your own. Nevertheless, so far, so good. I then added the brand new self-signed cert to the root, and TB! was happy. But then, when I tried to use this brand new self-signed, I found that if you *already* have a S/MIME certificate, then... you cannot select WHICH S/MIME you want to use. TB! will *ONLY* use the first you added in! It happens I have a Thawte S/MIME certificate, to the '[EMAIL PROTECTED]' account. So, although I could add the self-signed certificate to the same account, there is *NO* way to use it. None. TB! will not let you select WHICH of the S/MIME certificates you want to use. The only way I could get it to work was by removing the Thawte cert from the store. I personally consider this to be a bug -- one should be able to select which, of the (possibly) many different certificates one wishes to use. If I need to keep on adding/deleting certificates from the store, then this is simply not usable. But... since this may impact others I would like to have your input on this. Cheers, -- ..hggdh.. Using The Bat! v3.0.1.33 on Windows 2000 5.0 Build 2195 Service Pack 4 pgpiPDb7C0aLj.pgp Description: PGP signature Current beta is 3.0.2.1 Beta/1 | 'Using TBBETA' information: http://www.silverstones.com/thebat/TBUDLInfo.html IMPORTANT: To register as a Beta tester, use this link first - http://www.ritlabs.com/en/partners/testers/
Re: On S/MIME -- perhaps old news
-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 Hello Marck, Monday, October 25, 2004, 21:52:59, you wrote: MDP That's exactly what the Reset signers... button in the account MDP properties .. Edit personal certificates dialog is for. shame oh boy, oh boy, oh boy /shame :-) -- ..hggdh.. Using The Bat! v3.0.1.33 and BayesIt! 0.7.3 on Windows 2000 5.0 Build 2195 Service Pack 4 -BEGIN PGP SIGNATURE- Version: GnuPG v1.2.5 (MingW32) Comment: public key at pgp.mit.edu iD8DBQFBfb5ZVFMjkob7xf8RAsNeAKCxmWNiONe4g+i/aB/klLs/je1hCACfWpNv 35bRw2aVI/7jrrh37KxSBnQ= =htJr -END PGP SIGNATURE- Current beta is 3.0.2.1 Beta/1 | 'Using TBBETA' information: http://www.silverstones.com/thebat/TBUDLInfo.html IMPORTANT: To register as a Beta tester, use this link first - http://www.ritlabs.com/en/partners/testers/
Re: Feature wish- allow user to permanently permit session with incomplete SSL/TLS server certs
,you go get your mails, and it's the bad guy that answers you. All mails you send up/downaload are received by the bad guy (in clear text) and immediately uploaded to the mail server/downloaded to you. This is possible because the bad guy is posing as YOU, with your account, password, lock, stock, and all barrels)! After all, YOU sent him your account, password, SecureId, whatever... Also, I fail to understand a site that publishes it's public certificate, but does not provide pointers to the roots (i.e., to where you can get the roots, and it better be a completely different place!). AR My trust is in the server. The certificate is there to afford me the AR opportunity to establish the security and privacy provided by an AR encrypted transport with this trusted server... As shown above, you cannot trust your server. And... you cannot trust a rootless certificate. You can swallow it, but not trust. AR Nothing can force me to trust the entire chain in a formal PKI and AR certainly shouldn't be a forced requirement when my trust is established AR in the server only, in some cases. No. nothing can force you to. The whole idea of root certificates on TLS/SSL is to allow you to *confirm* that a public certificate received has been verified by someone. And... this someone survives only because he will never, ever, sign a fake certificate. Yeah, yeah, I know, iffy. See below for a failure :-). The idea here is similar to the web of trust in PGP/GNUPG. You do not know me, but you know someone that signed my PGP key stating I am who I say I am. You do not actually, really, know your server's certificate, or any other certificate you receive when opening a TLS/SSL session, but... down the line, there's a root certificate you decided to trust. This is why I said that trust is transitive. But... you are correct: why should we trust a CA? AR As you mention below, self signed certs will always be a factor. Simply AR due to the cost associated with the mainstream CA's, especially with AR those roots included in OS and browsers. Once my standards heve been AR met then I should be the decision maker, imnsho, not TB!. OK. OK. I accept it. The *final* user should have a *final* say on whether the rootless certificate will be accepted or not. On further thinking, I consider your approach valid, albeit the result is a potentially compromised session. But, the user assumes all risks. Caveat emptor. h This is not paranoia (although, I have to say, I *am* paranoid). This h is simply the rules of the game. AR I am interested in where you have read these rules of the game, AR falling under the broad umbrella of paranoid myself. See (for start) ftp://ftp.rfc-editor.org/in-notes/rfc2246.txt, which is the TLS RFC. At page 39 it states: certificate_list This is a sequence (chain) of X.509v3 certificates. The sender's certificate must come first in the list. Each following certificate must directly certify the one preceding it. * my markings here - hggdh * *Because certificate validation REQUIRES that root keys be distributed independently*, * my markings here -hggdh * the self-signed certificate which specifies the root certificate authority may optionally be omitted from the chain, under the assumption that the remote end must already possess it in order to validate it in any case. And, then, the rest of RFCs, and the PKIX IETF work group. (snip) h Allie, you are absolutely correct when you wonder about the security h of this. There is none. AR I beg to differ. The user, regardless of what any one entity says, is AR the *final* approving authority on what is acceptable in regards to what AR level of security and privacy that user desires. Which does not change my point above. There is no gained security. At all. But this is a risk that YOU, as the final user, has to have the rigth to accept. AR There is no security afforded, whatsoever, when TB! refuses to allow me AR to even view an incomplete certificate chain. All I am permitted to do AR is say OK or Cancel... TB! is being strict here. I personally like this. But, as I said above, I now do agree with you (in that the final user has to have the final say, even if this means throwing out all theoretical security and privacy). (snip) AR Thanks for the feedback, looking forward to more- and hopefully AR (eventually) even get entertained by the development powers that be. Indeed, this is fun. I suggest you to open a formal wish (I do not know how to do it, but certainly someone in here will). I will sign down on it (given that a stern warning is issued prior to acceptance of the rootless public certificate). On using a hash, or equivalent, to verify if the newly received certificate is identical to one stored: this is already available. All TLS/SSL public certificates have such a hash. So, what would be needed is to warn the user that the just-received certificate does *NOT* match
Re: Feature wish- allow user to permanently permit session with incomplete SSL/TLS server certs
Hello Allie, Saturday, October 23, 2004, 17:36:00, you wrote: AM On Saturday, October 23, 2004 at 1:34:00 PM [GMT -0500], Army Redleg AM wrote: Recommendation- The Unknown CA Certificate dialog box must give the User the ability to always select View allowing for a verification of server cert presented. Agree. See below. When viewing certificates in this manner a hash or digital fingerprint should be made of the certificate that TB! will check against in all future sessions to protect against sudden changes, tampering, MitM issues, etc... Disagree. Se below. The Unknown CA Certificate dialog box should give the User the ability to Add to Trusted any server certificate, chain complete or not, if they have viewed/verified and have determined this is from a server the User trusts (again, regardless if the server negotiates with a complete chain or not). Agree. See below. AM Interesting. Seems reasonable, though one wonders about the security of AM it. I guess you're more interested in transmission encryption more than AM strict authentication of the certificates? An user should *always* be allowed to View a certificate, mostly when there is an issue regarding it's validity (like an incomplete root chain). If this does not happen nowadays, then it is a bug on TB!. No questions about it. One might even go ahead and allow the user to add a certificate with an incomplete root chain to the base. No big deal here. But, here, we must draw the line. If the user succeeds in finding out the missing intermediate roots, and adds them to the base, then everything is OK, and life goes on. Otherwise -- i.e. there are still missing intermediate roots --, then TB! *HAS* to refuse using the certificate. If this is not an option for the user, then I humbly suggest the user to stop using SSL (or other schema in the same line). When you receive a certificate (on SSL negotiation) you do NOT trust this certificate. What you trust, want it or not, is that it's signature can be verified by a known authority -- known to you, and accepted as such by you. This known authority is represented by the root certificates you accepted to use. Your trust on the certificate you received is transitive: you trust it because a know root confirms it. And *THIS* root is trusted by you not to mess up. As such, if there are missing intermediate root certificates, then there is no trust transitivity, and the certificate you received is, by default, tainted. This is not paranoia (although, I have to say, I *am* paranoid). This is simply the rules of the game. Allie, you are absolutely correct when you wonder about the security of this. There is none. Another option here is that this server is using a self-signed certificate. If this is the case, all that is needed to do is add the certificate itself to the trsuted root. 0bviously, there is then the problem of trust, back to haunt: you *can* trust a self-signed certificate, as long as you can positively confirm it. Since you cannot use a trusted root anymore, the only way to confirm it is by direct contact with the other party. Only after such confirmation should you add the certificate to the trusted root. -- ..hggdh.. Using The Bat! v3.0.1.33 and BayesIt! 0.7.3 on Windows 2000 5.0 Build 2195 Service Pack 4 pgpfiUhEmR5oV.pgp Description: PGP signature Current beta is 3.0.2.1 Beta/1 | 'Using TBBETA' information: http://www.silverstones.com/thebat/TBUDLInfo.html IMPORTANT: To register as a Beta tester, use this link first - http://www.ritlabs.com/en/partners/testers/
Re: Finally I found the problem of high CPU (WAS: Since msi-v3rc6 my CPU wont cool anymore)
Hello Eddie, bugtrack 3953 opened for you on this. I have asked RL to contact you. https://www.ritlabs.com/bt/view.php?id=3953 I will forward to you any actions on this issue. -- ..hggdh.. Using The Bat! v3.0.1.33 and BayesIt! 0.7.3 on Windows 2000 5.0 Build 2195 Service Pack 4 pgpeeAG9rmqqy.pgp Description: PGP signature Current beta is 3.0.2.1 Beta/1 | 'Using TBBETA' information: http://www.silverstones.com/thebat/TBUDLInfo.html IMPORTANT: To register as a Beta tester, use this link first - http://www.ritlabs.com/en/partners/testers/
Re: Finally I found the problem of high CPU
Hello Eddie, Saturday, October 16, 2004, 12:34:30, you wrote: EC Thanks 'hggdh' (sound almost like R2D2 *gg*) ;)) Well, 'hggdh' is actually a word in an old language (transliterated in the Latin alphabet), but this is a rather old story, remembered yearly :-). I am a bit protective of my name, and never use it on public -- it's mine, preciou;-). EC Actually I'm amazed. During quit some beta cycles we had this high CPU EC problem. Nobody has ever given a real answer if this bug has being EC solved. on some systems it just disappeared. But I doubt there is EC knowledge on this Bug. The problem here is reproducibility. If a bug manifests itself randomly (or so it seems) and/or needs a certain sequence of steps to manifest itself, then chances are it will not be fixed. Not that the developers do not want to fix it, but because nobody knows how to trigger it (and so it is much more difficult to zero in the root cause(s)). This has plagued you for quite a time, but only you, it seems. My high CPU usage was tagged down to BayesIt!, and eventually Alexey found the cause (but here we had many other users hitting the same bug). This is exactly the scenario where a bloody trace would help all of us (users and RL). This is the perfect fit: YOU can reproduce it at will, nobody else can! HEAR, OH RITLABS! EC Now that I'm almost at the point being able in closing on the problem EC no one makes any move to support my work. I do hope RL is reading here EC my post and can (or someone else who knows the answer) give me a help EC on the files that are attached to the 'global option' in the EC Backup/Restore function. But we (at least, *I*) do support it. You have succeeded in finding how to reproduce it on your environment. You might even go ahead and write down all the values you have in the GO, then go back to a clean install, and start changing th GO one step at a time, and observing the results. This *might* work. Or might not. Anyway, AFAIK, this certainly goes above and beyond the Beta work, and should instead be done by RL. This is why I suggested you to open a BugTrack on it. RL will certainly not touch it if it is not officially a bug (I would not, in my work). This is a bomb, and we do not know how it is triggered. Bad, bad, bad. -- ..hggdh.. Using The Bat! v3.0.1.33 and BayesIt! 0.7.3 on Windows 2000 5.0 Build 2195 Service Pack 4 pgpKYagh4dA11.pgp Description: PGP signature Current beta is 3.0.2.1 Beta/1 | 'Using TBBETA' information: http://www.silverstones.com/thebat/TBUDLInfo.html IMPORTANT: To register as a Beta tester, use this link first - http://www.ritlabs.com/en/partners/testers/
Re: Finally I found the problem of high CPU (WAS: Since msi-v3rc6 my CPU wont cool anymore)
Hello Eddie, Friday, October 15, 2004, 12:03:47, you wrote: EC Now my System is up and normal. But I want to find the proper file EC that was creating this high CPU. Therefore my request for your help - EC especially from RL (as it's actually there issue). EC I need to know which are the files that are restored under the Global EC Options? I want then restore those one by one and see what happens. EC Any idea? GREAT work, Eddie. I think the problem lies on corrupted value(s) in (probably) your global options -- or, perhaps, an interaction between options. As such, this should be opened as an issue in BugTrack, and the backup of the Global Options attached to it. The issue seems to be not what files are used when you restore it, but what is in there. Whatever it is, a backup took it, and a restore used it. So... RL should be able to look at the backup, and gather the necessary data to find what values causes the high CPU. Notice that this is not quite the same as finding the root cause but, hopefully, they will be able to backtrack even more... I still wonder why so many programmers nowadays do not put in an extensive debug facility in their products, and give the users an option for starting a debug trace. Yes, the code grows, but it is only a resource impact (in terms of time and CPU usage) if the traces are activated. RitLabs -- please do yourselves, and us, a favour, and consider this for a next release. Correctly implemented (and, please do not tell me it's impossible: I have written a lot of code with trace embedded), it helps the customer when hit by a reproducible issue, and helps A LOT the fixer. Alea jacta est. Let's now see how RL reacts. -- ..hggdh.. Using The Bat! v3.0.1.33 and BayesIt! 0.7.3 on Windows 2000 5.0 Build 2195 Service Pack 4 pgporE5RyIhwc.pgp Description: PGP signature Current beta is 3.0.2.1 Beta/1 | 'Using TBBETA' information: http://www.silverstones.com/thebat/TBUDLInfo.html IMPORTANT: To register as a Beta tester, use this link first - http://www.ritlabs.com/en/partners/testers/
Re: Firefox and MSI Download...
Hello Scott, Thursday, October 14, 2004, 16:54:54, you wrote: SG Has anyone used Firefox 0.10.1 to download the latest MSI Release? SG I tried yesterday and today, and always ended up with either a dead SG Firefox, or a corrupted MSI. I gave up and tried IE today, and it SG downloaded perfectly the first time... SG Anyone else with similar trouble? I only use Firefox, and it is 0.10.1. No problems at all here. -- ..hggdh.. Using The Bat! v3.0.1.33 and BayesIt! 0.7.3 on Windows 2000 5.0 Build 2195 Service Pack 4 pgpi1p3NageVd.pgp Description: PGP signature Current beta is (none) | 'Using TBBETA' information: http://www.silverstones.com/thebat/TBUDLInfo.html IMPORTANT: To register as a Beta tester, use this link first - http://www.ritlabs.com/en/partners/testers/
Re: Wrapped .33
Cheers Mary, Wednesday, October 13, 2004, 14:34:51, you wrote: MB Did you mean that sarcastically? I am very sensitive about it, since MB I've only been doing it since v. 3.0. That was only because someone on MB tbudl challenged me to come on here and help test filters. Ah well. Mary, please do not waste your time with trolls. You have been doing a *very* good job. Anyone who has been on the other side of the fence -- the developer's side -- knows how important feedback on product usage is. MB I really didn't think that I had the computer skills to be able to MB contribute, among the really able people on a list where I'd been MB lurking for awhile. Another thing the computer masters tend to forget is that their programs are not going to be used by other computer masters, but by normal people. You may, or may not, have what you thought you needed on computer skills, but you certainly know what you want/need/do not like in an -email client program. And THIS feedback is, in my humble view, a LOT more important than (for example) mine, a so-called computer guru :-). I am sure RL really appreciate the efforts of everybody here. As I am sure some do not, but such is life. -- ..hggdh.. Using The Bat! v3.0.1.33 and BayesIt! 0.7.3 on Windows 2000 5.0 Build 2195 Service Pack 4 pgp5H91xS3BQ3.pgp Description: PGP signature Current beta is 3.0.1.33 RC/10 | 'Using TBBETA' information: http://www.silverstones.com/thebat/TBUDLInfo.html IMPORTANT: To register as a Beta tester, use this link first - http://www.ritlabs.com/en/partners/testers/
Re: Wrapped .33
Hello Arjan, Wednesday, October 13, 2004, 16:51:41, you wrote: AdG You may or may not have read my contribution on TBBeta about my AdG (failed) attempt at installing the No RC 3.01 MSI package AdG (which needed three attempts at RitLabs to get it more or less AdG working). That really sucked. In my opinion RitLabs could have AdG easily avoided the problems by doing some basic testing them- AdG selves. But instead they hastily threw out yet another faulty AdG version which had at least 1 bug from previous beta's AdG reoccurring. I cannot conclude otherwise than that they made an AdG extremely sloppy job of this No RC package release. AdG And yes, this experience has 1) annoyed me, 2) strengthened my AdG intention to avoid version 3, at least for the time being, and AdG 3) opened my eyes to the fact that The Beta! Testers get exactly AdG what they deserve. With all due respect I would like to point out some details here: 1. Microlost Installer sucks. 2. MSI installs have an uncanny ability of blowing up. 3. There many, many, different ways an install can go wrong. No developer can test them all. Not even Microlost can. 4. the (in)famous Microsoft Installer Clean Up utility was written by MS so that absolutely blotched MSOffice installs could be cleared out of the system *WITHOUT* a full format reinstall of Windows itself. 5. having more than one entry in the ARP is no big deal. I am not saying it is good, or even correct -- just saying it is no big deal. 6. No one is REQUIRED to upgrade. I myself have, many times, held on to an older release of a product because I did not like/trust/whatever the newer versions. But, eventually, one either upgrades, or leaves aside the product. and, on a personal note: 7. You came in way too strong and, what is worse, your note sounded like a personal attack -- ergo, troll. 8. finally, I am not sure the TB! beta testers got what they deserve. But, it seems, we are stuck with you :-). 9. If one does not like a feature (or absence of one) in a product, there are better ways of getting it there. Amazingly all of them usually start with being nice and providing reasons. You note lacked both. Now, for a very old saying: when you enter a city, abide by it's laws. -- ..hggdh.. Using The Bat! v3.0.1.33 and BayesIt! 0.7.3 on Windows 2000 5.0 Build 2195 Service Pack 4 pgpxGms3ey4KO.pgp Description: PGP signature Current beta is (none) | 'Using TBBETA' information: http://www.silverstones.com/thebat/TBUDLInfo.html IMPORTANT: To register as a Beta tester, use this link first - http://www.ritlabs.com/en/partners/testers/
Re: Mod: Dead Horse (was: Wrapped .33)
Hello Leif, Wednesday, October 13, 2004, 17:25:46, you wrote: LG This thread has gone on for quite a while with no apparent conclusion LG in sight and is going to have to be a case of Agree to Disagree. LG Please do not post anything else to this thread. Sorry Leif. My reply was being sent when I received this. -- ..hggdh.. Using The Bat! v3.0.1.33 and BayesIt! 0.7.3 on Windows 2000 5.0 Build 2195 Service Pack 4 pgplt9JZ8OrDe.pgp Description: PGP signature Current beta is (none) | 'Using TBBETA' information: http://www.silverstones.com/thebat/TBUDLInfo.html IMPORTANT: To register as a Beta tester, use this link first - http://www.ritlabs.com/en/partners/testers/
Re: Updated MSIs (12 October)
Hello Maxim, I had 2 entries in the ARP: one from RC6, and the other from the Oct 11 MSI. The RC6 entry had the Remove button grayed out. After installing Oct12 MSI I have one single ARP entry, V3.0.1.29, and the remove button is grayed out. So... no uninstall option available :-). MSI install log is saved, if needed. -- ..hggdh.. Using The Bat! v3.0.1 and BayesIt! 0.7.3 on Windows 2000 5.0 Build 2195 Service Pack 4 pgpyvuGLlQMgD.pgp Description: PGP signature Current beta is 3.0.1 RC/7 | 'Using TBBETA' information: http://www.silverstones.com/thebat/TBUDLInfo.html IMPORTANT: To register as a Beta tester, use this link first - http://www.ritlabs.com/en/partners/testers/
Re: Ritlabs Drops MSI Bomb THen Takes The Weekend Off
Hello Eddie,
Monday, October 11, 2004, 14:02:47, you wrote:
you can find it at http://www.eddiecastelli.com/pub/thebat/rc6/ and
the file name ist 20041011_TBinstall.log (file size: 301 kb).
(...)
EC Any feedback is welcomed.
Sorry for the delay.
On the multiple entries in the ARP: seems to be a known issue that
Maxim took care of today. You log shows the following:
MSI (c) (BC:D0): Product Code from property table before transforms:
'{1E599622-0C67-4256-946D-56B8FB4A2723}'
MSI (c) (BC:D0): Product Code from property table after transforms:
'{1E599622-0C67-4256-946D-56B8FB4A2723}'
MSI (c) (BC:D0): Product not registered: beginning first-time install
So this seems to have been a RL issue.
I also know the code level (as announced by the MSI package:
1: The Bat! (Professional Edition) {79F4440D-2209-4882-BB43-460A926BE3E4} 1033
3.0.0.4 ***Related***
The UNKNOWN entries seem to be registration entries and, as a result,
also a RL issue; the install progress shows that MSI found most of the
files already in place, and at the correct level (mostly checksum
compares, since most of the files do not seem to carry version
information.
All in all, it does not seem to be very broken. Also, the log is clear
that installation eventually ENDED. But... you report 100% CPU after
installing TB!, and I can see the installation ending in your log.
*IF* you see 'msiexec.exe' eating up your CPU resource, THEN it stands
to reason this is not TB!'s issue, but (alas) Microsoft.
One chance: download and try to install the Latest Greatest MSI
(it's your call to upgrade to V3 (if you are running XP) or maintain
V2 (which is what you are running right now). I would only go V3 on XP
-- right now.
--
..hggdh..
Using The Bat! v3.0.1 and BayesIt! 0.7.3 on Windows 2000 5.0 Build 2195
Service Pack 4
pgpR3ASI7YKPi.pgp
Description: PGP signature
Current beta is 3.0.1 RC/7 | 'Using TBBETA' information:
http://www.silverstones.com/thebat/TBUDLInfo.html
IMPORTANT: To register as a Beta tester, use this link first -
http://www.ritlabs.com/en/partners/testers/
Re: Ritlabs Drops MSI Bomb THen Takes The Weekend Off
Hello Eddie, Tuesday, October 12, 2004, 12:14:08, you wrote: EC Where do you see I'm using v2? EC No I where always using v3rc5 now rc7 on a W2kSP3. Sorry Eddie, I meant Microsoft Installer V2, not TB! V2. You are running this (MS Installer): === Verbose logging started: 11.10.2004 20:33:07 Build type: SHIP UNICODE 2.00.2600.02 Calling process: C:\WINNT\system32\msiexec.exe === This is pretty recent. Mine says 2.00.2600.1183 (which means, *if* Microlost is indeed using the last number as revision) I am just about 1181 updates in front of you. If this is true (which I do NOT know) trying to update the Installer may help. Or not. rant I simply HATE MSIs. MS has succeded in creating a monster. And, as usual, they tied it up with Windows and the AD architecture, so... Even more, there's scarcely any documentation available for the Installer, the errors are not documented, and sometimes it screws up badly. A good idea that got out of control. Ah well. Such is life in the MS lane. /rant Since you are running W2KSP3, keep on V2 of the Installer. Additional note: I simply cannot find an Installer with a similar version number as mine on the Microsoft site. My guess (and this is a GUESS) is that I got mine because this machine has the MS Platform SDK installed. And... the file date is 2003, as opposed to the one you can download from MS (2001). But... who knows? But, back to your problem. If you are running BayesIt!, and it is not at version 0.73, it might be a good idea to upgrade it. There are some steps you might have to perform if you upgrade from 0.71 or previous, but I do not have the details with me anymore. Every time I had a high CPU on TB!, I found it was caused by a plug-in, not TB! itself. -- ..hggdh.. Using The Bat! v3.0.1 and BayesIt! 0.7.3 on Windows 2000 5.0 Build 2195 Service Pack 4 pgpqaNcPmXIQi.pgp Description: PGP signature Current beta is 3.0.1 RC/7 | 'Using TBBETA' information: http://www.silverstones.com/thebat/TBUDLInfo.html IMPORTANT: To register as a Beta tester, use this link first - http://www.ritlabs.com/en/partners/testers/
Re: Ritlabs Drops MSI Bomb THen Takes The Weekend Off
Eddie Castelli wrote: msiexec /I TheBat.msi /lv* c:\temp\the_bat_install.log I tried this one but get an error: Error 1719: The Windows Installer Service could not be accessed. This can occur if you are running Windows in safe mode, or the Windows Installer is not correctly installed. Contact your support personnel for assistance. How can I get over it? I hope you are running W2K or XP -- I have stopped using Win9x/ce a long time ago. It sounds like your Installer is either disabled, or bad. On W2k/XP, the Windows Installer service has to be enabled. Go to Computer Management/Services, and look for Windows Installer. It should be set to manual under Startup type. Another option is to download and install the current version of Windows Installer . For V2, this is the link on Win9x/ce: http://www.microsoft.com/downloads/details.aspx?displaylang=enFamilyID=CEBBACD8-C094-4255-B702-DE3BB768148F and this is the one for Win2K: http://www.microsoft.com/downloads/details.aspx?displaylang=enFamilyID=CEBBACD8-C094-4255-B702-DE3BB768148F Regards, ..hggdh.. Current beta is 3.0.1 RC/7 | 'Using TBBETA' information: http://www.silverstones.com/thebat/TBUDLInfo.html IMPORTANT: To register as a Beta tester, use this link first - http://www.ritlabs.com/en/partners/testers/
Re: Visual RegExp debugger in BayesIt 0.6.4
Hello Alexey, Saturday, September 18, 2004, 10:04:48, you wrote: ANV Hello, tbbeta. ANV As I already said before in some letters (one of them was sent to TBTECH), this ANV version of BayesIt includes visual RegExp debugger. It was realized about month ANV ago, however I've received no suggestions and bugreports about it (I think, ANV because nobody tried it). OK. I created a simple RE (which, BTW, did not need to be that long, but test is test): ^Received[:].+[(]misconfigured\ssender[)] Set the back list to match, case sensitive, working on the headers, and applied it. Here's the result (BayesIt! 0.6.4): 18.09.2004 20:02:22 Black list was loaded successfully 18.09.2004 20:02:22 Beginning of preloading ignore list... Number of loaded ignore list rules: 0 18.09.2004 20:02:22 Ignore list was loaded successfully 18.09.2004 20:14:10 Beginning of preloading black list... Rule: SMTP configuration Can't initialize regular expression's library Number of loaded black list rules: 0 Number of errors in the black list of rules: 1 18.09.2004 20:14:10 Black list was loaded successfully I also tested the RE with The Regulator, using as input the headers of a spam I received. It matched correctly. Additionally, on the White/Black list Editor: if I click on the RegExpbutton, I get an access violation, and TB! does not respond anymore, forcing me to kill it. I get a pop-up titled The Bat! stating Access violation at address . Read of address .. Cheers, -- ..hggdh.. Using The Bat! v3.0.0.15 on Windows 2000 5.0 Build 2195 Service Pack 4 Current beta is 3.00.15 | 'Using TBBETA' information: http://www.silverstones.com/thebat/TBUDLInfo.html IMPORTANT: To register as a Beta tester, use this link first - http://www.ritlabs.com/en/partners/testers/
Re: BayesIt 0.6.21 (bugfix)
Hello Alexey, Thursday, September 9, 2004, 16:45:19, you wrote: ANV - a little correction which caused a heap of bugs since MS VC runtime library is ANV NOT fully compliant to ANSI C++ standart. - Please, review all latest bugs in Huh, well, come on, Alexey -- did you really expect Microsoft to be *compliant* with a standard ;-) ? -- ..hggdh.. Using The Bat! v3.0.0.11 on Windows 2000 5.0 Build 2195 Service Pack 4 Current beta is 3.00.11 | 'Using TBBETA' information: http://www.silverstones.com/thebat/TBUDLInfo.html IMPORTANT: To register as a Beta tester, use this link first - http://www.ritlabs.com/en/partners/testers/
Unhandled exception: TheBat! (NTDLL.DLL) V3.0.0.8
One more. I find it disturbing that test versions do not have debug information set on the modules. ..hggdh.. unhandled exception in TheBat.exe (NTDLL.DLL): Access Violation call stack: NTDLL! 77fcc2c0() MSVCRT! 78001532() MSVCRT! 780014cf() Registers: EAX = 0007002E EBX = 0003 ECX = 00080002 EDX = 0090 ESI = 0328C098 EDI = 0147 EIP = 77FCC2C0 ESP = 0F60F4F8 EBP = 0F60F6C4 EFL = 0212 MM0 = 01883A81 MM1 = 77F81F550355FB30 MM2 = 77FCC71E0355FB40 MM3 = 77FCC644 MM4 = MM5 = 01477954 MM6 = 01883A800355FB0C MM7 = 04BD1388 XMM0 = 00137FFD8C0077F81F000355F8C8 XMM1 = 77F87C9A00087FFD8C45 XMM2 = 0355FAAC7C5783280001006E XMM3 = 014777F82A8C00110355FB60 XMM4 = 0355FB380328F5700011014709B8 XMM5 = 77F82AD077F81F550355FD280900 XMM6 = 014709B877FCC1D00355FD38 XMM7 = 77F82A8C0080 CS = 001B DS = 0023 ES = 0023 SS = 0023 FS = 0038 GS = OV=0 UP=0 EI=1 PL=0 ZR=0 AC=1 PE=0 CY=0 00080002 = XMM00 = +6.28807E-037 XMM01 = +1.00650E+034 XMM02 = +1.#QNANE+000 XMM03 = +1.74487E-039 XMM10 = +9.66896E-044 XMM11 = +1.#QNANE+000 XMM12 = +9.18366E-040 XMM13 = +1.00798E+034 XMM20 = +1.54143E-043 XMM21 = +1.40130E-045 XMM22 = +4.47602E+036 XMM23 = +6.28828E-037 XMM30 = +6.28836E-037 XMM31 = +2.38221E-044 XMM32 = +1.00668E+034 XMM33 = +3.65505E-038 XMM40 = +3.65575E-038 XMM41 = +2.38221E-044 XMM42 = +4.96525E-037 XMM43 = +6.28835E-037 XMM50 = +3.22859E-042 XMM51 = +6.28857E-037 XMM52 = +1.00650E+034 XMM53 = +1.00669E+034 XMM60 = -1.#QNANE+000 XMM61 = +6.28858E-037 XMM62 = +1.02530E+034 XMM63 = +3.65575E-038 XMM70 = +0.0E+000 XMM71 = +1.79366E-043 XMM72 = +0.0E+000 XMM73 = +1.00668E+034 MXCSR = 1F80 ST0 = -0.15707039052971686e+4505 ST1 = +5.01178111714122294e+1235 ST2 = +0.0e+ ST3 = +0.0e+ ST4 = +0.0e+ ST5 = +0.0e+ ST6 = +0.0e+ ST7 = -0.005872769e+4539 CTRL = 027F STAT = TAGS = EIP = CS = DS = EDO = Using The Bat! v3.0.0.8 on Windows 2000 5.0 Build 2195 Service Pack 4 pgpm55d6NzvsW.pgp Description: PGP signature Current beta is 3.00.08 | 'Using TBBETA' information: http://www.silverstones.com/thebat/TBUDLInfo.html IMPORTANT: To register as a Beta tester, use this link first - http://www.ritlabs.com/en/partners/testers/
Re: Install suggestion
Hello Ethan, Monday, September 6, 2004, 13:59:04, you wrote: What about going back to a previous version, which is currently possible by just exchanging the EXE? EJM Excellent questions. In the example given, Word Perfect, one does not EJM go back to a previous version. However, that sounds like it may be an EJM important feature for RIT labs. I do not think it is possible dur to the way Installer works (or does not work, whatever). There is another wyu to do this: when running the install, TB! is put in a directory that has the version/release in the name (like 'Program Files\TheBat!\V3.0.00'). Also, the Installer code will ask if you want to upgrade in place, or upgrade and maintain the previous install. If you decide to upgrade in place, then the privous version is removed; otherwise, it is completely kept in. Then, it is up to you which version you want to use. Obvious, there are some potential issues on compatibility. -- ..hggdh.. Using The Bat! v3.0.0.7 on Windows 2000 5.0 Build 2195 Service Pack 4 Current beta is 3.00.07 | 'Using TBBETA' information: http://www.silverstones.com/thebat/TBUDLInfo.html IMPORTANT: To register as a Beta tester, use this link first - http://www.ritlabs.com/en/partners/testers/
Re: MSI installer
Hello John, Friday, August 27, 2004, 13:04:02, you wrote: JS Just downloadedthe beta 8 msi. It complains that another version is JS already installed. Is this normal. Will not install unless I JS uninstall TB!. Yes, this is normal. If the product program Id is the same, a new version of the MSI will only be installable if the previous is removed. Usually, program Ids are only changed between version/releases. So... if you installed TB! 2.13 Beta x as an MSI, I would not expect the program Id to have changed. So... save your data, un-install TB!, re-install with the new Beta, restore your data. -- ..hggdh.. Using The Bat! v2.13 Lucky Beta/8 on Windows 2000 5.0 Build 2195 Service Pack 4 Current beta is 2.13 Beta/8 | 'Using TBBETA' information: http://www.silverstones.com/thebat/TBUDLInfo.html IMPORTANT: To register as a Beta tester, use this link first - http://www.ritlabs.com/en/partners/testers/
Re: MSI Installation
Hello Greg, Saturday, June 12, 2004, 3:09:09 PM, you wrote: GS I tried this with NO luck. Still have doulble entries in Add/Remove GS programs for TB in the control panel. GS Any other ideals? XTeq X-Setup allows you to delete extra uninstall entries in the add/remove programs -- http://www.x-setup.net/ Also good to clean up MSI installs is the Microsoft Installer Clean-up Utility -- see http://support.microsoft.com/default.aspx?scid=kb;en-us;240116 -- ..hggdh.. Using The Bat! v2.11.02 on Windows 2000 5.0 Build 2195 Service Pack 4 Current beta is 2.11.04 | 'Using TBBETA' information: http://www.silverstones.com/thebat/TBUDLInfo.html IMPORTANT: To register as a Beta tester, use this link first - http://www.ritlabs.com/en/partners/testers/
Re: Dr. Watson was - Re: Spontaneous shutdowns
Hello Leif, Thursday, June 3, 2004, 12:36:21 PM, you wrote: LG Do people actually disable Dr. Watson? I know you can, but I've not LG heard of anyone actually doing it. I know in XP, people disable the LG notification, but I don't think that actually disables Dr. Watson. It is not actually disabling it, but DrWatson comes in with some defaults set -- including the number of same errors to report. In other words, by default, DrWatson auto-disables after some set number of same errors. Of course, it can also be set *not* to save any errors. One should run drwtsn32.exe to set it up and/or clear it up. -- ..hggdh.. Using The Bat! v2.11.02 on Windows 2000 5.0 Build 2195 Service Pack 4 pgpkfzTDUPLv3.pgp Description: PGP signature Current beta is (none) | 'Using TBBETA' information: http://www.silverstones.com/thebat/TBUDLInfo.html IMPORTANT: To register as a Beta tester, use this link first - http://www.ritlabs.com/en/partners/testers/
Re[2]: Un-sending messages (was: Untrimmed reply, was: IMAP interfering with ...)
Hello Marcus, Sunday, April 11, 2004, 12:54:12 PM, you wrote: MO My first thought was this was a joke. (snip) MO A less technical skilled user might not MO understand the difference between sending message within one Exchange MO server and between different mail servers (no offence hggdh, I still MO think you were joking). Indeed I was joking. -- ..hggdh.. Using The Bat! v2.05 Beta/16 on Windows 2000 5.0 Build 2195 Service Pack 4 Current beta is 2.05 beta 16 | 'Using TBBETA' information: http://www.silverstones.com/thebat/TBUDLInfo.html IMPORTANT: To register as a Beta tester, use this link first - http://www.ritlabs.com/en/partners/testers/
Re: Temp files of The Bat
Hello all, Some comments on temporary files, that may (or may not :-) help. 1. Sound programming practices recommend a program to clean up it's own temporary files. AFAIK TB does it. 2. The same programming pratices suggest that a program's temporary files are to be created in a known place (for example, a subdirectory of the system temporary space), and that the user's access controls are to be enforced. 3. But... we all know that things can go wrong. So now kicks in 4. sound sysadmin practices recommend that the system temporary space should be cleared every so often. With that in mind, it seems to me that the best for TB is to create it's temp files under it's own temp space; if this is a multiple user TB, then each user should have it's own private space, and Windows access control should follow the user's permissions. Also, if TB is to use a private temporary space, then... the best is for TB to clean up the temp space on start-up. If TB keeps on using the system temp space, then it's the sysadmin responsibility to create a script to clean it up every so often. -- Best regards, hggdhmailto:[EMAIL PROTECTED] pgp0.pgp Description: PGP signature Current beta is 2.03 Beta/47 | Using TBBETA information: http://www.silverstones.com/thebat/TBUDLInfo.html IMPORTANT: To register as a Beta tester, use this link first - http://www.ritlabs.com/en/partners/testers/
Re[3]: Temp files of The Bat
Hello Luigi, Saturday, January 24, 2004, 12:06:58 PM, you wrote: LR Hello hggdh, LR Saturday, January 24, 2004, 7:01:47 PM, you wrote: h With that in mind, it seems to me that the best for TB is to create h it's temp files under it's own temp space; if this is a multiple user h TB, then each user should have it's own private space, and Windows h access control should follow the user's permissions. LR Under Windows (and not only under Windows) is better to ask the Operating LR System where the temporary files directory is, instead of creating temp dir LR around the file system and have the SysAdmin hunt down temp files! :-)) LR Ciao, LR luigi This is why I suggest it's the program's responsibility to provide for the clean up or private temp space :-) -- Best regards, hggdhmailto:[EMAIL PROTECTED] pgp0.pgp Description: PGP signature Current beta is 2.03 Beta/47 | Using TBBETA information: http://www.silverstones.com/thebat/TBUDLInfo.html IMPORTANT: To register as a Beta tester, use this link first - http://www.ritlabs.com/en/partners/testers/
