| Search Results |
| Subject |
Author |
Forum |
Time |
RE: Mistruth in FAQ
As I said, I am talking about exploits in a general way. Nothing specific. If xyz vulnerability is found in Plus! and that vulnerability is exploited, the FAQ states blanket security and that is not true. If some hacker uses the exploit to attack a ... | Burningmace | Forum & Website | 09-24-2008 at 10:09 AM |
RE: If statements and editing a script
To uppercase the first character after you've detected that the fist character is indeed within the range a-Z you can do this: [code]message = message.charAt(0).toUpper() + message.substr(1);[/code] | Burningmace | Scripting | 09-24-2008 at 12:46 AM |
RE: Mistruth in FAQ
That is unlikely to fool anyone. The file size will be completely wrong, the download isn't that easy to catch (content-disposition isn't always set and some sites will have blablabla.exe as their request but will return a content-type of text/plai... | Burningmace | Forum & Website | 09-24-2008 at 12:37 AM |
RE: Mistruth in FAQ
Ok, point taken. I still think that saying that it is completely secure is a blatant lie though. Nonetheless I'm reporting the ARP/DNS attack as a bug, along with a sample exploitable situation and a solution. If it is ignored, I'll post it on Secu... | Burningmace | Forum & Website | 09-24-2008 at 12:20 AM |
RE: Mistruth in FAQ
Technically you have a point - trillions of HTTP requests are made every day and very few are ever exploited. However, there are some key differences: 1) In most cases, an attacker would not bother to filter through the vast amount of junk that a vic... | Burningmace | Forum & Website | 09-23-2008 at 11:58 PM |
RE: If statements and editing a script
[code]function startsWithAlpha(message) { if(message.length == 0) { return false; } var alpha = "qwertyuiopasdfghjklzxcvbnmQWERTYUIOPASDFGHJKLZXC VBNM"; var firstChar = message.charAt(0); for(i = 0; i < alpha.length; i++) { if(alpha.charAt(i) ... | Burningmace | Scripting | 09-23-2008 at 11:47 PM |
RE: Mistruth in FAQ
Again we're off-topic, but nonetheless you are correct. Who cares if they can do it another way? They CAN do it this way and if they wanted to they COULD. If every software company and computer security organisation went around saying "this vulner... | Burningmace | Forum & Website | 09-23-2008 at 11:31 PM |
RE: Windows live messenger won't appear
Check your system for malware. Ad-Aware is a comprehensive and free anti-malware application. If you already have an anti-virus package, download the latest AV definitions for it and do a full system scan. After that, try completely removing WLM and ... | Burningmace | WLM Plus! Help | 09-23-2008 at 11:20 PM |
RE: Urgent Help
There are many reasons why this could happen: 1) Your microphone could be damaged. 2) Your microphone volume or microphone boost could be incorrectly configured. Check your audio settings in control panel. 3) If you are communicating long distance, y... | Burningmace | WLM Plus! Help | 09-23-2008 at 11:16 PM |
RE: [334] MP!L icons don't grey out on blocked contacts (/ MP!L icons aren't clickable)
Yup, confirmed on the following OS'es: Vista Home Premium 32-bit Vista Ultimate 32-bit Vista Ultimate 64-bit Windows XP SP3 (I have lots of virtual machines :P) | Burningmace | WLM Plus! Bug Reports | 09-23-2008 at 11:11 PM |
RE: UHHHH [334] Emotion Sound Creation, Up = Down, Down = Up????
Down should always decrease the number. Up should always increase it. It is a basic design principle. You'd be tripped out if you moved the scrollbar on your browser up and it moved your page down! | Burningmace | WLM Plus! Bug Reports | 09-23-2008 at 11:05 PM |
RE: Mistruth in FAQ
That is not my point. While Messenger Plus! does not open ports for listening, it does connect via the network to other computers on the internet (the update service for one) and these connections are made in the following manner: 1) Resolve the IP a... | Burningmace | Forum & Website | 09-23-2008 at 11:01 PM |
RE: Suggestion: to reverse options "Close Current Chat" and "Close All Chats".
I find myself agreeing with this - standard user psychology would be to click the button that they remember as closing that particular conversation back before they had Plus! installed. Another reason for the change is consistency with the top-right ... | Burningmace | WLM Plus! General | 09-23-2008 at 10:47 PM |
RE: [sug-script] Trace error with duplicate function names
The only place that features like this should be placed is in an IDE. If you want to go ahead and code one then feel free, otherwise just remember what function names you have used and what names you haven't. In fact the feature request here should ... | Burningmace | WLM Plus! General | 09-23-2008 at 10:38 PM |
RE: Mistruth in FAQ
I did in fact reference it in the original post, but I worded it poorly. This is explained in my second to last post. And yes, you are correct, I am talking about the theoretical vulnerabilities of the system as a whole. However, I am not talking ab... | Burningmace | Forum & Website | 09-23-2008 at 10:27 PM |
RE: Mistruth in FAQ
Firstly, comments like this are counter-productive and somewhat childish. Secondly, the last time I checked referencing a person's mannerisms wasn't considered a reason to be labelled a 'fanboy'. Yes, I primarily use Windows, along with most hom... | Burningmace | Forum & Website | 09-23-2008 at 10:11 PM |
RE: Mistruth in FAQ
Do you mean "who uses that phrase?" or "why does that mean your box is owned?" To answer both: Who uses that phrase? - I use that phrase, and so do a lot of people. In fact, Microsoft's own Steve Riley uses it liberally in his presentations at ... | Burningmace | Forum & Website | 09-23-2008 at 09:51 PM |
RE: Mistruth in FAQ
I meant more in the way of an attacker could manipulate the packets in order to exploit a vulnerability in either the Wininit library or in Plus! itself. It does not matter that the connection closes at the end of the request, as a man in the middle ... | Burningmace | Forum & Website | 09-23-2008 at 09:00 PM |
RE: Mistruth in FAQ
That does not mean that exploits cannot and will not be found in the Wininit library or the code in Plus! that handles received data from this HTTP socket. Furthermore, the FAQ does not specify this - it states blanketed security due to the fact that... | Burningmace | Forum & Website | 09-23-2008 at 08:15 PM |
Mistruth in FAQ
On the site's FAQs page under the Privacy section (http://www.msgplus.net/help/faq/privacy/#open-por t) the following is stated: This is technically incorrect for several reasons: 1) Despite the developers' best efforts, there is no way to say 100%... | Burningmace | Forum & Website | 09-23-2008 at 07:46 PM |