WLM Safe 5.0 won't install - Printable Version
-Shoutbox (https://shoutbox.menthix.net)
+-- Forum: MsgHelp Archive (/forumdisplay.php?fid=58)
+--- Forum: Messenger Plus! for Live Messenger (/forumdisplay.php?fid=4)
+---- Forum: Scripting (/forumdisplay.php?fid=39)
+----- Thread: WLM Safe 5.0 won't install (/showthread.php?tid=96751)
WLM Safe 5.0 won't install by nusilmar on 02-11-2011 at 03:30 PM
I have WLM2011 with Plus!5.00.0.702
I'm trying to install WLM Safe 5.0 and every time i start WLM2011 it opens WLM Safe - Setup.
I define my settings and click install, a second window appears ( title WLM Safe - Loading) saying Status : Begin Installation but it hangs in about 1/8 of the evolution bar and stays there. My only available option is Close. If i close the WLM Safe Setup every time i start WLM2011 the WLM Safe Setup starts again.
I have Windows 7 Ultimate with Microsoft Security Essentials.
Any help ??
Nusilmar
RE: WLM Safe 5.0 won't install by Sunshine on 02-11-2011 at 04:18 PM
WLM Safe? Do you mean this one: http://www.wlmsafe.com/
I doubt that script has been updated to work with Messenger Plus! 5, you may want to contact the author of that (if you can find a way to do so...I don't see any on the website 
).
RE: WLM Safe 5.0 won't install by nusilmar on 02-11-2011 at 04:24 PM
quote:
Posted by Sunshine - Today at 04:18 PM
WLM Safe? Do you mean this one: http://www.wlmsafe.com/
I doubt that script has been updated to work with Messenger Plus! 5, you may want to contact the author of that (if you can find a way to do so...I don't see any on the website ).
yes , version 5.0.5 that is available on scripts download page of Plus!.
But if this is not a Plus!5 version then moderator may close this thread.
RE: WLM Safe 5.0 won't install by Menthix on 02-11-2011 at 04:31 PM
quote:I haven't tested this script with Plus! 5.0 and/or Live Messenger 2011. It might be working with WLM 2009 only. I'll test it tonight and let you know.
Originally posted by nusilmar
But if this is not a Plus!5 version then moderator may close this thread.
Thanks for the info.
RE: WLM Safe 5.0 won't install by Hank on 02-11-2011 at 10:26 PM
wont even download for me to test it
RE: WLM Safe 5.0 won't install by foaly on 02-11-2011 at 10:33 PM
quote:download link redirects to the old script database...
Originally posted by Alias
wont even download for me to test it
you can download it from the new database here:
http://www.msgplus.net/Downloads/Download-Details/DocumentID/8364/
script installs fine, but it starts it's own installation which doesn't seem to work...
RE: WLM Safe 5.0 won't install by Hank on 02-11-2011 at 10:44 PM
the installation of the script just hangs this is on WLM2011 MP5
RE: WLM Safe 5.0 won't install by CookieRevised on 02-12-2011 at 12:55 AM
1) The script is indeed not compatible with Plus! 5.
That is, it would have been compatible if there weren't some bugs in it in regards to the version number....
And I suppose more scripts might suffer from the same kind bug/assumption.
It has to do with assuming that the Plus! version number always has a number after the decimal point. Of course, since this is verion 5.0, the numeric value is just "5" and no decimal point is present.
var plsver=MsgPlus.Version.toString().split(".");
plsver=plsver[0]+"."+plsver[1].substr(0,2);
=> plsver[1] is empty since there is no number after the decimal point
As a result it fails to even install properly.
2) It uses deprecated online services
3) It has other bugs too, which makes it that many functions wont work properly, even if it did install*.
* note that nothing needs to be installed. It simply needs to set some options. As such, the whole behaviour of its windows and when they are shown and a forced close of Messenger etc, is all seriously not needed imho, and could be seen as bad practice.
4) The numbers of virusses, threats and spam shown on its hompage is unbelievably extremely exaggerated!! It only detects a handfull of possible malware messages.
5) Other than that, the idea of it is nice and it might serve some purpose, but the whole exaggerated stuff (both in how it is presented, what it can detect, and in its behaviour) leads to a serious false feeling of protection imho.
PS: The fact that it wont install properly is a good thing imho, because of the reason below.
------
But more importantly:
That script might be an invasion of privacy for the user and even for contacts
When you install or uninstall the script, your email address will be send to WLMSafe's database. There is no need at all for this script or service to send your email address to them!
And, emails of contacts might be send when the user reports those contacts, although I have not checked/traced this properly yet so I can be wrong with this. But if it was, it is not needed to explicitly send the email, instead the Windows Live ID hash can be send. This is a bit less accurate, but it preserves the privacy of the contact (in case the report was not legit).
------
Menthix, I realy think for scripts and stuff like this a very clear visible privacy warning should be placed on the script's download pages (in case you can still do something about that). Stuff like this has happened in the past too and it will happen for future scripts. People should at least _know_ that the script will upload private data like your email address (or your contact's email addresses in case it happens).
Personally I wouldn't even have allowed that script in the database until such issues were fixed (especially since it can be fixed by the author very easily anyways). Of course, I understand you can't check every script in detail, but you know what I'm getting at I hope 
quote:His alias is 'Webbolo!' ('wincy' on forums) and his email address can be found in the script's source file "wlmsafe.js"
Originally posted by Sunshine
you may want to contact the author of that (if you can find a way to do so...I don't see any on the website
RE: WLM Safe 5.0 won't install by Menthix on 03-07-2011 at 02:21 PM
Better late than never... now the online submission system is working I can change/delete items again. I removed WLM Safe from the database.
RE: RE: WLM Safe 5.0 won't install by wincy on 07-06-2012 at 10:06 AM
Hello guys,
I'm Webbolo!, the author of WLM Safe.
I was just checking my websites' invoices when i found wlmsafe.com, so I dediced to come back here, since I've been away for a long time.
This is the fact: WLM Safe was a project in which i really believed in, but i haven't had enought time to keep it up to date, so I unwillingly stop developing the new 6.0 version, which was already almost complete, in 2010.
@CookieRevised (just to clarify):
___________________________________
You're right, version 5.05 is not compatible with latest version of Plus! and it used some online good services, which unfortunately no longer exist now.
I thought that the idea of mimic a "setup window" was nice and I still do not see nothing wrong with this (keeping in mind that the process really does something - save parameters in database and activate the script online - and is not just a fake setup).
The number of viruses and threats is made up by the sum of the logs received in 2010,2011,2012 because i've never setup a deletion skeduled task on database, so it keeps adding data to the old online database in each month's table. The only correct parameter is the number of users: 614.853.
However i can ensure that version 5.05 malware detection was the most accurate possible. I developed a php script which analyzes the url received and detect weather it's bad or good with a small risk of false positive (when heuristic functionality is enabled, however, you get more links blocked).
quote:
5) Other than that, the idea of it is nice and it might serve some purpose, but the whole exaggerated stuff (both in how it is presented, what it can detect, and in its behaviour) leads to a serious false feeling of protection imho.
I have a database of thousand infected urls which used to be spread on WLM and I can ensure that nearly 600.000 users worldwide used to be automatically protected from these urls, so WLM Safe does not lead to false feeling of protection (always imho).
Regarding the privacy issue you are right, there was no need to keep users' email adresses but i needed a unique id for detecting new installations and for statistical purpose and when developing version 5.05 I was not aware of the possibility of using Windows Live ID. However Warmth (a developer on this forum) pointed up this and I used the ID in version 6.0, which is still in a drawer.
Note: Only the email of the user is stored. Email of contacts are not send.
___________________________________
That's all. I put my best effort and lot of passion in WLM Safe development, but I face the fact that the script is no longer usable and that's why I understand your decision to remove it from the Scripts' database. However I think that security is one of the most important things and would be nice if someone decide to develop something like WLM Safe (maybe starting from the new 6.0 source code).
I just saw that now Plus! is compatibile with Skype (which I now use more than Windows Live Messenger), but i'm not aware of its security issues (that is to say, I'm not sure if a WLM Safe version is still useful).
P.S: Sorry for my bad english.
Thanks,
Webbolo!
RE: WLM Safe 5.0 won't install by Spunky on 07-06-2012 at 10:44 AM
quote:
Originally posted by wincy
However I think that security is one of the most important things and would be nice if someone decide to develop something like WLM Safe (maybe starting from the new 6.0 source code).
If you want to send me the source code, I can send you my e-mail in a PM. This might be something worth looking at. Obviously I would still credit you for your work
RE: WLM Safe 5.0 won't install by CookieRevised on 07-07-2012 at 12:23 AM
quote:Security is indeed one of te most important things. Hence why it is also very important to make such detectors in the correct way. Which means minimize the risk of false positives (which wasn't a problem with WLM Safe), but also to minimize the false feelings of protection (which was a big issue).
Originally posted by wincy
That's all. I put my best effort and lot of passion in WLM Safe development, but I face the fact that the script is no longer usable and that's why I understand your decision to remove it from the Scripts' database.
However I think that security is one of the most important things [...]
Yes the setup-like dialog looked nice, but it had no place in this script. The whole design of the script made it so that it looked like it did quite a lot more than it actually did and that it protected you from extremely many things; while in fact it did not. Remember that a false feeling of security is very quickly created with the general user; people are easily fooled.
And on top of that there was the privacy invasion... Which in the end all lead to removal from the DB.
Bottom line is that creating a security oriented product is not that easy at all and way more difficult than it sounds. And I'm not talking about the actual detection process, but how it is presented. Detecting some bad URLs is one thing, even the easiest thing if you whish. How you present the whole thing to the user is quite something else. And because security starts with the mind set of the user (and NOT with what your product can do!* ), it is actually very vital to have your interface and design of the product spot on and to the point, nothing less, but absolutely also nothing more!
So, loose the setup-like dialogs making people believe "oooh! It installs quite a lot and does some fancy eye candy! So this thing must be very inteligent, great, smart, checking with some advanced tools etc, and thus will protect me from everything bad people will send to me. I'm safe now..." and instead make a simple, but still nice looking, message dialog stating exactly what the script does (checking some known URLs, nothing more, nothing less) and give a warning that unknown bad URLs might still slip thru. And you will have a cracking product!!
And make sure your numbers are correct of course
And talking about numbers.... the number of users don't say a thing about how safe or correct your detection is. It only gives an indication of how popular it is... Even a bad and fake, but nice looking, thing might get very popular.. .so....
------
* There is quite a good analogy here which most people would understand: teach people to wear a seatbelt and drive safety and follow the traffic rules, instead of inventing all kinds of (electronic) stuff which make them believe they are safe and can do whatever they want.