Author Archives: Mahmoud Al-Qudsi

pevents: a cross-platform Win32 events library

Posted on by Mahmoud Al-Qudsi
Reply

Threads-GitHubpevents, our implementation of Windows manual- and auto-reset events for Mac and Linux, is now officially pevents, our truly cross-platform win32 lightweight events library for Windows, Mac, Linux, and other platforms. We first released pevents way back in 2011, when we searched for and were unable to find an existing implementation of Windows events, the basic primitives for thread synchronization on Win32.

The *nix world has seen a lot of progress when it comes to non-blocking waits in recent years, but it’s very recently that purely event-driven libraries like epoll and kqueue have properly taken off. In the Windows world, it’s long-been possible to wait on filesystem and network events with WaitForMultipleObjects – a paradigm most Windows C/C++ developers are intimately familiar with. One thing that WaitForMultipleObjects (and pevents!) can also do rather neatly is wait on multiple mutexes, events, and/or semaphores simultaneously, unblocking when one or more (or all) are triggered or available.

Continue reading

Answers to password reset questions are passwords too — so why aren’t we treating them that way?

Posted on by Mahmoud Al-Qudsi
4

identity-theftIf you’re a developer working on or maintaining a website catering to the general public, chances are you’ve implemented some form of password reset via security question-and-answer into your site. How are you storing the answers to these questions in your database? Are you encrypting them? Storing the (hopefully cryptographic, salted) hashes? Or are you storing them plain text?

I can’t answer for you, but I can tell you that I’ve never used a system that didn’t leave tell-tale signs of storing these answers in plaintext. Here’s the thing – if it’s possible to use these answers to reset a password, then these answers, by extension, are passwords too.

In some ways, answers to password reset questions are more important than the password itself. With the password, an attacker can compromise and gain control of a user’s account. With the answers to security questions, an attacker can compromise a user’s entire online and offline security, steal their identity, and quite-literally ruin their lives. Think about it, these same questions (mother’s maiden name, childhood best friend, street you grew up on, where you were on New Year’s Eve of 2000) are the same questions every site asks you to confirm your identity and reset your password. They’re the questions your telephone banker asks before divulging account info or letting you wire money to an international account. They’re the questions that you’ll be asked when applying for a credit card to prove you’re who you claim to be.

Continue reading

iReboot 2.0.1 released

Posted on by Mahmoud Al-Qudsi
3

iReboot 2.0.1 is now available for download. This release addresses one critical issue and introduces one new feature. Under certain undetermined conditions, some versions of the .NET Framework would terminate the IPC connection between the iReboot taskbar agent and the helper service.

Continue reading

Hello iReboot 2.0!

Posted on by Mahmoud Al-Qudsi
2

About Everyone, please say hello and welcome to iReboot 2.0! Officially under beta since May 2010, iReboot 2.0 commemorates Pi Day 2015 with the spirit of less is more and simply brings fit and finish to an already rock-solid release.

iReboot is EasyBCD’s little helper: a simple and to-the-point taskbar icon that sits in your tray and gives you a right-click menu you can use to choose which OS to boot into. Done. iReboot 2.0 is designed with function and pragmatism in mind, and we’re proud to announce that the new 2.0 release just takes it that much further.

Continue reading

Life in a post-database world: using crypto to avoid DB writes

Posted on by Mahmoud Al-Qudsi
35

CryptoPossibly one of the biggest hurdles that stands in the way of fostering innovation and discovering newer and better techniques of doing old things is the ease with which developers and designers today can quickly research and find so-called “best practices.” While a quick Google search for “user table structure” or “best way to design password reset” can reduce (but never extinguish!) outlandish practices and horrific mistakes, it does nothing to encourage developers to think outside the box, and results in the perpetuation of less-than-optimal approaches.

To that end, there’s one thing in particular that virtually all documented approaches get wrong, and that’s writing to the database when you should be using modern cryptography instead. It might sound like a bit of a non-sequitur — after all, what does storing information have to do with cryptography when one usually exists only to supplement the other? Which is exactly right. Too often, you’ll find software writing to the database not because it needs to store something, but because it needs to guarantee something. Which is what cryptography is for.

Continue reading

Shop on Amazon.com with Bitcoins: AMZ Bitcoin

Posted on by Mahmoud Al-Qudsi
1

Amazon Bitcoin

Ever wanted to shop on Amazon.com with bitcoin? Well, now you can. AMZ Bitcoin is a service that lets you buy Amazon.com gift cards in exchange for bitcoins – any value, any time.

Unlike some of the other bitcoin websites around, AMZ Bitcoin does not rely on arbitrage or a peer-to-peer purchasing system to facilitate purchases on Amazon with bitcoin. Instead, AMZ Bitcoin allows users to instantly purchase Amazon vouchers of any value, which can then be redeemed online at Amazon.com like cash.

Continue reading

Windows 10 Recovery CD Free Download

Posted on by Mahmoud Al-Qudsi
186

Windows Flag 10With Windows 10 just around the corner, we’re mighty happy to report that our award-winning Easy Recovery Essentials for Windows is now currently available for absolutely free to all Windows 10 preview and RTM users.

 

Easy Recovery Essentials® for Windows, for those that haven’t tried it before, is a one-click disaster recovery CD for Windows that features 100% automated diagnostics and repair for Windows PCs. It’ll automatically go through an extensive battery of tests and diagnostics to solve all problems as it finds them (very quickly, too!) – all you have to do is boot from an EasyRE CD or USB stick, and select the OS you want to repair.

Continue reading

Everything you ever wanted to know about how your PC boots up

Posted on by Mahmoud Al-Qudsi
4

PC LoadingHave you ever wondered just what is it, exactly, that happens when you press that simple “power” button on your PC? How does your computer go from electricity reaching the power supply to the BIOS power-up sequence on your screen, how the computer checks attached disks and devices, and how it decides which to load from?

Or perhaps you’ve wondered what happens next, after your computer’s BIOS has chosen a drive and wants to pass control of your PC on to the target disk? What role does the MBR play in this process, and how does the core bootloader – a simple, single file sitting, forlorn, all on its lonesome in a plain-jane directory on your PC – wind up being executed and put in control of the madness that is the boot process?

Continue reading

Free up space on an iPhone by compressing your photo album

Posted on by Mahmoud Al-Qudsi
Reply

Most people that have had iPhones for more than a year or two have accumulated a massive amount of photos, at least several gigabytes in size. With iPhones still only shipping with a puny 16 GiB of storage by default (unless you pony up the $100 for a huge jump to the 64 GiB model with the iPhone 6/6+), Apple has been making a lot of money off of people looking to keep their photos and still have room to take more. But there’s another option: you can optimize and compress your existing photos to make them take up less space, and recover free space for your use.

Using the right tools and depending on the nature of your photos and images, you’ll be able to recover anywhere from 5% to 20% of your photo album size with these instructions!

Continue reading

Windows 10 Embedded Product Key Tool

Posted on by Mahmoud Al-Qudsi
103

Product Key ToolWe’re proud to introduce the immediate release of our newest utility for Windows users: the NeoSmart Technologies Embedded Product Key Tool. Designed for users of Windows 7, Windows 8, and Windows 10, our embedded product key tool will retrieve and display the Windows setup product key embedded in the BIOS or EFI, allowing you to store it for safe-keeping or use it to reinstall Windows with an official Windows setup image.

Continue reading