Comments for Gareth Jones

Comment on Currys will price-match their competitors, but not their own website by Gareth

Gareth — Wed, 21 Jul 2010 11:30:53 +0000

@Llinos Yeah, awesomely stupid! I couldn't believe it! You could tell the guy was pretty embarrassed by the situation because even he could see how stupid it was.

Comment on Currys will price-match their competitors, but not their own website by Llinos

Llinos — Wed, 21 Jul 2010 11:22:51 +0000

That is AWESOME!!!! love it! lol

Comment on Why Microsoft doesn’t let you use unofficial hard drives in the Xbox 360 by Llinos

Llinos — Wed, 21 Jul 2010 07:44:53 +0000

lol

“We don’t have details on that decision but it is not for that reason”

Comment on DCOMsoft SWF Protector 3 by Magus

Magus — Fri, 09 Jul 2010 01:06:26 +0000

Nope. No new algorithms in there. Just 8 bits of junk:
http://blog.swfdecrypt.com/2010/07/swf-protector-3-0-are-you-kidding-me/

Comment on Switching from Zinc to SWF Studio by Grinny

Grinny — Fri, 02 Jul 2010 04:14:27 +0000

Every now and again I get a client request for some kind of desktop app. I download a new version of Zinc, thinking that perhaps things will be better, work, work, work, type, type, type, $@%#, %$$#, @#$%! Wasted time, missed deadlines.

Zinc is the most horrendous collection of fimicolous crawling maggotisms to ever be foisted. I drop by the forum and see the same old issues repeated again and again by new users, for bugs that I remember having to work around years ago. The thing that gets me is that MDM have released a new platform targeting AIR (Inferno), instead of fixing the bugs in Zinc. Sorry for the rant. I’m just now trying to get a simple desktop app to play FLVs on a Mac, just like I tried two years ago – it didn’t then, doesn’t now! …off to try Haxe/SWHX.

Comment on DCOMsoft SWF Protector 2 by Gareth

Gareth — Wed, 30 Jun 2010 13:34:10 +0000

@NotSoHappyCustomer I'd agree that the way the application simply closes without warning on an invalid key gives a poor user experience. DCOMsoft seem sure that this is the intended behaviour, but it's either a bug or a really stupid design choice in my opinion. A simple error message would have been enough to alert a legitimate customer to the error without giving crackers any help. On a different matter, I see you've commented on the review for version 2.0 of the software - is that what you're using? Version 3.0 was released last week and is reviewed here.

Comment on DCOMsoft SWF Protector 2 by NotSoHappyCustomer

NotSoHappyCustomer — Wed, 30 Jun 2010 08:48:26 +0000

@Alexandre
The bug which closes the program with no warning at all when entering a registeration key incorrectly?
That’s bloody pathetic, hate it when companies care more about keeping themselves safe than their legit customers.
I recently purchased this program and received my registration key, but it’s not working – the program just closes but it should be a legit key considering it came from the official E-Mail, but no – they gave me a defect and I’m not sure if it works or not because the program just closes. That’s extremely awful GUI design.

Comment on Are DComSoft and Eltima the same company? by Gareth

Gareth — Fri, 30 Apr 2010 13:42:44 +0000

@makc

Hi Makc

That’s pretty much what I’m saying, yeah. I’m not sure I’d include a deobfuscator in the same league as drugs and guns, but sure enough if one company stopped making them, someone else would take their place. Why? Because the demand is there.

If a single company decides to make both a security product and a hacking product then I’m fine with that – I just wouldn’t personally buy the security product if it was circumvented by the hacking one. In fact, I wouldn’t buy any security product if it could be circumvented, no matter who the author was.

The type of security employed by SWF protectors seems to be limited to either a) making the SWF incompatible with deobfuscators so that they can’t be opened; and b) actually editing the code so that while the SWF can be opened, the code within is useless to human eyes.

As we’ve seen, the former security type is easily circumvented by nothing more than changing some bytes in the file. The latter method however is less susceptible to breaking because (if done properly) it’s not possible to reverse the obfuscation process.

I’d suggest that any security product that properly obfuscates your code is worth your money (comparisons aside), while any product that relies on simply editing the file’s header so that it can’t be opened in a decompiler is not, as it won’t take long for decompilers to be updated to take that new header into account.

Whether SWF Protector 2 and Trillix are made by the same company or not, if Trillix can’t make any use of SWFs that have been obfuscated by the former application then I don’t see what the problem is.

Comment on Kindisoft SecureSWF by Rosario

Rosario — Fri, 30 Apr 2010 10:12:36 +0000

Here is an interesting thing… I was browsing dcomsoft website, software screenshots and found that Mac version GUI is different from Linux and Windows…
http://www.dcomsoft.com/images/screenshots/smb.jpg
Weird, but there is a button “add SWF/SWC” on mac version… in other there is nothing about SWC. Going to install both version and test them.

You reviews are very interesting, but it would be nice to mention about available OS platforms for each of the tools.

Comment on Kindisoft SecureSWF by Rosario

Rosario — Fri, 30 Apr 2010 09:57:01 +0000

>So you’re against them but you spent half of your post writing about them and advertising them? Interesting.

I did not advertise them. Just some overview for people to know.

>I searched for SWF Reader and found that it isn’t freeware at all.
Ooops… You are right. Sorry.

>and more than SWF Encrypt and SWC Encrypt combined
SWC is just a zipped format of SWF. You may change extensions from .swc to .zip uncompress it and find the SWF file within. Then probably the SWF file could be simply obfuscated.