Wikipedia:Reference desk/Archives/Computing/2010 January 12

= January 12 =

source code
I have some source code files ending in .sln, .suo and .csproj. I'm told it's written in C#. What program do I need to open, edit and compile this source code into a workable program?? —Preceding unsigned comment added by 82.43.88.124 (talk) 00:36, 12 January 2010 (UTC)


 * You can open and edit them in any text editor, e.g. Windows Notepad. You need a C# compiler to make a program out of the source code, e.g. Microsoft Visual C# Express Edition, which I believe is free. --Andreas Rejbrand (talk) 00:41, 12 January 2010 (UTC)


 * You didn't mention having source code files ending in .cs, which are the actual C# program source files. The other files are essentially configuration files and user settings.  Without the .cs files, you have a book with no pages.  --  Tom N (tcncv) talk/contrib 02:40, 12 January 2010 (UTC)


 * Those appear to me to be the project files for Microsoft Visual Studio. As Andreas Rejbrand stated, Visual Studio Express is free.  As Tcncv stated, the .cs files are the source files you are missing.  Comet Tuttle (talk) 03:35, 12 January 2010 (UTC)
 * nice, thanks

Password cracking
When you sign up for a login on the internet, it has become common for there to be some kind of "password strength" indicator involved. Sometimes, it's just a character count, to make sure you don't have a password like "Q" or something, but other indicators are more elaborate. Our own article goes to some length to illustrate "good" and "poor" password types. I have a couple of questions: I realize this is an awful lot. There's a lot of stuff on the web, but it's unclear to me what stuff is over-the-top fear-mongering from "security" companies and what stuff is devil-may-care, no-worries advice by people who might not be as knowledgeable as they claim, so a recommended book or website would be just fine. Matt Deres (talk) 00:42, 12 January 2010 (UTC)
 * 1) Once you get past the easily guessable passwords like password or qwerty, how much risk really exists for someone to hack the password on a typical system, such as we use here on WP? I'm not a hacker-cracker type, but I've lurked around the net for a while and it's always seemed to me that most "cracking" was really more about psychology (phishing for someone's info directly) or espionage (trying to find a reference to it, like a piece of paper with the password on it).
 * 2) Assuming that you're not involved in nuclear secrets, how prevalent is it for a person's password to be literally cracked in the Hollywood style (i.e. brute force attack)?
 * 3) Our article says that p@ssw0rd and g0ldf1sh are "weak" while 4pRte!ai@3 and BBslwys90! are better and I don't understand the difference. Once you've started switching out letters for numbers, you've already forced the cracker to go beyond a dictionary-based attack and do a true brute-force attack, so what's the difference? Is p@ssw0rd considered weak simply because of the word used? I guess what I'm getting at is that I don't understand how a random word with random letters removed for numbers or symbols is less strong than a simple random collection of letters, numbers, and symbols thrown together. What kind of attack would find g0ldf1sh easier to crack than, say, s1fsl0gd?


 * p@ssw0rd is weak because it's just a dictionary word with a few simple substitutions from a very small table (l -> 1, o >0, s->$ etc.). So the attacker builds his dictionary by doing all possible such substitutions to all dictionary words; this multiplies the dictionary a few dozen times, but it starts out very small. To attack a website like Facebook they do indeed try to login to a given account with a huge range of passwords. They do so from a botnet (so there's no point in just blocking a few offending computers) and over a protracted period of time (months). It's not difficult for a website to detect this is being done (for any decent sized website it's being done all the time) but what to do?  The obvious countermeasure is to detect if a given account receives N unsuccessful logins over X minutes, and if so disable logins altogether for it for Y minutes. But the hacker is trying thousands or millions of accounts in parallel from thousands of botnet IPs, so few hit the N in X limit (unless X is very large). And a large X means a hacker can easily build a DDOS tool for a given account - so if Facebook user MattD pisses you off, you get the botnet to beat on his account until N in X is exceeded, and do this again and again, so the real MattD can never login.  Or just do this to random (or important, or prolific users) so they all complain to Facebook and Facebook is forced to make X bigger.   Now a second issue is the password database itself. If Mr hacker gets a copy of that (by hacking the authentication server, or from a disgruntled employee) then (if it was a naive list of account/password pairs) he knows everyone's password. The issue to worry about is that so many people use the same password for Wikipedia, Facebook, whatever. So most places don't store the password, but a hash of it, using a secure hash function like SHA. To attack this the hacker will typically run rainbow tables against it.  But truly the chief danger to online accounts isn't password guessing or brute forcing, or network interception, but keysniffing malware, which defeats password security entirely.  This has, for example, become a serious problem in World of Warcraft, were hackers persuade WoWers to install their malware, this sniffs the password, then the hackers hijack the accounts, strip the online characters of stuff they sell (for real money), and move on.  This, more than bad passwords, is likely to make websites which have stuff of value move to multi-factor authentication (WoW offers optional physical PRNG tokens, and is likely to make them mandatory sooner or later - sooner than most banks online services). -- Finlay McWalter • Talk 01:28, 12 January 2010 (UTC)


 * I don't know how prevalent brute forcing is—there are probably better ways to do it (malware and phishing be the obvious ones). I suspect brute forcing is a lot less prevalent than we'd expect, except for very limited dictionary attacks. (I remember some forum I was on, it was determined that many hundreds of users used the word "password" as their password.) If I were trying to get someone's password, I would use a carefully-constructed phish (or custom malware that wouldn't set off any virus detectors), especially if I knew them personally, I wouldn't use brute forcing. If I were trying to harvest millions of passwords, I'd do a couple simple dictionary attacks from a botnet (I am sure that if you tried "password" or "matt" or "michael" as passwords against all of Facebook, you'd get thousands of successful logins). But again—how prevalent? The raw numbers are probably high, though the chance of any individual getting their password brute-forced is probably extraordinarily low, assuming they are not a public figure or don't spend their time trying to piss of script kiddies. --Mr.98 (talk) 16:27, 12 January 2010 (UTC)


 * It depends on the motivation of the attacker. If he's just looking for any old account where he might find something interesting/profitable, he stands a better chance of doing simple tests (like "password" and "qwerty") against a large number of accounts than by doing a really intensive attack on one particular account.  But if (for example) you work for a company with sensitive material behind a password-protected VPN account or something - and if the bad guy works for an evil rival - then he's only interested in hacking into your account - and will brute force anything but the most screwed up non-wordlike mess.  So - it depends what you're protecting.  For some crappy facebook account with low-importance junk on it, you can probably get away with using the name of your cat and your birthdate "whiskers17" - for your home account which might unlock your PC and let the bad guy get to your amazon.com account and thereby to your credit card details...you're going to want something more like "wH1skazSevenTeen"...and if you work as a double agent for the KGB, I recommend "H#:D)UF>L52H#)dD*Fhj:LWSHKE%$#"...and a better memory than I have because you REALLY shouldn't write it down anywhere! SteveBaker (talk) 03:42, 13 January 2010 (UTC)
 * Although there are some that see writing down your passwords in a secure place as being the better of two evils. An argument something along the lines of "I know how to keep bits of paper secure, and it beats using one common password for everything".  TastyCakes (talk) 18:55, 14 January 2010 (UTC)

Interesting stuff, guys. Thanks for the clarification. Matt Deres (talk) 01:19, 14 January 2010 (UTC)

FastCGI and Catalyst
I know it's a long shot, but does anybody know how to use FastCGI and Catalyst? I can't seem to get them to work.

I built an example application using catalyst.pl as per this tutorial, and running the application as a stand-alone HTTP server works perfectly. However, I need to use it with Cherokee, and the only way I know to do that is to run it as a standalone SCGI or FastCGI server. Unfortunately, running either results in a blank page when tested alone, and a 503 HTTP error when tested with Cherokee.

Can anyone help?

Deshi no Shi (talk) 02:36, 12 January 2010 (UTC)


 * I don't know Cherokee specifically, but in general if things run okay at the command line of an ordinary user, but don't run when called from a server like an httpd, then one of two things is generally to blame:
 * file permissions - I'd guess that the account Cherokee is running under isn't the same as the normal user account you tried the software from the command line, and as such may have different (more restricted) file permissions.
 * paths - you may need to more explicitly give the locations of programs, interpreters, and libraries (as processes spawned under the httpd frequently have very limited PATH and other environment settings).
 * Your first port of call should be Cherokee's own log files, which should have specific details of the actual offending activity -- Finlay McWalter • Talk 02:43, 12 January 2010 (UTC)


 * I should be able to access the servers from my browser without Cherokee even running though, right? (At least, I can access the standalone HTTP server fine.) Even then they don't work; just blank pages. Deshi no Shi (talk) 02:58, 12 January 2010 (UTC)

Movie-making software for animated GIFs
I understand that Windows Vista Movie Maker can accept animated gifs, but are there any free software for Mac which accepts animated gifs and lets them work?--153.20.24.67 (talk) 04:16, 12 January 2010 (UTC)
 * Do you want to play them? Then any web browser will do it. Do you want to edit them? Then The GIMP will do it. --Andreas Rejbrand (talk) 13:22, 12 January 2010 (UTC)

Display stuck in text mode or print mode.
Display is stuck in text or print mode. I have tried almost every combination of skins, clearing the browser cache, closing Internet Explorer after clearing the cache, etc. I may have choose text mode and the server has this stored against my URL?!?

JD De Armon —Preceding unsigned comment added by 98.115.116.162 (talk) 06:32, 12 January 2010 (UTC)


 * Sorry, I don't understand the sentence "Display is stuck in text or print mode". To us nerds, text mode has a specific meaning &mdash; see the article.  Is that what your display looks like?  Is it possible to upload a screenshot (by pressing the Print Scrn button on your keyboard, then pasting the resulting screenshot picture into Paint) to Flickr or Photobucket and point us to the screenshot so we can look at what you're trying to describe?  What version of Windows are you running?  Comet Tuttle (talk) 17:41, 12 January 2010 (UTC)


 * You seem to be describing a website coming up in a "text only" or "printable view" mode. If so, try deleting the cookies to erase any settings the website has stored on your computer. --Bavi H (talk) 02:06, 13 January 2010 (UTC)

MS bookshelf 95
I have installed ms bookshelf 95. Is there any latest version? thank you. —Preceding unsigned comment added by 124.43.153.121 (talk) 06:54, 12 January 2010 (UTC)


 * I have Bookshelf Basics 96 (which is on the Office 97 CD), which is described thus in the Help file:

Microsoft Bookshelf Basics is a preview of the information found in the complete version of Bookshelf. Bookshelf Basics ... provides ... The Chambers Dictionary, Roget's Thesaurus of English Words and Phrases, and the Bloomsbury Dictionary of Quotations. By upgrading to the complete version of Microsoft Bookshelf – British Reference Collection, you will obtain ... an encyclopedia and two entirely new books: The Bookshelf Internet Directory and the Concise Encarta World Atlas.
 * Presumably there is a 96 version of the full suite. Mitch Ames (talk) 07:59, 12 January 2010 (UTC)


 * A quick search finds an article that says they went up to 2000. Mitch Ames (talk) 08:01, 12 January 2010 (UTC)

intel graphics driver for windows 7
hi! i have an intel 845gvad2 motherboard.i have just installed windows 7 on it.the installation was successful but the screen resolution is not proper.i tried installing the driver but it did not help.any help would be appreciated. —Preceding unsigned comment added by Itisabhijeetsingh (talk • contribs) 14:17, 12 January 2010 (UTC)


 * Hello back at you! Can you be a bit more specific about the problem please? You say "the screen resolution is not proper". Do you mean it is too low? ie. stuck on 800 x 600? --220.101.28.25 (talk) 14:39, 12 January 2010 (UTC)


 * What happens when you try changing the screen resolution via the Control Panel? Comet Tuttle (talk) 17:37, 12 January 2010 (UTC)

How do I know if vision is connected?
There is no icon on the toolbar...so how do I know if it is connected?Accdude92 (talk to me!) (sign) 14:55, 12 January 2010 (UTC)
 * If you're on the same network as the host computer, it's probably connected. If the screen is being changed by itself... it's connected.  If it's on a school owned laptop you can bring home... it's probably not connected when you're home.  Unless the person who installed Vision has the toolbar icon enabled, there is no (easy) way to know if they are watching you at this moment. 206.131.39.6 (talk) 15:36, 12 January 2010 (UTC)

Runescape question
Why does the screen blink if I change tabs or windows?Accdude92 (talk to me!) (sign) 14:56, 12 January 2010 (UTC)


 * Do you mean, the screen blinks and goes black momentarily, or do you mean that the screen starts to blink and does not ever stop blinking? If the former, the screen of most computer monitors will momentarily blink or black out while the refresh rate is changed.  Most computer games change the refresh rate, so when you hit alt-tab to go to another window, the game minimizes its window and DirectX changes the refresh rate back to what it was before you launched the game.  Comet Tuttle (talk) 17:32, 12 January 2010 (UTC)

Sudden Problem with HD TV
Here is a question for all of you HD TV experts: I recently purchased a 40” HDTV and have Comcast HD digital service. For the last couple of weeks, the picture has been remarkable, however, last night while watching one of my usual favorite channels, the picture suddenly seemed ‘stretched out’. Although it was still a bit clearer than non HD channels, the screen seemed not as sharp as usual. I had not touched any of the settings on my television to cause this. My next move was to then adjust the screen settings, experimenting with the ‘zoom’, ‘full’, etc. settings which caused it to look even worse, when normally it just changed the size. Even the television station logos were blurry and parts of them were even cut off on the side of the screen on some channels. I tried unplugging the HDMI cable, etc. with no improvement. Finally, I cut the power to my cable box, unplugged it and then powered it back up and plugged it in. Everything looked great again. My question is this…could I have a faulty cable box?…or is my new TV defective? Any thoughts? Thanks! 10draftsdeep (talk) 14:59, 12 January 2010 (UTC)


 * You should ask Comcast, because they know the cable box. Were these favorite channels of yours HD channels, or old-style SD channels?  If they were SD channels, I'd guess that the cable box may have taken the 480p 4:3 signal, and decided to stretch it to fit your 16:9 screen.  Usually the setting of how the cable box handles an SD signal is a setting of the cable box; maybe you somehow changed this setting without realizing it.  Comet Tuttle (talk) 17:36, 12 January 2010 (UTC)
 * They were most certainly HD channels. Throughout the whole proccess, the TV display showed me it was still receiving a 720p signal. (My set has 1080p capabilities) To me, that was the frightening part as I suddenly worried something was wrong with my new TV. The cable box has no easily visible buttons. I am going to hope it was a simple glitch with the cable. (I also have a very energetic house cat that likes to treat the system like playground equipment!) It is possible he tampered with something. But if the problem returns I will certainly be making a phone call. Thanks, CT. 10draftsdeep (talk) 18:07, 12 January 2010 (UTC)

very very very very simple gui programming language thing
I want to create some simple programs but I know zero programming language and I don't want to waste ages learning one for what is basically a spur of the moment thing. So, is there any gui program that can help make other programs? You know like how Game Maker lets you make simple games without the requirement of prior computer programming experience —Preceding unsigned comment added by 82.43.88.124 (talk) 15:49, 12 January 2010 (UTC)


 * It would help if you were more specific. python + gtk + glade is easy but takes some learning. python tutorial, gtk tutorial --194.197.235.240 (talk) 16:31, 12 January 2010 (UTC)


 * Yes, it would help a lot if you told us the kind of program you are trying to make. It'll help us point you in the right direction. --Mr.98 (talk) 16:35, 12 January 2010 (UTC)


 * It is now common for many "spur of the moment" GUI applications to be developed as web-based applications. You can even make a web-based application that is entirely run from the local computer.  For that, you can use Python, or Ruby, or PHP.  I've seen many people use a WAMP setup. --  k a i n a w &trade; 17:51, 1:2 January 2010 (UTC)
 * I agree that a web GUI is probably a much quicker way to put together an interface if it is just a mockup or a small task. Unfortunately it takes some knowledge of not only PHP but also some HTML, which might be a bit too high of a barrier depending on the purpose. Web GUIs are about a million times easier to set up than regular GUIs (because the browser does all of the complicated work), but even they aren't quite on a drag-and-drop level of Game Maker and etc. --Mr.98 (talk) 19:32, 12 January 2010 (UTC)
 * I thought Dreamweaver (and others) did drag-and-drop design with PHP/MySQL. I could be wrong since I don't use a WYSIWYG editor.  Also, I read the question as wanting to make an application as easy as game maker lets you make games.  I did not read it as wanting to make a game.  It seems like some responders are stuck on advising how to make games. --  k a i n a w &trade; 19:34, 12 January 2010 (UTC)
 * Well, maybe Dreamweaver does some kind of basic drag-drop databasing, I don't know. I still don't know what the OP wants which makes it hard to be more specific. Depending on the task, there are better and worse options. (A web GUI is a great thing for, say, a simple database or something that processes text... but a lousy solution for, say, something that has to interact with files on the desktop.) --Mr.98 (talk) 20:27, 12 January 2010 (UTC)


 * You could probably pick up the basics of python in about a week or less by going through the tutorials above (or this one, which is what I used and found very useful. There's a version for Python 2.6, which is more established and so works with more "plugins" or whatever, you can read it here).  Learning to do GUI stuff will probably take a little longer, although you might be interested in pygame, which is a set of modules to help make games with python.  TastyCakes (talk) 18:00, 12 January 2010 (UTC)


 * Visual Studio greatly simplifies the task of creating forms. You just drag items like buttons and text boxes onto the form from the tool box. But, no matter what program you use, you will still have to write some code. There's really no way to get around that. So, try out a hello-world example of Visual Basic and C# and see which one you like, and then read up on that language if you want to use Visual Studio.--Drknkn (talk) 23:24, 12 January 2010 (UTC)


 * Have a look at the langaguages listed in Educational programming language. I also like Rebol which can do a lot in a few words. The Wikipedia article is excessively technical, but there are tutorials. I do not know if a macro language would suit you: there is the iMacro add-on for Firefox, or Autoit or Autohotkey. 92.24.99.218 (talk) 12:12, 13 January 2010 (UTC)
 * Just to put in two cents... doing a lot in a few words hardly sounds straightforward to me. I mean, regular expressions are prized for their brevity, but it does not correlate with their ease of use. I prefer something where the logic of what is going on is a little more apparent—having one function that does a million different things is in my opinion a lot more troublesome than a handful of functions that specialize. --Mr.98 (talk) 16:16, 16 January 2010 (UTC)

Should I Virtualize My Server?
I'm running a Cherokee web server that is expecting little to no traffic (if I get a dozen hits a day, I would be surprised). It's mostly to host files for friends and some CGI surveys (I am collecting information for some psychological experiments at my university). I'm hosting this all on my Debian-based machine which I also use as a desktop, and KVM and Xen hate me for some reason. That said, is the small risk of attack that I face (especially because I will be using CGI) worth it to virtualize another OS to protect my desktop? I could theoretically get something working to run OpenBSD parallel to my desktop and host the server on that, but I really don't want to go through the effort unless it's absolutely necessary.

P.S. I've given up on getting Catalyst to work with FastCGI. Is it reasonable to host all the static documents on my Cherokee server at :80, and host a separate HTTP server for any websites utilizing CGI at :8080, using hyperlinks between the two?

What are the chances I'll actually encounter a situation where I'd wish that I'd kept my server and desktop separate? Deshi no Shi (talk) 19:12, 12 January 2010 (UTC)

strange problem - Dell system restore
I'm trying to help my mom with a problem (she lives in another state)...

She has a Dell and it looks like what happened is that somehow the System Restore utility ran and restored it to the factory fresh state. She had all her data backed up, but we can't figure out how this happened or if it is likely to happen again. I tried Googling a variety of terms to see if this is a known problem but I didn't find anything. Any clues? ike9898 (talk) 23:22, 12 January 2010 (UTC)


 * Impressive that she's backed up. Is it possible that her computer booted from the D: drive, so it appears that you're running a factory install, but the C: drive is still intact?  Comet Tuttle (talk) 23:34, 12 January 2010 (UTC)


 * Impressive indeed. Proves the importance of back-ups. Is the PC user keeping the restore disc in the D: drive as implied by Comet Tuttle? 220.101.28.25 (talk) —Preceding undated comment added 01:30, 13 January 2010 (UTC).


 * I believe Dell and HP usually format the hard disk with the C: partition being the majority of the drive, and the D: partition being a bootable partition that has the image data necessary to reformat the C: drive to its factory state. I was wondering if Ike9898's mother had somehow been booting from the D: partition.  Comet Tuttle (talk) 06:42, 13 January 2010 (UTC)


 * OP here: It seems like this wouldn't explain what happened. I had her look specifically C: >> Username  >> Documents and Settings >> My Documents, and all that was there was just the sample pictures, etc. that you get when you install Windows. I'll check to make sure it's not booting to CD.  ike9898 (talk) 14:32, 13 January 2010 (UTC)


 * Replying to Comet Tuttle. Silly me, didn't think of that! I was thinking C:=HDD, D:=DVD/CD. Some PC users tend to keep their 'restore' disc in the drive. If C: went U/S then it could default to the D:(DVD) drive, possibly resulting in a restore. If not, could it be set to perform it automatically, under some conditions, as Ike9898 originally suggested? If under warranty then Dell may be the best place to enquire.--220.101.28.25 (talk) 17:01, 13 January 2010 (UTC)