What did I say? A background voice recorder

What did I say? is a software that continuously records audio from an input device (e.g. a microphone) and saves it to disk on demand.

Features:

  • continuously record audio from an input device
  • discard audio after a configurable time span
  • keep the recorded audio in memory only
  • run in the background (no window, just a notification icon)
  • write to disk upon request (WAV format)

Possible usages:

  • take notes during brainstorming when someone said something interesting
  • provide evidence in cases of defamation or sexual harassment
  • “pilot recorder” / “black box”

Screenshot

Command line options:

  • -s: Sample rate (44100, 22050 or 11025 Hz)
  • -b: bits per sample (16 or 8 bit)
  • -c: channels (1 = mono, 2 = stereo)
  • -t: recording time in minutes (buffer time)

System requirements:

  • Windows 8 or higher
  • .NET Framework 4.5

Download What did I say 0.1.1.8 Setup.exe.zip (1 MB)

License: MIT, closed source at the moment.

Known issues:

  • when saving to a file and then canceling the save dialog, the recorded audio is lost

Missing features:

  • Hotkey support
  • Support for external triggers (e.g. alarm contact)
  • Integrated playback

Please post bug reports and feature requests to whatdidisay.yyyy-mm-dd@lockerflockig.de where yyyy-mm-dd is the date you send the email (that’s my spam filter).

Huge JSON Viewer

Inspired by a Question on Software Recommendations, I wrote this Viewer for very large JSON files. It can open files of 1.4 GB in size or even larger, as long as you have ~7 times the amount of RAM on your machine.

System requirements: Windows 7 SP1 or higher, .NET 4.5, 64 bit recommended

License: MIT, closed source at the moment

Download: Huge JSON Viewer 0.3.6.10 Setup.exe.zip (14.5 MB)

Bugs: report bugs to jsonviewer.yyyy-mm-hh@lockerflockig.de where yyyy-mm-dd is the current date.

Known issues:

  • This software is in beta
  • The progress bar window can be closed while the JSON file is opened

Screenshot of the version with menu and tabs:Screenshot

Screenshot of an older version with a 1.4 GB file loaded:

hugejsonviewer

Shutdown with warning

Shutdown with warning is a small tool inspired by a Software Recommendations question.

It shuts down your PC at a given wall clock time and displays up to 2 warnings before that time with the option to shut down the PC.

Download Shutdown With Warning

Supported OS: Windows 7 SP1 to Windows 10

Prerequisites: .NET 4.0

License: MIT

Report bugs to: shutdown.yyyy-mm-dd@lockerflockig.de where yyyy-mm-dd is the current date.

Settings

Shutdown warning

Make KeePass more secure: compile KeePass yourself

Heise recently published an article about KeePass not using HTTPS. The article turns out to be a canard, since KeePass cannot update itself. This article reminded me that I have attacked KeePass in 2009 to see how secure it is. Since it offers security features like password encryption, dual channel auto-type obfuscation, secure desktops etc., I thought this is a well-written and totally secure application.

Unfortunately I had to find out that my first two approaches of attacking KeePass worked very well (I don’t want to go into details here and provide full source for script kiddies; if you’re a developer you’ll probably be able to implement the attack based on the modifications I make to KeePass). Therefore I contacted the author, Dominik Reichl. However, he explained that such issues cannot be fixed. A few days later (2009-02-27 according to archive.org), the following text was added on the KeePass website, Security section:

All security features in KeePass protect against generic threats like keyloggers, clipboard monitors, password control monitors, etc. (and against non-runtime attacks on the database, memory dump analyzers, …). However in all the questions above we’re assuming that there’s a spyware program running on the system that’s specialized on attacking KeePass.

In this situation, the best security features will fail. This is law #1 of the 10 Immutable Laws of Security [4][5]: “If a bad guy can persuade you to run his program on your computer, it’s not your computer anymore”.

For example, consider the following very simple spyware specialized for KeePass: an application that waits for KeePass to be started, then hides the started application and imitates KeePass itself. All interactions (like entering a password for decrypting the configuration, etc.) can be simulated. The only way to discover this spyware is to use a program that the spyware doesn’t know about or can’t manipulate (secure desktop); in any case it can’t be KeePass.

If KeePass is not that secure, let’s try to make it a little more secure by yourself. Are you allowed to do so? Well, KeePass is released under GPL2 so you can modify it. You even don’t need to publish the modified source code as long as you don’t distribute your version and keep it for yourself. Only with publishing you need to publish under the same license. The relevant paragraph is

6. Each time you redistribute the Program (or any work based on the Program), the recipient automatically receives a license from the original licensor to copy, distribute or modify the Program subject to these terms and conditions. […]

Step 1: Compiling KeePass

  1. Download and install Visual Studio 2015 Community Edition if you don’t have VS 2015 already
  2. In the Download section, scroll to the bottom and download the source code for KeePass 2
  3. Unblock the ZIP file in the file properties (otherwise you might get strange security questions)
  4. Unzip the ZIP file
  5. Ideally, add all the source code to a version control system (SVN) just to be able to make changes without breaking anything
  6. Open the solution file KeePass.sln, which is a VS 2008 project, in VS 2015
  7. Confirm the one-way upgrade warning
  8. Try to build the solution. You’ll get some errors regarding PFX files which are used for the digital signature.
  9. Open the properties of all projects. Choose “Signing” and remove the checkmarks for the PFX file. I’ll assume that you don’t have an own PFX. If you do have an own PFX file, you’re probably familiar on how to use it.
  10. Try to build the solution. For me, it still failed due to “sgen.exe” not working well. Open the KeePass properties, go to “Build Events” and remove the post build step. This also has to do with the digital signature
  11. Try to build. This time it should work.
  12. Set “KeePass” as the startup project.
  13. Commit your work to SVN (if you have)

Step 2: Make it a bit more secure

For a specialized attack on KeePass, the attacker needs to find out that KeePass is KeePass. The attacker might look at the executable name, so let’s change it.

  1. Open the KeePass project properties
  2. Change “Assembly Name” to something you want, e.g. “PwManager”

So the executable name is better now. An attacker may still identify it as KeePass from the title etc., so let’s change that as well.

  1. Open KeePassLib\PwDefs.cs
  2. Change all “KeePass” to something else as well, e.g. “PwManager”
  3. As you’re there, change all URLs to “about:blank” if you like

Our modified KeePass version still uses the KDBX file extension, so an attacker may notice that and gather interest.

  1. Open KeePass/App/AppDefs.cs
  2. Find a class called FileExtension
  3. Change the extension from kdbx to something else, e.g. pwmg
  4. Change the “ExtId” from “kdbxfile” to “pwmgfile”. This would probably affect the Registry in case you want to register the file extension. Personally I recommend running it portable and not registering the file extension.
  5. Below those definitions, you’ll find some more items with “KeePass” in the name. Change it as well.
  6. Compile it and run it
  7. Commit your work to SVN

Step 3: recognize a potential replacement

Whatever efforts we take, an attacker may use other techniques to identify our application as a KeePass clone and replace it with a copy to fool us. Let’s mitigate that by changing the color of the password form. A replacement may not be able to imitate this, so you’ll notice the replacement, because it has the default KeePass color and not your color.

  1. From the KeePass project, open Forms/KeyPromptForm in designer mode
  2. Change the background color, e.g. to blue
  3. Compile it and run it
  4. Create a demo database and check the password dialog. It should have your color now
  5. Commit your work to SVN

If you followed this tutorial, you should now have a version of KeePass that it a little bit safer and looks similar to this:

KeePass password entry form

Sure, it still does not cover all attack vectors but at least the following:

  • Stealing *.KDBX files: your password file will not be found since it has a new extension now
  • Replacement of KeePass by a malicious clone via the Image File Execution Options Debugger Registry key (since this would require the executable to be named KeePass.exe)
  • Replacement of KeePass by a malicious clone in any other way, since you’ll likely detect the replacement due to the wrong color

What else could you consider? Based on my attacks I would do the following two things next:

  • Add a part of the password to the password via code. This will prevent someone from recording your complete password with a generic keylogger. So even he has your “KDBX” file and a recorded password, he’ll still need your program to get the second half of the password.
  • Detect if KeePass loses the focus and regains the focus very quickly. A user will need ~100 ms or longer to switch between applications. If the time is shorter, it’s likely that an attacker opened an invisible window and returned the focus to KeePass. Using Auto-Type will type into the attacker’s invisible window. The attacker may choose to forward the input to the original destination window so you won’t notice that it got lost.
  • Display the title of the window that KeePass is going to send the password to.
  • Display a list of DLLs loaded into the process. That way you might detect keyboard hooks etc. To shorten the list you could exclude DLLs signed by Microsoft, exclude known DLLs etc.

I have not yet described these modifications in detail.

TaskJuggler Installer for Windows

Developing software often needs some project management and planning. Unfortunately I regularly break Microsoft Project schedules in a way that leveling the resources does not work any more.

I have tried alternatives like GanttProject and ProjectLibre, but they all don’t fit my needs. Then I saw a recommendation for TaskJuggler. Unfortunately, TaskJuggler is not very convenient to install, especially behind a company firewall which prevents downloading missing Ruby gems.

After much pain, I figured out that I need to download and install the following in this order:

  1. Ruby
  2. RubyGems
  3. Tins gem
  4. Term-ansicolor gem
  5. Mime-types gem
  6. Mail gem
  7. TaskJuggler gem

Luckily, RubyInstaller covers steps 1 and 2.

After installation, I found that I need even more adjustments for convenience:

  1. Icon to better recognize the TaskJuggler .TJP files
  2. A file association for editing the .TJP file in Notepad++ (or at least Notepad)
  3. A context menu entry to “compile” the project to avoid the long Ruby command line “C:\Ruby22\bin\ruby.exe” “c:\Ruby22\bin\tj3” “myproject.tjp”. In addition, stop in case of errors.
  4. Syntax highlighting in Notepad++ to detect mistakes while typing
  5. A template for the New entry in the context menu (because starting with a totally empty file is hard)
  6. Support for Windows Explorer’s preview pane

Those convenience features need a lot of Windows Registry tweaking and are thus error-prone.

Nevertheless, once installed, TaskJuggler is a really great product. To lower the hurdle of using it, I have created the TaskJuggler Windows Installer which performs above steps.

Download

TaskJuggler 3.5.0 Installer 0.7 32 Bit (20.0 MB)

TaskJuggler 3.5.0 Installer 0.7 64 Bit (20.6 MB)

Be aware that this is a version which has not been tested much.

Reporting bugs

Report bugs to taskjuggler.yyyy-mm-dd@lockerflockig,de (where yyyy-mm-dd is the current date).

Visual Studio File Size Extension

I posted a Code Puzzle on StackExchange. When solving it myself in C#, I found out that it is hard to tell whether the latest refactoring made the file smaller or larger. Therefore I asked for a Visual Studio file size extension on Software Recommendations. Unfortunately, nobody answered, so I checked whether I could implement it myself.

Here it is, a small extension with no features except displaying the number of printable characters in the text buffer of the editor, measured correctly using StringInfo.LengthInTextElements().

License

The MIT License (see opensource.org)

Download

Code Golf File Size Visual Studio Extension 1.0.0.1 (11 kB)

The VSIX file is digitally signed for “Thomas Weller”. If not, please contact me.

Screenshot of Visual Studio File Size Extension installation

Screenshot of Visual Studio File Size Extension installation

File size extension in action

File size extension in action

Known bugs

Starting from 1.000.000 characters, the character count starts hiding under the editor’s scroll bar.

WinMerge plugin to compare SilkTest files

I recently started doing test automation with Borland SilkTest Classic. Unfortunately, the collapse/expand state is stored directly in source code, which can result in many differences when comparing sources in WinMerge.

To mitigate this issue, I have implemented a PreDiffer plugin for WinMerge. It simply ignores the leading boxes when comparing the source, see the following screenshot (without plugin and with plugin).

The plugin is configured to be suggested on test files (.t) and include files (.inc).

Download IgnoreCollapseBoxes 1.0.0.0 (4 kB)

License: Freeware. You’re free to use this plugin also in commercial environments.

The plugin was developed in Visual Basic 6. If you find bugs, please contact me at winmerge-plugin.<yyyy-mm-dd>@lockerflockig.de, where <yyyy-mm-dd> is replaced with the current date (to bypass the spam filter).

SNMP password guess list

Did you ever want to hack a factory or plant? Hirschmann HiVision uses the following SNMP password guess list to log in:

Username  Password
 -        manager
 -        operator
 -        admin
 -        user
 -        private
 -        public
 admin    Emerson1
 admin    abbadmin
 admin    admin
 admin    private
 manager  manager
 operator operator
 user     Emerson1
 user     abbuser
 user     user
 user     public

Removing source control settings from Enterprise Architect

I last used Enterprise Architect by Sparx Systems on 19th of June 2006.  As our architecture was stable since then, there was hardly a need to update the architectural diagrams. And, frankly spoken, Enterprise Architect was not the best product at that time, so everyone was happy in case he needn’t touch it.

We’re now making a major refactoring so I copied the Enterprise Architect model from our old repository to the new location, then opened it. Although I am using version 9.1 now (I started with version 5.0 in 2005), the usability has not significantly improved. The first dialog I saw asked me to remove the read-only flag manually. While I can do that, it would definitely have been an option to provide a button labelled “Remove read-only flag and open”.

We’re simplifying the architecture, so for most parts I should remove existing parts. That should be as easy as pressing the Del key. As a warm-up task to become familiar with EA again, I identified something to remove, selected it and pressed the Del key. Nothing happens. No message, even not a notification in the status bar. What’s wrong?

In the Edit menu, I find my first mistake: items are not deleted using the Del key, they are deleted using Ctrl+D. How could I forget? But unfortunately the menu item is disabled, which means that I cannot delete it.

I remember that we had trouble accidentally modifying diagrams some years ago and there was a way to protect items against modification. That’s confirmed by doing a right-click on the item: there’s a context menu entry labelled “Lock Element…”.

Nothing happens. Wait, notice the text in the status bar, which says:

Current package and contained elements are checked in and may not be edited.

Alright, so there’s the old version control setting included somewhere and I should probably remove it. That should be a project-wide setting, right? EA is almost intuitive in this point. There’s a Version Control submenu of the Project menu. I see that there’s the old configuration. I can select it and press the Delete button. But Enterprise Architect cannot simply remove the version control settings from all those items for you, because it says

This configuration is being used by the following package(s): Building Block View, Runtime View, Concept View, Process View, … and may not be deleted.

Alright, that’s only a list of 16 packages. I should be able to remove version control settings from those packages manually. In the project browser I select one of the views and in its context menu I choose Package Control/Version Control Settings. It turns out that this is exactly the same dialog as on project level. Very confusing. Much like Enterprise Architect in 2005.

Luckily I tried Package Control/Configure… next. This dialog provides a checkbox to enable or disable the checkbox “Control Package”.

I went through all the 5 root views and removed the source control settings. But there need to be 11 more items under source control. How to find them?

There is a keyboard shortcut which expands all nodes of a treeview. And since Enterprise Architect didn’t modify that default behavior, just press the asterisk key to expand all nodes. The nodes under source control all have a yellow key on a dark background. Simply identify those and remove version control settings as well.

Whenever you think you have removed all items, go back to the project menu and try to delete the setting on project level. Finally, I reached my goal: removing source control settings from Enterprise Architect.

No, wait – the original goal was to remove an item from a diagram…

Processing Word documents with DocX

For an association, I had the task to write some Word documents to all members. Unfortunately, the task was a bit more complex than simply writing a circular letter and I decided to automate this task, because it will reoccur once a year.

Of course I started with the built-in Office automation which is part of Visual Studio 2010. However, I ran into deep trouble configuring all the security aspects. I was unable to open documents from a network location, because it is not trusted by default. Next I should have applied code signing in order to make it work. As I don’t have a valid certificate, this was the point in time where I was looking for alternatives.

And I found DocX at Codeplex. It really works like a charm! I didn’t have any security warning to solve, so that I’m confident it will run on other PCs as well without major administration work. It claims to work even on PCs without having Word installed. Second, the API is much more intuitive. You don’t have to deal with Type.Missing parameters and all this stuff. And the task of replacing text is done in one line of code instead of defining a range, executing a find query and then replacing the result.

Of course, DocX does probably not offer all features Word has. But it was definitely the best choice for me at this time to do a simple text replacement task (and some calculations in my code) to get the circular letter ready.