[aprssig] OT RE: Irfanview and DEP (was APRS Frequency info?)

Dave Baxter Dave at emv.co.uk
Tue Jul 8 09:11:08 EDT 2008


It's unlikely to be a problem for you (running Irfanview) if you don't
have such security software loaded, or "features" enabled.

As to the buffer overrun problem.  Again, these days, unless you like to
visit "the darker side of the net" and are careful where you visit, and
what you click, you should stay OK.

Any unexpected browser crashes, that are repeatable, should be
investigated though.  Run a spyware sweep, anti virus scan etc.  Trouble
with them, is the time it takes these days, there is just so much to
check.

It can be useful in extreme cases to make a note of the website address,
and put it in your Hosts file, with a pointer back to 127.0.0.1
(yourself!)  That should prevent that particular site causing trouble
again, to you at least.

Regards.

Dave G0WBX.


> -----Original Message-----
> From: Ray Wells [mailto:vk2tv at exemail.com.au] 
> Sent: 08 July 2008 05:14
> To: TAPR APRS Mailing List
> Subject: Re: [aprssig] OT RE: Irfanview and DEP (was APRS 
> Frequency info?)
> 
> Gusee I'd better keep my fingers crossed to ensure my run of 
> luck continues.
> 
> Ray vk2tv
> 
> Dave Baxter wrote:
> 
> >Hi...
> >
> >The problem is fairly well known.  Some (I don't know about 
> any later) 
> >versions of Irfan view, internally executes run time code, read into 
> >data buffers.  In this case it's intentional, and part of 
> the way the 
> >program was written.  I won't go into if it's good/bad 
> practice, but it 
> >was a common thing to do in the past...
> >
> >Anyway, it's also a common way for unintended visitors to 
> begin to hack 
> >your PC, the so called buffer overrun, resulting in code 
> being executed 
> >in a data area.
> >
> >"DEP" or Data Execution Protection is one way to prevent that.  Some 
> >high end CPU's can do that if programmed up the correct way, some 
> >versions of Windowz can do something similar (they say) in software.
> >Either way, Irfanview (an otherwise very versatile image 
> manipulator) 
> >will fail to run, and bring up warning messages etc...
> >
> >An alternative (though not free) very good program could be 
> Paint Shop 
> >Pro.  But later versions are mind bogglingly complex!.
> >
> >73.
> >
> >Dave G0WBX.
> >
> >  
> >
> >>-----Original Message-----
> >>From: Ray Wells [mailto:vk2tv at exemail.com.au]
> >>Sent: 07 July 2008 09:28
> >>To: TAPR APRS Mailing List
> >>Subject: Re: [aprssig] APRS Frequency info?
> >>
> >>Never had an issue with Irfanview here but then I don't trust 
> >>Microshaft to protect my computer.
> >>
> >>Ray vk2tv
> >>
> >>Dave Baxter wrote:
> >>
> >>    
> >>
> >>>Hi...
> >>>
> >>>Note that Irfanview can seriously "P" off some security/AV system 
> >>>programs, particularly those that check for programs that
> >>>      
> >>>
> >>run code in
> >>    
> >>
> >>>data buffers (DEP).  It's doubtful Irfanview is malicious, but take
> >>>care.   Some versions of Vista, and later incarnations of 
> XP with all
> >>>security settings enabled, may complain, or even prevent 
> it running.
> >>>
> >>>
> >>>________________________________
> >>>
> >>>From: Stephen H. Smith [mailto:wa8lmf2 at aol.com]
> >>>Sent: 05 July 2008 06:03
> >>>To: bruninga at usna.edu; TAPR APRS Mailing List
> >>>Subject: Re: [aprssig] APRS Frequency info?
> >>>	 
> >>>	.
> >>>	.
> >>>	.
> >>>	 
> >>>Then twiddle the resulting images in Photoshop.  Jack up the
> >>>      
> >>>
> >>contrast,
> >>    
> >>
> >>>crop and resize from it's native multi-megapixel resolution to 
> >>>something like 320x240, reduce the color depth from photographic 
> >>>high-color to 256 colors (you'll never notice the difference
> >>>      
> >>>
> >>on screen
> >>    
> >>
> >>>shots or images of
> >>>maps) and save as a GIF image.  If you don't have PhotoShop, the 
> >>>freeware IrfanView program from <http://irfanview.com> 
> >>><http://irfanview.com>  can perform these operations just
> >>>      
> >>>
> >>about as well.
> >>    
> >>
> >>>	
> >>>    <http://www.nvu.com/>     
> >>>
> >>>That sounds nice, I intend to take a good look at that 
> later, What's 
> >>>the "unoficial bugfix" version (KomPozer) like?
> >>>
> >>>73
> >>>
> >>>Dave G0WBX
> >>> 
> >>>	
> >>>	  
> >>>
> >>>This mail has been scanned by Palmer Cook Computer Services
> >>>      
> >>>
> >>Limited.  
> >>    
> >>
> >>>www.palmercook.co.uk 
> _______________________________________________
> >>>aprssig mailing list
> >>>aprssig at lists.tapr.org
> >>>https://lists.tapr.org/cgi-bin/mailman/listinfo/aprssig
> >>>
> >>> 
> >>>
> >>>      
> >>>
> >>
> >>
> >>    
> >>
> >This mail has been scanned by Palmer Cook Computer Services 
> Limited.  
> >www.palmercook.co.uk _______________________________________________
> >aprssig mailing list
> >aprssig at lists.tapr.org
> >https://lists.tapr.org/cgi-bin/mailman/listinfo/aprssig
> >
> >  
> >
> 
> 
> 
> 
This mail has been scanned by Palmer Cook Computer Services Limited.  www.palmercook.co.uk



More information about the aprssig mailing list