VNC is the abbreviation of: Virtual Network Computing if you didn’t know it.
There are many types of VNC such as TightVNC, RealVNC, UltraVNC and etc…

RealVNC is a remote control software which allows you to view and interact with one computer (the server) using a simple program (the viewer) on another computer anywhere on the Internet. The two computers don’t even have to be the same type. You can use RealVNC to view an office Linux machine on your Windows PC at home or help friends who are living far away without driving lots of miles.

Recently, there is a big security issue in RealVNC v4.1.1 discovered by Steve Wiseman.


It actually allows you to connect to any computer without password! Usually after vnc server installation, it will advice you to set a new password so not to allow any unauthorized user with VNC Viewer to remote control.
Just by modifying a few lines of code in the viewer, and the viewer is turned into a universal hacked viewer which can simply connect to any vnc server v4.1.1 without password.
Imagine what a person can do when there is a VNC Null Authentication Vulnerability Scanner!
He can scan the whole world of computers to find for VNC Server v4.1.1 and then use the hacked VNC viewer to connect to it. He will have 100% access to the computer.

If you are using RealVNC v4.1.1, PLEASE download the latest version v4.2.5 immediately because any minute a hacker can be viewing your VNC servers without knowing the password.

[ Download latest RealVNC v4.2.5 ]

Note: The below information is ONLY for educational purposes only.
You can download a copy of old RealVNC v4.1.1 from this link.
You can then use an already hacked version of VNC viewer that is able to connect to any RealVNC v4.1.1 servers without password.
RealVNC 4.1.0 – 4.1.1 (VNC Null Authentication) Vulnerability Scanners is also available here. It allows you to scan for computers that has RealVNC v4.1.1 servers installed.

Anyone got this 502 Server Error message when browse to http://www.google.com?

Hopefully it’s just temporary because I tried to refresh every 30 seconds and I still get the same 502 Server Error…

Update: Oops… the minute after I posted this article, Google is back to normal 😛

There are dozens of web-based applications that allow you to sign into your favorite messenger service from within your web browser.
But Meebo deservers the extra attention. To begin with, it allows you to sign into four popular IM services simultaneously, including -of course- MSN Messenger and newcomer Google Talk. “Semi-interoperability”, you could call it. All you have to do is enter your login details for the service(s) you want to log on, and off you go. Before you ask, they have a clear and safe privacy policy.


Another point worth noting is the technology behind the application, which is -just like Gmail- AJAX. This translates into a very smooth operation without page reloads, and the typical Windows “feel” (chat windows can be maximized and overlap). The graphical user interface itself resembles MSN Messenger’s new best buddy, Yahoo! Messenger.

Meebo was launched last month by three people, and it’s still in BETA-phase. For now Opera is not yet supported, but it worked great in IE and Firefox.

>> Try Meebo (not to be confused with MeeGo).

USB flash drives are so common nowadays and I believe most of us already have one. It is very convenient to carry along our data with us all the time but can also be a problem when you’re unable to properly eject it from your computer. The error message “The device ‘Generic volume’ cannot be stopped right now. Try stopping the device again later.” is what you’ll see when you’re having the problem. You can use Unlocker to unlock the files in used and then eject OR you can use a special tool called USB Safely Remove developed to help you easily manage your external hotpluggable device.

USB Safely Remove normally cost $20 for a single user license which last a lifetime but they’re giving away free licenses to everyone for a week in order to promote upcoming version 4.0. You may use all the features of the program and get upgrades for one year for free. Actually they’ve done this early this year on February to promote version 3.3, so no big surprise that they’ll start doing it again. Continue reading on how to get your free USB Safely Remove v4 registration code.


USB Safely Remove is a neat and handy replacement for the standard ‘Safely Remove Hardware’ tool. It will make life easier and save time for those who have several hotplug (USB, SATA, Firewire) devices and those who use them extensively.

USB Safely Remove is better than the Windows ‘Safely Remove Hardware’ tool because:

The ability to hide any device from the ‘stop’ menu.

Uses real device names and allows renaming.

Keyboard shortcuts for easy device stopping.

Unique menu for one-click stop.

Programs autorun on device plugging/unplugging.

It tells you why a device cannot be stopped immediately.

The latest USB Safely Remove version 4.0 includes a few very useful features such as “Return device back”. After you stopped a device, but still did not unplug it, sometimes it would be very useful to return it back to the system. For example if you have remembered you forgot to write a file to the drive after you stopped it. In this case you are compelled to physically replug the device. However sometimes it is quite inconvenient if the device is connected to the rear panel of the computer. USB Safely Remove allows you to return your device back as easy as you do safe removal – in a one click!

The new version can see and stop such devices like PCMCIA. Also it has a unique feature to stop even those hot-swap devices whose drivers does not support “authentic safe removal” (they cannot be seen in the native Windows Safe Removal tool), e.g. Silicon Image SATA devices. USB Safely Remove stops these devices via “disabling” (as Windows Device Manager do), however it makes stopping of these devices convenient for user – in the same manner as you do ordinary safe removal.

Most of the card readers create a drive letter for every slot even if it doesn’t contain a memory card. Those who uses only one or two memory cards at the same time, might dislike this behaviour. The new version allows you to get rid of this problem – you will see only those drives of the card reader where memory cards are connected.

To get your free USB Safely Remove 4.0 license, head to this page http://safelyremove.com/giveawayweekp.htm, enter your full name (nickname not accepted!), email address and click “I want the license button”.

Your license will be sent to you within 24 hours. There is a great likelyhood that you’ll get it much earlier, but just in case, be patient please. Once you got the registration name and registration code, launch USB Safely Remove > go to Help > Enter License Key. The latest USB Safely Remove v4.0 beta works on both 32 and 64 bit of Windows.

I am starting to think whether they’ve officially started giving the free license away or not because I couldn’t find any page linking to the offer page. I’ve just requested a free USB Safely Remove v4 license and hope to get it soon. Will report immediately when I do get the free registration code.

[ Download USB Safely Remove v3.3 | v4.0 Beta 8 ]

Did you know that when you chat with your friends using any instant messenger such as Windows Live Messenger or Yahoo Messenger, the conversation is being sent as clear text form which can be intercepted by sniffing the network data? I know many of you who work in office often talk to your friends using a messenger thinking that it’s safe to reveal anything but it’s not. Most company uses a server to share internet connection, so all traffic will go through the server first. If the administrator install a packet sniffer that is able to decode MSN packets on the server,the admin is able to intercept all messages in and out of MSN.

Don’t believe? See how easy I sniff and decode MSN messages. I install MSN Sniffer 2 from EffeTech on my server. Then I use two workstations to chat with each other. I logged in to Windows Live Messenger for both account on different computer, then I start a conversation.

As you can see, MSN Sniffer is able to capture and decode MSN packets. It displays both MSN incoming and outgoing messages.

It is wrong for the administrator to install a packet sniffer to capture and decode packets but then you can’t blame them because they are afraid of you leaking confidential company information to other people. However, you can use encryption solution to protect yourself from being sniffed.


There are many encryption utilities but the one that works the best for me is Simp Pro/Lite created by Secway. SimpLite prevents eavesdroppers from reading your personal instant messenger conversations. There are 2 versions of Simp, the Lite and PRO. The PRO version is the shareware version of Simp and it supports all types of instant messengers. But if want to use it for free, you can use Simp Lite with the catch of only one product from the SimpLite family can be launched at the same time on your computer. Meaning if you’re using SimpLite-MSN, you can’t use SimpLite-Yahoo simultaneously.

Simp can handle both encrypted and unencrypted chats. To have encrypted conversation, both parties must have Simp installed. If either one person doesn’t have Simp installed, the conversation will remain unencrypted.

Here are the steps to use SimpLite for encrypting your chat messages.
1. Download and install SimpLite.

2. You’ll be presented with Simp configuration wizard. Select whatever is appropriate.

3. After finish configuring, you’ll need to generate keys. Click next at the welcome screen.

4. You can use the default Cipher and click Next. Make sure the RSA is 2048 bits for maximum security.

5. Enter a password to protect your private key. Whenever you run SimpLite, you’ll need to enter this password.

6. Move your mouse cursor around the window to generate random numbers. Click Next and it will generate your RSA 2048 bits keypair.

Ask the other person that you want to securely chat with to install and configure SimpLite like what you did. When both of you have SimpLite installed, either person will have to send a message. That will bring up a screen on both party asking whether to accept the new key.

Once both party has clicked Accept button, you’ll get a popup window stating “Authenticated and encrypted“.

If you open SimpLite window from the tray bar, you’ll notice that a new key being added. The next time when you chat with the same person, the conversation is automatically encrypted.

To proof that the chat is encrypted, I run MSN Sniffer again and start capturing the packets in the network. Then I start a conversation with the same message as above “Hello Peter, how are you today?”. This is what the MSN Sniffer logged.

I bet the administrator would be cracking his head on what has happened to his MSN sniffer when he sees messages that only has random letters and numbers.

SimpLite can work on MSN, Yahoo, ICQ, AIM, Google and Jabber. Do take note that SimpLite encryption only protects you from network sniffers but not keyloggers. If you’re sure that your local computer is clean from keylogger, then having SimpLite would be an added protection.

[ Download SimpLite for MSN Messenger ]

Are you aware of all the devices – USB sticks, CDs, floppies, smartphones, MP3 players, handhelds, iPods, digital cameras – that have been connected to your network? As an administrator, do you know how many employees have been using or are using portable storage devices at the moment? Monitoring your network for these devices is not only time-consuming but nearly impossible to do manually.

Often the weakest link in security is not the technology but the people who use it. The extensive use of portable storage devices on your network can expose it to unintentional and malicious security threats and result in data theft, virus attacks, legal complications and loss of productivity. Knowing what devices are on your network today is the first step towards minimizing these risks.

Good news is now you can actually check what devices are or have been connected to computers in your network and by whom within minutes!


GFi, the famous IT security and productivity solutions provider has created a free web utility called EndPointScan which lets you check what devices are or have been connected to computers in your network and by whom within minutes.

Doesn’t require any configuration or huge installation. Just make sure you visit EndPointScan website using Internet Explorer. Or if you’re using Mozilla Firefox, use IETab. Simply click on the Scan my network! button and it’ll ask if if you want to scan a single computer, a range of computers or list of computers.

If this is the first time you are using GFI EndPointScan, an ActiveX control (0.7MB) must be downloaded and installed on your computer. Select ‘Yes‘ when prompted to download this control.

Once a scan is completed, GFI EndPointScan will display scan results in a graphical report. The report includes device usage, device threat level and computer risk level. The information presented refers to devices connected both currently and historically.

Only Windows 2000, XP and 2003 is supported. Windows 95, 98 and NT is NOT supported. If you’re having trouble installing ActiveX, just set your Internet Explorer security settings to Medium. You will need administrator rights and privileges to set Internet security settings and execute EndPointScan.

You can only scan your network for free and that’s it. If you want to do more such as controlling network access of portable storage devices and drives, such as USB drives, iPods and PDAs, you have to purchase GFi EndPointSecurity which is quite expensive. I believe this is the reason why GFi made EndPointScan available for free. Anyway, it’s still a good online utility to scan network for devices. It’s quite similar to what USBDeview can do.

[ Scan Your Network with EndPointScan ]

Windows Live Messenger is able to have group chat by simply inviting people in your contact list to your current chat window. Have you ever noticed that multiple conversation is really annoying because you’re automatically being pulled in when someone invites you? I’ve been invited many times to group chat but never really wondered how to disable the auto join into the chat. Thanks to Michael Y for bringing this to my attention because he wants to avoid getting automatically pulled into a multi convo every single time someone invites him. Sometimes, these conversations are so aimless that he leaves, but someone else always invites him in again!!! Moreover, this “feature” totally stops his downloads and he’ll have to download the file again from start.

I tried looking for a setting in Windows Live Messenger to stop group chat or at least show a warning window before automatically joining into the group chat. I was so surprised that there’s no such setting! Did the developers of Windows Live Messenger forgot to add this setting.

Fortunately, there’s a way to avoid joining into group chats automatically and you’ll also get a warning window first.


Just follow the few simple steps below to on how to avoid being automatically being pulled into group chats.

1. Make sure you have the latest Windows Live Messenger. If not, you can download from here and install.

2. Download Messenger Plus! Live and install. Look carefully after clicking Next during installation. It says “Messenger Plus! Live comes with an optional sponsor program. Make sure you select “I refuse to give my support, don’t install sponsor”. If not, you’ll have spyware on your computer.

3. Run Windows Live Messenger and sign in to your account.

4. Download Group Chat Warning script. Double click the script (gcwarning0-5.plsc) once finished downloading. Check “I accept responsiblity of installing this script” and click Import button.

When you get a new chat with more than 1 person, a window pops up, shows you who’s in that conversation, and lets you:

Accept…
– Does nothing but close the little warning window, so you can have the group chat like normal.

Decline…
– Tells the conversation “Please ask before starting group conversations”.
– Closes the Conversation.

The script did mention it does not actually avoid being invited into group chats, but it does make it easier to leave them. I tried this script, and I wasn’t automatically pulled into the group chat. The warning window appears first. Messenger Plus! Live is probably the coolest and most useful extension for Windows Live Messenger!

The day started just like any other ordinary Sunday. Wake up, go to church, have lunch outside and then come back to check on the forum and blog. The forum displays that I have a private message from BigGuy conveying a very sad news that his uncle Barry with the nickname Bearcat was killed in an auto accident on Friday morning. If you don’t know Bearcat, he is 50 over years old and is one of the most active member in the forum. He may not be the geekiest person but I dare to say that he’s probably the nicest and friendliest person in the forum. This page is dedicated to Bearcat, so no more articles for today and will only continue tomorrow. Made me realize that life can be so fragile. You can be talking to that person today and the next day he’s gone.

Rest in Peace Barry. You will truly be missed and always remembered.

Just checked Windows Update today and saw that there’s a new Windows Genuine Advantage Notification (KB905474) to install.

It seems like you can still continue downloading and installing other security updates even if you skip updating your Windows Genuine Advantage Notification (KB905474).
If you install the latest Windows Genuined Advantage Validation 1.5.540, it will only update 2 files which is LegitCheckControl.dll and WgaTray.exe. As for WgaLogon.dll, it still retains the old version 1.5.532.
The latest LegitCheckControl.dll is 557KB in size.



I’ve compared the LegitCheckControl.dll 1.5.540 with the previous version 1.5.532, and this new version looks like a complete update and not minor fix for the previous version. Take a look at the changed offset below. It reports 500,000+ offset differences.

I strongly believe that the the LegitCheckControl.dll Crack by DTCG won’t work for this version.

Seems like no matter how many versions of Windows Genuine Advantage Microsoft can release, crackers can crack it within minutes and it will be out in the internet less than a day. I manage to find ONLY one crack that removes the Windows Genuine Advantage notification nag and also allows you to use Windows Update. Please follow the simple 2 steps below.

1. Download WindowsXP-KB905474-x86-1.5.540.0-noWGA.exe
2. Run WindowsXP-KB905474-x86-1.5.540.0-noWGA.exe and it will automatically replace a cracked version of LegitCheckControl.dll to enable Windows Update and wgatray.exe and wgalogon.dll to disable the WGA notification nag.

Update: Found another WGA 1.5.540 crack by Muiz. The cracked LegitCheckControl.dll, WgaLogon.dll and WgaTray.exe is exactly the same as the 1st crack.
Download kb905474_1.5.540.0.exe by Muiz from 9Down
Download kb905474_1.5.540.0.exe by Muiz from MegaUpload
Download kb905474_1.5.540.0.exe by Muiz from RapidShare
Download kb905474_1.5.540.0.exe by Muiz from Hyperupload

Note: This information is for educational purposes and cracking Microsoft Windows is against their piracy law. None of the crack files are provided by me or hosted here.

Here’s a quick tip on how to remove Nero Scout from Nero 7.

Click on Start and select Run.

Copy the code/line below and paste it to the Run box and hit OK.
regsvr32 /u “%COMMONPROGRAMFILES%\Ahead\Lib\MediaLibraryNSE.dll”

Enjoy 😉

Update: 7 February 2006
The latest Nero 7.0.5.4 has the option to Disable Nero Scout and also includes an option to “Show Nero Scout in Windows Explorer”.
Go to your Windows Explorer, right click on the Nero Scout icon and select Options.
Just uncheck both of the options at the picture below and you won’t get the Nero Scout icon on your Windows Explorer.

Download the latest version of Nero to have this option.