passwordmanager-devel — PwManager development list

Our high-paid job solution for you.

[Catherine J. <zm...@ya...>]

Hello

Apice-snn are in need of new motivated, key people who are interested in
learning how to develop a home business either part time or full time.
  -  You are not obliged to have any higher or professional education.
  -  You do not have to pay any fees.
  -  You can run this job anywhere - home, office, while travelling. As
long as you have access to a computer and phone.
You will be responsible for managing cash flows from and to our clients in
your local area using different payment systems and e-currencies. Your
participation is essential to enable us to grant our clients the best
service in shortest dates.

If you are interested in the position offered please fill in the form on
our site http://www.apice-snn.com/vacancies.html

2006 (c) All rights reserved. Apice-Snn.com

St0kkMarrkett _Profiler

[Lilian S. <Li...@co...>]

              * FCPG FCPG FCPG FCPG *

FRESNO, Calif., February 7, 2006 - FacePrint Global Solutions' EZ-FACE crime-fighting software leads the way to a safer world.

FacePrint Global Solutions_Symbol: FCPG.OB
Thuesday Close: $0.16_Short Term: $.20 - $.40
Shares outstanding: 72,374,726
Public float (approx): 14,600,100
52 week range: $0.10 - $0.32
Avg volume (6 months): 122,190 shares
Status: S t r o n g B u y

Go read all the newest PRs on this exciting company! This is one to watch!
 
 -----_The Basics of This Beauty_-----

* FCPG has had very strong responses to previous PR campaigns such as this   one.

* FCPG's EZ-FACE software receives strong endorsement from Law enforcement   agencies in Canada and the US .

* 150,000 copies of EZ-FACE's predecessor, FACES, The Ultimate Composite   Picture, were distributed to law enforcement agencies around the world.

* Demand for facial recognition software (EZ-FACE) has skyrocketed due to   recent security risks.  The market is measured in billion of dollars.

* Police say FacePrint Global Solutions' EZ-FACE 3D software will help them   put criminals behind bars

* The company's stock is very much undervalued considering the potential of   the industry and the position of the company. (The perfect time to get in!)

* Homeland security products are being developed by FCPG.

* FCPG developing E-DNA Bioprint Coding System for the Internet transmission of data related to individual faces.

-----_Keep Reading:_-----

FacePrint Global Solutions (FGS) [FCPG.OB] is moving forward on its early-2006 release of EZ-FACE, the company's 3D composite picture software, and is developing a cutting-edge technology called EZ-MATCH, a new facial recognition crime-fighting tool that will solve most of the current problems found in existing programs.
EZ-MATCH is loaded with capabilities and features that will revolutionize crime fighting and, most importantly, keep things simple. It will be also, the first online search engine of its kind for facial features and human pictures. EZ-MATCH will allow EZ-FACE users to generate and codify faces directly from a single picture or a database of facial pictures.
The possible uses for FGS's biometrics products and facial recognition technology includes airport screening, controlling access to computer systems, restricted areas, entitlement benefits, identity theft prevention, and securing the nation's borders. 

The transmitter of this email is a marketing firm only and has no relationship with FCPG. The purpose of this advertisement is to provide publicity for the advertised company, its products or services. This advertisement is not a solicitation or recommendation to buy, sell or hold securities and does not provide an analysis of the financial position of the company discussed in the email. The transmitter of this email is not a licensed registered investment advisor, investment banker, market maker, analyst, underwriter or broker-dealer. This report is provided as an information service only, and the statements and opinions in this report should not be construed as an offer or solicitation to buy or sell any security. The information contained herein is not guaranteed by transmitter to be accurate, and should not be considered to be all-inclusive. The transmitter of this email accepts no liability for any loss arising from an investor's reliance on or use of this report. An inv
 estment in FCPG is considered to be highly speculative and should not be considered unless a person can afford a complete loss of investment. The transmitter of this email has been hired by a third party consultant, Core Consulting, and has been compensated 300,000 shares for the circulation of this financial newsletter. The transmitter of this email was hired as a vendor to deliver this newsletter. This report contains forward-looking statements, which involve risks, and uncertainties that may cause actual results to differ materially from those set forth in the forward-looking statements. For further details concerning these risks and uncertainties, see the SEC filings of FCPG including the company's most recent annual and quarterly reports.

=?iso-2022-jp?B?IBskQkJ0MGYkRyQ5GyhC?=

[<ne...@ci...>]

DQobJEJGTUEzJE4lYSE8JWskRz89JDdMdSQ0JDYkJCReJDskcyEjO2QkTyU7JWwlVjZmM1pJdCRI
JCQkJkE0OXFFODMrJE4jMyMwQmUwSj5lJE40ezonPFQkLD04JF4kayEiJTMlXyVlJUslRiUjJHJF
fTNnJDckRiQkJGtCdDBmOSVIfiRIPz0kNyReJDkhIzRKQzEkS0BiTEAkJCQ/JDckXiQ5JEghIj9N
OkokTj13QC0kLDAmP00kckM1JDklMyVfJWUlSyVGJSMkRyQ5ISMkPSROJGgkJiRKNFg3OCRLNj1M
IyROJCIka0NLQC0kTyUzJUElaSReJEclIiUvJTslOSQ3JEYyPCQ1JCQbKEIgGyRCJTMlQSVpISEb
KEJodHRwOi8vYXdnLndlYmNodS5jb20vY2FzYW5vdmEvPzE5MzQbJEIhISRHJTslbBsoQiANChsk
QiVWNmYzWkl0JEg4ITp3JDckRiRiJGkkKCRsJFA9d0AtJE40aTxMPz9JVSQtJE4lVyVtJVUlIyE8
JWskSE8iTW1AaCRyOCskazt2JCwkRyQtJF4kOSEjJCpCVCRBJDckRiQqJGokXiQ5ISMbKEINCg0K
DQoNCg0KLy8vLy8vLy8vLy8vLy8vLy8vLy8vLy8vLy8vLy8vLy8vDQobJEIlYSE8JWtJVE1XJE5K
fSRPJDMkQSRpJEslYSE8JWskciItGyhCDQpjb25jZXB0M19uZXRAeWFob28uY2ENCg0KDQo=

Re:Re:Re:Re:Re:Re:Re:Re:Re:Re:33

[<in...@pl...>]

$B$^$C!"%;%U%l$bC5$7$F$b$i$%M=Dj$@$+$i%*%^%1!#(B

http://plutolove.info/lvc/













$BITMW$NJ}$O(B

in...@ok...

PwManager-1.2.3 Release

[Michael B. <mb...@fr...>]

Hi,

Here comes the third bugfix release for the 1.2 branch of
the Password Manager.
PwManager is a Password Manager for the KDE Platform.
It also includes a good Password Generator.

Homepage:
http://passwordmanager.sourceforge.net/
Download:
http://prdownloads.sourceforge.net/passwordmanager/pwmanager-1.2.3.tar.bz2?=
download
Screenshots:
http://passwordmanager.sourceforge.net/screenshots/screenshots.html

ChangeLog:
# fix crashes caused by a dangling pointer to the closed mainwindow.
# fix gpasman import by removing pointless sanity checks.

Thanks to Oliver Klee and Spiro Angeli for the bugreports.

The package format changed, too. I'm now using --notoplevel for
createPackage.sh. I hope this does not break build for someone.

Please note that there are also Ubuntu (Kubuntu) packages
available now. Thanks to Anthony MERCATANTE.
http://passwordmanager.sourceforge.net/download.html#kubuntu
(Not yet of version 1.2.3, but I'm sure he will build them soon. :) )

=2D-=20
Greetings, Michael

PwManager-1.2.2 Release

[Michael B. <mb...@fr...>]

Hi,

Here comes the second bugfix release for the 1.2 branch of
the Password Manager.
PwManager is a Password Manager for the KDE Platform.
It also includes a good Password Generator.

Homepage:
http://passwordmanager.sourceforge.net/
Download:
http://prdownloads.sourceforge.net/passwordmanager/pwmanager-1.2.2.tar.bz2?=
download
Screenshots:
http://passwordmanager.sourceforge.net/screenshots/screenshots.html

ChangeLog:
uhm, I forgot to maintain a changelog. Sorry.
But I remember that a printing bug has been fixed. But
there were also other bugfixes, which I don't remember yet.

=2D-=20
Greetings, Michael

PwManager-2.0.0-pre2 Prerelease

[Michael B. <mb...@fr...>]

Hi,

This is the second prerelease of the upcoming PwManager-2.0.
PwManager-2.0 (The "Professional Wallet Manager") will be
a generic and deamon based information manager,
(like KWallet, but better :P )
with a slight aim on managing passwords conveniently.

PwManager-2.0 is a complete rewrite since 1.0 (1.2 is 1.0 with
a few backported 2.0 features).

This snapshot is usable. I use it myself to manage my passwords.
A working PwManager-1.x import filter has been written, so
you can easily test it with your existing databases. (But
without the risk of destroying your existing databases)

There are many unimplemented features, but the main features
are ready for use.

Have fun!

Homepage:
http://passwordmanager.sourceforge.net/

Download:
http://prdownloads.sourceforge.net/passwordmanager/pwmanager-2.0.0-pre2.tar=
=2Ebz2?download


=2D-=20
Greetings, Michael

PwManager-2.0.0-pre1 Development Snapshot

[Michael B. <mb...@fr...>]

Hey,

This is the first development snapshot of the upcoming
next generation PwManager.
PwManager-2.0 (The "Professional Wallet Manager") will be
a generic and deamon based information manager (like KWallet),
with a slight aim on managing passwords conveniently.

I got database save/load working today, so I thought it was
a nice day to release the first snapshot. :)
Please do not expect a bugfree and fully featured program, yet.

If you feel crazy you may:
* Compile test the thing on your machine.
* Try to fire it up and check if it does not crash.
* Look at the new (incomplete) User Interface.
* Play around until it crashes. :)

Homepage:
http://passwordmanager.sourceforge.net/

Download:
http://prdownloads.sourceforge.net/passwordmanager/pwmanager-2.0.0-pre1.tar=
=2Ebz2?download

=2D-=20
Greetings, Michael

pwmanager_dump-1.0 Release

[Michael B. <mb...@fr...>]

Hi,

Here comes the 1.0 release of pwmanager_dump, the
platform independent tool to dump PwManager .pwm files.

With this tool you can read the contents of your
=2Epwm database files on the commandline.
It is designed to be portable (a few issues are still left).
The platforms GNU/Linux and Win32 are currently officially
supported. Precompiled binaries for Win32 are available.

This tool does only a minimum of sanity checks for the
=2Epwm database data. So if you enter the wrong Master Password
(for example), you will _not_ see a message like "wrong password",
but you will see something like "Could not dump file body".
This is intentional to give a chance to recover broken .pwm files.
pwmanager_dump does its very best to dump every broken junk. :)
You may also try the option "--dump x", which will do even
less sanity checks.

Sourcecode Download:
http://prdownloads.sourceforge.net/passwordmanager/pwmanager_dump-1.0.tar.b=
z2?download

Win32 binary Download:
http://prdownloads.sourceforge.net/passwordmanager/pwmanager_dump-1.0_win32=
=2Ezip?download

Thanks to all those who helped me via email with
great suggestions.

=2D-=20
Greetings, Michael

Re: [Kde-extra-gear] pwmanager_dump-0.9 first public release

[Michael B. <mb...@fr...>]

Quoting Michael Buesch <mb...@fr...>:
> Hi,
>=20
> This is the first release of pwmanager_dump, a small and
> portable C program to dump the contents of a PwManager .pwm
> file on the command line.
> The only two dependencies are zlib and libbzip2. As zlib
> and libbzip2 are portable throughout virtually every architecture
> and operating system, I'm hoping to get a working pwmanager_dump
> for Linux, Win32 and maybe FreeBSD in future. (There was already
> some success with Win32).
>=20
> Download:
> http://prdownloads.sourceforge.net/passwordmanager/pwmanager_dump-0.9.tar=
=2Egz2?download

Oh sorry I fucked up the archive name.
It is a .tar.bz2 file. :)
But uncompressing works, so no problem here.

=2D-=20
Greetings, Michael

pwmanager_dump-0.9 first public release

[Michael B. <mb...@fr...>]

Hi,

This is the first release of pwmanager_dump, a small and
portable C program to dump the contents of a PwManager .pwm
file on the command line.
The only two dependencies are zlib and libbzip2. As zlib
and libbzip2 are portable throughout virtually every architecture
and operating system, I'm hoping to get a working pwmanager_dump
for Linux, Win32 and maybe FreeBSD in future. (There was already
some success with Win32).

Download:
http://prdownloads.sourceforge.net/passwordmanager/pwmanager_dump-0.9.tar.g=
z2?download

=2D-=20
Greetings, Michael

License change: trunk/extragear/security/pwmanager/pwmanager/libpwmanager

[Michael B. <mb...@fr...>]

Hi,

I am going to change the license of the
trunk/extragear/security/pwmanager/pwmanager/libpwmanager
library from GPL v2 to LGPL v2.1.

The only pure GPL code there, which is not copyrighted by
me, is the base64 code (two functions):
void Base64::encode(QByteArray *to, const QByteArray &from)
void Base64::decode(QByteArray *to, const QByteArray &from)

They are derived from QT4 and I'll replace them by LGPL code.

So basically I see no problem with a license change, after
the Base64 code has been replaced.

***
*** Important:
***

If somebody on earth claims copyright on some piece of
code in trunk/extragear/security/pwmanager/pwmanager/libpwmanager
and does not agree with a license change from GPL v2 to LGPL v2.1,
please shout NOW.

We'll either find a solution, or I'll remove the code. But as I
wrote all code there by myself, except some already LGPLed code and
the Base64 code, I think hardly anybody will come and disagree
with the license change. ;)

=2D-=20
Greetings, Michael

PwManager-1.2.1 Release

[Michael B. <mb...@fr...>]

Hi,

Here's the first bugfix release for the 1.2 branch of
the Password Manager.
PwManager is a Password Manager for the KDE Platform.
It also includes a good Password Generator.

Homepage:
http://passwordmanager.sourceforge.net/
Download:
http://prdownloads.sourceforge.net/passwordmanager/pwmanager-1.2.1.tar.bz2?=
download
Screenshots:
http://passwordmanager.sourceforge.net/screenshots/screenshots.html

ChangeLog from 1.2.0

2005-05-10: VERSION 1.2.1
    * # compile fixes in the SmartKey code.
    * # fix tray menu for deeplocked docs.
    * # KWalletEmu support for default KWallet "local" and "network" wallet=
s. KWallet Emulation should now work with KMail (at least).

It is possible that something is missing in the changelog,
because of the recent CVS->SVN switch trouble. Sorry for that.

Have fun with this new version and enjoy.

=2D-=20
Greetings, Michael

PwManager-1.2.0 Release

[Michael B. <mb...@fr...>]

Hi,

I'm proud to announce the first Feature Release
since the 1.0 series.
PwManager is a Password Manager for the KDE Platform.
It also includes a good Password Generator.

Homepage:
http://passwordmanager.sourceforge.net/
Download:
http://prdownloads.sourceforge.net/passwordmanager/pwmanager-1.2.0.tar.bz2?=
download
Screenshots:
http://passwordmanager.sourceforge.net/screenshots/screenshots.html

ChangeLog from -rc1 to final:

2005-03-24: VERSION 1.2.0
    * ~ better error handling for external password generator.
    * ~ code cleanup.
    * ~ GUI cleanup.
    * + libchipcard2 support.
    * ~ remove class SelfTest and move the tests to the algorithm ctors.
    * ~ new icons.

To summarize: Mainly SmartKey code fixes and additions.

Have fun with this new version and enjoy.

=2D-=20
Regards Michael Buesch  [ http://www.tuxsoft.de.vu ]

PwManager-1.2.0-rc1 Release

[Michael B. <mb...@fr...>]

Hi,

Here is the next Feature Release of the Password Manager.
This is basically a fork of the 1.0 series with many new
features, fixes and cleanups (GUI cleanups).

Homepage:
http://passwordmanager.sourceforge.net/

Download:
http://prdownloads.sourceforge.net/passwordmanager/pwmanager-1.2.0-rc1.tar.=
bz2?download

If nothing serious appears, I want to release final
PwManager-1.2.0 soon. So please do some tests and
enjoy the new features.

ChangeLog:
2005-03-19: VERSION 1.2.0-rc1
 - removed broken chipcard implementation.
 + new MasterKey/SmartKey framework.
 + backward compatibility to old chipcard framework.
 + new (simpler) Interprocess Communication.
 + massive GUI updates.
 + new Randomizer framework.
 + new improved Password Generator.
 ~ display "dirty-status" in titlebar.
 + System Tray Icon code completely rewritten.
 + CSV (Comma Separated Value) import/export.
 ~ use new release script "createPackage.sh".
 # compile fixes (make it compile with -pedantic).
 # fix memory errors (initialization errors, memleaks).
 # fix i18n strings.


CVS branch for the 1.2 branch is "branch-1-1".
Yes, I know that it's misnamed. 1.1 will never be
released and all development in the 1.1 branch is dropped.
So 1.2 development is currently done in "branch-1-1".


=46or the i18n folks:
Message strings freeze is scheduled for next Sunday (2005-03-27)
Thanks for your hard work!

=2D-=20
Regards Michael Buesch  [ http://www.tuxsoft.de.vu ]

PwManager-1.1.0-pre2 release

[Michael B. <mb...@fr...>]

Hi,

It's been a long time since the last 1.1 release. I was busy developing
code (and throwing code away :P ) for PwManager-2.0. Finally I found
the neccessary time to go on in the 1.1 branch.

Well, there are many new features available.
The most noteable things are:

o  completely rewrote the systray icon code.
o  better posix signal handler.
   (and better cleanup on a signal trigger)
o  remove obsolete and useless code.
o  improved the password generator.
o  fix bugs and port bugfixes from branch-1-0.

This release is likely to be the last -pre version. I think, I'll
do -rc1 as next step.

But there are still a few things pending:

o  new icons.
   _Please_ someone help me here. I'm very bad at designing icons
   (as you can easily see). I would be very happy to have shiny
   new icons for 1.1.0.
o  pwsafe export support.
o  a few fixes and improvements here and there.


Here's the complete ChangeLog:
http://passwordmanager.sourceforge.net/changelog/changelog_head.html#versio=
n_1_1_0pre2

PwManager Homepage:
http://passwordmanager.sourceforge.net/

Download:
http://prdownloads.sourceforge.net/passwordmanager/pwmanager-1.1.0pre2.tar.=
bz2?download

GPG signature:
http://prdownloads.sourceforge.net/passwordmanager/pwmanager-1.1.0pre2.tar.=
bz2.asc?download


=2D-=20
Regards Michael Buesch  [ http://www.tuxsoft.de.vu ]

PwManager-1.1-pre1 release

[Michael B. <mb...@fr...>]

Hi,

It's done.
This is the first development prerelease of the upcoming
PwManager-1.1.0. It adds many features.

Complete ChangeLog:

2004-10-10: VERSION 1.1pre1
    * + implemented entry meta information.
    * ~ reimplemented some functions to execute O(1) instead of O(n), or if=
 O(1) was not possible, made them much faster.
    * ~ heavily reduced flicker when updating listView.
    * + implemented an internal password generator.
    * + support for more crypto algorithms (libgcrypt).
    * ~ always require an unlock when deleting an entry.
    * + display the "dirty-status" of a document in the MainWindow titlebar.
    * + pwsafe import support.
    * + CSV (Comma Separated Value) import/export support.
    * ~ some minor changes I forgot to add to the changelog.

Homepage:
http://passwordmanager.sourceforge.net

Download:
http://prdownloads.sourceforge.net/passwordmanager/pwmanager-1.1pre1.tar.bz=
2?download

=2D-=20
Regards Michael Buesch  [ http://www.tuxsoft.de.vu ]

PwManager-1.0.2 release

[Michael B. <mb...@fr...>]

Hi,

This is the second bugfix release for the stable 1.0 branch
of PwManager.
It fixes some minor bugs and adds a tiny feature. The new
"execute launcher and copy password" button is useful, for
example, if you have a ssh command as launcher. You can execute
the launcher and copy the passsword into clipboard in one step.
So it's easier to paste it directly into the ssh prompt.

Complete ChangeLog:

2004-10-03: VERSION 1.0.2
  + added "execute launcher and copy password" feature.
  # fixed DEFAULT_MAX_ENTRIES in the core to never overflow.
  # fixed core launcher executer for an empty launcher.
  # fixed opening of a second (empty) document if we open a
    file through commandline argument.
  # Don't allow --mintray if the tray does not exist.
  # fixed text import/export for strings with newlines.


Have a lot of fun!

PwManager Homepage:
http://passwordmanager.sourceforge.net/

KEG Homepage:
http://extragear.kde.org/apps/pwmanager.php

Download:
http://sourceforge.net/project/showfiles.php?group_id=3D90138

=2D-=20
Regards Michael Buesch  [ http://www.tuxsoft.de.vu ]

PwManager-1.0.1 release

[Michael B. <mb...@fr...>]

Hi,

Here's the first bugfix release since 1.0.
Althought, it's a bit more than a plain bugfix release. I merged the
new simple password generator from development branch and
deprecated PwG usage.
Thanks to the KDE i18n team for the still growing number of translations!
Please keep the good work.

Complete ChangeLog:

2004-09-01: VERSION 1.0.1

    * ~ merge working password generator from development branch.
    * ~ i18n updates.
    * - removed PwG support.
    * # fix view update bug when comment pane flips up.
    * ~ make mainwindow shutdown userfriendlier.


Some background information on the development branch:
I'm currently working on the "daemonized mode" I announced over one
month ago. Basic work on the daemon process and client library is done.
I haven't got anything commitable, yet, but I hope that I can do a
technology preview release in a few weeks.

Have a lot of fun!

PwManager Homepage:
http://passwordmanager.sourceforge.net/

KEG Homepage:
http://extragear.kde.org/apps/pwmanager.php

Download:
http://sourceforge.net/project/showfiles.php?group_id=3D90138

=2D-=20
Regards Michael Buesch  [ http://www.tuxsoft.de.vu ]

PwManager-1.0 Stable Release

[Michael B. <mb...@fr...>]

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

Hi,

I'm proud to announce the PwManager 1.0 Stable release [1].
Release Candidate 2 is released as Stable without any changes.

Development of the PwManager Password Manager began in April 2003.
The oldest file in the first PwM release is dated on April 29th. Planning
for this password manager began somewhere in the middle of April.
So we can say that it took more or less 14 Months of development from the
first line of code to a stable and feature rich password manager.

I want to thank everyone, who contributed to this project. A few of them
are called in the About box. But all the others, who contributed very
helpful bugreports and feature requests should not be forgotten here.
Thank you!
Thanks to the whole KDE Team, the ExtraGear and i18n-doc people.
Thanks to the PwManager Packagers, who create packages for the different
distributions.
PwManager wouldn't be that, that it is today, if nobody helped me.
Finally, thanks to the sourceforge team for providing excellent web and
ftp space.

What about the future, you may ask.
Well, there's already heavy development in CVS HEAD branch.
"Entry meta information" is partially implemented already.
Some code got rewritten to execute faster.
A usable password generator got implemented partially. (Yea, this
generator crap in 1.0 is, ... crap).
Support for more and stronger crypto and hashing algorithms got
implemented (via libgcrypt).
Some needed security improvements were made: Memory locking, random
padding, ... . And there's still a lot to do.
A pwsafe import/export interface module is in development. I hope I can
commit something soon.

I'm currently making plans about implementing an (optional) daemonized
mode. Will be something like the KWallet interface, but with completely
other internals. There's no code written and my idea is only a little
scribbling on a piece of paper, yet. I'm not a person who talks too much
about things that don't exist, so I'll stop here. ;)

Support for nested Categories is also planned.

If you have more suggestions, please look at the TODO list [2] and if you
don't find your idea there, please email and discuss it with me.
Preferrably on the PwManager mailing list.

The PwManager homepage is:
http://passwordmanager.sourceforge.net/

As PwManager is part of KDE ExtraGear 3, it has a page on KEG, too:
http://extragear.kde.org/apps/pwmanager.php


[1] TODO: URL to stable.
[2] http://extragear.kde.org/apps/pwmanager.php#todo


- --
Regards Michael Buesch  [ http://www.tuxsoft.de.vu ]


-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.2.4 (GNU/Linux)

iD8DBQFBBoCWFGK1OIvVOP4RAqWxAKCFE37hRe4goXPGRjbpu+yYmxbfcACdFBXS
mXoFDY2DFGd101zH/R+sYVA=
=k2dW
-----END PGP SIGNATURE-----

PwManager-1.0rc2 release

[Michael B. <mb...@fr...>]

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

Hi,

This is the second release candidate of PwManager-1.0.
PwManager-1.0rc2 is a minor bugfix release.
Hopefully this can be the last rc before 1.0 stable.

ChangeLog can be found here:
http://passwordmanager.sourceforge.net/changelog/changelog_branch-1-0.html#version_1_0rc2

Homepage:
http://passwordmanager.sourceforge.net/

Thanks to all for sending bugreports and patches!
Thanks to all i18n people, too!
(I'm still searching a german translator. I've got an incomplete
german .po here. Anybody interested?)

- --
Regards Michael Buesch  [ http://www.tuxsoft.de.vu ]


-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.2.4 (GNU/Linux)

iD8DBQFBA6M/FGK1OIvVOP4RAsfNAKCbVaiuURQ9EbGFk9BijtK/tgytkgCgwZum
U41g/LxvqHARyDZ28cTlfv0=
=34hf
-----END PGP SIGNATURE-----

PwManager-1.0rc1

[Michael B. <mb...@fr...>]

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

Hi,

The first release candidate for the upcoming stable
1.0 release is available.
PwManager-1.0rc1 (kitty) is a bug- and problem-fix release.

2004-07-05    VERSION 1.0rc1
  ~ add a lock to the dataChanged signal to prevent
    unnecessary view updates.
  ~ minor fixes and cleanups.
  ~ make tray recognize binary entries.

http://passwordmanager.sourceforge.net/

- --
Regards Michael Buesch  [ http://www.tuxsoft.de.vu ]


-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.2.4 (GNU/Linux)

iD8DBQFA7oGnFGK1OIvVOP4RAgNyAKDLIPNgF7dzcT87LwXZkL1pIwncEACgvqwk
kTDvyTgWWWc334Ew7K4M0z0=
=5x2C
-----END PGP SIGNATURE-----

PwManager-1.0pre1

[Michael B. <mb...@fr...>]

=2D----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

Hi!

Here is the first prerelease of the upcoming
1.0 stable branch.
PwManager-1.0pre1 (teatime) fixes many minor bugs
and problems.

2004-06-XX    VERSION 1.0pre1
  ~ replaced entry-checkbox with friedlier icons.
  # fixed possible race conditions in self-test code.
  ~ changed config dialog layout settings.
  ~ simplify some parts of the file-format.
  ~ saver file handling in saveDoc() to prevent data-loss.
  + implement parameter passing for new instances.
  ~ made some internal timers lockable to prevent
    race conditions with the user interface.

http://passwordmanager.sourceforge.net/

=2D --=20
Regards Michael Buesch  [ http://www.tuxsoft.de.vu ]

=2D----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.2.4 (GNU/Linux)

iD8DBQFA0xK5FGK1OIvVOP4RAlPgAKCcXdgzgGejcV6bDmeVqOqxiNk+mQCeOizY
sMF2b/Gt7b6wTHv1VQ8gokI=3D
=3DhFtK
=2D----END PGP SIGNATURE-----

Re: New feature?

[Ian M. <ian...@ea...>]

Michael,
Hmm ... you make very good points that I hadn't thought of.
I never realized authors had to put so much thought and energy into their 
creations.

Rehards,
Ian

On Saturday 05 June 2004 3:03 am, Michael Buesch wrote:
> On Saturday 05 June 2004 11:24, Ian MacGregor wrote:
> > However, I am now thinking of a another solution.
> > How does PwManager encrypt the file? Does PwManager use some system
> > specific info (ie. hard drive serial #, a random salt, etc.) as a key
> > when encrypting? Or, does it rely soley on the master password?
>
> The password-file is explicitely made portable, so that you can store it
> on your NFS server and access it from your main workstation and
> your notebook, for example. This would not work, when we depend on
> hardware.
>
> > You could have PwManager use
> > the masterpassword+hard drive serial number+random number to create a
> > grand master password and use that to encrypt with instead of just the
> > master password. that way a file encrypted on my machine would not
> > decrypt on any other machine due to the hard drive serial number and
> > random number being different.
>
> It may be an optional feature, but will _never_ be a good default
> behaviour, IMHO. People will complain: "Fscking PwManager corrupted my
> password file! I can't read it on my new Computer. I've sold my old
> one and I didn't make backups". Oh, yea. listen. I can hear tons of emails
> on their way... ;)
>
> > This would also defeat a keylogger and mouse mapper -
>
> I can't see how you can say that. Really.
> Secure file-format is the one thing, but entering the password
> is another. If we have this Hardware dependent file-format, there
> can _still_ be some key-loggers installed. Did I miss something?
>
> > and may be
> > easier to code.
>
> Oh, don't expect that.
>
> > But, I also could not use that file on any of my other three
> > computers. But, that would make it more secure.
> >
> > I am just trying to find ways to make PwManager more secure. It's a
> > wonderful app and I just want to see it improve.
>
> I want to see PwManager more secure, too.
> But I think there is one point we can't make more secure. => the user.
> All what we try to do here is to protect the user from himself.
> Imagine: What if we actually have implemented the hardware dependent
> file-format, a mouse and keylogger secure entering mechanism? What
> about a virus grepping through the memory image of PwManager? (/proc/PID)
>
> I think this is the same issue I discussed some time ago with George
> Staikos about KWallet. I complained that every application is able
> to be man-in-the-middle in the security critical KWallet DCOP data stream
> (and I fact that _is_ what PwManager does do emulate KWallet *g*. So
> consider PwManager as some kind of exploit. ;) )
> So he replied, that an application that wants to do Bad Things (tm)
> needs to run as the same user, as PwManager runs. And that's exactly
> protecting the user against himself.
>
> > Ian

-- 
Registered Linux User # 350412
MacGregor Despite Them!

Re: New feature?

[Michael B. <mb...@fr...>]

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

On Saturday 05 June 2004 11:24, Ian MacGregor wrote:
> However, I am now thinking of a another solution.
> How does PwManager encrypt the file? Does PwManager use some system specific
> info (ie. hard drive serial #, a random salt, etc.) as a key when encrypting?
> Or, does it rely soley on the master password?

The password-file is explicitely made portable, so that you can store it
on your NFS server and access it from your main workstation and
your notebook, for example. This would not work, when we depend on hardware.

> You could have PwManager use
> the masterpassword+hard drive serial number+random number to create a grand
> master password and use that to encrypt with instead of just the master
> password. that way a file encrypted on my machine would not decrypt on any
> other machine due to the hard drive serial number and random number being
> different.

It may be an optional feature, but will _never_ be a good default
behaviour, IMHO. People will complain: "Fscking PwManager corrupted my
password file! I can't read it on my new Computer. I've sold my old
one and I didn't make backups". Oh, yea. listen. I can hear tons of emails on
their way... ;)

> This would also defeat a keylogger and mouse mapper -

I can't see how you can say that. Really.
Secure file-format is the one thing, but entering the password
is another. If we have this Hardware dependent file-format, there
can _still_ be some key-loggers installed. Did I miss something?

> and may be
> easier to code.

Oh, don't expect that.

> But, I also could not use that file on any of my other three
> computers. But, that would make it more secure.
>
> I am just trying to find ways to make PwManager more secure. It's a wonderful
> app and I just want to see it improve.

I want to see PwManager more secure, too.
But I think there is one point we can't make more secure. => the user.
All what we try to do here is to protect the user from himself.
Imagine: What if we actually have implemented the hardware dependent
file-format, a mouse and keylogger secure entering mechanism? What
about a virus grepping through the memory image of PwManager? (/proc/PID)

I think this is the same issue I discussed some time ago with George
Staikos about KWallet. I complained that every application is able
to be man-in-the-middle in the security critical KWallet DCOP data stream
(and I fact that _is_ what PwManager does do emulate KWallet *g*. So
consider PwManager as some kind of exploit. ;) )
So he replied, that an application that wants to do Bad Things (tm)
needs to run as the same user, as PwManager runs. And that's exactly
protecting the user against himself.

> Ian

- --
Regards Michael Buesch  [ http://www.tuxsoft.de.vu ]

-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.2.4 (GNU/Linux)

iD8DBQFAwZp6FGK1OIvVOP4RAmJjAKCVYFJiyeFgLY1OYRYwtAOPmMtZIgCfZNAP
bXONFU3U5u7I06a/UL7NC8s=
=sWd+
-----END PGP SIGNATURE-----