Windows Integrity Checkers

Windows integrity checkers are very useful for finding Trojan programs and backdoors. The typycal way of deploying them is run the tool on startup and shutdown.

Theoretically they are also useful for maintenance, but in reality this goal is pretty difficult to achieve. Perl-written (or Python-written) integrity checkers are more flexible and thus have an edge over C-written tools like Tripwire.  Perl based checkers are now moved to a separate page: Perl-based Integrity checkers.

• fcheck has the ability to monitor directories, files or complete filesystems for any additions, deletions, and modifications.  It is configurable to exclude active log files, and can be ran as often  as needed from the command line or cron making it extremely difficult to circumvent.
• afick is more complex tool that has TK interface but at the same time has some bugs. It can be recommended only to sysadmin with above average understanding of Perl.  It should work both in Windows and Unix but in reality works only in Linux  due to complex calls/macros used. Please be skeptical about positive press for afick as it is a complex and capricious beast with most of complexity not related to the core functionality. 

The part of Windows integruty checking is registy monitoring and that should be done with a separate set of tools

Process Monitor is an advanced monitoring tool for Windows that shows real-time file system, Registry and process/thread activity. It combines the features of two legacy Sysinternals utilities, Filemon and Regmon, and adds an extensive list of enhancements including rich and non-destructive filtering, comprehensive event properties such session IDs and user names, reliable process information, full thread stacks with integrated symbol support for each operation, simultaneous logging to a file, and much more. Its uniquely powerful features will make Process Monitor a core utility in your system troubleshooting and malware hunting toolkit.

Process Monitor runs on Windows 2000 SP4 with Update Rollup 1, Windows XP SP2, Windows Server 2003 SP1, and Windows Vista as well as x64 versions of Windows XP, Windows Server 2003 SP1 and Windows Vista. 

InstallWatch version 2.5 is provided as a free download and can be used as a monitoring tool during the installation of new software. Epsilon Squared, the distributor of InstallWatch, also offers InstallRite for free. The web site says that InstallRite lets you do "application cloning," in addition to all of the things that InstallWatch does, so you can clone a software installation without going through the installation process.

NEWS CONTENTS

• 20100325 : Integrity Checker ( Integrity Checker, Mar 25, 2010 )
• 20100325 : ID Install Watch ( ID Install Watch, )
• 20070610 : Host Integrity Monitoring Best Practices for Deployment by Brian Wotring ( Host Integrity Monitoring Best Practices for Deployment, Jun 10, 2007 )

Old News ;-)

[Mar 25, 2010] Integrity Checker

By Sarah Dean
Last updated: 30th April 2006

Integrity Checker is a straightforward application that checks the integrity of your files to ensure they have not been tampered with.

The files you select for protection will have their "known good" size stored together with either a hash or HMAC (user selectable) generated from the contents of each file. By comparing this information with what is actually stored on your drives later, any changes will be flagged up for your attention.

Screenshots of Integrity Checker are available.

Please email any bug reports, feature requests, comments, etc to me at [email protected]

The latest version (as of 30th April 2006) is v2.0

The latest version is always available at: http://www.SDean12.org/IntegrityChecker.htm

Download latest stable Integrity Checker executables

Download source code for the above stable version (see also SDeanComponents to download the OTFE, etc components required to compile this software)

Hashes and PGP signatures of the Integrity Checker software, as downloaded, are available here

A beta version of the development version of Integrity Checker can also be downloaded. Note: This link may not work. If it doesn't, and you can download the stable version, a beta version of the next version has not yet been released. The beta version is unsupported, but please feel free to email me if you have any comments on it.

• Please, do read the documentation in this file before emailing me! I know it's not much, and only really covers the basics, but...
• Pretty much everything in Integrity Checker works as it seems, so I won't go into too much detail as to how everything works. Besides, who reads manuals anyway? ;) Anything you're not too sure of, just make an educated guess; you'll probably be right!
• From the main window, doubleclicking on a file will display details for that file (including hash/HMAC value). Rightclicking brings up a context menu with various options.
• Integrity Checker does not write anything to the Windows registry (for those that are interested), unless you opt to associate ".ic" files with it.
• You may associate ".ic" files with Integrity Checker by selecting "View|Options...".
• You can pause and/or cancel operations by clicking on the list of files (or where the list is normally displayed; when adding directories the list is not shown for performance reasons). The current operation will be paused after the current file has been processed.
  
• The file status indicator shows each file as being in one of the following states:
  

  Status	Meaning
  OK	The file details stored match those of the file currently stored on disk
  Changed	The file details stored do not match those of the file currently stored on disk
  Deleted	The file has been deleted (or renamed).
  Unchecked	The file could not be checked (e.g. if the file on disk is currently opened by another application)
  Unknown	The file has not yet been checked to see if it has changed or not

  
  
• If you use Integrity Checker together with an OTFE (on-the-fly encryption) system (e.g. FreeOTFE) to ensure your system's security, it is recommended that you store a copy of the Integrity Checker executable and any ".ic" files you have created inside your OTFE volume! After mounting your OTFE volume, it is recommended that you only use the copy of Integrity Checker and ".ic" files stored within the volume, and for obvious security reasons - if your non-OTFE copy was compromised by an attacker...
• Using HMACs for your files is more secure than straightforward hashing. If simple hashing is used, any attacher wishing to modify files on your system can simply update your ".ic" files to match any files modified - effectivly covering their tracks. This form of attack is not possible if HMACs are used, since they require a password which is incorporated into the hashing process. Any modifications to an ".ic" file which uses HMACs will result in the HMACs it stores failing to match those of your files - alerting you of the tampering.
• For further information on HMACs, how they're generated and protect data, please see RFC2104 and RFC2202
  
• Legal stuff:
  • I retain all rights to this software
  • You are free to distribute this software, although no charge may be made of any kind for doing so (that includes any fees for copying and/or the distribution media)
  • If you distribute this software, this file must be included with it, intact and unmodified.
  • Any software derived from any part of Integrity Checker and/or it's source code is to be released as freeware with full source code
  • Blah, blah, blah ... you use this software at your own risk ... blah, blah ... author takes no responsibility ... blah, blah ... (i.e. the usual disclaimers, etc.)

Integrity Checker supports the following command line parameters:

-load <filename>	Automatically load list contained in <filename> at startup Note: If the path or filename specified has spaces in it, don't forget to surround <filename> with double quotes!
-hmac <key>	A key to be used for HMAC operations. If this is not specified, and one is needed, the user will be prompted for it.
-check	Check files in loaded list (requires "-load" to be present)
-silent	Do not show main dialog, but do show integrity check report when complete
-verysilent	Do not show main dialog, or any other dialogs unless something goes wrong (e.g. integrity check fails one or more files)
-quit	Quit after carrying out command line instructions (i.e. load, check) Note: If "-silent" or "-verysilent" is specified, "-quit" is implicit

ID Install Watch

• ID Install Watch is an absolute monitoring guardian of all of your installations, securing the accurate installation and proper functioning of all of your programs. The whole installation process of another program and insures it runs smoothly with no interference.

  ID Install Watch documents all changes occurring during the installation process. It can also interfere with the process making necessary adjustments and configuration changes.

  Oversees the removal process of a software or hardware. It makes sure everything goes as planned and that nothing threatens the process.

  Alerts you whenever an unexpected action takes place. ID Install Watch keeps you informed about the status of the installation at all times.

  ID Install Watch fixes some memory problems that may occur during the installation process. It protects your entire system and rescues available space on your disk.

  Monitors all registry entries, including deletions, modifications, or adding data to the Registry. It also monitors files and folders, as well as .ini files, modifications, deletions, or new entries.

  Offers at request, the option to export to XML the log for an installation. ID Install Watch provides you the opportunity to transfer the installation log in XML format, if and when you consider it necessary.

  ID Install Watch has a simple, easy to use graphic interface which efficiently monitors all installation processes. It takes minimum space on your computer to operate and provides great surveillance efficiency.

  Windows 98 SE or ME, Windows NT or 2000,Windows XP and SP SP2
  300 Mhz processor
  3 MB hard drive space
  128 MB RAM
  Supports Internet Explorer

[Jun 10, 2007] Host Integrity Monitoring Best Practices for Deployment by Brian Wotring

Brian Wotring is the lead developer for the Osiris project and CTO of Host Integrity

Mar 31, 2004 (securityfocus.com)

This article is written with the open source host integrity applications Osiris and Samhain in mind, however the material presented is certainly not unique to these applications.

... ... ...

The basic idea behind host integrity monitoring applications is that they detect and report on change to the system. It gets most interesting when a change is unauthorized or unwanted. Much of the monitoring is focused on the file system. However, other environmental vectors can be monitored as well. For example, Samhain has the ability to search for rootkits and monitor login and logout activities. Osiris has the ability to monitor the state of loaded kernel extensions and the details of changes to the local user and group databases. Detected change is reported in the form of log files, syslog, the Windows Event Viewer, and possibly emailed to an administrator.

... ... ...

To better appreciate the role a host integrity system serves, imagine you find a new link to /etc/passwd that has been created in /tmp, a new kernel module that gets loaded without your knowledge, or a new user gets mysteriously created. How would you know if and when these types of changes occurred? There are commands that can be used to look for these happenings, but how would you know if and when to run them? What if these commands that you depend on for finding such changes were altered to hide specific information? Now, imagine you have hundreds of hosts that need to be monitored regularly to look for changes such as these.

Table One, below, compares features of some popular host integrity applications.

	Samhain	Osiris	INTEGRIT	AIDE
Monitors Files	yes	yes	yes	yes
Monitors Kernel	yes	yes	no	no
Platforms	Linux, FreeBSD, AIX 4.x, HP-UX 10.20, Unixware 7.1.0, Solaris 2.6, 2.8, and Alpha/True64	Windows NT/2k/XP, Mac OS X, Linux, Solaris, FreeBSD, OpenBSD	Linux, FreeBSD, Solaris, HP-UX, Cygwin	Linux, FreeBSD, OpenBSD, AIX Unixware 7.1.0, Solaris True64, BSDi, Cygwin
Multiple Administrators	no	yes	no	no
Supports Modules	no	yes	no	no
License	GPL	BSD style	GPL	GPL
Centralized Management	yes	yes	no	no
Signed Databases	yes	no	no	no
Database Integration	yes	no	no	no

Table One: a comparison of popular host integrity applications

More information on the above products can be found on their websites:

Samhain - http://la-samhna.de/samhain/
Osiris - http://osiris.shmoo.com
INTEGRIT - http://integrit.sourceforge.net/
AIDE - http://www.cs.tut.fi/~rammer/aide.html

Recommended Links

Softpanorama Recommended

Top articles

Sites

• Open Directory - Computers Security Intrusion Detection Systems
• [ packet storm ] - packetstorm.securify.com
• Finding Evidence of Your Cracker LG #36
• Intrusion Detection Primer
• Other potentially useful links from Brazil
• Osiris [hostintegrity.com]
• Samhain [sourceforge.net]

Reference

• Intrusion Detection FAQ
• FAQ Network Intrusion Detection Systems
• Linux Security Administrator's Guide by Dave Wreski, [email protected]
• Indicators of UNIX Host Compromise by Paul C. Brutch, Tasneem G. Brutch, and Udo Pooch

Recommended Articles

Host Integrity Monitoring Best Practices for Deployment by Brian Wotring

InstallWatch

Open Testware Reviews - InstallWatch by Tejas Software Consulting

Copyright 2003 by Tejas Software Consulting - All rights reserved.

This Open Testware Reviews feature article is made available as a public service of Tejas Software Consulting. Go to http://tejasconsulting.com/open-testware/ for more information about becoming a subscriber.

... ... ..

Reviewed: 2003-May-30
Version reviewed: 2.5c, 2000-Aug-25
Maintainer: Epsilon Squared, Inc.
URL: http://www.epsilonsquared.com/
Testingfaqs.org category: Test Implementation Tools
License: custom, binary-only
User interface: GUI, undocumented command line

InstallWatch is a Windows-based filesystem comparator tool, able to compare the contents of your filesystem and system registry between two points in time. It's probably most often used to tell the user what changes a software installation inflicts on a system, but testers can find several other uses for the tool. For example, you can find out exactly what your software's installation process does to your system, and compare this to the expected behavior of the installer. You can verify that the uninstall process removes everything it's supposed to, and no more. And for any kind of testing, you can check the "background" -- see if your software introduced unexpected changes on the disk during the course of testing.

I encountered a fairly long list of issues while using the tool, though it's still useful despite the flaws.

... ... ...

As far as I can tell from externally reported information, the last InstallWatch release was in August 2000. The latest copyright date is 1999 or 2000, depending on where in the product that you look. There are numerous freeware catalogs that list the tool, and a few sites where users describe their experiences. There is a mailing list dedicated to InstallWatch, but it's largely inactive.

Further updates to the tool may be coming, but I don't have much confidence that there will be another release any time soon.

The target platforms for the tool are not mentioned in the internal documentation. An external source says it runs on WIndows 95, 98, NT, and 2000. I ran it successfully on Windows 98, NT 4.0, and 2000, though the installation on Windows 98 didn't go very smoothly.

It's worth trying on later Windows releases to see if it's forward-compatible.

There is a mailing list for InstallWatch with fifty subscribers, but practically no activity in the last few years. The InstallRite mailing list does have a bit of traffic and more subscribers, including responses from the tool's author (see the Similar tools section).

There is no public bug tracking system or configuration management for InstallWatch. Epsilon Squared is not marketing commercial support for InstallWatch, but it couldn't hurt to ask the tool's author, Gavin Stark, if he would take your money in exchange for support. He recently stated that he is accepting donations and that a ramp-up in interest would encourage him to accelerate tentative plans to release an updated version commercially.

The only documentation for InstallWatch is the on-line help, which is fairly thorough, though flawed in several ways. The screen shots and the text seem to apply to a previous version of the tool, though they're close enough to still be useful. One section of the help file implies that by default, no files are excluded from the snapshot, but a third-party paper and my experience indicates otherwise, and I noticed that it didn't look at the Recycle Bin. There is a command line interface for InstallWatch, but it is not documented at all in the on-line help (see the paper reference in the last paragraph of this section).

There is a contextual help feature - you can click the Help icon and then click on an area of the application for help. However, in many cases I get a "The topic does not exist" error. I also encountered this error once within the on-line help. See the Limitations sections for details.

There is also a "Tour" page within the on-line help that's readily accessible from several places in the application. The tour gives a nice overview of how to use the tool.

I found several other InstallWatch reviews while googling around the Internet, some of them written when it was a commercial tool:

• InstallWatch 1.2 Professional (winntmag.com)
• InstallWatch Pro 2.5c review (sacpcug.org)
• InstallWatch review (softpile.com)
• Jumbo Guides Install Watch Pro review (jumbo.com)

It's interesting to see the different uses that people have for this tool. The review from sacpcug.org talks about using InstallWatch to help uninstall software (he said it didn't work well for that purpose). And one writer described how to use InstallWatch as a security tool in "A poor-man Tripwire-like system on Windows 9x/NT", which also includes several insights from the tool's author that can't be found in the documentation.

InstallWatch installs from a Windows executable that weighs in at about three and half megabytes. The "FTP Download" link on the Epsilon Squared web site is not functional, but the "HTTP Download" link works. No reboot is required after installation.

I did have a bit of trouble installing the tool on Windows 98 SE. On the first attempt, the installer had a fatal error. This is perhaps a routine scenario for Windows 98 users. I did not get that error again after a reboot, but there was a problem setting up the uninstaller. I was not able to uninstall InstallWatch on my Windows 98 machine, which makes for wonderful irony.

I also had trouble with interactions between InstallWatch and Netscape 7.02 on Windows NT. I couldn't get Netscape to download the install file, though Opera handled it just fine. Also, the "Updates" button on any platform. With Netscape as my default browser, it brings up the most recently used Netscape window, even it it's not a Communicator window. I believe this is a long-standing Netscape bug. But that's okay, because the URL that the Updates feature uses is not valid anyway.

The "compact" installation option is so compact that even the main InstallWatch executable is not installed. Don't use that option.

At the end of the installation, there is an option to join Epsilon Squared's mailing list. This feature doesn't seem to do anything on my Windows 2000 system. On Windows 98 it starts up a message that you can send with your default mail program.

InstallWatch is distributed with a custom binary-only license, so there are no implementation details to report. The source code is not available.

InstallWatch's performance is a factor of how large your registry is and how much data is on your hard drives, and also the particular configuration options that you choose. Checking only the registry is fairly quick, and mostly dependent on your hard drive speed. Checking the files on the hard drive adds more time. If you want to enable more advanced file checking to see if a program changed the contents of a file without changing the modification time, that'll cost you more time, and it'll bind your performance more to cpu speed. I'm not sure what the file version info is on Windows, but I presume it's stored somewhere in the filesystem metadata. The most difficult check is the CRC, which reads all the data on the sections of the hard drive that you specify in order to check that the contents didn't change.

The table below shows times in minutes and seconds from four different runs of InstallWatch, each of which consisted of taking a snapshot, making no deliberate changes to the system, and then running the analysis looking for changes. I recorded these times on a slow laptop with about six and a half gigabytes of data in about 80,000 files to check, and 107,000 registry keys.

configuration options	snapshot time (mm:ss)	analysis time (mm:ss)
registry only	1:22	1:04
registry + file modification times	3:57	1:27
all of the above + file version info	7:53	8:43
all of the above + CRC info	66:48	63:41

Because of the extra time required, you probably won't want to do the file version check or the CRC check on a regular basis unless you suspect that something is deliberately resetting file modification times to hide file content changes.

InstallWatch is often mentioned in the same breath as InCtrl5. In fact, because InCtrl5 seems to have more of a following, I was originally going to review it instead of InstallWatch. But PC Magazine recently started charging a small subscription fee to download the programs that are on their site, so that put InCtrl5 out of the freeware space. My impression after playing with InCtrl5 a bit is that it offers a feature set very similar to InstallWatch.

Epsilon Squared, the distributor of InstallWatch, also offers InstallRite for free. The web site says that InstallRite lets you do "application cloning," in addition to all of the things that InstallWatch does, so you can clone a software installation without going through the installation process. I probably would have reviewed InstallRite instead if I had taken a closer look ahead of time, especially since InstallRite has more users on its mailing list.

A similar free Windows tool I ran across during the review is Total Uninstall. The web page describes the same snapshot and compare process that InstallWatch and InCtrl5 use, plus it claims to be able to reverse the effects of an installation. It's available in several different languages.

A Windows & .NET Magazine article, "What's the Difference," describes Microsoft's sysdiff utility that can be useful for installation testing.

And finally, Linux users will be happy to hear that they have their own Installwatch tool, no relation to InstallWatch from Epsilon Squared. This tool has a clever design. It monitors all dynamically linked programs by hooking into the system libraries and recording system calls that modify the filesystem. It doesn't work if a statically linked program modifies the filesystem. The web site for this tool also refers to CheckInstall, which can use Installwatch to create an RPM archive to clone the results of a "make install." Therefore, CheckInstall also gives you the ability to uninstall when you use the RPM file, even if the program doesn't have an uninstall feature.

Here are the issues that I noted, a few of which are also mentioned elsewhere in this review.

1. The "Updates" button brings up a web browser and sends it to a defunct URL. This feature does not work.
2. If I use the "compact" installation option, the tool will not start.
3. The documentation says that by default no folders or files are excluded from the analysis, but the tool seems to exclude the Recycle Bin anyway. A statement by the tool's author repeated in the "A poor-man Tripwire-like system" paper lists several default exclusions, and they apparently can't be turned off.
4. On Windows 98 SE, when I install InstallWatch, I got an error: "unInstaller setup failed to initialize". When I try to uninstall, I get an error complaining about an uninst.isu file, and I can't uninstall the software. When I copied an uninst.isu file from a Windows 2000 installation and try to uninstall, I get an error that says I need to use an administrator account, which doesn't make sense on Windows 98.
5. The InstallWizard will not launch MSI installers. It reports falsely that they completed. It seems to work only with self-extracting executables. (I seem to remember InCtrl5 having the same problem.)
   
6. I can print the summary pane that's visible when I click the top item in the tree for an installation, but I can't export it to html or text. The two export options are active but don't do anything.
   
7. I can edit the summary pane after analyzing an installation (this feature is undocumented). If I click on the font family or font size widgets, the list of choices pops up in the wrong place, and all editing options disappear until I give focus back to the summary pane.
8. I can't print or export all of the analysis data with one action. I have to save file, INI files, and the registry sections separately. The "Print Full Report" feature mentioned in the help text doesn't exist.
9. If I have at least one analysis in the database, a "Search" item will appear in the tree. This appears to be a sophisticated feature for searching for something, but all I get from it is a "Duplicate search name" error when I try to use it. There is no documentation for this feature.
10. When I launched a snapshot and analysis from the command line and then later start the InstallWatch GUI, the analysis data does not show any summary information at the top level.
11. The option to join Epsilon Squared's mailing list during installation didn't seem to do anything on Windows 2000. It seems to work on Windows 98, though I'm not sure if anyone is listening on the other end.
12. The comments on the screen when InstallWatch is doing its analysis refer to "Back up file information," which is confusing. Perhaps it's referring to the snapshot.
13. When I try to export the analysis data for INI Files, there's no default filename like there is for other files and the registry. Also, I can't right-click on INI Files in the tree view to do the export like I can for "All files" and the registry.
14. The usage of the "Wait a while... I'm not finished yet" button is confusing. Processing seems to be going on in the background somehow. Also, the list that the button pops up includes a misspelling - "Indefinate."
    

Some tools start out as freeware and then go commercial. InstallWatch started as a commercial tool and is now available as freeware. I haven't gotten a solid picture of the history of the tool, but I'm very glad that the author, Gavin Stark, decided to release it as freeware when Epsilon Squared stopped marketing InstallWatch commercially. There are quite a few loose ends that seem to be the result of the transition to freeware status, all of them minor or fairly easy to work around. I didn't have any major frustrations with using the tool, and most users won't be looking for trouble on purpose like I was.

InstallWatch is basically a convenient Windows-based mechanism for comparing the contents of your disk between two points in time. Two special cases where the tool parses the contents of a file to give you more details about the changes are the registry, and the registry's older cousins, INI files. It's very interesting to see the changes that occur in the registry during the normal course of using your computer, though it can be frustrating trying to figure out which of the changes were initiated by the software you're testing and which ones were initiated directly by something else.

Typically, you would use InstallWatch to report exactly what the installation process for a software package does to your system. But there are many other possible uses for the tool, such as the security aspect mentioned earlier, or you could run it before and after a test run to see if the software you're testing makes unexpected changes to the system.

Unix users can implement the same filesystem comparison mechanism with a few dozen lines of script code. Or with something more clever like the Linux Installwatch program, the performance would be much faster, since changes are tracked at the source rather than exhaustively analyzing the hard disks.

InstallWatch doesn't go as far as being able to undo an installation, though it can save the added or both added and modified registry keys. It also doesn't make it easy to test the uninstallation process, because after it does its comparison, it erases the snapshot. It would be nice if it could save a new snapshot when it does an analysis, so you could take a snapshot, install something, do the analysis, then uninstall the software and do another analysis.

You can start a snapshot three different ways. You can click "Install" to start the InstallWizard, which will walk you through configuration, taking the snapshot, doing an install, and the analysis. It would be nice if it asked for all necessary information before taking the snapshot, so it could do all the time-consuming tasks without interaction. I did not use the InstallWizard very often, especially since it doesn't work with MSI files.

You can launch a comparison by configuring InstallWatch to detect when an installation is starting. I'm not sure how that works, but it dutifully detected my daughter installing the "Dora the Explorer Backpack Adventure" - it took the snapshot, launched the interactive installation process, and then did the analysis after the installation completed, frustrating my 4-year-old all the while, but giving me a nice real-world test.

And third, the mechanism I used most often - you can ask InstallWatch manually to take a snapshot at any time. Then do whatever you want on the system, and when you're done, kick off the "Analyze" phase to generate the comparison. This is the mechanism that opens up the tool to a number of different uses, and is the only way to check an uninstallation process.

I can't help but throw in a little folklore. While I was searching for background information about InstallWatch, I came across the Jargon File definition for "epsilon squared." It means "A quantity even smaller than epsilon, as small in comparison to epsilon as epsilon is to something normal; completely negligible." Hmmm. Gavin Stark tells me, "We chose this name since in the industry we are small fries compared to the big players such as Microsoft or Symantec, etc."

If you're a Windows user and want a fairly easy-to-use brute force filesystem comparison tool, InstallWatch is worth a look.

Etc

Society

Groupthink : Two Party System as Polyarchy : Corruption of Regulators : Bureaucracies : Understanding Micromanagers and Control Freaks : Toxic Managers :   Harvard Mafia : Diplomatic Communication : Surviving a Bad Performance Review : Insufficient Retirement Funds as Immanent Problem of Neoliberal Regime : PseudoScience : Who Rules America : Neoliberalism  : The Iron Law of Oligarchy : Libertarian Philosophy

Quotes

War and Peace : Skeptical Finance : John Kenneth Galbraith :Talleyrand : Oscar Wilde : Otto Von Bismarck : Keynes : George Carlin : Skeptics : Propaganda  : SE quotes : Language Design and Programming Quotes : Random IT-related quotes :  Somerset Maugham : Marcus Aurelius : Kurt Vonnegut : Eric Hoffer : Winston Churchill : Napoleon Bonaparte : Ambrose Bierce :  Bernard Shaw : Mark Twain Quotes

Bulletin:

Vol 25, No.12 (December, 2013) Rational Fools vs. Efficient Crooks The efficient markets hypothesis : Political Skeptic Bulletin, 2013 : Unemployment Bulletin, 2010 :  Vol 23, No.10 (October, 2011) An observation about corporate security departments : Slightly Skeptical Euromaydan Chronicles, June 2014 : Greenspan legacy bulletin, 2008 : Vol 25, No.10 (October, 2013) Cryptolocker Trojan (Win32/Crilock.A) : Vol 25, No.08 (August, 2013) Cloud providers as intelligence collection hubs : Financial Humor Bulletin, 2010 : Inequality Bulletin, 2009 : Financial Humor Bulletin, 2008 : Copyleft Problems Bulletin, 2004 : Financial Humor Bulletin, 2011 : Energy Bulletin, 2010 : Malware Protection Bulletin, 2010 : Vol 26, No.1 (January, 2013) Object-Oriented Cult : Political Skeptic Bulletin, 2011 : Vol 23, No.11 (November, 2011) Softpanorama classification of sysadmin horror stories : Vol 25, No.05 (May, 2013) Corporate bullshit as a communication method  : Vol 25, No.06 (June, 2013) A Note on the Relationship of Brooks Law and Conway Law

History:

Fifty glorious years (1950-2000): the triumph of the US computer engineering : Donald Knuth : TAoCP and its Influence of Computer Science : Richard Stallman : Linus Torvalds  : Larry Wall  : John K. Ousterhout : CTSS : Multix OS Unix History : Unix shell history : VI editor : History of pipes concept : Solaris : MS DOS :  Programming Languages History : PL/1 : Simula 67 : C : History of GCC development :  Scripting Languages : Perl history   : OS History : Mail : DNS : SSH : CPU Instruction Sets : SPARC systems 1987-2006 : Norton Commander : Norton Utilities : Norton Ghost : Frontpage history : Malware Defense History : GNU Screen : OSS early history

Classic books:

The Peter Principle : Parkinson Law : 1984 : The Mythical Man-Month :  How to Solve It by George Polya : The Art of Computer Programming : The Elements of Programming Style : The Unix Hater’s Handbook : The Jargon file : The True Believer : Programming Pearls : The Good Soldier Svejk : The Power Elite

Most popular humor pages:

Manifest of the Softpanorama IT Slacker Society : Ten Commandments of the IT Slackers Society : Computer Humor Collection : BSD Logo Story : The Cuckoo's Egg : IT Slang : C++ Humor : ARE YOU A BBS ADDICT? : The Perl Purity Test : Object oriented programmers of all nations : Financial Humor : Financial Humor Bulletin, 2008 : Financial Humor Bulletin, 2010 : The Most Comprehensive Collection of Editor-related Humor : Programming Language Humor : Goldman Sachs related humor : Greenspan humor : C Humor : Scripting Humor : Real Programmers Humor : Web Humor : GPL-related Humor : OFM Humor : Politically Incorrect Humor : IDS Humor : "Linux Sucks" Humor : Russian Musical Humor : Best Russian Programmer Humor : Microsoft plans to buy Catholic Church : Richard Stallman Related Humor : Admin Humor : Perl-related Humor : Linus Torvalds Related humor : PseudoScience Related Humor : Networking Humor : Shell Humor : Financial Humor Bulletin, 2011 : Financial Humor Bulletin, 2012 : Financial Humor Bulletin, 2013 : Java Humor : Software Engineering Humor : Sun Solaris Related Humor : Education Humor : IBM Humor : Assembler-related Humor : VIM Humor : Computer Viruses Humor : Bright tomorrow is rescheduled to a day after tomorrow : Classic Computer Humor

The Last but not Least Technology is dominated by two types of people: those who understand what they do not manage and those who manage what they do not understand ~Archibald Putt. Ph.D

The statements, views and opinions presented on this web page are those of the author (or referenced source) and are not endorsed by, nor do they necessarily reflect, the opinions of the Softpanorama society. We do not warrant the correctness of the information provided or its fitness for any purpose. The site uses AdSense so you need to be aware of Google privacy policy. You you do not want to be tracked by Google please disable Javascript for this site. This site is perfectly usable without Javascript.

Last modified: March 12, 2019