Were is T.C. key located on the registry.

Leif · Post by *Leif » 2007-02-19, 05:49 UTC

Mer än tillräckligt!

sas2000 · Post by *sas2000 » 2007-02-19, 07:56 UTC

Cando o río soa... e que auga leva.

ts4242 · Post by *ts4242 » 2007-02-19, 11:56 UTC

sas2000 wrote:Which was the reason to develop this feature ?

i found this topic in German forum

What i understood is that, this feature provided to fight worms that search for *.key files to steal it (i used an auto translation site to translate this topic)

sas2000 · Post by *sas2000 » 2007-02-19, 12:30 UTC

ts4242 wrote: What i understood is that, this feature provided to fight worms that search for *.key files to steal it

I've read something similar about Winrar rarreg.key.

Sheepdog · Post by *Sheepdog » 2007-02-19, 16:48 UTC

ts4242 wrote:
sas2000 wrote:Which was the reason to develop this feature ?
i found this topic in German forum

What i understood is that, this feature provided to fight worms that search for *.key files to steal it (i used an auto translation site to translate this topic)

In this thread Silr Silvia requested to make TC accept any keyname instead of only tcmdkey.zip - for the purpose to confuse worms and key seraching programs. Initially it was introduced much earlier:

TCmd History V6.0 wrote:09.09.03 Added: TC 6.0 now also accepts tcmdkey.zip containing wincmd.key instead of wincmd.key. The key must be stored (no compression) in the file.

sheepdog

Sam_Zen · Post by *Sam_Zen » 2007-02-20, 03:03 UTC

I guess it's always better to have the opportunity to use a custom name in such cases. Default named files or directories are the first targets for malicious robots.

sas2000 · Post by *sas2000 » 2007-02-20, 15:21 UTC

Sam_Zen wrote:I guess it's always better to have the opportunity to use a custom name in such cases. Default named files or directories are the first targets for malicious robots.

I agree totally, that's the problem with key files they're difficult to crack but quite easy to steal.

Alextp · Post by *Alextp » 2007-02-20, 19:10 UTC

2sas2000
They are very easy to steal.
Here at Moscow I can goto Local Net and find about 20-30 wincmd.key 's.

//I have a legal one!

Post by *petermad » 2007-02-20, 19:48 UTC

I can goto Local Net and find about 20-30 wincmd.key 's.

Why so many - isn't one enough? Or does people prefer different stolen names in the title bar

Sheepdog · Post by *Sheepdog » 2007-02-20, 22:48 UTC

Sam_Zen wrote:I guess it's always better to have the opportunity to use a custom name in such cases. Default named files or directories are the first targets for malicious robots.

It is mentioned in the german thread that it is not very protective to rename the key-file. Because you'll have to define the name and location in Wincdm.ini (or anywhre else) to let TC know the new name. And then it is very easy for malicious programs to use that information to locate the key.

On the other hand the implementation of such a feature implies another possible source of failure.

sheepdog

Sam_Zen · Post by *Sam_Zen » 2007-02-21, 00:12 UTC

2 Sheepdog
Of course you're right. If they really want, they will find it. It's just a way in general to make things a bit more difficult.

Alextp · Post by *Alextp » 2007-02-21, 03:37 UTC

2petermad

Why so many - isn't one enough? Or does people prefer different stolen names in the title bar

There are not so many different ones - others are duplicates.