Alla larga dalle "piramidi" - il caso TelexFree

Posted on: Sat, 05/24/2014 - 21:56 By: ldsandon

La crisi economica degli ultimi anni ha portato, tra tanti problemi, anche al moltiplicarsi di "offerte di lavoro online" che promettono guadagni facili ma in realtà nascondo catene di sant'antonio, chiamate anche "schemi piramidali" o "schema Ponzi"1. Il più recente e noto dei quali è sicuramente quello messo in piedi da Bernard Madoff (e costatogli un congruo numero di anni di carcere), ma "l'offerta" abbonda e ultimamente anche in Italia si stanno moltiplicando offerte di tale tipo, promosse da persone con tanto pelo sullo stomaco e altrettanta avidità, pronte a truffare amici, colleghi e conoscenti pur di arrotondare lo stipendio. Il motivo di questo articolo è che ne conosco qualcuno, tra truffatori e truffati, e i primi stanno lavorando sodo, in Italia, per nascondere quello che in questi giorni è successo ad uno di questi schemi, che inevitabilmente è finito per crollare, TelexFree, sfruttando la poca conoscenza dell'Inglese da parte di molte vittime più o meno ingenue. Spero di gettare un po' di luce sulle ombre costruite ad arte da certi "promotori" per nascondere quello che in realtà è successo e sta succedendo.

TelexFree è uno schema piramidale che tentava di mascherarsi da "Multi Level Marketing" (che è legale, se rimane ento certi limiti)  tramite la vendita di un prodotto VoIP (che ovviamente nessuno usa), e la pubblicazione di annunci pubblicitari online. La truffa ha le sue radici in Sud America, Brasile, ma ha poi effettuato lo sbarco negli USA. Da lì si è poi espansa in Europa, anche in Italia. Non è difficile trovare gruppi sui social network, nonché siti di "promotori" che cercano di reclutare nuove "vittime" per questo (e altri) schema piramidale com'è ovvio debbano fare per guadagnarci. E ovviamente molte "vittime" a loro volta devono diventare "carnefici", ops, scusate, "promotori" per fare soldi.

Local elevation points in Windows and Delphi

Since the introduction of Windows Vista and the new security model for applications, application running under User Account Control (UAC) should adopt a "least privilege" model, running as an "unprivileged" user almost all the time, and requesting higher privileges only when needed, even if the user has those privileges.

Requesting higher privileges is called "elevation". A good application uses "local elevation points", meaning it elevates only when it really needs it, and then reverts to a non elevated stated afterwards. These operations are those identified by a little shield on the control (button, menu item, etc.) that activates them.

But how to perform this kind of elevation? There is not a simple way, say an ElevateProcess() or ElevatedThread() API. First, elevation can't be performed for a single thread. It needs to be performed at the process level, and there are good security reason behind this choice. Second, elevating a whole process would also elevate all threads within. Thereby, elevation require to "spawn" a new process. There are at least three different ways to perform this, in this post I'll explain what I believe is the most elegant and flexible one, albeit complex - the COM Elevation Moniker.

ldsandon Fri, 05/16/2014 - 16:42

Modernize you Delphi Windows application, the real way :)

Posted on: Fri, 05/16/2014 - 16:30 By: ldsandon

With the demise of XP - and next year Windows 2003 Server will follow - it is time to really think about modernizing the design and implementation of your applications, and especially write the new ones from start as real Windows Vista+ applications - you can maybe also skip Vista ;) To modernize your application, you don't need to buy Delphi XE6 as Embarcadero tries to make you think you should.

Po Delta Birdwatching Fair 2014

Posted on: Wed, 05/07/2014 - 20:29 By: ldsandon

Last weekend, thanks to May Day holiday well placed on a Thursday, I was able to spend four days at the "Po Delta Birdwatching Fair", an annual fair dedicated to birdwatching and natural photography, held in Comacchio, a little ancient city nearby the Po river delta, and in the middle of the shallow waters "valleys" which are now a natural reserve where many different kind of birds reside, or rest for a while during their annual migration from and to Africa and Northern Europe.

Each day a photographic workshop held by natural photographers working especially in that area, and covering different aspects of this kind of imaging, from ethical considerations to posprocessing, paved the way to excursions lead by the same photographers in one of the best places to capture excellent image.

Why Linux admins prefer the command line over a GUI?

Posted on: Sat, 03/22/2014 - 20:54 By: ldsandon

Because it's much easier to cut and paste from a browser!
That's a joke, of course, but sometimes not far from truth. Especially, I found surprising how many Linux site offer only some "I did this way" explanations, usually followed by a long list of commands, without any explanation. I've seen people copying them with very little changes if nothing at all - usually configuring their systems the wrong way.
CLI and configurations are good when you know what you're doing - not as copy&paste containers...

No, I do not want your damned applications in my <appdata> folders!

Posted on: Tue, 03/18/2014 - 22:52 By: ldsandon

There is lately a trend, pionereed by applications like Skype and now commonly used by Chrome, that totally ignores Windows guidelines, rules and best practices, installing executables in folders like <appdata> instead of <program files>. The reason is simple: now Windows enforces proper security rights, and thereby unprivileged users are not able to write into folders designed to host executables.

Are you a Delphi developer, or a Windows developer?

This is not a rethorical question. And not because now Delphi targets OSX, iOS or Android, and it applies to those writing Delphi applications that runs on Windows only. There's a real difference, and it's important to understand it especially now the usual lame BorInCodeDero marketing is trying to use the end of Windows XP support to sell Delphi upgrades. But is Delphi today a real Windows development tool? My answer is no.

ldsandon Thu, 03/13/2014 - 00:27
Embarcadero bets on Blackberry, dismisses Windows Phone

In his post Blackberry is Still Ahead of Microsoft, Jim McKeeth uses US numbers only to try to demonstrate that Embarcadero should never support Windows Phone, up to the point to say that Blackberry is ahead of it.

ldsandon Thu, 09/26/2013 - 21:02
Subscribe to