Hi everyone!

Not so long ago, I have spotted a few things that could be altered to make Aurigma Photo Editor more ready-to-use. I wonder whether anyone shares my views on this. So, here goes the list of possible changes that would probably benefit Photo Editor:

• Currently, there is a peculiarity using various effects on images: you cannot simultaneously apply multiple effects if these are in the same group. Thus, in the Effects -> Artistic group you can apply either Emboss or Posterize but not both at the same time. If each effect were put into a separate group, then you could apply as many effects as you wish. So, what do you think – do we need to have each effect in its own group, or not?
• Some sort of File Load and File Save dialogs. As of now, for a quick start, you can only edit the default image. If you want to test it with some images of your own, you have to make a few moves to feed these images to PhotoEditor. Anyway, does anyone feel like having pre-built file load & save dialogs?

So, these are just the things I noticed but I dunno whether these are really what the others want. Well, I hope I’m not alone here :) So, if you have something to say – go ahead!

Some time ago several clients told me that on some machines with Vista Image Uploader for Java was unable to initialize. Nothing was shown at all inside applet body. I tried to reproduce this bug but failed. Some of our clients (his name is Arthur) agreed to help me in fixing this problem. I have sent him about a dozen of log versions to find the real reason of the problem. The issue was in Vista operating system recognition. It turned out that not all JRE versions on Vista had «Vista» word in their os.name system property. On some JRE versions it contained «WindowsNT Unknown» value. Thus I have fixed this by adding one more case to OS type recognition algorithm. Now it looks to work fine. Thanks to Arthur one more time.

A while ago I've stumbled upon an article that made an attempt to explain a very intriguing phenomenon. The experts deem this phenomenon as the gradual decline of massive social networks, FaceBook serving as a reference example. Also, the author made a little insight into the big brands being 'not cool'. You may share the author's views or not - but the article is definitely worth reading. It features beatiful metaphors and analogies and is written in a very neat and concise style.

So, here it goes, the FaceBook's Growing Problem:

http://www.brandingstrategyinsider.com/2008/03/facebooks-probl.html

Hi again,

In my previous post I have mentioned about release of Image Uploader 5.1 (and 4.7) which has a number of security fixes (few known heap overflow and a bunch of potential problems). To prevent malicious persons to exploit these issues, we are releasing a killbit for all version and strongly recommend each customer of Image Uploader to get an update (which is free for appropriate major build).

Few words about killbit. I have already gave some comments on what is killbit and why we should use it in the Image Uploader is safe again post. Now let's see how killbit is installed on client machine. There are three ways: 

1. Killbit is set along with new version. So when new ActiveX is downloaded and installed, old CLSIDs become disabled.
   
2. Killbit can be installed manually. To do this just download the AurigmaKillbit.reg file and run it (may require administrative rights). 
   
3. Killbit will be installed with Internet Explorer security updates. I cannot get an exact time frame for this until I get approval from Microsoft, but it will happen not earlier than in 2-3 months.
   

Below is described a list of CLSIDs which are killbited and their alternate CLSIDs.

Old CLSID	                        New CLSID

Standard builds:

6E5E167B-1566-4316-B27F-0DDAB3484CF7   	EDFCB7CB-942C-4822-AF14-F0B687409848 - Image Uploader 4 
BA162249-F2C5-4851-8ADC-FC58CB424243   	5D637FAD-E202-48D1-8F18-5B9C459BD1E3 - Image Uploader 5 
652623DC-2BB4-4C1C-ADFB-57A218F1A5EE   	FB5C74A8-48D0-42A3-B47F-6896F94DFC21 - Upload Items 4
9275A865-754B-4EDF-B828-FED0F8D344FC   	59BA14C3-B5CD-4DFF-8256-25961756B9B4 - Upload Items 5
E1A26BBF-26C0-401d-B82B-5C4CC67457E0   	D6216AB8-9FF8-47C6-A2E7-49491B39C857 - File Downloader

Private-label builds, Image Uploader 4:

B60770C2-0390-41A8-A8DE-61889888D840   	51B7FAF0-B98E-4A0F-9DF6-E31A81836925
44A6A9CA-AC5B-4C39-8FE6-17E7D06903A9   	6F9DF050-35BE-4E5E-9293-663D6B526B7F
76EE578D-314B-4755-8365-6E1722C001A2   	33DFB28A-9792-4AFC-B594-D589365DF67D
F89EF74A-956B-4BD3-A066-4F23DF891982   	CBFF31B5-91C0-4361-98BD-4C56D0F9CDAC
101D2283-EED9-4BA2-8F3F-23DB860946EB   	718B3D1E-FF0C-4EE6-9F3B-0166A5D1C1B9
69C462E1-CD41-49E3-9EC2-D305155718C1   	208B36BE-4B91-45D5-A636-4E70D745593C
41473CFB-66B6-45B8-8FB3-2BC9C1FD87BA   	66AE48D0-2ECE-4F09-886B-3B6C2FD4A985
108092BF-B7DB-40D1-B7FB-F55922FCC9BE   	B82F1D98-BE90-42E2-B64D-C7AB48E40B4C
CF08D263-B832-42DB-8950-F40C9E672E27   	6B999576-2C81-4811-A912-2270B3D0865A
F1F51698-7B63-4394-8743-1F4CF1853DE1   	1DB7FAAD-2582-49C3-807C-42024B031552
905BF7D7-6BC1-445A-BE53-9478AC096BEB   	02F654C7-2915-45DF-94E2-8B145A060DF9
916063A5-0098-4FB7-8717-1B2C62DD4E45   	4113F622-4901-468F-864E-5480F1C3BC3A
AE2B937E-EA7D-4A8D-888C-B68D7F72A3C4   	CAC677B6-4963-4305-9066-0BD135CD9233
AE6C4705-0F11-4ACB-BDD4-37F138BEF289   	0C92900E-4D5A-4F04-ACC9-729E1767BBAE
FA8932FF-E064-4378-901C-69CB94E3A20A   	A6C3B396-6F73-4CBE-AEF5-A86421AF1B93
3604EC19-E009-4DCB-ABC5-BB95BF92FD8B   	E33E2112-8A3F-4B0F-884B-767C1610627E
65FB3073-CA8E-42A1-9A9A-2F826D05A843   	83803392-C613-473A-AF42-5C4D07F8FE7B
7EB2A2EC-1C3A-4946-9614-86D3A10EDBF3   	F7FC62B7-1E68-4A56-B978-795662B02691
9BAFC7B3-F318-4BD4-BABB-6E403272615A   	57F9ADF0-9759-4D97-AB03-8AB5882A2FD5
05CDEE1D-D109-4992-B72B-6D4F5E2AB731   	BA3BAF69-72B1-4BCE-BE96-A4D304EAFBB4
977315A5-C0DB-4EFD-89C2-10AA86CA39A5   	85A9BDFA-93C0-4F1B-9AB6-B92A90E5B326
1E0D3332-7441-44FF-A225-AF48E977D8B6   	72719D4A-11A5-4E33-A131-36DE83DE9C3A
B85537E9-2D9C-400A-BC92-B04F4D9FF17D   	37A8A17B-2DDC-4600-BBC6-538C10AED8C0
2C2DE2E6-2AD1-4301-A6A7-DF364858EF01   	19E20072-785D-41C3-ADE9-D784325AB7B0
0270E604-387F-48ED-BB6D-AA51F51D6FC3   	60541D7A-4EF1-4117-9607-7C1B0EEAAD18
FC28B75F-F9F6-4C92-AF91-14A3A51C49FB   	3EF75DF9-FC62-410A-B599-B131D917EC3B
86C2B477-5382-4A09-8CA3-E63B1158A377   	A6BF5692-E5E8-4B40-8E5E-819AF5E3AC08
8CC18E3F-4E2B-4D27-840E-CB2F99A3A003   	070A0793-B969-4BC7-848B-3FD844554784
68BBCA71-E1F6-47B2-87D3-369E1349D990   	2AF2E06E-166C-49C9-8BDF-CD9A8A07089C
8DBC7A04-B478-41D5-BE05-5545D565B59C   	B57779BE-8EBE-46A1-A2F1-0BBFF6192B0C
D986FE4B-AE67-43C8-9A89-EADDEA3EC6B6   	6C87A126-AC2E-42EF-8A09-39AC05E8FBDF
6CA73E8B-B584-4533-A405-3D6F9C012B56   	5F0CE5B2-46E1-4E00-AC64-0C756537D26C
A7866636-ED52-4722-82A9-6BAABEFDBF96   	AB3222DF-F6E1-40CB-BB80-1BF999130D7D
B0A08D67-9464-4E73-A549-2CC208AC60D3   	3F17C07C-2153-4471-BB74-7554A7310C8C
3D6A1A85-DE54-4768-9951-053B3B02B9B0   	0FDC57AC-BB9F-40FF-9921-46D28B712D08
947F2947-2296-42FE-92E6-E2E03519B895   	7F4E9A4B-7D73-4D7D-9A37-30100CEE0874
47AF06DD-8E1B-4CA4-8F55-6B1E9FF36ACB   	CD6FB286-3337-45E8-AF97-6AA3802D2F90
B26E6120-DD35-4BEA-B1E3-E75F546EBF2A   	5FA63150-FBD6-451D-B014-D55DDED4F2F3
926618A9-4035-4CD6-8240-64C58EB37B07   	29C78D18-D3C3-4B8F-B7EF-F5DC2385F82E
B95B52E9-B839-4412-96EB-4DABAB2E4E24   	ADFCE7BD-C522-48E7-9D2A-976597629667
CB05A177-1069-4A7A-AB0A-5E6E00DCDB76   	DF21EFC6-E614-4C4C-92E7-C94A944E5C5E
A233E654-53FF-43AA-B1E2-60DA2E89A1EC   	0F3FEBAA-440F-4003-B2BC-71B9D9C20E72
6981B978-70D9-40B9-B00E-903B6FC8CA8A   	7FBBED73-8E99-40BE-894E-F66F6F49D8F0
C86EE68A-9C77-4441-BD35-14CC6CC4A189   	8F20884C-68BF-440C-BB5F-13BAC64B8C1C
2875E7A5-EE3C-4FE7-A23E-DE0529D12028   	CA9CABF3-48C0-4589-808E-ADE58599DF6C
66E07EF9-4E89-4284-9632-6D6904B77732   	A9BEBDF3-2816-44E9-9F64-71EBDE235E15
00D46195-B634-4C41-B53B-5093527FB791   	7A53918A-FF36-41E3-96A6-3A7672746CB9
497EE41C-CE06-4DD4-8308-6C730713C646   	55D95DEA-6E0F-476B-AE02-57C5F99332F2
7A12547F-B772-4F2D-BE36-CE5D0FA886A1   	F83FA5C8-A016-401F-9A45-E582D8BD498F
0B9C0C26-728C-4FDA-B8DD-59806E20E4D9   	44BF597A-C391-4162-8976-B00B55C92F56
F399F5B6-3C63-4674-B0FF-E94328B1947D   	0D4515D4-1845-4E7C-8E16-79AEEC44AB7C
8C7A23D9-2A9B-4AEA-BA91-3003A316B44D   	D428C208-57A8-4A63-BF7F-E7FABE6A9E9B
E6127E3B-8D17-4BEA-A039-8BB9D0D105A2   	C6B9830E-35DE-463D-8CFA-E289E317565C
A3796166-A03C-418A-AF3A-060115D4E478   	ADA48720-6C9A-4A34-9E3E-5B17556A2B39
73BCFD0F-0DAA-4B21-B709-2A8D9D9C692A   	AB4E1C02-3EDB-4A72-B1B8-FD909831C761
93C5524B-97AE-491E-8EB7-2A3AD964F926   	A696A6DE-8011-407B-850B-077BE505D11D
833E62AD-1655-499F-908E-62DCA1EB2EC6   	7CAE4253-EEEF-42C7-BB94-E65EBF540DB6
285CAE3C-F16A-4A84-9A80-FF23D6E56D68   	C4B2AB47-CE9B-4850-A8B6-36F3896E17BF
AA13BD85-7EC0-4CC8-9958-1BB2AA32FD0B   	4910F815-D322-409F-A6D1-61FAE656E4A0
4614C49A-0B7D-4E0D-A877-38CCCFE7D589   	096CBF58-FC7F-433D-9158-27DE6B22D8C7
974E1D88-BADF-4C80-8594-A59039C992EA   	B67F4A74-B98A-4F74-AF9E-C422198BB0F8
692898BE-C7CC-4CB3-A45C-66508B7E2C33   	BAC8495C-A1FF-48B3-AB22-52544FFA3047
F6A7FF1B-9951-4CBE-B197-EA554D6DF40D   	CC7FD10E-8471-4399-B7B0-976BCB84357E
038F6F55-C9F0-4601-8740-98EF1CA9DF9A   	89DCF5AD-2D57-4C98-AE18-E4222DFEA4CC
652623DC-2BB4-4C1C-ADFB-57A218F1A5EE   	FB5C74A8-48D0-42A3-B47F-6896F94DFC21
9275A865-754B-4EDF-B828-FED0F8D344FC   	59BA14C3-B5CD-4DFF-8256-25961756B9B4
6C095616-6064-43ca-9180-CF1B6B6A0BE4   	BC9C7884-D1F5-4E67-80F2-C67AE8C62701
E1A26BBF-26C0-401d-B82B-5C4CC67457E0   	D6216AB8-9FF8-47C6-A2E7-49491B39C857

Private-label builds, Upload Items 4:

A7866636-ED52-4722-82A9-6BAABEFDBF96   	AB3222DF-F6E1-40CB-BB80-1BF999130D7D
B0A08D67-9464-4E73-A549-2CC208AC60D3   	3F17C07C-2153-4471-BB74-7554A7310C8C
3D6A1A85-DE54-4768-9951-053B3B02B9B0   	0FDC57AC-BB9F-40FF-9921-46D28B712D08
947F2947-2296-42FE-92E6-E2E03519B895   	7F4E9A4B-7D73-4D7D-9A37-30100CEE0874
47AF06DD-8E1B-4CA4-8F55-6B1E9FF36ACB   	CD6FB286-3337-45E8-AF97-6AA3802D2F90
B26E6120-DD35-4BEA-B1E3-E75F546EBF2A   	5FA63150-FBD6-451D-B014-D55DDED4F2F3
926618A9-4035-4CD6-8240-64C58EB37B07   	29C78D18-D3C3-4B8F-B7EF-F5DC2385F82E
B95B52E9-B839-4412-96EB-4DABAB2E4E24   	ADFCE7BD-C522-48E7-9D2A-976597629667
CB05A177-1069-4A7A-AB0A-5E6E00DCDB76   	DF21EFC6-E614-4C4C-92E7-C94A944E5C5E
A233E654-53FF-43AA-B1E2-60DA2E89A1EC   	0F3FEBAA-440F-4003-B2BC-71B9D9C20E72
6981B978-70D9-40B9-B00E-903B6FC8CA8A   	7FBBED73-8E99-40BE-894E-F66F6F49D8F0
C86EE68A-9C77-4441-BD35-14CC6CC4A189   	8F20884C-68BF-440C-BB5F-13BAC64B8C1C
2875E7A5-EE3C-4FE7-A23E-DE0529D12028   	CA9CABF3-48C0-4589-808E-ADE58599DF6C
66E07EF9-4E89-4284-9632-6D6904B77732   	A9BEBDF3-2816-44E9-9F64-71EBDE235E15
00D46195-B634-4C41-B53B-5093527FB791   	7A53918A-FF36-41E3-96A6-3A7672746CB9
497EE41C-CE06-4DD4-8308-6C730713C646   	55D95DEA-6E0F-476B-AE02-57C5F99332F2
7A12547F-B772-4F2D-BE36-CE5D0FA886A1   	F83FA5C8-A016-401F-9A45-E582D8BD498F
0B9C0C26-728C-4FDA-B8DD-59806E20E4D9   	44BF597A-C391-4162-8976-B00B55C92F56
F399F5B6-3C63-4674-B0FF-E94328B1947D   	0D4515D4-1845-4E7C-8E16-79AEEC44AB7C
8C7A23D9-2A9B-4AEA-BA91-3003A316B44D   	D428C208-57A8-4A63-BF7F-E7FABE6A9E9B
E6127E3B-8D17-4BEA-A039-8BB9D0D105A2   	C6B9830E-35DE-463D-8CFA-E289E317565C
A3796166-A03C-418A-AF3A-060115D4E478   	ADA48720-6C9A-4A34-9E3E-5B17556A2B39
73BCFD0F-0DAA-4B21-B709-2A8D9D9C692A   	AB4E1C02-3EDB-4A72-B1B8-FD909831C761
93C5524B-97AE-491E-8EB7-2A3AD964F926   	A696A6DE-8011-407B-850B-077BE505D11D
833E62AD-1655-499F-908E-62DCA1EB2EC6   	7CAE4253-EEEF-42C7-BB94-E65EBF540DB6
285CAE3C-F16A-4A84-9A80-FF23D6E56D68   	C4B2AB47-CE9B-4850-A8B6-36F3896E17BF
AA13BD85-7EC0-4CC8-9958-1BB2AA32FD0B   	4910F815-D322-409F-A6D1-61FAE656E4A0
4614C49A-0B7D-4E0D-A877-38CCCFE7D589   	096CBF58-FC7F-433D-9158-27DE6B22D8C7
974E1D88-BADF-4C80-8594-A59039C992EA   	B67F4A74-B98A-4F74-AF9E-C422198BB0F8
692898BE-C7CC-4CB3-A45C-66508B7E2C33   	BAC8495C-A1FF-48B3-AB22-52544FFA3047
F6A7FF1B-9951-4CBE-B197-EA554D6DF40D   	CC7FD10E-8471-4399-B7B0-976BCB84357E
038F6F55-C9F0-4601-8740-98EF1CA9DF9A   	89DCF5AD-2D57-4C98-AE18-E4222DFEA4CC

Private-label builds, File Downloader

6C095616-6064-43ca-9180-CF1B6B6A0BE4   	BC9C7884-D1F5-4E67-80F2-C67AE8C62701

If you have a private-label version and do not see your CLSID there, please contact us at info@aurigma.com.

UPDATE (03/27/2008):

Few other CLSIDs we added to this killbit (see below). No more changes will be made to it though. 

Also, I have got a confirmation from Microsoft that these CLSIDs will be killbited on June. 

Old CLSID	                        New CLSID

Private-label builds, Image Uploader 4:

A73BAEFA-EE65-494D-BEDB-DD3E5A34FA98   	B48C6F3D-3AB9-4DAA-A24C-7D6570FFACEC
5C6698D9-7BE4-4122-8EC5-291D84DBD4A0   	23E0446E-BFBD-4E70-97F1-25549A1F284E

Private-label builds, Upload Items 4:

E4C97925-C194-4551-8831-EABBD0280885   	0E519CCA-A262-4EC1-BD7F-AEB9168F0EAB
CC7DA087-B7F4-4829-B038-DA01DFB5D879   	F7D4E441-BC09-4592-8CC3-75C0558187F5

Hello there,

I have and exciting update about the security issue – we have completed all of our audits and feel we have secured Image Uploader. As I described in my previous posting, today we have released an updated version of Image Uploader ActiveX control, and the version number is 5.1. The main difference with 5.0.40 is that it has different CLSIDs.    

This release has taken us a bit longer than we expected as we have run up against a rather interesting problem. Once we complied the CLSID’s we need to killbit we started to try to contact Private Label and Source Code customers to provide them updated builds of their code. To our amazement many of them seem to be ignoring us!

We strongly advise you if you are a Private Label or Source Code customer that if you have received emails or phone calls from us that you respond to us as soon as possible. For those of you have thank you for your prompt response. But, we should be clear as some point we will have to as a responsible software developer send all CLSIDs that are risk to Microsoft to killbit.

WHEN THIS HAPPENS ALL AT RISK VERSION OF IMAGE UPLOADER will be DISABLED and will not run on the clients computers.

So lets all be good to ourselves and our client computers... Let’s work together and get updated as soon as possible. Please also keep your information in your accounts up to date. If this is mission critical software for your company then we should have very open communication. Don’t ever worry about us sending you spam or pressing you to buy something. We need to be able to communicate with you for the security and safety of you as our customer and your clients as your customer.

Downloads

So now you can upload 4 different versions of Image Uploader:

• Image Uploader 5.1.0 (and above) - safe version with new CLSIDs. This is what people will download by default. Update with this build if you have version 5.0.
• Image Uploader 4.7.0 - safe version of 4.x family with new CLSIDs. Update with this build if you have version 4.x.
• Image Uploader 5.0.41 - the latest version of 5.0 with old CLSIDs.
• Image Uploader 4.6.31 - the latest version of 4.x family with old CLSIDs.      

Note, all of them are safe, but it is not good idea to keep builds with old CLSIDs too long. The more and more people will install the killbit, and sooner or later Microsoft will include it into the next security update. After that all users who get Windows updates automatically will have problems loading Image Uploader with old CLSIDs. So if for some reasons you need versions with old CLSIDs, you can use it, but not longer than couple months. You should migrate to new builds ASAP.

Migrating to new safe build 

In fact the migration process is very simple, especially if you did not make modifications in iuembed.js. You just update Image Uploader as usual with only one additional action - you overwrite not just .cab and .jar files, but also iuembed.js as well. That's all.

If you modified iuembed.js or embedded it inside your page, it will be slightly more complicated. You will have to find where old CLSID is inserted and replace it by new one. I will post a list of CLSIDs changes in my next post.

Also, you can use activeXClassId property of ImageUploaderWriter control, although I would not recommend this. If you create new page with Image Uploader in future from a scratch, you may forget to insert new CLSID. So the better idea would be to fix iuembed.js. 

Well, it sounds we overcome this issue at last. Of course we will not stop keeping an eye on security but we can get back to improving functionality of Image Uploader. We are going to implement new exciting features like video upload and something more. But this is a matter of separate series of blog posts. 

Hi All! 

I know that some of our clients have already upgraded their Mac OSes to Leopard. And some of these clients have already had some problems with Image Uploader running it on Leopard. Previously we had only Mac OS 10.3.4 and 1.4.something. Recently we have installed the third operating system on our pure Mac and now we can test it. If you have some problems specific for Leopard please, post your information to forum. Now we can check and fix it.