Nir's applications are gems. They are extremely lightweight, sane and well documented, static, cost nothing and receive regular updates (19 released updates since July...) - all by one guy who actually answers his emails and blogs excellent content with regular frequency (reached out about a library based on one of his apps and he took the time to reply and explain the reasoning for not publishing as a library).
Really, the only other (windows) applications I can sing the same praise for are the sysinternals suite.
(The IP tools have been very helpful in the past. I've got a new install now and that's a reminder for myself to get set up again; will use the donate link too.)
I have no idea how much he brings in from thankful folks like us who recognize how much time he's saved us, but it's surely not as much as it should be. I set aside a chunk of money every year for supporting software authors, and Nir comes up in my list every few years.
This is such a gem indeed! Websites like these, with small, bloat free utilities, are gone with the wind it seems. Can anyone recommend other similar websites?
agreed. on that platform, forced to use it, NirSoft is indispensable and like an much appreciated breeze of fresh air -- much like Hexfiend and alike, Filebuddy, and BBEdit were already under Apple's Classic OS
Several people have asked in existing threads why you'd want this, so, let's give a very real example that we can guess probably at least one HN reader will be grateful for:
At the end of next month (September 2021) the root CA certificate for DST Root CA X3 expires.
When a new CA comes into existence in the Web PKI they face a significant problem, even if all the brand new shiny software trusts their excellent new CA root, almost everybody at least sometimes needs old software that might not have the latest updates. So, they get an existing trusted CA to sign to say that they trust this new CA.
The charity that provides Let's Encrypt, ISRG, has a root CA named ISRG Root X1 (and a newer one named ISRG Root X2 but that's another matter) but they also sought such cross signatures from IdenTrust, who had bought the Digital Signature Trust and with it DST Root CA X3 in order to "bootstrap" trust on older systems.
So up until late September, a device that has no idea who ISRG are or what Let's Encrypt is, still trusts Let's Encrypt certificates, because it trusts DST Root CA X3. And then the self-signed certificate for DST Root CA X3 expires.
Tools like RunAsDate allow you to test your software to see whether it will still work after that expiry date. It wasn't really practical to run such tests a few months ago, because if in say May you tell the computer it's now the 1st of October all your perfectly good Let's Encrypt certificates issued in April have expired by October, so that's why nothing works. However, since early July it has been possible to have certificates that will not be expired when DST Root CA X3 expires and perform such tests.
Lots of maintainers probably look after systems where they can't (or at least, daren't) add a newer root like ISRG Root X1 and would value knowing in advance that the system will blow up completely at the end of September, rather than being blind-sided when it inevitably happens. RunAsDate (and similar tools on other systems) enable them to find that out with a few weeks left to fix or at least mitigate the problem.
I would assume the reason most people would use this is to spoof simple “trial period” checks on older software. I remember, as a kid, setting the clock back on shareware in order to run the full version. This would make it more convenient since you don’t have to alter system time.
Caveat - timestamp servers are a thing... Having your certificate cross-signed by a timestamp server ensures that even if the root certificate expires your application can continue to run provided that a timestamp server was in fact used at the moment of signing, and thusly vetted the certificate authority at that time. This allows for windows applications signed long before their cert expired can continue to run until a new signed version is deployed. This doesn't take into account certificate revocation.
Regardless, moving the date up is a good way to test.
I'd just like to use this comment to show appreciation of Nirsoft's stuff. Great useful single function utilities for practically anything, for free, without any catch.
Many times I've needed to do something that seems simple but isn't exposed easily, and rather than figure it out myself there's a gui or cli app that just does exactly what I need.
It's so difficult to find trustworthy independent publishers in the Windows world and Nirsoft nails it. Tools that are designed to empower users with zero strings attached - seriously helpful stuff.
NirSoft looks legit with a real person (Nir Sofer) behind it. It also is around for a long time. Moreover people in this and other threads seem to trust NirSoft tools, so I assume they are safe to use. It's a pity that whenever I tried they got quarantined by enterprise end point security (aka virus scanner).
EDIT: I just sent NirSoft's GDIView, which is the tool I tried to use in the past, to virustotal and it sadly gets flagged by two vendors. Now that's only two out of about 70. Unfortunately in large organizations we have no choice, if it gets detected it cannot be used.
Not the real reason in some cases. Some malware actually uses NirSoft tools (and even SysInternal tools) for, uhm, malware stuff :(
I mean, I can't fault some of the antivirus for these, especially since "regular"* users they don't really know about these powerful tools, but I agree that clicking a standalone executable that is otherwise safe shouldn't automatically trigger an antivirus.
* "Regular" at least as viewed by antivirus companies, like picture a grandma, but I think that's not representative of the real world today.
I like differences between OS philosophies. It allows us to see how some things can be done way simpler and highlights strengths and weaknesses of different ideas.
Not being a windows guy for a long time, I was impressed that windows users were happy when chrome implemented the "print to pdf" feature, I said "CUPS let me print to ps or pdf a decade ago". Another moment like that was when I showed the 'time' command to a student as a crude benchmark for algorithms and also using LD_PRELOAD to easily show that his code had leaks, then complemented it with valgrind and leak sanitizer.
Leak sanitizer is multi-platform, valgrind can be replaced by drmemory and, of course, windows has many advantages that made it earn the desktop but, at the time, nothing like that was close on windows as a quick apt-get.
A trick I usually do these days is when someone argues about developing something new. I think about a somewhat similar package and "apt-get build-dep" and "apt-get source" it. In a matter of minutes I have dependencies for a package, its source code, compile and install it. People always get impressed at how easy it can be.
faketime is great. I use it in continuous integration tests for some software that needs to work correctly in temporal edge cases (near midnight, leap days, etc.)
What a blast from the past! I used runasdate to run a Neural Network software using time-lagged RNNs beyond the trial period. In my defense, I was a poor undergrad and couldn't afford the license fee of the software (Circa 2010).
Time namespacing would achieve this, had it not omitted the real-time clock:
> Note that time namespaces do not virtualize the CLOCK_REALTIME clock. Virtualization of this clock was avoided for reasons of complexity and overhead within the kernel.
Related question, does anyone know of a tool to change the time speed of a program. Something like "make the program think an hour passed every minute"?
Games that use the system clock to timegate stuff. Nier Replicant, for example, uses the system clock for its gardening minigame. You have to wait 24 real hours for your plants to grow, or change the date in your system.
A fun fact about Windows is that you can just pluck the system time out of a known memory location (0x7ffe0014). It's unlikely that a tool like this could patch that and I wouldn't be surprised if it's one of the techniques that shareware can use to detect tampering with the system time. I wouldn't be surprised if video games used it to prevent cheating either. What did surprise me is that the Go runtime appears to use it too.
I would like to take this opportunity to note that all NirSoft tools are closed source.
Its nice that "Nir" or whoever has made them freely available, but when the day comes that they are not updated anymore, because of lack of interest, or life changes or whatever, all the effort that went into making them is lost to history. No one will be able to fork the project, or continue on with the work, as the source code was never released.
It isn't disrespectful to point out that choice and in fact helpful to us consumers who might chose not to bother with such software as all too often such became abondonware. I recall cases where the author had a disk crash, no back-up and then gave up out of frustration or another case where the author died untimely.
On Linux (well, glibc, not sure about other libc implementations) you can just set the `TZ` environment variable before running the app. I wonder if Windows has something similar.
You might be able to obtain reproducible behavior from a tool that insists on putting time stamps into its output, and has no options for reproducibility.
You might be able to get an indefinite extension for running some time-limited trialware.
But not all, the author says: I get many email messages that say something like "I tried to extend the trial period of xyz software with RunAsDate and it didn't work". Running a software with different date/time can be used for many legitimate purposes and for these purposes RunAsDate was created. I have never said implicitly or explicitly that RunAsDate can be used for extending the trial period of a software. For some shareware programs, RunAsDate might really work, but many shareware creators are smart enough to detect that the date/time was modified and when they detect the time change, they end the trial period immediately.
Please don't bother yourself to send me a question about extending the trial period of a software, because these kind of messages are simply deleted without answering.
It's a niche statistical analytics programming language. Used by banks and pharmaceutical companies mostly because it makes it easier to audit things. The open source alternative would be R.
Really, the only other (windows) applications I can sing the same praise for are the sysinternals suite.