October 8, 2008

By Karen Kenworthy

IN THIS ISSUE

I love this time of year! Up here in the northern hemisphere, sultry summer is finally giving way to mild days and cool nights of early fall. Leaves on trees, still green, have lost their springtime exuberance. Now they're nervous, vaguely worried that each new strong gust of wind brings a threat they don't quite comprehend.

To my Canadian friends: we have your geese. They'll spend a few more days here, before heading for the fields of grain being harvested even further south. The amazing Monarch Butterfly migration is also passing by the secluded Power Tools workshop. So of course, the great turtle herd can't be far behind.

Version Browser Revisited

It's not every day you run into an old friend. But that happened to me the other day, when I spent time catching up with one of my oldest Power Tool buddies, the Version Browser.

Originally written way back in 1993, this little utility peers inside files that contain computer programs, revealing some hard-to-find information stored within. It then offers to display or print that information, or save it to a text file.

Among the files that the Version Browser's examines are those whose names end with ".exe" -- the most common type of Windows program file. For example, the Version Browser itself can be found in an EXE file named PTBrowse.exe.

But the little program doesn't stop there. It also reports information found in files whose names end with other "extensions". Here's a quick rundown of the most common varieties:

.scr - These little programs, called Screensavers, display mesmerizing graphics, family photos, flying toasters and more, when your computer's brain is otherwise unoccupied. Today they don't really save screens, though they did back when computer displays were coal-fired.

.dll - Tiny programs and fragments of larger programs are found in these files. Formally known as "Dynamic Link Libraries", the software they contain is used by other programs running on your computer. Amaze your friends and confound your enemies with this little trivia tidbit: The core of Microsoft Windows is just a large collection of DLL files, including such favorites as kernel32.dll, gdi32.dll, shell32.dll, and user32.dll.

.ocx - Now mostly obsolete, some of these files contain programs that can draw and manage various on-screen "controls" such as status bars, fancy buttons, pulsating green progress bars, and more. Other OCX files contain routines that access the Internet, print graphs, and perform other common tasks. As you've probably guessed, these files are closely related to DLL files.

.cpl - Inside these files you'll find "Control Panel Applets" -- the little programs that run when you double-click one of those arty icons displayed in Windows' Control Panel.

.ttf - These files contain "TrueType" fonts, fonts that can be scaled to almost any size and still be rendered attractively. You may not have thought font files contain programs, but most do. Of course, they also include lots of data describing each character's shape, and "hints" -- recommended small modifications made when rendering the characters at various sizes.

What the Version Browser Knows

So, what sort of information can the Version Browser uncover?

The program starts its quest for knowledge by extracting basic tidbits from the "file system" -- a mostly-hidden area of our disk drives where the operating system tracks our files.

By consulting the file system, Version Browser learns a file's name and size. It also discovers some important dates: when a file was created, the date and time it was most recently accessed, and when it was last modified.

And that's not all. File systems reveal whether a file is hidden, "read- only" (can be read, but not modified), or has been modified since the most recent "backup" of the disk drive. They also disclose whether a file is compressed or encrypted.

The Version Browser reports all this information gleaned from the file system. But that's simple stuff. My little helper really shines when you need special information about a computer program. That's when it digs into an optional region found in most program files known as the "Version Resource".

A program's version resource can contain a lot of cool facts. For example, the name of the person or company who wrote the program is often spelled out there. The resource is likely to indicate the version of Windows the program supports, contain copyright and trademarks statements that protect the program, and, of course, store the version number of the program file.

Other version resource information includes a description of the program, comments written by the programmer, and the name and version of any larger product to which the program belongs. The resource may also indicate the human language of the program's text, the version of Windows for which the program was written, and more!

Version Browser's New Tricks

When the Version Browser was a young bundle of bits, it stopped right there. It didn't look any further than the file system and version resource for information to report. But today the program extracts some facts found elsewhere.

One very important item, called a "Digital Signature", can be found inside many program files. But it's not kept in the version resource. Instead, it's stored in its own region of the program file.

Digital signatures don't get the attention they deserve. In a nutshell, they are a mathematical version of the handwritten signatures folks have used for centuries to sign checks and other important documents. When it comes to a program file, a valid digital signature, if present, provides two important assurances in these security-conscious days.

First, a valid signature proves the file has not changed since it was created and signed by the program's author. Any change to the program, of even a single bit, will invalidate the file's digital signature.

Second, a valid signature positively identifies the program's author. The name of the person or company that created and signed the program file is stored within the signature. And, like the rest of the information stored in the signed program file, any change to the author's name will invalidate the signature too.

For example, if the Version Browser reports that a program file's signature is valid, and signed by "KarenWare.com", you know the file was created by me, and has not been modified in any way since the moment I signed it.

The good news is that most programmers sign their work. I've signed all my Power Tools programs, and their installers, for several years. Microsoft and most other large software companies sign their work too.

Unfortunately, not all programmers take this important step. Hopefully, in the near future, signing programs will become universal. It won't mean all programs will behave properly. But if they do misbehave, at least we'll know who to blame. :)

I wish we had more time! There's a lot more to say about the Version Browser, and Digital Signatures too. But those chats will have to wait until another day. In the meantime, if you'd like to put the Version Browser to work on your computer, visit its home page at:

    https://www.karenware.com/powertools/ptbrowse

As always, the program is free for personal/home use. And you can download its complete Visual Basic source code too!

You can also get the latest version of every Power Tool on a shiny CD. These include three bonus Power Tools, not available anywhere else. The source code of every Power Tool, every issue of my newsletter, and some articles I wrote for Windows Magazine, are also on the CD. And owning the CD grants you a license to use my Power Tools at work.

Best of all, buying a CD is the easiest way to support the KarenWare.com web site, Karen's Power Tools, and this newsletter. To find out more, visit:

    https://www.karenware.com/licenseme

Until we meet again, make a safe way for the turtles and other migrating friends. And if you see me on the 'net be sure to wave and say "Hi!"