Here is a question that came into my forum and I thought it needed wider coverage.

Q: Can you explain the Yahoo! Messenger challenge response algorithm?

The Yahoo! Messenger challenge response sequence is quite complex and unique to Yahoo! The challenge comes from the server and is then run through an algorithm on the client. When looking at the challenge and response in ASCII view it almost looks like a mathematical equation but it is not.

This complex algorithm came from several years ago when the username and password was sent in plain text over the network and was eventually exploited. Basic encryption such as MD5 was then added. This is when things got interesting and politics stepped in. In 2004 Yahoo! was having a battle with several third-party applications such as Trillian as to if they could make their own client and join the Yahoo! Messenger network (http://www.theinquirer.net/en/inquirer/news/2004/06/24/yahoo-blocks-trillian-from-its-networks). Messenger has an ad driven revenue model so Yahoo! did not appreciate having an unofficial client not displaying ads. The solution from Yahoo! was to implement an outrageous and very complex authentication algorithm that the other companies could not reverse engineer. As anyone with a third person view could have predicted, the new monster algorithm did hold off Trillian for a while but was eventually cracked and the code was leaked to the Net.

Several years later the authentication code is not a huge secret but Yahoo! sill uses this beast to authenticate their users. I have never been able to find the original leaked code but it does live on in Pidgin which is an open source multi-platform client. To get a look at the code go to the Pidgin website (pidgin.im) and download the source for the latest build (http://sourceforge.net/project/showfiles.php?group_id=235&package_id=230234). Pidgin is written in c/c++ so it can be hard to read for someone not familiar with c. The code is also very integrated with the Pidgin base so it is next to impossible separate it out without having to rewrite the entire code base.

I have looked at the code and studied it for many hours and have come to the conclusion that it is overly complex and a nightmare to decipher. If Yahoo! wanted to make an algorithm that is hard to reverse engineer then this is a successful effort on their part. The downside is that a person would have to spend an insane amount of time to write their own representation of the code. The algorithm is a custom hash that has no direct relation to any common hash or encryption function. Parts of the code resemble MD5 while other parts look like DES. The majority of the code is based in lookup tables which is a common encryption technique.

A few years ago I wanted to make my own implementation in .NET because the DLL that YCC Trainer uses has been marked as a “virus” by most of the antivirus companies. (The DLL is not a virus but it appears that is has been marked that way because it is commonly distributed with booters. Most booters are also not viruses but in the infinite wisdom of the antivirus companies, we should be protected from ourselves but this is a different article all together.) After spending about a week trying to get the basics to work I realized that I hadn’t even scratched the surface and gave up. I still use the shady booter DLL that I found many years ago.

In the end I don’t want to discourage you from looking at the code for yourself but this is one fight that I decided not to take. It is ugly, nasty, and complex to the point of being a coding nightmare. If you do decide to look at the code I would love for you to post your findings, especially if you make another implementation. For now I am happy with my shady virus laden DLL that I once found in the far corners or the Internet.

Here is a short review from a recent tragedy that I encountered from the loss of a hard drive. After an extensive search for free programs I landed upon two different commercial products and here is the review for them both. The reason for this review is to get some frustration out about the looser because I feel that I am out a good chunk of money and I figure this will help me feel better.

Good
EASEUS Data Recovery Wizard Professional 4.3.6
http://www.easeus.com/
$89.95 USD
Worked first time and I was actually impressed.

Bad
ARAX Disk Doctor 2.2
http://www.disk-doctor.com/
$39.95 USD
Buggy and crashed. Never got a single bit of data from this software. Tried to get a refund but I had to fax my credit card number on a form they emailed me so I decided against it.

Bad
Western Digital consumer hard drives
http://www.wdc.com/en/
At one time my hard drive fleet was comprised entirely of Western Digital but something has happened in the past few years and I have had 6 of them die almost exactly one year after purchase.

Here is some background to my rant. About a month ago my main hard crashed which is not that bad because I have an external backup and all that is lost is time. (If you have followed some of my previous posts then this is the same time that I installed Vista for the first time but that is a separate rant.) This crash was particularly painful because this was the 6th Western Digital hard drive that went south on me within the past two years and this was actually one of the replacements that I got from Western Digital. The crash happened almost exactly one year after I installed it and the previous crash (also WD) was also almost one year before that. Many years ago I was caught up in the IBM “DeathStar” line of hard drives (http://www.pcworld.com/article/125772-5/the_25_worst_tech_products_of_all_time.html) and thus I swore off IBM for all time. I have now done the same to Western Digital. Several years ago Western Digital was a very respected name but lately the quality has gone down and I am solely on Seagate. I suppose there is a reason that WD hard drives are always $10-$20 cheaper at Best Buy.

Here comes the second round to make this particular week in my life really bad. The backup that I referenced earlier, well it died exactly one day after the main hard drive crash. The external drive was a hybrid CD –hard drive contraption from AcomData (http://www.acomdata.com/) that I purchased from CompUSA during their closing. It served me well for some time but I was always annoyed at the CD partition that also popped up when the drive was attached. I knew from the beginning that the CD was emulated in hardware by having a separate partition on the external hard drive. I tried everything I knew to get the external drive working because at this point I did have more than time to loose from a dual hard drive crash. When I opened the enclosure I found guess what; A Western Digital hard drive. At this point I was in a really foul mood and the newly discovered hard drive very nearly went through the drywall in my room. After calming down I deduced that the hard drive itself was not to blame but there was a problem with the hardware controller. Long story short, the hard drive and data were apparently OK but I couldn’t get to it because of the special CD partition at the beginning and the partition tables were laid out in a proprietary format. The data was NTFS but the partition entry describing the partition type was completely out in left field.

To this point I tried Spinrite (http://www.grc.com/intro.htm) and several partition table editing tools with no luck. I then decided that it was time for more dramatic action and started downloading data recovery tools. The best resource I found was a site dedicated to free software called The Free Country (www.thefreecountry.com) and specifically a page devoted to hard drive data recovery (http://www.thefreecountry.com/utilities/datarecovery.shtml). I tried every single tool on the page with only slight luck. Most programs done nothing more than looked in the Recycle Bin but a few actually went a step further and performed a raw data scan on the physical disk and not just what popped up in Windows. The best one that I found was PC INSPECTOR File Recovery (http://www.pcinspector.de/Sites/file_recovery/info.htm?language=1). It looked at the BIOS to see what hard drives were attached and then performed a lengthy raw data scan looking for corrupt partitions. I was able to get about 50% of my data back but there was a problem with deep file structures and I could not get anything back more than about three directories deep.

I exhausted all of my free options and I really needed that data back so I started looking for commercial products. For one reason or another I downloaded ARAX Disk Doctor 2.2 from http://www.disk-doctor.com. It was nice looking and ran a scan similar to PC INSPECTOR File Recovery and declared that it found all of the data and all that it need was me to pay them for the full product. I usually don’t engage in such acts but I need my data so I paid them and then eagerly awaited my data. After entering the registration code another scan was performed (around 2 hours) and the same data found message appeared. I then clicked OK and the program crashed. Perhaps this was a one time incident but I soon found that this is one of the buggiest programs that I have ever seen and after beating my head against the wall for about a day I gave up. I soon asked for a refund and hit the red tape big time. After several days of emailing logs they finally gave up and sent me the form to fill out for a refund. There were two forms. One declaring that I have destroyed all copies of the program and the second asking me for my complete credit card information. Both forms were to be faxed back to them. Besides more red tape, I did see a slight problem with providing my complete credit card information on a piece of paper and then faxing it back to complete strangers. And yes faxing it was the only option. Keep my $40, I would like to keep myself save from credit card fraud.

About a week later I managed to get the original main hard drive data back so the world was looking better but I would still like some of the data off of the external backup. The external was placed on a shelf for a better day (and to be safe from getting thrown through the drywall).

Now enter last week and yet another hard drive debacle. This time it was my own fault because I was wiping some old hard drives for a friend and forgot to take the wiping CD out before I attached my own hard drive to the system and well you can figure out the rest. The wiping software is BCWipePD (http://www.jetico.com/bcwipepd.htm) which does not play around and what is wiped is gone. By the time that I realized my hard drive was in the process of being destroyed and I hit the power, about 7 seconds had passed and around 200 Mb was gone. Well of course that first part of the hard drive holds all the partition tables and a lot of NTFS data so there is absolutely no hope of getting the data back unless you do some raw data reading. Once again I was in a pickle because I had backed up most of my important data through Jungle Disk (www.jungledisk.com) but I didn’t have my music backed up.

I first tried PC INSPECTOR File Recovery and then ARAX Disk Doctor but it was still the POS that I remembered so it was now 0 and 2. I once again started searching and happened on yet another commercial hard drive recovery solution. This time I did more due diligence and decided to plop down the money for EASEUS Data Recovery Wizard Professional 4.3.6. As before the trial version showed the data to be recovered but I would have to get the full version, this time $90. I had to have my data back once again so I tried it and this time it worked! Not only did it get the data back it was easier to use and I had absolutely no problems at all. After I was finished with the current problem I attached the previous external hard drive and it got all of that data also! EASEUS is 2 for 2. I haven’t played around with any other features in EASEUS Data Recovery Wizard Professional 4.3.6 but I haven’t had to, it worked the first time and I am a satisfied customer.

In the end all I want is to have my $40 back from ARAX but they have a very difficult and insecure refund process so for fear of credit card fraud they get to keep my $40 this time. In return I get to have $40 worth of fun smearing their name across the Internet and hopefully someone will read this before buying their product. On the other hand I did end up finding a great product called EASEUS Data Recovery Wizard Professional 4.3.6. It worked and that’s all that I have to say. If you find yourself in the same situation as me then you should buy their product.

P.S. Remember to always remove that wiping CD before you reboot

I think it is clear that my computer hates me. I left it on the night before last and when I looked at it yesterday I got the friendly “no operating system could be found” message. I didn’t freak out immediately as I have been the victim of cable gremlins in the past. After several hours of testing I concluded that the drive was indeed dead. It is recognized in the BIOS just fine but Spinrite (http://www.grc.com/spinrite.htm) and Western Digital tools both said the drive was dead. Spinrite indicated that there was a BIOS problem which leads me to believe that the problem is with the hard drive circuitry and not a physical platter problem. I have already gone to CompUSA and got another drive which I am using right now. This may delay some postings for a few days as it takes me some time to reinstall everything.