Windows 10 is out. I say you should upgrade, just not necessarily right now.

Windows 10 is out today. Of course I’ve been getting questions about whether to upgrade from Windows 7 to 10, and I’ve been seeing mixed advice on upgrading, though some of that mixed advice is regarding Microsoft history that isn’t completely relevant today.

My advice is to upgrade immediately if you’re running Windows 8 or 8.1, and to wait, perhaps six months, if you’re running Windows 7, but I still think you should do it. I’ll explain.

Continue reading Windows 10 is out. I say you should upgrade, just not necessarily right now.

How to configure uBlock for better malware protection

My favorite ad-blocking extension for Chrome is uBlock, because it’s faster and more resource friendly than the better-known Adblock Plus. It also comes configured by default to block known malicious sites, where Adblock Plus makes you dig for that feature.

But it’s still possible to tweak uBlock to give you even better protection against malware, and that’s a good thing. It’s one thing to detect malware and block it after you’ve downloaded it, but it’s even better to detect and block it before downloading it.

Continue reading How to configure uBlock for better malware protection

Women in tech: The forgotten story of Vector Graphic

I frequently hear lamentations about the number of women in the technology field–or the lack of them. Although there have been a number of successful women in the field, such as Meg Whitman, CEO of HP and formerly Ebay; Marissa Meyer, CEO of Yahoo; and Carly Fiorina, former CEO of HP, men outnumber women in the field and often by a large margin.

That perhaps makes it even more sad that Vector Graphic is largely forgotten today. Last week Fast Company profiled this pioneering computer company that time forgot.

Continue reading Women in tech: The forgotten story of Vector Graphic

How the Amiga could have lived to age 30 and beyond

It was 30 years ago this week that Commodore released its landmark, long-time-coming Amiga 1000 computer–the first 1990s computer in a field full of 1970s retreads.

Yes, it was a 1990s computer in 1985. It had color and sound built in, not as expensive, clunky, hard-to-configure add-ons. It could address up to 8 megabytes of memory, though it ran admirably on a mere 512 kilobytes. Most importantly, it had fully pre-emptive multitasking, something that had previously been the exclusive domain of commercial workstations that cost five figures.

It was so revolutionary that even NBC is acknowledging the anniversary.

Being a decade or so ahead of its time was only the beginning of its problems, unfortunately.

Continue reading How the Amiga could have lived to age 30 and beyond

Looking for a career change? Consider web app pentesting

IT jobs aren’t as easy to come by as they were 20 years ago, but there’s one subset of the field that I don’t see slowing down any time soon. Unfortunately it’s a poorly understood one.

But if you spent any significant time in the 1980s or early 1990s abusing commercial software, especially Commodore and Apple and Atari and Radio Shack software, I’m looking at you. Even if you don’t know it, you’re uniquely qualified to be a web app pentester.

Continue reading Looking for a career change? Consider web app pentesting

Stunt Hacking: Why Charlie Miller hacked a Jeep driving on I-64

St. Louis-based security researcher Charlie Miller and his collaborator Chris Valasek got themselves in the news this week by hacking a Jeep driven by Wired journalist Andy Greenberg on I-64.

The reaction was mixed, but one common theme was, why I-64, where lives could have been at risk, rather than an abandoned parking lot?

I don’t know Miller or Valasek, so it goes without saying I don’t speak for either one of them, but I think I have a pretty good idea why they did it that way.

Continue reading Stunt Hacking: Why Charlie Miller hacked a Jeep driving on I-64

Need a good, cheap dual gigabit NIC? I have just the thing.

If you need gigabit ports for your home server or router project and you’re short on available expansion slots, I have just the thing. Home sysadmins have known for a while that you can get cheap PCI-X Intel NICs and run them in PCI mode, but you may not know that you can find the very same thing by searching Ebay for HP 7170 and it’s usually cheaper. It’s not rare to find them for $7, shipped.

Continue reading Need a good, cheap dual gigabit NIC? I have just the thing.

How to mitigate MS15-078 or future Microsoft font driver vulnerabilities

Microsoft rushed out an out-of-band patch, MS15-078, to deal with active exploits in their font driver yesterday. Since pushing out patches takes time, my boss asked me what we could do to mitigate the issue in the meantime.

The biggest threat, by far, is exploit-bearing fonts being downloaded from web sites. Ideally you only install trusted fonts from trusted sources locally on your workstations, right? If not, I suggest you start that practice as well.

You have a couple of options when it comes to blocking fonts in browsers.

Continue reading How to mitigate MS15-078 or future Microsoft font driver vulnerabilities

What to do for medical coverage in between jobs

I recently changed jobs, and although I’ve dealt with gaps in medical coverage before, I didn’t anticipate everything this time.

First things first: gaps are likely, and the laws are written under the assumption that small gaps will happen. The system still isn’t what I would call fair, not that it ever has been, but generally it’s possible to navigate the system and get the coverage you need. I’m not here to complain about the system; I’m here to tell you what I did, or could have done, to navigate it.

Continue reading What to do for medical coverage in between jobs

David L. Farquhar, computer security professional and sometime author