Windows

Windows Technical Support calls me again

Dave Farquhar scams, security, Windows , , , , , ,

“Oh, so you think you’re Mr. Genius Man,” the crackly voice said, drowned out by static caused by his cheap VOIP connection. “Enjoy your broken computer, Mr. Genius Man. Goodbye, Mr. Genius Man.”

So ended 23 minutes of my life that I’ll never get back, but I figure it’s 23 minutes he wasn’t spending scamming someone else. I don’t do it often, but my kids were playing nicely and we were all in the same room, so I guess I don’t regret it too much. Read more

What I did for Mother’s Day

Dave Farquhar Hardware, security, Windows , , , , , , , ,

Last month, Rapid7’s Trey Ford appealed to security professionals:

You have an opportunity to be an ambassador. When you see XP out there, have an adult conversation, educate in terms that others will appreciate. Your actions and words reflect on the entire community.

As the family CIO/CSO – look for the smart investment. There are options that will make your life easier. A small investment is a lot easier to stomach than compromised shopping/banking/credit card credentials (or identity theft.)

Read more

Microsoft was wrong whether it patched XP this time or let it burn

Dave Farquhar security, Windows , , , , ,

Years ago I heard a joke that reminds me of the situation Microsoft found itself in last week with its latest IE vulnerability:

If a man is alone in a forest, and there’s no woman there to hear him, is he still wrong?

I was as shocked as anyone when Microsoft released just one last Internet Explorer patch for Windows XP on May 1. I can argue either side of the issue, but I don’t think I can argue either side convincingly enough to get a simple 50.1% majority of people to agree with me, because I’m not sure I can argue either side of the issue convincingly enough that Iwould agree with myself.

I think it’s important that 26% of all web traffic is still coming from Windows XP today, nearly three weeks after it went end of life. That likely played into the decision. Microsoft was in a no-win situation here, and they had to decide whether they wanted to lose 1-0 or 24-1. So I don’t think it matters all that much, but here are the pros and cons of each side, as I see them. Read more

IE gets patched and XP gets a reprieve

Dave Farquhar security, Windows

In case you haven’t heard, Microsoft released an emergency patch yesterday afternoon for the bad Internet Explorer bug that prompted the Department of Homeland Security to tell everyone not to use IE until further notice. That was no surprise, given the amount of publicity behind this bug.

What was a surprise was that they went ahead and released the patch for Windows XP as well. So, unless something really weird happens, the very last patch for Windows XP is MS14-021, issued 1 May 2014.

If you run Windows and your PC didn’t tell you this morning it applied updates automatically, go to Automatic Updates in Control Panel and download the fix.

The ultimate command-line ZIP utility

Dave Farquhar Software, Windows ,

I accidentally find Ken Silverman’s utility page from time to time and can never find it again when I want it, so if you need the ultimate command-line ZIP utility (KZIP), or the ultimate PNG optimizer (PNGOUT), to squeeze just as many bytes as possible out of your recompressed archives or your images while maintaining 100% compatibility, save this link. You’ll thank me later when you need it badly, like when you’re e-mailing an archive and it’s a few dozen bytes larger than your e-mail system allows.

Also check out his clever ZIPMIX utility.

What makes his approach to ZIP archiving special is that he emphasizes file size over speed. His software is built to take a few extra seconds to save a few bytes, if it’s possible to do so. Mainstream Zip/Unzip programs will still decompress his archives just fine; they just won’t match it for compression ratio most of the time. And in the rare event that they do, his ZIPMIX utility will take advantage of that. Just zip up the same files with both programs, then run ZIPMIX on the two archives. So Ken Silverman’s utilities win even when he loses.

I first noticed this phenomenon when using Info-Zip, when I found its -9 option produced smaller archives than PKzip’s -max option. The first thing I did was make sure PKzip could uncompress the Info-Zip archive I’d created. It did, so I never used PKzip to create an archive again. And every once in a while I find another tool that does better than the last best one I found. Right now Ken Silverman’s utilities are it.

I have an unusual appreciation of smaller archives. That’s because I’m old enough to have downloaded files over a 300-baud modem (but also young enough to remember having done so). Ken Silverman practices a lost art, and maybe there aren’t a lot of people left who appreciate that, but I still do.

Windows XP gets its first forever-day

Dave Farquhar security, Windows ,

This week Microsoft disclosed a critical 0-day flaw in Internet Explorer. Microsoft is considering an out-of-band patch, but regardless of when the patch gets released, no Windows XP patch will be coming, except for the companies and governments who are paying a large fee for end-of-life support.

This was about 20 days later than some people estimated, but now it’s happened. The mitigation is to run EMET. But in the long term, getting to a new version of Windows is the only viable option. You can do this on the cheap if you need to.

While we’re talking about browsers, Chrome has the most CVEs associated with it, making it numerically the least secure of the browsers, but they have the fastest time to patch, by far, so the numbers are very deceiving. So using Chrome isn’t a bad choice, especially on XP where Internet Explorer is out of date and forever EOL.

Cheap, simple application whitelisting

Dave Farquhar security, Windows

Application whitelisting is an effective security tool, but a pain to implement and administer. Here’s a very simple tool for it, that works on home versions of Windows as well as pro versions. It’s very simple and possible to defeat, but, arguably, it’s about 90% effective, putting it on par with antivirus and giving you coverage that antivirus will miss. It makes a good companion for antivirus and EMET.

Even grade D+ whitelisting is much better than no whitelisting.

Don’t forget the .NET Framework when troubleshooting

Dave Farquhar Troubleshooting, Windows

I’ve been troubleshooting a program that’s written in a combination of Java and .NET (yes, now I’ve seen everything), and the program misbehaved. It misbehaved a lot, and the vendor was confused too. About four hours in, one of us had the idea to uninstall the .NET Framework 4.0 and install the newest .NET Framework 4.5.1. The 4.5.1 framework is designed to be backwards compatible with multiple predecessors.

It turned out to be the miracle cure that had eluded us.

Read more

Troubleshooting machines that won’t update from WSUS or SCCM

Dave Farquhar security, Windows , ,

In my younger days, I administered WSUS on a small (300 servers or so) network. Every once in a while, I ran into an issue where a server just didn’t want to talk to WSUS. These days, some companies prefer to push patches with SCCM but it uses the same mechanism to push patches.

Apparently my old problem still happens from time to time. So I did some research to come up with a solution. This mechanism is still largely a black box, but it’s a lot better documented now than it was in my day. Here’s what I came up with for troubleshooting WSUS or SCCM. Read more

How to get 1440×900 resolution out of an Nvidia video card

Dave Farquhar Hardware, Windows ,

I have a Gateway FPD1975W LCD monitor with an unusual 1440×900 resolution. Intel video cards have no issues with this resolution, but Nvidia cards don’t support it by default when running under Windows.

Hack the drivers a bit and you can get this monitor to work just fine with an Nvidia adapter, though. Believe it or not, the only hacking tool you need to accomplish the deed is notepad.exe.  Read more