What is Winshock?

So the other day I got blindsided with a question at work: What are we doing about Winshock. Winshock, I asked? I had to go look it up, and I found that’s what they dubbed what I’ve been calling MS14-066, the vulnerability in Schannel, which is Microsoft’s implementation of SSL/TLS for Windows.

Based on that, I’d argue it has more in common with Heartbleed than Shellshock, but I guess “Winshock” is catchier than “Winbleed.”

Then the lead of another team asked me to brief his team on Winshock. I actually managed to anticipate all but three of the questions they asked, too, which was better than I expected. Some of what I shared with them is probably worth sharing further.

Read more

What to look for in a cheap laptop in late 2014

So the sales fliers for the 2014 Christmas shopping season are out, and I’m seeing tons of cheap laptops. If you only have $200 to spend, they have something for you.

Some of them look like they’re even worth having. Yes, I’m shocked too. Here’s how to figure out which ones are worth taking home, and which ones are best left for some other sucker. Whether you’re shopping for yourself or someone else, you’ll probably want to keep the following in mind.

Read more

Windows Vista’s market share is growing. After seeing 8.1, I know why

I installed Windows Vista last week. I need a legal copy of a supported version of Windows to use to VPN in to work and run the corporate Citrix client. Vista fit the bill. It’s better than 8.1, and it’s supported until April 2017. I always hated Vista, but 8 and 8.1 made me realize it could have been a lot worse, and on recent hardware Vista does OK. It still prompts you for admin rights too much and too slowly and makes you work too hard to click yes, but at least you can find stuff. Read more

The Bing conspiracy

So my buddy Tom was working on a Windows 8 laptop, trying to fix it up, and he needed to uninstall a program. Tom’s been using Windows since about 1992, so he’s no newbie, but he couldn’t figure it out.

He had to resort to using a web search to find out how to do it.

I told him it’s a Microsoft conspiracy to get people to use Bing. But then Tom had to go and ruin it for them by using Google.

Curious conspiracies… or maybe just progress all at once

In the wake of Truecrypt’s sudden implosion, someone sent me a link to this curious blog post. I can see why many people might find the timing interesting, but there are a number of details this particular blog post doesn’t get correct, and it actually spends most of its time talking about stuff that has little or nothing to do with Truecrypt.

What’s unclear to me is whether he’s trying to say the industry is deliberately sabotaging Truecrypt, or if he’s simply trying to make a list of things that are making life difficult for Truecrypt. His post bothers me a lot less if it’s just a laundry list of challenges, but either way, the inaccuracies remain. Read more

When Linux is easier than Windows

A few months ago I bought a Gigabyte GA-Z77M-D3H to learn computer forensics on, because at the time I thought that was the direction my career was going. I dropped it into a neglected Compaq case and installed Linux on it, since most of the free forensics tools run on Linux. The current version of Debian loaded effortlessly and ran nicely, as you would expect on a dual-core CPU with 16 gigs of RAM.

Then my career went another direction. Today I analyze Windows threats and vulnerabilities for a living. That’s a better match for my experience and the pay is the same, so I’m perfectly fine with that. But my mind turned to that hotrod computer in the basement. I suppose I could still use it to learn forensics, but I probably won’t, so why not see how Windows runs on it and bring it upstairs? Read more

Microsoft is offering some help in migrating off XP

Since there is no direct upgrade path from Windows XP to Windows 8.1 or even Windows 8, Microsoft has reacted to criticism by licensing a cut-down version of PC Mover and offering it to latter-day XP upgraders for free. It will only migrate three applications for you, but for most people, that’s probably enough.

The good news is that this version of PC Mover works with Windows 7 as well, so if you want to take the strategy of migrating people to $99 off-lease PCs running Windows 7, it will still help.

The linked article above criticized Microsoft for not developing its own migration tool, but that seems a bit harsh. I’ve used PC Mover before, and found it to be a very capable tool. I’d be surprised if Microsoft actually could do much better. And Microsoft has a history of licensing third-party tools anyway: Every disk defragmenter Microsoft has ever shipped was a cut-down version of something written by other companies.

Of course it’s best to rebuild machines from scratch–it will perform much faster that way–but when there’s a must-have program on an old PC and the installation media is long gone, PC Mover is about the only way to recover it and move it on. Most people probably don’t have much more than three programs in that category.

My Windows 8.1 experience

I installed Windows 8.1 last week to see how bad it really is.

And?

Well, it’s more stable than Windows Me, but Windows Me was a lot nicer to use. It’s awful. Because I listen to podcasts, I know that there’s magic in hovering your mouse over the upper right hand screen. And somehow I was able to get to a desktop pretty quickly. The first thing I did was launch Internet Explorer and install Classic Shell, which, as promised, makes it a dead ringer for Windows 7 or XP or even 2000 if you want. Much better.

What else? Read more