Monthly Archives: March 2016

Edge, Microsoft, Patches and updates, Windows 10

Windows 10 Insider Preview Build 14295

Leave a comment

Late last week, preview build 14295 started making its way to computers enrolled in the ‘Fast track’ Windows 10 Insider Preview program. Yesterday, the build was made available to computers on the ‘Slow track’.

This latest build actually includes some interesting features. Or it will when the accompanying developer tools become available. With this build, Microsoft is expanding support for Linux tools on Windows 10, including the BASH scripting language.

While not of much interest to regular users, adding Linux tools to Windows 10 shows that Microsoft is actually listening to developers and other power users.

Build 14295 also fixes some minor problems affecting XBox compatibility, the Edge browser, and Kaspersky security software.

Chrome, Google, Patches and updates

Chrome 49.0.2623.110

Leave a comment

At what point does an update qualify as pointless? The full change log for Chrome 49.0.2623.110 contains six items, two of which involve merely changing the version number. Another publishes a small change in dependencies. One is literally about compatibility with Windows NT4. There’s nothing here that justifies all the data movement associated with mass-updating a popular piece of software like Chrome.

But hey, I guess I shouldn’t complain. I’d rather be at the “too many updates” end of that particular spectrum.

What you really need to know about the new Chrome version is that none of the issues addressed relate to security.

Chrome, Google, Patches and updates, Security

Chrome 49.0.2623.108

Leave a comment

Earlier this week, Google announced another new version of Chrome.

Version 49.0.2623.108 addresses five security issues, so if you use Chrome, you should make sure it’s up to date. Click the browser’s ‘hamburger’ menu at the top right, then select Help > About Google Chrome. If you’re not running the latest version, Chrome will start the update process automatically.

The full log lists about sixty changes in the new version, but nothing particularly interesting.

Java, Patches and updates, Security

Java 8 Update 77

Leave a comment

A single major security bug fix appears to be the reason for the newest version of Java 8: Update 77.

The release notes don’t provide much useful information, and neither does the security alert for the bug addressed in the new version.

If you’re still using a web browser with Java enabled, you should consider disabling it. At least configure it as ‘click to play’, so that Java content doesn’t load and play automatically on any web page you visit. If you’re not sure whether Java is enabled in your browser, find out by visiting Check-and-Secure.

Adobe, Flash, Patches and updates

Flash 21.0.0.197

Leave a comment

According to the announcement, the latest version of Flash – released on March 23 – fixes a specific bug that was causing problems for some Flash games.

A review of the release notes seems to show that Flash 21.0.0.197 doesn’t contain any security fixes, so this isn’t an urgent update. Unless of course you’re having trouble running Flash games in your browser.

The announcement for 21.0.0.197 contains at least one error: it shows the new PPAPI version of Flash, used in Chrome, Opera, and other Chromium-based browsers, as 21.0.0.286. My own tests, as well as the official release notes, shows that the new PPAPI version is actually 21.0.0.197. I reported the discrepancy to the author.

There is no new version of Flash for Internet Explorer and Edge on Windows 8.x and 10; the latest is Flash 21.0.0.182.

As usual, Chrome will update itself with the new version of Flash.

Microsoft, Patches and updates, Windows 10

Windows 10 Insider Preview Build 14291

Leave a comment

There’s another preview build for Windows 10. According to the accompanying announcement, build 14291 includes improvements to Edge and the Feedback Hub, Microsoft’s mechanism for reporting Windows 10 issues.

The changes to Edge show that Microsoft is still playing catchup, adding features that have existed in the other major browsers for a while. So there’s nothing particularly revolutionary, but if you’re forcing yourself to use Edge, being able to use extensions and pin tabs will be helpful.

Several of the Windows 10 apps have also been improved, including Maps, and Alarms & Clock.

Internet crime, Security, Tools

Was your account exposed as part of a breach?

Leave a comment

It seems like every few weeks another web site or online service is breached. When that happens, user account information is almost always stolen, and usually published online.

If you have an account on a breached site or service, you may not be in any immediate danger. Often, only email addresses are published. Sometimes account/user names are also published. Occasionally, encrypted passwords are published, and when that happens, the weaker of those passwords are also quickly decrypted. The worst case scenario is where you’ve used a single, weak password for several different web sites or services.

After learning about a breach on a site or service, your first step should be to determine whether you have an account there. If you do, you should sign in and change the account’s password immediately (sometimes this is forced by the site owner in response to a breach). Then, if you’ve used the same account/email + password anywhere else, sign in to those other sites and change those passwords. Then stop using the same password everywhere, and start using a password manager like Password Corral.

If you’re not sure where you’ve used a particular account/user name or email address, you should start by searching for them on the Have I Been Pwned site. ‘Pwn’ is gamer slang for ‘own’, if you were wondering. Enter a username or email address, and the site will search it them in all known lists of breach data.

Email, Social Media, Things that are bad, Tools

The perils of using free services

Leave a comment

RIP TweetDeck

Twitter is pulling the plug on the Windows version of its popular TweetDeck application, pushing users to switch to the web-based version. Although they claim otherwise, the reason is simple: web applications are easier to monetize.

Twitter purchased TweetDeck in 2011 because users found its interface much more useful than the Twitter web interface, and were switching in large numbers. This translated into a loss of advertising revenue for Twitter. There were immediate predictions that Twitter would kill off TweetDeck, and that’s finally happening.

For some users, switching to the web-based TweetDeck will not be a problem. The two interfaces are virtually identical. But having a compact, separate application has several advantages: I can configure it to start automatically with my computer; I can leave it running all the time without hurting my computer’s performance; and it’s not – like all web-based apps – inherently fragile. So I’m looking at alternatives. If I find one I like, I’ll post about it.

Mandrill email no longer free

If you use Mandrill’s email service, you should start looking for an alternative. Unless you think $20 per month seems like good value to send a few emails.

I originally started using Mandrill because my Internet Service Provider’s email service was increasingly less willing to process email from domains I host, including boot13.com. If you don’t host your own domains, and you don’t send large quantities of email, you’re unlikely to ever need a ‘transactional email’ service like Mandrill.

Luckily, there are plenty of alternatives to Mandrill. Right now I’m evaluating MailGun, which is free for up to 10,000 emails per month, and supports DKIM and SPF, technologies that help to identify legitimate senders and reduce spam.