Jeff Rivett has worked with and written about computers since the early 1980s. His first computer was an Apple II+, built by his father and heavily customized. Jeff's writing appeared in Computist Magazine in the 1980s, and he created and sold a game utility (Ultimaker 2, reviewed in the December 1983 Washington Apple Pi Journal) to international markets during the same period. Proceeds from writing, software sales, and contract programming gigs paid his way through university, earning him a Bachelor of Science (Computer Science) degree at UWO. Jeff went on to work as a programmer, sysadmin, and manager in various industries. There's more on the About page, and on the Jeff Rivett Consulting site.

All posts by jrivett


Opera, Patches and updates

Opera 39 released

Leave a comment

A new version of the Opera web browser makes improvements to the video pop-out feature, adds a news reader, and adds customizable block lists to the integrated ad blocker.

The context menu that appears when right-clicking selected page text now includes more useful options. Opera’s memory footprint has been improved with version 39.

The Opera 39 announcement doesn’t include a link to the change log, so I had to go hunting for it on the Opera web site. Eventually I found it on the Opera desktop blog. Note that while many of the entries in the change log refer to unreleased, developer or beta versions, all of the changes described apply to the newly-released version, 39.0.2256.42.

Meanwhile, other Opera web resources have disappeared (Unified change logs for Opera), and others include no mention of Opera 39 (Opera for Windows change log). That’s just sloppy.

Internet, Privacy, Security

Connecting everything to the Internet is dangerous

Leave a comment

By now, you’ve probably encountered the term “Internet of Things”, usually abbreviated as IoT. It refers to the rapidly increasing number of devices that are capable of connecting to the Internet. Cars, fridges, thermostats, lights… basically, anything that can be built to include a few microchips can be made to talk to the Internet. Usually wirelessly. Often silently, by default.

Which of course is a perfect scenario for a whole new category of security breaches, privacy concerns, and other, related issues.

Recommendations:

  • Where possible (and unless you have a good reason not to) avoid purchasing any non-computer device that’s Internet-capable.
  • If you must use such a device (and unless you have a good reason not to) disable any Internet-related features.
  • If you’re unable or unwilling to disable a device’s Internet features, at least configure it to maximize security.

Bruce Schneier’s recent analysis of the dangers of IoT is excellent, and definitely worth reading.

Microsoft, Things that are bad, Windows 10

New restrictions for Windows 10 Pro version

Leave a comment

When it became clear that Microsoft intended Windows 10 to be an advertising platform, I wondered how they would sell it to business and education customers (see my Windows 10 review). I doubted that anyone would allow Windows 10 into the workplace unless the advertising and related privacy-compromising instrumentation could be disabled.

It wasn’t long before we started seeing tools and techniques for turning off these undesirable features, and Microsoft even provided some of their own, in the form of Group Policy settings.

The Group Policy editor is included with all versions of Windows 10 except Home. It makes the job of managing Windows settings easier for system administrators, since the alternative is editing the Windows registry.

So the answer to my question about disabling unwanted Windows 10 features for business customers would be Group Policy. Which is okay, but doesn’t help anyone using the Home version. Which is one reason why I tell people to avoid Windows 10 Home. Unless you’re on a tight budget, and don’t mind seeing advertising in your O/S, Windows 10 Professional is highly recommended for personal use.

So: get Windows 10 Pro, disable all the unwanted advertising and privacy-related settings, and you’re good to go, right? Not so fast.

The folks over at GHacks recently confirmed that Microsoft will lock down Group Policy in the Pro version of Windows 10 with the upcoming anniversary update. Many of the more annoying features will still have visible settings in the Group Policy editor, but changing them will have no effect. Even changing the corresponding settings in the registry apparently won’t work.

Microsoft’s message to the world seems to be “Okay, you don’t want us to advertise and track your users in Windows 10 in the workplace, so we’ll give you some tools to turn those features off. But we’ll be damned if we’ll let anyone else (i.e. Home and Pro users) turn that stuff off.”

To which my response is: “Dear Microsoft: Screw you. I won’t buy Windows 10. I won’t use Windows 10. I will tell anyone who cares to listen that they should avoid Windows 10 like they would Ebola. I will use Windows 7 and 8.1 until you abandon them, and then switch to Linux.”

There’s more over at BetaNews.

Microsoft, Patches and updates, Windows 10

Windows 10 Insider Preview Build 14393

Leave a comment

According to the announcement, Windows 10 Insider Preview Build 14393 consists of bug fixes and reliability improvements. Which is a good thing, because according to several sources, build 14393 is what Microsoft will use for the Windows 10 anniversary update.

The anniversary update will become available on August 2, and will be available for free for anyone already running Windows 10 or on the Insider Preview program. If you want it for free and you’re not yet running Windows 10, you have until tomorrow (July 29) to upgrade your Windows 7 or 8.1 computer.

Ars Technica: Windows 10 Anniversary Update is ready to go and free for just a few more days

The Verge: Windows 10 Anniversary Update: the 10 best new features

Microsoft, Windows 10

Free Windows 10 upgrade offer ending soon

Leave a comment

If you want to take advantage of Microsoft’s free Windows 10 upgrade offer for Windows 7 and 8.1, time is running out. The offer will end on July 29.

Of course, there’s nothing particularly compelling about Windows 10. Unless you’re excited by the idea of seeing advertising in Windows. Or happy that (by default) Microsoft will track your Windows 10 activity.

Both Windows 7 and Windows 8.1 are still excellent operating systems. Windows 7 will be supported by Microsoft until January 14, 2020. Windows 8.1 will be supported until January 10, 2023. That means Microsoft will continue to develop (and make publicly available) security updates until 2020 for Windows 7 and 2023 for Windows 8.1.

Internet crime, Malware, Security, Spam and scams, Things that are bad

Ransomware update

1 Comment

Ransomware has been in the news a lot lately. The CryptXXX ransomware is no longer susceptible to easy decryption, and it’s been making a lot of money for its purveryors, in many cases using compromised, high profile business web sites as its delivery mechanism. On a more positive note, the people who created the TeslaCrypt ransomware stopped production and released global decryption keys. New ransomware delivery systems are able to bypass Microsoft’s EMET security software. The Cerber ransomware was recently delivered to a large proportion of Office 365 users via a Word document in an email attachment. And an even more hideous piece of malware surfaced in the last week: posing as ransomware, Ranscam actually just deletes all your files.

Ransomware is different from other kinds of attacks because of the potential damage. It can render all your data permanently inaccessible. Even paying the ransom is no guarantee that you will get all your data back intact. Other types of attacks typically try to fly more under the radar: trojans and rootkits want to control and use your computer’s resources; and viruses want to spread and open the door for other attacks. While other types of attacks can be fixed by removing the affected files, that doesn’t work for ransomware.

Like other types of attacks, ransomware first has to get onto your computer. These days, simply visiting the wrong web site can accomplish that. More common vectors are downloaded media and software, and email attachments. Preventing malware of any kind from getting onto your computer involves the kind of caution we’ve been advising for years; ransomware doesn’t change that advice.

What CAN make a big difference with a ransomware attack is limiting its reach. Once on a computer, ransomware will encrypt all data files it can access; specifically, files to which it has write access. Ransomware typically runs with the same permissions as the user who unwittingly installed it, but more insidious installs may use various techniques to increase its permissions. In any case, limiting access is the best safeguard. For example, set up your regular user so that it cannot install software or make changes to backup data.

Here’s a worst-case scenario: you run a small LAN with three computers. All your data is on those computers. Your backup data is on an external hard drive connected to one of those computers, and a copy exists on the Cloud. For convenience, you’ve configured the computers so that you can copy files between them without having to authenticate. Once ransomware gets onto one of the computers, it will encrypt all data files on that computer, but it will also encrypt data it finds on the other computers, and on the external backup drive. Worse still, some ransomware will also figure out how to get to your cloud backup and encrypt the data there as well.

How to limit your exposure? Require full authentication to access computers on your LAN. Use strong, unique passwords for all services. Store your passwords in a secure password database. Limit access to your backup resources to a special user that isn’t used for other things. In other words, exercise caution to avoid getting infected, but in case you get infected anyway, make sure that you have walls in place that limit the reach of the ransomware.

Most ransomware targets Windows systems, so most of the verbiage out there is about Windows as well. This article covers the basics fairly well.

Firefox, Patches and updates

Mozilla getting sneakier about updates to Firefox

Leave a comment

According to the release notes, Firefox 47.0.1 was released on June 28. I only found out about it yesterday (half a month later), when I happened to run the FileHippo Update Checker.

After seeing the new Firefox version reported by FileHippo, I looked at Firefox’s ‘About Firefox’ dialog, and it offered to upgrade to version 47.0.1. I went ahead, and I’m now running 47.0.1.

Why is Mozilla no longer announcing new versions of Firefox? If their goal is to make updates invisible to users, why didn’t my version of Firefox update to the new version automatically?

For what it’s worth, Firefox 47.0.1 appears to fix one obscure crashing problem.

Microsoft, Patches and updates, Windows 10

More Windows 10 Insider Preview Builds

Leave a comment

The rapid pace of Windows 10 Preview builds being delivered to my test PC continues. I guess that’s what Microsoft meant when it described this release channel as ‘Fast’.

In the last week or so, my test PC has been updated four times, to Windows 10 preview builds 14383, 14385, 14388, and 14390.

Given that each of these new builds is effectively a new install of Windows 10, they are surprisingly non-intrusive. The downloads are of course large, so there’s a bandwidth consideration. But the downloads happen in the background, and the installs and subsequent restarts happen during off hours (at night). Often I don’t notice the change until I start copying files and notice that Explorer’s copy dialog has once again reverted to its default, simple view.

Note: the Windows 10 version number is no longer visible on the desktop. Microsoft says “the desktop watermark is now gone. This is because we’re beginning to check in final code in preparation for releasing the Windows 10 Anniversary Update”. I’m not sure I follow the logic there, but at least it’s somewhat consistent. The watermark stops appearing when a release is imminent.

Build 14383

Bug fixes and performance improvements.

Build 14385

Bug fixes and performance improvements.

Build 14388

Bug fixes; reliability and performance improvements.

Build 14390

Bug fixes.

Adobe, Flash, Internet Explorer, Microsoft, Patches and updates, Security, Windows

Patch Tuesday for July 2016

Leave a comment

It’s a relatively light month for Microsoft patches: only eleven this time. The updates address security issues in the usual suspects, namely Windows, Internet Explorer, Edge, Office, and the Flash code that’s embedded in IE 10, IE 11, and Edge. Six of the updates are flagged as Critical. A total of fifty vulnerabilities are addressed.

Adobe joins in the fun again this month, with updates for Flash and Reader/Acrobat. The Flash update fixes a whopping fifty-two vulnerabilities, while the Reader update fixes thirty vulnerabilities. Update: an announcement for the Flash update appeared on July 14th, despite being dated July 12th.

Update 2016Jul17: Ars Technica points out that one of the Microsoft updates addresses a critical security hole in a Windows printer driver installation mechanism that dates back to Windows 95. The vulnerability was not actually closed by the update; instead, a warning was added to the driver installation process.