Category Archives: Things that are bad

Windows 10 update problems continue

Recent updates to Windows 10 are causing headaches for Kindle and Powershell users.

Kindle users are reporting that simply plugging their Kindle into their Windows 10 PC is causing Windows 10 to crash. Two important Powershell features were rendered inoperable by the updates, making the jobs of system administrators more difficult.

Both problems are apparently the result of poorly-packaged cumulative updates. Microsoft is working on fixes, but seems to be in no hurry, since the fixes will not be available until August 30.

As with the webcam problems reported last week, these problems highlight what appear to be major holes in Microsoft’s new testing process, which relies on user feedback. Clearly, huge swaths of functionality are not being tested either by Microsoft or Insider users.

Windows 10 update breaks many webcams

Microsoft wants us to let them update our Windows computers whenever they choose. Anyone using the Windows 10 Home edition is already living with this new reality, and — short of upgrading to Windows 10 Professional — can do nothing about it.

Of course, Windows 10 Professional is only slightly less invasive, as it only lets users delay updates for a few weeks. The only way to regain complete control over updates is to use one of the extremely pricey Enterprise or Education editions.

If you wanted to demonstrate just how awful this all is, you couldn’t ask for a better example than the recent anniversary update, which caused huge numbers of webcams to stop working.

Nothing in the release notes for the anniversary update provided any clues that this might happen. I imagine plenty of people simply assumed that their webcams had failed. Some may even have purchased new webcams.

Microsoft is apparently working on a fix, but there’s no indication of when it will be available. In the meantime, there are a lot of angry webcam users out there.

But wait a second: why wasn’t this problem reported by people with affected webcams who are on the Windows 10 Insider Preview program? The problematic changes were available to those users well in advance of the anniversary update’s release. If it was reported, Microsoft apparently failed to grasp the scope of the problem. A more likely explanation is that Insider Preview participants either don’t have webcam hardware (e.g. they test Windows 10 on a virtual machine), or simply never thought to test their webcam. Either way, Microsoft failed to perform adequate internal testing, and this doesn’t bode well for Microsoft’s reliance on the new Feedback mechanism.

Microsoft: “Upgrade to Windows 10 or we’ll make Windows 7 and 8.1 just as bad.”

Microsoft just announced the next move in their fight to push their advertising platform into our faces, and it’s very bad.

Let’s review, shall we? Microsoft really wants you to use Windows 10. Their official explanation for this includes vague language about reliability, security, productivity, and a consistent interface across platforms. Their claims may be true, but they hide the real reason, which is that Microsoft saw how much money Google makes from advertising, realized that they had a captive audience in Windows users, and added advertising infrastructure to Windows 10 to capitalize on that. The privacy-annihiliating features are easily explained: the more Microsoft knows about its users, the higher the value of the advertising platform, since ads can be better targeted.

A short history of Microsoft’s sneakiest Windows 10 moves

Move #1: Offer free Windows 10 upgrades for Windows 7 and 8.1 users. Who doesn’t like free stuff? Many people jumped at this opportunity, assuming that newer is better.

Move #2: Dismayed by the poor reception of Windows 10, and upset by all the recommendations to avoid it, Microsoft creates updates for Windows 7 and 8.1 that continually pester users into upgrading, in some cases actually upgrading against their wishes or by tricking them. Angry users fight back by identifying and avoiding the problematic updates.

Move #3: Still not happy with people hanging on to Windows 7 and 8.1, Microsoft creates updates that add Windows 10 features to Windows 7 and 8.1, including instrumentation related to advertising. Again, users fight back by identifying and avoiding these updates.

Move #4: Microsoft announces that business and education customers can avoid all of the privacy-compromising and advertising-related features of Windows 10 through the use of Group Policy. This is good news for bus/edu customers, but then again, those customers pay a high premium for Enterprise versions of Windows already. At least now Windows 10 is a viable option for those customers.

Move #5: Microsoft realizes that the Group Policy tweaks provided for bus/edu customers can also be applied to Pro versions of Windows, Microsoft disables those settings in the Pro version. Windows 10 Home users never had access to those settings. Angry users are running out of options.

Move #6: Which brings us to today. Since the only way to avoid privacy and advertising issues (borrowed from Windows 10) in Windows 7/8.1 will be to stop using Windows Update entirely, angry users are now looking at alternative operating systems.

We know business and education customers won’t be affected by this latest change. The rest of us will have to suffer – or switch.

Assuming Microsoft doesn’t back way from this decision, I imagine my future computing setup to consist primarily of my existing Linux server, and one or two Linux machines for everyday use, development, blogging, media, etc. I’ll keep a single Windows XP machine for running older games and nothing else. In this scenario, I won’t run newer games if they don’t have a console version. Aside: if I’m not the only person doing this, we might see a distinct decline in PC gaming.

Dear Microsoft: I only kind of disliked you before. Now…

Computerworld has more. Thanks for the tip, Pat.

Potentially massive breach of Oracle POS software

The details are still not clear, but there is strong evidence of a breach of Oracle’s MICROS Point Of Sale (POS) software.

This software is used by many popular companies, and could affect as many as 200,000 food and beverage outlets, 100,000 retail sites, and 30,000 hotels. The primary danger to customers of these companies is theft of credit card information.

Affected companies include Starbucks, Sonic, IHOP, Hard Rock Cafe, and Burger King.

Update 2016Aug21: Brian Krebs’ ongoing analysis reveals that the breach may be much larger than originally thought, possibly even affecting Oracle’s corporate network. Oracle remains largely silent on the issue, which is prompting a lot of backlash from MICROS users.

New restrictions for Windows 10 Pro version

When it became clear that Microsoft intended Windows 10 to be an advertising platform, I wondered how they would sell it to business and education customers (see my Windows 10 review). I doubted that anyone would allow Windows 10 into the workplace unless the advertising and related privacy-compromising instrumentation could be disabled.

It wasn’t long before we started seeing tools and techniques for turning off these undesirable features, and Microsoft even provided some of their own, in the form of Group Policy settings.

The Group Policy editor is included with all versions of Windows 10 except Home. It makes the job of managing Windows settings easier for system administrators, since the alternative is editing the Windows registry.

So the answer to my question about disabling unwanted Windows 10 features for business customers would be Group Policy. Which is okay, but doesn’t help anyone using the Home version. Which is one reason why I tell people to avoid Windows 10 Home. Unless you’re on a tight budget, and don’t mind seeing advertising in your O/S, Windows 10 Professional is highly recommended for personal use.

So: get Windows 10 Pro, disable all the unwanted advertising and privacy-related settings, and you’re good to go, right? Not so fast.

The folks over at GHacks recently confirmed that Microsoft will lock down Group Policy in the Pro version of Windows 10 with the upcoming anniversary update. Many of the more annoying features will still have visible settings in the Group Policy editor, but changing them will have no effect. Even changing the corresponding settings in the registry apparently won’t work.

Microsoft’s message to the world seems to be “Okay, you don’t want us to advertise and track your users in Windows 10 in the workplace, so we’ll give you some tools to turn those features off. But we’ll be damned if we’ll let anyone else (i.e. Home and Pro users) turn that stuff off.”

To which my response is: “Dear Microsoft: Screw you. I won’t buy Windows 10. I won’t use Windows 10. I will tell anyone who cares to listen that they should avoid Windows 10 like they would Ebola. I will use Windows 7 and 8.1 until you abandon them, and then switch to Linux.”

There’s more over at BetaNews.

Ransomware update

Ransomware has been in the news a lot lately. The CryptXXX ransomware is no longer susceptible to easy decryption, and it’s been making a lot of money for its purveryors, in many cases using compromised, high profile business web sites as its delivery mechanism. On a more positive note, the people who created the TeslaCrypt ransomware stopped production and released global decryption keys. New ransomware delivery systems are able to bypass Microsoft’s EMET security software. The Cerber ransomware was recently delivered to a large proportion of Office 365 users via a Word document in an email attachment. And an even more hideous piece of malware surfaced in the last week: posing as ransomware, Ranscam actually just deletes all your files.

Ransomware is different from other kinds of attacks because of the potential damage. It can render all your data permanently inaccessible. Even paying the ransom is no guarantee that you will get all your data back intact. Other types of attacks typically try to fly more under the radar: trojans and rootkits want to control and use your computer’s resources; and viruses want to spread and open the door for other attacks. While other types of attacks can be fixed by removing the affected files, that doesn’t work for ransomware.

Like other types of attacks, ransomware first has to get onto your computer. These days, simply visiting the wrong web site can accomplish that. More common vectors are downloaded media and software, and email attachments. Preventing malware of any kind from getting onto your computer involves the kind of caution we’ve been advising for years; ransomware doesn’t change that advice.

What CAN make a big difference with a ransomware attack is limiting its reach. Once on a computer, ransomware will encrypt all data files it can access; specifically, files to which it has write access. Ransomware typically runs with the same permissions as the user who unwittingly installed it, but more insidious installs may use various techniques to increase its permissions. In any case, limiting access is the best safeguard. For example, set up your regular user so that it cannot install software or make changes to backup data.

Here’s a worst-case scenario: you run a small LAN with three computers. All your data is on those computers. Your backup data is on an external hard drive connected to one of those computers, and a copy exists on the Cloud. For convenience, you’ve configured the computers so that you can copy files between them without having to authenticate. Once ransomware gets onto one of the computers, it will encrypt all data files on that computer, but it will also encrypt data it finds on the other computers, and on the external backup drive. Worse still, some ransomware will also figure out how to get to your cloud backup and encrypt the data there as well.

How to limit your exposure? Require full authentication to access computers on your LAN. Use strong, unique passwords for all services. Store your passwords in a secure password database. Limit access to your backup resources to a special user that isn’t used for other things. In other words, exercise caution to avoid getting infected, but in case you get infected anyway, make sure that you have walls in place that limit the reach of the ransomware.

Most ransomware targets Windows systems, so most of the verbiage out there is about Windows as well. This article covers the basics fairly well.

Pre-installed crapware still a problem

A recent report from Duo Security shows that pre-assembled, ready-to-run computers purchased from major vendors almost always include pre-installed software that often makes those computers much less secure. That’s in addition to being unnecessary, unstable, resource-hungry, and often serving primarily as advertising conduits.

If you purchase a pre-assembled computer, you should uninstall all unnecessary software as soon as possible after powering it up. Before even connecting it to a network. It can be difficult to identify exactly which software should be removed, but a good starting point is to remove anything that shows the manufacturer’s name as the Publisher. PC World has a helpful guide.

And now the good news, at least for some of us: Microsoft now provides a tool that allows a user with a valid license to reinstall Windows 10 from scratch at any time. Minus all the crapware that the manufacturer originally installed.

Major vulnerabilities in Symantec security products

Earlier this week, a Google researcher published a report on vulnerabilities affecting all Symantec security products, including Norton Security, Norton 360, legacy Norton products, Symantec Endpoint Protection, Symantec Email Security, Symantec Protection Engine, and Symantec Protection for SharePoint Servers. All platforms are affected.

From the original report:

These vulnerabilities are as bad as it gets. They don’t require any user interaction, they affect the default configuration, and the software runs at the highest privilege levels possible. In certain cases on Windows, vulnerable code is even loaded into the kernel, resulting in remote kernel memory corruption.

Symantec quickly released security advisories and updates to address the vulnerabilities, including SYM16-010 and SYM16-011.

Anyone who uses Symantec or Norton security products should install the available updates as soon as possible.

Microsoft updates now harder to find

Until I hear a better explanation, I’m going to assume that Microsoft’s latest move – removing updates from its Download Center – is just another way to force user eyeballs through conduits for which they can sell advertising space.

Starting May 10, Microsoft wants you to use the Update Catalog instead of the Download Center. Previously, security bulletins included links to the Download Center, but since most updates (including security updates) will no longer be available there, those links will now point to the Update Catalog.

Okay, so we can use the Update Catalog, right? But guess what happens when you visit the Update Catalog with a browser that isn’t Internet Explorer? MS Update Catalog: IE Only Please

Note the final line of that message, which encourages visitors to use the Download Center instead. I guess Microsoft hasn’t gotten around to changing that. It should probably say “If you prefer to use a different Web browser, you’re out of luck.”

Most regular users get their updates via Windows Update, and won’t be affected by this change. Once again, it’s power users and system admins who will be affected the most. Does Microsoft hate us, or are they just ignoring us?

Although other mechanisms exist for obtaining updates, the Download Center was certainly convenient. Are we likely to see more third party sites offering Microsoft updates? Probably, although Microsoft frowns on this sort of thing and will probably move to shut them down.