Smartphones just became useful

October 18, 2013 jrivett Leave a comment

I don’t have a smartphone. I’ve fiddled with them, and I use one for app development. But the mobile device I actually use for day-to-day phone communication is an ancient Nokia 2610b.

Nokia 2610b — Hey, don’t laugh – it works.

I’ve never had any issues with call quality, or any other problems with this phone. It lets me download media from arbitrary web locations and use any sound file as a ring or other tone. It’s sturdy; I literally use it as a beer bottle opener. Of course it doesn’t have a full keyboard, and the buttons are tiny, but I’m no rapid-fire texter anyway. The display is very basic, but it works for me.

I’ve been tempted on many occasions to buy a smartphone. The coolness factor alone has almost triumphed, but so far I’ve resisted its lure. Sure, smartphones can do lots of cool stuff, and I have no doubt that if I owned one, I’d spend a lot of time playing with it. But in the end, the only features I would really use are the phone, contacts, text messages (including alerts from Google Calendar), and occasionally the timer and alarm.

Until today, I thought I might end up using the 2610b until it died (which is unlikely), the battery stopped holding a charge (original battery is still going strong), or somehow it was no longer supported by my carrier (also unlikely).

What changed my mind? Microsoft released a mobile version of Remote Desktop. That’s the software I use to remotely control the Windows PCs I administer. I use it to administer the media computer downstairs, and the server next to me. I use it to manage client computers in this and other cities. And I use it to access my main PC when I’m elsewhere. It’s indispensable. And now it runs on Android and iPhone devices.

This changes everything: now I have a valid reason to buy a smartphone. But I’ll continue to resist as long as I can.

Microsoft, Patches and updates, Windows 8.x

Windows 8.1 released today

October 17, 2013 jrivett Leave a comment

~~Windows 8 Service Pack 1~~ Windows 8.1 is now available. If you’re not already running Windows 8, you can purchase 8.1 from the Windows Store. If you are using Windows 8, you should start seeing prompts in the Windows Store to upgrade to 8.1 (a free download).

In the past, when a Windows Service Pack became available, savvy users tended to stay away until the inevitable problems were resolved. I don’t see any particular reason to charge blindly into Windows 8.1 either. My advice is to wait for at least two weeks and monitor this and other tech blogs for reports from early adopters.

Ars Technica and The Verge have additional information:

Verge: Windows 8.1 now available to download
Verge: Windows 8.1 review
Ars: Review: In Windows 8.1, Mail is finally usable on tablets and desktops
Ars: Windows 8.1: What a difference a year makes

Java, Patches and updates, Security

Java 7 Update 45 released

October 16, 2013 jrivett Leave a comment

As part of a massive quarterly ‘CPU’ (Critical Patch Update), Oracle recently announced Java 7, Update 45 (7u45).

This new version of Java includes several security enhancements, mostly related to Java component deployment. A new button on the Security tab of the Java Control Panel, labeled ‘Restore Security Prompts’, allows the user to completely clear the list of allowed Java applications.

As for the contentious ‘Issue 69‘ Java security vulnerability reported by security researcher Adam Gowdiak: according to Mr. Gowdiak’s latest research, this issue was resolved in Java 7, Update 40 (7u40).

Chrome, Patches and updates, Security

Chrome 30.0.1599.101 released

October 16, 2013 jrivett Leave a comment

Another new version of Google Chrome was announced yesterday. The new version includes fixes for five security vulnerabilities, many of which were reported to Google via its ongoing vulnerability rewards program.

Internet, Malware, Security

ZeroAccess botnet survives takedown attempt

October 10, 2013 jrivett Leave a comment

Security researchers recently attempted to take down the ZeroAccess botnet, but the malware network proved more resilient than expected and is still in operation.

Previous posts about the ZeroAccess botnet:

Security, Tools

Ouch! newsletter: password managers

October 9, 2013 jrivett Leave a comment

This month’s ‘Ouch!’ newsletter from SANS covers password managers. A password manager is a small program that stores all of your passwords, in an encrypted form. When you forget a password, you only need to remember the password manager’s password to access your collection.

I’ve been using the freeware Password Corral for years and recommend it.

Adobe, Privacy, Security

Adobe systems breach

October 9, 2013 jrivett 1 Comment

On October 3, 2013, Adobe announced that their network and some of their servers had been breached. Their investigation continues, and the full scope and impact of the breach has yet to be determined.

However, we do know the following:

The intruders obtained Adobe customer data, including customer names, encrypted credit or debit card numbers, expiration dates, and other information relating to customer orders. According to Adobe, “At this time, we do not believe the attackers removed decrypted credit or debit card numbers from our systems.” Adobe reset the passwords for all affected user accounts, and has been sending out alerts to those users. If you have never purchased software from Adobe directly, you should be safe. If you receive an alert from Adobe, follow their instructions to change your password.
The intruders also obtained source code for at least one product: Acrobat/Reader. Reader is already a popular target for malware perpetrators, and having access to the source code can only make things easier for them. Stay tuned for a fresh new crop of Reader security issues.

Ars Technica has additional details, as does the SANS ISC Diary.

Update 2013Nov02: Ars Technica explains exactly what Adobe did wrong and why we should all be worried about it. Adobe now says that as many as 38 million users were affected by the breach.

Update 2014Oct10: Duo Security reviews the fallout from this breach, and warns of the dangers of password hints.

Adobe, Flash, Internet Explorer, Microsoft, Patches and updates, Security, Windows

Patch Tuesday for October 2013

October 8, 2013 jrivett Leave a comment

Patches from Microsoft and Adobe were announced today, along with a new version of Flash.

Eight bulletins from Microsoft fix security vulnerabilities in Windows, Internet Explorer, .NET, Office, Windows Server and Silverlight.

The Microsoft Security Research Center as usual provides a more friendly overview of this month’s patches, while the SANS Internet Storm Center provides a wealth of technical details.

Two bulletins from Adobe fix security vulnerabilities in Adobe Reader/Acrobat and Robohelp.

Flash 11.9.900.117 includes a long list of bug fixes. Chrome will be updated silently to match the new version of Flash. An update for Internet Explorer 10 on Windows 8 is also on the way.

Opera, Patches and updates

Opera 17 released

October 8, 2013 jrivett Leave a comment

Development continues on the new Webkit-based version of the Opera web browser. Version 17 was announced today. This version adds pinned tabs, startup options and custom search engine support.

Purists can still download the classic version 12.x Opera. It remains to be seen how many of the features lost in the transition from the Presto-based browser will be added to the Webkit-based browser. So far there’s plenty missing, including bookmarks, the sidebar and proper tab control.

Chrome, Google, Patches and updates

Chrome 30.0.1599.69 released

October 4, 2013 jrivett Leave a comment

Yesterday, Google announced another update for its Chrome web browser.

Version 30.0.1599.69 fixes two bugs that were introduced in the previous version.

boot13