Security

PowerShell – Check For Meltdown and Spectre

January 5, 2018, 05:20(EST) By Eric (a.k.a. TweakHound)

IMHO this is a Geek tool for fun. Got Intel? You’re vulnerable.
[Read more…] about PowerShell – Check For Meltdown and Spectre

Win10 January 3, 2018 Updates And AV Software

January 4, 2018, 08:29(EST) By Eric (a.k.a. TweakHound)

Important information regarding the Windows security updates released on January 3, 2018 and anti-virus software
Microsoft has identified a compatibility issue with a small number of anti-virus software products.
The compatibility issue is caused when anti-virus applications make unsupported calls into Windows kernel memory. These calls may cause stop errors (also known as blue screen errors) that make the device unable to boot. To help prevent stop errors caused by incompatible anti-virus applications, Microsoft is only offering the Windows security updates released on January 3, 2018 to devices running anti-virus software from partners who have confirmed their software is compatible with the January 2018 Windows operating system security update.
If you have not been offered the security update, you may be running incompatible anti-virus software and you should follow up with your software vendor.

Intel CPU Fiasco – More Info

January 4, 2018, 07:47(EST) By Eric (a.k.a. TweakHound)

last updated: 0838EST, 04JAN2018

Full breakdown: https://meltdownattack.com/

iVerge – Microsoft issues emergency Windows update for processor security bugs

Google: “These vulnerabilities affect many CPUs, including those from AMD, ARM, and Intel, as well as the devices and operating systems running on them.”

AMD says, “near zero risk”

CERT: Vulnerability Note VU#584653 – CPU hardware vulnerable to side-channel attacks

WARNING – Do Not Run Windows Update

January 4, 2018, 07:31(EST) By Eric (a.k.a. TweakHound)

Patches will be rolling out today for the Intel CPU Fiasco.
(See below for the email I woke up to this morning.)
I highly recommend you pause, disable, stop, do not run Windows Update.
Full details have not been released as of this writing. These updates will at the kernel level. For the non-Geek that means at the core of Windows. I am not trying to play chicken little (henny penny for my U.K. friends). IMHO these updates are being rushed out and will be altered over time. They could slow down or even hose your PC. Let someone else beta test this stuff.
[Read more…] about WARNING – Do Not Run Windows Update

Patch Tuesday

December 12, 2017, 15:58(EST) By Eric (a.k.a. TweakHound)

Time To Run Windows Update
Patches available for all things Microsoft. Full breakdown at the end of this post.
Windows 10 – December 12, 2017—KB4053580 (OS Build 15063.786)
“This update includes quality improvements. No new operating system features are being introduced in this update.”

Flash Updated
APSB17-42 Security updates available for Adobe Flash Player
Download for Firefox and Opera: Adobe Flash Player 28.0.0.126
Download for Internet Explorer: Adobe Flash Player 28.0.0.126

CCleaner 5.38 Released
***WARNING*** As of this writing only the standard build available. No portable or slim.
I am not downloading this until a portable version is available.
CCleaner Forums post about this:
“The devs have decided to delay the portable version until the slim release. it is unclear if this is just for this version or going forward but this is a test trial of this policy.”
I am considering switching to Privacy Eraser. If anyone is/has used this please chime in.

[Read more…] about Patch Tuesday

Monday Random Stuff…

December 11, 2017, 16:11(EST) By Eric (a.k.a. TweakHound)

Another HP Keylogger
Security researcher Michael Myng found a keylogger on some HP laptops. There was one found earlier this year. This is on top of spyware found on HP devices.
Yikes!

GET OFF OF FACEBOOK
Another former Facebook exec rips social media:
“I think we have created tools that are ripping apart the social fabric of how society works…No civil discourse, no cooperation; misinformation, mistruth. And it’s not an American problem — this is not about Russians ads. This is a global problem.”
source: iVerge

FCC Chairman Ajit Pai Just Got Owned

December 11, 2017, 15:06(EST) By Eric (a.k.a. TweakHound)

Many of the computing worlds pioneers and best and brightest took the FCC chairman to school. In a letter to four Congressmen and an attached document they laid out the case for Net Neutrality and why repealing it is wrong. I’ve read both the letter and the attached document (53-page document, 43 plus credits). They are works of art. IMHO all Computer Science majors should be required to read them. If you are remotely interested in your internet freedom you should read them. If you want to understand anything about this issue you should read them.
The basic premise is that the argument that Ajit Pai is making is… well, here are some key phrases:
“appears to lack a fundamental understanding”
“fundamental misunderstanding”
“fundamentally misunderstands”
“analysis is fundamentally flawed”
“inaccurately portraying”
“This analysis is fundamentally flawed and again shows a basic misunderstanding of how the Internet works.”
“displays a stunning lack of technical knowledge”
and my favorite:
“This interpretation of the role ISPs play in a customer’s online experience is so fundamentally alien to the standard conception of how the Internet works that a well-known April Fools’ joke addresses precisely this question.”

The signers of the letter are a Who’s Who of the internet and computing world including the inventor of the World Wide Web, and the co-founder of Apple Computer.
The folks that put the document together is darn near as impressive.

Letter: Internet Pioneers and Leaders Tell the FCC: You Don’t Understand How the Internet Works
PDF: Joint Comments of Internet Engineers, Pioneers, and Technologists on the Technical Flaws in the FCC’s Notice of Proposed Rule-making and the Need for the Light-Touch, Bright-Line Rules from the Open Internet Order

uMatrix Firefox Add-on

November 24, 2017, 09:20(EST) By Eric (a.k.a. TweakHound)

I’m trying a new add-on called uMatrix. It is from the same guy that brought you uBlock Origin.
“uMatrix: A point-and-click matrix-based firewall, with many privacy-enhancing tools.
*For advanced users.*
uMatrix put you in full control of where your browser is allowed to connect, what type of data it is allowed to download, and what it is allowed to execute. Nobody else decides for you: You choose. You are in full control of your privacy.”
As stated above, this is for advanced users. Like Noscript it can make using the web difficult at first until you train it.
If you are using uMatrix, or you try it please let me know what you think.
In the pic below I have disabled my usual extensions of Noscript and uBlock Origin so I can get a true picture of what is going on.

***I’ve said this before and I will say it again.
Do not whitelist 3rd party ad servers on any site, including this one. I know other website operators beg you to whitelist for their site. Ads track you, ads often get caught serving malware. I have Google Ads because I average enough per month to help keep this site going. I hope you are smart enough to never see them. How I finance my site is my problem not yours. You do not need 3rd party connections to have an ad on your site. I reference the Torguard ad in the right sidebar. I created it. Readers see the unintrusive ad and can click on it if they are interested. There is no connection to a 3rd party.