Computer News & Safety – Harry Waldron Rotating Header Image

August, 2016:

Linux Malware – FairWare ransomware deletes web server files

A newly improved ransomware threat called FairWare can now deletes files from Linux web servers

Dubbed FairWare, the malicious program is not the first ransomware threat to target Linux-based web servers but is the first to delete files. Another program called Linux.Encoder first appeared in November and encrypted files, but did so poorly, allowing researchers to create recovery tools.  After attackers hack a web server and deploy FairWare, the ransomware deletes the entire web folder and then asks for two bitcoins (around US$1,150) to restore them, Lawrence Abrams, the founder of tech support forum, said in a blog post.

Intel — Announces Kaby Lake Processor Details

Intel — Announces Kaby Lake Processor Details

Intel has announced details for Kaby Lake CPUs which promises improved power consumption, functionality and 4K video handling

Intel showed today that it’s continuing to pursue the goal, with the full release of its 7th Generation Core processing platform, code-named “Kaby Lake,”.   Kaby Lake’s debut focuses on devices at the lower end of the power spectrum, with the introduction of a new range of processors using between 4.5 and 15 watts. The chips will be available in laptop computers and Intel-driven mobile devices beginning this fall. The processors will come to enterprise, workstation, desktop, and enthusiast notebook systems by January 2017.

The variation of the process used in Kaby Lake is something Intel calls “14nm+”, which boasts an improved fin profile and transistor channel strain. Intel claims that the chips represent a power efficiency improvement of as high as 25 percent over Skylake processors, and that they may deliver up to 12 percent increased productivity performance and up to 19 percent increased Web performance.

Much of Intel’s push around Kaby Lake centered on comparisons to PCs that are five years old, what the company considers the standard upgrade window. Its press materials offer that Kaby Lake chips are 1.7 times faster at basic processing, for example, and are three times better when playing high-end 3D games at 1,920-by-1,080 resolution.

Apple – iPhone 7 details to be announced on September 7

On September 7, 2016, Apple will announce iPhone 7 details. They could unveil new MacBook Pros and the Apple Watch 2 at the same event.

Both iPhone 7 models are expected to introduce a darker color for the black-front model. The iPhone 5 introduced a dark blue color called slate that was prone to scuffing, and Apple has played with versions of its ‘space gray’ gunmetal gray color since the iPhone 5s. The iPhone 7 is expected to feature a return to a dark blue color or maybe even a near black ‘space black‘ option.

As you may notice in the alleged leaked cases above, Apple is also widely expected to drop the 3.5-mm headphone jack on both iPhone 7 models in a push toward Lightning, Bluetooth, and AirPlay audio.  While both models are expected to gain faster A10 processors and drop the 16GB tier for 32GB entry models, the most dramatic change is likely coming to the 5.5-inch iPhone 7 Plus.

As for the Apple Watch 2, the anticipated refresh will mark the first update since the current model was unveiled two years ago and released a year and a half ago. The design is expected to look generally the same, but much needed speed improvements are on the way and a GPS chip for mapping workouts and using location services is expected.

Apple later released the 9.7-inch iPad Pro at its March event earlier this year, new iPads aren’t expected until next year, and rumors of an updated Apple TV haven’t surfaced aside from one story late last year.  Apple will also likely give stage time once again to its upcoming software updates: iOS 10, macOS Sierra, watchOS 3, and tvOS 10.

Android Nougat 7.0 – Comprehensive FAQ

The new Android Nougat 7.0 phone O/S offers improved security & functionality. Below is a comprehensive

Android 7.0 is officially on its way into the world. So what’s Nougat — the Android software, that is — all about? And what’ll it mean for you? Here are answers to all of your burning questions.

Windows 10 – Ten advanced and hidden usage tips AUG-2016

PC Magazine highlights 10 advanced and hidden usage tips for Windows 10 users as noted below:

Here we present a list of 10 cool tips that will help you get a little bit more out of your Windows 10 experience. Or, at least, there are some things you may have not known about. Some have been available in Windows for a number of generations, while some are native to Microsoft’s most recent OS.

PCMag has some dedicated Windows fans in our readership, so you likely know at least some of these features, but you probably don’t know them all. I tested these on a pair of Lenovo laptops, one running Windows 10 (non-Anniversary Update version) and the other (when accessible) on Windows 7 Professional.

1. Secret Start Menu
2. Secret Desktop Button
3. Rotate Your Screen via Keyboard Ctrl-Alt-D Arrows
4. Enable Slide to Shutdown
5. Enable ‘God Mode’ (power user mode)
6. Right-Click on Tiles
7. Right-Click on the Taskbar
8. Shake – which clears clutter in window displays
9. Drag to Pin Windows
10. Hidden Games in Cortana

Windows 10 – Anniversary update changes for PIN and Windows Hello Behavior

After the recent Windows 10 “Anniversary update” (1607), The capability to use the PIN functionality is now restricted by Global Group policy settings that must be turned on in advance for use of this feature.

The purpose of this post is to quickly publish details of some changes designed to create distinction of our next generation credential, now called Windows Hello for Business and its associated PIN. If you are currently managing an enterprise computing environment utilizing Windows 10 with Windows Hello then you should read this article to determine if you need to take action.

So, What’s Changed? — Starting in Windows 10, Version 1607, the default behavior to allow convenience PIN creation has changed.  The new default is that convenience PINs cannot be created on domain joined machines unless you specifically enable it via policy:

In summary, if you are looking to deploy Windows Hello for Business (formally Microsoft Passport for Work) then this might be the perfect opportunity to move to that more secure credential and not re-instate the convenience PIN sign in. However, if you have happy with the convenience PIN sign in functionality and security, you should enable the “Turn on convenience PIN sign-in” GP setting before you upgrade so that users can continue to use Windows Hello and not be interrupted by the upgrade.

Windows 10 – Anniversary update issue for Webcams using MJPEG and H264 encoding

After the recent Windows 10 “Anniversary update” (1607), an issue surfaced for webcams using an older MJPEG and H264 encoding standard. The use of the older webcam standards was more prevalent than originally anticipated and will likely be restored soon during a future update.

On August 2nd, Microsoft released the Anniversary Update for Windows 10 and when the bits arrived on computers around the globe, it brought with it new features and also broke webcams for millions of consumers. If your webcam has stopped functioning since the release of the Anniversary update, you are not alone but the good news is a fix is coming, hopefully in September.

Microsoft made a significant change with the release of Windows 10 and support for webcams that is causing serious problems for not only consumers but also the enterprise. The problem is that after installing the update, Windows no longer allows USB webcams to use MJPEG or H264 encoded streams and is only allowing YUY2 encoding.

Why did the company remove these options? The short answer is that with the Anniversary update there are new scenarios for applications to be able to access the webcam and the MJPEG or H264 encoding processes could have resulted in duplication of encoding the stream (poor performance) so the company limited the input methods to stop this from happening.

This issue impacts a wide variety of webcams including the popular Logitech C920 that both Paul and I use for podcasting. Paul has been having this issue for months where every time the camera tries to go into HD on a video call, it would freeze and now I am experiencing this issue as well. When Paul started having these issues a few months ago, we figured it was either a bad driver from Logitech or possibly even the Skylake CPU.

MS16-095 – IE11 and Edge browsers remove RC4 cryptographic support

Microsoft has phased out all browser support for the older RC4 communications encryption standard as it is rarely in use and considered obsolete and insecure compared with new standards (like TLS 1.2 for example)

It might be thought that RC4, a stream cipher used in client-server communications that’s long been considered to be cryptographically insecure, was already gone from those browsers. Microsoft declared its intention to kill it off last year. In March of this year, Microsoft indicated that RC4 would go away on April 12. However, it later delayed that action in response to “customer feedback.”

This time Microsoft will pull the trigger on RC4. It’s happening via patch KB3151631, which is part of Microsoft’s security update MS16-095 in the August batch of bulletins, released today. The patch will disable RC “for Microsoft Edge and Internet Explorer users on Windows 7, Windows 8.1 and Windows 10,” Microsoft indicated in its announcement today.

Not many browsers currently use RC4. The Trustworthy Internet Movement’s SSL Pulse page showed just 6.5 percent of modern browsers used RC4 this month. Microsoft described RC4 use as “small and shrinking” in its announcement.  Microsoft is following the lead of Google and Mozilla by getting rid of RC4 because the cipher can be broken in hours via man-in-the-middle session hijacking attacks. Typically attackers trick browsers into using the insecure RC4 cipher to carry out the attacks. The Internet Engineering Task Force has stated that RC4 should be prohibited from use with client and server Transport Layer Security (TLS) connections.

Microsoft recommends that organizations enable Transport Layer Security 1.2 in their services and stop using RC4. Ciphers supported by various Windows versions are described at this page.

Intel – Kaby Lake features graphics improvement in 7th-generation microprocessors

Intel is developing the new Kaby Lake microprocessor to succeed Skylake with improved features in it’s 7th generation model.

Intel isn’t known for its graphics processors, but the company is promising a big improvement with its 7th-generation Core processors, code-named Kaby Lake. The Kaby Lake chips, which will succeed Skylake, will feature integrated 4K graphics processors, the company said at the Intel Developer Forum on Tuesday.

The chip will allow PCs to play premium 4K content smoothly, said an Intel representative demonstrating the PC. The chip will have hardware-accelerated 4K video decoding.  While graphics will be smoother with Kaby Lake, you’ll still need a separate graphics processor for virtual reality headsets and demanding games.  Laptops based on Kaby Lake will ship this fall, Krzanich said

SPAM EMAIL – Best practices for 2016

I briefly shared the following with some friends who have become inundated with some recent increases in spammed email messages.  Strategically, it is better to ignore and delete these incoming messages than to attempt to fight the spammers directly.  This is shared below.

When it comes to SPAM email, that’s basically just a fact of life these days, that cannot be stopped unless one changes their email account name periodically (and that is too much trouble). 

The more one limits sharing email addresses publicly, it helps decrease the potential for attacks.  For example, when you signup for a contest or publicly list it spammers can put you on their list. Watch carefully how you give out your email address, and safeguard it just like you watch how you hand out your social security #

What often happens is if someone gets infected with virus, an ENTIRE address book of contacts is accessed & emailed to spammers as an “active & clean” email address to use in future.  In the DARK WEB, these lists are purchased at a bulk rate.  The bad guys can also SPOOF email addresses, so it looks like it comes from a friend or legitimate contact also.

YAHOO, GMAIL, HOTMAIL, and usually corporate business email all have great spam & AV filters.  Usually, the SPAM quarantine folder will only have 1 or 2 possible legitimate items.  It is always important to recognize spam filters won’t catch all spammed items in inbox.  When unwanted messages are found in the regular inbox — please delete them without opening

You are usually safe on spam as long as you never click on links (including to OPT OUT), and never click on an attachment.  Most MALWARE attacks need a “permission click” to install the bad stuff, and one mistake can cost you hours of time and even a potential loss of data.  It is important to always “think before you click”.

Never click on a link to OPT OUT or send any “get lost” type emails back to spammer.  That lets them actually they know they have got a good email otherwise.  If the bad guys never hear from you, you’ll sometimes have a much better chance of being DROPPED from their lists.

Finally, it is better to err on the side of caution and be over-zealous in deleting or not opening email messages that are out of character or unexpected.  There are no “free lunches” out there and it is more appropriate to think of spam email more like telemarketing phone calls (where one must be extra careful)