Computer News & Safety – Harry Waldron Rotating Header Image

January 10th, 2018:

Wireless Security – New WPA3 Wi-Fi standards announcement

A new WPA3 Wi-Fi standard is being developed which will strengthen wireless security controls in future devices

The Wi-Fi Alliance, an industry body made up of device makers including Apple, Microsoft, and Qualcomm, announced Monday its next-generation wireless network security standard, WPA3.

One of the key improvements in WPA3 will aim to solve a common security problem: open Wi-Fi networks. Seen in coffee shops and airports, open Wi-Fi networks are convenient but unencrypted, allowing anyone on the same network to intercept data sent from other devices.

WPA3 employs individualized data encryption, which scramble the connection between each device on the network and the router, ensuring secrets are kept safe and sites that you visit haven’t been manipulated.

Another key improvement in WPA3 will protect against brute-force dictionary attacks, making it tougher for attackers near your Wi-Fi network to guess a list of possible passwords. The new wireless security protocol will also block an attacker after too many failed password guesses.

WPA2, the current incarnation of the wireless security standard since 2004, uses a four-way handshake to securely allows new devices with a pre-shared password to join a network. The newer WPA3 will use a newer kind of handshake, Mathy Vanhoef, a computer security academic, told ZDNet, which will “not be vulnerable to dictionary attacks.”

Microsoft Security – Spectre and Meltdown performance impacts on 2015 and earlier CPUs

The most performance impacts will be older WIN7 devices as documented below:

Understanding the performance impact of Spectre and Meltdown mitigations on Windows Systems

Performance slowdowns will be most apparent for older Windows client systems, such as Windows 7 and Windows 8, particularly when using Intel Haswell chips on “2015-era PCs,” according to an announcement by Terry Myerson, executive vice president of the Windows and Devices Group. Microsoft expects “most users to notice a decrease in system performance” on these older Windows clients.

Leadership – 10 barriers that can impact corporate creativity

The John Maxwell leadership training center shares an excellent article in looking ahead to challenges of 2018.  It focuses on how leaders should foster an improved spirit of creativity in their organizations.

Creativity goes hand in hand with innovation.  The best creative cultures remove barriers or creativity killers so employees can continue with the flow of a good idea.  Share these 10 hazardous expressions with the leaders in your company and challenge them to recall the last time they detected them:

1.I’m not a creative person. Everyone is creative even though each person brings unique strengths to each situation.

2.Don’t ask questions. Good leaders ask great questions, and they only get answers to questions they ask.

3.Don’t be different. The fact is that being different is how progress happens. Your team can’t get where you want to go by staying where you are.

4.Stay within the lines. Lines can be valuable things, but some lines exist only because they have never been questioned and examined.

5.There is only one way. Thomas Edison said it best: “There is always a better way—find it!”

6.Be practical. Although practical thinking is vital to execution, it can kill creative thinking if applied too soon. Good leaders give their teams time to be creative before leading them to get practical.

7.Think of your image. Leaders who are more concerned with how they look than how their team performs will have issues. Great performance begins with great thinking.

8.It’s too much work. Coasting is always easier in the short-term than thinking outside the box. But leaders who aren’t willing to to do the work will eventually be out of work.

9.We can’t afford to make a mistake. Some of the greatest inventions in human history were born from mistakes made in the messy, creative process.The leader who never makes a mistake soon takes his orders from one who does.

10.Failure is final. The more leaders do, the more they fail. The more they fail, the more they learn. The more they learn, the better they get.

Microsoft Security – JANUARY 2018 issues related to Spectre and Meltdown fixes

The Spectre and Meltdown fixes are complex and require some prerequisite work for Anti-virus vendors and other companies to update their products before the JAN-2018 Windows updates will applied.  Microsoft is blocking updates in some cases where incompatibilities have been discovered.

Well, things just got a heck lot more complicated for users of some anti-virus programs.   That’s because Microsoft has said that customers who are running certain anti-virus products will not receive its bundle of January 2018 security patches (including mitigations against the Spectre and Meltdown CPU flaws) unless their products certify that they don’t make unsupported calls into Windows kernel memory.

According to Redmond, some security products jump through some hoops to bypass the Kernel Patch Protection built into the operating system. And unfortunately, those techniques, are incompatible with Microsoft’s latest patches – and cause computers to blue screen.  So, Microsoft is demanding that anti-virus products certify that their software work with its fixes by adding a registry key every time they startup.

Leadership – Seven methods to encourage greater creativity in 2018

The John Maxwell leadership training center shares an excellent article in looking ahead to challenges of 2018.  It focuses on how leaders should foster an improved spirit of creativity in their organizations.

Negative environments kill thousands of great ideas every minute—ideas your company needs to stay competitive. Your leaders and managers are the ones who choose to cultivate a creative workplace environment or to stifle new ideas before they can grow.   So what are your managers doing to cultivate the creative instincts of your employees? Here are 7 ways leaders can intentionally cultivate the kind of creative culture where ideas flow freely:

1. Encourage creativity: Studies show that people are naturally creative but often feel as if they need permission to express that creativity.

2.Place a high value on trust: Creativity always risks failure. That’s why your leaders must demonstrate they trust their team members to be creative.

3.Embrace those who are most creative: Pull them into brainstorming sessions. Most people often look forward to invitations to such meetings because the time is filled with energy, ideas, and laughter.

4.Focus on innovation, not just invention: Often the best way for people on your team to contribute in a creative way is to imagine innovative applications, not create completely new concepts.

5.Place a high value on options: Creative people are “other” thinkers. They are always thinking about and looking for other ways of doing things because they know that options bring opportunities.

6.Be willing to let people go outside the lines: Most people automatically stay within lines. But if your leaders want teams to be more creative, challenge boundaries.

7.Appreciate the power of a dream: A creative environment promotes the freedom of a dream. Martin Luther King, Jr.declared to millions, “I have a dream,” not “I have a goal.” Goals may give focus, but dreams give power. Dreams expand the world.

Microsoft Security Updates – JANUARY 2018

Below are key resources documenting this recent monthly Microsoft Patch Tuesday release

Today Microsoft has released its monthly set of security advisories for vulnerabilities that have been identified and addressed in various products. This month’s advisory release addresses 56 new vulnerabilities with 16 of them rated critical, 39 of them rated important and 1 of them rated Moderate. These vulnerabilities impact ASP.NET, Edge, Internet Explorer, Office, Windows, and more.

In addition to the 56 vulnerabilities addressed, Microsoft has also released an update that addresses Meltdown and Spectre. Mitigations for these two vulnerabilities were published for Windows in ADV180002. Note that due to incompatibilities with anti-virus products, users and organizations may not have received this update yet. For more information, users should refer to Microsoft’s knowledge base article which covers this issue.