Sigh ... your Windows 10 device is probably only as secure as Microsoft's database

Subject: General Tech | December 29, 2015 - 02:13 PM |
Tagged: microsoft, windows 10, security

If your Windows 10 machine uses your Microsoft account as the login then your system's recovery key now resides on a Microsoft database in the cloud.  That recovery key is used in the file system encryption present on Windows 10 systems.  The backup is good news for people who find themselves with computer problems and need access to the key from a different machine, however this is also a huge security concern as your key could be stolen or demanded from Microsoft.  Follow the link from the Slashdot article to find out how to delete that back up recovery key and consider using a domain or workgroup style account as opposed to a Microsoft account to log into your machine.

advanced-boot-options.png

"The fact that new Windows devices require users to backup their recovery key on Microsoft's servers is remarkably similar to a key escrow system, but with an important difference. Users can choose to delete recovery keys from their Microsoft accounts – something that people never had the option to do with the Clipper chip system. But they can only delete it after they've already uploaded it to the cloud.....As soon as your recovery key leaves your computer, you have no way of knowing its fate."

Here is some more Tech News from around the web:

Tech Talk

Source: Slashdot

Microsoft to Reclassify Certain Ad-Injectors as Malware

Subject: General Tech | December 24, 2015 - 05:52 PM |
Tagged: microsoft, windows defender, adware, Malware, superfish

The Microsoft Malware Protection Center has announced that, on March 31st, 2016, certain types of advertisement-injection will be reclassified as malware. This does not include all forms of ad-injection, just ones which use confusing, difficult to remove, or insecure methods of displaying them. Specifically, adware must use the browser's default extension model, including their disable and remove functions. Recent adware has been known to modify DNS and proxy settings to force web traffic through a third party that injects ads, including secure websites using root certificates.

In other words, Superfish.

microsoft-2015-windowsdefender.jpg

An interesting side-story is that, while Microsoft requires that adware uses default browser extensions, Microsoft Edge does not yet have any. Enforcement doesn't start until March 31st, but we don't have a date for when extensions arrive in Microsoft. I seriously doubt that the company intends to give Edge a lead-time, but that might end up happening by chance. The lead time is probably to give OEMs and adware vendors a chance to update their software before it is targeted.

The post doesn't explicitly state the penalties of shipping adware that violates this blog post, but the criteria is used for antimalware tools. As such, violators will probably be removed by Windows Defender, but that might not be the only consequence.

Source: Microsoft

Podcast #380 - Microsoft's Surface Devices, the ASUS X99-E WS. HTC Vive and more!

Subject: General Tech | December 23, 2015 - 11:23 PM |
Tagged: podcast, video, asus, X99-E WS, microsoft, surface pro 4, surface book, htc, vive, ECS, LIVA, vulkan, dx12, Mantle, nvidia, shield tablet k1

PC Perspective Podcast #380 - 12/24/2015

Join us this week as we discuss Microsoft's Surface Devices, the ASUS X99-E WS. HTC Vive and more!

You can subscribe to us through iTunes and you can still access it directly through the RSS page HERE.

The URL for the podcast is: http://pcper.com/podcast - Share with your friends!

  • iTunes - Subscribe to the podcast directly through the iTunes Store
  • RSS - Subscribe through your regular RSS reader
  • MP3 - Direct download link to the MP3 file

Hosts: Ryan Shrout, Allyn Malventano, Morry Tietelman, and Sebastian Peak

Subscribe to the PC Perspective YouTube Channel for more videos, reviews and podcasts!!

Author:
Subject: Mobile
Manufacturer: Microsoft

Design - A Tablet and a Notebook

For the last 30 days or so, I have been using both Microsoft's new Surface Book and Surface Pro 4 as every day computing devices. The goal was to review these items from not just a handful of days of testing and benchmarking, but with some lengthy time under my belt utilizing both products in a real-world environment. The following is my review with that premise. Enjoy!


A lot has already been said about the design and style of both the updated Surface Pro 4 and the new Surface Book. Let’s start with the Surface Pro 4 as it sees the least dramatic changes from previous product.

The Surface Pro 4 uses the same kickstand tablet design that made the Surface brand so memorable as well as functional.  Many different OEMs are starting to copy the design style because it has a lot of positive merits to it. For instance, it allows viewing angles from nearly 90 degree to flat. The Surface Pro 4 is a tablet in its purest form, though. It doesn’t have a keyboard or trackpad standard – you’ll have purchase the optional Type Cover. It’s only 8.5mm thick and weighs in at 1.73 lbs, without the added keyboard.

IMG_3883.JPG

The kickstand works exceptionally, with unlimited positions between the starting and stop point of the hinge, and it allows smooth movement between them. It’s strong enough to stand up when being slid around on the tablet or desk. The biggest concern I have with the kickstand is that using it on your lap (or on an airplane tray table) is difficult to impossible, depending on the exact configuration or your legs / tray. Because the hinged kickstand needs a surface to make contact with, pushing the Surface Pro back on your legs where the hinged portion extends past your knees won’t work.

IMG_3891.JPG

From a design and style perspective, I still think the Surface products are among the best that exist on the market today. The magnesium body is sleek and the angles are both professional and aggressive. Even when coupled with the magnetic Type Cover, it won’t look like a toy at the office or on the road.

The new Surface Book is a completely different beast – a unique design and a new product. I am sure that there are some people that simply won’t like the way the notebook looks, but I am not one of them. Though it is technically a tablet and a keyboard dock, the Surface Book only ships as a complete unit so calling this a notebook or a 2-in-1 convertible feels more accurate than calling it a tablet. It has a larger and more pronounced 13.5-in screen than the Pro, which makes it larger, heavier and bulkier in your bag as well. The magnesium body shares a lot of design cues with the Pro 4, but it’s the hinge on the Book that really makes it different than any notebook I have used.

Continue reading our review of the Microsoft Surface Book and Surface Pro 4!!

This One Takes It to 11! Windows 10 Insider Build 11082

Subject: General Tech | December 16, 2015 - 06:20 PM |
Tagged: microsoft, windows 10

A new build is available for Windows 10 at the Insider Fast update level. This one is numbered 11082, and it is the first one on the “Redstone” track. Users will probably not notice any changes, beyond the bugs, because the modifications are all under-the-hood. They are working on the core of the operating system, called “OneCore,” to restructure it better for the wide variety of hardware that it's designed for.

windows8beta.jpg

This raises the question: Why now? It's odd that they would release a public preview that seemingly adds nothing, just before the holidays when the engineers will be unavailable to fix it. That feels like replacing the first floor of a building from wood to maybe-not-quite-set concrete, then hopping on a plane for a few weeks. Of course, this is not a bad thing. This is what some Insiders want to experience, and those who don't can drop down to Slow (or leave Insider).

Also, Microsoft sort-of explained why they did this. First, they intend to get down to business on features and upgrades in January. Basically, they structured their work such that pre-Holiday tasks built the infrastructure for post-Holiday creations (as I mentioned in the first paragraph). Big development tasks are often done on branches of a canonical product that are merged when complete. Merging a branch back into the trunk is easier when the trunk is designed more modularly, etc. In that context, it makes sense to see how it reacts in a large sample of configurations just before you start pushing big feature payloads into it. The second explanation is that Microsoft intends to speed up Insider previews in general.

If you're interested, WinBeta has a video “walking through” the features, although they basically just read the announcement. They also checked to see whether Microsoft Edge changed to add extensions, and it didn't.

A list of known issues is also available in the Insider Hub app post. Basically, Language packs and "Features on Demand" will not install. File progress dialogues will not show (even though the actual copy / move / delete will work without issue). Finally, some default apps will be incorrectly reset.

It is available through Windows Update for Fast Insiders.

Source: Microsoft

Xbox Wireless Adapter for Windows Now Supports 7, 8.x

Subject: General Tech | December 16, 2015 - 07:20 AM |
Tagged: xbox one, Windows 8.1, windows 8, Windows 7, windows 10, microsoft

Last week, Microsoft announced that the Xbox Wireless Adapter for Windows now supports Windows 7 and 8.x. Previously, the dongle would only work on Windows 10, which meant that other operating systems required Xbox One controllers to be wired.

microsoft-2015-xbox-adapter-windows.jpg

This does not mean that all functionality will be available on Windows 7 and 8.x, though. The Xbox Accessories app is required to manage profiles and update firmware without an Xbox One console. As far as I can tell, that will continue to be the case. If you have an Xbox One console, and don't mind managing the controllers there, then this wireless adapter might be for you. If you have don't have an Xbox One console, Windows 10, or an existing Xbox One controller, then you may want to reconsider getting an Xbox One controller at all. If you do, then you can turn it wireless, now even on Windows 7 and 8.x.

The Xbox One Wireless Adapter for Windows has been out for a couple of months.

Microsoft's penitent weekend

Subject: General Tech | December 14, 2015 - 12:22 PM |
Tagged: microsoft, Surface Pro, surface book

Along with the apology and reversal of their OneDrive policy, Microsoft has also apologized to customers about several issues that many have experienced with their new Surface Pro and Surface Books.  The complaints started on a forum, as usual, with several users encountering screen flickering when using the devices.  However the complaints quickly spread and even an interim firmware update was unable to resolve the issue.  On Friday Microsoft officially apologized for the ongoing issue which has persisted through numerous updates and promise to have more updates available soon, hopefully one of which will permanently resolve the issue.  The Register also mentions several other issues which users have experienced in their article this morning.

microsoft-surface-book-closer.jpg

"Buyers have complained on Microsoft user forums about several faults with the machines since their launch earlier this year, including a "weird screen flicker", slowness in waking from sleep mode and worse than expected battery life. Surface Book"

Here is some more Tech News from around the web:

Tech Talk

Source: The Register

Microsoft Allows Opt-in to Grandfather Your Free OneDrive

Subject: General Tech | December 12, 2015 - 09:54 PM |
Tagged: microsoft, onedrive

A month and a half ago, Microsoft announced that they would roll back OneDrive storage plans. Subscription OneDrive storage would return to 1TB, down from unlimited. Free OneDrive was hit, too. The service offered 15GB (with a bonus 15GB for using Camera Roll). That was also scheduled to be reduced to 5GB, with no Camera Roll bonus. Users were naturally upset at having their free storage reduced by a factor of 6.

microsoft-logo_onedrive2014_hero1.jpg

These changes will still take effect in early 2016, but not for everyone. If you are a current user with 15GB base storage, you can opt-in to being grandfathered by clicking a link. You will apparently also retain your 15GB camera roll bonus, if applicable, too. This will not be available for new customers, although there might be still time to sneak in, especially if you have a Hotmail / Microsoft Account / .NET / Passport / Passport Network / Live ID / Microsoft Account (again) / whatever they call it now account. Wouldn't hurt to check what OneDrive offers you today, and try to lock it in.

The Ars Technica article is a bit ambiguous about current Unlimited users. I mean, I guess it won't hurt to try. Be sure to let us know if you're successful. It sounds like it only applies to free tiers, though.

I guess it's nice that Microsoft allows users to be retain their settings. It's interesting that they require opt-in, though. This satisfies the users who are most likely to object, but it directs future users to subscribe. You know, unless they find old news posts on Google.

Source: Microsoft

Windows 10 Tool Now Reverted to Build 10240

Subject: General Tech | November 23, 2015 - 08:15 PM |
Tagged: windows 10, microsoft

UPDATE (Nov 24th, 8pm ET): As I was informed, both on Twitter and in the comments, the update has been restored. Apparently the issue was that this tool, when upgrading Windows 10 to Windows 10 1511, accidentally reset four privacy settings to default. They also happened to be four of the less-severe ones, such as whether to allow apps to run in the background and whether settings should sync between devices. It has apparently been fixed and the tool will install the latest version of Windows 10 once more.

Source: Ars Technica

Regardless of your opinion about Windows 10, I'm glad that Microsoft has once again provided a way to force a specific version on your device. Their recent statement, telling users that Windows Update will give them the correct build eventually, is not comforting if someone is failing to receive the update. Is it coming? Or did it block for some reason? I also wonder if the 30-day policy would still be enforced, making clean installs that much more annoying. Turns out it was all hypothetical, and Microsoft was planning on reinstating it instantly, though.

This is a bit surprising and disappointing. When the November 2015 update for Windows 10 went live, existing users could upgrade with Windows Update (if it let them) and the rest could force an in-place upgrade from Windows 7, 8.x, and earlier builds of Windows 10 using the tool. The latter method has apparently been reverted to the original Windows 10 build from July 2015.

windows-10-bandaid.png

This image is getting a lot more use than I intended.

Why? Who knows. They are still offering the update through Windows Update, and Microsoft claims that they have no intention of pulling it. This concerns me, because there are a few situations where Windows 10 updates will get stuck, such as if you get it through Windows Update then uninstall it. I have not seen any report cover the official procedure for this issue. Also, I wonder if there's a way to get past Microsoft's 30-day no-update policy.

According to WinBeta, Microsoft's official statement contains the following: “Microsoft has not pulled the Windows 10 November 10 update. The company is rolling out the November update over time – if you don’t see it in Windows Update, you will see it soon.” (Emphasis not mine.)

We'll probably hear more about this as the week goes on.

Source: WinBeta

Microsoft Updates Privacy Statement (via Ed Bott of ZDNet)

Subject: General Tech | November 17, 2015 - 08:55 PM |
Tagged: windows 10, Privacy, microsoft

UPDATE (Nov 19th, 12pm EST): Ed Bott emailed me to clarify a few points. First, PINs for BitLocker are not required and will not be backed up to OneDrive. I knew that PINs were not required, but I was trying to say "would there be a way that a user could use BitLocker without giving all the necessary bits to OneDrive". Apparently, using PINs is one of those ways. He also claims that you can manage your own keys by changing them and storing them locally.

He also commented on the HIPAA remark. He claims that Windows 10 is HIPAA compliant, and the reason why it was not included in the statement is because the question wasn't asked. Again, if applicable, check with your vendors and other support.

Okay so one of the major concerns with Windows 10 is how it handles your private data. I gave my thoughts on the topic a couple of weeks ago, which was a bit critical of Microsoft. I said that there are definite concerns that should be disclosed, but it is not enough of a concern to stop using it and switch to Linux or something. At least, not yet.

microsoft-2015-windowsxp-search-dog.png

Image Credit: Wikipedia

Since then, Ed Bott of ZDNet discussed Microsoft's new privacy policy, which clarifies a few points. It looks like he ran the two versions of the EULA through a text-difference tool to highlight all changes, and took a few screenshots of key moments.

The foremost change is that Microsoft specified that only OneDrive, Outlook, and Skype files and content, private or public, are subject to disclosure to law enforcement. The previous wording looked like it applied to all files on Windows 10. Full access to all files sounds like something the law enforcement would want, but Windows 10 does not provide it.

Another change involves BitLocker. Recovery keys are synchronized to OneDrive “to allow recovery on personal devices”. I am not sure if this also includes PINs, for devices configured to use those, but it would be crappy if it did. Regardless, the privacy statement now says “Microsoft doesn't use your individual recovery keys for any purpose.” This raises two concerns: Why did they specify “Microsoft” and why did they qualify “recovery keys” with “individual”? My assumption is that this is just an awkward trait of the English language, but it could exempt sending batches of keys to third parties, such as governments, especially if it counts as a OneDrive personal file. Again, it is probably just an awkward wording though.

A final point for me is that Telemetry, when set to “Basic”, satisfies FINRA, SEC, and FTC regulations. Oddly they don't specify HIPAA, but you probably shouldn't be listening to tech reporters (yes including me) for advice about securing health insurance and patient data. You should have more reliable channels for that sort of inquiry.

Source: ZDNet