Friends don't let friends perform unattended updates ... or Bitlocker be broken

Subject: General Tech | November 30, 2016 - 02:10 PM |
Tagged: bitlocker, microsoft, windows 10, security, hack

Is Bitlocker cramping your voyeuristic cravings and preventing you from snooping on your loved ones or strangers?  Assuming you do not instead seek medical help for your problem, all you need to do is wait for Windows to perform a version update and for the user to get bored and walk away.  Hop onto their machine and press SHIFT+F10 to get a command prompt which will be running at root privileges and take advantage of the fact that Windows disables Bitlocker while installing an updated version of Windows.  This will not work for all updates, it needs to be a major OS update such as the move to Anniversary Edition which changes the version of Windows installed on the machine.

Microsoft is working on a fix, in the meantime sticking with Windows Long Term Service Branch or slighly modifying how updates are pushed via WSUS or SCCM will ensure this vulnerability cannot be leveraged.  You can also take the simple measure of sticking around when major updates occur.  Pop over to Slashdot for more information.

windows-10-update-stuck-at-32.jpg

"This [update procedure] has a feature for troubleshooting that allows you to press SHIFT + F10 to get a Command Prompt," Laiho writes on his blog. "The real issue here is the Elevation of Privilege that takes a non-admin to SYSTEM (the root of Windows) even on a BitLocker (Microsoft's hard disk encryption) protected machine." Laiho informed Microsoft of the issue and the company is apparently working on a fix."

Here is some more Tech News from around the web:

Tech Talk

Source: Slashdot

Rumor: Microsoft Working on x86 Emulation for ARM64

Subject: General Tech | November 25, 2016 - 07:01 AM |
Tagged: x86, windows 10, microsoft, arm

According to Mary Jo Foley at ZDNet, Microsoft is working on emulating the x86 instruction set on ARM64. Her sources further claim that this is intended to be a Windows 10 feature that is targeting Redstone 3, which is the feature update expected in late 2017 (after the upcoming Creators Update in early 2017). Of course, Microsoft will not comment on this rumor. Mary Jo Foley is quite good at holding out on publishing until she gets multiple, independent sources, though. Still, projects slip, pivot, and outright die all of the time, even if the information was true at one point.

windows-10-with-media-center.png

Media Center is still dead, though.

So, while keeping in mind that this might not be true, and, even if it is, it could change: let’s think.

The current speculation is that this might be aimed at enterprise customers, including a potential partnership with HP and Qualcomm. This makes sense for a few reasons, especially when you combine it with Microsoft and Samsung’s recent efforts to port .NET Core to ARM. Combining rumors like this might be akin to smashing two rocks together, but you never know if it’ll spark something. Anyway, you would expect these sorts of apps could jump architectures fairly well, because they’re probably not real-time, form-based applications. You might be able to get a comfortable enough user experience, even with the inherent overhead of translating individual instructions.

Another possibility is that Microsoft hasn’t given up on the Windows 8 / Windows RT vision.

Back in that era, the whole OS seemed designed to push users toward their new platform, Metro. The desktop was an app, and that app contained all of the Win32 bits, isolating them from the rest of the PC and surrounding that tile with everything WinRT. The new platform was seductive for Microsoft in a few ways. First, it was more secure, and people considered Windows the operating system that’s plagued with malware. Second, it let them assert control over their apps, like Apple does with their App Store. At the time, they even demanded that third-party web browsers be nothing more than re-skins of Internet Explorer. Firefox? Don’t even think about bringing Gecko in here. It’s Trident or bust.

Say what you like about those first two points, I know I have, and often disapprovingly from an art enthusiast standpoint, but there was a third one that also interested Microsoft:

Hardware independence.

The WinRT runtime, when it was first unveiled, was pretty much designed in a way that Microsoft could swap out everything underneath it if they wanted to jump ship and move to a new architecture. At the time, almost a decade ago, Intel wasn’t competitive against ARM in the mobile space. This kept Windows applications, and Microsoft, watching the rest of the world sail away.

But supporting both ARM and x86 isn’t good enough. What if IBM wins next time? Or a completely different instruction set? If everything calls an API that can be uprooted and transplanted elsewhere? There will never need to be this mobile concern again.

But then we have this whole decades of stuff that already exists problem. While I don’t like the frog boil analogy, it could be Microsoft’s attempt to uproot enough x86-locked content that people can accept UWP. I’m not sure that will work out, especially since we rely upon real-time software that is not accepting Windows Store, but it might be their goal.

What do you all think?

Source: ZDNet

WoW, Microsoft is back in the porting business again. x86 to ARM expected with Redstone 3

Subject: General Tech | November 22, 2016 - 12:34 PM |
Tagged: CHPE, arm, x86 emulator, x86, windows 10, redstone 3

We haven't seen Windows 10 Redstone 2 yet but already we have some news about Redstone 3 which hints at the coming of the Surface phone.  Microsoft is working on x86 emulation for ARM processors, allowing proper Windows programs and not just Universal Apps to work on ARM based machines.  They pulled this off in the past with the switch from 32bit to 64bit applications, with Windows on Windows emulation and porting x86 to ARM and vice versa has been a long term project at Microsoft. 

The possible issue that comes from this eventuality is the interface.  Just like in a game ported from a gaming platform to PC, moving from an ecosystem with a limited input device to a platform designed with a mouse and keyboard will cause issues.  The reverse tends to be worse, for instance Skyrim's abysmal inventory system exists specifically because it was planned to be released on consoles.  Now imagine Excel or file management software trimmed down and designed specifically to run on a phablet, as well as on a PC.  For more on this possible nightmare, check out The Inquirer.

shot-project-gantt-chart-wizard.jpg

"According to Mary-Jo Foley, the font of all knowledge Windows-wise, the company is looking at x86 emulation for ARM processors. It’s not a new idea, but it's looking likely for Redstone 3."

Here is some more Tech News from around the web:

Tech Talk

Source: The Inquirer

Windows 7 Allegedly Gaining Quicker than Windows 10

Subject: General Tech | November 5, 2016 - 04:09 PM |
Tagged: Windows 7, windows 10, microsoft

For the second month in a row, NetMarketShare are reporting that Windows 7 is gaining market-share faster than Windows 10. It's difficult to know exactly what this means, and for who, but one possible explanation is that users upgraded to Windows 10 and rolled back to 7 in significant amounts. It will be interesting to monitor the next couple of months, now that Windows 7 is no longer available at retail, to see how its market-share shifts. Then, a few months after that, we'll need to see how Zen and Kaby Lake, which are not supported by Windows 7 and Windows 8.x, changes that further.

microsoft-2016-marketshare7vs10.png

I'll now spend the rest of the post discussing statistics... because I can visualize the comments.

NetMarketShare records browser identification strings from partnered websites. As you would expect, there's a bit of controversy regarding how accurate their numbers are. Some of this criticism is simply wrong, usually misunderstanding how small a truly random sample needs to be to converge to the same ratios you will see in a large sample. Just a thousand truly random samples can get you within a few percent of hundreds of millions of people. Studies like this, if they are truly random, have plenty enough data to get a very precise ratio.

A valid concern, however, is whether their pool of websites under- or over-represent certain groups, especially when you attempt to make comparisons on the order of a hundredth of a percent. NetMarketShare claims that they try to get a global representation, including government websites, and they correct their traffic based on the CIA's per-country statistics. Still, it's good to question whether the group of people you are trying to investigate are represented by NetMarketShare's traffic, and how their limitations lower your effective precision.

Microsoft Is Changing How Windows 10 Updates (Further)

Subject: General Tech | November 4, 2016 - 07:01 AM |
Tagged: windows update, windows 10, microsoft

In a blog post, yesterday, Microsoft outlined their Unified Update Platform (UUP) initiative. The short version of this story is that UUP, which is expected to affect consumers with the major update after the Windows 10 Creators Update, will shrink download sizes of updates by omitting portions that are already on your device. They claim that it is expected to result in about 35% less bandwidth used by a major update.

microsoft-2016-windows7-update.png

Beyond bandwidth, Microsoft also claims that this will help battery life and time spent searching for updates, because the difference is calculated in the cloud. (I guess you can call that reAzurement. I'll see myself out.) At least for mobile, I can see how this might be cheaper than the new system completely client-side. I wouldn't say the current method is too slow, though. I mean, it takes a while, especially a Windows 8.1 laptop I have at times, but I don't really see how it would help a gaming PC that likely has a faster processor than their servers.

We'll see.

Also, if you're the type of person who likes to scorch earth on a regular basis, I'm guessing Microsoft will still be providing ISOs that can either clean install or perform the typical update method. Also, this new feature will reduce the download size of cumulative updates, which are inherently very redundant, so that should be good.

I can't think of a real negative to this, especially not with the ISO workaround for the more picky power users. Maybe I'm not thinking of something, though, but it sounds like a net win (unless it turns out to be an unstable mess).

Source: Microsoft

Thoughts on Alcatel IDOL 4S / Windows Mobile Announcement

Subject: General Tech | November 3, 2016 - 03:07 AM |
Tagged: windows 10, VR, snapdragon 820, qualcomm, microsoft, idol 4s, alcatel

While it does make a little sense if you pay attention, I guess, Microsoft's business in the mobile space has been... sporadic. Initiatives seem to come and go with little notice, and they may or may not oppose one another. To me, they do seem to point to Microsoft wanting to keep Windows Mobile relevant as a third-place contender, but they realize that, outside of leaning it against the development of Windows 10 for PCs, it's a money pit. Its problems cannot be solved by simply throwing money at it, so don't throw any more than is necessary.

Through this lens, the recent announcement of the Alcatel IDOL 4S makes a bit of sense. Google has not secured their place in mobile VR, and Apple isn't even trying to enter this segment (as best as we can tell). Microsoft is also into VR and AR on the PC and console side of things, so I'm guessing that even that cost can be dulled slightly. As such, why not release a phone that has roughly the same specs as a ZTE Axon 7, which is itself positioned as a first wave of mobile Google Daydream VR devices, and hopefully plant your foot somewhere in this space? They even have an OEM partner covering the hardware side of things.

So, basically, it seems like last year, when we heard that Windows 10 Mobile would be quiet, it wasn't so much an admission of defeat. They really seem to be moving forward, slow and steady.

Source: Microsoft

Microsoft Windows 10 Creators Update Formally Announced

Subject: General Tech | October 26, 2016 - 05:19 PM |
Tagged: microsoft, windows 10, paint 3d, Minecraft

At a press event today, Microsoft was promoting their platform with a focus on creativity. The show opened with a video that highlighted upcoming changes in accessibility. For instance, they are adding a preview mode to Microsoft Edge developer tools that help developers make their application accessible to people with impaired vision, who are reliant upon screen-readers. Immediately following that few-minute video, Terry Myerson gave a speech and announced that the next feature release of Windows 10, which was codenamed Redstone 2, will be officially called the Windows 10 Creators Update.

microsoft-2016-win10-event-groovemusicmaker.jpg

Naturally, Microsoft wanted to associate the creative potential of PCs with... MS Paint. This application is used by over 100 million poor, unfortunate souls per month, because it is simple... and, of course, pre-installed on basically every Windows machine ever. This transitioned to an announcement of Paint 3D, which is actually quite interesting. 3D applications tend to be a daunting mountain of tools for countless use cases, which helps professionals but somewhat hinders the hobbyist.

microsoft-2016-win10-event-paint3d.jpg

Paint 3D tries to strip it down to the use cases of home users, especially children, who want to goof around with creating stuff. Take a photo, remove the background, and place it in a sand castle that you scanned with your Windows Phone (just kidding, we all know you'll be using it on Android or iOS) into a 3D model. Position the 3D camera just right, and you have a summer holiday postcard. They also have a service, Remix 3D, that allows sharing of 3D content, even from Minecraft. You can then order 3D prints of these objects, seemingly from the service although I haven't been able to see an explicit announcement of that.

Moving on, Microsoft has also released a few videos of this event. In a couple of them, they included a short clip of another, otherwise unannounced application, Groove Music Maker. It appears to be a competitor to Apple's GarageBand, mixing recorded and generated tracks to create music. On the PC side, there really isn't much apart from Fruity Loops and a handful of open source applications to solve this need, and music is definitely a creative avenue. I assume that we'll see something announced about this in the near future.

The Windows 10 Creators Update will be available in “early 2017”. Rumors point to March, based mostly on its expected 1703 version number; still, the early August release of Windows 10 Anniversary Update was listed 1607, so it could vary a bit.

I mean, I hope they will release it when it's stable enough this time.

Source: Microsoft

The free ride is over and noticeable amount of people hopped back to Windows 7

Subject: General Tech | October 3, 2016 - 01:27 PM |
Tagged: Windows 7, windows 10, microsoft, market share

A change of one percent may seem tiny at first glance but historically it is an incredibly large shift in market share for an operating system.  Unfortunately for Microsoft it is Windows 7 which has gained share, up to 48.27% of the market with Windows 10 dropping half a point to 22.53% while the various flavours of Windows 8 sit at 9.61%.  This would make it almost impossible for Microsoft to reach their goal of two one billion machines running Windows 10 in the two years after release and spells bad news for their income from consumers. 

Enterprise have barely touched the new OS for a wide variety of reasons, though companies still provide significant income thanks to corporate licenses for Microsoft products and older operating systems.  It should be very interesting to see how Microsoft will react to this information, especially if the trend continues.  The sales data matches many of the comments we have seen here; the changes which they made were not well received by their customer base and the justifications they've used in the design of the new OS are not holding water.  It shouldn't be long before we here more out of Redmond, in the mean time you can pop over to The Inquirer to see Net Applications' data if you so desire.

leaky.jpg

"The latest figures from Net Applications’ Netmarketshare service show Windows 7, now over seven years old, gain a full percentage point to bolster its place as the world’s most popular desktop operating system with 48.27 per cent (+1.02 on last month)."

Here is some more Tech News from around the web:

Tech Talk

Source: The Inquirer

Some Things I've Noticed about Windows 10 Patches

Subject: General Tech | September 30, 2016 - 10:07 PM |
Tagged: microsoft, windows 10

I've been seeing a lot of people discussing how frequently Windows 10 seems to be getting updated. This discussion usually circles back to how many issues have been reported with the latest Anniversary Update, and how Microsoft has been slow in rolling it out. The thing is, while the slow roll-out is interesting, the way Windows 10 1607 is being patched is not too unusual.

The odd part is how Microsoft has been releasing the feature updates, themselves.

windows-10-bandaid.png

In the past, Microsoft has tried to release updates on the second Tuesday of every month. This provides a predictable schedule for administrators to test patches before deploying them to an entire enterprise, in case the update breaks something that is mission-critical. With Windows 10, Microsoft has declared that patches will be cumulative and can occur at any time. This led to discussion about whether or not “Patch Tuesday” is dead. Now, a little over a year has gone by, and we can actually quantify how the OS gets updated.

There seems to be a pattern that starts with each major version release, which has (thus far) been builds 10240, 10586, and 14393. Immediately before and after these builds start to roll out to the public, Microsoft releases a flurry of updates to fix issues.

For instance, Windows 10 version 1507 had seven sub-versions of 10240 prior to general release, and five hotfixes pushed down Windows Update within the first month of release. The following month, September 2015, had an update on Patch Tuesday, as well as an extra one on September 30th. The following month also had two updates, the first of which on October's Patch Tuesday. It was then patched once for every following Patch Tuesday.

The same trend occurred with Build 10586 (Windows 10 version 1511). Microsoft released the update to the public on November 12th, but pushed a patch through Windows Update on November 10th, and five more over Windows Update in the following month-and-a-bit. It mostly settled down to Patch Tuesday after that, although a few months had a second hotfix sometime in the middle.

We are now seeing the same trend happen with Windows 10 version 1607. Immediately after release, Microsoft pushed a bunch of hotfixes. If history repeats itself, we should start to see about two updates per month for the next couple of months, then we will slow down to Patch Tuesday until Redstone 2 arrives sometime in 2017.

So, while this seems to fit a recurring trend, I do wonder why this trend exists.

Part of it makes sense. When Microsoft is developing Windows 10, it is trying to merge additions from a variety of teams into a single branch, and do so once or twice each year. This likely means that Microsoft has a “last call” date for these teams to merge their additions into the public branch, and then QA needs to polish this up for the general public. While they can attempt to have these groups check in mid-way, pushing their work out to Windows Insiders in a pre-release build, you can't really know how the final build will behave until after the cut-off.

At the same time, the massive flood of patches within the first month would suggest that Microsoft is pushing the final build to the public about a month or two too early. If this trend continues, it would make the people who update within the first month basically another ring of the Insider program. The difference is that it is less out-in, because you get it when Windows Update tells you to.

It will be interesting to see how this continues going forward, too. Microsoft has already delayed Redstone 2 until 2017, as I mentioned earlier. This could be a sign that Microsoft is learning from past releases, and optimizing their release schedule based on these lessons. I wonder how soon before release will Microsoft settle on a “final build” next time. It seems like Microsoft could avoid many stability problems by simply setting an earlier merge date, and aggressively performing QA for a longer period until it is released to the public.

Or I could be completely off. What do you all think?

Source: Wikipedia

Microsoft Announces Windows Defender Application Guard

Subject: General Tech | September 27, 2016 - 02:41 AM |
Tagged: windows 10, virtualization, microsoft

Microsoft is currently hosting their Ignite conference, which is somewhat the successor of TechEd. Monday kicked off with a couple of keynotes, including one from Satya Nadella himself, but this post will focus on a specific announcement: Windows Defender Application Guard.

With a typical web browser, a malicious website can infect the user's PC by knowing an unpatched vulnerability, and exploiting it before they update their browser. The next feature release of Windows 10 is expected to include virtualization technology, again called Windows Defender Application Guard, which runs websites in a lightweight virtual machine if they are opened in Edge and not part of a whitelist. This means that the attacker, who wants to infect the user's device, not only needs to know of a vulnerability in Edge; they also need to know of a vulnerability in the virtual machine, and they must be able to use the Edge vulnerability to exploit it. Especially for enterprise environments, where ransom malware that encrypts any data it finds can be devastating, this should add a huge wall protecting a large, complex application platform (the web browser) from untrusted third-parties (websites).

Of course, this concept isn't new. Not only are virtual PCs are common in the enterprise for security and control reasons, but applications like SandboxIE have more directly implemented similar ideas. Still, having it be a built-in feature of the operating system should mean that it gets even more support with regards to performance and stability, versus tacking on a third-party solution through public APIs.

Speaking of public APIs -- Microsoft won't be providing one at first. It will only be used for Edge for the time being. Also, it's only available for Windows 10 Enterprise, so I hope you didn't get your hopes up.

Wow, that turned dark real quick.

Source: Ars Technica