Posts by G2 270 posts • joined 21 Jun 2007
given the history MS has with x86 builds of Win10 installation media, my guess of a major feature of the new OS that is coming is that it will be exclusive for 64-bit code and will drop all support for even running x86 binaries, not even x86 .Net Framework stuffs...
(but hopefully it will allow it in a Hyper-V virtual machine...)
domain hijacking aside... the targets seem awfully precisely picked.
How did the crims get their mitts on the LIST OF TARGETS / customers to send their stuff to?
that's a sign that there's a biger data leak behind and that the entire company's customer database might have been compromised, with potential GDPR / DPA 2018 implications, complete with associated data protection fines from the Information Commissioner's Office
(That unattended mail server seems just a quickly make up reason to cover the database leak, no proper company would abandon its core IT assets like that.)
booooo....GTFO, MS.
"generally available" does NOT mean it's also available for on-premises Windows Servers who just want to deploy FIDO2 hardware keys for authentication in regular Active Directory systems, to get rid of passwords too.
If it has to be Azure-enabled... that means additional $$$$$, because Azure authentication management for hybrid Azure AD is not included with an on-prem Windows Server Standard license.
Azure Active Directory is a different kettle of fish than regular Active Directory.
"obvious words followed by 888"? Why hide the crap under such a mellow phrase?
"admin888" is the default admin password for a LOT of Chinese-made IPTV stuff, including Huawei / Hikvision / Dahua NVRs and cameras.
It's not something specific to the nursery cams, they just re-packaged the standard stuff that everyone ships from China.
Some Chinese-made devices don't even allow you to change the admin password... the "change password" option is simply missing on those.
e.g. i saw this thing on some Mio MiVue WiFi dashcams... they don't allow changing the WiFi password for the dashcam ("12345678" - wifi is used for admin access to the camera)
Also, their app for windows PCs only runs with administrative rights. It also downloads and executes software from Mio's website without using https or even at least digitally signed executables.
It basically runs unsigned remote code directly, without any origin authentication for the executables.
All you have to do is spoof and change on-the-fly anything coming from http://download.mio.com/dvr/pctool/tw/version.ini
(yep, China doesn't do https - just in case they need to deliver remote execution state-controlled shitware)
... and if you feed it a high enough version number so that it trips the automatic update mechanism, their app will execute with administrative rights any executable that you feed it via that INI file, without even checking for a digital signature.
Inertial navgation is not really usable for long distances when you're on a ship that's constantly rocked by waves, pushed around by winds or even dragged by sea currents.
It works better for submarines in immersion because they only have to deal with underwater currents, which are relatively constant.
What's left for a civilian ship is GPS or automated celestial navigation, both can be unreliable.
it's actually not just about kernel support life and more about support contracts for warranties and publishing updates for devices.
... or more exactly, about raking in fees for support and at the same time NOT bothering to publish updates for devices in warranty (or post warranty) while claiming that a device X is still running "current" firmware because... see.. it's still running an actively supported kernel. (*cough* f.u. TP Link *cough*)
This is why they like the long 6-year support cycles, they get to claim that their device X is "current" when running a particular kernel version from 3 years ago that's still "supported" and that's proof that they "care" about updates and support contracts. Managers signing on those contracts don't usually check the minor versions or patch numbers, they just check the version numbers that match their contracts.
The moment the kernel becomes obsolete, it will become much easier to reveal such scams in support contracts and the lack of support / firmware updates, by simply pointing at the kernel version.
If it were up to me i would even trim the LTS tails of all those 6-years versions down to 2-years.
China still uses 220V a.c. as the nominal mains voltage - this is why a lot of e-crap that's designed only for the Chinese internal market - thus only for the 220V standard, with very tight voltage variation tolerance, will end up in smoke quite faster than intended when used in an European power socket. (where 'very tight' means they build the devices for just +/- 5% voltage tolerance)
This is usually (ab)used by the tat bazaar online sellers to not honour the warranty since it was technically a fault created by the end user - using an appliance rated only for 220V on an electrical network with different nominal voltage levels can be grounds for immediate termination of warranties.
future proof... ERP? i suggest they try hieroglyphs instead on anything from the computer age.
we have accounting records that have lasted since the time of the pharaohs, in hieroglyph form, engraved on stones.
the same cannot be said about modern information storage methods... most computers today can't even read a 3,25 inch floppy disk - usually because it was accidentally erased when stored behind the loudspeakers in the archive room.
you seem to miss the fact that this is a digital window sign, not a plain paint and wood/plastic one.
smart window signs are starting to be equipped with a built-in camera for analytics. They are deploying it for eye tracking, viewer demographics and other such statistics. Also, some of them can even do facial recognition and change what they display based on a central database with informations about what that person likes or dislikes or, as it is in China, data pulled from their official Social Credit System ( https://en.wikipedia.org/wiki/Social_Credit_System )
That's pretty much right up the alley of GDPR.
https://www.youtube.com/watch?v=uD3067JJujY
https://www.wired.com/2007/06/eye-tracking-device-lets-billboards-know-when-you-look-at-them/
actually Windows 10 can stay on the list imho, but only if the user deploying it knows what they are doing... which in this case it's obvious they did not know and just used the cheapest plug-and-play thing off the nearest shelf.
1st: NEVER use Win Home in a company - this thing is not even GDPR compliant, it can barely be used in a private home because it relies on the fact that household usage is excepted from GDPR rules. (quote: "by a natural person in the course of a purely personal or household activity;").
Any auditor worth its money will raise a major GDPR compliance stink if they find any Home edition in use by a company.
2nd: do not use Win 10 Pro unless it is for a system that can be easily accessed AND managed. (note the "and" here, it's not an optional "or" !)
3rd: for systems that must be deployed for unattended usage, make sure to use either an IoT or Enterprise edition of Win10 and also to deploy WSUS for proper and coordinated OS patch management. Only push patches to those systems groups when they have a maintenance window scheduled.
No maintenance scheduled? then configure that machine (via gpedit) to never check automatically for updates. Maybe also configure http://127.0.0.1 as a dummy update server to use... this way it will only check for updates when told manually.
Unfortunately, in Europe companies are not consumers and are not protected by consumer protection laws at all. Only some natural persons can be considered "consumers", but not all.
https://eur-lex.europa.eu/legal-content/EN/TXT/?uri=CELEX:02011L0083-20180701
quote: For the purpose of this Directive, the following definitions shall apply:
(1) ‘consumer’ means any natural person who, in contracts covered by this Directive, is acting for purposes which are outside his trade, business, craft or profession; /quote
This is why you can still see warranties of only 1 month or 90 days or so for some brand new products - those are never sold to consumers, only to other companies.
e.g. Allied Telesis: the default warranty for all their rackable switches sold in Europe is only 90 days. If you want longer warranty or even firmware updates then you must pay a subscription (NetCover) and renew that anually. If the subscription lapses then so does the warranty and you are not allowed to renew an expired subscription. Out of warranty devices are generally not allowed to receive firmware updates - unless it's a really bad bug with eye-bleeding CVE ratings and they already have developed some sort of a fix.
quote:
Synology are Taiwanese. (ROC not PRC)
/quote
but that still doesn't explain why they have such a wide-reaching section 7 in their EULA. They designed it so that any government body (or contractor) that handles sensitive (HIPAA) or even classified data (e.g. the various US Senate commisions, if not even those 3-letter-agencies) have already agreed in writing to a contract that basically says they can access and send overseas whatever data they want, whenever they want.
Synology is most likely also targeted by this because you are forced to agree to their EULA before being able to use their NAS devices... and that EULA says, among other things:
--- Section 7. Audit. Synology will have the right to audit your compliance with the terms of this EULA. You agree to grant Synology a right to access to your facilities, equipment, books, records and documents and to otherwise reasonably cooperate with Synology in order to facilitate any such audit by Synology or its agent authorized by Synology.---
yep... that includes EVERYTHING, including data that is not even stored on a Synology NAS and highly classified data that's stored on other devices.
They are able to use their product firmware (which is an "agent authorized by Synology" in this case) as a data exfiltration tool.
--- Section 15. Termination. Without prejudice to any other rights, Synology may terminate this EULA if you do not abide by the terms and conditions contained herein. In such event, you must cease use of the Software and destroy all copies of the Software and all of its component parts. ---
surprise: your data that's stored on the NAS is a "component part" of that NAS. They can terminate the functions of the NAS if you block the "audits" conducted by their firmware and your data is "terminated" too.
this crap is caused by the copyright maximalism culture coupled with planned obsolescence by design and lack of right to repair legislation to provide mandatory schematics and other diagnostic info.
https://repair.eu/
https://www.youtube.com/watch?v=Npd_xDuNi9k
let me rewrite those lines:
Stop charging $5 for a few phone calls and $25 for each additional service. Charge what it used to cost back in the early '80s, $800+ a month minimum for that fancy land line phone. Four digits a month for anything resembling mobile phone usage.
Insist that phone users adhere to business attire... no more flipflops, shortshorts, and minimal bra top.
Phone calls will quickly drop to only what's really necessary.
Phone companies will be able to serve decent line quality and provide good services again.
/end of rewrite :p
it has to be said: that's what happens when companies cheap out and use OSs that are designed for CONSUMERS to use. (or, generally, not intended for a particular mode of usage)
A company or a sign is not a consumer, there are dedicated editions of Windows out there that are designed for digital signage... but those people running that Finnish board obviously didn't bother with that.
https://docs.microsoft.com/en-us/windows/iot-core/windows-iot
@steviebuk: "[...]your clients, are free to install the free[...]"
wrong... unfortunately that's just a dream, but not how TeamViewer licensing is working. Their actual licensing mechanism is more like a virus infection / worm.
If a commercial licensed user, or a free user that's flagged in their system as an unlicensed commercial user connects to a free non-commercial user (or they connect to such a commercial user), then (after 2...3+ sessions from any such users) that free user is also "infected" and their system starts to flag their connections as "unlicensed commercial use".
What happens next is that the former free user that's now infected/flagged as "commercial user", if it uses TeamViewer to connect to other systems, it will now be spreading their "commercial use" virus/worm flag to other TeamViewer free systems.
Ans here's the shitty part: TeamViewer IDs are permanent. You can wipe, reinstall or change your storage drives all you want, your system's ID remains the same, and the "commercial use" infection too. I think they might be using the motherboard serial number or NIC hardware address to build that ID. If you want to change your ID you have to literally beg via a support ticket and pray & hope that they even decide to reply.
All of the above happened to me in February on my home PC that i mainly use to play World of Warcraft on... i dumped TeamViewer and switched to a much better system which supports 2FA with U2F hardware security keys.
too little, too late TeamViewer... i got infected by their 'commercial use detected' on my home pc that i mainly use to play world of warcraft and check up on my work computer and the connection was timing out in less than a minute... decided to try Google Remote Desktop instead... and it's much better imho... a lot less latency and also, since it's tied to a Google Account with OAuth, it can be configured to use FIDO U2F two-factor authentication hardware security keys for accessing the remote desks.
Thanks, TeamViewer, for forcing me to move over to Google Remote Desktop with FIDO U2F.
/sarcasm.
@Pascal: nope, not at all.
All you have to do to is:
-use windows explorer (important because other file managers will not configure the appropriate registry entries in later steps)
- in the location bar type %USERPROFILE% or just manually navigate to the actual folder that holds the Desktop, Documents and other stuff
- use CTRL-CLICK to select multiple folders: Desktop, MyDocuments (or just Documents in newer OSs), Downloads, Music, Videos, Favorites, Pictures.
IMPORTANT: do not touch 'Contacts' or 'Saved Searches', leave them in the default location or you'll get slowness bugs at logon or when searching.
- with those folders selected, right-click on one of them and select CUT (yes, really, CUT. This will tell Windows Explorer that you want to MOVE them to a new location)
- go to the destination drive, make sure you are not in the root of the drive but in a (preferably empty) folder like \Data\ or something, right click inside the folder and select PASTE. Click YES on any notification that appears about files named "desktop.ini".
- after Windows Explorer finishes the move, LOGOFF and then login again. (or just reboot the sytem)
- to check things, if you now make a new text document on desktop and check its properties, you'll see that it's stored in the new desktop location.
@ 6+ hours update....
that was not a normal update, it was most likely an 'edition' upgrade.
Visually there's not much difference between these two, but the upgrade is actually a full Win10 reinstall that migrates all applications and user data to the newly installed OS.
That slow 6+ hours surprise upgrade time is what happens when you install Win10 (and keep it unmanaged with WSUS) on a mechanical slow-as-molasses 5400rpm HDD in a computer that's really designed only for home use, or at best as an office typewriter.
if your time is so critical then please ask your company to at least consider replacing those mechanical HDDs with SSDs.
For replacements, I usually prefer to use 5-year+ warranty SSDs even if the 2-year ones are cheaper. In the long run, it's safer to use higher quality ones.
It's not an u-turn. The key phrase in Trump's statement is "to sell"
So, US Companies are allowed to export and sell things to Huawei but BUYING FROM and IMPORTING Huawei products is still banned. They just want Huawei's cash, not their products.
Trump said exactly that: "One of the things I will allow, however, is, a lot of people are surprised we send and we sell to Huawei a tremendous amount of product that goes into the various things that they make. And I said that that’s okay, that we will keep selling that product. These are American companies… that make product and that’s very complex, by the way, and highly scientific. And in some cases we’re the ones that do it, we’re the only ones that do it. What we’ve done in Silicon Valley is incredible, actually and nobody has been able to compete with it, and I’ve agreed and pretty easily, I’ve agreed to allow them to continue to sell that product. So American companies will continue and they were having a problem, the companies were not exactly happy that they couldn’t sell because they had nothing to do with whatever it was potentially happening with respect to Huawei, so I did do that."
https://www.whitehouse.gov/briefings-statements/remarks-president-trump-press-conference-osaka-japan/
@ Anonymous Coward - you didn't even bother to search and just made a statistical dump of zero numbers on the comment form, did you?
search #1 has some (weird) results about connected circuits and tv
search #2 ...
feniva.eu (around since 2006) and cloud-tech.eu (around since 2010) have a product name tagged exactly like #2 in the extended description - Cloud Circuit TV
https://www.youtube.com/watch?v=zYlYRGSQbEc
video published on 11 Jun 2013
q.e.d.
CCTV = Connected Circuit TV or Cloud Circuit TV
Unless they spell it out as "closed", it can mean anything... usually, in China, CCTV means "China Central Television" - https://en.wikipedia.org/wiki/China_Central_Television
Not even ElReg's article bothers to fully write "closed circuit", they just use "CCTV".
ok.. but WHAT is their definition of a "drone"? would a Borg cube starship qualify? What about a Transformer autobot?
Does that mean that they effectively authorized any parking officer / traffic warden / office secretary / etc. to start acts of war against any unidentified flying object?
if you as consumer don't buy directly from Europe then the minimum 2 years warranty does not apply.
Also, that minimum warranty period does not apply to goods purchased by companies, it only applies to purchases by consumers.
if Company X buys a batch of phones from China, with 1 month warranty - it's legal.
if person Y willingly buys a phone from China, with 1 month warranty - it's legal. The sale happens in China as far as the manufacturer is concerned, the fact that the phone is then moved to Europe - that's not their problem.
if person Y, in Europe, buys a phone from Company X, from Europe - then company X has to provide a minimum 2 year warranty.... but this warranty only covers the device "as is" at the time of the sale - it does not include any operating system updates. (unless explicitly included in the sale contract)
This is why many phone manufacturers don't give a crap about OS updates a few months after product release, because it's not their problem from the point of view of warranty laws.
In those contracts the phone manufacturer is often an unrelated third party (from the point of view of the contract), without any obligation to the customer.
When the phone services company purchases phones in bulk to re-sell, it often doesn't give a crap about support past the initial few months.
This is because in China there's no minimum warranty period mandated by law... and it must be specified in the contract. If the contract says that the warranty is only 5 minutes long after they buy a batch of phones, then that's the legal warranty that the phone manufacturer will provide.
If the contract doesn't mention warranty at all then tough luck... there's no warranty and your provider should pay for repairs/replacements out of their own pocket.. and they often don't.
OH GOD, we just bought in december 2017 a crap load of HPE OfficeConnect switches and some ProLiant servers... but even if we have multiple volume licenses for Server 2016 bought directly from MS and we provided them with the license info, HPE REFUSED to even send us a single damned install disk with drivers for the servers and the stupid "HPE Intelligent Provisioning" wizard built in the bios was malfunctioning with the standard MS installers (we download the ISO for Server 2016 directly from Microsoft VLSC).
HPE's "Intelligent Provisioning" was causing this dreadful message to appear when trying to install Server 2016:
"Windows Setup could not install one or more boot-critical drivers. To install Windows, make sure that the drivers are valid, and restart the installation."
NO SHIT SHERLOCK... the drivers were built into the damn BIOS and installed by the installer wizard provided by HPE, how much more "valid" do you want to get?
just tried it now, F1 doesn't do anything in my Firefox. It's as if I didn't press anything.
according to https://developer.mozilla.org/en-US/docs/Tools/Keyboard_shortcuts
it only works in the developer tools now, and you have to press F12 or CTRL+SHIFT+i to enable that first.
the answer to that is: somewhat.
you still get to choose only between Basic and Full.
The below-Basic, Security-level is only available for Enterprise Editions, the Enhanced setting is also available, but only via GPO because it contains Active Directory-related stuff in addition to the Basic stuff.
In 1803 (or 1804...or whatever they decide call it) they added a visualisation tool for the slurping - there's a Diagnostic Data Viewer added so you can look more easily at what data they are slurping. There's also a "Delete" button for the diagnostic data - pressing it will ask them nicely to delete the already-collected data from their servers, but only the data from the current device.
Version numbers are an artefact of the pre-internet era way of doing software development.
With today's continuous release and cloud platforms (github, etc) they should just dump out the version numbers completely and go for YYYYMMDD-style date stamps.
e.g. "release 20180416-S" has a lot more information included in the version than "release 4.15.whatever-rc3" - it indicates right there in the name WHEN it was the last release and whether it was a Stable or Release Candidate.
you assume that they had systems to test the updates on in the first place... or that they bother to publish updates.
These days if a system is older than 12/24 months then most of them consider they no longer have any responsibility so they shovel out the door any remaining systems to sell as "manufacturer-refurbished".
or, 4) nobody is perfect and you cannot test for the millions of configuration variants out there. Even you used a BIG typo in your comment code up there: s/there/their/
If you want "perfect" code then write your own OS. And drivers. And design and bake your own silicon chips to avoid any potential CPU meltdown or architectural design variations.
Modern systems are in continuous evolution, the old tests are already obsolete by the time the finished, supervisor-reviewed, manager-approved test schedule sheet rolls out of the office printer.
If you want those back then what are you doing on the internet? The internet is a real-time, continuously-changing environment. Someone wants a change in one part of a software to work with a new gadget on the market and then suddenly something else that was depending on the old version won't work as it used to and needs to be brought up to date.
https://en.wikipedia.org/wiki/Continuous_delivery
given that IBM is dealing mostly with companies (or should i say "exclusively"?), i'd say that is standard behaviour in Europe.
You are lucky to have such a consumer law in Australia that allows companies to be considered as "consumers" because here in Europe you're generally fucked if you have a consumer-type issue and you are not a natural person. :(
Under EU law, the notion of consumer does not extend to legal persons (companies), even if they have a non-business character (e.g. non-profit associations). So, if it's not directly written in a contract then it doesn't exist. There are some minor differences from this in some EU countries but generally that's the rule.
https://eur-lex.europa.eu/legal-content/EN/ALL/?uri=CELEX:31993L0013
quote: ‘consumer’ means any natural person who, in contracts covered by this Directive, is acting for purposes which are outside his trade, business or profession; /quote
Not even self-employed traders or family businesses can be considered as "consumers" - but there are, again, some minor differences to this rule across EU countries.
try reading the Helliconia trilogy by Brian Aldiss... it's set in a binary star system that causes extremely long seasons that last for centuries. The Winter book sounds similar to your description but in Aldiss' book it's the extremely long Great Winter that affects the human civilization, not a nebula.
https://en.wikipedia.org/wiki/Helliconia
(with double "L"s!)
The Register - Independent news and views for the tech community. Part of Situation Publishing
Biting the hand that feeds IT © 1998–2021
