Tag Archives: Windows 10

Security News For The Week Ending February 28, 2020

Russia Behind Cyberattacks on Country of Georgia Last Year

The State Department and the UK say that Russia was behind the attack on over ten thousand websites in the Country of Georgia last year.

They also formally attributed Sandworm (AKA Voodoo Bear, Telebots and BlackEnergy) to Russia’s GRU Unit 74455. Sandworm is the group responsible for the attacks against Ukraine’s power grid in 2015 and 2016 as well as NotPetya and other attacks. Not a nice bunch, but highly skilled. Andy Greenberg’s book, Sandworm, tells a scary story about these guys.

This is an interesting announcement from the State Department given the general position of the White House regarding Russian hacking. Here is the State Department’s press release.

Google to Restrict Android App Access to Location Tracking

Google is changing the Google Play Store policy for apps accessing your location when they are running in the background in response to user concerns.

The “user” is likely the folks running GDPR and the concern is the potential fine of 4% of Google’s revenue (AKA $6.4 billion).

They are reviewing all apps in the Play Store to see if the really need background access to your location or whether the user experience is just fine without them collecting and selling your location.

New apps will have to comply with this new policy by August 3 and existing apps will have until November 3 to comply.

In Android 11 you will be able to give an app ONE TIME permission to access your location data. When the app moves to the background, it will lose permission and will have to re-request it if it wants your location again.

This is actually pretty cool, but GDPR went into effect almost two years ago and they are just doing this now? Could it have something to do with a EU investigation of their use of location data? Probably just a coincidence. Source: PC Magazine

Accused CIA Vault 7 Leaker Goes To Trial

Accused CIA Vault 7 leaker Joshua Schulte’s trial for leaking top secret documents to Wikileaks started earlier this month. Schulte is accused of leaking top secret programs that the CIA used to hack opponents, causing serious embarrassment for their horrible security, allowing those tools to get into the hands of hackers and allowing our enemies to know how we hack them. It also cost the CIA a ton of money because they had to create a whole bunch of new programs that exploited different bugs that that had not disclosed to vendors to fix. Apparently Joshua is a bit of a challenge to work with and manage. Not only was he “a pain in the ass” but he also was into kiddie porn. He will be tried on those charges separately. Schulte’s lawyers say the government failed to turn over evidence that there might have been another leaker and wants the court to declare a mistrial. WOW! Read the details here.

Microsoft Trying to Do Away With Windows “Local” Accounts

For those of you who have been long time Windows users, you know that you had a userid to log on to the computer and then, possibly, if you want, another userid and password to logon to cloud services.

Like Google, Microsoft wants as much information about you as it can possibly collect. They also want you to use all of Microsoft’s online services, all of which are tied to your Microsoft login and not your local Windows login.

Microsoft’s answer? Make it very difficult for a user to logon to his or her computer with a local login. In fact, as of the most recent update to Windows 10, the only way to create a local, non-Microsoft, login is to disconnect your computer from the Internet when you first install it.

After all, they know that you DO want them to snoop on everything that you do. Source: Bleeping Computer

Microsoft Loses Terabytes of Windows 10 Source Code

Both the NSA and CIA have been in the news way too many times recently when organizations like WikiLeaks and others released stolen software that the organizations would rather remain private.  In the case of the spy agencies, that software is their internally developed hacking tools.

Now it is someone else’s turn.

Microsoft has acknowledged that some of their Windows 10 source code has been released into the wild.  Not all of it, but a lot.

32 terabytes of installation images, documentation and code for hardware drivers, USB and WiFi code, some kernel code and other source code was leaked and available for download by anyone who had access to the appropriate hacker sites.

Microsoft calls it their Shared Source Kit.  It is distributed privately based on contracts which restricts how it is handled.  Typically it is provided to hardware manufacturers, selected customers and some researchers.  Now it is available to hackers also.

Some of the images contain information that is never released publicly that would definitely help hackers.

It also would allow hackers to look for bugs that they can exploit.  That is much easier if you have the source code.

While this is not the end of the world and it does not involve a breach of Microsoft’s network, it is still embarrassing and a security problem for Microsoft.

On the other hand, given the number of businesses that likely have access to the Shared Source Kit, this leak is not completely surprising.

After all, it only takes one of these partners to be hacked for the code to be out in the wild.  No one is suggesting that a partner who legally has this code released it into the wild.

What is your level of confidence that your company’s family jewels are really still secret?

Information for this post came from The Register.

The Camera In Your Laptop

There was a recent Network World article that reported that some people are freaking out because IF you setup Windows 10 to do facial recognition to log you in, it works even if you have disabled your camera.

Call me dumb, but if you ask Windows to use the camera to log you in, it is likely going to do that.

But the article does make some interesting points.

The first is that the Windows 10 facial recognition is good enough that when The Australian tried to fool Windows 10 using 6 pairs of identical twins, Windows 10 was not only smarter than a 5 grader, but it was also smarter than The Australian.  The score was twins 0, Windows 6 – the twins could not fool Windows 10.  What I haven’t seen any data on yet is if Windows can be fooled by a 3D model of your face. I assume it won’t be fooled by a photograph.  I am sure that hackers are working away at fooling Windows.  Still, this is better than when Apple released their first iPhone fingerprint reader and that was hacked in a couple of days.

Next, Microsoft says in one of their FAQs that the setting to disable application access to the camera does not work for ‘legacy’ apps.  For the geeks reading this, that means .Net apps, COM apps, Win32 apps, etc.

The good news is that apps that ‘officially’ use the camera will turn the camera light on, if there is one or put a notice on the screen that the camera is on if there is no camera light.

The bad news is that malware is rarely that nice.  We have seen malware that manipulates the camera – which has been unfortunate for people who use their laptops when they are wearing less than they would in public.  There was an incident in 2013 where Miss Teen USA Cassidy Wolf’s webcam was hacked by a classmate who used it to take pictures and videos of her and then tried to extort money from her to keep the pictures private.  Apparently, she kept her laptop in her bedroom.  That person was caught.  He had apparently done this to a number of other people as well.  Cassidy Wolf has been very public about her situation in an effort to increase teenager’s awareness of the problem.

I think the bigger problem is with cell phone cameras.  Cell phones may not have a light to tell you that the camera is on (my Samsung Galaxy Note 4 does not that I can tell, for example) and people are much more likely to use their cell phone when they are in a state of undress.  The only advice I have for people who are concerned about that is to not use your phone under those circumstances, but I don’t think that is totally practical.

I used to put a sticky note over my laptop camera when it wasn’t in use – which is most of the time.  While that solution is effective, it is somewhat less than elegant.

Later, I found a company at a computer trade show giving away small stick on sliders that cover the webcam and are very inconspicuous.  You merely slide the cover over if you want to use the webcam and back when you are done.  These are available on Amazon for about $5.  I thought maybe the glue would fail, but I have had one on my laptop over a year and it is still there.

The moral of this story is that I wouldn’t be worried about Windows using your web cam to ID you, but there could be other, malicious, apps that you might be concerned about.  A $5 fix will solve the problem for your laptop if you are concerned.  Or you can use a sticky note if you are on a tight budget.  I wish I had a solution for the cell phone version of this problem, but I don’t.


Information for this post came from Network World.

Cassidy Wolf interview with CBS News on her situation can be found here.

More Windows 10 Privacy Settings

Microsoft is just reading Google’s playbook on destroying your privacy, but that does not mean that you have to drink the entire glass of that Kool-Aid.  Here are a couple of things that you can do on Windows 10 to dial back the information theft a little bit.

First of all, what does Microsoft tell you they are going to do?  They say, in their privacy statement, that they use your information to operate their business, send you communications and display advertising.  That covers a pretty wide part of your online  universe.

Step 1 – reduce the amount of general data Microsoft gets from you:

In Settings, click on Privacy.  In the privacy settings you can control stuff like how your computer uses your information like warning you that you are passing a Starbucks.  Also, while you are there, go to Feedback and Diagnostics, set the feedback frequency to never and diagnostics to basic.   This reduces the amount of information you send to Microsoft.

Step 2: The Edge Browser

Microsoft wants to “help” you so they have integrated Cortana (their version of Siri) into the Edge browser.  In order to make Cortana seem smart, they send your browsing history to Microsoft.  If this doesn’t seem like a good idea, maybe not using Edge is a better idea – after all, there are other browsers.  However, you can turn off this piece of big brother.  Go to the ellipsis button in the top right corner, then settings, advanced settings, view advanced settings and privacy and settings.  Turn off have Cortana assist me in Microsoft Edge.  Given how deeply you have to look to find this, do you think, maybe, they don’t really want you to turn this off?

Step 3: DO NOT create a Microsoft Account

When you install Windows 10, Microsoft certainly leads you to believe that you MUST create a Microsoft account to log in to Windows 10.  This is not the case.  They made this the default for two reasons.  The first is to be able to track your every action.  If you have a Microsoft account, they can correlate this data much better – across devices and platforms.  The second is so that they can store all your settings.   I am sure that this is solely to help you in case a crazed muskrat eats your computer (and, in truth, this is no different that what Apple and Google do by default with your phone), but if you care about your privacy, don’t do it.

Step 4: Beware of Cortana

While Cortana, like Siri, is cool, the way both of these tools work is by collecting as much data as they possibly can about you – location, contacts, even speech and handwriting data.  Unfortunately, with both of these products, if you don’t want to be part of that, your only answer is not to use it.   Of course, Microsoft stores all this data in the cloud.  I am sure that they will only use it to “personalize your experience”.

Welcome to the Brave New World.  1984 has nothing on us.


Information for this post came from Information Week.

Microsoft Uses Customer Bandwidth To Deliver Windows 10 Updates

For those of you who use Bit Torrent to download pirated movies, this post is for you.  Microsoft has turned every Windows 10 Home and Windows 10 Pro user into a Bit Torrent node of sorts, delivering Microsoft updates to their millions of customers.

Like other Windows 10 features (WiFi Sense, for example), I am sure that Microsoft thought this was a good idea.  A new Windows 10 service called Windows Update Delivery Optimization, turned on by default, has existing Windows 10 users serving up Windows patches for other computers on the Internet.

I can see a benefit for using WUDO to share updates with other computers on your same home or small office network.  That would actually reduce the load on your Internet connection.  For example, when Microsoft released their first big, post release Windows 10 patch (sorry, they are calling them service releases now.  It sound better than bug fix) this week, the patch weighed in at over 300 megabytes.  Since Microsoft has removed your ability to control when patches install, it could download in the middle of the day.

Say you have 5 computers in your office.  At some point those computers will collectively download almost 2 gigabytes of Microsoft madness.  WUDO would reduce that to 350 megabytes (the size of one download) and have you share that patch with your fellow computers.

But what they are doing is using you to serve patches to other, non related, users on the Internet, using your upload bandwidth.

For users on DSL, your upload bandwidth is already pretty small and for other businesses, you likely sized your Internet connection to meet your business needs not Microsoft’s.  After all, they are not paying you to use your bandwidth.

This is not a surprise;  Microsoft said this was going to happen for a while and it was active in the beta versions.

If you are concerned about your bandwidth (not to mention your liability for serving up Microsoft’s patches), you can turn this off, but it is not obvious.  The link below has more details, but from Settings, go to Update & security and then advanced options.  You can select to turn it off completely or leave it on for computers in your home or office only.

As we move to the brave new world of Windows 10, we have to learn a whole new set of configuration checks in order to turn on or off things that we want to be different than the default.  The good news is that Microsoft says this is the last version of Windows.

Information for this post came from Computer World.