AskWoody

Patch Lady – is tech the right gift?

First off an apology:  I had a series of 12 days of Christmas posts all planned and then I caught a head cold that went into a cough and never got back to finishing up all my planned posts.  So, instead I’m going to do the equivalent of post 3 through 12 in this post.  Hopefully I’m not too much impacted by the cough syrup I’ve been taking to make some coherent thoughts tonight.

As we get ready for the day that we give gifts, I’m going to ask if technology is the right gift?  Often I find it’s a gift I THINK people want, but not really what they want or need.  I often find that what I buy technology for often morphs into something else.  It would be hard to predict what someone else’s needs and wants would morph into.

Take for example Amazon echo devices.   I bought it originally to play music and found instead that the thing I use the devices for the most are turning on Christmas lights (so I don’t have to crawl under the Christmas tree to turn it on), or as I walk through the house – often in the morning as I’m getting ready for work – I remember something to put on my shopping list or my todo list.  It’s the oooh oooh don’t forget that!! moment that I use the devices for.  When I bought them I never thought I’d use them for that the most.

Now before you say what about this device listening in to everything I do or say, I get that folks are concerned about this.  2018 is a year that hasn’t been a banner year in privacy.  But it honestly doesn’t listen ALL THE TIME.  There is a wake word that one has to use to “wake it up” to make it listen to take actions.  You can actually look at what Alexa listened to.  It’s not listening all the time.  But if you aren’t comfortable with what it does do, I can’t make you comfortable with that.  You need to accept the risk, not me.

Similar to the concern that iRobot devices are mapping your house.  The resulting map that my vacuum cleaner makes is not a map of my house.  Instead it’s an unusual mapping of a floor plan as the device goes around chairs, footstools and other furniture in the areas it cleans.  An actual floor plan, it is not. I can go to my local planning department, pay the fee to copy plot maps that are a much more accurate representation of the map of my house.  I accept the risk of this “mapping” because I want a clean area rug and we drag a lot of dirt in from the garage.  And I’m lazy to get out the hand vacuum.

But in either case if the person you are buying this technology for isn’t comfortable with the privacy policies, and what the company has said about what they will and won’t do with the data, technology isn’t often the right present to get a person.

As you choose gifts, think about if instead it would be better for that person to make the privacy decisions.  If it’s better for that person to read the end user license agreement and to understand if they want to accept the risk.

On the one hand I agree with Rep. Ted Lieu when he used the questioning of the Google CEO to showcase that the company doesn’t intentionally spy on us, or intrude on our information, or intend to be evil.  You get good search results when you do good things, and bad search results when you’ve done lousy things.  But often in large technology companies where people in charge of decision making may not have the experience or wisdom of many years under their belt, you find that it’s not intentional disregard, but inadvertent disregard of privacy.  Someone never thought that something would be used like that.  It wasn’t their intent to do harm

So … how about give a book, or buy movie tickets, or find some other gift that doesn’t need you to be concerned about the fact that you are making the privacy decisions instead of letting the person you want to buy the gift for make these key decisions.

Me, I’d want to buy everyone an Amazon Alexa.  But obviously, you might not want that.  And that’s honestly a very good thing.  You should be making the privacy decisions for technology that is around you, not me.

It’s official: Microsoft now says it’s installing Win10 version 1809 when you “Check for Updates”

Make sure you’ve set Windows to block version 1809, and don’t click “Check for Updates.” Yeah, I’ve been telling you that for four months, but now it looks like the flood gates have opened.

Tell your friends. It may be their best holiday present.

Details in Computerworld Woody on Windows.

Patch Lady – second day of Christmas

On the second day of Christmas we bought a lot of gift cards.  And many of us end up not using those gift cards as billions end up not being used.  And worse yet (as what happened to me and my gift to my Dad) they can end up being ripped off and used and by the time you go to use the card, the value is gone.

So here are some tips as you buy gift cards this season:

1.  Check the expiration dates.  In the State of California where I live, one can set a redemption date on the gift card, so don’t assume that they are good indefinitely.
2. Make sure the packaging looks okay, the PIN number isn’t scratched off and in general the card looks “okay”.
3. See if you can find a place that sells gift cards behind the counter so they aren’t tampered with out in the open.
4. Buy a gift card  online if you can, it’s less likely to be scammed.
5. If it sounds too good to be true, it is.  Don’t go for discount cards, as it’s more than likely to be a scam.
6. and …. don’t wait a year to use the Ruth Chris’ steakhouse gift card that your daughter gave you and someone already ripped off and used when you went to go pay for your steak dinner.  If the card has been around for a while, check the balance before you go and attempt to use it.
7. Oh and… in the case of the daughter…. don’t throw away your purchase receipt.  Not saying that I could have gotten or done anything a year after I bought it, but given that I have no evidence whatsoever that I bought it, I’m out $200 for your gift, and you were out $200 buying that steak dinner for you and your friends.  (Ouch)

Bottom line, while gift cards can be a great gift, they can also be easily scammed.  Scammers are now guessing the card number sequences and making their own usable gift cards from the numbers they determine are valid and have dollars attached to them.  So check that balance if you don’t plan to use them right away.

Right, Dad?

Is Microsoft replacing defective Surface Pro 4 machines with good (but used) ones?

Leonard Klint on German-language site WindowsUnited reports that Microsoft has finally, finally fessed up to screen defects in Surface Pro 4 tablets and (Google auto translate):

When I bothered the support with my problem, they knew directly. I did not need to refer to any threads, just to mention briefly that the problem was caused by the firmware update in July and the error code. In Device Manager , the following items are displayed with the error code 10 :

Surface ME (code 10)
Surface Embedded Controller Firmware (Code 10)
Surface UEFI (code 10)

Jez Corden at Windows Central goes on to say:

If you were impacted by the firmware problem, Microsoft is reportedly allowing users to get a replacement via the Surface Support website by talking to a member of staff and describing the above driver issues, although further details about exactly what caused the error are still elusive.

Poster ArrunBairu on the original Microsoft Answers forum gripe thread said on Dec. 11:

If true, this is a major breakthrough in an ongoing problem that’s been stonewalled for years.

Win10 “Activity History” — misnomer or snoop?

Another important story where I’m slow on the uptake. (Sorry, been very busy. You’ll see why shortly.)

Chris Hoffman at How-To Geek broke this on Monday:

Windows 10 collects an “Activity History” of applications you launch on your PC and sends it to Microsoft. Even if you disable or clear this, Microsoft’s Privacy Dashboard still shows an “Activity History” of applications you’ve launched on your PCs.

Chris goes through details on how your “activity history” gets snooped  — Microsoft collects and stores a list of which programs you use and when. The list gets collected even when you turn Activity History off: Click Start > Settings > Privacy. On the left choose Activity History and uncheck “Send my activity history to Microsoft.”

In Win10 version 1809 I don’t see a button to clear my Activity history (see screenshot). Apparently Chris is working with 1803 or an earlier version, where the Clear activity history option is at the bottom of the Activity History Settings pane.

Even after you’ve stopped collecting Activity History and blasted it away by clicking on Clear Activity History (which, again, doesn’t appear on my 1809 test machine), your history still appears in Microsoft’s coffers, which you can see by signing into the cutesy web site called Privacy Dashboard and clicking the tab at the top marked Activity History. You can see how my Activity history is still being collected, even after turning off “Send my activity history to Microsoft.”

Microsoft says it’s a case of mixed definitions — “Activity history” in the Windows Settings app is different from “Activity history” on the Privacy Dashboard Activity History tab. According to Microsoft, the only way to avoid sending your entire app history to their big data collection agency is by turning off “Send my activity history to Microsoft” and setting Diagnostic data collection (Start > Settings > Privacy, on the left choose Diagnostics & feedback) to “Basic,” instead of “Full.”

As Microsoft says, per Chris:

Windows 10 Activity History data is only a subset of the data displayed in the Microsoft Privacy Dashboard. We are working to address this naming issue in a future update.

I’m sure there are some folks on the EU GDPR compliance team who’d be interested in that little, uh, misnomer.

Any of you running Win10 1809… I’d sure be curious to know if you can find the Clear Activity History button.

And… tell me again how Chromebooks are collecting so much more data than Windows machines?

Microsoft 365 Consumer may actually be good for us

On Wednesday, Mary Jo Foley described her dumpster diving through Microsoft’s help-wanted ads, which turned up a couple of hints:

Microsoft is working on a new subscription bundle aimed at consumers, which looks to be named “Microsoft 365 Consumer.” The coming bundle will be the consumer-focused complement to Microsoft’s existing Microsoft 365 subscription bundle for business users.

A couple of recent Microsoft job postings mention the consumer subscription bundle, which Microsoft has yet to announce publicly.

Gregg Keizer speculates about what might make MS 365 Consumer compelling:

It’s possible that Microsoft will take a very measured approach with M365-C and simply include a license for Windows 10 Pro – the OEM-installable SKU that’s more feature-rich than the standard Windows 10 Home – with the subscription. The rationale for subbing to M365-C, then, would rest on Windows 10 Pro’s qualities. To boost Pro’s perceived value as part of M365-C, Microsoft could, say, discontinue sold-at-retail copies of Windows 10 Pro and the for-purchase licensing keys that transform Home into Pro. The only way to migrate from Home to Pro, without buying a new system, would be through M365-C.

That’s a fascinating possibility. Who knows if it’ll happen, but if you need to subscribe to (and pay for) MS 365 Consumer in order to block forced updates on your machine… yeah, that’s a compelling reason to fork out some money.

Patch Lady – twelve days of Christmas

Please note:  I’m starting a series of twelve “gifts” that I think are worthy of paranoia and protection.  I will say up front that many of these gifts involve protecting children and while I am personally not a Mother, I know a lot of friends and family members with children.

On the first day of Christmas I would recommend the following gift:

A router, firewall or Internet service that allows you to turn off the internet for certain times of the day. 

My Xfinity wifi does this, also the Disney Circle device (which is now embedded into several routers also do this).

Bottom line in this day and age of always on Internet, we need to take a break and get OFF the Internet, especially in the Holiday season.

How many times have you walked into restaurants, and even homes and found every face down in a phone looking at the screen and not talking to each other.  Recently I watched the host of NPR’s “Wait Wait don’t tell me” talk about how we need to “escape our “digital dystopia” of electronic screens and constant notifications by running outside”.  Now I’m not going to suggest that we all take up running immediately (for one it’s too cold and snowy for some of you to attempt to go running), but we definitely need to get off of our devices and stop rewiring our brains attention spans.

So on this first blog post of Christmas gifts… my recommendation if you have children and grandchildren… and even yourself… make sure you build in time OFF of technology and review your options to have the ability to set such times in your firewall or routers.

Do you run a DNS server?

If you aren’t sure, believe me, you aren’t running a DNS server.

If you are running a DNS server, @SimonZerafa wrote to me and suggested I nudge you about CVE-2018-8626. It’s a bug that lets bad programs bring DNS servers to a crawl.