Monthly Archives: May 2023

• Beware of Google’s .ZIP domain and password-embedded URLs

  Posted on May 29, 2023 at 02:45 CDT by B. Livingston • Comment in the Forums

  

  ISSUE 20.22 • 2023-05-29

  PUBLIC DEFENDER

  

  By Brian Livingston

  The security community is up in arms, because Google this month started selling domain names with deceptive endings such as .zip and .mov.

  Even worse, some browsers are allowing usernames and passwords to be embedded into URLs. This means following a link can expose users to viruses without any explicit action (such as clicking “OK”).

  Internet-standards bodies years ago prohibited usernames and passwords in URLs — but hackers still do it.

  Read the full story in our Plus Newsletter (20.22.0, 2023-05-29).
  This story also appears in our public Newsletter.

  Public Defender Domain names, Google, Internet, Newsletters, security

• Longstanding feature requests, and their status

  Posted on May 29, 2023 at 02:44 CDT by Mary Branscombe • Comment in the Forums

  ONENOTE

  

  By Mary Branscombe

  We’ve been waiting a long time for the OneNote features promised in 2019.

  I asked Microsoft to tell us what’s coming when.

  The very first time I heard about OneNote, at a press briefing for Office 2003, I saw how useful it would be — but there were also some things that I thought wouldn’t work. I went over to talk to Microsoft’s Chris Pratley and spent the next 20 minutes trapping him in a corner between the wall and the lunch table, making suggestions and asking for changes, before a PR person tactfully extracted him.

  Read the full story in our Plus Newsletter (20.22.0, 2023-05-29).

  OneNote Features, Newsletters, OneNote, Status, updates

• Three typing tutors — no more “hunt and peck”

  Posted on May 29, 2023 at 02:43 CDT by Deanna McElveen • Comment in the Forums

  FREEWARE SPOTLIGHT

  

  By Deanna McElveen

  Let’s face it, life is too short to be taking 30 minutes to type out an email or a witty Facebook rebuttal.

  Today, I’m going to show you three best-of-the-best — and absolutely free — typing tutors. Each one is a bit different, and each one has some pretty nifty features. So sorry, Mavis Beacon. You’ve always been a nice lady, but you are getting expensive! There is always a free alternative.

  Read the full story in our Plus Newsletter (20.22.0, 2023-05-29).

  Freeware Spotlight Deanna's Freeware Spotlight, Newsletters, Training, Typing Tutors

• Is online banking secure?

  Posted on May 29, 2023 at 02:42 CDT by Susan Bradley • Comment in the Forums

  ON SECURITY

  

  By Susan Bradley

  Over the past few years, banks have been increasing their online footprint.

  From mobile banking with cell phones to remote depositing with check scanners, banking has drastically changed. Some of the changes are forced on us due to the changing hours of operation at our local banks, but some of the changes enhance our ability to get our funds where we want them to be.

  Read the full story in our Plus Newsletter (20.22.0, 2023-05-29).

  On Security Banking, Credit cards, Debit cards, Newsletters, Online Banking, Patch Lady Posts, Payment Processing

• Are you ready for AI?

  Posted on May 28, 2023 at 00:45 CDT by Susan Bradley • Comment in the Forums

  The Microsoft BUILD conference is over and they will be adding AI to well…. everything.  As usual while Microsoft will be … well Microsoft. We’ll be ensuring that we can tame and make the technology what you want it to be.

  If you don’t want AI in Edge now, you can start with the basics such as blocking the request to change the default browser to Edge and the default search engine to Bing. This setting as noted in Edge policies can be set via group policy or Intune. Additional settings include to block the Bing Chat AI from the Windows 11 search. To disable Bing Chat AI from the Search field on the taskbar press the Windows key and open Settings, or use the Windows key + I shortcut to open it directly. Now click Privacy & security from the left panel scroll down to the Windows permissions section and click on Search permissions from the list. Scroll down to the More settings section and toggle off the Show search highlights option. The Bing Chat AI icon will no longer appear in the search field.

  For those that use group policy there is a new Group Policy setting to disable the bing chat icon, and this setting was added with Windows 11 21H2 administrative templates. You must download the ADMX Templates for Windows 11 October 2021 Update [21H2] from the Official Microsoft Download Center. You’ll want to copy the files from from C:\Windows\PolicyDefinitions on a Windows 11 computer to your central policy store.  Navigate to Computer Configuration\Administrative Templates\Windows Component\Chat. Find “Configures the Chat icon on the taskbar“.

  Bottom line, don’t worry, we’ll keep you aware of all the tips and tricks to tame your operating system so it won’t go “I’m sorry, Dave. I’m afraid I can’t do that.” Stay tuned. we’re have more in the newsletter as Microsoft showcases the changes. Previews will be coming in June.

  I’d also like to wish everyone in the United States a great Memorial Day holiday.  To everyone who has served, thank you.

  Windows News Patch Lady Posts

• MS-DEFCON 4: Skip those Secure Boot scripts

  Posted on May 23, 2023 at 02:45 CDT by Susan Bradley • Comment in the Forums

  

  ISSUE 20.21.1 • 2023-05-23

  

  By Susan Bradley

  Deploy May updates — and nothing but the updates.

  I’m lowering the MS-DEFCON level to 4 to encourage you to install the May updates now.

  However, I do not recommend taking the optional steps recommended by Microsoft to revoke the vulnerable bootloader files, as I discussed in yesterday’s On Security column. I do not think these manual steps provide full protection for this vulnerability — or potential future ones.

  Anyone can read the full MS-DEFCON Alert (20.21.1, 2023-05-23).

  AskWoody Plus Alert, MS-DEFCON Alerts, MS-DEFCON, MS-DEFCON 4, Secure Boot

• Getting started with winget

  Posted on May 22, 2023 at 02:45 CDT by Simon Bisson • Comment in the Forums

  

  ISSUE 20.21 • 2023-05-22

  WINDOWS

  

  By Simon Bisson

  If you’ve used Linux, you’ll be familiar with package managers such as Debian’s apt and Red Hat’s yum.

  They keep track of what’s installed on your computer — downloading updates and installing new software, managing dependencies so you always have the right libraries for your code. Drop into your command line, type a few keystrokes, and you’re automatically up to date.

  Windows hasn’t really had the same design philosophy.

  Read the full story in our Plus Newsletter (20.21.0, 2023-05-22).
  This story also appears in our public Newsletter.

  Windows 10 App Management, Deployment, Newsletters, Windows, winget

• No NumLock key? Problem solved! Here’s the fix.

  Posted on May 22, 2023 at 02:44 CDT by B. Livingston • Comment in the Forums

  PUBLIC DEFENDER

  

  By Brian Livingston

  Most laptop makers are now leaving the NumLock key out of their smaller notebooks.

  That’s a disaster for people who’ve been getting symbols that aren’t on their keyboard by entering Alt+number — for instance, typing Alt+0169 on the numeric keypad to get the copyright sign (©).

  Some laptops have a function key for a “hidden” numeric keypad. But I’ll show you much easier ways. Read this today, and you’ll be writing documents faster — mañana!

  Read the full story in our Plus Newsletter (20.21.0, 2023-05-22).

  Public Defender Keyboard remapping, Keyboards, Newsletters, NumLock, TenKeyLess, Windows

• Windows Storage Spaces

  Posted on May 22, 2023 at 02:43 CDT by Will Fastie • Comment in the Forums

  HARDWARE DIY

  

  By Will Fastie

  I decided to try Storage Spaces on Opal, just to see what it would be like.

  It’s a mixed bag. On the one hand, it’s less technically challenging than the Intel Rapid Storage Technology (RST) solution that lives partly in UEFI and partly in a Windows driver. On the other hand, it’s a work in progress, with some confusing configuration steps.

  Read the full story in our Plus Newsletter (20.21.0, 2023-05-22).

  Hardware DIY, Newsletters, RAID, RAID 1, Storage Spaces, Windows

• Is Secure Boot important for security?

  Posted on May 22, 2023 at 02:42 CDT by Susan Bradley • Comment in the Forums

  ON SECURITY

  

  By Susan Bradley

  During the last few months, some chinks have appeared in Secure Boot’s armor as the result of various attacks and vulnerabilities.

  Let’s go back in history and understand how we got here.

  When a computer boots up, and before the operating system is launched, other code runs. For many years, that was the Basic Input/Output System (BIOS) pioneered by IBM in the original IBM PC. Unfortunately, inventive attackers found ways to permanently install malicious code as part of this launch sequence.

  Read the full story in our Plus Newsletter (20.21.0, 2023-05-22).

  On Security IPSec, Microsoft Outlook, Newsletters, Patch Lady Posts, Secure Boot, VPN

• What is your favorite home consumer tech thing?

  Posted on May 20, 2023 at 23:35 CDT by Susan Bradley • Comment in the Forums

  What’s your favorite technology thing that you use at home? I’ll start with mine. A kindle. But only for books, not for gardening magazines. One can get a book sized kindle which can also hook into your email so you can send email from it. I typically purchase two at a time so that I can be charging one while I’m reading the other.

  So what is YOUR favorite technology thing that you use strictly for personal use and not for business?

  Tech Help Patch Lady Posts

• Apple security updates for May

  Posted on May 18, 2023 at 22:56 CDT by Susan Bradley • Comment in the Forums

  Apple security updates out…

  💻 macOS Ventura 13.4 – 51 bugs fixed
  📱 iOS and iPadOS 16.5 – 39 bugs fixed
  ⌚ watchOS 9.5 – 32 bugs fixed
  💻 macOS Monterey 12.6.6 – 29 bugs fixed
  📺 tvOS 16.5 – 28 bugs fixed
  💻 macOS Big Sur 11.7.7 – 25 bugs fixed
  📱 iOS and iPadOS 15.7.6 – 17 bugs fixed
  🌐 Safari 16.5 – 5 bugs fixed

  Three zero days fixed in this batch

  Apple Patch Lady Posts
• « Older Entries