• Clairvaux



    Viewing 15 replies - 1 through 15 (of 104 total)
    • in reply to: Got pop ups and ads? #2501361

      In my experience, it’s ad blockers which do all the work.  I never see an ad. I don’t know what it is.  However, I use the uMatrix extension (now discontinued), and I have an embedded blocker in my Vivaldi browser.

      When, for some reason, I unblock those, I’m thrown into advertising hell. Some sites are cleaner than others, but try and browse the Daily Mail site without any blocker, for instance : it’s downright impossible.

      1 user thanked author for this post.
    • This topic looks exceedingly political to me.

      3 users thanked author for this post.
    • in reply to: Bank-Grade Security #205690

      Don’t get me started on this. My bank is asking for Flash in order to let me change my spending limit on my credit card. I thought people used to be shot for such security lapses ?

      Also, it’s funny how some of the very worst offenders in the realm of Internet security are major government sites, which millions of tech-illiterate people are forced to use, and which hold extremely sensitive, personal information, the type that hackers would love to get their hands on in order to impersonate you or otherwise harm you. (I’m not in the US.)

      My favorite trick is running an SSL Labs test on them. The results are sometimes so appalling as to be laughable.

      One particular offender is the monopoly utility company which throws a Google captcha in your face, just in order to let you type your username and password. That captcha is in English — not the country’s language. Google’s captchas are exasperating enough for English-speaking geeks ; now figure a lady born in 1940, with no higher education, no knowledge of foreign languages, and who absolutely needs to log in the blasted site to pay her bills.

      7 users thanked author for this post.
    • in reply to: There are two hard problems in computing #204435

      On the other hand, this give us the perverse and childish pleasure to ride roughshod over security alerts, and say : yes, yes, I want to do this incredibly reckless and stupid thing ! while being sure it’s absolutely safe… Maybe you should leave it like that.

      6 users thanked author for this post.
    • This is a very good reason not to update Windows at all. The main point of updating is to avoid malware. One of the best ways (if not the best) to protect oneself against the consequences of malware is having backups and images all over the place.

      If Windows updates break one of the best imaging and backup systems around, isn’t it time to call off the whole circus ? That’s not meant to belittle the considerable work being done here, of course.

      4 users thanked author for this post.
    • Exactly. One more case of one rule for commenters, and another one for the blog author.

      Mind you, I support that petition, and I resent Russian propaganda. But am I allowed to comment further ? Obviously, if I did, I would need to get quite political. And quite controversial, too.

      So, is it permitted to air political opinions on that thread because the author implicitly suspended the rule without saying so ? Is it permitted as long as they align with the author’s opinions ? But how do we know about them, since usually political discussions are out of bonds ?

      Also, this thread is exactly the type that would attract professional Russian trolls, and I already see at least one comment that might qualify. Usually forbidding political discussions, and suddenly allowing one on a specific thread, is not conducive to the kind of vigilance that allows the blog author, and the blog community, to detect and dissuade such interference.

      It’s true in all human communities where there’s some hierarchy involved : either don’t set any rules, and keep everyone guessing, or set a few ones, and have the boss respect them too. Unless you want trust and good will to disappear, that is.

    • Michael Horowitz sheds some light on the issue :



      Apparently, there are two versions of MSRT beginning with the number 5.48, and only the last one detects Wanna Crypt. For some reason, Microsoft kept the older one online after the official release date of the revised version, and that’s the one I got after reading Woody’s alert :

      The May 9th release was version 5.48.13801, the May 22nd edition is version 5.48.13803. The May 9th edition is 149MB (156,335,152 bytes), the May 22nd version is 126MB (132,223,576 bytes).

      What changed? Initially, Microsoft didn’t say, the home page for MSRT, had not been updated as of the 25th.

      However, when asked, a company representative said that the May 22nd update was “to detect and remove WannaCrypt malware.” WannaCrypt is another name for WannaCry.

      Incidentally, the size of the download I got is nowhere near either of the two figures given by Michael Horowitz. Another mystery I won’t invest much time into solving. Microsoft anti-virus tools are a horrible mess, that much is clear through Horowitz’ posts :

      MSRT is very limited in scope. Only two strains were added in all of 2017.

      When Microsoft touts Windows Defender as protecting against WannaCry/WannaCrypt, how does that apply to Windows 7 users ? Not at all.

      The term “Windows Defender” has two meanings. When dealing with Windows 8.1 and 10, it refers to a program that defends against all types of malicious software. When dealing with Windows 7, it refers to software that only protects against spyware.

      And so on and so forth.

      2 users thanked author for this post.
    • One of the most stupid pieces of software of all times — and I’ve seen a lot.
      Downloaded and ran despite having cut all links with Microsoft. Scan took a full day and a half — 36 hours and 30 minutes. For 384 GB of data. I never experienced such a long antivirus scan. Longest I encountered was 6 to 8 hours with dreadful Avast. And this Microsoft dump of code says it’s not even a proper anti-virus…
      Then there’s the problem that you have to run it under admin. I don’t work under admin, following Microsoft’s own advice. Problem is, the scanning window shows only in the admin account. So during a whole day and a half, I had to switch constantly between my regular account and my admin user account, in order to check the advancement of operations. The rest of the time, I had to rely on Process Explorer to make sure the scan was still going on.

      The last time I checked the scan window, it had run for 34 hours and 15 minutes, scanning 19 million files and finding 252 infected files. A stunning figure, since my Avast (or Malware) scans almost never bring up infections, at worst 3 or 4 PUPs in software executables. The progress bar had stopped moving a long time ago : it was stuck at 100%, but the scan went on all the same.
      Oh, of course, no way to pause the scan. Either you go through with it from beginning to end, or you cancel it and (I suppose) you have to start from the beginning all over again.
      When finally the scan ended and I returned to the program, it displayed a new window with… absolutely none of the information it showed while scanning. No way to know how many files had been scanned, how long it took, when it ended or what volumes had been checked. This, despite the promise displayed at the previous stage, that it would show a detailed report at the end. Only showing was a list of malware (those the program checks against), and each of them had next to it the mention… not infected.
      So, 252 infected files “detected” while scanning during a whole day and a half… and a clean bill of health given at the end of the scan. Which am I to believe?
      Then I read the list of malware it was supposed to detect. Wanna Crypt was not in it. So was all that rigmarole for nothing ? Is it there under another name? No way to know.
      I looked up the report which Microsoft hides in the location mentioned by SkipH — of course the program does not tell you it writes a report there. That would be too much work for MS poor souls. Any freeware developed by a kid dumps a lot of information in such log files — not mighty Microsoft. The information  did not even include the paltry information given during the scan. Only the time it was started.
      However, it did say I had consented to such and such snooping telemetry program and that the data was dutifully uploaded — which of course I had not.

      3 users thanked author for this post.
    • I think you misunderstand the philosophy behind the 2 user accounts.

      Yes, that philosophy must be very profound for me to misunderstand it. Maybe it’s the philosophers who don’t do their explaining exactly right ?

      There’s an embedded help in Windows 7 (and there might as well be one, given the price of the product). Nowhere does it begin to address that issue. Here is what it says :

      When you are logged on to Windows with a standard account, you can do almost anything that you can do with an administrator account, but if you want to do something that affects other users of the computer, such as installing software or changing security settings, Windows might ask you to provide a password for an administrator account.

      So : masters of confusion. This last sentence conflates, oh, maybe four different things : change accounts and log into your admin account (that’s the obvious way to interpret it given the context), stay in your non-admin account but react to an UAC alert which will temporarily elevate your rights, deliberately choose to run a program as administrator without any prodding from the OS, and now this mysterious extra-secret built-in administrator account, which we are not supposed to know about, but you are telling me I should use rather than the normal, advertised administrator account (when ? why ? how ?).

      When you set up Windows, you were required to create a user account. This account is an administrator account that allows you to set up your computer and install any programs that you’d like to use. Once you finish setting up your computer, we recommend that you create a standard account and use it for your everyday computing. If you create new user accounts, you should also make them standard accounts. Using standard accounts will help keep your computer more secure.

      Straight from the horse’s mouth, and downright false. If you’re not an Enterprise/Domain Admin and are just learning about this admin / non-admin thing, I defy you to interpret this in another way than : you need to log to your admin account to install software. Indeed, that’s one of the main reasons why I was reluctant for so long to abandon my admin account-only setup : because I’m installing software all the time. When I finally took the plunge, I was flabbergasted to realise that all it took was to clear an UAC alert with a short password — which is totally acceptable for a software install.

      And that was after researching the subject for months, reading reams of advocacy threads specialised in coaxing you into the non-admin religion, etc. The dominant tone was : yeah, you’re going to suffer, but it’s for your own good.

      …admin account only for admin tasks and not for running Firefox and other applications that you listed.

      Let’s put things in the right order. I don’t use my computer to “run Firefox or other applications”. I use it to do… things. And in order to do those things, I need applications. For instance, a browser. Is there anything you can do on a computer nowadays without using a browser ?

      Say I have a driver issue. If repairing that is not an administrative task, I don’t know what is. In order to download drivers (or just determine which one is needed), I need a browser. Heck, even changing the settings on my router requires a browser !

      Word ? Of course, I need Word ! In order to bring administrative tasks to fruition, I need to have my technical notes on hand. Which were written in Word. And so on and so forth.

      This idea of depriving you of your best tools just when you need them most is really ridiculous. Imagine a surgeon embarking on a particularly delicate procedure, and the hospital manager barging in : no ! you can’t have your usual, nice set of tools you are accustomed to ! take this drill and hack saw, and be over with it !

      …You use your non-admin account for everything day-to-day but when you are required to do something administrative like installing software, you do not log in as that admin user, but Run As that admin user.

      I know and use Run As (sometimes). Trying to understand your point of view, is it the following :

      > There’s no real way to duplicate your set of software, personnalisation and user data from your non-admin account to your admin account ;

      > However, there’s no real need to do this, since almost anything that would require logging in to your admin account can be done from your non-admin one, through mostly benign elevation (responding to UAC alerts, running as admin), and you get to work with your usual set of software, personnalisation and user data ;

      > For the rare case where you do need to log as admin, it is better to do it through the embedded, and disabled by default, Administrator account, because it’s totally UAC-free ?

      If this is the case, well, I’ve never seen it put that way. Either people dismiss the importance of using your familiar environment when doing so-called administrative work, or they say : yeah, it’s important, but you won’t be able to keep it, so be a geek (or a sysadmin) and deal with it.

      And there’s this false view, universally promoted by Microsoft and Microsofties, that in a home setting, the admin account is for the head of the family, while everybody else gets relegated to crippled user status :

      Assigning an appropriate account type to the people who use your computer is straightforward. At least one user must be an administrator ; naturally, that should be the person who administers the computer. All other regular users should each have a standard user account. Use a guest account if you have guests or occasional users; that way, they can use your computer without gaining access to your files.

      This, from Ed Bott, one of the best Microsoft tutors around, in a 1 400-pages book with 40 of them devoted to the issue of user accounts. He does go on to qualify this, by stressing how easier it has been made to stay under non-admin since Windows 7, and advising to have both types of account even if you are the “administrator”. But he doesn’t stress that you don’t need your environment in the admin account, since you can have it in non-admin, and, most of the time, elevate from there — if, indeed, this is the case.

      The whole, ahem, “philosophy” of having admin accounts which are extraordinarily important, but which you are encouraged to almost never use by cheating into them, is so counter-intuitive and confusing as to require a great deal more of explaining.

      And I still don’t know how to update my Start Menu without typing a zillion UAC passwords. I’ve just tried to run Windows Explorer as admin, but no, that would have been too easy, I suppose.

      1 user thanked author for this post.
    • Regardless of Windows 10 MSA issues (Windows 7 here), I gave in some time ago to the religion of not working under admin, and having two Windows user accounts for one person : one admin, one non admin. That was after long years of happily doing everything under admin.

      There have been a few Microsoft evangelists of this practice, and of course it makes sense. However, whenever I put forth specific questions about how to configure such a PC, answers dried up.

      What I found is that Windows is not made for that. It’s not made for one user, on a mono-user computer, to have and use two user accounts, one admin and one non-admin. What you want to do in such a case is to have the same set of software in both accounts, configured the same way, with the same access to the same data.

      When I switch to my admin account because I want to do something I can only do there, I don’t want to find an entirely different Firefox, or Word, or whatever, from the one I have spent years configuring and getting accustomed to.

      Well, that’s impossible. Software developers just don’t take that into account. If it’s a different account, it’s supposed to be a different person. And each program has a different way of handling user data.

      So you end up having only one account properly configured, the non-admin one, and the admin account is a barren desert where you can only have so much. Whereas, being in admin, you should precisely be able to command the full power of your computer, since you are supposed to do the more advanced things there.

      I’m not about to revert my policy, because it makes sense from a security point of view. However, it’s really a case of Microsoft giving one piece of advice, and working actively to prevent people from following it.

      Also, I have never seen actual research comparing infection rates for admin and non-admin accounts.

      Fun fact : protecting yourself from malware apparently entails typing your UAC password each and every time you want to change something in the Start Menu folder. Copy a shortcut for a newly installed program there, type your password. Create a folder for that shortcut, type your password. Delete an old folder, type your password. Change the name of your shortcut, type your password. Make a typo in that name, type your password once more.

      I’ve found that UAC generally works fine, and I’m surprised at the number of things you can do from your non-admin account, just by elevating rights temporarily (almost everything). But this Start Menu rigmarole really takes the biscuit.

      Directory Opus (only the super-duper Pro-Pro version with a ridiculous price tag) has a very clever button for that : it allows you to elevate your rights for 5, 10 or 30 minutes. Because logging out of your non-admin account, logging in admin, then logging back in non-admin is a ridiculous thing to do just to stick a shortcut in that blasted Start Menu folder, and then maybe doing some housekeeping there as you usually must.

    • in reply to: NirSoft Utilities #95630

      Nir Sofer is a mystery to me. First of all, this guy has been pumping out free technical software since the beginnings of time, and seems to be highly considered. How does he make a living ?

      Second, his programs, although (allegedly) offering capabilities most others don’t, always seem to stay deliberately on the geeky side of things, being just enough user-hostile that the great unwashed masses will be discouraged to use them.

      Number three, his website is fully consistent with his programs’ non-existent look-and-feel, and has probably been designed at a time the Internet did not exist, yet.

      Number four, his software is not high DPI-aware, meaning you (OK, me) have the choice between an exceedingly small, unreadable interface, and a normally-sized, blurry interface. … Then again, he probably still uses an MD-DOS interface on his Windows 10 PC all day long, with green characters on a black background.

      2 users thanked author for this post.
    • in reply to: Copy of Zuckerberg’s treatise: Building Global Community #95274


    • in reply to: Copy of Zuckerberg’s treatise: Building Global Community #95141

      I suppose it’s all right to bypass the rules here just a little bit, since this is a political manifesto ; so how could we comment on it without talking politics ? I’ll try to be as uncontroversial as possible, though, and just show briefly how hypocritical this is.

      Zuckerberg pretends it’s possible to “build a world community” by “building the world we all want”. Who on earth told him that everybody wants the same world ? And who is “we”, anyway ?

      Just a quick glance across the text disproves this ridiculous agenda right from the start. Zuck thinks “we all want” to “end terrorism” and “fight climate change”. Well, actually, no. A sizeable part of the planet’s population wants and supports “terrorism”, otherwise it wouldn’t be the scourge it is.

      And “climate change” does not exist, so how could we fight it ?

      It’s all right for one of the world’s most successful billionaires to want to enter politics. What would be nice from him would be to say it upfront, and not disguise it under the mantle of “Facebook is good for you” (it’s not) and “we’re all in this together” (we’re not).

      1 user thanked author for this post.
    • It’s important to understand that all four of these versions of Win10 are completely separate, like Win7 and Win8 before them. You can’t mix and match. Microsoft gave them similar-sounding names, but they’re as different as dolphins and dodos.

      In-cre-dible. I’m watching this from afar, since I’m a 7er, but that’s what happens when Microsoft wants to “simplify” Windows, eh ? So 1603 is easier to comprehend than Windows 7 Professional, right ? You’re supposed to “upgrade” to Windows 10, then you fire and forget, and Nadella takes care of everything ?

    • in reply to: Microsoft calls off Patch Tuesday #94054

      Microsoft is following MS-DEFCON, that’s all.

      7 users thanked author for this post.
    Viewing 15 replies - 1 through 15 (of 104 total)