News, tips, advice, support for Windows, Office, PCs & more. Tech help. No bull. We're community supported by donations from our Plus Members, and proud of it
Home icon Home icon Home icon Email icon RSS icon
  • mn–

    Forum Replies Created

    Viewing 15 posts - 1 through 15 (of 1,419 total)
    • Author
      Posts
    • in reply to: Office 365 rant #2314440
      mn–
      AskWoody Lounger

      Yes, that’s exactly the problem here.

      Microsoft was earlier found to illegally transfer certain non-US data to US servers. They said it was by honest mistake though…

      Not that Microsoft is alone in that either.

      Really waiting for someone to actually bother enough to build up a high-profile court case.

      in reply to: Office 365 rant #2314298
      mn–
      AskWoody Lounger

      Actually… it’s quite possible to detect service moves.

      There’s a little security implication in RFC1912 in that it recommends a way of constructing the zone “serial number” that contains the date of last change.

      Therefore, recent SOA record of mail domain + MX in 365 + recent RFC1912-type serial means higher probability of a new tenant, so a good target…

      Even more so if you also have an invalid or weird-looking SPF record, means probably transition in progress.

      And transition probably means confused users who therefore are easier targets than usual.

      And if someone’s planning on doing targeted or semi-targeted attacks, well, it’s sort of cheap to script DNS lookups say once or twice per day on a list of target candidates, and flag when there’s a change… even without a date of change embedded in the zone serial.

      2 users thanked author for this post.
      in reply to: Cloning a Mini-PCIe boot drive on my Acer PC. #2314176
      mn–
      AskWoody Lounger

      The Mini-PCIe part of it could be a problem though. True NVMe Mini-PCIe SSDs are quite uncommon so an appropriate replacement part might be hard to find – most of that form factor use mSATA signaling.

      Also some motherboards are picky and only allow certain specific models of cards in Mini-PCIe. Don’t know why but seen various kinds of boot messages like “Unknown model of Mini-PCIe device detected. Mini-PCIe slot disabled”

      There are adapter parts that can connect a m.2 NVMe SSD to Mini-PCIe, though. Might be easier to find those, but then you get to worry about physical dimensions… usually not much free space around the Mini-PCIe slots in laptops.

      Of course this is much less of a problem if your drive is actually mSATA in Mini-PCIe form factor instead, or if your device can use that slot in mSATA mode.

      Create a full image backup (not clone) to external USB HDD and restore to the new drive.

      … or some other storage device. Various applications can be used, that’s the easy part… if possibly a bit time-consuming.

      in reply to: FTP Client #2314067
      mn–
      AskWoody Lounger

      Traditionally, some of the graphical clients were just frontends to the old ftp command.

      As in you do something in the user interface, and it writes the commands and sends them for you.

      At least one of those, way back in the 90s, used to have a facility in the settings for choosing which executable file to use as the “actual” ftp client.

      I can certainly create cmd/bat file, but its more elegant to have some solid UI app to do that.

      Oh yes, I think that old thing also had an utility for saving your issued ftp commands so you could feed them back in later, either through STDIN, or in a command-list file if the ftp command supports it. (The usual one in Windows does, with the -s switch).

      Now if I just remembered what that UI application’s name was and if it ran on Windows or something else…

      A funny side effect of it was that you could in some situations make it use “rsh otherhost ftp” as the command, so you could transfer stuff between two remote computers using a local graphical client. Occasionally useful back when all I had at home was a v.32bis modem… or baseline GSM mobile data… oh well, 90s… also rsh was quickly replaced by ssh anyway and…

      1 user thanked author for this post.
      in reply to: FTP Client #2314038
      mn–
      AskWoody Lounger

      command line tool

      … which unfortunately doesn’t support SSL/TLS in any version I can easily find, same as the traditional ftp command on Unix/Linux. (Well, they’re both descendants of 4.2BSD’s “ftp” command I believe…)

      Possible replacement with ftps might be lftp (https://lftp.tech/ but no Windows binaries there).

      Also, PowerShell can apparently do FTP several ways, and at least by calling System.Net.WebClient you can get TLS support too.

      1 user thanked author for this post.
      in reply to: Understanding instructions #2313806
      mn–
      AskWoody Lounger

      Also… many of the “usual fundamentals” actually aren’t so fundamental for computing, they’re just the “established” way that has managed to accumulate institutional baggage and economies of scale.

      There’s all kinds of additional reading if you care enough to dig into the differences between “Harvard” architecture and “Princeton” or “von Neumann” architecture… and then there are the other ways like asynchronous dataflow and transport-triggered architectures, all the way into wavefront processing…

      A CPU has Fetch and Execute parts to its machine cycle(s).
      The “word” (binary digits) brought into the CPU during its Fetch cycle is interpreted as an instruction but if the same word is brought into the CPU during its execute cycle then those same bits are used as data instead.

      That’s the von Neumann aka Princeton style. In contrast, Harvard architecture fetches instruction and data simultaneously but on different wires. Strictly pure Harvard architecture means using different storage devices for those even.

      Mainstream PC processors these days are actually various degrees of hybrids, what with typically separate L1 caches for instruction and data (Harvard style) but L2 and down being unified (Princeton style) and…

      1 user thanked author for this post.
      in reply to: Easiest way to make it easy for attackers #2313700
      mn–
      AskWoody Lounger

      You just used character 3 instead of e. You found the way how to protect against dictionary attack

      … actually… I’m fairly sure that there are dictionary attack tools that use the capitalization and character substitution rules from “L33tSp3@k“.

      Because I’ve run into a password checker that used those. Feeding stuff from a randomizer to the new-password field, it told me that it wasn’t allowed because it was “based on a dictionary word with known substitutions”.

      (Funny thing that – theoretically, disallowing any “too simple” passwords reduces the overall complexity that can be achieved…)

      Also related to password complexity – it’s really difficult to determine the overall effective complexity of a given Unicode string with non-USASCII characters, because the normalization rules are sort of opaque and most folks don’t actually document what normalization they’re using. And not doing normalization is just asking for trouble.

      2 users thanked author for this post.
      in reply to: Hackers – how to find out if someone is on your network? #2313550
      mn–
      AskWoody Lounger

      This is a really complicated issue actually, because it’s a question of degrees…

      There is essentially no general way to detect a listen-only intruder, such as a sniffer.

      In a wireless network (wifi, etc) a sniffer is just plain impossible to tell from a random piece of conductive material. As in, any receiving antenna… (And at wifi frequencies, a houseplant is quite conductive enough. As is a cat or a squirrel.)

      In a wired network, you can theoretically check cable lengths by their electrical properties…

      Active transmitting intruders can be detected by traffic that shouldn’t be there, yes, and netstat is one of the tools for the high-level traffic… but it doesn’t help much with ICMP and such, or link-level issues. And checking the router may not be enough either.

      A good firewall, or a sniffer-type monitoring tool, will tell you about the low-level traffic too. It’s just, there’s a lot of it even normally and telling what’s abnormal requires lots of technical knowledge… and if you have a switched network you’ll need to set a “monitoring” mode on the switch and monitor the one special port, which then limits the switch’s throughput severely.

      So yeah, really depends on the level of security required. For increased security it’s often more worthwhile to just implement an additional layer of security between the points. Like SSL/TLS with encryption and certificates even within the LAN, or… well there’s all kinds of things that are possible to do if you have the time/money/knowledge, like point-to-point VPNs and multi-way RADIUS authentication.

      in reply to: Connecting a printer to a router #2313547
      mn–
      AskWoody Lounger

      … or if the printer asks gives a host ID when asking for address, and the router registers that name in its mostly-proxy internal DNS service so within the (W)LAN you can go by name.

      That’s what my router does by default, don’t know how common it is.

      (Also I’ve set the router’s DHCP server component to always assign the same IP to the printer’s MAC address, but that’s not a default setting.)

      in reply to: Reinstall Office 365 #2313546
      mn–
      AskWoody Lounger

      … and the repair may actually do a remove and then reinstall, in some cases.

      And because it preserves settings, certain kinds of errors aren’t fixed.

      Like that one weird thing the other year that caused Outlook to get a really wrong definition of the primary mailbox… yes, regular Business Premium package Exchange Online mailbox… “repair” caused all of Office local applications to go missing for a full day, including from installed software listing – it did come back but the problem was still there too. An expert then came and fixed it in-place with MFCMAPI, but…

      in reply to: Connecting a printer to a router #2313304
      mn–
      AskWoody Lounger

      router. It may not support printing – some only have USB for servicing.

      This.

      Also, not all USB printers are compatible with all USB printing enabled routers, I remember running into a couple of weird cases…

      The HP Deskjet 6940 should do network printing via wired network, so connecting that to the router/AP may be sufficient for wireless printing from other systems in that network. That’s how I’ve configured my Epson printer at least. (Mine does have a wifi too… in ad-hoc mode if on at all, so visitors can print without automatically getting elsewhere in the house network.)

      in reply to: Easiest way to make it easy for attackers #2313275
      mn–
      AskWoody Lounger

      … oh and passwords modified from a previous password by incrementing a number, adding a short prefix or suffix or some such are NOT sufficiently random if there’s a significant chance that a previous one in the sequence has been leaked, even if the starting point was fully random originally.

      Known leaked passwords + simple permutations on those is not much more of a dictionary attack than one based on a real dictionary.

      in reply to: Easiest way to make it easy for attackers #2313270
      mn–
      AskWoody Lounger

      More importantly, that is why you have a backup that you have tested by opening on another machine / system. This is one reason I use an open source PM, I can open my passwords on any other device I can lay my hands on, even in a browser.

      Some password managers also have a capability to optionally print out the list of passwords. Naturally that’s an ultra-high sensitivity paper document then (and hopefully your printer won’t expose it…), but at least it ought to be readable 😉

      I can’t help but feeling that one way to help keep your passwords secure, is to not reveal the methodology you’ve used to create them, on a public site like… um… this one, for example

      Well yes, but that depends on the method. If you use a known method it becomes easy, and for personal mental associations a person who knows you well enough might be able to backtrack those at least somewhat, but a sufficiently random password isn’t meaningfully compromised by either.

      So yeah, http://keithieopia.com/post/2017-12-13-passwd-crack-time/ says that a hacker who knows to expect the Xkcd method and that you’re using it in English, could be expected to crack the “4 words concatenated, all lowercase” password in ~7 hours.

      Fully random and sufficiently long passwords are effectively immune to that.

      1 user thanked author for this post.
      in reply to: Understanding instructions #2313233
      mn–
      AskWoody Lounger

      But what if that same instruction
      can mean something else too? Set yellow color on the first line, or something else?

      Can this be whats happening if your PC is malfunctioning?

      Actually, this kind of thing was not all that uncommon at one point… with serial terminals and the like. This was a natural consequence of transferring the control codes inline in the same serial data stream as the actual content.

      Setting your terminal type and character set wrong (for us non US-ASCII folks) could indeed cause the terminal to interpret regular text as control codes. (Color change is a control code in that context.)

      Also it was occasionally a real bother to enter such characters as ü, ô or Å, even if things worked “correctly”…

      So the same sequence of 0s and 1s can do different things depending on what function called/invoked it?

      Very much so. And also when called from the same function but under different settings.

      And in the old days, particularly skilled programmers sometimes took advantage of this to save space… and malware authors were known to include bad code as “data” and then get it run as code anyway, so nowadays we have attempts to isolate code and data – but then again for some applications code must be data. (Programming tools for example.)

      1 user thanked author for this post.
      in reply to: Google Drive and secondary encryption #2312683
      mn–
      AskWoody Lounger

      There is an office where we have sensitive client information. With the current surge in COVID, an employee may need to work from home, rather than coming into this office. The office has a private network to share the client files in-house.

      Well now… this will depend on exactly what is agreed with the client.

      I use Google Drive (and backup&sync) personally, and can recommend that, but

      … I’ve seen client requirements that data not be transferred to a third party even in encrypted form, without specific approval from the client and possibly other requirements. Sometimes that is required by law and not the actual contract.

      In some cases this makes Google Drive and other similar services categorically unsuitable.

      Yes, very possible that you’ll need to get some lawyers involved.

      In my experience, small healthcare businesses might be the worst clients in this because they’ll ask you about what they legally require, and healthcare law is complicated. (I’m in one EU member country, might be different elsewhere but from what I’ve read in the news, different might well mean worse…)

      2. Since the data would need to be downloaded and decrypted in order to make changes, should VPN also be used in that process? (Drive is supposed to be encrypted end-to-end.)

      A VPN without any Google involvement is more likely to fit contract requirements easily.

      And I mean a properly private VPN, the kind that makes your home PC look like it’s in the office. Many of the more “current” office router and/or firewall boxes offer a simple VPN capability for that just waiting to be turned on, but if there are lots of people doing that, a small one might run out of capacity.

      That only leaves the matter of whether the home desks satisfy any contract or legal requirements on premises where work is performed… in some cases I know of, that too might be very difficult, but in others quite easy.

      3. Since there are a large numbers of clients, would each client need to be encrypted separately?

      Depends on the contract and legal requirements with the clients…

      I’ve heard of cases where someone had two work laptops with different security settings, to work from home with two clients with different requirements. And still had to go into the office to do some stuff for a third one who had physical security requirements.

      1 user thanked author for this post.
    Viewing 15 posts - 1 through 15 (of 1,419 total)