News, tips, advice, support for Windows, Office, PCs & more. Tech help. No bull. We're community supported by donations from our Plus Members, and proud of it
Home icon Home icon Home icon Email icon RSS icon

Blog Archives

  • Hybrid attack can extract data from inert RAM

    Posted on November 11th, 2019 at 01:10 Tracey Capen Comment on the AskWoody Lounge

    LANGALIST

    By Fred Langa

    It sounds impossible, but data can be recovered from RAM chips — even after they’ve been removed from a PC.

    Specialized attacks on memory modules can reveal working passwords and cryptographic keys still stored random-access memory, possibly allowing malicious hackers to bypass encryption services such as BitLocker, VeraCrypt, FileVault, and others!

    Plus: Disabling Windows Firewall and its nags.

    Read the full story in AskWoody Plus Newsletter 16.41.0 (2019-11-11).

  • Freeware Spotlight — CipherShed

    Posted on July 8th, 2019 at 01:00 Tracey Capen Comment on the AskWoody Lounge

    Best Utilities

    By Deanna McElveen

    In a digital world that’s becoming increasingly less safe, data encryption is one of the better tools for keeping cyber thieves at bay.

    That’s especially true if you travel with a laptop or a flash drive — just imagine the damage you might incur if your device were lost or stolen. But keeping sensitive files, folders, and/or entire disks encrypted will make your files inaccessible to the device’s “new owner.”

    Read the full story in the AskWoody Plus Newsletter 16.25.0 (2019-07-08).

  • Windows 7: Preparing for an uncertain future

    Posted on July 1st, 2019 at 01:15 Tracey Capen Comment on the AskWoody Lounge

    ON SECURITY

    By Susan Bradley

    By now every Win7 user should know that official support for the venerable OS ends next year.

    The final updates should go out on January 14, 2020 (more MS info) — at least they’ll end for those of us who don’t have deep corporate pockets to pay for extra patches.

    Read the full story in the AskWoody Plus Newsletter 16.24.0 (2019-07-01).

  • Really useful Windows 10 features

    Posted on July 1st, 2019 at 01:00 Tracey Capen Comment on the AskWoody Lounge

    WINDOWS 10

    By Amy Babinchak

    When Microsoft releases a new version of Windows, I’ll bet lots of users don’t bother to investigate the changes and new features — unless Microsoft moved the users’ cheese.

    Then I hear from clients, complaining that something in the UI is different and they’re not happy with the change. After upgrades, most Windows users tend to just continue doing what they’ve always done. And that’s too bad, because some of the new features are truly useful.

    Read the full story in the AskWoody Plus Newsletter 16.24.0 (2019-07-01).

  • Microsoft security’s unseemly jab at Google

    Posted on October 19th, 2017 at 08:29 woody Comment on the AskWoody Lounge

    In yesterday’s Windows Security blog post Browser security beyond sandboxing, Microsoft’s Jordan Rabet (part of the “Microsoft Offensive Security Research team” – no, I didn’t make that up) took aim at Google. There’s a whole lot of technical discussion about the superiority of Edge in that article. There’s also a deep dig at Google.

    Catalin Cimpanu at Bleepingcomputer boils it down:

    The problem that Rabet pointed out was that the fix for the bug they reported was pushed to the V8 GitHub repository, allowing attackers to potentially reverse engineer the patch and discover the source of the vulnerability.

    It didn’t help that it took Google three more days to push the fix to the Chromium project and the Chrome browser, time in which an attacker could have exploited the flaw.

    Taking into account that this happened in mid-September, Microsoft had no reason to detail a bug in a Chrome version that’s not even current. Chrome 62 is the latest Chrome version.

    Paul Thurrott has a great article, turning Microsoft’s old words against itself.

    What Microsoft should have done is take the high ground. Do the right thing for your shared customers and just shut up about it. But it didn’t.

    It’s time for both sides to grow up and work together. Take potshots at each other, sure. But not over security.

    If you’re interested in browser security, I suggest you read it.

  • Snapchat’s new Snap Map shares your location

    Posted on June 23rd, 2017 at 02:51 Kirsty Comment on the AskWoody Lounge

    A furore has erupted over Snapchat’s new location-sharing Snap Map – unless you set the app to “Ghost Mode”, your location is shared with your contacts.

    We’ve built a whole new way to explore the world! See what’s happening, find your friends, and get inspired to go on an adventure!

    It’s easy to get started — just pinch to zoom out and view the Map! You decide if you want to share your location with friends, or simply keep it to yourself with Ghost Mode.

    If your friends are sharing their location with you, their Actionmoji will appear on the Map. Actionmojis only update when you open Snapchat.

    We hope you enjoy the new Map as much as we do!
    Happy Snapping!
    Team Snap

    Many are retweeting instructions on how to set the Ghost Mode, while many are debating why anyone thought this was a safe idea…

    If you are using Snapchat, please check your settings now.

  • The Dangers of Posting Your X-Rays to Social Media

    Posted on June 16th, 2017 at 02:53 Kirsty Comment on the AskWoody Lounge

    Malwarebytes Labs published a post by William Tsing on June 9, 2017, explaining the problems that can occur when x-rays are shared online.

    The problem stems from the private details of both the patient and the hospital that are shown on x-rays. Most contain the patient’s full name, date of birth, and sometimes their Social Security Number, and will often contain the name of the medical facility that took the x-ray.

    The information can be used together to enable either identity theft or doxing, but it could also be used to jeopardise the security of the network of the medical facility. Personally, the name of the hospital would give your location, to add to your name and date of birth, and could be used to access property tax, tax or voting records. For the hospital, a networked x-ray machine connected to the internet could be identified in the x-ray details, which could be used to access the system. Malwarebytes were able to gain a lot of information from one x-ray they checked.

    “Yikes. Medical infrastructure security has problems. A lot of problems. But while the responsibility for an insecure network lies with the organization running it, posting photos that have exploitable information is also not a great thing. Given that vulnerabilities in the medical space can have catastrophic consequences, we should take extra care before exposing any data from inside a hospital or doctor’s office.”

    If you really must share an x-ray online, crop it first, so no identifying information remains. Read the full article on blog.malwarebytes.com

  • How Windows 10 data collection trades privacy for security

    Posted on December 2nd, 2016 at 13:56 woody Comment on the AskWoody Lounge

    Excellent article from Fahmida Rashid, in InfoWorld.

    As you read it, keep in mind that Win10 Home and Pro are considered to be “consumer” versions. The snooping protections Fahmida describes are only available with Enterprise Win10.

    In other words, if you aren’t paying for Windows by the month, you’re in the “consumer” category.