Language Selection

English French German Italian Portuguese Spanish

Microsoft

Microsoft and Other Proprietary Trouble

Filed under
Microsoft
Security
  • Patients of a Vermont Hospital Are Left ‘in the Dark’ After a Cyberattack [iophk: Windows TCO]

    But they have had a devastating and long-lasting effect, particularly on cancer patients, said workers and patients from Vermont’s largest medical system. Its electronic medical record system was restored on Sunday, nearly a month after the cyberattack.

    In the interim, clinicians were forced to send away hundreds of cancer patients, said Olivia Thompson, a nurse at the cancer center.

    The staff fell back on written notes and faxes, leafing through masses of paper to access vital information. They tried to reconstruct complex chemotherapy protocols from memory.

    And while the hospital has taken pains to reassure patients that most care could proceed, some staff members worry that the full damage of the October attack is not well understood.

  • Patient records stored by electronic health company found exposed online

    Thousands of patient records stored by nTreatment, a company that provides electronic health and patient records to doctors and psychiatrists, has been exposed online in the latest case of a company failing to secure its cloud storage.

    The data, discovered and publicized today by TechCrunch on a Microsoft Azure server, included 109,000 files, a large portion said to be lab test results from third-party providers such as Laboratory Corp. of America Holdings, better known as LabCorp.

  • Baltimore County Schools Still Closed Following Cyber Attack [iophk: Windows TCO]

    A state audit released a day before the attack found “significant risks” in the computer network. The audit said that it was not adequately secured and that sensitive personal information was not properly safeguarded.

  • Okta set for govt customers after meeting security standard

    Global identity provider Okta says it has completed the requirements of the Information Security Registered Assessors Program which ensures that Federal Government entities can access high-quality information and communications technology assessment services.

  • Okta Projects Revenue Topping Estimates on Remote-Work Demand

    Chief Executive Officer Todd McKinnon has tried to maintain Okta’s swift revenue growth during the coronavirus pandemic, which has spurred greater use of its products. Okta’s security software helps workers who need to access corporate systems, students who must use remote-learning apps and consumers who are required to authenticate their identity online, but the company has strong competition from Microsoft Corp. Okta announced Wednesday that its Identity Cloud will become available on Amazon Web Services’ Marketplace, fulfilling McKinnon’s goal to partner more with major public cloud providers.

  • Ransom payouts spell trouble for insurers

    Ransomware attacks are so rife and so costly that insurers are exploring ways to exclude ransom payments from their policies.

    Seriously Risky Biz understands some providers are attempting to shelter themselves from these losses, either by excluding extortion events from standard cyber insurance coverage or by introducing onerous new conditions on policyholders.

    The trouble for insurers started in 2019, right around the time that human-operated ransomware attacks and the size of the ransoms ballooned. Risk management firm Aon recorded a 12.7% increase in loss ratios [pdf] across 192 US providers of standalone cyber insurance products. This hit on insurer profit margins was initially offset by an influx of new policyholders taking up cyber insurance for the first time. But ponzi-style growth can only be sustained for so long.

Microsoft Windows Ransomware Everywhere

Filed under
Microsoft
Security

User-hostile Hardware

Filed under
Hardware
Microsoft
Mac
  • Linus Torvalds wants Apple’s new M1-powered Macs to run Linux

    Earlier this month, Apple revealed its own ARM-based M1 processor, along with new MacBooks and a desktop Mac Mini powered by this chip. Reviewers across the globe have been praising Apple‘s first attempt, giving it high marks for performance and battery life.

    All this positive coverage has tempted many to take the plunge and buy one of the new machines — even if some apps are not running natively at the moment. Even Linus Torvalds, the principal developer of the Linux kernel, wants one.

    [...]

    Linux support on MacBooks would’ve made it a more attractive bet for programmers. However, I don’t think any engineers at the Cupertino campus plan to make that happen anytime soon. Sorry, Linus.

  • New Microsoft chip will come with added costs, says ex-NSA hacker

    Microsoft's new security chip, announced last week, will have an impact on hardware-only attacks, an American security professional says, adding that it could also assist in firmware security, but would result in added costs.

Proprietary Software and Security Issues

Filed under
Microsoft
Mac
Security

Security and Proprietary Software Leftovers

Filed under
Microsoft
Mac
Security

  • Security updates for Wednesday

    Security updates have been issued by Arch Linux (chromium, firefox, gdm, linux-hardened, matrix-synapse, salt, sddm, and wordpress), Debian (firefox-esr, libmaxminddb, and moin), Fedora (cifs-utils, firefox, galera, java-latest-openjdk, mariadb, mariadb-connector-c, and wordpress), Gentoo (blueman, chromium, firefox, mariadb, qemu, salt, tmux, and wireshark), openSUSE (sddm), Oracle (kernel), Red Hat (kernel-alt, microcode_ctl, and rh-nodejs12-nodejs), SUSE (kernel, microcode_ctl, openldap2, python-waitress, spice-vdagent, u-boot, and ucode-intel), and Ubuntu (firefox, intel-microcode, linux, linux-aws, linux-azure, linux-gcp, linux-kvm, linux-oracle, linux-raspi, linux, linux-gcp, linux-gcp-4.15, linux-gcp-5.4, linux-gke-4.15, linux-gke-5.3, linux-hwe, linux-hwe-5.4, linux-oem, linux-oem-osp1, linux-oracle, linux-oracle-5.4, and moin).

  • Less than 6 months to 16.04 ESM: 6 things to prepare | Ubuntu

    Ubuntu 16.04 LTS Xenial Xerus will enter the extended security maintenance (ESM) period in April 2021. This article explains the ESM period and provides a guide for six key considerations when planning a migration path from Ubuntu 16.04 LTS.

    [...]

    2) Consider the full stack. The OS is a heart of the system, and an OS migration is a significant change that touches multiple aspects of your configuration, from the Linux kernel up to your applications. Remember to evaluate how the migration will impact your existing workloads and APIs as your current configuration might depend on specific versions of the applications and libraries that shipped with Ubuntu 16.04 LTS. You will likely find newer versions of applications and libraries if you choose a more recent version of Ubuntu (you can find a few examples below). Those versions might not be fully compatible with your overall configuration anymore after the migration.

  •                

  • Waves of attacks on US hospitals show a change in tactics for cybercriminals [iophk: Windows TCO]

                     

                       

    United States hospitals were targeted by two major cybersecurity attacks this fall: the first taking down Universal Health Services, a chain of hundreds of hospitals, and the second by a group called UNC1878 threatening hundreds of individual health care facilities all around the country. Targeting health care institutions directly marks a new approach for cybercriminals.

  •                

  • Ransomware Hits Dozens of Hospitals in an Unprecedented Wave [iophk: Windows TCO]

                     

                       

    On Wednesday evening, the Cybersecurity and Infrastructure Security Agency, Federal Bureau of Investigation, and Department of Health and Human Services warned that there is a "an increased and imminent cybercrime threat to US hospitals and health care providers," above and beyond the wave of attacks that have already occurred. The alert points to the notorious Trickbot trojan and Ryuk ransomware as the primary hacking tools involved in the attacks. Security analysts at private companies say that the activity is tied to the Russian criminal gang sometimes called UNC 1878 or Wizard Spider.

  •                

  • Ransomware Group Turns to Facebook Ads

                     

                       

    It’s not clear whether this was an isolated incident, or whether the fraudsters also ran ads using other [cracked] Facebook accounts. A spokesperson for Facebook said the company is still investigating the incident. A request for comment sent via email to Campari’s media relations team was returned as undeliverable.

  •                

  • On Apple's Piss-Poor Documentation

                     

                       

    However, as users rightly demand more complicated and fancy apps, the APIs often need to get more fancy and complicated as well. Suddenly you look up and, instead of only using screwdrivers and hammers, you’re using power tools and complicated saws, and everything is much more fiddly than it once was.

                       

    With real tools, you’d expect to receive an owner’s manual, which explains how to use the tool you’ve just purchased. A rough analogy exists for APIs, insofar as most platform vendors will provide documentation. This is basically the "owner’s manual" for that API.

                       

    Apple’s documentation has, for years, been pretty bad. Over the last couple years, it has gone from bad → awful → despicable → embarrassing. All too often, I go to research how to do something new, and use an API I’m not familiar with, only to be stymied by those three dreaded words:

    No overview available.

Linux graphics, why sharing code with Windows isn't always a win.

Filed under
Graphics/Benchmarks
Microsoft

A recent article on phoronix has some commentary about sharing code between Windows and Linux, and how this seems to be a metric that Intel likes.

I'd like to explore this idea a bit and explain why I believe it's bad for Linux based distros and our open source development models in the graphics area.

tl;dr there is a big difference between open source released and open source developed projects in terms of sustainability and community.

The Linux graphics stack from a distro vendor point of view is made up of two main projects, the Linux kernel and Mesa userspace. These two projects are developed in the open with completely open source vendor agnostic practices. There is no vendor controlling either project and both projects have a goal of try to maximise shared code and shared processes/coding standards across drivers from all vendors.

This cross-vendor synergy is very important to the functioning ecosystem that is the Linux graphics stack. The stack also relies in some places on the LLVM project, but again LLVM upstream is vendor agnostic and open source developed.

The value to distros is they have central places to pick up driver stacks with good release cycles and a minimal number of places they have to deal with to interact with those communities. Now usually hardware vendors don't see the value in the external communities as much as Linux distros do. From a hardware vendor internal point of view they see more benefit in creating a single stack shared between their Windows and Linux to maximise their return on investment, or make their orgchart prettier or produce less powerpoints about why their orgchart isn't optimal.

A shared Windows/Linux stack as such is a thing the vendors want more for their own reasons than for the benefit of the Linux community.

Why is it a bad idea?

I'll start by saying it's not always a bad idea. In theory it might be possible to produce such a stack with the benefits of open source development model, however most vendors seem to fail at this. They see open source as a release model, they develop internally and shovel the results over the fence into a github repo every X weeks after a bunch of cycles. They build products containing these open source pieces, but they never expend the time building projects or communities around them.

[...]

A warning then to anyone wishing for more vendor code sharing between OSes it generally doesn't end with Linux being better off, it ends up with Linux being more fragmented, harder to support and in the long run unsustainable.

Read more

Proprietary Software Misc.

Filed under
Microsoft

How to switch an old Windows laptop to Linux

Filed under
GNU
Linux
Hardware
Microsoft

By the federal government’s Digital Analytics Program (DAP) count in October 2020, 3.2 percent of computer users still are on Windows 7 — even though Microsoft no longer supports it for free. If you have an older system but are worried that it won’t support Windows 10 — or if you simply don’t want to deal with Windows anymore — I have a suggestion: Switch to desktop Linux.

Desktop Linux can run on your Windows 7 (and older) laptops and desktops. Machines that would bend and break under the load of Windows 10 will run like a charm. And today’s desktop Linux distributions are as easy to use as Windows or macOS.

And if you’re worried about being able to run Windows applications — don’t. For instance, you can run the free Office Online, which comes with limited versions of Word, Excel, and PowerPoint on Linux. Teams now runs on Linux. Skype has long been available on Linux. And Microsoft’s exporting its new Edge web browser to Linux. The full Office 365 suite will be coming to Linux soon — it’s only a matter of when.

For all your other desktop software needs, there’s usually a free, open-source program that can do just as good a job. Gimp, for example, instead of Photoshop. Or Thunderbird for email instead of Outlook. For a full-fledged office suite, I highly recommend LibreOffice.

You can run many native Windows programs on Linux using Wine. This can be hard to set up, but its commercial brother, CodeWeaver’s Crossover Linux, makes it easy to set up many proprietary programs, including games.

If that doesn’t work for your office’s Windows-only programs, you can always keep running Windows 7, with a lot less danger, on a virtual machine (VM) on Linux. For this job, I recommend Oracle’s great free VirtualBox VM program.

Read more

Microsoft warns Windows 10 update breaks Office updates

Filed under
Microsoft

Microsoft has warned Windows 10 users that recent updates come with a number of bugs. Reportedly, one of the flaws prevents individuals from updating Office products due to a certificate loss issue.

After downloading October 2020 Patch Tuesday updates, some Windows 10 users received an error message reading, “Download of Office 365 file failed, error =” when trying to apply the latest Office updates. Microsoft is yet to reveal a workaround for the problem, meaning individuals must uninstall the faulty Windows update, then update Office and then re-install the Windows patch.

Read more

From Linux to Windows and Back

Filed under
GNU
Linux
Microsoft

Then a few days ago I began to think of using Windows again. I’m still not sure why. Maybe it is this Covid thing. One feels more and more frustrated and tied down. That feeling finds different pegs to express itself upon. I felt fed up with my Linux version of Zoom, I couldn’t see my students most of the time. I felt irritated with my Linux version of Microsoft Teams, I could see only four faces of my colleagues at a time (on the rare occasions that they switched on their cameras). I couldn’t scan from my mother’s all-in-one printer-cum-scanner. I couldn’t buy a new printer-cum-scanner because the new ones weren’t supported in Linux either.

Maybe Windows would be better. I would be able to see more people, use more devices, feel happier and the sky would be blue again. So I got my university’s ever-helpful IT folks to install Windows and MS Office on my laptop. That was two days ago. And today I am back to Linux.

Why? Well, yes it is true that lots of devices work better with Windows, especially the newest ones. The apple of my eye, the stylus my university gave me to write on a whiteboard during online classes, directly converts my handwriting into computer text on Microsoft OneNote. More features of my mother’s printer-scanner work now. Even the sound on YouTube is better. The sound hardware company Realtek has special device drivers for sound under Windows. Nothing like that for Linux. I can hear it fine there, to be sure, but there is an extra oomph in my headphones under Windows.

The other side is that Windows grabs you with a bear hug. It takes much more space on my hard disk. It eats up a huge amount of RAM. Opening programs takes longer than on my Linux installation. And sometimes they still don’t work. I opened a complicated file made on a previous version of MS Word in the latest MS Word on my laptop. It froze. I tried again, it froze again. Then I tried it on the open source LibreOffice which I had been using on Linux. It sprang onto my screen in a fraction of a second.

Starting and closing Windows can be a pain. It wants to install updates again and again. Even otherwise it takes a long time for my desktop to be usable. And then everything is slower than on Linux. Mine is a relatively new laptop. But this must be torture on an older machine, I thought.

Read more

Syndicate content