Microsoft, please stop doing things for our own good

Kaspersky claimed Microsoft has been disabling its antivirus software in Windows 10. Microsoft replied it was its duty to make sure antivirus protection was ‘always on.’

For over 20 years, Microsoft stomped on its competitors and then defended itself against the resulting antitrust lawsuits. But with desktop Windows waning in importance and its desktop software rivals largely gone, Microsoft seemed to have turned a new leaf. Or had it?

In the one software sphere left where it still has rivals — antivirus and security software — Microsoft is up to its old anti-competitive tricks. Late last year, Eugene Kaspersky, founder of the eponymous antivirus company, said, “When you upgrade to Windows 10, Microsoft automatically and without any warning deactivates all ‘incompatible’ security software and in its place installs… you guessed it — its own Defender antivirus. But what did it expect when independent developers were given all of one week before the release of the new version of the OS to make their software compatible?”

Kaspersky did more than just blog about it. First, he complained to the Russian Federal Antimonopoly Service, which opened a case against Microsoft for “abusing dominance.” His company, Kaspersky Lab, followed up this June by filing more antitrust complaints against Microsoft, with the European Commission and the German Federal Cartel Office.

Kaspersky claimed in his blog, “Microsoft uses its dominant position in the computer operating system (OS) market to fiercely promote its own — inferior — security software (Windows Defender) at the expense of users’ previously self-chosen security solution. Such promotion is conducted using questionable methods, and we want to bring these methods to the attention of the anti-competition authorities.”

That sounds like business as usual for the Evil Empire.

Microsoft replied with garden-variety public relations pabulum: “Microsoft’s primary objective is to keep customers protected and we are confident that the security features of Windows 10 comply with competition laws.”

But now Microsoft has taken a new tack. It admitted that it turned off rivals’ antivirus software. Rob Lefferts, Microsoft’s partner director of the Windows & Devices Group, Security & Enterprise, said, yes, Windows 10 Creators Update disabled third-party antivirus products — but only in a few circumstances, and for a short time.

Specifically, since “AV software can be deeply entwined within the operating system, we doubled down on our efforts to help AV vendors be compatible with the latest updates. … For the small number of applications that still needed updating, we built a feature just for AV apps that would prompt the customer to install a new version of their AV app right after the update completed. To do this, we first temporarily disabled some parts of the AV software when the update began. We did this work in partnership with the AV partner to specify which versions of their software are compatible and where to direct customers after updating.”

Somehow, I don’t think Kaspersky, who hasn’t replied yet to Microsoft’s latest move, agrees that Microsoft is working as a partner with antivirus providers. I’m sure he sees this as proof of his assertions that Microsoft’s “Daddy knows best” attitude is meant only to promote Microsoft Defender over all other antivirus programs.

Microsoft’s justification? It must act to protect users from the recent plague of WannaCry ransomware and similar fast-moving malware attacks.

To me, this is proof that the old Microsoft, which wanted absolute control, and thus profit, is still alive and well in the Windows division.

If you’re OK with Microsoft calling all the shots, that’s fine. I will remind you, though, that WannaCry wouldn’t have existed in the first place if Microsoft had properly secured its Server Message Block network protocol.

I’ve always thought that competition leads to better, more secure software. That’s one reason to hope Kaspersky continues to hold Microsoft’s feet to the fire for this latest attempt to create a monopoly.


Magic Wormhole is a clever way to send files easily and securely

If you need to transfer a couple hundred megs to a coworker or friend across the country, you aren’t short on options. In fact, options are thick on the ground, and all have their own issues. Don’t you wish you could just speak a few magic words and send stuff directly to them, no intermediate upload, no web interface, no login? Magic Wormhole, created by developer Brian Warner, is a clever way to do just that.

Assuming both you and your friend are online and have the minimal software installed, the steps are super simple:

  • Invoke a wormhole via command line (no GUI just yet) with the file you want to send
  • Server (public or private) gives you a simple, speakable, one-time-use password like 8-horse-happy or vile-4-content
  • You tell your friend that password over phone, chat or whatever
  • They enter it in their wormhole console, key exchange occurs
  • Encrypted download starts directly between your computers and password is discarded
All right, so maybe that’s a bit more complicated than, say, dropping the file into Slack. But it avoids all the complications of third-party tools, intermediary servers, logins and passwords, making a shortlink, worrying about making a file temporarily “public” or fiddling with permissions, and so on.

And really, properly used it could be simpler than anything else. Once it’s sitting there in a script or whatever on your desktop, you just drop a file on it, it pops up with the password and you tell that to the person. They get it directly and securely, and you never have to worry about it again. 150w, 300w, 768w, 680w, 1095w" sizes="(max-width: 1024px) 100vw, 1024px" style="box-sizing: content-box; max-width: 100%; height: auto; border-width: 1px; border-style: solid; border-color: rgb(213, 213, 213); outline: 0px; display: block; clear: both; margin: 0px auto;">Imagine being on the phone with someone and hearing “oh let me send you that file.” Will it be a Dropbox link? Will you have to log into something? Will you be waiting for Gmail to scan some huge attachment? Will it be — shudder — over FTP? Or will they just say “crocodile mighty 7” and boom, you’ve got it? I for one would love that.

I don’t know why I’m getting so pumped over a file transfer system! I just think it’s great.

You can download all the components or contribute your own code at the GitHub project page.

Read Original Article... 

No Known Ransomware Works Against Windows 10 S


No currently known ransomware strain can infect Windows 10 S, said Microsoft today with the release of a new report detailing the next-get ransomware protection features the company introduced with the release of the Windows 10 Creators Update last month.

Microsoft's statement is technically accurate because Windows 10 S won't allow the installation of apps from outside the official Windows Store, which greatly limits the ability of ransomware authors to launch their payloads on infected systems.

Nonetheless, this new version of the Windows 10 operating system is still in development, wasn't made available to the public, and has a market share of 0%.

This means that once Microsoft launches Windows 10 S, things are very likely to change, especially since Windows 10 S is advertised as an operating system for the business and educational sector, two industry verticals very popular among ransomware operators.

Ransomware and other malware authors will eventually turn their focus on finding ways to infect the OS, and ransomware strains capable of infecting Windows 10 S will likely appear, although, it's quite refreshing to hear that no known ransomware strain can infect it right now.

Microsoft: No Windows 10 user was affected by WannaCry

Presenting new anti-ransomware protection features added in Windows 10 Creators Update, Robert Lefferts, Director of Program Management, Windows Enterprise and Security, also confirmed today that no Windows 10 customer was affected by the recent WannaCry ransomware outbreak that took place in mid-May.

There were actually some Windows 10 users who got infected, but those users launched the ransomware by hand and were not infected via WannaCry's self-spreading worm, which didn't have the technical capabilities to infect Windows 10 devices.

New anti-ransomware features added to Windows 10 CU

The Microsoft exec shared these details with the release of a new report detailing the new anti-ransomware features added to Windows 10 in the Creators Update.

This list of new features includes:

⍈ Click-to-run for Adobe Flash in Edge — which prevents ransomware and other malware from landing on Windows 10 PCs via exploits kits and drive-by downloads
⍈ Instant cloud protection via Windows Defender — According to Microsoft, starting with Creators Update, Windows Defender AV can suspend a suspicious file from running and sync with the cloud protection service to further inspect the file.
⍈ Fast remediation mechanism at detection — Microsoft says it has made great strides to "remediate ransomware infection and
limit ransomware activity from minutes to seconds, reducing
its damage from hundreds of encrypted files to a few." Microsoft credits this to Windows Defender AV’s behavioral engine, who can aggregate malware behavior across processes and stages.
⍈ Improved detection for script-based attacks — Microsoft says its Antimalware Scan Interface (AMSI) was modified to intervene during the strategic execution points of JS or VBS script runtimes, two infection vectors often used by ransomware.
⍈ Wow64 compatibility scanning —In Creators Update, Windows Defender AV added a process-scanning feature that uses the Wow64
compatibility layer, enabling it to better inspect system interactions of 32-bit applications running on 64-bit operating systems.
⍈ Process tree visualizations — feature added to Windows Defender ATP, the commercial version of Windows Defender.
⍈ Artifact searching capabilities — feature added to Windows Defender ATP, the commercial version of Windows Defender.
⍈ Machine isolation and quarantine — feature added to Windows Defender ATP, the commercial version of Windows Defender.

    Read Original Article... 
Apple Repairs and Service
Member of the Internet Defense League
Internet Cafe available

BitcoinCash Accepted