-
-
Someone in FEMA/FCC needs to make certain their time is synced with NIST
PS I must have been living under a rock, at I didn’t know a thing about it until I saw your post yesterday. Thanks for the heads up!
-
Here’s another that showed up magically. It look like Microsoft replaced the “Mail & Calendar” app with a Microsoft Store app titled “Outlook”, with only a slight change to the icon. Took me a moment to realize I wasn’t in the Twlight Zone, and had somehow installed the Microsoft 365 version of Outlook twice. But honestly, why name two different apps the same? Didn’t they do that with OneNote?
1 user thanked author for this post.
-
-
-
Figured I should spin up a Hyper-V VM of Win11 to begin poking around. I especially wanted to review the default “crappified” version of Win 11. For our Windows 10 installations, we run a “decrapifier” script, which has been very successful in cleaning up the mess.
Since you recommend not running a “decrapifier”, I thought a quick VM install of Win 11 v22H2 would be simple. Then I ran into the “need internet” to continue issue. The VM is isolated, and can’t phone home to mother Microsoft, so I couldn’t use the generic “no@thankyou.com” email address trick.
Instead, I found a trick posted on other site that worked, at least for me. When reaching the “need internet” screen, press [Shift] + [F10] to open a command prompt. At the command prompt, type OOBE\BYPASSNRO and hit enter. The VM will reboot. Now, at the “need internet” screen, the “I don’t have internet” option is available.
Just thought I’d drop this here for anyone else wanting to spin up a copy of Win 11, without needing to connect it to the internet. Now, time to see what manual “decrapifying” needs to be done!
1 user thanked author for this post.
-
For the business network I manage, I instruct the users to lock their workstations when stepping away (break/lunch), and to reboot them at the end of the day when they go home. The reasoning is, to get them into the habit of not leaving documents open that they are in the middle of working on, and to instead save them.
We also rely on a few mechanisms for applying security updates. Microsoft stuff is handled mainly through WSUS. Our WSUS configuration gives the users a 72 hour notice before automatically rebooting if the user hasn’t already done so.
We also rely on the computer manufacturer’s automated update program to apply BIOS and other updates. It, too, is configured with a deferral period before forcing a reboot, although it’s been known to reboot without the deferral it’s supposed to do.
For everything else, our Endpoint Management Service will attempt to patch most 3rd party programs, but it’s not as kind and forgiving. After patching, it will reboot.
Finally, other maintenance activities occur after-hours, including full server and workstation backups. Helping to provide users with a productive workday, uninterrupted by the IT housekeeping routines.
At home, the PC’s generally see enough use (a few times a month), they are powered on long enough to get their updates and then nag to be rebooted, too.
1 user thanked author for this post.
-
-
Although they are “off by default”, best practices, at least when following CIS guidelines, still typically set defaults to specific enabled/disabled, since you never know when someone at Microsoft may decide the default of “enabled by default” is now the norm. Of course, YMMV.
1 user thanked author for this post.
-
Years ago, the Vi$io $ticker $hock sent me looking for an alternate solution. I inadvertently stumbled across draw.io (now diagrams.net, although my browser bookmark still points to draw.io). While it may have a different learning curve than Visio, I’ve appreciated the fact that it’s price tag is hard to beat (free), and that throughout its iterations, it’s still able to read old drawings. I was even able to incorporate it into the Wiki software I use for network documentation, which allows updating the draw.io diagrams from the Wiki itself. I’m not affiliated with draw.io nor do I receive any kickback or incentive.
Now, with that out of the way, I’m excited to try Visio Online, through my Office 365 subscription. Didn’t even realize it was part of the bundle. Thanks for the quick overview!
1 user thanked author for this post.
-
I feel your pain. I try to avoid phone support as much as possible, because of the very bottom-of-the-barrel approach most tech support assumes. Sometimes, like you, I’ll get lucky and the agent will actually listen to what I’ve already troubleshot, and adjust their playbook/scripted responses accordingly.
Most of the time, they’ll adamantly refuse to jump ahead in their troubleshooting, and demand we start with step 1. More and more I believe that most tech support operators have no idea what’s going on, and they can only follow a script. In fact, I’ll bet dollars to donuts many are in call centers that handle multiple vendors products. Depending on what phone number you dial, the pop up on their screen for your incoming call tells them they’ll be playing the part of Steven from Dell. Their next call, they’re Jake from State Farm.
I’ve finally given up… It’s gotten to the point I’ll just play along without doing anything they’re actually asking. you want me to reboot? Okay, I’m rebooting now (without actually doing anything; wait the time typically associated with rebooting), yep it’s rebooted. Nope, problem still exists… I’ll play this game with them while they progress through their scripted troubleshooting, all the while I’m working on another project altogether. Just keep playing and waiting until their script “catches up” to the point I’ve already troubleshot/arrived at.
Another part of the issue, I believe, is where over-automation has actually stripped away the tech’s actual ability to help you. Not too long ago, savvy tech’s could fix about anything through their employers system portals. Now, in an employer always knows best situation, it seems most techs are locked out of most, if not all, system change/control. Where they could previously override or change a flag to get something working. Now they can’t. Either their employer doesn’t want them to, or whomever engineered the system never took into consideration just how many one-off use cases there are, and that you can’t conceive every possible combination of if/then.
And you know, their versions of Sydney and Bard are in the works… I’m afraid it’s only going to get worse… At least there’s the off-chance Sydney will proclaim it’s love for you during the call.
6 users thanked author for this post.
-
-
-
Actually, that’s “partially false” (I’m trying to add some light-hearted humor here). There are several cases where content providers have been deemed publishers.
It’s a long read, but it gives great background on how the CDA morphed into what it is. Paragraph 49 gives the legal “how-to” pierce the veil of “content provider”.
If the original author of the legislation is to be believed, Stossel has a good chance of winning. It hinges on the fact that Facebook itself “created” the “false”, “misleading”, and other fact-check “labels” as part of their platform. By “creating” and applying these labels themself, based on third-party content providers, Facebook crossed the magic threshold separating content providers from creators/publishers, and became a “creator/publisher”.
As far as the argument “they’re private companies and can do whatever they want”, that’s simply not true. A private company isn’t shielded from defamation libel, just as they’re not shielded from liability for refusing to bake cakes for same-sex couples. Stossel’s case is based on false statements, aka fact-check “labels”.
If Stossel’s legal team has threaded the proverbial needle correctly, they can demonstrate Facebook is simply a publisher in content provider’s clothing. Blaming errors with their “fact-checking” labels as simply bad programming (computer algorithms) isn’t a get out of jail free card:
In the landmark en banc decision of the Ninth Circuit Court of Appeals in Fair Housing Council of San Fernando Valley v. Roommates.com,[66] which has since been widely cited and applied in circuits across the United States, it was held that not only do websites lose their immunity when they merely “develop” content created by others, but participation in others’ content creation includes wholly automated features of a website that are coded into its architecture.[67]
At least that’s my two-cents opinion.
1 user thanked author for this post.
-
“The certificate confirms the legitimacy of the app, and thus Windows assumes the app is safe.”
The basic problem is, code-signing certificates mean nothing.
https://www.theregister.com/2018/06/26/digitally_signed_malware/
https://www.securityweek.com/use-fake-code-signing-certificates-malware-surges
The near-term anti-malware solutions, I believe, will lead to blocking/warnings on files that haven’t been seen before, and/or haven’t built a reputation for being widespread and safe. Ultimately, it’s the “block at first site” approach.
Author
