Sunday, February 19, 2017

Windows Fast Startup

Maybe I missed this since I skipped Windows 8. Windows 8 called it "Fast Boot." Windows 10 extends this facility as default to laptops as well as desktops.

In summary, with Fast Startup the current user is logged off but then instead of shutting down the operating system as expected the current state of Windows is written to the hibernation file. Then when the system is restarted the state is resumed and the user logged back in.

The result is that Windows doesn't really get restarted, just the user is logged off and back on.

To force a complete Windows shutdown and restart, hold SHIFT while you select Shutdown or Restart.

I encountered this recently when I encountered the DHCP problems Windows 10 introduced. A Windows restart using Fast Startup wouldn't clear this.

Sunday, February 12, 2017

Winaero Tweaker

A recent post in AskWoody reminded me of a utility I came across a while back.

The AskWoody article refers to the Winaero utility Winaero Tweaker. You can download it here.

While Winaero Tweaker can do a number of things the AskWoody reference was to disabling Windows 10 telemetry.

Winaero Tweaker makes that literally a one-click operation. Here's their write-up on it.

If that's not geeky enough for you, just scroll down and read the comments. Follow them at your own risk.

Sunday, February 05, 2017

Windows vs macOS

You always hear that macOS is more secure than Windows. In reality that perception is because macOS has been a smaller target (less devices) than Windows.

I recently came across an example that puts money behind the assertion that Windows is more secure than macOS.

Pwn2Own is a computer hacking contest held annually at the CanSecWest security conference. Contestants are challenged to exploit widely used software. Cash prizes are awarded to those contestants that successfully demonstrate the vulnerability of various software. The value of the prizes are set by the level of difficulty expected in each software.

Here is the announcement of prizes for local escalation of privilege:
Local Escalation of Privilege 
Although we’ve had some Escalation of Privilege (EoP) bugs as add-ons in past Pwn2Owns, this is the first year it has a category of its own. This is also the first time we included Linux as a target. In this category, the entry must leverage a kernel vulnerability to escalate privileges. If they do, contestants will earn $30,000 for Microsoft Windows 10, $20,000 for macOS, and $15,000 for Ubuntu Desktop. They will also get 4 Master of Pwn points for Windows and 3 for the other OSes. Considering the various types of malware that use local EoPs, this could prove to be an impactful category. As always, the latest, fully-patched version of each OS will be used – even if we have to stay up late to install the patches.
$30,000 for Microsoft Windows 10 and $20,000 for macOS.

So when Pwn2Own put their money on the security of operating systems, they bet on Windows.

Good job Microsoft.