Sunday, April 22, 2018

iOS Battery Usage

I check and log my smartphone battery reading at 10:00 each night and calculate % of battery consumed per hour.

Here's a chart of my findings on my iPhone 6.


I don't claim this to be scientific, just interesting.

iOS 11 introduced a significant increase in battery consumption then something was changed in iOS 11.2.1 that noticeably reduced battery consumption.

As the phone ages, the battery capacity reduces thus increasing the % per hour due to a smaller base. I didn't include this in my logging as until iOS 11.3 Apple didn't expose the battery capacity.

Incidentally, my battery capacity was 87% on the first of February and 86% on the first of April.

Sunday, April 15, 2018

Google Maps Timeline

I use Google Location Services to create a timeline of my travels.

Since I've been using the iPhone 6s I've noticed that the resolution of the tracks has been pretty coarse.


When I switched to the Essential Phone there was a significant improvement in resolution.


Undoubtedly at the expense of battery life.

Sunday, April 08, 2018

How to Sandbox Facebook

Facebook "follows" your web browsing even on other sites.
Facebook's business model is to amass as much first-party and third-party data on you as possible, and slowly dole out access to it. If you’re using Facebook, you're entrusting the company with records of everything you do.
I try to minimize the opportunity for Facebook to gather information. I'm sure my technique is not foolproof but it is better than nothing.

When I launch Facebook I do it in a Chrome incognito window.



To be the most effective this should be the only tab that you are using as incognito.

If I want to click on a link in a Facebook post (which I generally don't recommend), I right click on the link and choose "Copy link address".


Then I leave the incognito window and go back to my normal browser window.

Open a new tab and paste the copied URL into the address bar. BUT DON'T PRESS ENTER.

Look at that link and see if it looks like this:
https://www.facebook.com/topic/Baton-Rouge-Police-Department/1040460436008909?source=whfrt&position=1&trqid=6538904751892597700&impressionguid=0Ho4cQev8pMnPWgOe
DON'T PRESS ENTER.

If you really HAVE to go to that link, type the title of the page into Google (or DuckDuckGo) and let Google find it for you. Because if you click on that link Facebook will record that you've been to that page and "follow" you wherever you go from that page.

When you're through with that session of Facebook, log out and close that incognito tab. That should close the incognito window as well if that was the only tab.

As an example of what various pages do to track you. The Guardian posted an article (https://www.theguardian.com/commentisfree/2018/mar/28/all-the-data-facebook-google-has-on-you-privacy - intentionally NOT linked) on "Are you ready? Here is all the data Facebook and Google have on you". That web page had four sets of Facebook tracking and nine sets of Google tracking.

You can see where Facebook has followed you by going here.

I also run uBlock Origin. You can get it here for Chrome and here for Firefox. If you use the above technique of running Facebook in an incognito window be sure to allow uBlock Origin to run in incognito. This article has a discussion of uBlock Origin settings for Facebook.

Sunday, April 01, 2018

So What's Going on with Facebook?

Cambridge Analytica reportedly mined information from 50 million Facebook users for the benefit of the Trump and Brexit campaigns. And bragged about it.

They got the data from Facebook before 2014. Facebook didn't sell it to them. Facebook just GAVE it to them. Up until that time Facebook allowed Facebook applications to not only get profile data from the user who ran an application but allowed them to get profile data from the friends of that user. The terms of service ALWAYS said that you were sharing your friends' profile data. Most people just didn't read them.

This stretch to friends' profiles was removed in 2014.

Cambridge Analytica used Amazon's Mechanical Turk to engage about 270,000 users to run an application (e.g., a game or survey) on Facebook that gave Cambridge Analytica access to 50 million other users' profile data who were "friends" of that group.

You can split hairs about who violated whose terms of service but the result is that millions of Facebook users' personal data was shared and used for data mining.

It raises serious questions about how Facebook handles your personal data. Especially after you read this 2016 memo (archive.is) from a Facebook Vice President.

Mark Zuckerberg had an interview on the BBC in 2009. Here's an excerpt of it:
BBC: So who is going to own the Facebook content, the person who puts it there or you?
Zuckerberg: The person who's putting the content on Facebook always own the information.
BBC: Are you going to sell it?
Zuckerberg: No, of course not.
Watch it below.


As noted above Facebook didn't SELL the information. They just GAVE it away.

And it's not just profile data that Facebook was gathering and retaining. TechCrunch (a Verizon property) had an article recently that described Facebook's tracking Android users’ SMS and phone call metadata as "concealment."

So what can you do?

A friend of mine recently posted on Facebook:
Hey everyone...I am deleting my FB account and messenger on          . My Instagram account is          . You can find me there. If you want my email addy or telephone number, please just reach out.
Here's my reply:
Google (and your ISP) has similar data but it's not apparent YET that Google gives/sells it like Facebook. There's no telling what the ISPs are doing with it.

Like you, I signed up for Google Plus at the beginning and go there once a week or so. Honestly there's no one on it.

No good answer other than to recognize that all these big companies have access to broad data about you and with "big data" tools they can analyze it and monetize it.

The good news is that unless you are a "target" (e.g. CFO at a Fortune 1000 company) nobody much cares what web sites you go to or where you live.
The Wall Street Journal (WSJD) has had a couple of good articles on Facebook privacy. If you don't have a subscription I've included a technique at the end of this post that may let you read them. Unfortunately it requires you to use Facebook.

One article gives you a step by step of how to dump Facebook. To turn off apps, go here. To manage ads, go here. This link will show you where Facebook has tracked you. Delete them all.

Another article described how to download your Facebook data and what to look for.
You can request a folder of the things you have uploaded to or shared on Facebook from all your sessions on various devices - plus other curious information - to save on your computer. Here are instructions. Once you unzip the folder, open the "index.htm" file in a browser, and start looking around.

What isn't in this single download is a lot of the behind-the-scenes data that Facebook may use to increase engagement and target ads. For instance, it doesn't list people who might have uploaded your phone number or other information when syncing their contacts with Facebook. It doesn't say what ads third-party data providers have targeted at you, or which bit of your grocery shopping or web browsing prompted such ads. (No, Facebook isn't listening through your microphone - it doesn't need to.)
Here's the list of the behind-the-scenes data that Facebook keeps on you.

And if you're worried about Facebook you may be worrying about the wrong thing. Go read this article on your ISP.

And Google? OMG! Here's how to see what they have.

So what do you do?

Scott McNealy, the founder of Sun Microsystems said (archive.is):
You have zero privacy anyway, Get over it.
The reality is that individually you're not much of a target. Unhook as much of Facebook as you can. And always read the terms of service carefully.



The way I read WSJ articles is to paste the URL into Facebook's "What's on your mind?" box then change the audience to "Only me" and post. Then when I click on the link in the private post it opens to the full story. Then I delete the private post. Remember to change the audience back to whatever you usually use.

Sunday, March 25, 2018

Change is Essential

I seem to really have a soft spot for niche phones. I've had a Moto X , a Nexus 5, and a BlackBerry PRIV just to name a few.

I've done it again. I just bought an Essential PH-1. In late 2017 it was estimated that only about 50,000 had been sold. That makes the BlackBerry PRIV look like a runaway success at about 600,000 sold.

Essential was founded by Andy Rubin, the inventor of Android.

It's a gorgeous phone closely resembling the iPhone X in appearance and size.


Here's how it compares to my iPhone 6s.

Apple iPhone 6sEssential iPhone
DESIGN
Device typeSmart phoneSmart phone
OSiOS (10.x, 9.x)Android (7.1)
Dimensions5.44 x 2.64 x 0.28 inches (138.3 x 67.1 x 7.1 mm)5.57 x 2.80 x 0.31 inches (141.5 x 71.1 x 7.8 mm)
Weight5.04 oz (143 g)6.53 oz (185 g)
MaterialsMain body: AluminumMain body: Ceramic; Accents: Titanium
FeaturesFingerprint (touch)Fingerprint (touch)
DISPLAY
Physical size4.7 inches5.7 inches
Resolution750 x 1334 pixels1312 x 2560 pixels
Pixel density326 ppi504 ppi
TechnologyIPS LCDIPS LCD
Screen-to-body ratio65.71 %84.85 %
Colors16 777 21616 777 216
TouchscreenMulti-touchMulti-touch
FeaturesPressure-sensitive, Oleophobic coating, Scratch-resistant glass, Light sensor, Proximity sensorScratch-resistant glass (Corning Gorilla Glass 5), Ambient light sensor, Proximity sensor
CAMERA
Camera12 megapixels13 megapixels
   Aperture sizeF2.2F1.9
   Focal length (35mm equivalent)29 mm
   Camera sensor size1/3"
   Hardware
   Features
Sapphire crystal lens cover, Autofocus, Back-illuminated sensor (BSI)Dual-camera (13-megapixel), Autofocus (Laser, Phase detection)
   Software
   Features
Touch to focus, Face detection, Self-timer, Geo taggingTouch to focus, Face detection, Self-timer, Digital zoom, Geo tagging
Camcorder3840x2160 (4K) (30 fps), 1920x1080 (1080p HD) (120 fps), 1280x720 (720p HD) (240 fps)3840x2160 (4K) (30 fps), 1920x1080 (1080p HD) (60 fps), 1280x720 (720p HD) (120 fps)
   FeaturesTime-lapse video, Continuous autofocus, Digital image stabilization, Video calling, Video sharingVideo calling, Video sharing
Front-facing camera5 megapixels8 megapixels
HARDWARE
System chipApple A9 APL0898Qualcomm Snapdragon 835 MSM8998
ProcessorDual-core, 1840 MHz, Twister, 64-bitOcta-core, 2450 MHz, Kryo 280, 64-bit, 10 nm
Graphics processorPowerVR GT7600Adreno 540
System memory2048 MB RAM4096 MB RAM
Built-in storage64 GB128 GB
Maximum User Storage

Storage expansion

BATTERY
Talk time14.00 hours
Stand-by time10.0 days (240 hours)
Capacity1715 mAh3040 mAh
Not user replaceableYesYes
Wireless charging

MULTIMEDIA
Music player
   Filter byAlbum, Artist, Genre, PlaylistsAlbum, Artist, Genre, Playlists
   FeaturesAlbum art cover, Background playbackAlbum art cover, Background playback
SpeakersEarpiece, LoudspeakerEarpiece, Loudspeaker
YouTube playerYesYes
INTERNET BROWSING
Built-in online services supportYouTube (upload), Picasa/Google+YouTube (upload), Picasa/Google+
TECHNOLOGY
CDMA800, 1700/2100, 1900 MHz800, 1900 MH
GSM850, 900, 1800, 1900 MHz850, 900, 1800, 1900 MHz
UMTS850, 900, 1700/2100, 1900, 2100 MHz850, 900, 1700/2100, 1900, 2100 MHz
FDD LTEBands 1, 2, 3, 4, 5, 7, 8, 12, 13, 17, 18, 19, 20, 25, 26, 28, 29Bands 1, 2, 3, 4, 5, 7, 8, 12, 13, 17, 20, 21, 25, 26, 28, 29, 30
DataLTE-A Cat 6 (300/50 Mbit/s), HSPA, HSUPALTE-A Pro Cat 16 (1000/150 Mbit/s)
micro-SIM

nano-SIMYesYes
PositioningGPS, A-GPS, Glonass, Galileo, Cell ID, Wi-Fi positioningGPS, A-GPS, Glonass
NavigationTurn-by-turn navigation, Voice navigationTurn-by-turn navigation, Voice navigation
CONNECTIVITY
Bluetooth4.25.0
Wi-Fi802.11 a, b, g, n, ac, dual-band802.11 a, b, g, n, ac, dual-band
   Mobile hotspotYesYes
USBYesYes
   ConnectorProprietaryUSB Type-C (reversible)
   FeaturesUSB chargingUSB charging
HDMI

OtherNFC, Tethering, Computer sync, OTA syncNFC, Tethering, Computer sync, OTA sync
OTHER FEATURES
NotificationsService lights, Haptic feedback, Music ringtones (MP3), Polyphonic ringtones, Vibration, Flight mode, Silent mode, SpeakerphoneService lights, Haptic feedback
SensorsAccelerometer, Gyroscope, CompassAccelerometer, Compass, Gesture
Hearing aid compatibilityM3, T4
OtherVoice dialing, Voice commands, Voice recording, TTY/TDDVoice dialing, Voice commands, Voice recording
AVAILABILITY
Officially announced09 Sep 201530 May 2017
FCC Approval09 Sep 201526 Jun 2017
Source: phoneArena.com


The day after I got it it updated to Oreo 8.1.

Then I sold it within a week.

Why?

I searched for a spring-clip belt holster without finding one. I know that is only slightly less geeky than a pocket protector but it is what I'm used to.

My bank's debit card doesn't support Google Pay. Apple Pay is supported.

The PH-1 has a weak vibration motor like the OnePlus One.

I tried to use Dropbox to move pictures from the PH-1 to my PC. Most of the pictures I was saving were being texted to me so they were in Android Messages. Messages saves them in Photos / Messages and Dropbox wouldn't look there for the Camera Uploads process.

I like the physical muting switch on the iPhone. Android has a complicated "Do not disturb" process that involves stared contacts, downtime and priorities. I just want it to not make any sounds but to still vibrate.

The fingerprint reader on the Essential is so much better than the iPhone 6s. It's in a natural place and reads quick.

Both of my Bluetooth ear buds misbehaved on the PH-1. They tended to switch the audio between ears occasionally and then switch right back. It wasn't continuous and wasn't very frequent.

The PH-1 uses USB C for charging and earphones. I had to buy USB A to USB C cables. While this was a short term hassle, long term it is clearly the direction.

Android is not nearly as aggressive as iOS at throttling apps running in the background. Even after Oreo 8.1 GasBuddy used 10% of my battery capacity on the PH-1 and I had NEVER launched it. The flip side of this is that iOS doesn't give Google Maps' location services frequent GPS updates. This makes my Google Maps Timeline have poor resolution (more on this later). Similarly Google Maps often opens with the wrong location on the iPhone.

Android Oreo 8.1 is really improving battery life (after I uninstalled GasBuddy). Admittedly my sample is very small but the mAh/hour for the PH-1 on Oreo 8.1 was 68.5 compared to 52.8 for the iPhone 6s for the last 5 weekdays I tracked. There are more details here.

I can't believe I gave up a flagship Android for a 2 year old iPhone but I did.

Sunday, March 18, 2018

One Hour and Six Minutes

I continue to be a huge fan of Android Auto and Apple CarPlay.

I still have Android Auto active in my Pilot all the time. I've gotten to where I input my destination any time I have to travel on the Interstate even if I know my route blindfolded.

Using traffic data Android Auto and CarPlay suggest alternative routing based on conditions.

Every now and then as I navigate I-240 in the Memphis area Android Auto will suggest getting off and then back on the Interstate to avoid a traffic slowdown. The savings are typically in the single digit minutes for a sub-30 minute drive.

Nice but no big deal.

However recently we were in Jackson, MS. As we entered I-55 I tapped the "Home" button on the Android Auto screen. It calculated a route and an ETA and off we went.

I have Android Auto muted except for traffic alerts. Within 2 miles Android Auto piped up with something to the effect "Due to a traffic slowdown on your route there is a suggested alternative route. This will reduce your ETA by one hour and six minutes."

OMG!

Needless to say I took the alternative route. There was a wreck on I-55 that had it closed in both directions.

The alternative route had me exit I-55 and travel on a parallel surface road to the next exit. Reentering the Interstate there was no problem as there was no traffic coming from behind me. 😀

If your car doesn't have an Android Auto or Apple CarPlay head unit, look at this.

Sunday, March 11, 2018

It's Not Our Fault

I follow the Internet Storm Center's diary. Recently one of the entries related a situation with a personal NAS (Network Attached Storage) with terabytes of data. It was configured with RAID5. The NAS vendor offered a cloud backup service that he used.

He had a detailed backup plan consisting of:
  • a daily backup to a cloud storage provider
  • a monthly backup to an external disk (physically stored away from the source)
  • a file restore test performed every month (ex: restore file ‘x' backup at time ‘t’)

While this diary is about a personal situation the lessons apply to enterprise as well.

The power failed in his area and the NAS crashed hard. He reloaded the operating system and rebuild the RAID5.

No data was lost.

But then he had to “relink” the existing cloud backup with the new backup task on the NAS. That  failed with strange error messages saying that some files were not found.

After the normal "Turn it off and back on" with no success the vendor responded:
Thank you to try to log on your cloud service console to check if your files are available. If they are not available, please contact your cloud service support to get more help. We already notified them about this issue and we received a lot of complaints from other customers who are facing the same issue. You should try to see with them how to recover your files, if possible...
Remember that "your cloud service" was arranged by the NAS vendor.

Yep, his cloud backup was lost (1.5TB of data).

What if that had been YOUR enterprise data?

Have a plan. Have a backup to that plan. Test it. Test it again.

Sunday, March 04, 2018

Microsoft Image Composite Editor

Recently I was scanning some newspaper clippings. They were larger than the bed of my scanner so it took several scans to capture all of them.

One even took 4 scans. I was dreading trying to put those together to create a single image.

So I went to my favorite resource: Google.

One of the top hits was Gizmo's Freeware's page on "Best Free Digital Image Stitcher." I liked the price already.

The first entry in the list was Microsoft Image Composite Editor. I had never heard of that.
What is Image Composite Editor?
Image Composite Editor (ICE) is an advanced panoramic image stitcher created by the Microsoft Research Interactive Visual Media Group. Given a set of overlapping photographs of a scene shot from a single camera location, the app creates a high-resolution panorama that seamlessly combines the original images. ICE can also create a panorama from a panning video, including stop-motion action overlaid on the background. Finished panoramas can be shared with friends and viewed in 3D by uploading them to the Photosynth web site. Panoramas can also be saved in a wide variety of image formats, including JPEG, TIFF, and Photoshop’s PSD/PSB format, as well as the multiresolution tiled format used by HD View and Deep Zoom.
The web page is dated 2008 and the last post on the support forum is from 2011. The downloads are dated 2016 though.

But it just works!

I downloaded the 64-bit version and installed it on my Windows 10. It stitched my 4 scans together seamlessly, let me rotate easily and then crop. Exporting was one-click (after I added ICE.exe to my Controlled Folder Access).

Where has this program been all my life?


Sunday, February 25, 2018

Windows Update Show Hide

Sorry for the cryptic title. Recently a friend was installing Windows 10 on an old PC with an AMD processor. Windows Update kept installing a driver. After the driver installed the PC would attempt to reboot but fail. 3 hard reboots would cause Windows 10 to roll back and all was good until Windows Update installed it again.

Similarly I have an old HP CP1025NW printer. It works fine with Windows 10 but Windows Update keeps trying to install different drivers. The install always fails.


Usually Windows Update will try a couple of times and then go quiet.

However recently when Windows Update failed to install the printer driver the whole Windows Update process hung up.

Microsoft has a tool that will let you block updates.
In Windows 10, your device is always kept up-to-date to have the latest features and fixes. Drivers are installed automatically so that you don't have to select which updates are needed. In rare cases, a specific driver might temporarily cause issues that affect your device. In this situation, you can prevent the problematic driver from reinstalling automatically the next time Windows Updates are installed.
There's a download on that page for wushowhide.diagcab.

Just save it to your desktop and double-click it.


Click on "Next" and it will go look for pending updates.



Click on "Hide updates".


Select the updates you want to block and click on "Next".

Unfortunately Microsoft tends to rerelease updates so blocked updates will reappear from time to time. Just repeat the Show-Hide process again.

Sunday, February 18, 2018

Windows 10 Spring Creators Update

No, I don't know what the next "version" of Windows will be called but history suggests it might be  "Spring Creators Update". One thing for sure, you don't want to be surprised when you wake up one morning and it has installed/uninstalled/crashed overnight.

Likewise Microsoft had their share of troubles with January's patches.

So now is a good time to prepare.

If you're not running Windows 10 Pro, the first thing to do is to go here and buy a Windows 10 key for $14.00. Then backup and upgrade (archive.org) Home to Pro.
  1. Select the Start  button, then select Settings  > Update & security  > Activation.
  2. Select Change product key, and then enter the 25-character Windows 10 Pro product key.
  3. Select Next to start the upgrade to Windows 10 Pro.
Then follow Woody Leonard's instructions from here.

To block Automatic Updates (you can say "defer" if you prefer), click Start > Settings > Update & security. Click the link marked "Advanced Options." You can see the "Choose when updates are installed" pane in the screenshot.

Microsoft has changed the terminology several times in the past couple of months, but choosing "Current Branch for Business" in the first drop-down box should assure that you won’t be upgraded to the next version of Windows (presumably, version 1709) until Microsoft says it's ready for widespread adoption. By choosing CBB, you’re avoiding the four-month-long unpaid beta-testing phase, where those who leave Automatic Update enabled get to install and test the new version of Win10 as soon as it's rolled onto their machines.

The Feature Updates box is supposed to delay the installation of new versions (read: version 1709) by the specified number of days. Remember Feature Update = Version change. At this point, we have no idea how that number will interact with the CBB choice in the first box - or even if it interacts at all. The rules seem to change every week.

The Quality Updates box, though, controls how long Windows Update waits to install the latest cumulative update. Remember Quality Update = Cumulative Update. I suggest you wind that up to 30 days, the maximum, but put a reminder in your calendar to check in a few weeks to see if the next cumulative update is behaving itself.

I don't recommend that you Pause Updates using this setting. It isn't clear what updates are being paused. You still want antivirus updates, for example, and even if Microsoft allows those through now, experience has taught that the rules change all the time.

Windows 10 versions 1507, 1511 and 1607 Pro and Enterprise had similar options, but you have to dig through Group Policy settings to get to them.
If you're on Windows 10 1709 "Fall Creators Update" the term will be "Semi-Annual Channel" instead of  "Current Branch for Business".

If you won't/can't upgrade to Windows 10 Pro, here are Woody Leonard's instructions for Windows 10 1703. You're on your own.

With all this doom and gloom, personally I've had good luck.

Cross your fingers.

Sunday, February 11, 2018

Edge Is Good For Something

I finally found something that Microsoft's Edge browser is good for.

Last week I was reading an article at Medium.com on "What Really Happened with Vista: An Insider’s Retrospective". It was a good article but the presentation drove me crazy.

It had a CSS "shade" at the top and another CSS "footer" at the bottom. These caused PgDn to scroll too far and you would miss some of the text. Then you'd have to Up Arrow to see the skipped text.



I didn't have enough patience to read much of it in this manner.

Then I recalled that Edge has a reading view.

I copied the URL and pasted it into Edge. In the address bar is an icon that looks like an open book.


Click on that and you're put into Reading view" mode.

Much better.



I concede that there are similar capabilities in Google's Chrome but they all require hacks or non-Google extensions.

Sunday, February 04, 2018

R.I.P CrashPlan

I've been a huge proponent of CrashPlan. I started with the personal offsite backup.

That worked well and I eventually added their cloud backup.

You can read about my experiences here. I'll save you some time. It's nothing but good.

Then...

In August 2017 I got the following e-mail:
Thank you for being a CrashPlan® for Home customer. We're honored that you’ve trusted us to protect your data.
It's because of this trust that we want you to know that we have shifted our business strategy to focus on the enterprise and small business segments. This means that over the next 14 months we will be exiting the consumer market and you must choose another option for data backup before your subscription expires. We are committed to providing you with an easy and efficient transition.
They partnered with Carbonite but Carbonite's offering just isn't what CrashPlan's was. For example Carbonite only keeps deleted files 30 days.

Then during the Black Friday sales I saw an offer from StackSocial for 2TB for life for $39.99. (That has since gone back up to $49.99.)

I had to look at that.

What StackSocial was offering was Zoolz Archive Home. What comprised the 2TB was 1TB of Instant Vault storage and 1TB of Cold Storage.

Instant Vault has to be accessed using a web interface. You can also generate shared links for the Instant Vault storage like DropBox.

Cold Storage has a Windows Service that manages the backups like CrashPlan. Cold Storage uses Amazon Glacier as a store. This means that it takes approximately 3-5 hour to restore from Cold Storage. I don't see that as a problem for backup.

My CrashPlan backup was about 400GB so it's going to take a while to backup all that to Zoolz but it's chugging along just fine.

As a backstop I've signed up for CrashPlan for Small Business at 75% discount for a year.


Sunday, January 28, 2018

WOA, Again

I've blogged a couple of times (here and here) about the emergence of ARM in the (formerly) Wintel world (known as Windows On ARM - WOA). It's coming faster than even I expected.

We all try to forget about the ill-fated Windows RT devices. I hope you didn't buy one.

But now...

At the recent Microsoft Windows Hardware Engineering Community (WinHEC) event in Shenzhen, China Qualcomm announced Windows 10 devices powered by their Snapdragon processors.

They promised three big capabilities:
  • The screen turns on "instantly"
  • LTE is built right in
  • The battery can last for days
This isn't another Windows RT variant. Windows 10 on ARM will support Universal Windows Platform (UWP) apps and Win32 apps in the Windows Store, as well as existing Win32 apps.

That pretty much means everything.

HP, Asus, and Lenovo have already announced Windows 10 devices running on Snapdragon processors.

In one of his podcasts, Brad Sams described it this way:
This is kinda like Day 1 of the new generation of Windows-based machines.
Here we go!

Sunday, January 21, 2018

Windows 10 Rant

I haven't had a good rant in a long time. And it's not that I dislike Windows 10. And it's not that I don't like Windows 10 upgrading (different than updating) regularly.

Remember back in a previous post I enumerated the various versions of Windows 10. There's been more since then and a commitment (threat) from Microsoft for 2 per year.

In that post I noted 2 issues with the Anniversary Update (1607). They have continued with the Creators Update (1703).

I'll try to recap the things to look out for as Microsoft leads us down this trail.

Microsoft will silently remove drivers and software that they think aren't compatible with the new version of Windows. I have had my video drivers removed twice including the non-driver program used to update the drivers. Most recently they removed my VNC service. Microsoft admitted to the EU that they remove third party antivirus in certain conditions. I understand why in some cases that these actions are necessary but please don't do them SILENTLY.

Microsoft twice has reset password network protected sharing. I don't see that that has anything to do with a new version of Windows.

Microsoft has turned off System Restore. You find this missing at the worst possible time when you need to fall back to a known good state. You can turn it back on but still...


Sunday, January 14, 2018

One More Log on the Fire

If you're a regular reader you'll know that I'm a proponent of using Windows Defender as my anti-virus. While that it's free is a big factor for me, that it doesn't introduce new vulnerabilities into Windows is even bigger.

I've discussed that here, here and here.

In Microsoft's announcement of their patches for Meltdown and Spectre they included the following:
Note: Customers will not receive the January 2018 security updates (or any subsequent security updates) and will not be protected from security vulnerabilities unless their antivirus software vendor sets the following registry key:
Read that again.

If your anti-virus vendor doesn't set a new registry key you will NEVER get another security update.

Now, certainly mainstream anti-virus vendors quickly complied.

But what that means is that mainstream anti-virus vendors have been using non-public kernel calls.

Don't do that.

Further if you don't run any anti-virus you must manually set that registry key or you will NEVER get another security update.
In cases where customers can’t install or run antivirus software, Microsoft recommends manually setting the registry key as described below in order to receive the January 2018 security updates.
There's a pertinent blog post here.

Sunday, January 07, 2018

The World Revolves Around Memphis

Chrome 63 is forcing all domains ending on .dev to be redirected to HTTPS via a preloaded HTTP Strict Transport Security (HSTS) header. This may impact organizations that have been using .dev TLD privately for their own development teams.

Now most of us don't have to worry about that but it reminded me of a situation I had encountered at a former company.

My company had acquired another company. They were using an address space for their internal TCP/IP network that was routable but didn't belong to them. Obviously they weren't connected to the Internet.

They also had an internal DNS server that used their company's initials as a TLD. Needless to say that weren't the owner of the TLD.

Yeah, it took us a while to integrate them into our network.

But that was just the start.

As we were upgrading SAP worldwide we changed the GUI to use DNS rather than a hard-coded IP address. Then we pushed that change worldwide.

Then the SAP Basis team changed the target of the DNS name and watched for fallout.

Europe failed and was quickly addressed by updating our European DNS server.

But oddly, seemingly random US facilities were also failing.

We finally discerned that these were all facilities of the former company.

The on-site LAN admins determined that the locations' PCs had their DNS pointing to the former company's servers. Obviously they hadn't been updated.

When I reached out to management at the former company he responded that "You act like the world revolves around Memphis."

My response was "When it comes to DNS, it does."

Those were the good old days.