Windows 10 News and info | Forum
November 23, 2020, Loading... *
Welcome, Guest. Please login or register.

Login with username, password and session length
News: This is a clean Ad-free Forum and protected by StopForumSpam, Project Honeypot, Botscout and AbuseIPDB | This forum does not use audio ads, popups, or other annoyances. New member registration currently disabled.
 
  Website   Home   Windows 8 Website GDPR Help Login Register  
By continuing to use the site or forum, you agree to the use of cookies, find out more by reading our GDPR policy.
Pages: [1] 2 3 ... 10
 1 
 on: Today at 01:47:00 PM 
Started by javajolt - Last post by javajolt


Windows 10's PowerToys tool is a great way to customize your Windows experience. It comes with options to optimize app windows for big monitors and to preview new image types in File Explorer, and more.

In this article, we're highlighting the key features of PowerToys that you should try to boost your Windows 10 experience.

Image Resizer

One of the best features of PowerToys is a Windows shell extension called 'Image Resizer' that allows you to resize your images directly from the context menu.



As shown in the above screenshot, you can right-click on selected image files in File Explorer and then click on  'Resize pictures' option to reduce its size based on your input. You can change the compression value for each image resolution and close the app to compress the image again.

You can even resize images by dragging and dropping your selected files with the right mouse button.

Windows File Explorer's preview pane

PowerToys also allows you to extend the capabilities of File Explorer's preview pane by enabling a quick preview of SVG images and Markdown documents. The app is using preview handlers to show a lightweight, rich, read-only preview of the file's contents in the view's reading pane.



Microsoft is planning to further expand the preview pane of the File Explorer and enable support for additional file types in the future.

In fact, you can create your own custom preview handler by following Microsoft's documentation.

Replace slow Windows Search with PowerToys

Windows Search experience could be slow when it mixes results from the Bing search engine. You can fix this by disabling Bing in Windows Search, but there's a new tool within PowerToys that allows you to restrict search results to local drives only.

PowerToys Run allows you to launch apps faster than using the Windows Start menu. It works like Windows Run, but it has a user-friendly interface with a proper GUI for navigation.



PowerToys Run also comes with auto-completion and suggestions while typing. Microsoft has even added a context menu that allows you to find the location of the file or run it with administrator privileges.

To launch the new search experience, use the Win+Space shortcut, but Microsoft allows you to override the Win+R or Win+S key combos using PowerToys keyboard manager.

Windows 10 Color Picker

PowerToys also comes with a tool called 'Color Picker Tool' that basically lets you click on any portion of the screen to obtain the selected area's hexadecimal or RGB color code.



You can activate the color picker mode using its "activation shortcut". You can also configure the keyboard shortcut in the Settings.

List of features that work with Color Picker:

   • Color picker appears when activation shortcut pressed (configurable in the settings)

   • Color picker follows the mouse cursor and shows the actual color that is below the cursor

   • Scroll up will cause Zoom Window to open for a better color picking precision

   • Left mouse click will copy that color into a clipboard in a predefined format (setting)

   • Changes cursor when picking a color (can be turned off)

   • Color picker is multimonitor/multi DPI-aware. It respects monitors' boundaries and stays always in the view
      (predefined safe zones in the top, bottom, left, right sides of a monitor).

Modify Keyboard shortcuts

PowerToys includes Keyboard Manager, which allows you to remap individual keys on your keyboard to another key.



You can also remap existing keyboard shortcuts.

Batch Renamer Tool

Microsoft has also updated the PowerToys toolset with a utility named PowerRename that allows you to batch rename large file collections. This is also the Windows Shell Context Menu extension and it enables advanced bulk renaming using a simple search and replaces feature or more powerful regular expression matching.



To use this feature, you need to select the files and then click on the batch rename tool option in the context menu.

You can try the aforementioned features by downloading PowerToys from here.

Upcoming PowerToys feature

Microsoft is currently prototyping an idea for a tool that will help you create simple GIFs and videos. The feature is currently in the early stage of development and is expected to begin rolling out sometime next year.

Microsoft is also working on a new PowerToys utility that uses global microphone mute API in Windows and virtual driver for the webcam to stop broadcasting the video and the audio with keyboard shortcuts.

source

 2 
 on: Today at 10:49:04 AM 
Started by javajolt - Last post by javajolt
This might not come as a surprise to some people living in China, or to those who make a living by following the goings-on of the wireless world, but there is a good case for calling Huawei the most innovative outfit in this realm. The company's Mate series phones are traditionally one of the top technologically based smartphones in the world each year. However, the powerful 5nm chips it designed for this year's Mate 40 line can no longer be shipped to the company because of a new U.S. export rule. The rule bans foundries like TSMC from shipping cutting-edge chips to Huawei without a license if said chips were produced using American technology.

Huawei is arguably the most innovative company in the world this year

An industry report cited by the South China Morning Post states that from the beginning of this year through the end of October, Huawei filed 8,607 patent applications related to wireless technology. That put the firm at the top of the pack, well ahead of San Diego, California-based chip designer Qualcomm; the latter sought 5,807 patents during the same January to October time period. Chinese smartphone manufacturer Oppo was third with 5,353 patent applications. Database provider incoPat, headquartered in Beijing, is responsible for the data used to compile the list.


Huawei is expected to be the leading provider of 5G base stations this year
According to incoPat, both China and the U.S. led the way with each making up 32% of the patents filed from January through October. Japan was next with 15% followed by the 7% submitted by South Korea. IncoPat says that the information it uses comes from patent filings available to the public in the field of wireless communications. This includes patents filed to protect inventions related to 5G technology. The report issued by incoPat notes "As a key area of modern communications, wireless communication network technology has always been a very important part in the 5G research and development process. With the new technological competition and new globalization situation, wireless communication network technology is becoming an important strategic choice for enterprises to face international competition."

5G is the next generation of wireless connectivity and the countries that control 5G will have an advantage economically. That is why, seeing how innovative Huawei is and not wanting to be left behind, back in June the U.S. Commerce Department amended the entity list ruling that prevents Huawei from working and doing business with U.S.-based firms. Now, American tech companies are allowed to work alongside Huawei to help create global 5G standards. The U.S. feared that being left out of the meetings attended by Huawei would hold the U.S. back in terms of the development of 5G.

Huawei is also the leader in helping the 3GPP develop standards for 5G. 3GPP (the 3rd Generation Partnership Project) is a term that covers standards organizations that help create protocols for mobile telecom. After Huawei, Ericsson and Qualcomm provide the most contributions to 3GPP for 5G standards. According to SCMP, this year 3GPP completed its next set of standards for 5G which include possible applications for 5G such as autonomous driving, smart factories, and remote surgery.

Earlier this month, China's Ministry of Industry and Information Technology (MIIT) said that the country has built nearly 700,000 base stations in 2020 topping its original target of 500,000 for the whole year. As the world's leading provider of networking equipment, Huawei is also an important supplier of 5G base stations. In fact, published reports indicate that Huawei will replace Ericsson this year to become number one in 5G base stations. Ericsson is expected to see its market share decline from 30% last year to 26.5% in 2020. Huawei, on the other hand, should see its 5G base station share rise from 27.5% last year to a leading 28.5% in 2020. That is, along with as it can find enough 5nm Kirin 9000 chipsets to power these base stations. As we mentioned earlier in this article, the U.S. is preventing Huawei from receiving cutting-edge chips from TSMC.

source

 3 
 on: Today at 10:18:30 AM 
Started by javajolt - Last post by javajolt
What do Cristiano Ronaldo, Bruno Mars, and Windows have in common? They're all 35 years old. It is three and a half decades since Microsoft Windows 1.0 was unleashed upon an unsuspecting world.

Tottering atop MS-DOS, Windows 1.0 was released on 20 November 1985. A graphical multitasking shell, it would usher in an era of dominance on the PC that lingers on today. The secret sauce was IBM support, which brought a huge chunk of the business world along, for better or worse.

Not that dominance was a sure thing back then. Windows 1.0 was by no means the only game in town: this hack has fond memories of GEM (Graphics Environment Manager) which turned up in computers from Amstrad to the Atari ST. At the time Windows was one among many, and it would take a good few iterations before the 3.x line began to dominate.

First shown off two years previously, Windows 1.0 would run on 256KB of RAM and a pair of floppy drives (later versions would require a hard disk) and, most significantly, require the user to move a mouse-pointer to make things happen in the 16-bit shell.

At least 512KB was needed before performance improved beyond dragging Notepad through treacle. Windows 1.0 also suffered from an initial paucity of apps, with the likes of Calculator and Paint coming in the box while many MS-DOS applications would fire up in full-screen mode. The GUI also insisted on tiling the windows - no overlapping was allowed other than dialogs.

After a number of incremental improvements, Windows 1.0 was replaced by Windows 2.0 in 1987, although it lingered on until support for it (as well as versions 2.0 and 3.0) ended in 2001.

Golden goose

Windows was the mainstay of Microsoft profits in the 90s, thanks to some sharp elbows on the OEM front from its legal department. The money rolled in, and Redmond wanted more.

When smarter mobile phones started kicking off in the late 90s, Microsoft made its first of many failed attempted to break into the mobile market with Windows CE or WinCE as it became known. It didn't last long, despite some notable handsets, but Microsoft kept trying.

Enthused by then-CEO Steve Ballmer, who had originally dismissed the iPhone, Microsoft tried again with Windows Phone 7, launched in 2010. Despite excellent hardware from Nokia, which Redmond bought and then gutted, the OS never caught on with developers, and a lack of backward compatibility with the new kit killed demand.

As for tablets, Redmond first dipped Windows' toe into the market in 2003 with the Microsoft Tablet PC. Redmond has kept up its interest in this area - and the latest Surface fondle slabs are very nice, if expensive, pieces of kit.

Now Windows has evolved into a cloud operating system and is maintaining its position in the mainstream. Microsoft has managed to make the transition from in-box code to cloud better than most, albeit a bit late.

Ray Ozzie, hired as Microsoft's cloud guru in 2006, saw the writing on the wall and warned Redmond that Windows would have to get cloudy. He was forced out, although not before founding Azure, the smart folks took note - not least Satya Nadella, who is cloud to the core.

Better than DOS

It seems odd that senior Windows coders now weren't even a glint in the milkman's eye when the first build of the OS came into being. But the effect of the operating system is undeniable.

Looking back, Windows 1.0 was a curiosity in spite of the enthusiasm for the product by Microsoft boss, Bill Gates. Business users were content to stick with DOS while consumers looked to alternatives, including the likes of Atari or Commodore, for their home computing fun.

However, Windows 1.0 marked a change for Microsoft and an attempt to focus more on applications. APIs for video and mouse hardware moved things on from the DOS environment and PC software and hardware makers would flock to the platform as the decades rolled by. For better or for worse.

Windows is, for many, a daily part of life. And so join us in a celebratory (or commiseratory) toast to the 35th anniversary of the arrival of the very first version. ®

source

 4 
 on: Today at 01:08:21 AM 
Started by javajolt - Last post by javajolt
The Go SMS Pro texting app has over 100 million installations from the Google Play Store, but popularity doesn’t matter: You need to stop using it and delete it from your phone now. Cybersecurity firm Trustwave recently discovered a major security loophole in the app that makes all photos, videos, and other media attachments you’ve sent through the app publicly accessible.

(That’s very bad.)

Here’s what’s happening: All media files that you send via Go SMS Pro are saved to a server and assigned a URL. Those URLs are not secured in the slightest, making them accessible to anyone else who knows the correct URL.

However, the files are also sequentially ordered, so you can access other media files that Go SMS Pro hosts by editing any regular hyperlink. Using this method, TechCrunch found sensitive financial information, home addresses, transaction receipts, and explicit photos that had been sent through the app. Also, these links aren’t restricted to Go SMS Pro users: anyone who knows the URL scheme of one link could easily extrapolate to find more.

That’s a huge privacy issue, but what’s most alarming is that Go SMS Pro’s developers don’t appear to be rushing to fix the problem. Trustwave immediately notified the developers of the issue in August 2020, but no one responded. The firm made four more unsuccessful attempts before disclosing the flaw publicly. TechCrunch and The Verge also sent emails to the developer, but the messages were either ignored or returned to the sender due to “full inboxes.” The Verge also discovered the website listed on the app’s Play Store listing doesn’t load.

Should you trust Go SMS Pro’s developer? For these reasons, the app checks all of our do not recommend boxes. If you’re one of the many millions of people who have already installed it, stop using the app and delete it—and tell any contacts who use it to do the same. There’s nothing you can do about media files you’ve already sent using the app, unfortunately.

Here are a few quick alternatives for messaging apps you can try:

   ■ The simplest option is to revert to the default messaging app on your phone, such as Google
      Messages or Samsung Messages.

   ■ WhatsApp and Facebook Messenger are basically the same chat service at this point, and both can
      work as your default texting app, too. They can also connect to your Instagram DMs if you update
      your Instagram app, and you have the option to encrypt your conversations.

Then there are the apps that focus on privacy first, like Signal, Telegram, and Viber, which offer features like end-to-end encryption, including the best auto-deletion settings for texts and media attachments. These are much better choices when you need to text sensitive information or files; definitely avoid Go SMS Pro.

source

 5 
 on: November 22, 2020, 04:26:37 PM 
Started by javajolt - Last post by javajolt


If you are running into issues with Windows 10 20H2, otherwise known as the October 2020 Update, this guide will explain how to roll back to your previous version of the operating system.

When upgrading to the Windows 10 20H2 feature update, one of two methods will be used depending on what version of Windows 10 is being upgraded.

If users are upgrading from Windows 10 1909 or older, then Windows 10 20H2 will be installed as a full update, which can only be rolled back within 10 days of being installed.

On the other hand, if a user was running Windows 10 2004, Windows 10 20H2 will be installed via an 'enablement package' that turns on features already part of the operating system but are turned off.

How you upgraded to Windows 10 20H2, though, determines how you can uninstall and roll back to a previous version of Windows. Below, we have provided two different methods to uninstall Windows 10 20H2, the October 2020 Update, depending on your previously installed version.

How to uninstall Windows 10 20H2 and rollback to v2004

If you upgrade to Windows 10 20H2 from Windows 10 2004, you would have done so through a small enablement package that enables features already installed on the operating system.

You can uninstall the Windows 10 20H2 enablement package to roll back to Windows 10 2004 by following these steps:

   1. Go to Start > Settings > Update & Security > Windows Update >
       View update history > Uninstall Updates, as shown below.


View update history settings page

   2. When the 'Uninstall an update' screen opens, search for the "Feature Update to Windows 10 20H2
        via Enablement Package (KB4562830)' update and left-click on it once, so it's selected.

Once you click on it, and Uninstall button will be displayed that you should click on to uninstall Windows 10 20H2.


Uninstall the KB4562830 Windows 10 20H2 enablement package

   3. After clicking on the Uninstall button, you will be asked if you are sure you wish to "Uninstall this
       update." Click on the Yes button to continue.

   4. You will now be shown a small dialog box that asks you to wait while the enablement package is
       uninstalled.


Waiting while Windows 10 20H2 is uninstalled

   5. When it has finished uninstalling, you will be prompted to restart Windows 10. Click on the
       Restart Now button to continue.


Prompt to restart Windows 10

After Windows restarts, Windows 10 20H2 will be uninstalled, and you will be back at Windows 10 2004.

How to uninstall Windows 10 20H2 and rollback to v1909 or older

If you upgraded to Windows 10 20H2 from Windows 10 2009 or older, then a full update was used to install the new operating system.

It should be noted that you can only uninstall Windows 10 20H2 and roll back to a previous version if you are within ten days of installing the feature update. If it has been 10 days or later, the 'Get started' button will be grayed out, and you will not be able to select it.

If you wish to uninstall Windows 10 20H2, you can use the following steps:

   1. Go to Start > Settings > Update & Security > Recovery.

   2. At the recovery screen, click on the 'Get started' button under 'Go back to the previous
       version of Windows 10.'


Recovery settings screen

   3. You will now be asked why you are uninstalling Windows 10 20H2. This information is sent to
       Microsoft so they can learn what problems people are having. When ready, click on the Next
       button.


Why are you uninstalling Windows 10 20H2 screen

   4. As a final, last-ditch effort to keep you on Windows 10 20H2, you will be asked to check for new
       updates and see if that fixes the problem. If you wish to continue rolling back to the previous
       version, click on the 'No, thanks' button.


Checking for new updates screen

   5. You will now be at a screen with instructions on how the uninstall works and what you may have to
       do after. When ready, click on the Next button.


Last-minute instructions screen

   6. You will now be prompted to make sure you know your password as you will need it to login after
       the uninstall. Press the Next button to continue.


Reminder to make sure you know your password

   7. Finally, you will be thanked for trying the new build and prompted to continue with the uninstall of
       Windows 10 20H2. If you continue, the computer will be rebooted, and Windows 10 20H2 will be
       uninstalled.

After rebooting, you will now be rolled back to your previous version of Windows 10.

source

 6 
 on: November 22, 2020, 03:45:35 PM 
Started by javajolt - Last post by javajolt
Windows 10 has introduced a new ‘Windows as a Service’ model whereby your device will be updated frequently with fixes, improvements, and new features. Microsoft is now rolling out a new compatibility update to devices that are not ready to receive the latest upgrade from Microsoft.

Microsoft is currently rolling out the Windows 10 October 2020 Update to users gradually and it plans to release another feature update in 2021. As you’re likely aware, whenever a new Windows 10 update is around the corner  – which happens twice a year – Microsoft begins deploying compatibility updates.

Yesterday, Microsoft started rolling out Windows 10 KB4023057 to users with version 2004 or newer. Only some users are receiving it currently, but others might get it in the coming weeks or after a few months.

In an update to its support document, Microsoft said that this patch will try to take several steps to prepare your device and check its compatibility with Windows 10 updates. For example, it will attempt to free up your disk space by clearing the temporary files if you do not have enough disk space.

Microsoft will add additional files and resources to Windows 10 installation to “make sure that updates are installed” smoothly on your device. In addition, Windows 10 KB4023057 for version 2004 will also improve the reliability and security of devices.

Here’s a list of changes this patch could make to your system:

   • Reset your network settings automatically if problems are detected.

   • Reset your Windows Registry: Any keys that may be preventing updates from being installed will be
      clean up.

   • Disable, repair, or modify Windows components responsible for Windows Update.

   • Compress files in your profile directory.

   • Reset Windows Update database.

Microsoft confirmed that the patch will still respect your Windows Update configurations like the active hours. Also, the patch might clear your Windows Update history if it attempts to repair Windows Update components.

source

 7 
 on: November 21, 2020, 08:28:06 PM 
Started by javajolt - Last post by javajolt
Privacy advocates have been complaining for years about telemetry on Windows 10, forcing Microsoft to make a number of concessions to satisfy regulators.

It turns out one of the alternatives, switching to Apple’s macOS, may simply be moving from the frying pan into the fire.

A recent incident where Apple’s OCSP (Online Certificate Status Protocol) was overwhelmed revealed to even casual users that Apple knows exactly which apps are running on your macOS laptop. During the partial outage, apps were very slow to launch or refused to launch at all, as the OS struggled to check the certificate of the apps against Apple’s revocation list.

Security Jeffrey Paul writes that this issue is simply the tip of the iceberg. On macOS Big Sur Apple does not only have control over which apps you run but also:

• the communication reveals your IP address, location, and usage patterns.

• the information is sent plain-text, meaning 3rd parties (e.g. NSA or Chinese firewall)  have access to the same information.

• the telemetry can not be blocked, as macOS Big Sur does not allow user-level firewalls or VPNs to access system communication.

• Apple’s new ARM-based PCs can only run macOS Big Sur, and can not be downgraded to less encumbered operating systems.

Jeffrey Paul explains:

Quote
On modern versions of macOS, you simply can’t power on your computer, launch a text editor or eBook reader, and write or read, without a log of your activity being transmitted and stored. It turns out that in the current version of the macOS, the OS sends to Apple a hash (unique identifier) of each and every program you run when you run it. Lots of people didn’t realize this, because it’s silent and invisible and it fails instantly and gracefully when you’re offline, but today the server got really slow and it didn’t hit the fail-fast code path, and everyone’s apps failed to open if they were connected to the internet. Because it does this using the internet, the server sees your IP, of course, and knows what time the request came in. An IP address allows for coarse, city-level, and ISP-level geolocation, and allows for a table that has the following headings: Date, Time, Computer, ISP, City, State, Application Hash; Apple (or anyone else) can, of course, calculate these hashes for common programs: everything in the App Store, the Creative Cloud, Tor Browser, cracking or reverse engineering tools, whatever.

This means that Apple knows when you’re at home. When you’re at work. What apps you open there, and how often. They know when you open Premiere over at a friend’s house on their Wi-Fi, and they know when you open Tor Browser in a hotel on a trip to another city. “Who cares?” I hear you asking. Well, it’s not just Apple. This information doesn’t stay with them: These OCSP requests are transmitted unencrypted. Everyone who can see the network can see these, including your ISP and anyone who has tapped their cables. These requests go to a third-party CDN run by another company, Akamai. Since October of 2012, Apple is a partner in the US military intelligence community’s PRISM spying program, which grants the US federal police and military unfettered access to this data without a warrant, any time they ask for it. In the first half of 2019 they did this over 18,000 times, and another 17,500  times in the second half of 2019.

This data amounts to a tremendous trove of data about your life and habits and allows someone possessing all of it to identify your movement and activity patterns. For some people, this can even pose a physical danger to them. Now, it’s been possible up until today to block this sort of stuff on your Mac using a program called Little Snitch (really, the only thing keeping me using macOS at this point). In the default configuration, it blanket allows all of this computer-to-Apple communication, but you can disable those default rules and go on to approve or deny each of these connections, and your computer will continue to work fine without snitching on you to Apple. The version of macOS that was released today, 11.0, also known as Big Sur has new APIs that prevent Little Snitch from working the same way. The new APIs don’t permit Little Snitch to inspect or block any OS-level processes. Additionally, the new rules in macOS 11 even hobble VPNs so that Apple apps will simply bypass them.

Lois Rossman explains the issue equally eloquently in his video below:



Apple responded to the Furore by saying:

Quote
Gatekeeper performs online checks to verify if an app contains known malware and whether the developer’s signing certificate is revoked. We have never combined data from these checks with information about Apple users or their devices. We do not use data from these checks to learn what individual users are launching or running on their devices.

Notarization checks if the app contains known malware using an encrypted connection that is resilient to server failures.

These security checks have never included the user’s Apple ID or the identity of their device. To further protect privacy, we have stopped logging IP addresses associated with Developer ID certificate checks, and we will ensure that any collected IP addresses are removed from logs.

The news makes rather a joke of Apple’s claims to put user privacy first.

source

 8 
 on: November 21, 2020, 05:05:37 PM 
Started by javajolt - Last post by javajolt
Amid concern that macOS logs app usage in real-time, Apple issues assurances.

Last Thursday afternoon, Mac users everywhere began complaining of a crippling slowdown when opening apps. The cause: online certificate checks Apple performs each time a user opens an app not downloaded from the App Store. The mass upgrade to Big Sur, it seems, caused the Apple servers responsible for these checks to slow to a crawl.

Apple quickly fixed the slowdown, but concerns about paralyzed Macs were soon replaced by an even bigger worry—the vast amount of personal data Apple, and possibly others, can glean from Macs performing certificate checks each time a user opens an app that didn’t come from the App Store.

For people who understood what was happening behind the scenes, there was little reason to view the certificate checks as a privacy grab. Just to be sure, though, Apple on Monday published a support article that should quell any lingering worries. More about that later—first, let’s back up and provide some background.

Meet OCSP

Before Apple allows an app into the App Store, it must first pass a review that vets its security. Users can configure the macOS feature known as Gatekeeper to allow only these approved apps, or they can choose a setting that also allows the installation of third-party apps, as long as these apps are signed with a developer certificate issued by Apple. To make sure the certificate hasn’t been revoked, macOS uses OCSP—short for the industry-standard Online Certificate Status Protocol — to check its validity.

Checking the validity of a certificate—any certificate—authenticating a website or piece of software sounds simple enough, but it has long presented problems industrywide that aren’t easy to solve. The initial means was the use of certificate revocation lists, but as the lists grew, their size prevented them from working effectively. CRL gave way to OCSP, which performed the check on remote servers.

OCSP, it turned out, had its own drawbacks. Servers sometimes go down, and when they do, OCSP server outages have the potential to paralyze millions of people trying to do things like visit sites, install apps, and check email. To guard against this hazard, OCSP defaults to what’s called a “soft fail.” Rather than block the website or software that’s being checked, OCSP will act as if the certificate is valid in the event that the server doesn’t respond.

Somehow, the mass number of people upgrading to Big Sur on Thursday seems to have caused the servers at ocsp.apple.com to become overloaded but not fall over completely. The server couldn’t provide the all-clear, but it also didn’t return an error that would trigger the soft fail. The result was huge numbers of Mac users left in limbo.

Apple fixed the problem with the availability of ocsp.apple.com, presumably by adding more server capacity. Normally, that would have been the end of the issue, but it wasn’t. Soon, social media was awash in claims that the macOS app-vetting process was turning Apple into a Big Brother that was tracking the time and location whenever users open or reopen any app not downloaded from the App Store.

Paranoia strikes deep

The post Your Computer Isn’t Yours was one of the catalysts for the mass concern. It noted that the simple HTML get-requests performed by OCSP were unencrypted. That meant that not only was Apple able to build profiles based on our minute-by-minute Mac usage but so could ISPs or anyone else who could view traffic passing over the network. (To prevent falling into an infinite authentication loop, virtually all OCSP traffic is unencrypted, although responses are digitally signed.)

Fortunately, fewer alarmist posts like this one provided more helpful background. The hashes being transmitted weren’t unique to the app itself but rather the Apple-issued developer certificate. That still allowed people to infer when an app such as Tor, Signal, Firefox, or Thunderbird was being used, but it was still less granular than many people first assumed.

The larger point was that, in most respects, the data collection by ocsp.apple.com wasn’t much different from the information that already gets transmitted in real-time through OCSP every time we visit a website. To be sure, there are some differences. Apple sees OCSP requests for all Mac apps not downloaded from the App Store, which presumably is a huge number. OCSP requests for other digitally signed software go to hundreds or thousands of different certificate authorities, and they generally get sent only when the app is being installed.

In short, though, the takeaway was the same: the potential loss of privacy from OCSP is a trade-off we make in an effort to check the validity of the certificate authenticating a website we want to visit or a piece of software we want to install.

Apple speaks

In an attempt to further assure Mac users, Apple on Monday published this post. It explains what the company does and doesn’t do with the information collected through Gatekeeper and a separate feature known as notarization, which checks the security even of non-App Store apps. The post states:

Quote
Gatekeeper performs online checks to verify if an app contains known malware and whether the developer’s signing certificate is revoked. We have never combined data from these checks with information about Apple users or their devices. We do not use data from these checks to learn what individual users are launching or running on their devices.

Notarization checks if the app contains known malware using an encrypted connection that is resilient to server failures.

These security checks have never included the user’s Apple ID or the identity of their device. To further protect privacy, we have stopped logging IP addresses associated with Developer ID certificate checks, and we will ensure that any collected IP addresses are removed from logs.


The post went on to say that in the next year, Apple will provide a new protocol to check if developer certificates have been revoked, provide “strong protections against server failure,” and present a new OS setting for users who want to opt-out of all of this.

The controversy over behavior that macOS has been doing since at least the Catalina version was introduced last October underscores the tradeoff that sometimes occurs between security and privacy. Gatekeeper is designed to make it easy for less experienced users to steer clear of apps that are known to be malicious. To make use of Gatekeeper, users have to send a certain amount of information to Apple.

Not that Apple is completely without fault. For one thing, developers haven’t provided an easy way to opt-out of OCSP checks. That has made blocking access to ocsp.apple.com the only way to do that, and for less experienced Mac users, that’s too hard.

The other mistake is relying on OCSP at all. Because of its soft fail design, the protection can be overridden, in some cases purposely by an attacker or simply due to a network failure. Apple, however, is hardly alone in its reliance on OCSP. A revocation method known as CRLite may ultimately provide a solution to this failure.

People who don’t trust OCSP checks for Mac apps can turn them off by editing the Mac hosts file. Everyone else can move along.

source

 9 
 on: November 21, 2020, 04:43:19 PM 
Started by javajolt - Last post by javajolt
Microsoft is currently testing its video game streaming service to PCs with Windows 10 Insiders.

We saw some footage of the service the other day, playing Streets of Rage, and today we have another look, with No Man’s Sky being streamed to a PC.

Game developer Simone Franco posted the video and reports it works much better than Google Stadia.





Previous testers have reported no detectable latency due to the service.

The service, which is expected to debut some time next year, should allow Windows users with average to under-powered hardware to finally experience triple-A titles at the quality they were intended.

source

 10 
 on: November 20, 2020, 12:48:03 PM 
Started by javajolt - Last post by javajolt


If you need to force a frozen or buggy application to close in Windows 10, you can end a task easily using Windows’ built-in Task Manager utility. Here’s how to do it.

First, open Task Manager. To do so, right-click the taskbar and select “Task Manager” from the pop-up menu. Alternately, you can press Ctrl+Shift+Escape to open it, or press Ctrl+Alt+Delete and select “Task Manager” from the screen that appears.



If Task Manager opens in simple mode and you see the name of the task you’d like to end listed, simply select the app name from the list and click the “End Task” button.

Warning: If you end a task without first saving your work you could lose data. It’s best to close the application normally, if possible.



The task will end. If the task isn’t listed in simple mode or if you’d like to take a deeper look at what’s going on first, click the “More Details” button.



After expanding Task Manager to show more details, you’ll see a list of processes (programs running on your computer) with information about how much CPU, memory, disk activity, and network bandwidth they are using.

In the list of processes, select the task you’d like to force to quit, then click the “End Task” button in the lower-right corner of the window.

Warning: You could lose unsaved work in an application if you end the task without saving your work. Additionally, you can use this window to end important operating system tasks. If you do, Windows may behave unusually until you reboot it.



After that, the program will close. If you find yourself frequently sending the task of a particularly troublesome app, consider updating the app or Windows itself, both of which might solve an underlying bug that is causing the problem. Good luck!

source

Pages: [1] 2 3 ... 10
Powered by SMF 1.1.21 | SMF © 2017, Simple Machines

Google visited last this page Today at 04:44:28 PM