Microsoft has begun testing a new Windows 11 tool called Quick Machine Recovery, which is designed to remotely deploy fixes for buggy drivers and configurations that prevent the operating system from starting.

The tool is part of Microsoft's Windows Resiliency Initiative, an effort to enhance system stability and reduce downtime by introducing automated tools and features to detect, diagnose, and fix critical failures in Windows 11.

"With system failures, devices can sometimes get stuck in the Windows Recovery Environment (Windows RE), severely impacting productivity and often requiring IT teams to spend significant time troubleshooting and restoring affected machines," explains Microsoft.

"With quick machine recovery, when a widespread outage affects devices from starting properly, Microsoft can broadly deploy targeted remediations to affected devices via Windows RE—automating fixes and quickly getting users to a productive state without requiring complex manual intervention."

On Friday, Microsoft released the Quick Machine Recovery to Windows Insider Preview Beta Channel, so Insiders can start testing the tool.

When enabled and a new driver or configuration change prevents Windows 11 from properly starting, the operating system will boot into the Windows Recovery Environment and automatically launch the Quick Machine Recovery Tool.

This tool will connect to the Internet through ethernet or Wi-Fi and send crash data to Microsoft's servers. Based on the analysis of this data, Microsoft can remotely apply fixes such as removing problematic drivers or updates and changing configuration settings.

This new tool comes in response to the faulty CrowdStrike update that caused millions of Windows devices worldwide to suddenly crash with a Blue Screen of Death (BSOD) and enter reboot loops in July 2024.

To remove the bad update, Windows admins were forced to boot into the Windows Recovery Environment or Safe Mode and manually delete the driver so their Windows devices could boot normally.

With a tool like Quick Machine Recovery, Microsoft could have pushed out a fix that removed the driver and brought machines back online far more easily and quickly.

Microsoft says this feature will eventually be enabled by default in Windows 11 Home. The enterprise will be able to customize how the tool works in Windows 11 Pro and Enterprise through RemoteRemedation CSP or directly on the device via reagentc.exe.

The tool can also be preconfigured with network credentials to make it easier to deploy fixes and configure how often problematic PCs reach out to Microsoft's servers for a fix.

Microsoft will release a test remediation package in a few days, allowing Insiders to test the feature live.

source

Windows 11 users fight back against Microsoft as they find a new way to make local accounts

■ A workaround has been found to bypass needing a Microsoft account on Windows 11.

■ By pressing Shift + F10 during setup, users can input "start ms-cxh:localonly" to create a local account.

■ Education/Enterprise/IoT Enterprise/LTSC editions still allow skipping the Microsoft account requirement.

Only yesterday did we see that Microsoft was trying to close off loopholes that allowed people to log into Windows 11 using a local account. The change would force people to use a Microsoft account, which wasn't ideal for people who didn't want to associate their Windows login with an online account. Well, if you're part of that group, you're in luck; someone has already discovered a way to get around the restriction.

Someone finds a new way to ditch the Microsoft account on Windows 11

As spotted by Windows Central, user @witherornot1337 on X showed off a new way of dodging around the Windows account requirement, confirming that it works even on the newest build of Windows 11. During setup, all you need to do is press Shift + F10, then type "start ms-cxh:localonly" into the console that appears. You should then get the option to create a local account.



@witherornot1337 goes on to say that "Education/Enterprise/IoT Enterprise/LTSC editions all still have the option to skip internet connection." Sure enough, if you set up Windows 11 using one of those editions, you get a handy "I don't have internet" button that skips needing to make a Microsoft account. Might be ideal for people who don't want to keep going through this rigamarole every time Microsoft shuts off a method.

source

Update: Republished on March 31 with a new report into the dangers of secure messaging in the workplace and a twist on WhatsApp versus Signal.

The secure messaging apps on your phone are dangerous. Not because their own security measures are vulnerable to attack — although that does happen, but because their security is only as good as your behavior. And millions of iPhone and Android users don’t realize that simple mistakes can open your phone to attack.

That was the crux of the NSA’s warning that has now been made public and which has been headlined as a Signal vulnerability in the wake of Trump officials inadvertently inviting a journalist onto a sensitive group chat. But it’s not. It’s a user vulnerability. The NSA notification is a warning to change messaging settings. Nothing more.

The NSA warning last month was prompted by Google’s Threat Intelligence Group discovering Russia’s GRU was tricking Ukrainian officials into opening access to their Signal accounts, allowing the Russians to listen in. This wasn’t a Signal flaw — the app was working as intended. And it wasn’t limited to Signal. Google warned “this threat also extends to other popular messaging applications such as WhatsApp and Telegram.”

The two “vulnerabilities” relate to features in both Signal and WhatsApp that make them easier to use. Linked Devices and Group Links. The first enables you to sync and access your secure messaging apps on all your eligible devices. The second provides a simple way for you to invite new members into a group chat by sending them a link, rather than adding them one-by-one from within the group.

The Group Link threat only extends to the group itself, and is easily mitigated. In Signal, disable the Group Link from within the group’s settings. In WhatsApp you don’t have that option, but do not use links for sensitive groups; you should also set sensitive groups in WhatsApp such that only Admins can add members.

The Linked Devices option is much more dangerous as it can establish a fully sync’d replica of your messaging app on someone else’s device. But again this risk is easily mitigated. In both apps there is a clear settings menu entitled “Linked Devices.” Go there now and unlink any device you don’t 100% recognize as belonging to you. If in doubt, remove. You can always add it back later if you make a mistake. On both apps, your primary phone is the base and all other devices can be linked and unlinked there.

There is a twist to this. In the Russian attack, the Signal group invite link was hijacked to link a device instead, a vulnerability in the invite coding and mechanics, but not the app itself. But there is no way for someone to link a device without it showing in your settings per above. Regularly checking those links is key. It’s also worth periodically unlinking browser “web app” links (as opposed to apps) and relinking. The other advice is to not click group links unless they’re expected and you can vouch for the sender.

The NSA’s other messaging advice should be common sense. Set and regularly change your app PIN and enable the screen lock. Do not share contact or status info, certainly not outside your contacts. The DOD agency also recommends keeping phone and app contacts a separate, albeit that’s painful for everyday use.

The concept of secure messaging is widely misunderstood. End-to-end encryption is a transmission safeguard. Content is scrambled by your device and unscrambled when it reaches a recipient. Each end (phones in a chat) is vulnerable to a compromise of that device, a user saving content, or the wrong person invited into a group. None of these apps are bulletproof if your other security is flawed or you make a mistake.

NSA is not alone in calling out Signal as the headline act when it comes to secure commercial messaging platforms used by politicians and other officials. America’s cyber defense agency did the same in the wake of China’s Salt Typhoon hacks on U.S. networks. “Use only end-to-end encrypted communications,” CISA said. “Adopt a free messaging application for secure communications that guarantees end-to-end encryption, such as Signal or similar app.”

With interesting timing, WhatsApp — the most popular secure messenger worldwide, which uses the same Signal encryption protocol and Signals itself — has just made that easier. iPhone users can now select WhatsApp as their default texting and calling app. The platform update that delivers this new capability is rolling out this weekend. In Settings — Apps, select “Default Apps” and change “Messaging and “Calls” options.

But again, that doesn’t change the user/device vulnerability that will always leave secure messaging at risk. “The biggest risk of eavesdropping on a Signal conversation comes from the individual phones that the app is running on,” says Foreign Policy. “While it’s largely unclear whether the U.S. officials involved had downloaded the app onto personal or government-issued phones… smartphones are consumer devices, not at all suitable for classified U.S. government conversations.”

This is especially acute given that “an entire industry of spyware companies sells capabilities to remotely hack smartphones for any country willing to pay.” These are the forensic exploits that have plagued iPhones and Androids this year. And so just as it’s critical to apply the right messaging settings, it’s also critical to keep your phone updated, to avoid risky apps, and to stop clicking on links or unexpected attachments.

While Signal has taken the bulk of the headlines given the attack thread in the U.S., in reality it’s WhatsApp that’s the much bigger problem. “It’s a WhatsApp world at work now,” per the Financial Times, “and that’s not always a good thing.”

As the newspaper reports, gone are the days “you could leave [work] apps to ping away all weekend, knowing the pingers were unlikely to be asking anything more taxing than what time to meet for coffee or whether there was milk in the fridge. Those days are gone. Some time before Covid, office colleagues and work contacts began to send messages over apps once confined to social life.”

And WhatsApp is very much top of that list. Ironically, the only key market that has been a holdout against it has been the U.S., where iMessage has remained the dominant secure messaging platform. But even that is now changing, with Meta publicly celebrating WhatsApp passing 100 million U.S. users last summer.

“At some point,” the FT points out, “it no longer seemed wrong to WhatsApp one’s manager, and then add a thumbs up emoji. This seemed entirely sensible at this strange, disconnected time. A few years on though, it also feels as if a dividing line between work and social life has been breached.”

Ironically, Signalgate has prompted a gentle spat between WhatsApp and Signal as to which is the more secure app to trade and keep secrets. “There are big differences between Signal and WhatsApp,” Signal boss Meredith Whittaker posted, after WhatsApp boss Will Cathcart pointed out both use the same core encryption and could therefore be seen in the same bracket, notwithstanding Meta’s ownership.

“Signal is the gold standard in private comms,” Whittaker said. “WhatsApp licenses Signal’s cryptography to protect message contents for consumer WhatsApp,” albeit the same level of security doesn’t apply to business comms. “Don’t misunderstand — we love that WhatsApp uses our tech to raise the privacy bar of their app. Part of Signal’s mission is to set, and encourage the tech ecosystem to meet, this high privacy bar. But these are key differences when it comes to meaningful privacy and the public deserves to understand them, given the stakes. Not have them clouded in marketing.”

But it’s WhatsApp we need to turn to for the purest irony in this whole story. Just a few days before The Atlantic published its shocking revelations as to its inadvertent eavesdropping on a government “eyes only” Signal group chat, its rival platform posted on X: “As an admin, are you letting group members add other people to the chat?” Just that, nothing more. It’s almost as if the entire furor could have been foretold. Not that whoever really added reporter Jeffrey Goldberg was or wasn’t an admin, just that the risk of those group invites is out there and requires some attention.

The bottom line though is very simple. Whether WhatsApp or Signal, both are secure and recommended for use — if used properly. Set them up wrong — either of them, or neglect core phone updates, settings and secure usage, and both will fail. You can read the NSA’s full advisory here. Take heed and make sure you keep your work plans, your party plans and even your war plans secret.

source

Although this is extremely Off Topic, however this could be very sensitive for many of our members I felt it necessary to post. - javajolt Sys Admin!

How to delete your 23andMe data and why you should do it now

With the genetic testing site filing for bankruptcy protection, you'll definitely want to delete your account and have any stored samples destroyed.
plus.

I was an early 23andMe user. While I knew a good deal about my family history -- primarily Scottish-Irish who came to the US in the aftermath of the 1845-52 Irish potato famine -- I wanted to know more. At first, 23andMe was useful, but now it's another story.

Once a genetic testing trailblazer, 23andMe has filed for Chapter 11 bankruptcy. This came after years of financial instability, operational missteps, and growing concerns over customer data privacy.

The company's collapse raises serious questions about the future of its vast troves of genetic data collected from more than 15 million customers, including my own records. We have no idea what will become of our records -- and that's not a comfortable feeling.

Founded nearly two decades ago, 23andMe gained popularity by offering at-home DNA testing kits that provided insights into ancestry, genetic traits, and potential health risks. At its peak in 2021, the company's market valuation exceeded $6 billion. However, in recent years, it's been declining rapidly.

The company's attempted pivot into pharmaceutical research and drug development partnerships, including a high-profile collaboration with GlaxoSmithKline (GSK), never met expectations. This, in turn, led to declines in revenue,

The company's reputation also never recovered from the hit it took when a major data breach in October 2023 exposed user data for about half its users. The result? The company value, which hovered above $6 billion in 2021 after its IPO, was trading for less than $50 million last week before the bankruptcy filing with losses in its current fiscal year of $174 million.

This is a dead company walking.

The bankruptcy has me worried about our data's security and its future use. In a stark warning, California Attorney General Rob Bonta urged customers to delete their data due to uncertainties about where the company might end up after it's sold. While 23andMe claims that shared data is anonymized, I have my doubts.

Besides, there are no federal government regulations for genetic data held by direct-to-consumer companies such as 23andMe. Unlike the Health Insurance Portability and Accountability Act (HIPAA) that covers medical records, 23andMe's DNA data has no strong privacy safeguards. Customers who consented to research may find their data irreversibly tied to studies even after deletion requests.

What can you do? You can delete your data. Here's how.

How to delete your data from 23andMe

You can download your raw 23andMe genetic data for personal storage. There are ways to use this data outside of 23andMe, but you should be wary of sites that ignore your privacy or nickel and dime you for analyzing your data. Some sites, including FamilyTreeDNA, MyHeritage, GEDmatch, and Living DNA, enable you to upload your 23andMe data. Ancestry, the biggest of the genetics/family history services, does not accept 23andMe data. 

Gather your data:

• Log into your account.

• Go to your account's "Settings" section.

• Scroll down to "23andMe Data" and select "View."

• Choose the option to download your data.
 
Delete your account:

• Log into your account.

• Navigate to "Settings" and scroll down to "23andMe Data."

• Click "Permanently Delete Data."

• Confirm your request via an email sent by 23andMe. Once confirmed, the deletion process begins automatically.

Destroy your genetic sample:

• If you opted for sample storage, revoke this preference in your account settings under "Preferences."

• Request that your saliva sample be discarded.

Revoke research consent:

1. Withdraw consent for research use of your genetic data under "Research and Product Consents" in your account settings.

While deleting your account removes most personal information from 23andMe's databases, some data may still be retained due to legal obligations or prior research consent. This includes information such as your sex, date of birth, and genetic information, even after they're "deleted."  Genotyping labs may hold onto anonymized genetic information for up to three years after deletion requests. If you've previously agreed to let your genetics be used for medical research -- I did -- some of your genetics data will linger on for years to come.

That said, if you value privacy and control over your DNA data, it's still a good idea to delete your account as soon as possible.

source

Unsubscribing can also potentially trigger ransomware attacks.

Spam and phishing emails are an annoying everyday occurrence that everyone is probably familiar with and finds annoying. These intrusive messages often clog up your inbox and require tedious deletion or filtering. Worse still, those who are act carelessly run the risk of falling victim to scammers. But, as strange as it may sound, spam emails can actually be useful to the potential victims scammers are targeting, which is why you shouldn’t delete them.

Why you shouldn’t delete spam emails

All major mail providers are starting to rely on complex and adaptive spam filters that are getting better and better at distinguishing between wanted and unwanted e-mails. An important prerequisite for this learning effect: The software must be able to practice and this is exactly what spam mails are useful for.

Instead of deleting spam mails, we recommend you proceed as follows:

• If you use an email client such as Outlook or Thunderbird: Manually mark relevant messages as spam (or as “junk”) if your email program hasn’t already done it itself. This will train the software’s spam filter and you will (hopefully) have to deal with annoying spam mails less and less in future because the automatic filter will improve.

• If you retrieve emails with a browser: Depending on which provider you use, you can mark the annoying messages as spam in different ways. Of course, you only need to make this effort if the junk emails are displayed as normal emails in your inbox and haven’t already ended up in the spam folder. You can mark such messages in the inbox (tick the box) and send them directly to the spam folder using the “Spam” or “Junk” command in the menu bar. This also works with individual (open) emails, where the path to the spam bin is sometimes via a “Move” button above the message text.

Both privately and professionally, these procedures promise less rubbish mail in the long term. The senders of such messages are also blacklisted more quickly. If you use a shared mail server in the office, you may be doing your colleagues a great service by preventing them from having to deal with the same scam messages that you’ve already marked as spam and sorted out yourself.

Tip: Junk mail is usually automatically deleted from the relevant folders after 30 days. Storage space problems are therefore rarely a cause for concern, even if the messages are not removed manually. If the junk folder does not empty itself, you should delete the content yourself once a month.

Caution: Don’t unsubscribe from spam emails

Many providers and email clients now offer an easy way to unsubscribe from unwanted advertising emails, newsletters, and the like with a quick click directly in your inbox. This function is useful if you do not want to delete yourself from mailing lists by hand or aren’t interested in the advertising it contains.

However, the well-intentioned function also harbors a danger, at least in the case of fraudulent messages. This is because you inadvertently inform the sender that your own e-mail address actually exists and is actively managed.

Spam crooks send millions of emails every day, sometimes indiscriminately to randomly generated recipient addresses. They are often unaware of whether the accounts they write to really exist or whether messages are read there–until users click on the unsubscribe button. The scammers then receive a request to stop writing to the email address in question, whereupon, of course, they do exactly the opposite.

Some helpful tips

With a few simple rules, you can better protect yourself against spam and scams on the internet.

• Be suspicious: Sounds banal, but it could have protected many victims from cyber crime. As soon as you are unsure about a sender or the content of new messages, you should become skeptical and, if in doubt, assume that a scam is being attempted. This applies in particular to requests for payment or if you are asked to provide personal data.

• Keep calm: If someone asks you to act quickly (and therefore rashly) in a supposedly urgent email, you should become suspicious. Honest companies do not put pressure on customers and do not immediately threaten to send reminders if you do not immediately comply with requests.

• Avoid links in emails: If you are asked to follow a link in a message, then it may be sensible to select the relevant pages yourself. Either enter the URL in your browser (if you know it) or let Google find the page you are looking for.

• Do not open unknown attachments: Stay away from dubious e-mail attachments. Malware can also be hidden in Excel spreadsheets, Word documents or even image files. In executable files (EXE) or archives (ZIP, RAR, etc.) anyway. You should also avoid HTML files, as they can redirect to insecure servers.

• Digital bodyguards: You are on the safe side with these anti-spam and anti-virus programs.

Spammers and scammers are becoming more and more sophisticated. Even experienced users can be taken in by the brazen crooks. If you want to protect yourself better, you can turn to professional software, it makes life difficult for the scoundrels on the net.

source