Internecine conflict seems to be a recurring theme at Microsoft, but this one takes it to new levels. Somehow, somebody forgot to test the latest patched version of Outlook with the latest patched version of Windows. The result is an error message that makes Outlook inoperable.
The official announcement appears on the Microsoft 365 support site:
Sysadmin pilot fish is checking out encryption for his company’s backups.
“We have a mainframe that runs our core system,” explains fish. “Each night we back up to an on-site tape and then make a copy of the tape to go off-site. Couriers shuttle the tape back and forth between the sites each day.”
The obvious place to apply encryption is to those off-site tapes, so fish decides to create an encrypted copy of a tape to show how well the process works.
And the encryption process works fine every time. But when fish tries to decrypt the tape, no data comes out.
After fish spends several weeks experimenting, talking to vendors and growing more and more frustrated, one of his co-workers asks whether he has checked the script that generates the copy of the tape.
Chrome next month will begin to block notifications from sites that Google believes misuse or abuse the privilege of issuing the warnings.
Starting with Chrome 84 – scheduled to release July 14 – sites that Google thinks traffic in notifications meant to trick users will be blacklisted. Such sites' notifications will be scaled back to what Google earlier defined as its "Quiet UI" and a Chrome-produced warning will appear telling the user that the website may be trying to dupe him or her into accepting future notices.
Many admins report that installing the latest June cumulative updates knock out their networked printers. The problem seems to span all common versions of Windows and Server and many printers that have been installed and working in place for years. The bug appears to cause a conflict with older (but very common) PCL 5 and PCL 6 version 2 drivers on printers that are attached to networks, although the details aren’t yet clear.
Enterprises, government officials or individuals – anyone who seriously wants to secure their communications – uses the cross-platform Signal service. Here are a dozen tips to help you get more from using this on your iPhone.Secure by design
Signal is built to be secure, so much so that the European Commission this year instructed staff to begin using the encrypted messaging app for public instant messaging. Encrypted emails and highly secure document exchange systems are also used.
On the surface, Android and privacy might not seem like the most natural of bedfellows. Google is known for its advertising business, after all — it's how the company makes the lion's share of its money — and it can be tough to square the notion of data collection with the concept of carefully controlled information.
In actuality, though, Google gives you a good amount of authority over how and when it taps into your Android-associated info. (And even at its worst, the company never shares your data with anyone or sells it to third parties, despite some broad misconceptions to the contrary.) Ultimately, it just comes down to a matter of educating yourself about the possibilities and then determining what balance of privacy and function makes the most sense for you.
Headlines scream that you should avoid the May patches. Pshaw. From what I’ve seen they’re largely overblown. Not to say that all is well in patchland – it isn’t. But the situation has stabilized, and I don’t see any reason to hold back on May’s patches.
Of course, I’m assuming that you don’t voluntarily jump down the rabbit hole and join the unpaid beta testers working on Windows 10 version 2004 – the May 2020 Update. It's kicking up all sorts of problems – but that's no reason to hold off on the May patches.
With most of the fanatical Windows fan base now circling the trough on the just-released upgrade to Windows 10 version 2004, it’s time for those of us who rely on stable PCs to consider installing the May patches.
While the general outlook now is good, we’ve been through some rough patches – which you may, or may not, have noticed.Unannounced Intel microcode patch triggers reboots
On May 20, Microsoft released another of its ongoing series of “Intel microcode updates,” all named KB 4497165. Ostensibly intended to fix the Meltdown/Spectre security holes, many of them have a history of problems and hassles not commensurate with the amount of protection they provide (unless you’re running a bank transaction system or decrypting top secret emails).
If you're still trying to remember all of your passwords and then type 'em into sites by hand, let me tell you: You're doing it wrong.
With all the credentials we have to keep track of these days, there's just no way the human brain can handle the task of storing the specifics — at least, not if you're using complex, unique passwords that aren't repeated (or almost repeated, even) from one site to the next. That's where a password manager comes into play: It securely stores all your sign-in info for you and then fills it in as needed.
While there's a case to be made for leaning on a dedicated app for that purpose (for reasons we'll discuss further in a moment), Google has its own password management system built right into Chrome. And it's far better to rely on that than to use nothing at all.
As governments consider COVID-19 contact tracing and its privacy implications, it's not a bad idea for companies to take the opportunity to look more closely at their mobile agreements with employees. (By the way, just this week, Apple rolled out its latest iOS update, which included two COVID-19 updates, according to Apple: "iOS 13.5 speeds up access to the passcode field on devices with Face ID when you are wearing a face mask and introduces the Exposure Notification API to support COVID-19 contact tracing apps from public health authorities.")
Today, IT has to deal with pretty much one of two mobile scenarios: BYOD. where the employee uses the employee's personally owned device to perform enterprise business; and company-owned phones, which is the opposite: A company-owned phone where the employee, even if told not to, will use the phone for personal matters as well as business.
Even as we consider revelations Facebook shelved internal research suggesting its algorithms generate divisiveness, Apple has been forced to reject damaging claims against its contact tracing tech currently spreading on Facebook.Exposure Notification is not spying on you
Numerous hysterical myths concerning the Apple/Google contact tracing technology are being circulated on Facebook. A series of posts claim the Exposure Notification feature inside iOS 13.5 will allow authorities to track people’s locations and monitor who they meet – which is precisely what it tries not to do.
Shadow IT, where workers sometimes go rogue in their efforts to solve business problems, can create challenges – and opportunities – for companies in the best of times. With the COVID-19 pandemic still unfolding, these are not the best of times. With most employees and executives still working from home, the big issue for administrators and IT pros still centers on how to make things work in today’s trying circumstances.
Every major platform has controls IT can use, some of them as blunt as a hammer and others that offer surgical precision. At either end of that spectrum lie two common questions: How restrictive does IT need to be and is there a way to fully communicate areas of risk while making business more secure.
It really is saying a lot when Microsoft releases more than 100 updates each month and this is now considered “business as usual." Speaking of the “new normal,” Microsoft has changed the release cadence of its optional updates (generally released later each month).
In a statement about the new update regularity, the company said: "We have been evaluating the public health situation, and we understand this is impacting our customers. In response to these challenges we are prioritizing our focus on security updates. Starting in May 2020, we are pausing all optional non-security releases (C and D updates) for all supported versions of Windows client and server products (Windows 10, version 1909 down through Windows Server 2008 SP2).
Zoom has acquired secure messaging and identity management firm Keybase as its looks to shore up security capabilities on its platform with end-to-end encryption.
The acquisition will give Zoom access to Keybase’s encryption technology, used to secure online identities, as well as its team of engineers. Launched in 2014, Keybase lets users encrypt social media messages and shared files with public key encryption to ensure that communications stay private.
Keybase’s cofounder Max Krohn will now head up Zoom’s security team, Zoom said. Krohn’s new role was first detailed by CNBC.
Tim Weil is a Security Architect/IT Security Manager with over twenty five years of IT management, consulting and engineering experience in the U.S. Government and Communications Industry. Mr. Weil's technical areas of expertise include IT Security Management, Enterprise Security Architecture, FISMA Compliance, Identity Management, and Network Engineering. Mr. Weil is a Senior Member of the IEEE and has served in several IEEE positions.