Monday, December 25, 2017

Security: Cryto-Mining How to Block


One of the latest internet threats is some sites (legitimate and illegitimate) are Cryto-Mining Bitcoin (and possibly other crypto-currencies) in people's browser.  

Some group of bad actors developed the ability to distribute and mine Bitcoin using JavaScript that can run in a browser.  All of this is done just by visiting a web site in your browser.  The JavaScript code will download and execute, it will bypass all the security protections you may have in place (i.e. firewall, anti-malware, etc.).  

Technically, this is not malware in the classical sense, meaning it does not infect a computer or spread itself.  What it does do is steal CPU cycles from your computer to mine Bitcoin.  The way it works is by executing JavaScript code; which was designed to make web pages more intelligent by supporting a programming language.  Cryto-Miners are not the first to exploit this technology for other things; it is exploited by advertisers all the time to try to get you to click on more ads by shoving more of them in front of you.

Update:
Cryto-Miners made their crypto-currency mining more stealth, so even when you close your browser windows the mining will still run.  They updated their code to create a pop-under window sized to fit inside the taskbar and behind the clock after you visit a web site. If the taskbar set to be transparent, you might be able to see a tiny window. If not, resizing the taskbar can pop it into view.  The code also tries to evade detection by limiting itself to just 50 percent of the CPU. 

Fighting Back
There are a few ways of fighting back against this threat.  As well as preventing these sites from stealing your CPU cycles.

Method 1. Install a browser extension.  There are several of these out there for the different browsers.  There are too many choices for me to make a recommendation.  I would advise doing your own research and see what others recommend

Method 2. This method is more advanced.  It requires more manual intervention and updating.  It also requires knowledge of how to update your computer's HOST (C:\Windows\System32\Drivers\ETC\Hosts) file.  By putting the Cryto-Mining domains and pointing, those to a bad IP address (i.e. 0.0.0.0). The HOST file will prevent the code from running because when the browser try to resolve the domain it cannot.  The HOST file also runs at the system level meaning it would protect all the browsers installed on your system.

Note: The problem with this method is knowing which domains to block, and having to manually update the list on a regular basis.

3. This method is even more advanced.  It requires more manual intervention and updating of the DNS.  If you are a small, medium or large organization with your own DNS servers, it would be possible to put these domains in your DNS, and point them to a bogus address.  This would help protect the clients in your organization from these type of attacks.  

Note: The problem with this method is knowing which domains to block, and having to manually update the list on a regular basis.

Saturday, December 16, 2017

New Book: Power User Guide: Windows 10 Secrets (2018 Edition): The Ultimate Windows Tips and Tricks Guide for Everyone

Check out the new edition of my book called "Power User Guide: Windows 10 Secrets (2018 Edition): The Ultimate Windows Tips and Tricks Guide for Everyone".  

It is now available for sale on Amazon.com (https://www.amazon.com/dp/B078DTQTVM).


Book Description: Windows 10 is the latest Windows operating system from Microsoft. The new OS contains hundreds of new and updated features, applications, services and user interface changes.

This edition of the book series has been updated to discuss the latest release of Windows 10, the Fall Creators Edition. The content of the book has been doubled from the original version.

This book can help all levels of users (from beginner to IT Professional) to take full advantage of the operating system. Below are just some of the topics covered in the book:


  • Leveraging the power and features of the new OS and applications and services.
  • The book includes hundreds of power user notes, tips and tricks to utilize all the new features of the OS.
  • Learn the history and future of the Windows ecosystem, as well as what this means for the users.
  • Discover undocumented and little known features that can grant the user access to functionality that is only known to experts.
  • Understand the new privacy and security concerns that comes with using all the new applications and services.
  • Understand the different installation and upgrade options that are available to you. Including how to create your own installation media.
  • There is expanded technical content for IT professionals that provides basics like networking troubleshooting, more. 
  • Including new and updated sections on getting started with Hyper-V, Docker, Linux, PowerShell and the upgraded command prompt.
  • - And more...

Monday, December 11, 2017

Windows 10: Using the App Window Snap features

There are two ways to utilize the app window Snap feature:

The first way, is with the mouse, by grabbing the title bar of any application window and moving it to the extreme left or right side of that monitor.  That window should snap into using the left or right half of the screen (depending on where you drag it). You will then be presented with a list of other app windows that can be snapped into the half of the screen.

The second method is to use the Windows Shortcut keys:

  • WinKey + Up Arrow: Snaps the current application into the maximize position.
  • WinKey + Down Arrow: Snaps the current application into the minimize position.
  • WinKey + Left Arrow: Snaps the current application to the left half of the monitor.
  • WinKey + Right Arrow: Snaps the current application to the right half of the monitor.

Monday, December 04, 2017

Windows 10: Mixed Reality headsets (Overview to Get Started)

Have you been hearing all the hype about the Windows Mixed Reality headset?  This is not a review of a single headset, but an overview the technology and what you need to know to get started.

Introduction to Microsoft Mixed Reality Technology

With the release of Windows 10 Fall Creators Update. A new hardware market segment for Windows is now available.

It is called the Windows Mixed Reality headsets. These headsets integrate with Windows 10 and allow the user to experience virtual worlds in new ways that is not available using a traditional keyboard, mouse and monitor.

Mixed Reality Headset Hardware Overview

Below is an example of what the Mixed Reality hardware for Windows currently looks like.  It is composed of two parts, the headset and the motion controllers.  The headset is obvious what you are supposed to do with it, and the motion controller are for interacting with objects within the virtual world.

Prices for this hardware start at $299, and go up from there.  It is going to require a computer that can run Windows 10 with the Fall Creators update, and has HDMI and USB 3.0 port.  Microsoft designed their mixed reality technology to only need very basic specifications for the user to to get started.

My personal opinion is that the faster the computer and more system resources (i.e. CPU, RAM, storage, network) the better the virtual world experience will be.

Below are some of the generic specification and considerations for selecting a mixed reality headsets (these specs will all vary between manufactures and available models):
  • Two high-resolution LCDs displays builtin to the headset.
    • Resolutions of these displays will vary depending on the manufacture.
  • Front-hinged display for lifting the viewer up out of your way
  • Built-in 3.5mm jack for audio and microphone support  
    • Consideration: Depending on the headset you buy will determine if it comes with a way of outputting and inputting audio. Otherwise you will need to purchase your headphone with a microphone.
  • A cable(s) for HDMI 2.0 and USB 3.0 for video and data.
    • Consideration: Make sure the cable is going to have adequate length to allow you to have enough freedom to movement.
To see all the latest devices, check out: Microsoft Store: Windows Mixed Reality headsets.


Mixed Reality Headset

Motion Controllers

How to Setup the Hardware

To get an idea of what the what the hardware setup requires, check out the following video:



Quick Overview of the Windows Mixed Reality Experience

Since this is such a new technology, getting an idea of what you can do with it after buy it might be your first question. Since most people do not have point of reference on what to expect when it comes to buying this type of hardware.

The video below demonstrates what the average person can do with the technology (without all the marketing hype).  I think the guy demoing the hardware does a good job of  providing a quick overview of what he did with the technology.





Competition (in conclusion)
There are several players in this market; and Microsoft is just one platform among several competitors.  Ultimately, only market execution by the company, great apps created by its developers, and how well customers will buy the technology and content will determine who succeeds and who will lose.

Wednesday, November 29, 2017

Video: Updates to the Windows as a service model

If you're a Microsoft Windows IT professional and support Windows 10, then you should spend 5 minutes to watch this video. This will explain the changes that are being made to Windows Update service model.

Video Description: "With Windows 10, there is a shift to delivering Windows as a service. Catch up on the new way Microsoft builds, deploys and services Windows. Michael Niehaus, Director, Windows Commercial, defines the core components of the Windows as a service model and recent updates Microsoft announced. He will also review the build release process and update cadence, upcoming enhancements to further streamline the model, and how the model also applies to Office 365 ProPlus and Windows Server."


 

Monday, November 27, 2017

Microsoft Edge: Changing the default search engine

If you use Microsoft Edge, and want to change the default search engine (which is the Bing search engine).  Follow the instructions below:

  • Open Microsoft Edge, and go to the search engine that you want to use (in this example we will use http://www.google.com/). 
  • Open the Settings menu under the ellipsis (…), press the View advanced settings button.
  • Scroll down to Search in the address bar with, and then press the Change search engine button; select the search engine, then press the Set as default button.

Friday, November 24, 2017

Windows 10: Taskbar keyboard shortcuts

Below is a list of taskbar keyboard shortcuts that work in Windows 10 (and previous versions of the operating system, such as Window 7 or even earlier):

  • Shift + Click a taskbar icon – Opens an app or opens another instance of it.
  • Ctrl + Shift + Click a taskbar icon – Opens an application as a local administrator.
  • Shift + Right-click a taskbar icon – Shows the window menu for the app
  • Shift + Right-click a grouped taskbar icon – Shows the window menu for the group
  • Ctrl + Click a grouped taskbar icon – Cycles through the windows of the group


Tuesday, October 17, 2017

Video: Windows 10 Fall Creators Update

On October 17, 2017, Microsoft released the Windows 10 Fall Creators Update. The video below from Microsoft gives an overview of the new features that are included in this update to the Operating System.

Some of the new features include, Mixed reality support (i.e. blending the virtual and real world together using a headset like a HoloLens), updates to the photo app to create movies from your photographs.  The update also includes several enhancements to Cortana and Microsoft Edge.

The operating system includes new security features to make your system more secure, such as the Windows Defender Security Center. Which includes new features Windows Defender Exploit Guard.  That helps protect files from unauthorized changes by malware (and ransomware).

Another new feature is the Continue on PC. When you visit websites, do searches, or read articles online that are on your iPhone or Android smartphone.  They can be forward to your PC where they can be instantly opened.

The video is a Microsoft promotion for their products, but it includes a lot of useful information about the new Windows OS update.  It also includes examples of the available mixed reality hardware and an overview of the new Surface Book computer.


 

Monday, January 02, 2017

PowerShell: One Line Ping Scanner

Need to do some basic network exploration, use the one-liners below to see what device are on your network (Note: only setup for Class C, IPv4 networks).

Example 1: Less Detail
0..255|%{$a="192.168.0.$_";$b=Test-Connection -count 1 -ComputerName $a -quiet;If($b){Write-Host $a}}

Example 2: More Detail
0..255|%{$a="192.168.0.$_";$b=Test-Connection -count 1 -ComputerName $a -quiet;If($b){Test-NetConnection -ComputerName $a}}