@scottalanmiller said in Miscellaneous Tech News:
Razor and Asus Windows 10 security bypass...
https://www.pcgamer.com/razer-windows-10-security-flaw-admin/
Well I suppose it's, as it's always been, important to lock your device if you walk away so someone can't sneak over to your chair and "wreak all kinds of havoc" on your computer if you aren't already a local admin lol.
@gjacobse said in Windows 10 Taskbar GPO:
Users using MAIL presents additional support issues and questions when they 'can't access the calendar' or GAL.
Okay, that makes sense with some more background. They need to be trained to use Outlook, not Mail. If they can't read the name of the application they are using....
@gjacobse said in Windows 10 Taskbar GPO:
MS Mail doesn't include all the features as MS Outlook
Which is why it's so much better. I have Outlook on my PC, but I always use Mail instead. It just works.
@gjacobse why do you feel you need to control what people have on their task bar or desktops? That should be 100% up to the user. I would hate for IT to control that aspect of my device. Especially since the store and mail apps are useful.
Looking in to https://www.astroberry.io/
Giving it some serious consideration and may try it out tonight to verify some equipment compatibility.
@jaredbusch said in Miscellaneous Tech News:
@hobbit666 said in Miscellaneous Tech News:
I use MSPaint if I screenshot something and just want to circle something in big red pen/brush
Greenshot, and now even snip & sketch or whatever the new built in thing is called.
I prefer Lightshot on Windows
...especially with the insane amount of inflation this past soon to be year, it's no wonder prices are going up everywhere for everything.
@dustinb3403 said in Miscellaneous Tech News:
@scottalanmiller said in Miscellaneous Tech News:
M365 price hike...
https://www.theverge.com/2021/8/19/22632888/microsoft-office-365-price-increase-march-2022
Hey everyone are you hooked on the Cloud yet? Nah, no worries we're jacking our prices!
It's hardly uncommon for service providers to increase prices... not sure why you'd think MS should be different?
@gjacobse said in A Startdocprinter Call Was not Issued:
This is a recent issue I have had to work on. And while I do see there are some options to correct it, it seems that they are also as likely to
notfix the issue as it is likelytofix it.Google Search: A Startdocprinter Call was not issued.
Is this something that it's likely as easy to re-install Windows as it is to spend a few hours trying to correct?
First link looks like 5 minutes of things to try so why not?
But as @IRJ said, a lot of time isn't spent on troubleshooting unless it's absolutely necessary. I can't speak for the service desk because they are a different department than I've been, but it doesn't seem like they do.
We use modern device management technologies and practices so never have to worry about re-imaging in most cases, at least the last two places I've been at which are larger enterprises.
But if you're not using modern device management practices and your only option is to either spend days troubleshooting or days reimaging and setting up the device, then I dunno. Only you can answer that because I'm sure it depends on your unique situation/environment and the user.
@stacksofplates said in NG AV / Endpoint Protection in 2021:
@obsolesce said in NG AV / Endpoint Protection in 2021:
@hobbit666 said in NG AV / Endpoint Protection in 2021:
So in simple terms, people are saying dump the AV products like Webroot/Bitdefender/Eset and move over to a more SIEM orientated setup whether that's in house or externally managed (we wouldn't have the resources internally)
What about products like CrowdStrike, Cynet XDR, Mimecast. Does these fall into the SIEM realm? As they say they monitor machines for changes in system files/logs/other stuff for behaviour that looks like issues i.e. Virus/Ransomware.
It's not just about having an anti-virus software updated to the latest definitions. I would say definition based malware threats are pretty much the basic 1-9% of the whole picture. This is where the solutions such as some CrowdStrike products and Microsoft 365 Defender come into play to cover the ~90% of the whole picture.
https://www.amazon.com/UNIDOPRO-Socket-Tapping-Bottle-Bracket/dp/B07G3XS4W8
Thanks for the bolt recommendation.
Oops, copied link from wrong browser tab lol, fixed link in post.
@hobbit666 said in NG AV / Endpoint Protection in 2021:
So in simple terms, people are saying dump the AV products like Webroot/Bitdefender/Eset and move over to a more SIEM orientated setup whether that's in house or externally managed (we wouldn't have the resources internally)
What about products like CrowdStrike, Cynet XDR, Mimecast. Does these fall into the SIEM realm? As they say they monitor machines for changes in system files/logs/other stuff for behaviour that looks like issues i.e. Virus/Ransomware.
It's not just about having an anti-virus software updated to the latest definitions. I would say definition based malware threats are pretty much the basic 1-9% of the whole picture. This is where the solutions such as some CrowdStrike products and Microsoft 365 Defender come into play to cover the ~90% of the whole picture.
@scottalanmiller said in NG AV / Endpoint Protection in 2021:
If you spend a single minute or a single dollar looking at another solution, you are losing money while increasing your risk.
A lot of companies need the central management and reporting aspects, which means you'll be paying money for a good solution. While Defender does those, it begins to cost. At that point, there are some other worthy competitors that may be a better fit depending on environment. Such example would be Crowdstrike.
@scottalanmiller said in Apple plans to scan your images for child porn:
@obsolesce said in Apple plans to scan your images for child porn:
@scottalanmiller said in Apple plans to scan your images for child porn:
This is a tool that tells the government when it wants an upload triggered.
No this is not how it works at all. I'm saying it's the opposite. YOU do the upload. The tool only scans and packages what you are already uploading.
You can say that, but there's nothing to make that true. The scanning happens separate from any upload. The results of the scan get shared to Apple via the upload. The fact that right now uploads are triggered by the end user (or automated as actually happens) is the same as the government being able to force it. Anything the end user can do on an online connected device the government can coerce with a warrant.
So saying "you upload it" and "the government can collect it at will" are synonymous.
Did you even read the whitepaper?
@scottalanmiller said in Apple plans to scan your images for child porn:
The tool does the scanning ON THE DEVICE.
Yes, that's true. I never said the tool doesn't scan on the device. The tool scans the photo on the device to match CSAN signatures. That has nothing at all to do with the tool itself uploading anything. It only does the scan as part of YOUR upload to iCloud photos.
@scottalanmiller said in Apple plans to scan your images for child porn:
This is a tool that tells the government when it wants an upload triggered.
No this is not how it works at all. I'm saying it's the opposite. YOU do the upload. The tool only scans and packages what you are already uploading.
@scottalanmiller said in Apple plans to scan your images for child porn:
@obsolesce said in Apple plans to scan your images for child porn:
How do they force photos stored on your phone to upload to iCloud?
They are adding a tool to the OS that detects what is on your phone. Apple has 100% power, as long as you have an Internet connection, to use that to trigger any upload. From a software standpoint, this is absolutely trivial to do.
That tool does not trigger any uploads. That tool itself is what is triggered, not the other way around. If you upload a photo to iCloud, then the tool is triggered to scan the photo to package it for the upload to iCloud.
@scottalanmiller said in Apple plans to scan your images for child porn:
It's true, semantically we can say that there is no risk without an upload (so a phone that is dead, for example, is not affected.) But as the gov't or Apple as an organization has the power to enact the upload at will the problem exists before that point.
How do they force photos stored on your phone to upload to iCloud? I have OneDrive on my phone, and if I have my photos or the photos folder set to not upload to OneDrive, it doesn't. If Microsoft of the government wanted to force my photos to upload, I don't see how they could do that. I mean, I suppose the government or Apple could always do something to force photo uploads to anywhere they want through an OS update, regardless of anything at all... so I fail to see how this enables something that they could do at any time without it anyways?
@jaredbusch said in Apple plans to scan your images for child porn:
@obsolesce if it was only on upload why put the signatures on every phone.
They need to be on the device if photos are going to be uploaded to iCloud Photos since I assume photo uploads are the behavior. I'm sure there are tons of things on these devices that aren't ever used. I doubt the signatures being on the phone matters if it's not used, that'll likely be the minority.
@scottalanmiller said in Apple plans to scan your images for child porn:
@obsolesce said in Apple plans to scan your images for child porn:
To me it's clear from the white paper that if you don't upload images to icloud, then this doesn't work. However, since I'm not an iPhone user, I don't know if you have any control over whether or not the photos stored on your phone are uploaded to your icloud account.
Basically, when images are uploaded to your icloud account, by your doing or automatically, your phone first does this hashing magic with csam results and then packages it along with your photo that is stored in your icloud account. At that point, the icloud scanners simply read the results that are packaged with your photo. I think of it like the photo having an attached health certificate that icloud scanner can pick up.
The issue is that they are scanning without the upload, and can based on that be forced to report on you. The upload limitation is an option on their end that they can't enforce. So it's moot.
Another confirmation:
@stacksofplates said in Apple plans to scan your images for child porn:
Also, if you look at their diagram in their white paper, the photo is part of the safety voucher, which is what is uploaded to iCloud.
So this is what I was getting at earlier.
This voucher is uploaded to iCloud Photos along with the image.
Is that separate from icloud backup or is the voucher sent along with the image when it's backed up? By their process description the photo has to be sent as well, because they can't verify other-wards.
This is why it's not straightforward and why I think @Carnival-Boy was making those statements.
It looks like it's only a single package that goes to iCloud. Either you choose to back up your photo to iCloud and in that case it's packaged with the voucher..... or NOTHING happens at all. The photo is not sent to iCloud and no scanning or anything happens.
