Klaus

SMTP relay

 Fri, 13 Oct 2017 18:26:36 +0200 
So you can not send eMails from an M$ Azure VM? You need a SMTP relay outside of Azure?
Luckily Exchange Online Protection is an ideal solution you can directly sign up for. ;-) At least they know how to squeeze out their victims.
Klaus

End of Life

 Thu, 13 Jul 2017 23:54:29 +0200 
For around 2 years I had a Lumia 630 business phone with M$ Windows Phone 8.1. It was a phone you got for €1 with your contract. After it got a spider web app I got a new business phone around 1 year ago. It is a Samsung Galaxy A3 with Android that you also got for €1 with your contract. I must admit that the Windows Phone was muuuuuch better! Especially the mail app I used most was so much more convenient than the mail app on Android. Even the new Outlook app for Android is far less convenient than the old mail app on Windows Phone. Very surprising was the web browser for me. Compared to the one on the Samsung phone the Windows Phone browser behaved much better.
But the most disturbing difference is traffic. I had a contract with 100MB data volume per month with the old phone. It was always enough for email and reading some news on the way to office until the last week of the month. With the new phone I got 200MB/month data volume, but after 7-10 days the Android phone consumed already everything. :facepalm

#^End of Life: Windows Phone ist offiziell tot
Image/photo

Am Dienstag ist der Support für Windows Phone 8.1 ausgelaufen. Smartphones mit der letzten Windows-Phone-Version erhalten ab sofort keine Sicherheits-Updates mehr. Besitzer einiger jüngerer Lumias können noch upgraden.
Klaus

A Step-By-Step Guide on How to Be a Little Evil

 Fri, 07 Jul 2017 18:21:53 +0200 
Nice introduction video for every M$ Windows user! But don't tell your domain adminstrators. ;-)

#^From User to Domain Admin: A Step-By-Step Guide on How to Be a Little Evil
by BeyondTrust on Vimeo
Klaus

DoubleAgent

 Thu, 30 Mar 2017 10:33:51 +0200 
Cute, but a 15 year old design feature is not what I would call a zero-day.

DoubleAgent: Zero-Day Code Injection and Persistence Technique
We’d like to introduce a new Zero-Day technique for injecting code and maintaining persistency on a machine (i.e. auto-run) dubbed DoubleAgent.

DoubleAgent can exploit:

Every Windows version (Windows XP to Windows 10)

Every Windows architecture (x86 and x64)

Every Windows user (SYSTEM/Admin/etc.)

Every target process, including privileged processes (OS/Antivirus/etc.)

DoubleAgent exploits a 15 years old legitimate feature of Windows and therefore cannot be patched.


Mitigation
Microsoft has provided a new design concept for antivirus vendors called Protected Processes
...
Currently no antivirus (except Windows Defender) has implemented this design. Even though Microsoft made this design available more than 3 years ago.
Klaus
 Sun, 12 Mar 2017 13:27:45 +0100 
Na darauf hat man doch gewartet. Und wofür man das noch alles gebrauchen kann... $$$

#^Windows 10: Berichte über OneDrive-Werbung im Datei-Explorer
Image/photo

Es gibt noch Plätzchen für Werbung: Microsoft versucht allem Anschein nach zur Zeit, OneDrive-Abos über ein Werbebanner im Datei-Explorer zu verkaufen.
Klaus

Anforderungen

 Thu, 16 Feb 2017 13:57:45 +0100 
#^Nahendes LiMux-Aus: Open-Source-Szene trauert, Microsoft jubelt
Image/photo

Dass der Münchner Stadtrat seine bisherige Strategie für freie Software aufs Abstellgleis bugsieren will, stößt bei Open-Source-Vertretern auf absolutes Unverständnis. Microsoft begrüßt dagegen den eingeschlagenen Weg.

Bin ja mal gespannt wie dieses Projekt ausgeschrieben werden soll.

Zugleich gab Greve zu bedenken, dass gerade Microsoft Exchange als Mail- und Kalenderlösung der Redmonder den bisherigen Anforderungskatalog aus der Ausschreibung für Software in München nicht erfüllen könne und die aktuelle Lösung auch als Entwicklung für das Bundesamt für Sicherheit in der Informationstechnologie (BSI) begonnen habe. Es wäre prinzipiell nach wie vor möglich, "Mehrwerte für die Nutzer in Richtung der von Accenture gewiesenen Zukunftsstrategie zu schaffen" und etwa LibreOffice Online im Kolab-Webklienten zu betreiben. Anscheinend laufe aber alles darauf hinaus, den Katalog zu verwerfen nach dem Motto: "Was Microsoft nicht kann, das kann man ja nicht können wollen."

Auf der Arbeit muss ich mit M$ Win8/Win10 und M$ Outlook arbeiten und ich empfinde es jedes mal als unglaubliche Einschränkung. Allein die Bedienung von M$ Outlook über Tastatur ist unglaublich umständlich und unintuitiv. Wenn ich das mit Kontact vergleiche krieg ich jedes mal das Heulen wenn ich wieder zur Maus greifen muss. Der Linux Desktop - vor allem arbeite ich mit KDE - hat die Windows Arbeitsumgebung bereits vor vielen, vielen Jahren in Hinsicht auf Produktivität, Funktionalität und Bedienkomfort weit übertrumpft.
Klaus

Disable Your Antivirus Software

 Fri, 27 Jan 2017 21:06:27 +0100 
Interesting insights from someone who had to work around poorly AV products.

#^Disable Your Antivirus Software (Except Microsoft's)
I was just reading some Tweets and an associated Hackernews thread and it reminded me that, now that I've left Mozilla for a while, it's safe for me to say: antivirus software vendors are terrible; don't buy antivirus software, and uininstall it if you already have it (except, on Windows, for Microsoft's).

Update (Perhaps it should go without saying --- but you also need to your OS to be up-to-date. If you're on Windows 7 or, God forbid, Windows XP, third party AV software might make you slightly less doomed.)

At best, there is negligible evidence that major non-MS AV products give a net improvement in security. More likely, they hurt security significantly; for example, see bugs in AV products listed in Google's Project Zero. These bugs indicate that not only do these products open many attack vectors, but in general their developers do not follow standard security practices. (Microsoft, on the other hand, is generally competent.)
Klaus

Make Windows green again – Part 1

 Wed, 18 Jan 2017 20:39:15 +0100 
Make Windows green again – Part 1
It was November 28, 2016 when I came across an article on TechRepublic which talked about Microsoft’s plans for the future of Linux and Bash on Windows 10. The first read made me feel uncomfortable (I can’t really say why) but after the second read I started believing that this is in fact a great opportunity. Running Linux binaries natively on Windows … that sounds awesome indeed. However, it’s quite unfortunate that Microsoft enabled the wrong Linux (that’s my personal opinion) by default within the Windows Subsystem for Linux (WSL) and it is time to change it to the real stuff.


#openSUSE #WSL
Klaus

Komfort vor Sicherheit

 Sat, 03 Dec 2016 14:31:57 +0100 
#^Windows 10: Laufwerksverschlüsselung lässt sich während Versions-Upgrades umgehen
Image/photo

Eine groteske Sicherheitslücke, die Microsoft selbst mit Konzepten zum komfortablen Administrieren eröffnet, gewährt Angreifern vollen Zugriff auf verschlüsselte Windows-Laufwerke. Einzige Voraussetzung: ausreichende Geduld.
Klaus

WSL switch distro

 Sun, 20 Nov 2016 21:32:07 +0100 
OMG! Ubuntu!OMG! Ubuntu! wrote the following post 1 year ago
This Tool Lets You Use Fedora and Other Distros with Windows Subsystem for Linux
#^This Tool Lets You Use Fedora and Other Distros with Windows Subsystem for Linux
Image/photo
Add you likely know, Windows 10 Anniversary Update offers a hidden developer-orientated feature called  Windows Subsystem for Linux (WSL) and also known as ‘Bash on Ubuntu on Windows’. The feature allows fans of popular open-source and Linux-based command line tools to use them seamlessly on their Windows desktop, no need to dual-boot into a Linux distro or open […]

This post, This Tool Lets You Use Fedora and Other Distros with Windows Subsystem for Linux, was written by Joey-Elijah Sneddon and first appeared on OMG! Ubuntu!.
Klaus

Was für ein Rückfall?

 Sun, 06 Nov 2016 14:49:29 +0100 
#^Kommentar: Datenschleuder Windows 10 – Wasser und Wein
Image/photo

Windows 10 schickt so detaillierte Informationen nach Hause, dass der Einsatz in Firmen illegal sein könnte. Das konterkariert die sonstigen Bemühungen von Microsoft um Datenschutz, findet iX-Chefredakteur Jürgen Seeger.

Ich denke das hängt doch damit zusammen, dass Micro$oft kein Interesse daran haben kann, dass jemand  Home oder Pro geschäftlich einsetzt. Und wenn die jetzt von den Datenschutzbehörden noch Unterstützung dafür bekommen, läuft doch alles nach Plan.
Klaus

PowerShell DSC and implicit remoting broken in KB3176934

 Thu, 25 Aug 2016 23:45:03 +0200 
Windows 10 rolling release getting more and more trustworthy ;-)



#
PowerShell #fail
Klaus

Unicode character in passwords

 Thu, 25 Aug 2016 11:26:47 +0200 
#^Authentication fails when you use an IMAP server in Outlook 2016
Cause
This issue may occur because you have a Unicode character in your password, such as one of the following:
ä
ö
ü

Workaround
Method 1: Change your password
Method 2: Use a different protocol than IMAP
Method 3: Use Outlook 2013

:facepalm #fail
Klaus

organization-wide but not client-wide

 Thu, 11 Aug 2016 10:36:56 +0200 
#^Configure client-specific message size limits: Exchange 2013 Help
In Microsoft Exchange Server 2013, there are several different message size limits that apply to messages as they travel through your Exchange organization. For more information, see Message size limits.
However, there are client-specific message size limits you can configure for Outlook Web App and email clients that use ActiveSync or Exchange Web Services (EWS). If you change the Exchange organization-wide message size limits, you need to verify that the message size limits for Outlook Web App, ActiveSync, and Exchange Web Services are set accordingly. You configure these values in web.config files on Client Access servers and Mailbox servers. These limits are described in the following tables.
Klaus

M$SQL on Linux

 Tue, 08 Mar 2016 08:52:50 +0100 
:shrug
#^Announcing SQL Server on Linux - The Official Microsoft Blog
It’s been an incredible year for the data business at Microsoft and an incredible year for data across the industry. This Thursday at our Data Driven event in New York, we will kick off a wave of launch activities for SQL Server 2016 with general availability later this year. This is the most significant release of SQL Server that we have ever done, and brings with it some fantastic new capabilities.
Klaus

Hospital infected with virus?

 Tue, 19 Jan 2016 11:19:42 +0100 
Hospital? Virus? So what? Oh M$ Windows XP :facepalm

#^Computer virus wreaking havoc at Royal Melbourne Hospital
A virus has attacked the computer system of one of Melbourne's largest hospital networks, causing chaos for staff and patients who may face delays as a result.
Staff at Melbourne Health - the network which runs the Royal Melbourne Hospital - are urgently trying to repair damage to its IT system after a virus infected Windows XP computers.
Klaus

Gefangen

 Sat, 16 Jan 2016 14:45:40 +0100 
Das ist ja mal richtig krass und eine schöne Erpressung. Aber genau die Entwicklung die abzusehen war und ich schon erwartet habe. Wenn man weiter mit M$ Windows fahren will muss man auf ein Volume Licensing mit SA umstellen, sonst hat man keine Chance mehr.

#^Microsoft: Support für neue Prozessoren zukünftig nur noch beim neuesten Windows
Microsoft will keinen Support mehr für den Einsatz veralteter Windows-Versionen auf neu vorgestellten Prozessor-Generationen liefern. Das Ganze betrifft bereits Systeme mit Intel-CPUs, die seit August verkauft werden.
Klaus

Support-Ende

 Tue, 12 Jan 2016 17:53:38 +0100 
Na endlich...
#^Das Support-Ende für alte Internet-Explorer-Versionen ist da
Image/photo

Ab heute gibt es keine Sicherheitsupdates für ältere IE-Versionen mehr. Wen betrifft das und was muss man jetzt tun? Microsoft gibt Hilfestellung.
Klaus

waiting...

 Wed, 30 Dec 2015 18:36:20 +0100 
:shrug
The feeling when you are staring 25 minutes on the not moving progress bar of a M$ SharePoint Foundation 2013 Cumulative Update. Somehow I feel relieved that there will be no on premise version of SharePoint Foundation 2016 anymore.
Klaus

24-hour audit delay

 Tue, 29 Dec 2015 16:49:59 +0100 
Who checks audits more than once a day? ;-)

#^LOGbinder Blog - The 24-hour Bug in Microsoft Exchange Mailbox Auditing
LOGbinder bulletin, December 14, 2015 -- While investigating a support case, LOGbinder discovered a non-obvious yet critical bug in Exchange audit logging that essentially delays your ability to detect non-owner mailbox access for 24 hours. The PowerShell cmdlets New-MailboxAuditLogSearch and Search-MailboxAuditLog produce audit search results that are unpredictable and inconsistent when auditing all mailboxes and the start date is less than 24 hours ago.

The bug is not documented. We have reported this issue to Microsoft; they have confirmed it is a bug and said they have no solution timeline to share. Microsoft’s suggested workaround is to use a date range greater than 24 hours.
:rofl