Microsoft Case Study on Company Using MS VDI

This is a very interesting real world read about a large company moving to Microsoft Virtual Desktop Infastructure.

Rakuten Group Secures Sensitive Data with Virtual Desktop Infrastructure

“… Rakuten has turned to Microsoft Windows Server 2016 Remote Desktop Services (RDS). Not only does RDS provide an easy path to integrating heterogeneous systems, but it also provides an additional layer of security so new systems do not compromise Rakuten’s existing corporate infrastructure.”

Read about it here

Chrome Not Working With Latest Windows 10 Update?

Chrome and the latest Windows 10 April Update have a very big issue together, considering the millions of PCs running Windows 10 AND Chrome worldwide. Chrome will not open up SSL based sites after the latest April Windows 10 update [1803]. Some are pointing to the CryptSvc [Windows certificates service] as the cause of the issue or creating a conflict with Chrome. Going over the various sites covering this issue, it is clear that a viable solution has not been found. Consumers and businesses end up reformatting drives or reinstalling Windows 10 fresh without the latest version update [1803], or worse, chasing false hopes such as “uninstall your anti virus” [that is not the issue and a poor decision] or “stop the CryptSvc” [very bad, and wrong, idea].

Windows 10 April Update – Chrome now just “Establishing secure connection..”

The secure connection problem points to TLS or HTTPS or even the new ‘QUIC’ technology perhaps? This is just intuition at this point, but I would guess that QUIC is involved – it is a Google creation that ties in with data transport, and the symptoms point to it as a possible culprit that does not play nice with the latest Windows 10 update.

QUIC is a new transport which reduces latency compared to that of TCP. On the surface, QUIC is very similar to TCP+TLS+HTTP/2 implemented on UDP. Because TCP is implemented in operating system kernels, and middlebox firmware, making significant changes to TCP is next to impossible. However, since QUIC is built on top of UDP, it suffers from no such limitations.

https://www.chromium.org/quic

 

Microsoft Data Box for Heavy Data Migration to Azure

This is fantastic – onsite data can be VERY, VERY large, or ‘heavy’, depending on how you define it in non technical terms. Moving or migrating from an office [or even a traditional datacenter] to a Cloud service can be daunting, given the amount of data needing to be uploaded to a provider. Uploads through the Internet can conceivably take days or weeks! Enter the “Data Box” or smaller “Data Box Disk” from Microsoft Azure. These secure devices can be ordered from Azure. Once they arrive, simply plug them into your network [or server], then rapidly transfer crazy amounts of data to them before shipping the device back to Azure for upload to your Cloud account.

Summary:

“Azure Data Box Family

Data migration to Azure made fast, simple, and secure

Full MS Azure “Data Box” details here.

Blockchain Overview

This Harvard Business Review article is a mostly simple but very solid overview of what Blockchain is and how it is slowly shaping parts of the business world today. I do not necessarily understand the social underpinnings of Blockchain. For example, this paragraph is a bit too ambiguous for me:

“… an incredible tool is shoring up the foundations of social at the level of every transaction—blockchain. Originally gaining notoriety as the data technology underneath the cryptocurrency called bitcoin, today blockchain technology is expanding its reach far beyond the confines of currency and tackling issues involving transactional social trust throughout the world.

However, when some technical armor is placed on it, Blockchain does become a little more clear:

Blockchain is a cryptographically secure, shared data layer that enterprises can use to digitally track the ownership of assets across trust boundaries, opening up new opportunities for cross-organizational collaboration and imaginative new business models. As a shared source of trust, it can extend the scope of digital transformation from a single company to the processes it shares with its suppliers, customers, and partners.

Blockchain, per this article, is going to be a big part of the new Economy, especially relating to the “smart economy”, “IoT” [Internet of Things], compliance, Supply Chain and data security.

 

The Harvard Business Review article [“How Blockchain Will Accelerate Business Performance and Power the Smart Economy “]is here in full.

Windows 10 April Update

Microsoft Windows 10 April 2018 Update

It appears this Update will allow users more control over the sometimes over-the-top Notifications. Per MS, “… people spend an average of 23 minutes per day regrouping and getting back on task after being distracted by a notification”.  They are giving us “Focus Assist” to help adjust notifications as needed.

Source: MSN

Atlanta hit by ransomware attack

This is actually [indirectly] courtesy of the US Government’s NSA, from a few years ago. They actually created the code that exploits Microsoft Servers that face the internet directly.

“It’s been almost a week since the City of Atlanta was hit by a ransomware attack, which encrypted city data and led to the shutdown of some services.
Mayor Keisha Lance Bottoms said in a press conference Monday that the city’s government is working on recovering the network after ransom notes appeared on computer displays on Thursday afternoon. The city has hired local cybersecurity firm SecureWorks to assess the situation.

Reports say the notorious SamSam ransomware was used in the Atlanta attack, which exploits a deserialization vulnerability in Java-based servers. Details of the attack remain largely unknown, but an early investigation may have identified who is behind the attack, said SecureWorks chief executive Michael Cote. Almost a million dollars has been reaped from other businesses that were infected and paid the ransom. It’s not known if Atlanta will pay the ransom.”

Article here.

Top 12 New Technologies For 2018

What are the top 12 technologies business should look for in 2018? Chatbots, Smart Health Tech and IoT, for starters.

But I have to say – the Video one surprised me a little. However, after reading the explanation it does make sense now. Advanced Video [Conferencing, and even VR] technology can really help employees with meetings and presentations, and it could actually be fun, given the right technology and platform.

12 technologies that will disrupt business in 2018

“Video, videoconferencing, and VR

In a survey of nearly 300 companies to determine what makes a great employee experience, researchers at MIT found a surprise at the top of the list: video. Investments in video technology lead to innovation, as well as improved collaboration and productivity, researchers found.

“We see firms investing significantly in interactive video technologies particularly as they spread the use of agile methodology beyond their software development teams to the rest of the business,” says Kristine Dery, a research scientist at MIT’s Sloan Center for Information Systems Research. “This highly interactive agile method of project delivery — with daily stand-ups —  requires teams to either be face to face, or to have the technologies that replicate those more intimate situations as closely as possible.”

Dery predicts that video tech will continue to simulate and improve face-to-face communication with new features, like virtual reality (VR) and other immersive tech (see below), especially as organizations work to fill the skills gap with distributed teams.”

 

Read the full CIO Article.

Windows Folders

Tech Support 101 – You ever try to resize a Windows 10 Explorer [folder/file viewer, not the browser] window only to have the window blow up to full screen? I admit that I have endlessly gone through this – grab the edge of the window and drag it to a desired position on the screen, but once you let go, it maximizes, whether you like it or not! Repeat. Rinse, etc.

Drag the edge of the screen and move it JUST RIGHT. There it is! Anyway, there is an easy fix and putting Tech Support 101 at the beginning of this post is really aimed at myself: all I had to do was pay a visit to the “Ease of Access Center” once and for all instead of procrastinating. Type ‘ease’ into Cortana to locate it or visit the Control Panel.

 

Get to the option that mentions “EASIER” [!]

Scroll to the bottom area. Finally, you need to check, “Prevent Windows from being automatically arranged when moved to the edge of the screen”. Now, my Windows behave as needed.

 

 

Online Networking Resource: TCPIPUTILS.COM

I really appreciate what the folks at TCPIPUTILS.COM provide. They allow for Geo-IP location and domain WHoIs Services, as well as multiple email and networking troubleshooting or research tools. They are unmatched. If a web firewall log or alerts shows questionable behavior emanating from a certain IP address or domain, then this website can be very useful in locating the general source of the IP.

Of course, the service is free unless more extensive services are needed. I may actually take them on this, as this service is well worth it. But for now, the free or basics are sufficient, especially for my petite, humble website.

I received 10+ email alerts that 103.219.194.18 was trying to possibly brute force its way into my WordPress login page. This is very unusual! Interestingly, it was using ‘ADMINS’ as the username – plural? Ok, whatever. But I was able to check this IP on TcpIpUtils.Com and determine the IP is from Hong Kong. I quickly put the block on the IP within my other security software plug-in [WordFence].

A visit to the website is fine, or your can put the IP directly into your web browser, like this:

https://www.tcpiputils.com/browse/ip-address/103.219.194.18

This is what it crunches within 1 or 2 seconds.

Whois information

% [whois.apnic.net]
% Whois data copyright terms http://www.apnic.net/db/dbcopyright.html% Information related to ‘103.219.194.0 – 103.219.194.255’

% Abuse contact for ‘103.219.194.0 – 103.219.194.255’ is ‘removed email address

inetnum: 103.219.194.0 – 103.219.194.255
netname: FENGYENET-US2
descr: FengYe Networks Limited
country: US
admin-c: FNLA2-AP
tech-c: FNLA2-AP
status: ALLOCATED NON-PORTABLE
mnt-by: MAINT-FENGYENET-HK
mnt-irt: IRT-FENGYENET-HK
last-modified: 2017-12-13T01:01:58Z
source: APNIC

irt: IRT-FENGYENET-HK
address: UNIT 04 2c7 2fF BRIGHT WAY TOWER NO.33 MONG KOK RD KOWLOON, HONGKONG HONGKONG 999077
e-mail: removed email address
abuse-mailbox: removed email address
admin-c: FNLA2-AP
tech-c: FNLA2-AP
auth: # Filtered
mnt-by: MAINT-FENGYENET-HK
last-modified: 2016-05-19T09:32:33Z
source: APNIC

role: FENGYE NETWORKS LIMITED administrator
address: UNIT 04 2c7 2fF BRIGHT WAY TOWER NO.33 MONG KOK RD KOWLOON, HONGKONG HONGKONG 999077
country: HK
phone: +85281912525
fax-no: +85281912525
e-mail: removed email address
admin-c: FNLA2-AP
tech-c: FNLA2-AP
nic-hdl: FNLA2-AP
mnt-by: MAINT-FENGYENET-HK
last-modified: 2016-05-19T09:32:31Z
source: APNIC

% This query was served by the APNIC Whois Service version 1.88.15-43 (WHOIS-UK3)

Backdoor in Captcha Discovered

Nothing to see here, folks …

“Backdoor in Captcha Plugin Affects 300K WordPress Sites”

“The WordPress repository recently removed the plugin Captcha over what initially appeared to be a trademark issue with the current author using “WordPress” [Editors note: the original page has been removed, we’re now linking to a screen shot.] in their brand name.

Whenever the WordPress repository removes a plugin with a large user base, we check to see if it was possibly due to something security-related. Wordfence alerts users when any plugin they are running is removed from WordPress repo as well. At the time of its removal, Captcha had over 300,000 active installs, so its removal significantly impacts many users.”

Incredible analysis in the below link. Nicely done by WordFence.

Full article or Blog here

Blocked Countries by WordFence

“China is in the lead” … of blocked countries. My humble website is constantly being sniffed at from the outside. To me it makes no sense on the surface – I have no confidential data or business secrets whatsoever. I do not do eCommerce or any business transactions for that matter. I do not even make poor stock market predictions!

But it makes sense to the potential intruders. These are likely bots just doing recon, searching for WordPress, Plugin or theme weaknesses and other possible pots of gold. Thankfully, I am fully invested in “WordFence”, an outstanding WordPress firewall.

Make a Bootable Ubuntu USB Stick on Windows

I decided to try “Ubuntu on a Stick” – it is not  an odd restaurant menu item, but rather a way to either boot into and test drive the latest Ubuntu version [in this case, 17.10] or to straight out install onto a PC partition via the ‘stick’ [or flash drive]. I ended up doing the latter within 24 hours, replacing a Windows 10 OS.

Ubuntu has an awesome tutorial, so I will not reinvent the wheel. I followed their perfect instructions and all went well. I was ready, willing and able to install Ubuntu on a 2-3 year old HP Pavilion 360 touch screen, after learning that touch does work efficiently now on recent Ubuntu Linux . I upgraded my laptop with a new, beefier model for my Windows 10 needs, but I believed the HP Pavilion [touch ready] 360 is perfect for Linux – it is.

Although I did test drive Ubuntu for 1 night, working right off the USB flash drive, which is always pretty darn cool, I did have to remember a few details once I decided to move forward with installation.

Number 1, if installing Ubuntu on the entire PC or laptop hard drive, you may lose data, so use extra, extra, extra caution! In my case, I had removed or backed up to another USB a few files that were needed but actually most files were in my “OneDrive” Cloud storage, so it was an easy decision – I had no data to lose, because it was stored elsewhere. So, time to erase the drive completely with my Ubuntu USB stick. But …

Number 2, it is tricky to boot from a USB stick if you do not understand Windows 10 shutdown. The Shutdown on Windows 10 is not really a complete shutdown. In Window 10: on the new “Fast Startup” Windows 10 shutdown / start up mechanism, the kernel does not actually close. It hibernates. For a complete shutdown, try this in Powershell: shutdown /s /f . Or … the SHIFT key can be held down as you exit the Windows 10 in order to shut down 100% and get up the BIOS screen. This is needed in order to fully shut down, start up and to tap “ESC” [for this HP] in order to have access to BIOS and boot menu options. That is needed for Ubuntu to be installed on the laptop via the USB.

Here is the USB flash folder layout – an entire Ubuntu Linux world on a stick, as seen from my new Windows 10 laptop. This is an ISO image, which enables booting from the USB drive [referenced above]

The [updated] tutorial is located here!

Equifax Breach or Hack

This is the only link [the first one, below] or site that matters when it comes to the Equifax hack. There are many phishing websites disguising themselves, and reports are coming in that hoax or fake emails are popping into Inboxes. Use caution. ONLY go through Equifax, seeming as though they are the ones who caused the mess. As they likely already have your identity, and then lost it via a hack, you may as well follow the steps off the link below to get yourself courtesy identity theft protection for a few years [that is their penance].

I would even emphasize that you should not take my [or anyone’s] word for it, and double check on Equifax’s website yourself.

https://www.equifaxsecurity2017.com

Cross reference with the FTC:

https://www.consumer.ftc.gov/blog/2017/09/equifax-data-breach-what-do

Samsung Galaxy Line

I agree with this guy – the Samsung line of Galaxy phones are the main game in town. I use a Galaxy S8+and it is a fantastic smart phone.

Samsung is playing on a different level, and now the iPhone is the only competition

“Samsung has a great way of keeping itself in the technology conversation by having dueling flagship phone releases: a Galaxy S around March, and a Galaxy Note around August. It has also had a knack for releasing really great phones over the past three years in particular. From the Galaxy S8 to the larger Galaxy S8+ and now Galaxy Note 8, Samsung has a product set at a range from roughly $650 to $950 in sizes that can appeal to a wide range of buyers.”

https://www.androidcentral.com/editors-desk-samsung-different-level