Editor’s Corner
This week we look at some new books from CRC Press, talk about what the successful cracking 256-bit RSA keys implies, examine whether Microsoft Azure might be a Ponzi scheme, and look at a cover of a PC magazine that got us thinking about the future of Microsoft Windows. We also have lots of other fun stuff including a new Ask Our Readers question about RDP clients that we need some help with, plus a Tip about safely charging your tech gear. And finally, did you ever swear out loud when you try to plug in a USB device and got the orientation of the connector upside down? Hint: see this week’s Factoid for more!
Enjoy this week’s issue of WServerNews and feel free to send us feedback on any of the topics we’ve covered — we love hearing from our readers 🙂
Cheers,
Mitch Tulloch, Senior Editor
New books from CRC Press
We had a chance to look through a few new titles fresh off the presses from CRC Press and felt the following ones might interest our newsletter readers:
Why don’t we defend better? Data Breaches, Risk Management, and Public Policy (CRC Press)
https://www.amazon.com/dp/0815356625/
A fast and easy read on the topics of defending yourself against data breaches, software vulnerabilities, phishing attacks, and other kinds of cyberthreats. Has some good advice about risk management and examines the pros and cons of using managed security service providers (MSSPs). The final chapter looks at the big picture and suggests some practical solutions for strengthening the security posture of your organization. Recommend as a good read for IT managers and CSOs.
Inside the Dark Web (CRC Press)
https://www.amazon.com/dp/0367236222/
Many of us who work in the IT profession are fascinated by the dark web which constitutes the content on the Internet that’s only accessible through special browsers and certain other software. Just don’t get too fascinated because it’s pretty dangerous digging around down there! This book examines the threat landscape of the dark web and includes such topics as the Tor network, Trojans and other types of malware, and the activities of cybercriminals who inhabit the dark web. The book also looks in detail at how to surface and analyze deep web content and extract information from dark web log files. The chapter that interested me most was the one on dark web forensics where I learned about FTK from AccessData which I’ll have to take a look at some time when my workload eases off. You can find out more about it here:
https://accessdata.com/products-services/forensic-toolkit-ftk
Anyways, this is a good introduction to both the dark side of the dark web and how to shed light on what’s happening there. Target audience is probably IT security managers. Covers everything at an intro level but very well so.
Digital Transformation of Enterprise Architecture (CRC Press)
https://www.amazon.com/dp/1138553786/
This book affords a high-level overview with summary info about how new and emerging technologies are transforming how enterprises do IT. Topics covered range from cloud computing basics to big data, Blockchain, neural networks, IoT, and more. Target audience would likely be IT professionals and managers who want to bone up on some new technology area that’s starting to impact the organization they work for. Best way to read this book is probably to pick a chapter that interests you and read it through, then go and find other learning resources that delve more deeply into the technical side of the subject.
Has a 256-bit RSA key really been successfully cracked?
Ars Technican had a story recently about the CEO of Crown Sterling doing a demo of how to successfully crack what until now has been considered practically uncrackable:
As you can read from the article though, some security researchers doubt the practicality of this approach. But Microsoft security technologies like BitLocker use 128-bit AES encryption by default, but they can also be configured to use a 256-bit key for greater security. And other Microsoft products and services like SharePoint Online and Skype for Business also utilize 256-bit AES encryption.
So what does all this mean for us in IT security? What do our readers think? Does it keep you awake at night worrying about your infrastructure? For myself I seem to recall reading somewhere that in order to get the cryptographic equivalent of a 256-bit AES key you would need something like a 20,000-bit RSA key or something similar. Still, nothing is every absolutely certain when it comes to information security, right?
Anyways, email me at [email protected] with your comments if you have any.
Is Microsoft Azure really that big and profitable?
For a number of years now we’ve heard about how Azure has been rapidly catching up to AWS in the Cloud Wars, and most tech analysts view them as more or less the two big contenders for the place of Top Dog in the cloud universe. But reportedly according to this post on The Medium (requires login) things may not be as simple as they seem:
https://medium.com/@wtfmitchel/azure-vs-moores-law-2020-65a6fe67e31b
Here’s the relevant quote taken from another site that published an excerpt from the article on The Medium:
As a result of undershooting their projected capacity by such a large margin, Microsoft was way off on their capacity projections with Azure and only built roughly 1/3 of the data center capacity that was actually necessary. Consequently, they had to over-provision their existing data centers to the point of tripping the breakers and rapidly fill the gaps with an excessive amount of leased space to meet the demand that they projected. All of which effectively doubled the amount of leased space in their portfolio from 25% to 50%, extended their break-even to nearly a decade, and killed their hopes of profitability any time soon.
While an honest mistake and not being able to foresee the future is forgivable, knowingly omitting a mistake of this magnitude is criminal when considering how much Microsoft is hedging its future on Azure. On top of supplying misleading revenue metrics in their quarterly 10K filings to fortify a position of strength and being second only to AWS, Microsoft seems to be wary about reporting Azure’s individual performance metrics or news of these failings that would enable investors to conclude this for themselves. Instead, Microsoft appears to be averaging out Azure’s losses with their legacy mainstays that are profitable by reporting its revenue within their Intelligent Cloud container instead of itemizing it.
Sounds a bit like Bernie Madoff, doesn’t it? Anyways, not sure how accurate all of this is, but it does get one thinking about where your Azure applications and workloads are really being hosted. Whaddayathink? Is Azure a house of cards ready to collapse under its own weight of operating costs? Email us at [email protected]
PC magazines are getting desperate!
Finally, here’s a photo of my workbench during a short coffee break I took last week:
Kinda looks like PC magazines are getting pretty desperate for interesting content these days, doesn’t it?
And by the way, when did you last pick up a hardcopy of a magazine about Windows computers? Are there any left still out there besides Maximum PC? And are there any e-zines about Microsoft Windows that are worth looking at? Or should I just read the latest Jack Reacher novel while I sip my espresso during coffee break?
Email me at [email protected]
Got more thoughts about anything in this newsletter?
Email us at [email protected]!
Tell all your friends about WServerNews!
Please let all your friends and colleagues in the IT profession know about our newsletter. Tell them our latest issues can be found at wservernews.com while older issues dating back to 1997 can be found in our archive. And let them know also that they can receive WServerNews each week in their inbox by subscribing to it here. Thank you!
Ask Our Readers – Which RDP tool does the best job? (new question)
A few months back I published the following article on our TechGenix site:
Remote Connectivity Solutions: Doing RDP Sans Microsoft (TechGenix)
https://techgenix.com/remote-connectivity-rdp/
Someone left the following comment on this article and I thought it might be a good idea to redirect it to our readers for their recommendations:
After years with Remote Desktop Connection Manager v2.7 I tried the “Microsoft Remote Desktop Version 10.1.1101.0” from Store, mainly because of scaling high/low resolutions on remote or host computer.
RDCMan can do some scaling, I didn’t quite figure it out. I love the short-cut-keys: ctrl-q, type computername, tab, arrow-down, enter and you are logging in with saved credentials. That’s my pace… 🙂
The Store-app scales wonderful, but it stops and dies every now and then and lack a tree- or dock-view which is mandatory when working on several machines at the same time.
Back and forth with these two I found Devolution but never got through configuration. It seemed a lot of things to turn on or off, too little “bang for bucks” compared to RDCMan. And then I switched work and no longer need this, but still curious to know what RDP-tool is doing the job best.
If you have a suggestion concerning which client-side tool is best for doing RDP please email us at [email protected]
Got questions? Ask our readers!
WServerNews goes out each week to more than 200,000 IT pro subscribers worldwide! That’s a lot of expertise to tap into. Do you need help with some technical problem or are looking for expert advice on something IT-related? Ask Our Readers by emailing your problems and/or questions to us at [email protected]
Subscribe to WServerNews!
Subscribe today to our WServerNews newsletter and join 200,000 other IT professionals around the world who receive our newsletter each week! Just go to this page and select WServerNews to receive our monthly newsletter in your inbox!
Have you seen the latest issue of FitITproNews?
This month’s issue of FitITproNews has a guest editorial by Kurt Berckmans an IT professional who is currently the SharePoint Team Lead at Bayer in Rotselaar, Belgium. Kurt shares how he recently got back into doing triathalons again after a hiatus of more than 20 years and how it has helped him lose 35 kg of excess weight he had been carrying around in just 4 months–wow!!
Also in our latest issue are the following articles by our FitITproNews columnists:
- Robin Camp on how to choose a gym
- Rod Trent on the best wearables for runners
- Mark Nichols on when excuses become reasons
- Kris Lall on the food pyramid scheme
- Brian Dougal on sleep and how it relates to energy
And we welcome Kris Kane to our stable of columnists who shares how he likes to move it move it!
Be sure to check out our latest issue of FitITproNews here:
https://techgenix.com/newsletter-category/fititpronews/
Tip of the Week
>> Got any IT pro tips you’d like to share with other readers of our newsletter? Email us at [email protected]
Be careful how you charge your tech gear!
The U.S Coast Guard recently issued a safety warning for commercial boat operators, recommending that they monitor the amount of unsupervised phone charging occurring on their boats in the wake of a fire off the coast of California that killed 34 people. More info can be found in this story on The Hill:
Be careful how you charge your mobile, tablet or laptop! I don’t know about other readers but what I usually do is place my device on a flameproof surface such as our stone-tiled kitchen table when I need to charge it up overnight.
What do you do to safely charge your gear? Email us at [email protected]
Admin Toolbox
>> Got any admin tools or software you’d like to recommend to our readers? Email us at [email protected]
Learn how to get started with PowerShell v6.2 (specifically on Windows) and how it can be applied to an IT pro’s daily life to get back her much-needed time.
http://www.wservernews.com/go/tedt45sd/
If native Office 365 reports are not sufficient for you and if you need more details on your email traffic such as the sender, recipient and email subject, try PROMODAG Reports for free now!
http://www.wservernews.com/go/4bg2ce63/
Hardentools is a utility that disables a number of risky Windows features.:
https://github.com/securitywithoutborders/hardentools
Learn Ethical Hacking and penetration testing with hundreds of ethical hacking & penetration testing & red team & cyber security & computer science resources:
https://github.com/blaCCkHatHacEEkr/PENTESTING-BIBLE
PJON is a valid tool to quickly and comprehensibly build a network of devices for free without the need of a cloud service or a centralized platform you don’t fully control:
https://github.com/gioblu/PJON
Mailbag
From a reader named Hank:
Hi Mitch, great newsletter this week, and a couple of thoughts regarding various items:
- Apple and blocking the changing of MAC addresses. – I think you will find the security they are looking at is network security, particularly at sites where access is locked down to specific MAC addresses. By blocking the ability to change the MAC address, Apple have removed the ability of bad actors to impersonate an authorised device and thereby gain access to resources that they may not be entitled to access.
- Older workers.- as a person in their sixth decade, I understand what Jonathon is talking about. I still get a buzz out of fixing problems for users, but there are days when I could quite happily tell them to all go and think about what they are asking for before submitting the work request. As the sole technical person at a mid size business, I find my days are filled with issues related to physical destruction of equipment, network lockups and Microsoft Office 365 being glitchy. I also find that I get co-opted to assist in moving furniture and equipment.
And this one comes someone named from Kareem who is a Network Technician II working for a business development company in Jamaica:
Q4OS Linux is a fast and polished distro for running on lowend hardware.
Q4OS bills itself as a fast and powerful operating system based on the latest technologies while offering highly productive desktop environment. You can find out more about this distro here:
I may give this a try soon as one of my Windows laptops is currently so messed up I need to do a wipe and reload.
Factoid – Consequences of a poorly thought out design
Last week’s factoid and question didn’t generate any response from our readers so let’s move on to this week’s factoid:
Fact: The inventor of the USB connector/port has regrets about making them so hard to plug in correctly:
Source: https://mashable.com/article/usb-inventor-explains-difficulty/
Question: To make it easier to plug in flash drives and other USB devices into my computers, I attach a label to the USB connector and write “UP” using a colored marker on the side that usually (argh) needs to be up when the connector is plugged into a USB port on a computer.
What do our readers do to solve this problem? Just fumble around?
Email your answer to [email protected]
Conference calendar
>> Got an IT conference or event happening that you’d like to promote in our newsletter? Email us at [email protected]
Microsoft Ignite 2019
Nov 4-8, 2019 in Orlando, Florida
https://www.microsoft.com/en-us/ignite
Other Microsoft conferences
Microsoft Licensing Boot Camps
- Dec 9-10 in Seattle, Washington
https://www.directionsonmicrosoft.com/training
Infosec conferences
Cyber Security Summit – Nov 7 in Boston, Massachusetts
https://cybersummitusa.com/boston19/
Cyber Security Summit – Nov 21 in Houston, Texas
https://cybersummitusa.com/houston19/
Cyber Security Summit – Dec 5 in Los Angeles, California
https://cybersummitusa.com/losangeles19/
Other conferences
VMworld – Nov 4-7 in Barcelona, Spain
https://www.vmworld.com/en/europe/index.html
Midwest Management Summit – Nov 11-13 in New Orleans, Louisiana
https://mmsmoa.com/registration/mms-jazz-edition.html
European SharePoint, Office 365 & Azure Conference – Dec 2-5 in Prague, Czech Republic
https://www.sharepointeurope.com/
SharePoint Fest – Dec 9-13 in Chicago, Illinois
https://www.sharepointfest.com/Chicago/
Podcast Corner
Reducing your datacenter’s carbon footprint (The T-Suite)
https://techgenix.com/podcast/the-t-suite/
Do too many users have VPN access to your prod environment? (Risky Business)
https://risky.biz/netcasts/risky-business/
All Things Microsoft Ignite with Anna Chu (Microsoft Cloud IT Pro Podcast)
https://www.msclouditpropodcast.com/
Azure DevOps, Sentinel GA and Azure in a Backpack (Microsoft Cloud Show)
http://www.microsoftcloudshow.com/podcast
Secure Deployment with Mikael Nyström (RunAsRadio)
New on Techgenix.com
Exchange: Help! I cannot send or receive external mail
If you cannot send or receive external mail with Exchange, you don’t need us to tell you something is not right. But here’s what may be wrong.
https://techgenix.com/exchange-cannot-send-receive-mail/
Best practices for configuring your Microsoft Hyper-V VMs
There are countless best practices that can be applied to configuring Hyper-V VMs. The ones detailed in this article come from firsthand experience.
https://techgenix.com/configuring-hyper-v-vms/
Review: Windows workplace security solution PolicyPak
Group Policy, used for locking down Windows machines in corporate environments for years, is showing its age. Enter PolicyPak. Here’s our review.
https://techgenix.com/policypak-review/
Quick tip: Using Azure Network Watcher Next Hop in PowerShell
Here’s a quick tip that you may want to add to your toolbox. We’re going to fire up PowerShell to use the Network Watcher Next Hop tool.
https://techgenix.com/network-watcher-next-hop/
Lansweeper
Lansweeper’s network inventory tool allows for a global network inventory and IT inventory asset management. Lansweeper is praised as the best network inventory scanner due to the unique agentless network inventory capabilities which provides unmatched details about hardware, software, users, network, warranty and much more. Network device inventory gives you a full overview of all switches, printers, routers, firewalls, music systems, IP cameras and any other network device in your network.
https://techgenix.com/product/lansweeper/
Fun videos from Flixxy
Catching Air Race Pilot Kirby Chambliss in Texas
Air race pilot Kirby Chambliss tests his speed throughout Dallas-Fort Worth, being chased by the local police:
https://www.flixxy.com/catching-air-race-pilot-kirby-chambliss-in-texas.htm
Cruise Ship Passing Through The Corinth Canal – World Record
Take a look at the majestic MS Braemar, a 72 ft wide cruise ship, passing through the 82 ft wide Corinth Canal:
https://www.flixxy.com/cruise-ship-passing-through-the-corinth-canal-world-record.htm
irque du Soleil – Mystere – ‘Kalimondo’
Travel to a world beyond the imaginable with ‘Kalimondo’ from Mystere by Cirque du Soleil:
https://www.flixxy.com/cirque-du-soleil-mystere-kalimondo.htm
Animals Hugging People
Animals hug their human friends, expressing their love and appreciation for people:
https://www.flixxy.com/animals-hugging-people.htm
More articles of interest
What’s new with VMware Cloud on AWS
Find out the exciting new features and updates to VMware Cloud on AWS that was announced at VMworld 2019.
5 features to look for in a VDI monitoring tool
VDI monitoring tools can help IT get visibility into a complex environment. Here are the key features every IT admin should look for in a VDI monitoring tool.
2 methods to tackle Windows Autopilot troubleshooting
Windows Autopilot isn’t perfect, and you can run into errors during its deployment. Explore two ways to troubleshoot Windows Autopilot issues, using event logs and registry keys.
How API standards have changed
API language standards were few and far between in the past, but now cloud has made API standardization more important than ever. Learn what you need to know about these standards.
Send us your feedback!
Got feedback about anything in this issue of WServerNews? Email us at [email protected]