WServerNews: Without the user’s consent

In this issue:

Mailbag: peanut butter and lawyers. Ask Our Readers: Can Cloudflare be trusted? Let go of my BIOS! Bad week in IT. Lotsa Windows news. Cloud news too. October 11-13: Mastering PowerShell for ConfigMgr and Intune Administrators. Porting legacy VB.NET applications to .NET 6.0. Some miscellaneous tutorials. Free educational webcasts from SANS. Make colorful coasters! Could a penny dropped from the Empire State Building kill someone? The truth about Windows 9. Plus lots more — read it all, read it here on WServerNews!

Think carefully before you push that button—you may be granting consent. Photo by Franck on Unsplash

Mailbag

In my editorial in last week’s newsletter I made the comment that there just aren’t any toasters on the market these days that will let you *really* toast your bread so it’s almost burnt using just a single toasting cycle—you have to toast it at least twice to get your toast crisp and nicely burnt. I was reflecting in my editorial on how fear (of lawsuits) and greed (making choices on grounds of economy instead of usability) have infected our software ecosystem just like almost every other area of Western life. A reader named Phil responded to this with:

Why would you want to eat burnt toast? Lightly colored and other low to medium settings allows you to apply/spread butter, peanut butter, etc. to toast and bagels easier.

I replied by saying “Because it tastes better!” and Phil shot back:

Taste better? ugh.

To each their own.

Andrew Wong from Toronto responded somewhat more soberly to my editorial by saying:

One of the problems that plagues modern western life, especially in the U.S.A. (and unfortunately Canada is not that far behind), is that there are too many lawyers who make a living by doing class action lawsuits. Many companies would make product design decisions by first getting a nod from their lawyers. You can tell I am not a fan of the legal profession. And I wonder if there are IT pros out there who are.

I checked with our legal department and they said it was OK for us to publish Andrew’s comments. They’ll probably deal with him directly in their usual way.

Just kidding of course…for now.

๐Ÿ™

Got comments about anything in this issue?

Email us! We love hearing from our readers!

Ask Our Readers (new question): Can Cloudflare be trusted?

In the And Finally section of last week’s newsletter we included the following tidbit:

Cloudflare launches an eSIM to secure mobile devices (TechCrunch)

https://techcrunch.com/2022/09/26/cloudflare-launches-an-esim-to-secure-mobile-devices/

[But but but using this would mean trusting Cloudflare!]

A reader from South Africa responded to this bit of trolling with the following:

Hello there Mitch and Ingrid, Greetings from South Africa. I am intrigued by your comment about the Cloudflare eSIMs and having to trust Cloudflare. Was this just a comment about having to trust yet another 3rd party or is it Cloudflare specifically? I know they were recently in the spotlight re providing services to morally bereft entities and being drawn into the debate of self censoring. I am interested if the perceptions on your side of the world are any different to those on mine? I have positive feelings towards them; I like the transparency that they demonstrate when things go wrong and I am always interested in their initiatives to improve the internet but am I being naïve? <wondering>

My response to Mark was:

My (somewhat snarky in order to initiate debate) comment basically reflects concerns some companies and network operators have about the growing power of Cloudflare to control and direct traffic and concerning the role of infrastructure providers in content moderation. If you browse the Nanog mailing lists and search Google news for Cloudflare problems you come up with various views on this matter.

And remember too that my snarky comment about Cloudflare was in the And Finally section of our newsletter, which is where you’ll also find such items as warnings about imminent alien invasions ๐Ÿ˜‰

Anyways, let’s see if we can generate some discussion of this topic if some of our readers have strong opinions about CloudFlare in particular and large infrastructure providers in general. Any feedback?

Got questions? Ask our readers!

WServerNews goes out each week to almost 200,000 IT pro subscribers worldwide! That’s a lot of expertise to tap into. Do you need help with some technical problem or are looking for expert advice on something IT-related? You can Ask Our Readers for help by emailing us your problem or question. Do it today!

Help spread the news!

Please tell all your colleagues and friends about WServerNews and let them know that they can subscribe to these and other TechGenix newsletters for free by going here. Thanks!!

Editor’s Corner

Two interesting things happened this week to one of several unmanaged Windows 10 PCs that I use at home. First, I noticed that a software update had been downloaded and Windows wanted to restart so it could apply the update. So I let the machine reboot, and when it started up it displayed this screen:

Whoa, hold your horses here—you’re updating my BIOS? This was the first time I’d ever seen Windows download new firmware from Windows Update. Having been once bitten by bad BIOS updates, I’m twice shy about upgrading a system BIOS unless there’s some seriously important reason for doing so. And normally I perform such firmware updates manually on both our managed and unmanaged PCs. Maybe it’s happened before that WU has upgraded BIOS on some machines, and there are some threads online that discuss this, but I’ve never actually watched it happening as I usually go grab a coffee when the machine I’m using has to apply updates, and I’ve certainly never given Windows permission to mess around with my firmware. Have other readers had this happen? Any thoughts on this matter? And how do you handle upgrading firmware on your home and business computers? Email me.

The second thing that happened to me this week was when I logged on to one of my Windows 10 computers and a dialog box popped up welcoming me to Spotify. Whaaaat? I never gave consent for installing third-party crapware like Spotify on my computer. So I quickly uninstalled it and later that day read an article on BetaNews about this happening to other users. And the next day Gunter Born dug somewhat deeper into the fiasco on his blog.

These kinds of things bother me and make me miss Windows 7 where I seemed to have more control over my computers. Is Microsoft growing proud again and feeling they can get away with anything? Have they forgotten what happened to them in 1998? I like then as a company, but I’m starting to feel mistrustful concerning Microsoft. How about you?

And why the heck did they recently mess up some of my links to their online documentation by changing docs.microsoft.com to learn.microsoft.com? Was this rebranding really necessary?

Anyways, we hope that you enjoy this week’s issue of WServerNews, feel free to email us your comments or questions about anything in this newsletter.

This Week in IT

A compendium of recent IT industry news compiled by Your Editors. Feel free to email us if you find a news item you think our newsletter readers might be interested in. And for more tech news coverage see the News section of our TechGenix website.

Günter Born shares news that Cisco has identified some serious vulnerabilities in their networking hardware. His blog post has links to a number of the advisories on Cisco’s website. Brian Krebs reports that some malicious party has created a bunch of fake LinkedIn profiles for CISO roles at some of the world’s biggest companies. As expected these phony profiles are being mindlessly propagated by downstream employment site, so be careful who your company hires for this role. Bleeping Computer has some info about a new kind of attack on VMware ESXi hypervisors. Further information can be found on Dark Reading. Also on Bleeping Computer is news that SMS phishing attacks continue to be on the rise according to the IRS — and Dark Reading confirms this — so our American cousins down south from here in Canada now have something extra to worry about besides paying their income taxes. In fact the whole idea of MFA (multifactor authentication) is starting to become problematic because of so-called MFA fatigue attacks as explained on the Microsoft Entra (Azure AD) Blog. And then there’s the news on Tom’s Hardware of how fraudsters have been sending companies fake Microsoft Office USB drives in order to gain PC access so they can demand a ransom. And finally, here in Canada all I can say is I’m glad I don’t live in Australia because of news on ITPro about systemic ID problems for 10 million Australians after the Optus breach.

And that’s just the good news! Stay safe for the rest of the week.

Windows news

Lots more Windows news this week, we’ll need to summarize:

Microsoft releases KB5017389 update for Windows 11 2022 Update to fix dozens of problems (BetaNews)

Windows 11 22H2: Out-of-band update KB5019311 (Born’s Tech and Windows World)

Slower SMB Read Performance for large files in 22H2 (Storage at Microsoft)

Windows 11: Printer driver confirmed as upgrade stopper (Born’s Tech and Windows World)

High CPU load, fan on full speed; Windows Defender struggles with Dell SupportAssist (Born’s Tech and Windows World)

Nvidia Issues Fix for Windows 11 22H2 Lag and Stuttering Bugs (Tom’s Hardware)

Beware: Microsoft Edge found serving malicious tech support scam ads (Neowin)

Windows 10 Update KB5017308 causes issues when creating/copying files via GPO (Born’s Tech and Windows World)

And on a more positive side:

Windows 22H2’s are here (Out of Office Hours)

Windows 11 gets better protection against SMB brute-force attacks (Bleeping Computer)

Microsoft commits to updating Windows 11 once per year, and also all the time (Ars Technica)

Let us know if you hear anything else of importance about Windows 10, Windows 11 or Windows Server 2022.

Cloud news

On the Microsoft side of the enterprise cloud you might want to make note of the following:

New RBAC capabilities with Configuration Manager and Intune (Microsoft Endpoint Manager Blog)

Exchange Online email applications stopped signing in, or keep asking for passwords? Start here. (The Exchange Team)

SCOM Management pack for Certificate Monitoring (System Center Blog)

Microsoft Rolls Out Passwordless Sign-on for Azure Virtual Desktop (Dark Reading)

That last item ties in this with news that Microsoft 365 is updating services powering messaging, meetings, telephony, voice, and video to use TLS certificates from a different set of Root Certificate Authorities (CAs) (Microsoft Learn)

And readers who play Trivial Pursuit may find the following article interesting: The History of Microsoft Azure (Educator Developer Blog)

Upcoming webcasts, workshops and conferences

Got an event, conference or webcast you want announced in our newsletter? Email us!

October 11-13 – Mastering PowerShell for ConfigMgr and Intune Administrators – a 3-day LIVE Online Masterclass run by Ronnie Jakobsen – Enroll here

Oct 18 – Veeam Backup for Google CloudRegister to attend this product demo

Nov 3 – EMOTET Exposed: Inside the Cybercriminals’ Supply ChainSave you seat for this Live Webcast by SC Media

Also be sure to check out the following event listings:

Got comments about anything in this issue?

Email us! We love hearing from our readers!

Meet the Editors!

MITCH TULLOCH is Senior Editor of WServerNews and is a widely recognized expert on Windows Server and cloud technologies. He has written more than a thousand articles and has authored or been series editor for over 50 books for Microsoft Press and other publishers. Mitch has also been a twelve-time recipient of the Microsoft Most Valuable Professional (MVP) award in the technical category of Cloud and Datacenter Management. He currently runs an IT content development business in Winnipeg, Canada that produces books, ebooks, whitepapers, case studies, courseware, documentation, newsletters and articles for various companies.

INGRID TULLOCH is Associate Editor of WServerNews. She was co-author of the Microsoft Encyclopedia of Networking from Microsoft Press and collaborated on developing university-level courses in Information Security Management for a Masters of Business Administration (MBA) program. Ingrid also manages Research and Development for the IT content development business she runs together with Mitch.

Subscribe today to WServerNews!

Subscribe today and join almost 200,000 other IT professionals around the world who subscribe to our newsletter! Just go to this page and select WServerNews and you’ll receive it every Monday in your inbox.

IT Workshop – tools, guides and useful stuff

Got a product or solution or some other resource you’d like to tell our readers about? Email us!

Our TOOL OF THE WEEK is Porting Assistant for .NET an analysis tool from Amazon Web Services (AWS) that provides insight and assistance for porting applications from the .NET Framework to .NET Core. You can learn more about it in this post on the Microsoft Workloads on AWS blog.

Want to learn more about how companies in the real world handle business continuity and emergency communications? See this post on the IgniteTech blog. You can learn more about IgniteTechhere.

Check out this comparison by Charbel Nemnon of two popular SIEM (Security Information and Event Management) solutions, Microsoft Sentinel and Splunk.

How effective are your security operations? This article on DarkReading has seven metrics you can use to evaluate this.

Tips and Tutorials

Got tips or tutorials you’d like to recommend for our readers? Email us!

Let’s focus on tutorials this week.

Want to learn how Windows Autopilot works and how to set it up? Zachary Cavanell leads the way on the Microsoft Mechanics Blog.

Charbel Nemnon has the skinny on everything you should know about how to use Microsoft 365 Defender.

ERM (Enterprise Risk Management) is crucial for business success. Akos Vajda explains how to implement it in this article on TechGenix.

Do you use MySQL for your database applications? If so you may find this checklist for troubleshooting and improving MySQL database performance quite helpful!

Want to dig really deep into how NAT (Network Address Translation) works? This video on ipSpace may be just the ticket!

Freebies!!

Got a freebie you want to offer our readers? You can reach almost 200,000 IT pros worldwide with our newsletter—email us!

FREE EBOOK from The New Stack: A Blueprint for Supply Chain Security: What You Need to Protect Containerized Applications

SANS has tons of FREE educational webcasts from the leaders in information security, training, certification and research. Check them out!

Factoid: Make colorful coasters!

Our previous factoid saw no responses so let’s move on to this week’s factoid:

Fact: Burn Pictures On A CD-R, No Special Drive Needed

Source:https://hackaday.com/2022/07/11/burn-pictures-on-a-cd-r-no-special-drive-needed/

Question: How many of you still have a CD reader/writer in your PC and still *use* it?

Email us your answer and we’ll include it in our next issue!

Fun videos from Flixxy

Myth Busted: Penny Dropped From A Skyscraper – Could a penny dropped from the Empire State Building kill someone?

https://www.flixxy.com/myth-busted-penny-dropped-from-a-skyscraper.htm

Hilarious Samoan Chief Shows Tourists How To Make Fire – Samoan Chief Sielu Avea gives a hilarious demonstration to tourists showing them how to make fire.

https://www.flixxy.com/hilarious-samoan-chief-shows-tourists-how-to-make-fire.htm

NASA’s DART Hits Asteroid in Planetary Defense Test – NASA’s DART spacecraft successfully slammed into a distant asteroid at hypersonic speed in the world’s first test of a planetary defense system.

https://www.flixxy.com/nasas-dart-hits-asteroid-in-planetary-defense-test.htm

The Nicholas Brothers ‘Stormy Weather’ (1943) Colorized – The Nicholas Brothers’ tap dance scene from the movie ‘Stormy Weather’ (1943) – now in color. Cab Calloway and his orchestra performing “Jumpin’ Jive”.

https://www.flixxy.com/the-nicholas-brothers-stormy-weather-1943-colorized.htm

And Finally

The odd, the stupid and the remarkable. Good for your mental health.

Google Japan’s GBoard Keyboard Doubles as a Bug Catcher Stick (Tom’s Hardware)

https://www.tomshardware.com/news/google-japans-gboard-keyboard-doubles-as-a-bug-catcher-stick

[Fantastic! A keyboard that also doubles as a debugger!!]

HDD Clicker v0.2 Restores Aural Ambience of Pre-SSD Life (Tom’s Hardware)

https://www.tomshardware.com/news/hdd-clicker-v02-restores-aural-ambience-of-pre-ssd-life

[That’s sweet but could someone please create some software that will cause my wireless router make screeching sounds like my US Robotics 56k modem used to make when it was establishing a connection?]

Cybersickness Could Spell an Early Death For the Metaverse (Daily Beast)

https://www.thedailybeast.com/cybersickness-could-spell-an-early-death-for-the-metaverse-and-virtual-reality

[First there was Beyond Meat making us beef-lovers sick and now Facebook has become “beyond” (meta-) sickening for society.]

Steven Sinofsky shares video showing early Windows 8 concepts (OnMSFT)

https://www.onmsft.com/news/steven-sinofsky-shares-video-showing-early-windows-8-concepts

[I heard that Sinofsky actually made a Windows 9 but kept the only copy for himself.]

Hey reader! Got an amazing or weird or funny link you’d like to suggest for this section of our newsletter? Email us! But please make sure that it’s G-rated as in “Gee whiz”, “Golly!”, “Good grief!”, “Gaaahh!!” and so on. Thanks!

Please tell others about WServerNews!

We hope you enjoyed this issue of WServerNews! Feel free to send us feedback on any of the topics we’ve covered—we love hearing from our readers! And please tell others about WServerNews! It’s free and always will be free—and they can subscribe to it here. Thanks!!!

Product of the Week

Scroll to Top