* Posts by RobinCM

7 posts • joined 15 Feb 2013

Want to get around app whitelists by pretending to be Microsoft? Of course you can...



A different type of whitelisting, but works well enough to stop people (non-admins) running stuff you've not approved.

Except it now doesn't block PowerShell, and worse, lies and tells you it has in the event log. Disappointing.


Everybody without Android Oreo vulnerable to overlay attack



Are advertising their Android phones in part by stating their "pure Android" nature and that they'll get regular security updates. Specs aren't bad either, my partner bought a Nokia 8 yesterday and it's rather nice - considering getting one myself.

My HTC One M9 is still on 7.0 April 2017 security update.

It'll be interesting to see how many other manufacturers start to jump on the "pure & secure" (tm) bandwagon.


Tech firms take down WireX Android botnet



"the attack vector has been patched by Google"

... but that patch will not ever be deployed to 99% of devices.

They really need to sort out the update mechanism for the OS itself. We all know most manufacturers/carriers don't send them out.


Inside the ongoing fight to stamp out govt-grade Android spyware


Re: "to target older versions of Android that are no longer being patched "

If companies slowed down a little on developing and releasing new hardware (often that is not really significantly different from the previous version, or other products in their range) they might be able to a) spend more time testing and deploying security updates, and b) stop needlessly polluting the planet by manufacturing the pointless multiple new hardware revisions.

Knowing what most people are like, they get attached to their stuff and don't want the hassle of choosing and migrating to a new device every few years. I wish I could bung HTC a few quid every year to get access to security updates for my phone. But instead I have to throw it out and buy a new one every few years.

A few software devs have got to be cheaper than the vast amounts they must currently spend designing testing and building new hardware every few months.

That model would take some selling at present, but sometime soon the collective security awareness of the world will demand it. Surely?

If not, legislation will be needed.


Yeah, WannaCry hit Windows, but what about the WannaCry of apps?


Control freak

I would much rather be the cause of outages and problems with my own systems through applying updates, than not apply updates and have some malware/hacker get into them and mess them up.

I know which updates I've tested and applied, and when I did it. Who knows what the malware/hacker has done, or how long they've been there doing it for.

The risk of not updating outweighs the risk of updating.


Reg readers speak out on Thin Client technology


Lync 2013 - does not support Remote Desktop Session Host.



Shame, because in Server 2012, RDSH performance and functioanality is great, and Lync 2013/Skype for Business is also great. But not if you want to use them both together.

Might be some other relevant stuff in here for some people: https://rcmtech.wordpress.com/2014/09/11/why-im-not-deploying-windows-desktops-using-remote-desktop-services/


Inside Microsoft's Surface Pro: A fiendishly difficult journey


Re: @Mark

HP do still have Maintenance and Service Guides available as PDFs, I used one to help me upgrade a Folio 13-2000 laptop last year, was very detailed and easy to find via Google.



Biting the hand that feeds IT © 1998–2017