Blog

Scammers use robocalls to falsely offer free coronavirus test kits and low-priced health insurance

Posted by Dave Cahill on Mar 22, 2020 in Featured, Security News, Technology | 0 comments

Scammers use robocalls to falsely offer free coronavirus test kits and low-priced health insurance

(CNN)Scammers are using robocalls that spread disinformation about the coronavirus pandemic and lying about offering low-priced health insurance and free coronavirus test kits.

CNN’s KFile listened to and reviewed data of coronavirus robocalls provided by the protection app NoMoRobo and found more than 60 different phone numbers falsely claiming to have free coronavirus test kits or advertising health insurance.

 
Another kind of robocall, sponsored by the Support American Leaders PAC, uses a recording of President Donald Trump and asks callers to sign a petition to ban flights from China. The group is not affiliated with Trump and, unlike most other super PACs, doesn’t raise money for advertisements to support Trump, either. It mostly raises funds to pay for more robocalls, which are used to raise more funds, with the owner of the group pocketing the difference. The PAC did not respond to CNN requests for comment.

The coronavirus robocalls are dangerous for a myriad of reasons, said Aaron Foss, the founder of NoMoRobo.

“With all of the confusion around the mobilization efforts, you really don’t know what to believe,” Foss said over email. “With everyone on social isolation, many, many more people are at home, especially seniors,” making them more available to accept the calls and likely to give their credit card information or a donation if asked, he explained.

While there are automated calls from scammers, legitimate automated messages from federal, state and local officials continue to inform the public on the coronavirus pandemic by offering informational resources, like a referral number to the coronavirus hotline or a government website. If a robocall offers free or discounted services, contacts you without your previous consent, or tells you to press “1” or some other key to be taken off a call list, it is likely a scam call.Consumers are advised by federal agencies not to pick up the phone if it is an unknown number and not to engage with the robocall if they do. They can also block the call using software or a service from their phone provider, and report an unwanted or illegal call to the Federal Trade Commission.

Several federal agencies oversee the fight against robocalls, including the FTC and the Federal Communications Commission.

A spokesperson for the FCC, Will Wiquist, told CNN over email they were aware of such calls and were looking into them.

“As a general matter we wouldn’t weigh in on if a certain example might be a violation and we cannot comment on if we would formally investigate,” he told CNN. “That said, we are aware of some such communications and are looking into it.”

How the coronavirus robocalls work

A robocall is defined by the FTC as illegal if it is trying to sell you something unless a company has your written permission to call you that way.

Purely informational calls, such as reminding you of an appointment, school delays, flight updates, are legal, as are calls from health care providers reminding you to pick up your prescription. Automated political calls, debt collection calls and messages from charities are also exempt.

But the calls falsely advertising free coronavirus test kits are illegal.

According to Foss, the scam works like this: Criminal robocallers blast out millions of automated calls using “gateway carriers,” which accept foreign call traffic and direct it to US consumers. Once a person accepts the phone call, they hear a pre-recorded message regarding the coronavirus that can go like this:

“The coronavirus has caused the US to declare a national emergency. The Families First Coronavirus Response Act has made coronavirus testing more accessible immediately. If you want to receive a free testing kit delivered overnight to your home, press one.”

The message is riddled with inaccuracies. While the US has declared a national emergency, The Families First Coronavirus Response Act was not signed into law when the robocall first sprung up on March 16. While coronavirus testing is ramping up in the US, there is no legitimate way to get a home-delivered kit. Testing is still limited through lab facilities ordered by medical professionals.

If a person presses “1,” they are transferred to a call center, which can either be in the US or overseas, where an operator impersonates the federal government and tries to scam the caller into handing over their credit card information, usually for the “shipping and handling” of the “free” coronavirus test kit, Foss said.

“It’s a field day for the robocallers,” Foss told CNN over email. “Best case, the scammers steal their money and are never heard from again. Worst case, the scammers ship a non-working ‘test kit’ that could make the pandemic even worse.”

“If that fake test kit says you don’t have the virus, you’re more likely to go out and get infected or infect others,” Foss added.

And if a person does fall for one of these scams, it’s just the beginning. Foss says that your number is then put on a “high value target” list that leaves you vulnerable to more robocall scams in the future.

One robocall called CNN’s KFile trying to sell health insurance plans. A CNN reporter pressed “1: to speak with a representative.” A woman answered, “Hi, this is Christina. Do you have insurance and don’t like it or need insurance?”

The conversation quickly turned hostile before CNN could identify itself as journalists. When asked who was sponsoring the call, the representative responded, “Who’s sponsoring what? If you were transferred to me you had to push a button to get to me. We were reaching out to make sure you have health insurance. Have you been watching the news?”

“I have been watching the news, yeah,” a CNN reporter said.

“OK, we were just reaching out to make sure you have health insurance because things are pretty scary right now. So do you need help with health insurance? Because I’m an independent broker. I don’t work for an insurance agency, I actually work for my client. If you need help, I can definitely get you some insurance,” she said.

“Who’s your client? Like, if you’re an independent broker?”

“I’m reaching out to people. If you’re not my client, then we shouldn’t be talking anymore,” she said.

After trying to clarify who she worked for, the representative snapped.

“Do you need help? You pressed the button because you said you needed insurance. There was a button that said if you want to be put on the do not call list, you could have pressed that one but you chose to press the one to reach me and now you’re asking me 20 questions. All you had to do was push 2 and you would have been put on the do not call list. But I’ll take care of it for you on this end.” Then she hung up.

Not the World Health Organization

Another call seemingly impersonates the World Health Organization, claiming to be the “Worldwide Health Organization” and offers protective equipment from the EPA.

“Greetings this is an automated message alert from the Worldwide Health Organization to inform you about the EPA.’s Emerging Viral Pathogen Program for the coronavirus protection,” the call says. “We offer you the opportunity to obtain the most powerful and secure protection equipment to protect yourself and all your family members.”

A callback number from the robocall is no longer in service. The EPA does not review those types of devices.

In an email to CNN, a spokesperson for the EPA wrote, “The emerging viral pathogens claim is a real thing, but it only applies to EPA-registered disinfectants has reviewed data on, not devices or machines.”

Super PAC robocalls play on people’s fears and politics

Some robocalls are taking advantage of public anxiety by playing to people’s politics. Support American Leaders PAC, a super PAC that CNN previously reported on for impersonating the Trump campaign, begins its robocalls with a recording of Donald Trump.

“I’m Donald Trump, we have to fix this because it just doesn’t work,” the recording says, followed by a male voice saying: “President Trump needs your emergency support to pressure Congress to suspend all flights from China to the US, so we can stem the coronavirus outbreak. If I have your permission to sign your name to suspend all flights from China to the US and support President Trump, press ‘1’.”

If the listener presses “1” on their phones, they get taken to a phone operator who then asks for a donation.

The call was detected on March 12; Trump suspended virtually all flights to and from China in January, making the PAC’s assertion that he needs support to pressure Congress false. Also, unlike most other super PACs that raise money to support candidates by running ads or supporting efforts to increase voter turnout, Support American Leaders PAC effectively raises most of its money for robocalls, which are then made to solicit more money, and so on. Matthew Tunstall, the man who runs Support American Leaders PAC, takes home whatever money remains.

As CNN previously reported, Tunstall has a history of running these type of shadowy groups that target people with politically charged messages before asking them for a donation under the guise that the person’s donation is actually going towards helping a candidate.

Neither Tunstall, nor Maureen Otis, the PAC’s listed treasurer, returned a CNN request for comment.

The Trump campaign condemned the PAC robocall in an email to CNN’s KFile.

“Scammers will use every trick in the book to try to convince people that something is sanctioned communication from the President or his campaign. This call is not authentic and we do not condone it,” wrote spokesman Ken Farnaso.

Despite this, there’s little the Federal Elections Commission can do, according to Christian Hilland, the FEC’s Deputy Press Officer.

“The agency is currently operating without a working quorum, and as a result, the Commission is unable to move forward on enforcement matters at this time,” he said.

An Artist Used 99 Phones to Fake a Google Maps Traffic Jam

Posted by Dave Cahill on Feb 4, 2020 in Fun Stuff, Google | 0 comments

An Artist Used 99 Phones to Fake a Google Maps Traffic Jam

With his “Google Maps Hack,” artist Simon Weckert draws attention to the systems we take for granted—and how we let them shape us.

Written by Brian Barrett / Courtesy of Wired.com

Almost three years ago, artist Simon Weckert noticed something unusual at a May Day demonstration in Berlin: Google Maps showed there was a massive traffic jam, even though there were zero cars on the road. Soon enough, Weckert realized that it was the mass of people, or more specifically their smartphones, that had inadvertently tricked Google into seeing gridlock on an empty street. And then he decided to do it himself.

“The question was if it might be possible to generate something like this in a much simpler way,” Weckert says. “I don’t need the people. I just need their smartphones.”

And so Weckert borrowed phones from friends and from rental companies until he had acquired 99 devices, which he piled into a little red wagon. The Google Maps Hack project had begun.

The plan was simple. Over the course of a day, Weckert would walk up and down a given street, mostly at random, towing his smartphone-packed wagon behind him. The effect wasn’t instantaneous; it took Google Maps about an hour to catch up. But eventually, inevitably, Weckert says his wagon would create a long red line in the app, indicating that traffic had slowed to a crawl—even though there wasn’t any traffic at all. He had effectively tricked the system into thinking a series of large buses were crawling back and forth.

“Traffic data in Google Maps is refreshed continuously thanks to information from a variety of sources, including aggregated anonymized data from people who have location services turned on and contributions from the Google Maps community,” Google said in a statement. “We appreciate seeing creative uses of Google Maps like this as it helps us make maps work better over time.” The company also notes that while it has figured out how to distinguish between cars and motorcycles, it does not yet have any way to filter for Weckert’s setup.

Weckert is not the first person to fool Google Maps, and there are more high-tech ways than renting out dozens of smartphones to accomplish the same goal. But for Weckert, the simplicity was the point. “I’m reaching a wider audience, because otherwise it would be too technical,” he says. “If I focused on algorithms or whatever, I could imagine that it might not be so understandable.”

In other words, Weckert didn’t “hack” Google Maps to prank commuters. Instead, he has a story to tell.

“What I’m really interested in generally is the connection between technology and society and the impact of technology, how it shapes us,” Weckert says. He cites philosopher Marshall McLuhan: We shape our tools and thereafter our tools shape us. “I have the feeling right now that technology is not adapting to us, it’s the other way around.”

Google Maps provides a particularly illustrative example of that relationship. Not only is it a closed system, with little transparency around what data informs it and how it’s used, but Google Maps also uniquely shapes the physical world. If it picks up a traffic jam—real or fabricated—it might redirect vehicles to less-traveled streets, in turn putting strain on infrastructure that wasn’t built for the extra volume. “I see a pretty interesting conflict between infrastructures and cities and new technologies,” says Weckert. “There’s some friction between them.”

That’s partly why Weckert spent some of his time on one of Berlin’s bridges, where bottlenecks frequently occur even without an artistic assist. But he also explored another layer of Google’s influence, by marching his cart in front of the company’s headquarters in the city.

“If you stand in front of it, you wouldn’t realize it’s Google headquarters,” says Weckert. The company had originally planned to set up a tech campus in Berlin’s Kreuzberg district, but backed down in 2018 after prolonged community protests. It opened its current office a little over a year ago. “Nobody basically realized that they arrived in Berlin. The crucial question is what will it make of the neighborhood,” says Weckert, who worries that rent and cost of living will increase.

Weckert has explored the nexus of digital and physical in his previous work, including a look at how Google Maps draws different borders depending on where you live—and what your government prefers. But none has achieved this kind of attention, in part because this is the first time he’s promoted any of it beyond his own website.

“I’m not such a fan social media. I was basically much more trying to stay out of it,” Weckert says. (Which, well, you probably could have guessed that from his work.) “The thing was it was quite clear to me that this project would go viral. That was clear from the beginning.”

When Weckert published the project to his website nearly a month ago, it attracted little interest. Then on Saturday he posted to Twitter about it for the first time, which so far has over 14,000 retweets. Within a matter of days, his Google Maps Hack had properly blown up.

It’s getting attention because it’s fun, sure. But it also serves as a necessary reminder that the systems people take for granted involve inputs and outputs, and that they themselves are sometimes both. It shows how simple it is to fool a product in which people put tremendous amounts of faith. And it illustrates how maps aren’t neutral, either in their creation or their interpretation.

Not bad for a stroll with a little red wagon and a few dozen phones.

Read the original article over at Wired.com.

Here’s what will happen to your Windows 7 PC on January 15, 2020

Posted by Dave Cahill on Jan 10, 2020 in Windows | 0 comments

Here’s what will happen to your Windows 7 PC on January 15, 2020

Microsoft is ready to push a full-screen warning to Windows 7 users who are still running the OS after January 14. The nag-screen payload is part of the December 10 Patch Tuesday monthly rollup.

Microsoft has been warning Windows 7 users for the past year-plus that after January 14, 2020, they’ll get no more security updates to the operating system for free. Even though users will be able to continue to run Windows 7 after that date, they’ll be more susceptible to potential security problems. To hammer that point home, Microsoft is planning to deliver a new pop-up notification to Windows 7 users on January 15, 2020.

Microsoft already has been delivering warning notifications periodically to Windows 7 Home and many Pro users about the impending January 14 end-of-support date. But on January 15, the company will push a full-screen notification to those still running the OS to make it clear that “Your Windows 7 PC is out of support.” Note: “The notification will not appear on domain-joined machines or machines in kiosk mode,” the KB article says.

Like it has been doing since last year, Microsoft is delivering this new nag notification to Windows 7 users by making it part of a patch rollup. The coming notification is embedded in monthly rollup KB4530734, which Microsoft made available to Windows 7 SP1 users on December 10 as part of its Patch Tuesday set of updates. This patch is designed to configure Windows 7 PCs that receive it so they will display the January 15 notification starting on that date.

The January 15 full-screen warning will tell users that their PCs are more vulnerable to viruses and malware due to no security updates, no software updates and no tech support. It will say that “Microsoft strongly recommends using Windows 10 on a new PC for the latest security features and protection against malicious software.”

Those who see the full-screen warning will have three options: Remind me later; Learn more; or Don’t remind me again. If users don’t click on the “Don’t remind me again” button and just dismiss the screen, they will continue to get nag warnings.

In April 2019, Microsoft began proactively notifying Windows 7 Home users about the approaching end of support deadline for Windows 7 via a pop-up. Starting in October, Microsoft also began delivering pop-ups about the end of support to Windows 7 Pro devices that were not domain-joined.

Microsoft will continue to provide security updates for Windows 7 for up to three years to business users who purchase Extended Security Updates for each of their PCs running the OS. It also will provide Windows 7 security updates for no additional charge for three years to users who purchase Windows Virtual Desktop. Office 365 ProPlus will continue to work on devices with Windows 7 Extended Security Updates through January 2023, Microsoft officials have said.

Google has announced it will continue to support its Chrome browser on Windows 7 until at least July 2021. Microsoft officials have yet to say how long they will continue to support the new Chromium-based Edge browser on Windows 7.

Read the original article over at ZDNet.com.

FBI asks Apple to help unlock iPhones belonging to alleged Pensacola shooter

Posted by Dave Cahill on Jan 7, 2020 in Mac / Apple, Security News | 0 comments

FBI asks Apple to help unlock iPhones belonging to alleged Pensacola shooter

The FBI has court permission to access data on the iPhones, but both are password protected.

The FBI has asked Apple for assistance in unlocking two iPhones that belonged to Mohammed Saeed Alshamrani, the Saudi air force trainee alleged to have shot and killed three people at Naval Air Station Pensacola in December.

In a letter sent to Apple’s general counsel and obtained by NBC, the FBI said that investigators “are actively engaging in efforts to ‘guess’ the relevant passcodes but so far have been unsuccessful.” The FBI has court permission to access data on the iPhones, but both are password protected. 

Apple said in a statement that it has been cooperating with the government’s investigation.

The case calls to memory the Apple-FBI legal feud of 2016, in which the Justice Department sought to compel Apple to build a backdoor that would’ve bypassed the encryption on an iPhone that belonged to Syed Farook, who with his wife Tashfeen Malik shot and killed 14 people in San Bernardino, California in December 2015.

Apple argued it couldn’t access the shooter’s iPhone 5c because of the device’s encryption, but the FBI sought a court order that would’ve forced Apple to rework its software to bypass the encryption. Apple said at the time that it would “set a dangerous precedent” if it was forced to backdoor one of its products.

The government eventually dropped the case when it unlocked the iPhone with the help of an unnamed third party. It was later revealed that the FBI spent over a million dollars to hack the device.

Read the original article over at ZDNet.com.

G Suite vs Office 365: Which is Better for Your Team?

Posted by Dave Cahill on Jan 6, 2020 in Google, Tips & Tricks, Windows | 0 comments

G Suite vs Office 365: Which is Better for Your Team?

Are you trying to decide whether to get G Suite or Office 365 for your team? You’re not alone. Every business owner has to choose their core productivity tools at some point. And most of the time it’s a decisive battle of G Suite vs Office 365.

Why? Because running a business smoothly requires the right tools are at your disposal. And what are the primary tools a business needs? Generally speaking, all businesses need:

• An email provider
• A word processing system
• Spreadsheet software
• Generous file storage
• A collaboration platform
• A presentation maker

The most functional and productive way to use all these tools is through an office productivity suite. That’s where G Suite and Office 365 come into the picture.

In this post, we’ll go through the main features of each office productivity suite and see how they help different types of businesses.

Office 365 Overview

Office 365 is the relatively new name for what we previously knew as Microsoft Office. The programs in Office 365 are cloud-based but can also be downloaded. They work on both PC or Mac. Even if the Microsoft Apps are installed on a computer, they can’t be used unless there is an activated subscription plan.

Many of the programs are also available as Android and iPhone apps.

The Office 365 productivity suite includes the following:

• Word
• PowerPoint
• Excell
• Outlook
• OneNote
• Sway
• People
• Calendar
• OneDrive
• Skype
• Teams

G Suite Overview

The G Suite productivity suite is all cloud-based. It can be accessed from any computer at any time simply by signing in. There are no programs to download on a computer, but there are iPhone and Android apps to stay on track with documents and work.

These are the programs that are part of the G Suite:

• Docs
• Slides
• Sheets
• Forms
• Gmail
• Drive
• Hangouts
• Currents

Costs – Office 365 vs. G Suite

It’s highly likely that you are already using the tools from G Suite and Office 365, or have in the past. Both of these have free options that work fine for individuals like Google Docs and Word Online. Unless you are running a business, you never need to look at the professional plans. Once you have to manage a team and keep things organized, you will need to transition into a paid system.

Let’s take a look at the costs of each one. There are lots more variables, but these are the most suited for business teams.

G Suite

Basic – $5 per user/month
Business – $10 per user/month
Enterprise – $29 per user/month

Office 365

Business Essentials – $6 per user/month
Business – $10 per user/month
Business Premium – $15 per user/month
Enterprise Plans starting from $8 per user/month as an annual payment

Email – Microsoft Outlook vs. Gmail

Every business needs a reliable email provider. Both Microsoft Outlook and Gmail are powerful email services.

The good thing about them both is that they can be easily linked to domain emails through a simple  POP integration. But that’s about all they have in common.

Choosing between Gmail and Outlook when it comes to visual design is really a personal preference. Gmail looks more streamlined while Outlook seems a little dated.

In terms of organization, the folder system in Outlook is easy to use but limited. Gmail has granular organization capabilities. Also, Gmail has the ability to use add-ons and extensions that make it even easier to organize and streamline.

When it comes down to productivity, Gmail is the best option. But if your team members have been using Outlook for a while then you’d have to decide if it’s worth transitioning. Ask your team members what they think, it’s likely they have tried both systems and will have an opinion.

Documents – Microsoft Word vs. Google Docs

Let’s look at the document creators from both contenders.

Microsoft Word has been around for a long time and many people have used it since grade school and know how to get around it. Google Docs is the free online program from Google that has given many people the opportunity to create documents easily, without having to pay a cent.

The main difference between the two is the features provided. Docs is simple and easy without much bloating. Word, on the other hand, is feature-rich and full of legacy tools.

In terms of team collaboration though, Docs used to take the lead with real-time edits and commenting features. Word has now added live editing but only on their web version. If using the desktop version, then users have to wait for edits to be sent over. Even if Office 365 has added live edits for the web Word app, Docs still takes the lead on this one because it’s a default in the program and users swear by it.

Microsoft Word is full of features because it also serves as a PDF creator. Users can create simple ebooks, reports with visuals, brochures or flyers. That is not possible with Docs. But then again, there are better programs out there to design visual material.

Spreadsheets – Microsoft Excel vs. Google Sheets

Moving on to the number-crunching programs.

Microsoft Excel has been the go-to software for spreadsheet work for many years and there isn’t another program quite like it. Google Sheets is like a minimal version of Excel and any Excel user can get used to it fast. Both programs can handle simple equations and calculations, but Excel is more powerful in that respect. if your company is looking for a strong calculating software that can help make predictions ad more, then Excel is definitely the best choice.

Excel can handle large amounts of data, better than Sheets. If data and numbers are important for your team, then this is a big factor for decision making. All other apps in the productivity suites are not much different from each other, except for these two.

Presentations – Microsoft PowerPoint vs. Google Slides

Both G Suite and Office 365 offer a tool to create presentations.

Microsoft PowerPoint has long been the software of choice to create presentations and many companies swear by it. On the other hand, Google Slides is pretty powerful and can help users create presentations just as well as PowerPoint can.

Since Slides and PowerPoint aren’t very different from each other, they aren’t much of a contender when choosing the productivity tool for your team. Especially when there are so many other programs for presentations apart from PowerPoint and Slides.

File Storage – OneDrive vs. Google Drive

File storage is a big factor when choosing the right productivity suite. Both Microsoft OneDrive and Google Drive have large storage capacity for all their plans but details can get tricky according to each plan.

For example, Google Drive Business plans give teams unlimited storage as long as there are more than 5 team members.

Here is a quick rundown of storage capacity for each productivity suite.

G Suite

Basic Plan: 30 GB
Business Plans ad higher: Unlimited (1 TB for less than 5 users)

Office 365

All Plans: 1 TB
50 GB email storage

Collaboration Platform -Microsoft Teams vs. Google Hangouts

Teams need a good and practical collaboration tool. In this sense, each productivity tool has its own pros and cons.

Microsoft Teams, for example, is a lot like Slack and is quite a powerful team collaboration tool. In order to have conversations with team members, Skype Business comes with the subscription.

In the G Suite set of apps, Google Hangouts is not as powerful as Microsoft Teams but is still easy to use and collaborate with. Last year when Google took down Google+, they replaced it with an enterprise version called Google Currents. People are still trying it out but it’s not similar to Slack.

As we mentioned above, the live editing capabilities for Docs, Sheets, and Slides are great for collaboration. Microsoft programs have recently added live editing, called co-authoring, but only through the web applications.

Which Productivity Suite Is Best For Your Team?

Choosing between G Suite and Office 365 for your team really boils down to preference. If you or your team has already been using Google products then it will be easier to transition to G Suite. The same applies if you’ve been using Outlook and Word in home plans, moving up to Office 365 business plans is even easier.

If your team handles lots of data and needs a lot of number processing power, Excell will always be better than Sheets. In that case, you’re better off with Office 365.

If you prefer simplicity over legacy bloat in all aspects of a productivity suite, then G Suite is your best bet. Also, if you have more than 5 team members and appreciate unlimited storage, G suite is also the way to go.

When it comes to the battle of G Suite vs. Office 365, both productivity suites can be perfect for your team, but it really boils down to what you’ve been using until now. And if you need Microsoft Excell for large data analysis.

Read the original article over at ElegantThemes.com.

Windows 10 2004 Under Development, Here Are the New Features

Posted by Dave Cahill on Jan 2, 2020 in Windows | 0 comments

Windows 10 2004 Under Development, Here Are the New Features

The Windows 10 version 2004 Feature Update is expected to be released in the Spring of 2020 and it comes with a long list of improvements and new features.

Unlike the November 2019 Update, which was more like a service pack, Windows 10 2004 aims to bring new features and enhancements not seen in previous versions of Windows.

For those who wish to test Windows 10 2004, otherwise known as 20H1, and the various new features, you can join the Windows Insider program and install it now.

Changes in Windows 10 2004

Optional update experience

Starting with Windows 10 20H1, you no longer need to access the Device Manager to manage your drivers and new devices drivers will not be installed automatically.

Instead, new drivers will be detected as ‘Optional updates‘ and will be listed under the ‘View optional updates’ screen where they can be installed.

This new page can be found under Settings > Update & Security > Windows Update > View optional updates.

Task Manager gets an upgrade!

Windows 10’s Task Manager is getting two new features – the first one allows you to see the disk type and the second one lets you monitor the temperature of the graphics card.

Reduced disk and processor utilization by Windows Search

In the past, many users would disable the Windows Indexer feature used by Windows Search because it used up too much CPU or caused high disk usage.

To prevent this from occurring, Windows 10 will use a new algorithm that detects high disk usage and activity, and if detected, will slow down the Windows Indexer.

“Based on this, we’re introducing an algorithm that detects high disk usage and activity, so it can better identify peak usage times and manage the indexer accordingly. We’re also making changes for developers to prevent searches of certain repositories and project folders to improve disk usage.”

Download throttling options for Windows Update

Windows Update allows users to throttle bandwidth usage of Windows Update, but setting download throttling as a percent of available bandwidth isn’t enough and some users are unable to reduce the impact on their internet connection.

Windows 10 20H1 introduces a new option that lets you set a specific speed that will be used to throttle Windows Update You can set this for both foreground and background downloads. This option also controls the bandwidth used by Windows 10 app store.

Users can access this option via Settings > Update & Security > Delivery Optimization > Advanced Options.

Passwordless experience

Microsoft is introducing passwordless sign-in for Microsoft accounts to strengthen your device sign-in. This allows Microsoft accounts to use ‘modern multifactor authentication’ such as Windows Hello, Fingerprint, and a PIN instead of passwords.

New Cortana experience

Windows 10 comes with a new Cortana experience that features a brand-new chat-based UI and it gives you the ability to type to interact with the digital assistant.

The updated Cortana supports both dark and light themes, Bing answers, Assistant conversations, allows you to open apps, set reminders, alarms, and timers as well. The firm has dropped jokes and other consumer-focused features.

• Microsoft has created a less intrusive screen for “Hey Cortana” queries.
• New speech and language models introduced.
• Significantly improved performance.

Redesigned Network Status page

Microsoft has revamped the Network & Internet landing page in Settings. It offers more information about the network, so you can easily understand the connectivity of your device.

The new Network page displays all available connection interfaces on the Status page and you can now see the data usage on this page as well.

Windows Search improvements

Windows 10 2004 brings improvements to Windows Search that include:

• Improved spelling correction for Apps & Settings searches. Microsoft is making significant changes to how Windows Search’s built-in spell checker works, so you can find the exact file you’re looking for.
• Windows search will intelligently understand and correct small typos like “powerpiont” and “exce”.
• Windows Search now displays hints to improve Best match results under a ‘Related:’ line.

Account picture in Windows

You can now update the picture of your account that you use to sign in to Windows 10 quickly and the changes reflect across Windows, apps, and Microsoft sites that you use every day. 

This can be done from Windows 10’s Your info page with the ‘Create your picture’ option.

Optional Features

Windows 10’s Settings > Apps & Features > Optional Features is getting the following new features:

• Multi-select: The page finally allows you to select and install multiple optional features at the same time.
• More useful information: It displays the installation date of each optional feature.
• You can also view the status of your latest installs/uninstalls/cancels right on the main page.

Virtual desktops

You can now rename your Virtual desktops to quickly organize your office and personal work or multiple projects.

New Reset this PC from cloud feature

Windows 10’s Reset this PC from Cloud is a new cloud recovery feature that allows users to reset their PC using Windows files downloaded from Microsoft’s servers.

New tablet experience for 2-in-1 convertibles

Windows 10 version 2004 offers a better tablet experience with increased spacing between Taskbar icons, the search box on taskbar collapsed into an icon and File Explorer with a touch-optimized layout.

Windows Sandbox

Windows Sandbox, which was introduced with the May 2019 Update, is getting accessibility improvements in this release. With Windows 10 20H1 Update, Windows Sandbox is getting support for Microphone, audio input devices, and the following two keyboard shortcuts:

• Shift + Alt + PrintScreen activates the ease of access dialog for enabling high contrast mode.
• Ctrl + alt + break allows entering/exiting fullscreen mode

Read the original article over at BleepingComputer.com.

How to Deal With Difficult Coworkers

Posted by Dave Cahill on Dec 20, 2019 in Tips & Tricks | 0 comments

How to Deal With Difficult Coworkers

In every office, there’ll be at least one person you can’t stand. They’ll disagree with everything you say, talk behind your back, and perhaps even go as far as to sabotage you. Learning how to deal with those difficult coworkers is a skill that’ll serve you well in your professional life.

Usually, with the right approach, you can turn difficult work relationships into productive ones. In this article, we’ll go over four tips to help you handle abrasive coworkers more effectively.

Let’s get to it!

Why Conflict Management Skills Are Crucial to Your Professional Life

Unless you’re extremely lucky, there’ll always be at least one person at your job that’s difficult to deal with. Even if there isn’t, at some point you may clash with a coworker you like due to professional differences or problems with a specific project.

Knowing how to navigate these conflicts without escalating the situation and painting yourself in a bad light is key. This skill can make for a less stressful workplace and show your superiors that you have the ability to problem-solve and be a team player.

If you’re constantly at odds with one or more difficult coworkers, your boss may start to see you as part of the problem. Quickly diffusing tense situations is vital for your career’s long-term trajectory, and conflict management skills can help with that.

How to Deal With Difficult Coworkers (4 Key Tips)

There are a lot of ways you can deal with difficult people, but not all of them are appropriate for a workplace environment. Next time you find yourself nose to nose with a coworker, try utilizing one of these four tips.

1. Keep Your Cool and Stay Civil

When it comes to office conflicts, you never want to be the person caught yelling at someone else in public. Even if it doesn’t get that far, breaking your professional demeanor can cause you to say or do things you regret. Plus, being quick to anger is an excellent way to lose your coworkers’ respect and trust.

When it comes to dealing with difficult coworkers, you need to be the bigger person. They may not remain on their best behavior, but you need to keep your responses appropriate to your locale. That’s easier said than done of course, but there are several ways you can work on your self-control, such as:

• Adopting a ‘responding vs. reacting’ mentality. Instead of reacting instinctively to insults or accusations, you should seek to dismantle unsubstantiated claims altogether.
• Using breathing exercises or meditation to calm down. A few deep breaths in tense situations can be enough to help you slow down and think through your next move. Likewise, meditation can help you get a handle on your emotions.

When we see two people arguing, we’re usually inclined to take the side of the calmest party. Even if your coworkers have valid reasons to get angry at you, keeping your cool can still work in your favor.

2. Focus on the Things You Agree On

One of the best ways to get difficult coworkers over to your side is to make them pay attention to the things you have in common or points you agree on. If they don’t see you as being totally against them, they may be less inclined to stir up conflict with you.

Let’s say, for example, you’re in the middle of a presentation and a coworker keeps interrupting you with unwarranted criticism. Getting angry or flustered won’t do anything to further your point or salvage your work.

Turning the tables by agreeing with some of their points, drawing attention to parts of your presentation you agree on, and asking for their suggestions is a much smarter approach. This move fulfills two purposes:

• You establish you have common ground and are on the same ‘side’.
• You ask them for their input, which shows you value their opinions.

Plus, there’s always a chance their feedback could prove valuable. Even if they’re annoying and you don’t generally get along, your coworker could still have useful insights.

On the other hand, sometimes you may be in a position where you have to provide feedback to a difficult coworker. In those cases, we recommend you lead with a positive.

As some say, honey catches more flies than vinegar. Highlighting something your coworker has done well can soften the blow when you have to deliver harsher criticism.

3. Keep Digital Records of Your Communications when Possible

So far, we’ve talked about ways to diffuse tension in the workplace. In some cases, however, you may end up dealing with difficult coworkers who won’t see reason.

If you find yourself in a situation where you’re facing harassment or keep clashing repeatedly with a coworker, you need to start planning ahead. In a twenty-first-century office, that means keeping digital records of your exchanges.

Your best allies, in this case, are email and screenshots. If someone is sending abusive messages, don’t trash them. Keep them saved in a folder so you have evidence if you need to make a case to your company’s Human Resources (HR) department.

Taking screenshots can come in handy for communications on services such as Slack or other platforms you use to coordinate tasks. Beyond those scenarios, it can also pay off to take notes of any instances of verbal abuse. Include what happened, when, and if there were any witnesses.

If the situation doesn’t de-escalate at some point, you may need to take the issue up with a superior. Having a record that you’re not the party at fault will play to your advantage.

As a rule of thumb, we only recommend bringing a third party into the conflict as a last resort. Before things get to that point, it’s important to make a final attempt to confront your coworker.

4. Don’t Be Afraid to Confront Coworkers When Necessary

In some cases, the only way to deal with difficult coworkers is to confront them. Some people won’t back down unless you make it very clear they’re behaving unprofessionally and you won’t put up with it.

Confronting someone in the office doesn’t mean physical escalation or yelling in their faces. The best way to approach this is to have a private conversation, where you focus on any or all of the following:

• Why their behavior is making you uncomfortable
• How you’d like your work relationship to proceed going forward
• Explaining that you’re unwilling to tolerate verbal abuse or unprofessional behavior

Most people are somewhat afraid of confrontation. In many cases, we’d rather put up with uncomfortable situations that make a fuss. However, sometimes a direct approach the only way to get your point across.

Workplace confrontation can also arise if you need to have a discussion about performance in the office. If you’re reviewing a coworker, they may be on the defensive due to feelings of insecurity. Try framing the discussion in a positive light, as we mentioned earlier.

In any of these scenarios, keeping your cool is important. It increases the chances of the confrontation ending positively. That way, you won’t need to take things to the next step of involving a superior or HR.

Conclusion

Unless you run a one-person business, you’ll end up dealing with difficult coworkers at some point. Knowing how to handle them will help you defuse a lot of tense situations and make for a less stressful work environment.

Here are four tips to help you deal with a coworker who’s making your work-life miserable:

1. Keep your cool and stay civil.
2. Focus on the things you agree on.
3. Keep digital records of your communications when possible.
4. Don’t be afraid to confront them when necessary.

Read the original article courtesy of Elegant Themes.

It’s Time to Nervously Mock the 50 Worst Passwords of 2019

Posted by Dave Cahill on Dec 19, 2019 in Security News | 0 comments

It’s Time to Nervously Mock the 50 Worst Passwords of the Year

In spite of everything—the leaks, the breaches, the myriad privacy risks—a large majority of people are still using “password” and “123456” as their password. Folks, it’s long past time to stop taking security shortcuts.

Security services firm SplashData has released its ninth annual Worst Passwords of the Year list, which assesses more than 5 million leaked passwords to determine those most commonly shared by hackers. This year’s list has revealed that people are still using easily guessable and common passwords to guard their data, including those frequently cited in past reports as being particularly susceptible to attacks.

While “password” fell two spots on this year’s list compared to last year’s, it remains in the top five—along with “123456″ and “123456789.” There are some newcomers to the list, such as “qwertyuiop” and various repeated number sequences like “7777777,” however the report notes that even passwords that appear complicated are rather created using keys situated next to each other on the keyboard. It adds that these types of passwords “may seem to be complex but will not fool hackers who know millions of people use them.”

Behold, the worst of the worst:

1 – 123456 (rank unchanged from 2018)
2 – 123456789 (up 1)
3 – qwerty (Up 6)
4 – password (Down 2)
5 – 1234567 (Up 2)
6 – 12345678 (Down 2)
7 – 12345 (Down 2)
8 – iloveyou (Up 2)
9 – 111111 (Down 3)
10 – 123123 (Up 7)
11 – abc123 (Up 4)
12 – qwerty123 (Up 13)
13 – 1q2w3e4r (New)
14 – admin (Down 2)
15 – qwertyuiop (New)
16 – 654321 (Up 3)
17 – 555555 (New)
18 – lovely (New)
19 – 7777777 (New)
20 – welcome (Down 7)
21 – 888888 (New)
22 – princess (Down 11)
23 – dragon (New)
24 – password1 (Unchanged)
25 – 123qwe (New)

And an additional 25 from SplashData-owned TeamsID:

26 – 666666
27 – 1qaz2wsx
28 – 333333
29 – michael
30 – sunshine
31 – liverpool
32 – 777777
33 – 1q2w3e4r5t
34 – donald
35 – freedom
36 – football
37 – charlie
38 – letmein
39 – !@#$%^&*=
40 – secret
41 – aa123456
42 – 987654321
43 – zxcvbnm
44 – passw0rd
45 – bailey
46 – nothing
47 – shadow
48 – 121212
49 – biteme
50 – ginger

“Our hope by publishing this list each year is to convince people to take steps to protect themselves online, and we think these and other efforts are finally starting to pay off,” SplashData CEO Morgan Slain said in a statement. “We can tell that over the years people have begun moving toward more complex passwords, though they are still not going far enough as hackers can figure out simple alphanumeric patterns.”

Data breaches are, unfortunately, an inevitability. But using strong, unique passwords for each of your accounts can prevent a bad actor from using the leaked credentials of one login to access various other accounts. The easiest way to do this with a password manager, which will randomly generate unique passwords for all of your accounts and store them for you so that you aren’t tempted to recycle common, similar, or otherwise weak passwords for your accounts—be it for your bank or Netflix. Everyone should also enable two-factor authentication everywhere it’s available, preferably using an authentication app (which is baked into many password managers).

And for the love of god, please stop using “password” as your password—no matter the account.

Read the original article over at Gizmodo.com.

G Suite to cut off access to ‘non-Google’ apps by 2021

Posted by Dave Cahill on Dec 17, 2019 in Google, Security News | 0 comments

Google to Force OAuth in G Suite to Increase Security

Google announced that it will block less secure apps (LSAs) from accessing G Suite account data starting February 2021, following an initial stage of limiting their access during June 2020.

This announcement follows the removal of the “Enforce access to less secure apps for all users” setting from the Google Admin console on October 30, 2019.

LSAs are non-Google apps that access Google accounts using only a username and password pair and thus exposing users who use them to account hijacking attacks.

The process through which apps are sending username/password pairs with every authentication request made when connecting to a server, an endpoint, or an online service is also known as basic authentication or proxy authentication.

While this simplifies the authentication process, it also makes it a lot easier for potential attackers to steal the user’s credentials when connections are not secured using Transport Layer Security (TLS) or to obtain them via credential dumps following a data breach.

Moving to OAuth-based authentication

By switching to software with OAuth support, users will immediately benefit from increased security by allowing Google to block attackers from logging into their accounts even if they somehow steal their credentials.

“Users who try to connect to an LSA for the first time will no longer be able to do so” starting June 15, 2020, Google says in a post published today.

“This includes third-party apps that allow password-only access to Google calendars, contacts, and email via protocols such as CalDAV, CardDAV and IMAP. Users who have connected to LSAs prior to this date will be able to continue using them until usage of all LSAs is turned off.”

After February 15, 2021, access to LSAs will be shut down completely for all G Suite accounts according to Google.

Google advises developers to update their apps to use OAuth 2.0 as a connection method to maintain G Suite account compatibility and provides help on how to use OAuth 2.0 to access Google APIs.

The company also provides information and advice on how to get started to move to secure OAuth access to continue accessing their email, calendar, or contacts.

Microsoft also moving to modern auth

Microsoft also announced in September that basic authentication will be turned off in Exchange Online for Exchange ActiveSync (EAS), POP, IMAP, and Remote PowerShell starting October 13, 2020.

That followed a previous announcement made last year about plans to stop supporting and fully remove Basic Authentication support in Exchange Web Services (EWS) API for Office 365.

“Customers are encouraged to move to apps that support Modern Authentication prior to the Basic Authentication removal in October 2020,” Microsoft said at the time.

“After October 2020 apps will not be able to use Basic Authentication when connecting to Exchange Online. This change only affects commercial M365 at this time, not our consumer service Outlook.com users.”

To disable Exchange Online basic auth before its decommission time, you have to create and assign auth policies to individual users by following the procedure detailed on Microsoft’s Exchange Online support website.

Read the original article over at BleepingComputer.com.

High-School Students Find Spy Cameras in Their Hotel Rooms

Posted by Dave Cahill on Dec 16, 2019 in Privacy, Security News, Technology | 0 comments

High-School Students Find Spy Cameras in Their Hotel Rooms

High-school students from Wisconsin attending a conference in Minneapolis found spy cameras in their rooms at a downtown hotel, prompting a police investigation.

The recording devices were not found in other rooms on the property, the hotel management determined after a careful search.

Investigation moves forward

The students were attending a conference sponsored by Madison East High School at the Hyatt Regency hotel in Minneapolis.

It is unclear if they were the target, although the information available at the moment seems to suggest so, since bugging devices were not found in other rooms.

In a letter to parents, a school official said that the incident was being investigated. Principal Brendan Kearney added that “as a precautionary measure, a staff member accompanying students on the trip was placed on leave.”

No arrests have been made but some reports say that the authorities searched a home in Cottage Grove, Wisconsin, on Thursday morning, as part of the investigation.

Finding hidden cameras

Reports of spy cameras in lodgings have been recorded in the past, especially at Airbnb locations, despite the terms being clear that hosts need to disclose to guests the security cameras and other surveillance devices with a view to the interior. Tip: focus on objects that seem out of place or in an unusual position and use the flashlight on your phone to spot camera lens reflections in the dark.

As such, guests should still look for hidden gadgets of this kind. A physical inspection is a good start but you can use your phone for a more detailed search.

Scanning the devices on the local network may reveal recording devices if they are connected to the same WiFi network as your computer or phone.

Mobile applications such as Fing can show most devices on the same network, revealing their manufacturer and even the model in some cases. From there, you can search the web to determine the exact type of device.

More technical guests can use software for the desktop that is specifically created for network scanning. Nmap is a popular solution but not the only one.

For the most part, though, looking at places that are likely of interest for someone that wants to spy on guests should lead to the discovery of a covert device, bathrooms, bedrooms, and desks someone may use to work on a computer are among the common targets.

Read the original article over at BleepingComputer.com.