It’s Windows 10 day

It’s Windows 10 day. That means it’s time for a completely biased and in-no-way-even-remotely-objective assessment of Windows 10.

The internet is filled with people trying to act all objective about Microsoft and Windows 10, and explain what it all “means.” I’m forgoing all of that this round. This review is not from the standpoint of an administrator, or even much of a nerd.

This is the review of one Windows 10 user, evaluating it as the primary work operating system. It is the OS I have used for months, but is it the OS that I will trust my business to, or even want to use in my off hours? Get out the party hats and popcorn and let’s find out!
Okay, so Windows 10 isn’t exciting. In fact, it’s downright boring. The fanfare is strained and the changes are minor. Windows 10 is an evolution of its predecessor, and that’s absolutely fantastic.

For reasons Microsoft could never understand – but which I have tried to explain to them repeatedly – Windows Server 2012 and 2012 R2 have been greeted enthusiastically. Though they are essentially the same operating system, Windows 8 and Server 2012 were targeted at entirely different audiences that valued entirely different things.

Microsoft didn’t – and still doesn’t – understand what it is either group places value on. That’s okay, Microsoft has deep pockets and it can keep throwing things at the wall to see what sticks. History tells us Microsoft has a one in three chance of getting any given release right, and that’s more than enough to keep its coffers full.

So what’s up with Windows 10? Feedback from the nerdosphere has been all over the map. Many of the usual suspects are saying unusual things. Pro-Microsoft people are panning it. Anti-Microsoft people are praising it. What’s really going on is a bit more complicated.

Windows 10 is a bit crap, but only a bit. Truth be told, it’s actually quite a good operating system. I’ve been running it from the beginning of the open beta and it’s taken everything I can throw at it.

To be perfectly clear: I’m not kind to operating systems. I hibernate my PCs. I fill the RAM up. I hibernate my PCs with the RAM full. I play games the hardware doesn’t really like. I currently have more than 4,000 browser tabs open. Things like that.

Windows 10 takes everything and asks for more.

Windows 10 is faster on the same hardware than Windows 7. Noticeably so, especially if that hardware has an SSD. It’s less frustrating than Windows 8 – well, mostly – and almost as usable as Windows 7.

Thanks to Windows 8 Classic Shell has evolved rapidly over the years. Today, it solves almost all of my UI issues with Windows 10 and even manages to detect when Microsoft has reset things and sets about reinstalling itself and reapplying the settings in order to compensate. Bloody brilliant.

Best of all, Classic Shell is available as part of Ninite, so it just gets installed along with all the other default required third-party software whenever I build a system. Ninite Pro is a reasonably priced and fantastic way to keep all that third party software up to date.

Classic Shell gets rid of (most) of the stupidity Microsoft inflicted with Ribbon Bars in various bits of the UI and it replaces the completely broken, utterly useless and ridiculously poorly designed (probably by committee) abomination that is Windows 10’s Start Horror. Push button, receive mindspiders; this, at least, is solvable.

The Start Screen of Windows 8 is properly banished. The new notifications tray/basic settings widget thing is actually quite nice. Overall, most of the UI dings have been hammered out.

So the first crap part of Windows 10 is the above-mentioned Start Horror thing. It shouldn’t be. I cannot say enough mean things using enough colourful invectives. It’s awful. But, as mentioned above, it’s fixable.

Microsoft has mutated Windows Explorer into a Ribbonesque horror of additional awfulness. This is only partly fixable. It’s the worst bit and probably the thing that will drive most power users away, if anything ends up driving them away.

Settings in Windows are inconsistent. Some are in the “Settings” Metro app and some are in the Control Panel. It takes a few hours to sort out what’s where, but since there’s really only two places to look it’s honestly not that big of a deal.

The colour palette options are pretty broken. People who prefer “dark themes” are probably going to have trouble using Windows 10. If this is actually fixable, I haven’t figured out how yet. Windows 10’s customization capabilities seem strictly limited compared to previous versions of Windows.

There are some more specific issues that have irritated individual bloggers and tech journalists, but the above is the stuff I think the “average” user will notice and care about.

There are some potential deal breakers with Windows 10. To start off with, the VPN client is crap. It really does not like connecting to older VPN servers and its behaviour under many circumstances is inconsistent to the point of seeming non-deterministic. I’ve seen problems with it straight through to the release version.

Microsoft’s spying on you is pretty awful. Windows 10 calls home with essentially every last thing you do and search for by default. Finding and disarming all the different ways Microsoft spies on you is difficult at best, and a futile game of whack-a-mole at worst.

It is perhaps not fair to project the experiences of participating in the open beta onto the release version of Windows 10, but I did get pretty sick of having to go in and defang Microsoft’s creepy doll Cortana spymaster every time a major patch came out.

The NSA can go straight to hell, as can any company slurping up my info into data centres where that data can be easily “requisitioned”. I may not be able to keep the NSA out of my data, but I do intend to make the proxy whoresons work for it!

That leads us into the whole “forced patches” thing. I’m not a fan. I understand that some people feel this is the only way to make Aunt Tilly patch. They’re wrong. Aunt Tilly’s computer was shipped to her with Windows Updates enabled by default.

I prefer to not have to fight Microsoft to keep my computer from rebooting and annihilating all my open applications, thanks.

But this is beyond personal preference. Microsoft has completely borked patches so many times during my career that I absolutely refuse to install any Windows patch on any computer I rely on without testing it first. Nope. thanks and bye.

Further adding to my nopeing over forced updates is that I simply do not trust Microsoft, even the littlest bit. Windows 10 is supposed to be on a brand new release lifecycle where major-ish updates will be pushed out with some regularity. I don’t trust Microsoft with this power.

Perhaps more to the point: I don’t trust Microsoft not to push out some horrific UI change or break applications like Classic Shell. Microsoft have broken my trust too many times and done absolutely nothing to earn it back.

Now I realise everything in this “dealbreaker” category won’t matter to everyone. In fact, there is a significant population to whom none of these issues with matter. I said above that this isn’t a particularly objective review of Windows 10. These are simply the issues that tweak my particular constellation of requirements and beliefs and prevent me from deploying it for my use cases.

For all my griping, Windows 10 is kinda not bad. My wife compares it to Canadian politicians. Everyone on offer is at least a little bit crap, but there’s usually one that meets “good enough” standards and probably will do as much good as they do harm. I think it’s an accurate comparison for Windows 10.

Most people don’t want their computers to radically change. They prefer slow, incremental evolution. They like stability. Business especially prefers this. For the most part, that’s Windows 10. It’s really not that much different than its predecessors, and that will make it usable by most.

But usable isn’t enjoyable. When Windows 7 came out there were a few complaints (give me back my up arrow, damn it!) but for the most part there was relief. At long last, here was salvation from Vista and a path forward from XP.

There’s none of that with Windows 10. It’s good enough to use if you have to. It’s definitely a step up from Windows 8. But if you have Windows 7 there’s no sane reason to move to Windows 10 as, ultimately, Windows 7 is still better.

If you don’t use VPNs except to very new servers, you trust Microsoft enough to let them force updates on you, and you’re okay with the digital creepy doll shouting everything you do back to the mothership, then Windows 10 is good enough.

Windows 10: it’s only a little bit crap. And really, that’s better than we could have hoped for.

Do NOT open that text message!

Frankly most people who get malware are asking for trouble. They open a suspicious file from a stranger, go to a skanky website, or download the movie or game that came out yesterday from BitTorrent. Then, there’s Stagefright. With malware based on this security hole all you need to do is to get a text on your unpatched Android device, and, bang, you’re hacked.

Android’s Stagefright security hole is scary, but you can avoid it. Stagefright can attack any Android smartphone, tablet, or other device running Android 2.2 or higher. In short, of the approximately 1-billion Android gadgets out there, Stagefright could, in theory, hit 95 percent of them.

Can you say bad news? I knew you could.

stagefright

Zimperium zLabs VP of Platform Research and Exploitation, Joshua J. Drake, who uncovered Stagefright claims that it’s among the “worst Android vulnerabilities discovered to date.” He’s got a point.

Stagefright holds up your device by being sent to you as a multimedia text message. For example, a short video of kittens playing could be used to put malware on your system.

The really sneaky part is you don’t need to watch the playful cats. If you’re using Google’s Hangouts app, you don’t even need to open your text message app. All the attacker needs to do is send a poisoned package to your phone number. It then opens up your device, and the attack starts. This can happen so fast that by the time your phone alerts you that a message has arrived, you’ve already been hacked. If, on the other hand, you’re using Android’s standard Messenger app you must open the text message — but not necessarily watch the video — to get hacked.

This security hijack works by taking advantage of Android’s built-in Stagefright media library. This media playback engine comes with software-based codecs for several popular media formats and is used for audio and video playback. Its security hole appears to be that to reduce video viewing lag time Stagefright automatically processes the video before you even think about watching it. Drake will reveal the full details of how Stagefright works at Black Hat in early August.

In the meantime, Zimperium informed Google of the problem in April. According to Drakem “Google acted promptly and applied the patches to internal code branches within 48 hours.”

A Google spokesperson added in an e-mail response that, “The security of Android users is extremely important to us, so we’ve already responded quickly to this issue by sending the fix for all Android devices to our partners.”

She added:
•Security is baked into Android: Android applications run in what we call an “Application Sandbox.” Just like the walls of a sandbox keep the sand from getting out, each application is housed within a virtual “sandbox” to keep it from accessing anything outside itself, meaning that even if a user were to accidentally install a piece of malware, it’s forbidden from accessing other parts of the device.
•The open ecosystem improves security and makes Android stronger: Android is open source. This means anyone can review it to understand how it works and to identify potential security risks. Anyone can conduct research and also make contributions to improve Android security.
•Google encourages security research: The Android Security Rewards Program, launched in 2015, and Google Patch Rewards program, launched in 2014, rewards the contributions of security researchers who invest their time and effort in helping make Android more secure.

So, with all this, what’s the fuss about? Yes, it’s really a bad security hole, but the fix is in… isn’t it?

Uh, well about that, you see Android has another bigger security problem. With the exception of the Nexus devices, Google provides the Android source code patches, but it’s up to the smartphone carriers and original equipment manufacturers (OEM)s to send it to users with updated firmware. As of July 27th, none of the major Android OEMs or carriers have announced plans to deliver the patch. With many older devices, patches may never be delivered.

According to Zimperium, SilentCircle’s Blackphone has been protected against this attack since the PrivatOS version 1.1.7. Mozilla’s Firefox has also included a fix for this issue since version 38. And, of course, Zimperium offers its own protection from Stagefright attacks with its mobile threat defense platform, zIPS,

What Zimperium doesn’t mention is that Android already has an excellent way of blocking most Stagefright assaults: Block all text messages from unknown senders.

To do this with Android Kitkat, the most popular Android version, you open the Messenger app and tap on the menu at the top right corner of the screen (the three vertical dots) and then tap on Settings. Once there, select Block Unknown Senders, and you’re done.

On Lollipop, where Hangouts is the default messaging app, there’s no default way to block unknown senders. You can, however, under Settings go to Multimedia messages and turn off Auto Retrieve for multimedia messages.

With Lollipop, and other versions of Android, I recommend turning to third party SMS blocker apps. For Android 2.3 to 4.3, I like Call and SMS Easy Blocker. If you’re using KitKat or above, where only one texting app can be active at a time, I like Postman, aka TEXT BLOCKER. This program works in conjunction with your favorite texting application to block unknown senders.

This isn’t perfect. A friend could always get infected and spread malware, but it’s a good start.

The short-term fix will be when the carriers and OEMs get off their duffs and push the fix to us. Considering their track record, I’m not going to be holding my breath and I am going to be blocking multimedia texts. The long-term solution will be when Android-using companies start working with Google to deliver important security patches as soon as possible all the time.

Cut the Cable!!

Put up an antenna.

tv-antenna

Many people are not aware that in 1996 the FCC had issued a Federal Rule that prevents HOA’s, CCR’s and other private entities from stopping the installation of TV antennas.

In just about any situation, you can put up an outdoor antenna to receive over the air broadcasts, and no rules or regulations can stop you, within reason.

224813_ts

Take the time to read and share the FCC’s Federal Regulations – OTARD – Over The Air Reception Devices.

As directed by Congress in Section 207 of the Telecommunications Act of 1996, the Federal Communications Commission adopted the Over-the-Air Reception Devices (“OTARD”) rule concerning governmental and nongovernmental restrictions on viewers’ ability to receive video programming signals from direct broadcast satellites (“DBS”), broadband radio service providers (formerly multichannel multipoint distribution service or MMDS), and television broadcast stations (“TVBS”).
The rule (47 C.F.R. Section 1.4000) has been in effect since October 1996, and it prohibits restrictions that impair the installation, maintenance or use of antennas used to receive video programming.  The rule applies to video antennas including direct-to-home satellite dishes that are less than one meter (39.37″) in diameter (or of any size in Alaska), TV antennas, and wireless cable antennas.  The rule prohibits most restrictions that: (1) unreasonably delay or prevent installation, maintenance or use; (2) unreasonably increase the cost of installation, maintenance or use; or (3) preclude reception of an acceptable quality signal.

 

LINK https://www.fcc.gov/guides/over-air-reception-devices-rule