Vol. 23, #46 - November 19, 2018 - Issue #1208
WServerNews: WServerNews Spotlight: Security & Privacy
- Editor's Corner
- Recent TechGenix articles on security/privacy
- Security spotlight
- Privacy spotlight
- Tip of the Week
- How to evaluate your current Azure architecture
- Admin Toolbox
- Admin Tools We Think You Shouldn't Be Without
- Ask Our Readers - Problems with managing Exchange and Office 365 (new question)
- Repairing Apple devices just got harder
- Conference calendar
- North America
- New on Techgenix.com
- Configuring High Availability on the DHCP Server role
- How the new state and future path of storage virtualization will transform the enterprise
- Citrix Workspace offers unified workspace experience
- Using the Office 2016 deployment tool to install and customize Office 2016
- Using hash tables in PowerShell and also with some Azure scenarios
- Fun videos from Flixxy
- Derren Brown Blows James Corden's Mind Again
- Flying Trapeze Girls - 39th International Circus Festival of Monte-Carlo
- Peculiar Pyongyang - North Korea - Time Lapse - Tilt Shift
- Baby Bear Barely Climbs Up Steep Mountain
- More articles of interest
- Seriously, what is multi-user Windows 10 for? (Another possible clue?)
- VMware ESXi is coming to ARM, adding to their IoT/edge efforts. Could automotive be next?
- Is the XenServer hypervisor worth the cost?
- Build an IT maintenance plan around infrastructure needs
- Need help from the IT pro community?
- Send us feedback
- WServerNews - Product of the Week
- SAVE THIS NEWSLETTER so you can refer back to it later for helpful tips, tools and resources!
- SEND YOUR FEEDBACK to [email protected] if you have any comments or suggestions!
This week Your Editor shares some of the weird and wonderful news and developments in the areas of security and privacy during his online wanderings. We also have a new Ask Our Readers question that concerns PowerShell, Exchange Server, Exchange Online, and Office 365 and we're hoping some of our readers can shed some light on the issues raised. And we have all of our other usual stuff for your information and enjoyment, so enjoy! And be informed!
Recent TechGenix articles on security/privacy
Let's start off with a selection from some of the recent articles on security and privacy matters published on our TechGenix website:
Do it now or put it off? A risk-based approach to patch management
IT security: Are algorithms the magic bullet against cyberthreats?
Worried about email security? Here's what you can do
Digital footprints: Control how much the Internet knows about you
Do password managers keep you secure or give you a false sense of security?
GDPR's privacy by design: An opportunity, not a burden
Brexit: How tech companies can prepare for this world-changing event
The big news of course is about the clever crack published recently by Carlo Meijer and Bernard van Gastel at Radboud University in the Netherlands on how they were able to bypass the password validation routine for self-encrypting SSD drives and thereby were able to decrypt hardware-encrypted drives without knowing the password. In response to this the Microsoft Security Response Center (MSRC) has issued Security Advisory ADV180028:
Guidance for configuring BitLocker to enforce software encryption
which advises customers who are concerned about this to use the software-only encryption capability provided by BitLocker Drive Encryption for ensuring their data is secure on Windows devices. For more information on this vulnerability you may want to read the actual press release from Radboud University found here:
and the researchers' preliminary report found here (PDF):
Tom's Hardware also has an excellent article on the subject:
Crucial and Samsung SSDs' Encryption Is Easily Bypassed
If any readers have additional helpful info on this issue you can email us at [email protected]
Moving on to other security-related news, I found it interesting that the US Cyber Command (CYBERCOM) which is an arm of the US Military has dumped online some samples of malware allegedly developed by the Russian government:
More information about this can be found on ZDNet:
Moving on, one often thinks that the worst thing that can happen because of unsecure websites are individuals getting dinged by credit card fraud or identity theft. But what if the way a website is designed leads to your being targeted for assassination? It turns out this actually happened to dozens of CIA agents working in various places around the world:
The CIA's communications suffered a catastrophic compromise. It started in Iran.
And finally the New York Post reports that Yoshitaka Sakurada, Japan's minister of cybersecurity, has never used a computer and has no idea what a USB port is:
Of course many younger members of the Japanese parliament probably don't use computers either since they can do almost anything on their smartphone.
And now moving on to some privacy-related news, I read with interest recently that Cloudflare will be rolling out their 184.108.40.206 privacy service in the form of an app for both iOS and Android devices which should make it easier for people to use their free DNS service:
How many of our WServerNews readers use Cloudflare DNS? Share your experience by emailing us at [email protected]
Next, Krebs On Security informs us that the U.S. Secret Service warns that ID Thieves are abusing USPS's Mail Scanning Service:
Krebs previously warned us last year that something like this might happen:
Next, a colleague from the UK forwarded me a link to a BBC article that warns about children being "datafied" from birth through connected toys, social media, and biometric data collected by schools and the National Health Service (NHS). The article states:
The children's commissioner for England is calling on internet giants and toy-makers to be more transparent about the data they are collecting on children. Today's children are the first to be "datafied" from birth and little thought has been given to the consequences, a report for her says.
You can read the full article here:
Are any of our newsletter readers in the UK concerned about this trend? Or our readers in France, Germany, Australia, and elsewhere? Email us your comments: [email protected]
And speaking of datafication, there are reports now that civil authorities in China can now ID individual citizens using "gait recognition" technologies i.e. by the way they walk down the street just like in the movie Mission Impossible Rogue Nation? Here's an AP News item on the subject:
And here is a TechCrunch article that tells how China's CCTV surveillance network used facial recognition to locate a BBC reporter in only seven minutes:
Wow, how dà gē is that?
Finally here's some news from Engadget that may strike a chord of hope for the future of ordinary U.S. citizens:
FCC Pushes Carriers to Implement Caller ID Authentication by 2019
One can only hope.
Got any IT pro tips you'd like to share with other readers of our newsletter? Email us at [email protected]
How to evaluate your current Azure architecture
AzureCAT Guidance has a link to a new whitepaper from Microsoft that helps you identify review drivers and explains how to evaluate your current Azure architecture against these drivers to detect and address current risks. Project teams of any size can self-start a review with this resource.
Admin Tools We Think You Shouldn't Be Without
GOT ADMIN TOOLS or other software/hardware you'd like to recommend? Email us at [email protected]
Veeam is happy to provide you with a study guide for Microsoft Certification Exam 74-409. The guide will take you through the exam objectives, helping you to prepare for and pass the examination.
This PowerShell script will list the AD users logon information with their logged on computers by inspecting the Kerberos TGT Request Events (EventID 4768) from domain controllers:
Statistics Parser MAKES reading SQL Server ouput from Statistics IO and Statistics EASY:
This PowerShell script generates a list by querying the registry and returning the installed programs of a local or remote computer:
Matt from Atlanta, Georgia USA wrote to us this week and said:
Mitch, I look forward to reading your newsletter every week and enjoy the fun videos, but I must say the 'true scale of the universe' video in the last newsletter was super, super cool! Thanks for sharing.
Thanks! BTW if any readers out there have links to interesting-slash-cool-slash-fun videos they'd like to recommend for our Fun Videos section we'd be happy to include them provided they're (a) short (b) G-rated and (b) non-political in nature. Just send us the link by emailing us at [email protected]
And two weeks ago our factoid and question was:
Fact: The U.S. Air Force has been spending $1,280 apiece to replace in-flight reheating cups after their handles were found to break easily.
Question: What's the worst example you've seen firsthand as an IT professional of utterly wasteful expenditure?
Concerning this a reader named Vern sent us the following comments:
This story about the $1280 coffee cup handles while true, does not tell the whole story. This is how the crew at Travis AFB is reducing the cost with innovation:
I look forward to a follow on story.
Eugene from South Africa sent us some questions concerning managing Exchange using PowerShell and accessing the Office 365 Exchange Admin Center using Microsoft Edge. Maybe some of our readers can help?
Good day, been a follower of your email for years now and enjoy every edition!
I am an Exchange administrator for a large organization.
The biggest issue I have is with Online Powershell. In my view you have a powershell for Exchange Online (O365) and a local powershell for Exchange on-prem in a Hybrid setup.
Microsoft should really bring these 2 powershells together somehow. Many articles do not say where to run the scripts and things can get awkward quickly.
[EDITOR'S NOTE: Do any readers have any tips on how to untangle this confusion?]
Additionally, when opening the Office-365 Exchange Admin Center or EAC lately with Microsoft Edge browser on a Windows 10 computer, I get a garbled screen, meaning warped text and unable to click the links. It states : " page did not load properly"
Google Chrome browser works fine as well as IE11 for the EAC, but some online tasks like eDiscovery PST export will only work with Edge or IE, as it executes a special downloaded app as per Microsoft.
Is there any reader with a solution or workaround for this Edge browser problem perhaps ?
Thanks and keep up the good work.
If you can help or advise Eugene on any of these matters please email us at [email protected]
Last week's factoid and question was this:
Fact: People today don't seem to be curious anymore about how things work.
Question: When was the last time you took apart something to figure out how it worked? Or repaired something yourself instead of calling an expert to do it for you?
That one generated a lot of feedback from our readers. Here's a sampling:
In 1967 I received a portable reel to reel voice recorder as a birthday present, the kind of thing you use a microphone, I guess. Anyway, it was heavy and it worked. I was left wondering what would i do with it! I guess the relative who gave it to me expected me to send them tapes? No one said anything. I promptly took it apart to see how it worked and then put it back together. I never used it again and have no idea what happened with it. --Howard from Brazil
They'll probably revoke my high school diploma for this, but... In the 1960s, Mike Maynard and I ran the school's audio visual lab and were responsible for keeping the equipment running. One day we were kinda bored and decided to take apart a 16mm projector down to the nut and bolt level. We laid the components out in strict order on the table, cleaned them, and then reassembled the projector. There were 15 small parts left over. Oops. Amazingly, the projector worked fine, but, rather than tossing the apparently unneeded pieces, we put them in a bag labeled "attach this bag the next time the projector goes in for repair." We kept our mouths shut until many years after graduation. --George from Atlanta
As a dedicated home renovator and tinkerer, I would have to say that I love looking to see how things work. However I came from a dairy farming background where you had to know how to fix things otherwise you paid through the nose for the experts. I hope I have instilled this in my boys by asking them to help when working on cars or renovating. My eldest helped me change oil, filters and check various other items on his car when it came up for a service recently. They have also helped remove the old kitchen and set up the new cabinetry. The eldest is now finishing a diploma in networking at the local TAFE (trade school) and is currently doing work experience at a local university. He was able to train their network admins on the latest Cisco configuration utilities which was a bonus. The youngest is looking at electronic graphic design and is also doing a Cert III in web and graphical design. However they both know how to safely remove a wheel, that you never get under a car on a jack, and why you wear safety equipment when using power tools. So as a Dad it is important to encourage your kids to work with their hands and instill a curiosity in how things are put together. --Wayne from Western Australia
Hey Mitch, Just noticed your post on taking stuff apart to see how it works. I have a teenage son and since he was about 5 we have been pulling broken stuff apart together. As a lot of consumer items today break beyond economical repair, it's not worth taking them to the repair shop. (And now I think of it, that would be a great question -- When was the last time you took a small household appliance to a repair shop?) [EDITOR'S NOTE: Thanks! We'll make that this week's Factoid question!] Usually we pull it apart carefully to see if it's something easy that can be repaired -- and it almost never is. Once we determine it's for the bin, that's where the fun starts. We had a pressure cleaner that blew a manifold pipe (not just a gasket) and that was a lot of fun. We pulled out the water pump and put it to work in the backyard pool, creating an ad-hoc water feature. Great fun until our dodgy wiring tripped all the safety circuits. We've also done fans, hand held mixers, toasters -- you name it. If it breaks in our house it doesn't end up in the trash in one piece. --Craig from Australia
And finally a reader named David sent us this comment:
As the Facilities Manager in a church, I see people throw things away because "It's old and we can buy new." When a $200 Bunn coffeemaker recently began leaking, staff suggested we throw it out since it was over 10 years old, and we could buy a new one. Taking the coffeemaker apart, I discovered three loose screws holding the top of the water tank, with the silicone gasket perfectly intact. Three tightened nuts later, the coffeemaker was back in service, and no money out of the coffers. I am constantly amazed at how millennials in particular think if it's old, it's gone. My push mower is 26 years old, my riding lawnmower 52 years old, and my youngest car is a 2005, all still functioning just fine. (I won't go into my 14 year old desktop computer, still running XP and not giving me problems.) Sounds like my grandparents really rubbed off with the depression era attitudes.
I responded by saying:
Thanks David. With regard to millennials, is it because they think "if it's old it's gone" or is it because their schooling hasn't taught them to take apart and try to repair stuff? I mean with all the emphasis on re-use and recycling our school system teaches students you'd think they would at least think twice before thinking that just because something doesn't work it should be thrown out and replaced.
And David came back with the following:
I suspect part of this is school driven (although if you recycle it, it is still considered "thrown away"). Also, if you look at the level of sophistication of this equipment, it is hard to do anything yourself. I pulled the motor out of my '74 Gremlin and replaced the rear main seal, while todays millennials consider changing the chip in the engine control module to be a big deal. Laptop computers are almost impossible to change, given how they are sealed into the case. [EDITOR'S NOTE: And they're getting even harder to repair, or at least Apple's devices are as indicated by the story in this week's Factoid.] And knowing what parts will work with what is a bit of voodoo in itself. You are correct. Schools no longer do the shop classes, or drafting, or auto shop. They are also teaching that everyone goes to college.
I am having a terrible time getting tradesmen for both the church and my own building project. Nobody is going to trade school anymore. And a good tradesman can make 100k/yr easily these days just due to demand for his/her skill.
The underlying issue is that new tech beats old tech every time for some people. Watch your younger friends and observe what is important to them. Facebook vs actual time with friend's faces. Video games instead of bars. Even my barber now asks for an appointment, whereas in the "old days", that was a hangout for men where matters of great importance were discussed and solved while you waited your turn. After three decades in sales, I would rather have a face-to-face with a customer than a phone call, Facetime, Skype, or my favorite "Contact us through our website, ….."
I may be old(er). My opinion is that if something does the job efficiently, quickly, and meets the goals, you don't just throw it away, spending hundreds or thousands of dollars for new unless you have a good reason, including return on investment and whether or not you can get parts/service on what is being replaced.
Do other readers agree with these observations? Share your thoughts by emailing us at [email protected]
Now let's move on to this week's factoid which was sparked by the emails we received from Craig and David:
Fact: Apple's T2 chip will block some third-party repairs of new devices
Question: When was the last time you took a small appliance or any piece of equipment or technology or to a repair shop? And what was the result?
Email your answer to [email protected]
>> Got an IT conference happening in North America that you'd like to promote in our newsletter? Email us at [email protected]
Midwest Management Summit -- Dec. 2-4 in Phoenix, Arizona
Microsoft Azure + AI Conference -- Dec. 3-6 in Las Vegas, Nevada
SharePoint Fest -- Dec. 3-7 in Chicago, Illinois
Ignite Tour -- Dec. 11-12 in São Paulo, Brazil
>> Got an IT conference happening in North America that you'd like to promote in our newsletter? Email us at [email protected]
Global Office 365 Developer Bootcamp -- Nov. 22 in Bern, Switzerland
Update Conference -- Nov. 22-23 in Prague, Czech Republic
European SharePoint, Office 365 & Azure Conference -- Nov. 26-29 in Copenhagen, Denmark
Ignite Tour -- Dec. 6-7 in Berlin, Germany
>> Got an IT conference happening in Australia or Asia that you'd like to promote in our newsletter? Email us at [email protected]
No conferences listed at present.
Configuring High Availability on the DHCP Server role
Windows Server 2016 makes it easier to deploy and manage High Availability on the DHCP service. Learn how to do it in this step-by-step guide.
How the new state and future path of storage virtualization will transform the enterprise
Having storage infrastructure controllable by software is commonplace, but the future path of storage virtualization takes it down a whole new road.
Citrix Workspace provides an easier way for harried IT pros to manage the plethora of apps, programs, devices and platforms used by employees.
Using the Office 2016 deployment tool to install and customize Office 2016
Office 2016 deployment tool can help you deploy Microsoft Office, but its real power comes in how easy it makes it to configure the software for your needs.
Using hash tables in PowerShell and also with some Azure scenarios
In this tutorial, we are going over the few basic steps required to manage a hash table using PowerShell. And we will show you how use them with Azure.
Derren Brown Blows James Corden's Mind Again
Flying Trapeze Girls - 39th International Circus Festival of Monte-Carlo
Gold medal winning performance by the North Korean National Circus of Pyongyang at the 39th International Circus Festival of Monte-Carlo:
Peculiar Pyongyang - North Korea - Time Lapse - Tilt Shift
Joerg Daiber recorded this amazing footage in Pyongyang, using "tilt-shift" photography, where camera movements and selective focus simulate a miniature scene:
Baby Bear Barely Climbs Up Steep Mountain
A bear cub trying to climb a snowy slope has a lesson for everyone - never give up!
Seriously, what is multi-user Windows 10 for? (Another possible clue?)
Multi-user Windows 10 is coming and plenty of community members have been poking and prodding it. But, there are more questions than answers on its use case and how many users it will support. Learn more here.
VMware ESXi is coming to ARM, adding to their IoT/edge efforts. Could automotive be next?
VMware looks to be focusing more on loT and edge computing than Citrix with the latest ESXi for ARM announcements. Explore both Citrix and VMware's products here.
Is the XenServer hypervisor worth the cost?
There is a free, easy-to-obtain version of Citrix XenServer, but additional features and commercial support from Citrix -- which some stops might need -- require a license. Learn more about the differences here.
Build an IT maintenance plan around infrastructure needs
Virtualization administrators should create an IT maintenance plan to ensure the regular deployment of essential updates and reboots. Click here to find out other essentials of an IT maintenance plan.
WServerNews goes out each week to more than 500,000 IT pro subscribers worldwide! That's a lot of expertise to tap into. Do you need help with some technical problem or are looking for expert advice on something IT-related? Ask Our Readers by emailing your problems and/or questions to us at [email protected]
Got feedback about anything in this issue of WServerNews? Email us at [email protected]
Free Tool for Monitoring Exchange Server Status & Performance
WServerNews - Editors
Mitch Tulloch is Senior Editor of WServerNews and is a widely recognized expert on Windows administration, deployment and virtualization. Mitch was lead author of the bestselling Windows 7www.mtit.com.Resource Kit and has been author or series editor for almost fifty books mostly published by Microsoft Press. Mitch is also a ten-time recipient of Microsoft's Most Valuable Professional (MVP) award for his outstanding contributions in support of the global IT pro community. Mitch owns and runs an information technology content development business based in Winnipeg, Canada. For more information see
Ingrid Tulloch is Associate Editor of WServerNews and was co-author of the Microsoft Encyclopedia of Networking from Microsoft Press. Ingrid is also manages research and marketing for our content development business and has co-developed university-level courses in Information Security Management for a Masters of Business Administration program.