Wednesday, April 29, 2026
Latest:

Computer Security Articles

RSS Reader for Computer Security Articles

ComputerWorld

ComputerWorldIndependent
admin

Down memory lane — and into a ditch

Credit to Author: Sharky| Date: Tue, 05 Sep 2017 03:00:00 -0700

One of this pilot fish’s most memorable users is a sales guy who has security issues using his PC — mainly, locking himself out because he can’t remember his password.

“In the past, he would repeatedly get locked out of his computer for entering wrong passwords,” says fish. “I eventually changed his password to be his last name. Should be easy to remember, right?

“Not so. Sales guy calls and he’s locked out of his computer. I unlock it and tell him to try again. Nope, he’s locked out again.

“I reset it again and make a trip to his desk to make sure the Caps Lock isn’t on. I get him logged in.

“A couple hours later he calls again. He’s locked out again. I tell him again, ‘Your password is your last name — just enter it the same way as you spell it.’

To read this article in full or to leave a comment, please click here

Read More
ComputerWorldIndependent
admin

Email to Essential smartphone users causes alarm

Credit to Author: John Brandon| Date: Thu, 31 Aug 2017 13:52:00 -0700

The term “improperly configured” is a real plague on the IT landscape.

It can refer to a firewall protecting an enterprise; it can create problems on a web server. For one newly minted smartphone company, it can also look pretty embarrassing.

Essential phone recently sent an email to customers asking for proof of identity. This request was a little odd in the first place — who does that anymore? The email basically asked customers to send a picture of a photo identification or passport by email. From a security standpoint, that’s a bit like asking people to text your credit card number to a hacker.

To read this article in full or to leave a comment, please click here

Read More
ComputerWorldIndependent
admin

One big lesson from the Essential smartphone email fiasco

Credit to Author: John Brandon| Date: Thu, 31 Aug 2017 13:52:00 -0700

The term “improperly configured” is a real plague on the IT landscape.

It can refer to a firewall protecting an enterprise; it can create problems on a web server. For one newly minted smartphone company, it can also look pretty embarrassing.

Essential phone recently sent out an email to customers asking for proof of identity. This request was a little odd in the first place–who does that anymore? The email basically asked customers to send a picture of a photo identification or passport by email. From a security standpoint, that’s a bit like asking people to text your credit card number to a hacker.

To read this article in full or to leave a comment, please click here

Read More
ComputerWorldIndependent
admin

Microsoft patch alert: Outstanding problems with recent updates

Credit to Author: Woody Leonhard| Date: Wed, 30 Aug 2017 12:36:00 -0700

August has seen a flurry of buggy patches:

Win10 1607KB 4033637, which arrived last Friday via Auto Update, is still undocumented. A Reddit thread credits Microsoft as saying it’s a July security patch for Flash. Abbodi86 on AskWoody has a different view: it’s an update to the Compatibility Appraiser, which is the software that scans a PC to see whether it’s ready to move to the next version. Günter Born concurs with Abbodi86. (I wonder if it’s a precursor to the Fall Creators Update.) There’s no explanation about why Microsoft refuses to document it, or talk about it.

To read this article in full or to leave a comment, please click here

Read More
ComputerWorldIndependent
admin

Success! (in more ways than one)

Credit to Author: Sharky| Date: Wed, 30 Aug 2017 03:00:00 -0700

Government office is rolling out remote desktop connections over VPN for some of its users, and not everyone is jumping on board, reports a pilot fish working there.

“I was staffing our support desk when one of these users called in from home, two weeks after we had set up the provisioning task for him,” fish says.

“He admitted he wasn’t the most proficient with computers, so he had his wife with him to help, and wanted to get going on the process.”

Fish explains the steps, and quickly determines that the user didn’t respond to the provisioning task until the day before — when it had already expired.

No problem, fish says, I’ll regenerate the task. That will take an hour, but in the meantime I can remote into your laptop and we can make sure it meets the minimum requirements.

To read this article in full or to leave a comment, please click here

Read More
ComputerWorldIndependent
admin

Android 8.0 in-depth: Oreo's not-so-obvious security enhancements

Credit to Author: JR Raphael| Date: Tue, 29 Aug 2017 10:01:00 -0700

When you read about a splashy new software update like Google’s fresh-from-the-oven Android 8.0 Oreo release, you tend to hear mostly about the marquee features — the most attention-grabbing elements and refinements you’re likely to notice when you get the update on your own device.

It’s understandable, since those are the things we all see most immediately and directly. Beneath the surface, though, Oreo has some pretty significant stuff going on in the realm of security — stuff that hasn’t been widely covered but is as important as anything else to understand.

To read this article in full or to leave a comment, please click here

Read More
ComputerWorldIndependent
admin

Microsoft yanks buggy patch of a buggy patch, KB 4039884

Credit to Author: Woody Leonhard| Date: Tue, 29 Aug 2017 05:18:00 -0700

There’s no official confirmation, and no explanation of course, but overnight Microsoft pulled a patch that was supposed to fix the main problems in this month’s Windows 7 security updates. I talked about the repair hotfix yesterday in “Microsoft repairs buggy Win7 security patch with buggy hotfix KB 4039884.” Today, the repair hotfix isn’t available any more.

All we know for sure is that, sometime last night, the Microsoft Update Catalog entry for KB 4039884 disappeared. As of early Tuesday morning, Eastern time, the KB article is still available, and it hasn’t been modified — it still points to the Update Catalog.

To read this article in full or to leave a comment, please click here

Read More