Dr. Bill | The Computer Curmudgeon

That is, native ad-blocking in Google Chrome.

Google will turn on native ad-blocking in Chrome on February 15

TechCrunch – By: Darrell Etherington– “Google is going to start blocking certain ads in Chrome, the company announced earlier this year. But now we know exactly when: February 15, 2018 (via VentureBeat) is the go-live date provided by the company for introduction of its built-in enforcement of the standards established by the Coalition for Better Ads, of which it is a member.

This won’t block all ads on all websites – instead, it’ll stop those that are deemed overly annoying or intrusive. But it will be blocking all ads from sites where even one ad displayed on the site doesn’t meet those standards, even if the rest are technically in compliance.

Google has been working with publishers to make sure they’re in compliance with the new standards, in advance of the feature going live. It’s done a lot to make sure that this wasn’t sprung on anyone without warning.

It’s also hoping that by building its own ad-blocking into Chrome, it can alleviate the concerns of consumers who find intrusive ads ruin their experience, but without having them resort to using more restrictive third-party blockers that potentially cut into their own primary business – which remains selling ads.”

As you know, LibreOffice is my favorite office suite. And, it turns out they we’re coming up on LibreOffice version 6 sometime early next year! I’m really looking forward to what they have to offer as these large point releases tend to have new features and sometimes they change the look and feel to be a bit more modern, to fit the time they are released.

So, I’m really looking forward to the new release, but don’t let that stop you from downloading 5.4 now! You just can’t go wrong with LibreOffice…, In fact I just converted someone from OpenOffice recently to LibreOffice and I’m still spreading the word that you can’t go wrong with this great office suite!

This is sad!

Windows 10 face unlock can be tricked using printed headshot

ZDNet – By: Liam Tung – “Security researchers are urging Windows 10 users to update their system to prevent attackers from using a printed headshot to bypass Windows Hello facial authentication.

Researchers from German pen-testing firm SYSS report that Windows 10 systems that have not yet received the recent Fall Creators Update are vulnerable to a ‘simple spoofing attack using a modified printed photo of an authorized person’. The attack works against multiple versions of Windows 10 and different hardware.

The researchers tested the spoofing attack against a Dell Latitude with a LilBit USB camera and against a Surface Pro 4 running various versions of Windows 10, going back to the first release, version 1511.

SYSS claims the spoofing attack was successful on a Surface Pro 4 running version 1607 of Windows 10, the Anniversary Update rolled out in summer 2016, even with Microsoft’s enhanced anti-spoofing enabled. However, the attack was only successful on version 1703, the Creators Update rolled out in Spring 2017, and 1709, the Fall Creators Update currently being rolled out, when anti-spoofing was disabled.

However, just applying the Fall Creators Update is not enough to block the spoofing attack, according to SYSS. To prevent a successful attack users need to also setup Windows Hello face authentication from scratch after the update, as well as enabling anti-spoofing.

SYSS provided two videos demonstrating its proof of concept attacks. A third video shows the attack on a Surface Pro that was updated to version 1709 without reconfiguring Hello face authentication.

The Register spotted SYSS’s advisory on Full Disclosure. SYSS offers a few more details about its attack on a separate [German language] writeup on its website.

A key element of the attack appears to be taking a headshot of the authenticated user with the near-infrared (IR) camera. Windows Hello uses near-IR imaging to unlock Windows devices. Microsoft chose near-IR imaging for authentication because it worked in poor lighting and offered some protection against spoofing attacks, since IR images aren’t typically displayed in photos or on an screen.

SYSS printed out a modified version of the near-IR captured headshot in various resolutions and colors. Holding the printout up to a locked device’s camera successfully unlocked it. Another method involved placing opaque sticky tape over the RGB camera lens and then holding the same printout up.

As far as the fix goes, SYSS notes that in its test only the Surface Pro 4 supported enhanced anti-spoofing while the LilBit USB IR camera did not.

The company plans to reveal further variations of its attack in spring 2018.

‘According to our test results, the newer Windows 10 branches 1703 and 1709 are not vulnerable to the described spoofing attack by using a paper printout if the ‘enhanced anti-spoofing’ feature is used with respective compatible hardware,’ SYSS wrote.

‘Thus, concerning the use of Windows Hello face authentication, SYSS recommend updating the Windows 10 operating system to the latest revision of branch 1709, enabling the ‘enhanced anti-spoofing’ feature, and reconfiguring Windows Hello face authentication afterwards.’

Microsoft had not responded to a request for comment at the time of publication.”

OK, so it is available on Android… I will stick with Chrome!

Microsoft Edge on Android: Windows 10 browser spinoff clocks up million users

ZDNet – By: Liam Tung – “Just a week after coming out of preview, the Microsoft Edge app for Android has been downloaded at least a million times.

According to the Google Play Store, the Blink-based Microsoft Edge app has been downloaded between one million and five million times. The app has been available to testers for a while, but only reached preview in October before becoming generally available at the end of November.

The Microsoft Edge apps for iOS and Android aim to make Edge more appealing to use on Windows 10 by making it more convenient to sync the browsing experience across devices.

The app offers Microsoft’s ‘Continue on PC’, which allows users to pass a site, app, photos, and files from a phone to a Windows 10 PC.

Microsoft has also added a roaming passwords feature that allows users to save a password on the phone, which carries across to the PC, as well as a dark theme.

It’s likely to take a while for Edge app downloads to pass the five million milestone on Android, given that the app is only useful for the subset of Windows 10 users who actually use Edge on a PC.

While Windows 10 is now running over 500 million PCs, Edge currently only has a 3.6 percent share of desktops worldwide, according to NetMarketShare.

So anything Microsoft can do to boost appeal of Edge on the PC will be helpful in convincing more users to make the switch, either from Chrome or Internet Explorer 11.

It’s also working to expand the number of Edge extensions, which over a year after Microsoft enabled them now numbers 80.”

Do you have an HP notebook? If so, you may want to get the latest patch from HP! For the second time this year HP has announced that some of the “bloatware” that it puts on its systems before they are sold included a key logger that can lead to you losing your personal data or compromising your system.

This is another good reason that I wipe a system and reinstall the operating system when I get a new computer! Too many vendors that get paid for putting all this junk on the system before goes out the door have this junk on the PC that just slows it down! In this case, it’s actual malware! This is getting out of hand! Let’s fight bloatware!

HP systems that have this problem include HP G2 Notebooks, the HP Elite x2 1011 G1 tablet, HP EliteBooks, HP ProBooks and HP ZBook models, among others.

So, another good reason to keep your systems patched, whether by the vendor, or your standard operating system patches. We live in a really strange world!

Are you ready for a good tip about your Internet connection? This is going to sound really weird! But, think about it, your Internet router is actually just a computer. It may be running a proprietary operating system, it may be based on Linux, who knows? In any case, computers don’t run forever without running into an error. And, what do you do when a computer encounters an error? You restart it! So, the best thing you can do is occasionally restart your router on a regular, controlled, basis! Say, every month or so. If you do it in a planned fashion, you won’t be caught off guard when your router quits working.

I know this sounds silly, but if you make it part of your regular computer maintenance, like doing your backups and keeping a backup off-site (and I know you do that, right?) Then, your Internet connection will be solid and life will be good… Because we all need a good Internet connection, it is a function of life! Or, at least it is in these modern days… Am I right?