close

Technology

Technology

Surface Duo Gets Microsoft Garage Sketch 360 Application

Sketch-360-Microsoft-696×357

While the Microsoft Garage division can be hit and miss with successes, when a new idea lands it’s usually a good one. We can file Sketch 360 under Microsoft Garage wins. This is a design app that has been relatively popular on Windows 10. Now, Microsoft is bringing the tool to the new Surface Duo smartphone.

As you may guess from the name, Sketch 360 is a digital design tool that allows users to quickly take notes of ideas for 3D spaces. The app takes those drawings and projects them inside a sphere, with the user in the center. In this space, users can test concepts before heading to a full model.

Microsoft’s Michael Scherotter, who developed the app as a “passion project” confirmed its availability on the Google Play Store. Below is the company’s description of the app

“Whether you are an architect, a VR designer, an urban sketcher, a 3D game designer or a 360 video producer, you can easily construct an accurate sketch from a single viewpoint that’s easily shareable online using Sketch 360.”

Available Now

Of course, the dual screens of the Surface Duo make it a perfect device for apps like this. Microsoft says Sketch 360 is fully optimized for its new Android smartphone. This means it reads the pressure-sensitive Surface Pen as it would on a touch-screen laptop.

More interestingly, the app will also function on any other Android smartphone. Users can download Sketch 360 for Surface Duo on Android at the Google Play Store here.

Microsoft has been shipping the Surface Duo smartphone since earlier this month, although only to customers in the United States. Reviews have been mixed for the $1,399 handset, with most agreeing it’s amazing hardware, average performance, and very much a first-gen product.

Source Winbuzzer

read more
Technology

Welcoming Paul Robichaux to the Practical 365 Team

08-06-2020-597-p365-Podcast-image-LOW-1

Let me tell you a story.

My father loved every sort of gadget. He was an avid ham radio outlet, loved tinkering with engines and mechanical things, and had a lengthy background in industrial construction, doing everything from selling large projects such as hospitals and airports to working as a site foreman to driving a backhoe. I inherited a lot of his qualities, including a tendency to chase shiny objects and a deep love for taking things apart to understand how they work.

One magical day in 1977, he came home with a large, scuffed-up cardboard box that said “TRS-80” on the side. He’d built a new building for a local appliance vendor and had received the computer as payment for a side job of adding a wet bar in the owner’s office. We eagerly set it up, made a quick jaunt to Radio Shack to buy a book on BASIC programming, and that was the last my mom saw of us for quite some time. I was 9. By the time I was 11, I had spent so much time hanging around the local Radio Shack asking annoying questions that the manager there introduced me to a customer who needed some minor changes made to his accounts payable reports, and I got my first paying job as a software developer—and I’ve been doing it ever since.

The technology world has changed immensely since then, of course. The microcontroller in my bicycle light has more computing power than that old TRS-80 Model I, Microsoft has grown from a scrappy vendor of BASIC interpreters to the behemoth we all know, and ubiquitous computing and analytics have had a massive impact on nearly every aspect of our lives, from how the food we eat is grown to how, where, and when we work to how we spend our leisure time.

Despite all the bad things happening in the world right now, it’s also an amazing time to be alive if you’re a curious tinkerer. Although Microsoft takes great pains to make Microsoft 365 look like a black box that outsiders can’t see into or fiddle with, there are many parts of its ecosystem that are amenable to investigation and experimentation—which is why I’m genuinely excited to be joining the Practical 365 editorial team as co-editor-in-chief. The spirit of P365 is deeply oriented towards hands-on figuring out how things work and giving practical guidance on how to get the most from Microsoft’s tools. I look forward to helping our readers learn and grow with the platform to get the most from it.

Source Practical365

read more
Technology

BLURtooth Flaw Targets Bluetooth Technology to Create Attack Methods

Bluetooth-Armis-Vulnerabilites-600×337

Security researchers have discovered a vulnerability in Bluetooth technology which could allow a bad actor to hack communications on a nearby device.

Researchers at the École Polytechnique Fédérale de Lausanne (EPFL) and Purdue University call the Bluetooth bug “BLURtooth”. According to the team, the flaw (CVE-2020-15802) is high-severity and is found in the pairing technology for Bluetooth 4.0 and 5.0.

Specifically, a problem in the Cross-Transport Key Derivation (CTKD) could give an attacker within wireless range access to communications on a victim device. This would include spying on communications and altering the link between devices.

“Devices… using [CTKD] for pairing are vulnerable to key overwrite, which enables an attacker to gain additional access to profiles or services that are not restricted, by reducing the encryption key strength or overwriting an authenticated key with an unauthenticated key,” according to a security advisory by the Carnegie Mellon CERT Coordination Center.

BLURTooth

CTKD is used when two dual-mode devices pair. Dual mode means they support both Bluetooth Low Energy (BLE) and Basic Rate/Enhanced Data Rate, (BR/EDR). BLE is the latest iteration of the tech, whereas BR/EDR is the classic version. Dual-mode devices can run both these protocols.

When dual-mode devices link, they generate encryption keys known as Link Keys. However, the vulnerability in CTKD means the potency of the Link Key is compromised. Attackers could leverage this flaw, exploit it, and pair their own dual-boot device to a victim device without needing authentication.

While it is deemed a severe risk flaw, the nature of Bluetooth tech means an attacker would need to act under specific circumstance. Specifically, they would need to be in wireless range. However, it’s worth noting the range of Bluetooth 5.0 capabilities is 800 feet.

“If a device spoofing another device’s identity becomes paired or bonded on a transport, and CTKD is used to derive a key which then overwrites a pre-existing key of greater strength or that was created using authentication, then access to authenticated services may occur,” according to a security advisory on Wednesday by the Bluetooth Special Interest Group (SIG), the group that oversees the technology. “This may permit a man-in-the-middle (MITM) attack between devices previously bonded using authenticated pairing when those peer devices are both vulnerable.”

Source winbuzzer

read more
Technology

Google Brings Microsoft Office Editing to G Suite on Android

Office-Microsoft-Pixabay-594×420

Google’s G Suite productivity bundle is arguably the biggest competitor to Microsoft’s Office/Office 365. However, it’s probably fair to say Office remains more powerful and usable. One of the areas Google has struggled is in making editing Office documents in G Suite easier. Now, the company is working on improving this gap.

Simply put, G Suite has not traditionally played nice with Office files. Microsoft has been far more open in allowing non-Office files, including G Suite, to work in Office. Users of Microsoft’s service can edit, comment, and collaborate with G Suite files.

In contrast, Google has taken more time to return the favor. A year ago, the company brought Office files editing, commenting, and collaboration to G Suite apps on the web. However, the same tools were still off limits on Android.

The company’s increasing embrace of Office files could stem from former Microsoft Office head Javier Soltero now leading G Suite.

Coming to Android

Google is now working to change that, bringing those web abilities to Docs, Sheets, and Slides on Android. At the moment, users are still forced to convert Office files into a working G Suite format. According to Google, allowing Office editing will replace QuickOffice on the Android platform.

QuickOffice is a defunct application that allowed users to view, edit, and create Microsoft Office files.

“Office editing will make it easy for G Suite users to open and edit Microsoft Office files that have been shared by partners, vendors or other teams. In cases where some members of your organization use Office while others use G Suite, this ensures seamless collaboration and eliminates the need to consider or convert file types,” Google says.

The feature supports the following apps and file types:

  • Word files: .doc, .docx, .dot
  • Excel files: .xls, .xlsx, .xlsm, (macro enabled Excel files), .xlt
  • PowerPoint files: .ppt, .pptx, .pps, .pot

Google says the new ability is rolling out this week but will not reach all Android users at once. It’s worth noting the feature is now on by default. Google says the same tool will come to iOS variants of the G Suite apps later this year.

Source Winbuzzer

read more
Technology

Microsoft Surface Duo May Not Ship Globally Until 2021

Surface-Duo-Official-696×334

This month, Microsoft’s Surface Duo smartphone is shipping to customers. Early adopters of the dual-screen Android handset will begin receiving their devices on Sept. 10 after paying $1,399. However, it seems this will only be for users in the United States. Those in other markets may have to wait until 2021 to get the Duo.

Microsoft has not specifically said which markets the Surface Duo is coming to. Instead, the company has taken a vague approach to the roll out, saying it is employing “a measured and phased approach to availability to meet customer demand.”

According to a report from Windows Central, this approach will mean non-US markets won’t get the device until 2021. Apparently, Microsoft wants to gauge how US customers take to the device. Early buzz has been strong, and the company is looking to push ahead with H1 2021 release.

It is worth noting the report points out Microsoft’s plans are open to change. If demand continues to be high heading into the holiday season, a launch in other markets is possible.

While it’s disappointing Microsoft is taking this path, it is somewhat understandable. It’s also a dangerous plan.

Firstly, Microsoft is not expecting the Surface Duo to be a bumper seller. It is an expensive, first generation, experimental form factor that is targeting business users. It is not designed to compete with the iPhones and Galaxy S’ of the world. It is also arguably not expected to keep pace with Samsung Galaxy Z Fold 2 sales.

Taking it Slow

Microsoft clearly wants to avoid building too many units and not being able to sell them. When the original Surface tablet arrived with the ill-fated Windows RT in 2012, Microsoft was overly ambitious. Surface sales were close to a failure and the company wrote off nearly $1 billion in inventory.

Wanting to avoid a similar problem, Microsoft is ensuring demand for the Surface Duo is there before committing to building more units.

Still, there’s something that could put a bump in this soft approach. Specifically, the Surface Duo is already shipping with year-old specs, including Qualcomm’s Snapdragon 855. In terms of pure performance, the Duo will not be a flagship smartphone. By delaying its release to some markets, Microsoft is extending the time those aging specs become more unappealing.

It’s an issue the company is obviously aware of. The Surface Duo is being sold as sumptuous piece of hardware and a business tool. Microsoft is making little noise about its specs, even preventing early look reviews from powering up the device. This generation seems to be all about design and feel, which admittedly have been wowing reviewers.

A question is whether customers are willing to wait until H1 2021 for a device that will have specs nearly two years old by that point? Those customers could also be willing to miss out on this generation and wait for the Surface Duo 2.

Source Winbuzzer

read more
Technology

Webinar: How to Move PST Files to Office 365

10-08-2020-634-p365-Generic-IT-LOW

PST files were popular during the 1990s and 2000s, but now they’re as irrelevant as floppy disks. Unfortunately, some users never got the message, and PSTs still litter many organizations. Consequently, the need to move PST data to Office 365 and upgrade the user experience has never been greater.

Join Mike Weaver and Dominik Hoefling on Thursday, August 20 (11 AM ET / 4 PM BST / 5 PM CEST) for a discussion on ‘How to move PST files to Office 365‘.

What are PST Files?

A PST File, or some may refer to it as an Outlook Data File (.pst), contains messages and other Outlook items, like tasks, calendar items, etc.

PST files are often referred to as a personal storage file or personal folders, a local repository saved on the client itself. In Outlook 2013 and earlier versions, IMAP accounts also used an Outlook Data File (.pst). If you have an Office 365, Exchange, Outlook, or Hotmail account, which isn’t accessed by POP or IMAP; you won’t have a PST file. You may have an Offline Outlook Data File (.ost), which is used by Outlook desktop clients to synchronize and cache copies of online folders for local use. For example, when you’re offline, you can still access all emails, calendar data, and contacts downloaded.

What are the concerns with PST Files?

With heightened regulation and compliance restrictions in recent years, it seems unthinkable that a mailbox format could become adopted by larger organizations without being managed centrally, backed up correctly, and controlled in line with administrative best practices.

Anyone with basic intel of their personal computer’s file structure can make amendments with ease, such as copying, moving, and creating extra PSTs.

In my line of work, I see my customers have a vast amount of local PST files in their environment. Most PST files are ancient, saved on a network share like the user’s home drive, like locally, Azure, or OneDrive for Business.

During an Office 365 migration, organizations want to get rid of PST files and migrate them to an Exchange Online mailbox or archive. This is so to preserve the data securely in a compliance-regulated way without the problem of a shadow IT, which is when data and files are stored in many different locations and aren’t discoverable in a single place.

There are a lot of issues with PST files:

  • Management issues: PST files are not centrally managed so there it’s hard to decipher how many exist in the infrastructure, where they are, or if they’re corrupt.
  • They’re notoriously inefficient: IT teams trying to centralize PSTs using NAS and/or file servers risk data loss, file corruption, and Outlook speed reduction.
  • Hinder business changes: PSTs hamper modern client architectures involving multiple devices, VDI, and BYOD.
  • Significant security risk: Portability of PSTs exposes organizations to data leakage. Susceptible to malware. Attackers easily circumvent encrypted and password-protected files.
  • Compliance issues: many businesses can’t implement retention policies, and legal departments struggle to ensure they have the correct data to defend cases.
  • Security concerns: PST file encryption and password protection is readily evaded by even an amateur hacker using typical methods and tools. If a PST gets unlocked, it can be loaded into Outlook by any user, which is a point to remember.

How to migrate PST files to Office 365?

In Office 365, there’s a built-in tool to import PST files to Exchange Online. This can be done in two different ways:

  • Network upload: Upload your PST files to a temporary Azure storage location. After, use the Office 365 Import service to transfer the PST data to mailboxes in your Office 365 organization for free.
  • Drive shipping: Here you copy the PST files to a BitLocker-encrypted hard drive and then manually send the drive to Microsoft. Once received they will upload the data to a temporary Azure storage location. You can use the Office 365 Import service to import the data to mailboxes in your Office 365 organization ($2 per GB of data).

Important: Microsoft offers both methods only the technical way to get your data to Office 365. This technique doesn’t cover all the planning and preparing stuff, like scan all PST files within your environment, check the PST files for corruption, the identity which PST files belong to which mailbox, is this PST file used by an active user, etc.

How Third-Party Migration Tools can help

The Office 365 Import Service is an simple tool which handles the basic requirements for importing PST file data into Office 365 mailboxes.

However, like the Exchange Server Mailbox Import Request technique, the Office 365 Import Service has several weaknesses that you should be aware of:

  • No discovery capability: you need to locate PSTs on the network separately using other tools or custom scripts. You can find out more about this on Page 44 of The Complete Guide to Eradicating PST Files.
  • PSTs can’t be transferred to a staging area: you need togather the PSTs to a central location ready for upload to Azure separately.
  • Identifying ownership: neither AzCopy nor the Import Service assists with determining the owners of PSTs, so you need to manually do this.
  • No duplicate handling – when multiple PSTs exist for the same mailbox, user duplication of items may occur.
  • Logistics and performance – uploading with AzCopy is a slow process. Simultaneously, the alternative of packaging data onto encrypted hard drives and transporting them to Microsoft data centers is logistically complex and time-consuming. Besides, Microsoft charges $2/GB for data ingested into Office 365 via the drive shipping method.
  • Elimination of PSTs – you need to handle the disconnection of PSTs from Outlook profiles and prevention of new PST file creation separately.

Source Practical 365

read more
Technology

NSA and FBI Discloses Drovorub Malware Targeting Linux

Cyber-Security-JISC-Reuse-1

US government security agencies have issued a warning for a new malware that is exploiting Linux systems. Known as Drovorub, the malware has been disclosed by the FBI and NSA. According to the agencies, it was originally created for Russia’s military for cyber-espionage.

As such, Drovorub comes with several tricks to remain undetected. Thanks to espionage techniques, the malware can infiltrate a system and allow remote control of the victim PC and steal data. The NSA and FBI describe the malware as sophisticated and built to carry out stealth attacks.

This is possible because of a hard to trace rootkit. In its joint advisory on Thursday, the National Security Agency (NSA) and the Federal Bureau of Investigation (FBI), said the malware is a threat to US national security.

“Drovorub is a Linux malware toolset consisting of an implant coupled with a kernel module rootkit, a file transfer and port forwarding tool, and a Command and Control (C2) server,” according to a 45-page analysis of the malware published Thursday [PDF]. “When deployed on a victim machine, the Drovorub implant (client) provides the capability for direct communications with actor controlled C2 infrastructure; file download and upload capabilities; execution of arbitrary commands as ‘root’; and port forwarding of network traffic to other hosts on the network.”

Unclear Information

What’s interesting is in the extensive 45-page report, the agencies do not say how the malware finds its way onto a PC. Furthermore, there is no information on how long the virus has been in the wild, or whether attacks have been successful.

It seems Drovorub is a malware that carriers four components that allow it to access a system. Firstly, when it is installed on a machine (again, still unknown through what vector), the malware can communicate directly with a command-and-control (C2) remote attacker.

When contact is established, the bad actor has control over the machine. The NSA and FBI say Drovorub has been used already, likely by the Russian General Staff Main Intelligence Directorate (GRU) 85th Main Special Service Center (GTsSS).

While the malware is troubling, the authorities claim there are mitigations available. Specifically, using SecureBoot in “full” or “thorough” mode can stop kernel modules like those used by Drovorub.

“This will prevent Drovorub from being able to hide itself on a system. The other detection and mitigation options, such as Snort and Yara rules, will naturally have a limited lifetime, as they are expected to be the first things changed in future versions of the malware to avoid detection,” the agencies say.

Source Winbuzzer

read more
Technology

NSA and FBI Discloses Drovorub Malware Targeting Linux

Cyber-Security-JISC-Reuse-1

US government security agencies have issued a warning for a new malware that is exploiting Linux systems. Known as Drovorub, the malware has been disclosed by the FBI and NSA. According to the agencies, it was originally created for Russia’s military for cyber-espionage.

As such, Drovorub comes with several tricks to remain undetected. Thanks to espionage techniques, the malware can infiltrate a system and allow remote control of the victim PC and steal data. The NSA and FBI describe the malware as sophisticated and built to carry out stealth attacks.

This is possible because of a hard to trace rootkit. In its joint advisory on Thursday, the National Security Agency (NSA) and the Federal Bureau of Investigation (FBI), said the malware is a threat to US national security.

“Drovorub is a Linux malware toolset consisting of an implant coupled with a kernel module rootkit, a file transfer and port forwarding tool, and a Command and Control (C2) server,” according to a 45-page analysis of the malware published Thursday [PDF]. “When deployed on a victim machine, the Drovorub implant (client) provides the capability for direct communications with actor controlled C2 infrastructure; file download and upload capabilities; execution of arbitrary commands as ‘root’; and port forwarding of network traffic to other hosts on the network.”

Unclear Information

What’s interesting is in the extensive 45-page report, the agencies do not say how the malware finds its way onto a PC. Furthermore, there is no information on how long the virus has been in the wild, or whether attacks have been successful.

It seems Drovorub is a malware that carriers four components that allow it to access a system. Firstly, when it is installed on a machine (again, still unknown through what vector), the malware can communicate directly with a command-and-control (C2) remote attacker.

When contact is established, the bad actor has control over the machine. The NSA and FBI say Drovorub has been used already, likely by the Russian General Staff Main Intelligence Directorate (GRU) 85th Main Special Service Center (GTsSS).

While the malware is troubling, the authorities claim there are mitigations available. Specifically, using SecureBoot in “full” or “thorough” mode can stop kernel modules like those used by Drovorub.

“This will prevent Drovorub from being able to hide itself on a system. The other detection and mitigation options, such as Snort and Yara rules, will naturally have a limited lifetime, as they are expected to be the first things changed in future versions of the malware to avoid detection,” the agencies say.

Source Winbuzzer

read more
Technology

How to OneDrive Folder Sync Any Directory on Your PC via Mklink

FEATURED-How-to-Sync-Any-Folder-to-OneDrive-in-Windows-10-768×436

You’ve probably heard of OneDrive – Microsoft’s cloud storage solution that provides Windows 10 users with enough space to back up their documents free of charge. However, you may have also noticed that the OneDrive sync folder is its own entity. Anything outside of the directory won’t be stored in the cloud, which can be frustrating if you want to backup pictures, downloads, or game saves as they’re created. Today we’re going to show you how to enable OneDrive folder sync for any directory via mklink. If you are looking for a replacement to the buried OneDrive Fetch Files feature, please check here.

What is a OneDrive mklink?

mklink is a Windows command that lets users create symbolic or hard links between directories and files. You can think of them as a full shortcut, where the link doesn’t just point to a folder – it makes Windows think its contents are actually there.

We can utilize this feature to create a OneDrive mklink junction in our OneDrive sync folder that points to the directory of our choice. For all intents and purposes, OneDrive will now think it has ownership of the files, but the originals will remain. Here’s how to do it:

How to Sync a Local Folder to OneDrive via mklink

This process only takes a minute and doesn’t require any additional setup. The only restriction is the amount of space in your OneDrive account; if you try to sync a large folder you may hit your storage limit. Also bear in mind that uploading files every time they change will use data, which could be a problem if you’re on a metered connection.

  1. Open Command Prompt

    Press the “Windows” button and type “command prompt”, clicking on the first result.

    Windows 10 - Open Command Prompt

  2. Create a OneDrive mklink to add a folder to OneDrive

    In command prompt, type the following command, being careful to adjust it to suit your preferences using the information below:

    mklink /j "%UserProfile%\OneDrive\Documents" "C:\Users\Winbuzzer\Documents"

    You should choose folders to sync to OneDrive yourself. The first quotations contain the name you want the folder to appear as after \OneDrive. This can’t be the same as an existing directory. The second should be the source folder you want to link, with Winbuzzer\Documents replaced with your username and the folder or another location entirely, such as "D:\Films".

    Windows 10 - Command Prompt - Type the Command

  3. Wait for the app to Sync the local folder to OneDrive

    If you head to your source folder, you’ll see that it’s still there, unchanged.

    Windows 10 - Source Folder Location
    You can now head to your OneDrive folder, where you should see the OneDrive mklink with the folder name you specified. In our case, “Documents”.

    Windows 10 - OneDrive Location
    Next to it will be a ↻ icon if it’s still syncing, or a ☁ if it’s fully synced.

Source Winbuzzer

read more
Technology

Microsoft Store Not Working? How to Fix It with a Re-Register or Re-Install

FEATURED-How-to-Re-register-Microsoft-Store-app-in-Windows-10-768×436

The app store is useful, but also frustratingly buggy. Many users start their PC to find that their Microsoft Store is not working or opening. For others, the Windows 10 Store is missing entirely. Often, the easiest way to fix this is the re-register the store, but if that fails, you may want to uninstall it entirely and perform a reinstall.

Though a Microsoft Store reset may seem like the most obvious solution, a re-register is often recommended first. This way, you won’t lose any of the app’s data. Meanwhile, when you uninstall the Window Store and restore it again you can resolve problems a reset doesn’t catch.

As a result, we’re going to be focusing on the less conventional re-register and uninstall methods in this tutorial, though you can always check our reset and repair guide if you’d like to go down that route.

How to Re-register the Microsoft Store When It’s Not Working

The fastest way to re-register a broken Windows 10 Store is via PowerShell.

  1. Open PowerShell

    Press “Windows + X” and then click “Windows PowerShell “.

    Windows 10 - Open PowerShell

  2. Re-Register the Microsoft Store for the current user

    In PowerShell, type the following command and press “Enter”:

    Get-AppXPackage *Microsoft.WindowsStore* | Foreach {Add-AppxPackage -DisableDevelopmentMode -Register “$($_.InstallLocation)\AppXManifest.xml}

    Windows 10 - PowerShell - Command

  3. Re-register the Microsoft Store for all users

    You can additionally re-register the Microsoft Store for all users with the following command:

    Get-AppXPackage WindowsStore -AllUsers | Foreach {Add-AppxPackage -DisableDevelopmentMode -Register “$($_.InstallLocation)\AppXManifest.xml}

    Windows 10 - Elevated PowerShell - Comand (2)

How to Uninstall the Microsoft Store and Restore it Again

If a re-register doesn’t work, you can uninstall the Microsoft Store entirely, either to remove it from your system or to restore it again afterward. You can do this with any app by following our tutorial.

  1. Enter the uninstall command

    In PowerShell again, enter this command:

    Get-AppxPackage *windowsstore* | Remove-AppxPackage

    Windows 10 - PowerShell - Uninstall Microsoft Store

  2. Restore the Windows Store (and other pre-installed apps)

    You can optionally get the Microsoft Store back with another command. This can also help if your Windows 10 Store is missing:

    Get-AppxPackage-AllUsers|Foreach{Add-AppxPackage-DisableDevelopmentMode-Register“$($ _. InstallLocation)\AppXManifest.xml”}

    Windows 10 - PowerShell - Restore Preinstalled Apps

Source Winbuzzer

read more
1 2 3 4
Page 1 of 4