Category Archives: Windows

關閉與開啟 Windows 10 內一堆侵犯與增強隱私的設定

DuckDuckGo 前陣子整理了一篇關於如何調整 Windows 10 的文章,洋洋灑灑列了十五條方式供使用者調整:「How To Protect Privacy On Windows 10」。 像是可以將無線網路的 MAC address 隨機化的方式就頗不錯: 然後有一堆要把資料送回 Microsoft 的...

Posted in Computer, Hardware, Murmuring, Network, OS, Security, Software, Windows | Tagged , , , , , , , , , | Leave a comment

在 EC2 上 Windows 用的 EC2Rescue

看到「Amazon EC2Rescue is now available」這個,在「How can I use EC2Rescue to troubleshoot and fix common issues on my EC2 Windows instance?」這邊則解釋了用途。 拿來解 Windows 上常見的問題的工具,也可以單純拿來拉 log?不過要注意的是版本: Note: EC2Rescue can only be run on Windows Server 2008 R2 or later, but it can … Continue reading

Posted in AWS, Cloud, Computer, Murmuring, Network, OS, Windows | Tagged , , , , , , | Leave a comment

用 SessionGopher 拉出機器上各種密碼與 Key

同事在 Slack 上提到 fireeye/SessionGopher 這個工具,可以從機器上拉出各種敏感資訊: SessionGopher is a PowerShell tool that uses WMI to extract saved session information for remote access tools such as WinSCP, PuTTY, SuperPuTTY, FileZilla, and Microsoft Remote Desktop. It can be run remotely or locally. 方法是掃 … Continue reading

Posted in Computer, Murmuring, OS, Security, Software, Windows | Tagged , , , , , , , , , , , , , , , , | Leave a comment

ReactOS 0.4.4 可以跑 Office 2007 了

在「ReactOS 0.4.4 Released」這邊看到 ReactOS 在實際機器上 (而非虛擬機上) 跑 Office 2007 的畫面: 最近 ReactOS 的消息比較多,而且也看到一些比較驚人的成果了...

Posted in Computer, Murmuring, OS, Software, Windows | Tagged , , , | Leave a comment

將 Windows 10 侵犯隱私的程式都關光

alirobe/reclaimWindows10.ps1 這個 gist 提供了 script 將 Windows 10 侵犯隱私的程式都關閉: "Reclaim Windows 10" turns off a bunch of unnecessary Windows 10 telemetery, removes bloatware, and privacy invasions. Review and tweak before running. Scripts for reversing are included and commented. Fork via … Continue reading

Posted in Computer, Murmuring, Network, OS, Security, Software, Windows | Tagged , , , , | 2 Comments

Lenovo 開始出 Microsoft-only 機了,其他的 OS 都會被鎖住不能用

有人在 Reddit 上抱怨買了一台 Lenovo 的機器卻不能裝 Linux,因為會抓不到硬碟:「Warning: Microsoft Signature PC program now requires that you can't run Linux. Lenovo's recent Ultrabooks among affected systems.」,官方回覆是: This system has a Signature Edition of Windows 10 Home installed. It is locked per our agreement … Continue reading

Posted in Computer, Hardware, Linux, Murmuring, OS, Security, Software, Windows | Tagged , , , , , , , , | 1 Comment

Firefox 49 將可以吃系統的 Certificate Trust Store

在「Upcoming Changes to Root Certificates in Firefox on Windows」這邊看到 Firefox 49 將會有選項可以讓 Firefox 多吃系統的 Certificate Trust Store: This feature is available in Firefox 49 and up (currently in beta). To give it a try, set the preference security.enterprise_roots.enabled to true. … Continue reading

Posted in Browser, Computer, Firefox, Murmuring, Network, OS, Security, Software, Windows, WWW | Tagged , , , , , , , , , , , , , , | 1 Comment

Badlock Bug 總算公佈了...

關於 Samba 與 Windows 網芳的安全性問題,拖了三個禮拜的「Badlock Bug」的細節總算公佈了 (網頁還不支援 HTTPS)。 果然是為了打名氣而事前公佈的... 都不是無條件的 RCE (Remote Code Execution),而是透過 MITM 後的 RCE。

Posted in Computer, Murmuring, Network, OS, Security, Software, Windows | Tagged , , , , , , | Leave a comment

Badlock 安全性問題同時影響 Windows 與 Samba

前幾天發佈了 Windows 與 Samba 共同有的安全性問題,叫做 Badlock:「Hype Around the Mysterious ‘Badlock’ Bug Raises Criticism (WIRED)」。但這個 bug 在 4/12 前不會公佈: On April 12th, 2016, a crucial security bug in Windows and Samba will be disclosed. We call it: Badlock. 長達三個禮拜的時間可以讓其他人找出問題是很罕見的,主要是因為這已經提供足夠多資訊去挖掘。名稱叫做 Badlock,看起來是某種 lock … Continue reading

Posted in Computer, Murmuring, Network, OS, Security, Software, Windows | Tagged , , , , , , | Leave a comment

聯想的 BIOS 會自動安裝軟體,即使你整台重灌...

這家公司與這類事情,好像不怎麼意外:「Lenovo used a hidden Windows feature to ensure its software could not be deleted」。 每次開機時 BIOS 會檢查是不是 Windows 7 或 Windows 8,如果是,而 C:\Windows\system32\autochk.exe 不是 Lenovo 所簽名的版本,那麼就會蓋掉變成自己版本: If Windows 7 or 8 is installed, the BIOS of the laptop checks ‘C:\Windows\system32\autochk.exe’ … Continue reading

Posted in Computer, Hardware, Murmuring, OS, Security, Software, Windows | Tagged , , , , , , , , , | 1 Comment