Thursday, December 31, 2015

How to Save Outlook.com Emails to OneNote Online

Just noticed a new feature in Outlook.com that is really handy feature and that is the ability to save emails on Outlook.com directly to OneNote Online! 

Here's a beginners guide to saving Outlook.com emails to OneNote Online.

How to Save Outlook.com Emails to OneNote Online

In to Outlook.com select an email message, right-click it and select Save to OneNote.

Note: You cannot select multiple messages at a time to send to OneNote Online.








Or you can select highlight an email message and then choose ... in the command bar at top and Save to OneNote.



A pop-up box will ask save to a folder or "Section" in OneNote lingo, in this case emails.

Sections are organized into a "Notebook"s.



You can quick create a New Section "folder" by choosing a higher level "Notebook" to enable New Section button to be activated. Then select the newly created Section and click the Save button.

Note: You can add additional note:)



To verify it saved in OneNote, launch it from the apps icon, rubik's cube icon at the top right and click on OneNote Online. 



Open Notebook "Personal(Web)" and voila, it's been saved to OneNote Online!




This is a great feature to save emails such as coupons, bills and receipts as a back-up.

Save the best till last - Now you can share this email "Page" to anyone specifically.

You can now remove sensitive information as necessary as well, before sharing.


Share OneNote Section or "Page" to anyone, by right-click on it and getting Copy Link to this Page....



My assistant will love this. 



Tuesday, December 29, 2015

Windows 10 File Encryption - TrueCrypt lives on as VeraCrypt

In Window 8/10, Bitlocker implementation removed Elephant diffuser as part of the block encryption algorithm, and has been criticized to be weaker and subject to attack!  "[The Elephant diffuser is] not FIPS compliant, so certain companies and government clients can’t use it,” according to Micah Lee, The Intercept_. 
Alternatives follow; 

TrueCrypt
 is a discontinued source-available freeware utility used for on-the-fly encryption (OTFE). It can create a virtual encrypted disk within a file or encrypt a partition or (under Microsoft Windows except Windows 7/8 boot drive with GPT) the entire storage device (pre-boot authentication).


On 28 May 2014, the TrueCrypt website announced that the project 
was no longer maintained and recommended users to find alternative solutions. Though development of TrueCrypt has ceased, an independent audit of TrueCrypt has concluded that no significant flaws are present.




VeraCrypt is the success to TrueCrypt, and is best to open source solution for an encrypted file containerIt's being actively support, is FIPS compliant and has 10 releases so far and supported for Windows 10.

 
Plausible 
deniability is maintained, by creating an hidden volume, which requires a separate password to reveal it.





Get Your Windows10 Encrypted Disk Recovery Keys


If you purchased a recent laptop with Windows 10, you may have disk encrypted automatically preconfigured. As a precaution, Microsoft will back-up the hard disk encryption key to your WIndows 10 login email address, by default.  This does pose some privacy and data security issues, since now you encrypted drive security depends on your Microsoft email account security, the weakest link. Moreover, this information is being sent over the wire, which can be intercepted.

Hackers now just have to guess your email password to break your stolen laptops encrypted hardrive.  

The good thing is Microsoft has enabled you to remove that HD Encryption key, add another one not saved to OneDrive, Microsoft Cloud hard drive. 

To do this go to https://onedrive.live.com/recoverykey and log in to your Microsoft account – this will be the same username and password that you use to log in to your Windows device. Once you’re in, it will show you a list of recovery keys backed up to your account.

If any of your Windows devices are listed, this means that Microsoft, or anyone that manages to access data in your Microsoft account, is technically able to unlock your encrypted disk, without your consent, as long as they physically have your computer. You can go ahead and delete your recovery key on this page – but you may want to back it up locally first, for example by writing it down on a piece of paper that you keep somewhere safe.
If you don’t see any recovery keys, then you either don’t have an encrypted disk, or Microsoft doesn’t have a copy of your recovery key. This might be the case if you’re using BitLocker and didn’t upload your recovery key when you first turned it on.
Is BitLocker less secure now ? 
https://theintercept.com/2015/06/04/microsoft-disk-encryption/

TrueCrpyt lives on as VeraCrpyt but only delivers folder encryption.

https://veracrypt.codeplex.com/

Tuesday, November 17, 2015

Phishing Email - Wells Fargo Online Banking Alert

Phishing Email - Wells Fargo Online Banking Alert

Recently an email with "Note:This is a service message with information related to your Wells Fargo account(s). It may include specific details." email is circulating.
It's a  phishing email. But I walk you through how to tell for sure. 
What to do? 
Report them

Report Phishing
 URLs at Google now 

If you have recievied this email take further action now by click these links

  1. https://www.google.com/safebrowsing/report_phish/?hl=en&url=updatewells.net


Text of the phishing email; 



Dear Wells Fargo Online Customer:
We're writing to let you know that your account needs to be updated and verified immediately.

To proceed, Click on to Update

If this is not done your account may be disabled or blocked.
Please don't reply directly to this automatically-generated e-mail message.

Sincerely,

Online Banking Team









































How to tell this is a Phishing email ?


  1. Is email is from you to you, then it's phishing.
  2. Hover over all links in email, if it's not from the wellsfargo.com site then forget it.

    In above example, the Online Privacy Policy link points to wellsfrago.com, but the action link Update is to updatewells.net which is a spam collecting site.

  3. The best way is to look at message source, see below.


How to examine Email Message Source ?

Now lets look at message source
  1. Outlook.com->Actions->View Message Source. 
  2. Gmail.com->More (down arrow to top right)->Show original.

For this phony email, well look at the top 50 lines of the message, known formally as the "message header".





At line 50 you have Return-Path: 233571@service-node-13.ng.hostnet.nl
and is suspect because domain was registered in Neatherlands (
.nl).
Why look at "Return-Path"? When the e-mail is put in the recipient's mailbox, a new mail header is created with the name "Return-Path:" containing the address on the MAIL FROM command. So it's a quick hit to determine authenticity.


Report Phishing Email (not as Spam)

  1. Outlook.com->Junk (at Top)->Phishing Scam
  2. Gmail.com->More (downarrow to top right)->Report Phishing 


Report Phishing URLs at Google now 

If you have recievied this email take further action now by click these linksHover over the iforgot.apple.com link and match the URL and click on the match link to report them as phishing to Google.

  1. https://www.google.com/safebrowsing/report_phish/?hl=en&url=updatewells.net
If you don't see your URL here add a comment below.

Report phishing at Microsoft and government agencies

  1. http://www.microsoft.com/security/online-privacy/phishing-faq.aspx

Sunday, October 25, 2015

Windows 10 - Set Time Automatically (from the internet)

The trend in Windows 10 of the Metro design is the simplification of user interfaces design, whose goal is universal access to non-technologist. However, too many times the balance between simple and loss of information to make decisions is lost. Let's take for classic example, the need to set time on your computer accurately. 

Windows 10 has a nice slide button that says to Set Time Automatically. Well that's vague, right. The first question now is set time automatically according to what?

Just adding "Set Time Automatically from internet" might be clearer or hover over with the additional information could have saved me from writing this post. 































Let's drill in, this setting auto-magically allows you to synchronize your Windows 10 time from a centralized time server.  All time server use Network Time Protocol (NTP). The default NTP server set by Microsoft is times.windows.com, which does a great job.

However, for privacy and accuracy you may want to change that to your own country.

How to change Windows to get time from your country


























Choose Region & language and scroll to bottom then; 

  1. Choose Additionally date, time & region settings
  2. Click Set the time and date
  3. Indicates current time server.
Choose "Change settings..." button. 
Now you can change the value in Server with your new NTP Time Server URL. 
Remember, to click Update now.









Each respectable nation in the world, has their own NTP Servers, and here's a brief list; 
  1. USA - time.nist.gov
  2. Canada -  time.nrc.ca
  3. UK - ntp2c.mcc.ac.uk  University of Manchester
    (UK Nation Physics Lab  NTP Server is no longer funded) 
How to test NTP Timer Server in the command line (cmd.exe); 


w32tm /config /update /manualpeerlist:"time.nrc.ca"
w32tm /query /peers



More NTP Servers listed here for more country selection 
http://support.ntp.org/bin/view/Servers/StratumOneTimeServers

Saturday, October 24, 2015

Windows 10 is spying on you - opt out ads using privacy settings


Windows 10 has an unprecedented level of privacy controls. Unlike other companies, you can opt out of many of privacy settings. If you want to go the extra mile, check the last two URLs.


































In Windows 10 - goto ‘Settings’ -> ‘Privacy’. It may seem like allot of options, but all 13 different sections you have a choice to control your privacy setting. 

Turning everything of your concern to ‘off’.




































One last thing you can turn of adds in your browser by opt out of personalized ads from Microsoft here

https://choice.microsoft.com/en-US/opt-out





What is Windows telemetry?

Windows telemetry is vital technical data from Windows devices about the device and how Windows and related software are performing. It's used in the following ways:

  • Keep Windows up to date
  • Keep Windows secure, reliable, and perform and Improve Windows  through the aggregate analysis of the use of Windows
  • Personalize Windows engagement surfaces

Here are some specific examples of Windows telemetry data:

  • Type of hardware being used
  • Applications installed and usage details
  • Reliability information on device drivers


What is NOT telemetry?

Telemetry can sometimes be confused with functional data. Some Windows components and apps connect to Microsoft services directly, but the data they exchange is not telemetry. For example, exchanging a users location for local weather or news is not an example of telemetry it is functional data that the app or service requires to satisfy the users request.

There are subtle differences between telemetry and functional data. Windows collects and sends telemetry in the background automatically. You can control how much information is gathered by setting the telemetry level. Microsoft tries to avoid collecting personal information wherever possible (for example, if a crash dump is collected and a document was in memory at the time of the crash). On the other hand, functional data can contain personal information. However, a user action, such as requesting news or asking Cortana a question, usually triggers collection and transmission of functional data.


http://lifehacker.com/what-windows-10s-privacy-nightmare-settings-actually-1722267229





Update Nov 3, 2016





From
https://www.ghacks.net/2016/11/23/microsoft-gives-third-parties-access-to-windows-10-telemetry-data/?PageSpeed=noscript

but the article seems to contradict itself.

Microsoft struck a deal with security company FireEye recently according to a report on Australian news magazin Arn which gives FireEye access to all Windows 10 Telemetry data.

but the article seems to contradict itself.

Update: Microsoft told Betanews that it is not sharing Windows 10 Telemetry data with the company.
The nature of the deal between Microsoft and FireEye is to license threat intelligence content from FireEye iSIGHT Intelligence. This additional layer of intelligence includes indicators and reports of past attacks collected and edited by FireEye and enhances detection capabilities of Windows Defender Advanced Threat Protection (WDATP). The deal does not include the sharing of Microsoft telemetry.
The report states that FireEye in return will provide Microsoft with the company's iSIGHT Intelligence software for Windows Defender Advanced Threat Protection on Windows 10 devices.
FireEye iSIGHT Intelligence is a proactive, forward-looking means of qualifying threats poised to disrupt business based on the intents, tools and tactics of the attacker.
Windows Defender is built-in to Windows 10 and enabled by default unless other security software is recognized by the operating system.
Pro and Enterprise customers may upgrade to Windows Defender Advanced Threat Protection featuring endpoint behavioral sensors, cloud security analysis and threat intelligence.
The news article suggests that the partnership benefits Microsoft, and specifically the reputation and credibility of the commercial version of Windows Defender.
A press release by FireEye on November 3, 2016 provides additional details on the deal. The company's iSIGHT Intelligence software is available through Windows Defender Advanced Threat Protection (WDATP) but not the free version of Windows Defender.


Friday, October 23, 2015

Windows 10 is spying on you - opt out ads using privacy settings


Windows 10 has an unprecedented level of privacy controls. Unlike other companies, you can opt out of many of privacy settings. If you want to go the extra mile, check the last two URLs.


































In Windows 10 - goto ‘Settings’ -> ‘Privacy’. It may seem like allot of options, but all 13 different sections you have a choice to control your privacy setting. 

Turning everything of your concern to ‘off’.




































One last thing you can turn of adds in your browser by opt out of personalized ads from Microsoft here

https://choice.microsoft.com/en-US/opt-out







http://lifehacker.com/what-windows-10s-privacy-nightmare-settings-actually-1722267229


To go the extra level you can turn all of these off;
All text typed on the keyboard is stored in temporary files, and sent (once per 30 mins) to:
  • oca.telemetry.microsoft.com.nsatc.net
    pre.footprintpredict.com
    reports.wes.df.telemetry.microsoft.com
This will allow Microsoft and the greater Jewish community to have a way to steal every joke, every poem, every intellectual endeavor you ever create and have it copyrighted before you even stop typing.
Telemetry is sent once per 5 minutes, to:
  • vortex.data.microsoft.com
    vortex-win.data.microsoft.com
    telecommand.telemetry.microsoft.com
    telecommand.telemetry.microsoft.com.nsatc.net
    oca.telemetry.microsoft.com
    oca.telemetry.microsoft.com.nsatc.net
    sqm.telemetry.microsoft.com
    sqm.telemetry.microsoft.com.nsatc.net
This allows them to track you very accurately.
Typing the name of any popular movie into your local file search starts a telemetry process that indexes all media files on your computer and transmits them to:
  • df.telemetry.microsoft.com
    reports.wes.df.telemetry.microsoft.com
    cs1.wpc.v0cdn.net
    vortex-sandbox.data.microsoft.com
    pre.footprintpredict.com
This allows them to index any “unauthorized” content, and build a dossier on you that can be used in conjunction with their tracking data to stuff almost anyone in jail when needed.

When a webcam is first enabled, ~35mb of data gets immediately transmitted to:
  • oca.telemetry.microsoft.com
    oca.telemetry.microsoft.com.nsatc.net
    vortex-sandbox.data.microsoft.com
    i1.services.social.microsoft.com
    i1.services.social.microsoft.com.nsatc.net
This allows them to get a good layout of your home and surroundings, and a good look at YOU PERSONALLY so they know exactly who to go get and how to stage the attack when something you typed pissed them off.
Everything that is said into an enabled microphone is immediately transmitted to:
  • oca.telemetry.microsoft.com
    oca.telemetry.microsoft.com.nsatc.net
    vortex-sandbox.data.microsoft.com
    pre.footprintpredict.com
    i1.services.social.microsoft.com
    i1.services.social.microsoft.com.nsatc.net
    telemetry.appex.bing.net
    telemetry.urs.microsoft.com
    cs1.wpc.v0cdn.net
    statsfe1.ws.microsoft.com

If this weren’t bad enough, this behavior still happens when Cortana (microsoft’s version of SIRI) is not installed.

Add these entries to your hosts file to block these addresses.

 
127.0.0.1 df.telemetry.microsoft.com
127.0.0.1 reports.wes.df.telemetry.microsoft.com
127.0.0.1 cs1.wpc.v0cdn.net
127.0.0.1 vortex-sandbox.data.microsoft.com
127.0.0.1 pre.footprintpredict.com
127.0.0.1 oca.telemetry.microsoft.com
127.0.0.1 oca.telemetry.microsoft.com.nsatc.net
127.0.0.1 vortex-sandbox.data.microsoft.com
127.0.0.1 pre.footprintpredict.com
127.0.0.1 i1.services.social.microsoft.com
127.0.0.1 i1.services.social.microsoft.com.nsatc.net
127.0.0.1 telemetry.appex.bing.net
127.0.0.1 telemetry.urs.microsoft.com
127.0.0.1 cs1.wpc.v0cdn.net
127.0.0.1 statsfe1.ws.microsoft.com
127.0.0.1 vortex.data.microsoft.com
127.0.0.1 vortex-win.data.microsoft.com
127.0.0.1 telecommand.telemetry.microsoft.com
127.0.0.1 telecommand.telemetry.microsoft.com.nsatc.net
127.0.0.1 oca.telemetry.microsoft.com
127.0.0.1 oca.telemetry.microsoft.com.nsatc.net
127.0.0.1 sqm.telemetry.microsoft.com
127.0.0.1 sqm.telemetry.microsoft.com.nsatc.net



Update Nov 3, 2016


From
https://www.ghacks.net/2016/11/23/microsoft-gives-third-parties-access-to-windows-10-telemetry-data/?PageSpeed=noscript

but the article seems to contradict itself.

Microsoft struck a deal with security company FireEye recently according to a report on Australian news magazin Arn which gives FireEye access to all Windows 10 Telemetry data.
Update: Microsoft told Betanews that it is not sharing Windows 10 Telemetry data with the company.
The nature of the deal between Microsoft and FireEye is to license threat intelligence content from FireEye iSIGHT Intelligence. This additional layer of intelligence includes indicators and reports of past attacks collected and edited by FireEye and enhances detection capabilities of Windows Defender Advanced Threat Protection (WDATP). The deal does not include the sharing of Microsoft telemetry.
The report states that FireEye in return will provide Microsoft with the company's iSIGHT Intelligence software for Windows Defender Advanced Threat Protection on Windows 10 devices.
FireEye iSIGHT Intelligence is a proactive, forward-looking means of qualifying threats poised to disrupt business based on the intents, tools and tactics of the attacker.
Windows Defender is built-in to Windows 10 and enabled by default unless other security software is recognized by the operating system.
Pro and Enterprise customers may upgrade to Windows Defender Advanced Threat Protection featuring endpoint behavioral sensors, cloud security analysis and threat intelligence.
The news article suggests that the partnership benefits Microsoft, and specifically the reputation and credibility of the commercial version of Windows Defender.
A press release by FireEye on November 3, 2016 provides additional details on the deal. The company's iSIGHT Intelligence software is available through Windows Defender Advanced Threat Protection (WDATP) but not the free version of Windows Defender.