Friday, January 24, 2020

How to delete a path too long on network share

Thanks to an Windows File Manager (WinFile.exe) which was released as an open-source project by Microsoft about 2 years ago, you can achieve this easily. 

For the unitiated, Windows File Manager (WinFile.exe) was last seen in WinXP.  Windows File Manager (WinFile) was superseded by Windows Explorer in Windows ME, 7 and 10. 

WinFile is free and builds available for Windows 7,10 here - https://github.com/Microsoft/winfile

With WinFile you can easily delete paths that are too long on network share.

You just have to map the network share to a drive letter, then proceed to delete files. This will only work on Microsoft server shares. Linux/Mac/other share's are not supported for path too long.

It works because paths tool long are represented using 8.3 dos short name in WinFile.

For example, word document named


"A Transport and there is a great amount of Handling Unit Type of test_Thingy.docx"


as 8.3 DOS short name might be

"ATRANS~1.DOCX"



Sometimes you have to go "Back to the Future".
To find many paths that are too long and automate a fix, use Path Too Long Auto Fixer (PTLAF) - a free demo is available. PTLAF supports Network Shares and Linux paths up to 4096 characters long.It can delete paths on UNIX, Mac and other shares!

Saturday, January 18, 2020

Before you start using Microsoft Edge do this for privacy

How to turn off data sent to Google from new Microsoft Edge


Everyone should use new Microsoft Edge over Chrome because its way better for privacy.


Do this before you start using Microsoft Edge, because you'll have to clear browsing all history.


Firstly, edge://settings/privacy - Choose  
Tracking prevention STRICT as a bare minimum.






1. From https://docs.microsoft.com/en-us/microsoft-edge/privacy-whitepaper section disable the following; 


  • edge://flags/#edge-widevine-drm
  • edge://settings/privacy. Under Clear browsing data, select Choose what to clear, select the check box for Cookies and other site data, and select Clear now to remove any stored identifiers. You can stop Adobe Flash DRM from ever being used by going to edge://settings/content/flash.
  •  edge://settings/content/protectedContent

2. Under edge://flags/

  • Experimental QUIC protocol - disable
    QUIC is the name for an experimental protocol and it stands for Quick UDP Internet Connection. The protocol supports a set multiplexed connections over UDP, and was designed to provide security protection equivalent to TLS/SSL, along with reduced connection and transport latency
    Some websites are not being filtered because they use the QUIC protocol. QUIC is not a standard SSL protocol and it is not filtered by MITM (certificate is not signed by MITM). To check if a website is using the QUIC protocol in Google Chrome, install the "spdy http2 indicator" extension.
    Also recommend you set up a firewall rule to prevent this.
  • disable all WebRTC flags which can be used a permanent tracker by various sites including Google. This can be used like Adobe Flash Cookies, which cannot be destroyed and re-spawn for permanent tracking cookies. See my post on how to remove them.
  • Connect to Cast devices on all IP addresses - disable - more info.
  • Cast Media Route Provider - disable - more info.
  • DIAL Media Route Provider - disable - more info..
  • Mirroring Service - disable - more info.
  • All Omnibox flags - disable - Bing default 
  • Generic Sensor Extra Classes - disable -  unknown potential connections
  • All experimental built-in modules - disable - unknown exposure
  • TopSites from NextUrlService - disable - Microsoft or trusted third party - more info
  • Secure DNS lookups - disable - privacy issues, more info.

From https://docs.microsoft.com/en-us/microsoft-edge/privacy-whitepaper section we have; 

Digital Rights Management and Media Licenses

When a website offers media content that’s protected by Digital Rights Management (DRM), Microsoft Edge uses a secure playback pipeline to ensure the content is not copied or accessed improperly. As part of this feature, Microsoft Edge may store DRM-related data on your device, including a unique identifier and media licenses, and may transmit that unique identifier to a media licensing server specified by the content provider. When you use the website, Microsoft Edge retrieves the DRM info to make sure you have permission to use the content. This data helps to validate access to the protected content and ensure a seamless media experience.
Microsoft Edge supports DRM via the Encrypted Media Extensions (EME) API for HTML5 sites. The EME API allows websites to communicate with a DRM provider called a Content Decryption Module (CDM). Different DRM systems, such as Google's Widevine or Microsoft's PlayReady, may be supported by their own CDM implementation. Content providers may choose to support one or more potential DRM systems and may utilize the functionality of the EME API to decide which DRM system to use for a specific client. Learn more about EME privacy.
Microsoft Edge supports PlayReady DRM only on Windows 10. PlayReady is an DRM implementation to deliver media experiences such as 4K video and Dolby Atmos audio. Microsoft Edge uses the Windows Platform Media Foundation APIs to support PlayReady. To validate access to protected content, Microsoft Edge utilizes the Windows 10 operating system which uses a unique identifier and communicates that with the PlayReady service. All EME, CDM, and browser data for PlayReady that persists on the device is stored and maintained on Microsoft Edge. Learn more
Microsoft Edge supports Google’s Widevine DRM and this option is on by default. Microsoft Edge will periodically fetch updates for Widevine from Google serversThe use of Widevine may include communications to Google. Users may opt out of using Widevine in Microsoft Edge by disabling the Widevine DRM flag at edge://flags/#edge-widevine-drmWidevine has the capability to create a unique device identifier and transmit it to Google. For more specific information on Widevine and privacy, see Google’s privacy policy.
Microsoft Edge supports Adobe’s Flash Access DRM, which is used by some sites instead of HTML5. You must give permission to allow Adobe Flash when a site requests it. When a site uses Adobe Flash Access DRM, Microsoft Edge will give Adobe access to a unique device identifier. You can clear and reset any locally stored instances of this identifier by going to edge://settings/privacy. Under Clear browsing data, select Choose what to clear, select the check box for Cookies and other site data, and select Clear now to remove any stored identifiers. You can stop Adobe Flash DRM from ever being used by going to edge://settings/content/flash.
When you request access to encrypted HTML5 media like an online movie, Microsoft Edge will create a license request to decrypt the media. The CDM being used will create the license request which contains a request ID. This request is sent to the license server. No part of the license request contains any personally identifiable information, and the license request is not stored on the device.
When returning the media license, a media identifier is created which is unique to the user and the site. This ID is not shared between sites and is different for each site. A session ID, used to identify a playback session, is sent with the media identifier to decrypt the media. The media identifier is stored locally on the device and may be stored with the content provider.
All DRM and content protections can be turned off by going to edge://settings/content/protectedContent.
  • Turning off Allow sites to play protected content will disable playback for CDM-based DRM systems such as PlayReady and Widevine, but not for non-CDM-based systems like Flash Access DRM. Flash is managed by a separate site permission at edge://settings/content/flash. Turning this off will cause media functionality to stop working properly.
  • Turning off Allow identifiers for protected content will prevent the creation of identifiers for Flash Access DRM and prevents Widevine from periodically fetching updates from Google. This may cause some media functionality on some sites to stop working properly.






Friday, January 17, 2020

How to turning off Microsoft Edge data sent to Google Plex

How to turn off data sent to Google from new Microsoft Edge


Everyone should use new Microsoft Edge over Chrome because its way better for privacy.


Do this before you start using Microsoft Edge, because you'll have to clear browsing all history.


Firstly, edge://settings/privacy - Choose  
Tracking prevention STRICT as a bare minimum.







1. From https://docs.microsoft.com/en-us/microsoft-edge/privacy-whitepaper section disable the following; 


  • edge://flags/#edge-widevine-drm
  • edge://settings/privacy. Under Clear browsing data, select Choose what to clear, select the check box for Cookies and other site data, and select Clear now to remove any stored identifiers. You can stop Adobe Flash DRM from ever being used by going to edge://settings/content/flash.
  •  edge://settings/content/protectedContent

2. Under edge://flags/

  • Experimental QUIC protocol - disable
    QUIC is the name for an experimental protocol and it stands for Quick UDP Internet Connection. The protocol supports a set multiplexed connections over UDP, and was designed to provide security protection equivalent to TLS/SSL, along with reduced connection and transport latency
    Some websites are not being filtered because they use the QUIC protocol. QUIC is not a standard SSL protocol and it is not filtered by MITM (certificate is not signed by MITM). To check if a website is using the QUIC protocol in Google Chrome, install the "spdy http2 indicator" extension.
    Also recommend you set up a firewall rule to prevent this.
  • disable all WebRTC flags which can be used a permanent tracker by various sites including Google. This can be used like Adobe Flash Cookies, which cannot be destroyed and re-spawn for permanent tracking cookies. See my post on how to remove them.
  • Connect to Cast devices on all IP addresses - disable - more info.
  • Cast Media Route Provider - disable - more info.
  • DIAL Media Route Provider - disable - more info..
  • Mirroring Service - disable - more info.
  • All Omnibox flags - disable - Microsoft trusted third party
  • Generic Sensor Extra Classes - disable -  unknown potential connections
  • All experimental built-in modules - disable - unknown exposure
  • TopSites from NextUrlService - disable - Microsoft trusted third party
  • Secure DNS lookups - disable - privacy issues, more info.

From https://docs.microsoft.com/en-us/microsoft-edge/privacy-whitepaper section we have; 

Digital Rights Management and Media Licenses

When a website offers media content that’s protected by Digital Rights Management (DRM), Microsoft Edge uses a secure playback pipeline to ensure the content is not copied or accessed improperly. As part of this feature, Microsoft Edge may store DRM-related data on your device, including a unique identifier and media licenses, and may transmit that unique identifier to a media licensing server specified by the content provider. When you use the website, Microsoft Edge retrieves the DRM info to make sure you have permission to use the content. This data helps to validate access to the protected content and ensure a seamless media experience.
Microsoft Edge supports DRM via the Encrypted Media Extensions (EME) API for HTML5 sites. The EME API allows websites to communicate with a DRM provider called a Content Decryption Module (CDM). Different DRM systems, such as Google's Widevine or Microsoft's PlayReady, may be supported by their own CDM implementation. Content providers may choose to support one or more potential DRM systems and may utilize the functionality of the EME API to decide which DRM system to use for a specific client. Learn more about EME privacy.
Microsoft Edge supports PlayReady DRM only on Windows 10. PlayReady is an DRM implementation to deliver media experiences such as 4K video and Dolby Atmos audio. Microsoft Edge uses the Windows Platform Media Foundation APIs to support PlayReady. To validate access to protected content, Microsoft Edge utilizes the Windows 10 operating system which uses a unique identifier and communicates that with the PlayReady service. All EME, CDM, and browser data for PlayReady that persists on the device is stored and maintained on Microsoft Edge. Learn more
Microsoft Edge supports Google’s Widevine DRM and this option is on by default. Microsoft Edge will periodically fetch updates for Widevine from Google servers. The use of Widevine may include communications to Google. Users may opt out of using Widevine in Microsoft Edge by disabling the Widevine DRM flag at edge://flags/#edge-widevine-drm. Widevine has the capability to create a unique device identifier and transmit it to Google. For more specific information on Widevine and privacy, see Google’s privacy policy.
Microsoft Edge supports Adobe’s Flash Access DRM, which is used by some sites instead of HTML5. You must give permission to allow Adobe Flash when a site requests it. When a site uses Adobe Flash Access DRM, Microsoft Edge will give Adobe access to a unique device identifier. You can clear and reset any locally stored instances of this identifier by going to edge://settings/privacy. Under Clear browsing data, select Choose what to clear, select the check box for Cookies and other site data, and select Clear now to remove any stored identifiers. You can stop Adobe Flash DRM from ever being used by going to edge://settings/content/flash.
When you request access to encrypted HTML5 media like an online movie, Microsoft Edge will create a license request to decrypt the media. The CDM being used will create the license request which contains a request ID. This request is sent to the license server. No part of the license request contains any personally identifiable information, and the license request is not stored on the device.
When returning the media license, a media identifier is created which is unique to the user and the site. This ID is not shared between sites and is different for each site. A session ID, used to identify a playback session, is sent with the media identifier to decrypt the media. The media identifier is stored locally on the device and may be stored with the content provider.
All DRM and content protections can be turned off by going to edge://settings/content/protectedContent.
  • Turning off Allow sites to play protected content will disable playback for CDM-based DRM systems such as PlayReady and Widevine, but not for non-CDM-based systems like Flash Access DRM. Flash is managed by a separate site permission at edge://settings/content/flash. Turning this off will cause media functionality to stop working properly.
  • Turning off Allow identifiers for protected content will prevent the creation of identifiers for Flash Access DRM and prevents Widevine from periodically fetching updates from Google. This may cause some media functionality on some sites to stop working properly.






Thursday, January 16, 2020

Turning off Microsoft Edge - Continue running background apps when closed

Microsoft today (Jan 15, 2020) launched its new Edge browser based on Google's Chromium open source project. You can download Chromium Edge GA now for Windows 7, Windows 8, Windows 10, and macOS directly from microsoft.com/edge in more than 90 languages. 

One setting you may miss, but has performance implications is found in the System option (edge://settings/system).

Continue running background apps when Microsoft Edge is closed

Some apps and extension can “ask” the browser to stay awake so that they can continue to function; e.g., to deliver notifications of new e-mail messages, or keep a chat alive.

For example, Facebook can continue to run in the background and also show notifications.

Swipe left to disable.



Wednesday, January 15, 2020

Microsoft Edge - An error occurred while checking for updates: We couldn't create that component (error code 3: 0x80080005 -- system level).

Microsoft Edge GA released today. Doing a quick check of the version in the About tab, I still get the following error on Windows 7.

Microsoft Edge
An error occurred while checking for updates: We couldn't create that component (error code 3: 0x80080005 -- system level).

However, the Microsoft Edge Update Service will keep your browser up-to-date.






















But to fix this, report the issue. The more people that do, the more likely this will be resolved.




Monday, January 13, 2020

Apple Phishing Email - Re: Reminder: [Summary Service Added] Your account has been s‌u‌s‌p‌e‌n‌d‌e‌d‌. R‌e‌p‌a‌i‌r‌ y‌o‌u‌r‌ a‌c‌c‌o‌u‌n‌t‌ b‌e‌f‌o‌r‌e‌ 1‌2‌ h‌o‌u‌r‌s‌ : Thursday‌, - Jan 09, 2020... [Statement:[GQQHOLBN] / ID [Province] donderdag - 9 January 2020. [FWD]

For the record, this is an Apple phishing email attempt that is recently going around. What to do?  Report them, goto bottom of page.


From : Ap‌pl‌e‌‌‌‌I‌D‌‌ <e5nzxlng4dn@leadpoop.com>


Subject
 :
Re: Reminder: [Summary Service Added] Your account has been s‌u‌s‌p‌e‌n‌d‌e‌d‌. R‌e‌p‌a‌i‌r‌ y‌o‌u‌r‌ a‌c‌c‌o‌u‌n‌t‌ b‌e‌f‌o‌r‌e‌ 1‌2‌ h‌o‌u‌r‌s‌ : Thursday‌, - Jan 09, 2020... [Statement:[GQQHOLBN] / ID [Province] donderdag - 9 January 2020. [FWD]

Update your Account Informations!
______________________________________________________________

Careful now! Check your account, something might be wrong.

Dear Customers, 

Your account has been Locked Because of suspicious things about your
account, please verify immediately to reopen your account.

If you did not make these action or believe an unauthorized person has
accessed your account, you should login to your account as soon as possible
to verify your information.

Login Your Account

Regards,

Apple support.


PHISHING LINKs;  

1. https://leadsstool.com

How to tell this is a Phishing email ?

  1. Check email address in full, if it's not from originating company then it's phishing.
  2. Hover over all links in email, if it's not from the apple.com site then forget it.

  3. The best way is to look at message source, see below.

How to examine Email Message Source ?

Now lets look at message source
  1. Outlook.com->Actions->View Message Source. 
  2. Gmail.com->More (down arrow to top right)->Show original.
Check for suspicious links, anything that does not originate from apple.com.


Report Phishing Email (not as Spam)

  1. Outlook.com->Junk (at Top)->Phishing Scam
  2. Gmail.com->More (downarrow to top right)->Report Phishing 

Report Phishing URLs at Google now 

If you have recievied this email take further action now by click these links

  1. https://www.google.com/safebrowsing/report_phish/


Report phishing at Microsoft and government agencies

  1. http://www.microsoft.com/security/online-privacy/phishing-faq.aspx

Report phishing emails to Apple 

Forward the email to abuse@icloud.com. This provides Apple's legal department and law enforcement with useful information to help prevent future phishing emails.

Saturday, January 11, 2020

Contact Form Spam Prevention - reCAPTCHA is broken, it allows for SPAM

As a favor, I set up a Wordpress site with a typical contact form and used Google's reCAPTCHA to prevent SPAM. I must say that over the course of the last 3 months, I have been getting daily SPAM messages, about 2-3. Which is not bad. 

But it's not enough, Google's reCAPTCHA is simply no effective any longer, and you have implement another challenge to zero out you SPAM from a site. In the past, say a year ago this was enough, but no longer.