Microsoft Contractors Listening To Recordings Made Via Skype Or Cortana

Jason Cooley is Support Services Manager for Tech Experts.

For years, Skype has been a big part of computer users’ experiences regardless of operating system. Whether voice calls, messaging, or video, Skype has a huge share of the user pool. Many Android users use Skype for video chatting in lieu of Apple’s popular Facetime app. It’s also popular among those contacting relatives or friends around the globe.

Skype even introduced an auto translate feature last year. The feature allows for translation between languages in (nearly) real time. Skype has made connecting with people easier than ever, no matter where they are from or their language.

Skype’s translate feature has been praised and for good reason. It is quite impressive that there is an application capable of translating so quickly, allowing people that don’t speak the same language to have a nearly flawless conversation. Of course, with software capable of such amazing things, it’s guaranteed that improvements will constantly be in the works so that it can reach its full potential.

Skype’s translator FAQ does state that calls are collected for data analysis, but that’s vague and may not raise any alarms.

What if I told you that some of those calls were being recorded? Not only that, but they are also being listened to in some cases.

With Skype, the data discovered shows that MOST of the Skype recordings gathered and reviewed are recordings using the translator. Again – that is MOST, not all. These calls contained all kinds of personal information: relationships being discussed, intimate conversations, arguments, you name it.

Skype claims that the information was gathered and listened to only to help improve the product. However, the problem will always go back to the fact that this information was not disclosed.

In fact, many people would say Skype was dishonest in the way that the privacy information was portrayed. Microsoft, who owns Skype, of course states that they only collected voice recordings with customer permission. Micro­soft also ensures that the data is treated as confidential information, but humans are still listening to personal conversations. The confidentiality of that seems suspect.

Then there is Cortana, Windows’ built-in digital assistance. Cortana can search for you, using voice commands. Much like more well-publicized assistants (such as Amazon’s Alexa), Cortana can help you by pulling up search results, maps, or other information you may need. Of course, Cortana also can remember some of your information for you.

So let’s think about Cortana being used in the real world. Asking Cortana about that embarrassing rash? Punching in your home address? Someone might be listening to that too.

The stance on the Skype calls (even though not ALL calls listened to were made with translator) is that Microsoft is collecting data for the purpose of improving its translator feature – so what about Cortana? Is listening to a person’s voice searches really improving any sort of programming?

Possibly, but that sort of testing could be done without the use of private recordings.

Windows Core OS: The Future of Windows

Jason Cooley is Support Services Manager for Tech Experts.

Microsoft Windows has been the leading PC OS for as long as I can remember. There have been many different versions through the years.

There have been favorites like Windows 3.1, XP, and Windows 7 – and less well-received versions, like ME (Millennium Edition) and Vista.

Windows tried a new approach with Windows 8, something they envisioned would take over mobile device platforms, and designed an OS that would be similar across many devices.

This never truly came to be as Windows 8 was generally not well received, and the mobile version wasn’t exactly a hit either.

Enter Windows 10. While there are problems from a technical standpoint, Windows 10 (as it currently stands) is a pretty user-friendly OS and continues to make improvements and security enhancements with the user in mind. Windows 10 spans many devices.

Smart TVs, cell phones, laptops, desktops, tablets, Microsoft’s Xbox One, and so many other devices have a version of Windows 10.

I stress the fact that these devices have a version of Windows 10 for a reason. These operating systems look and function very similarly, but each is a uniquely programmed version of Windows 10. Essentially, each device type has a custom operating system developed to look and run like Windows 10.

These operating systems are fine-tuned for the type of device they are running on. You wouldn’t have a great experience using Windows 10 for desktops on a cell phone. It would be much too resource-intensive and create a real battery use issue.

So what is Windows Core OS?

Windows Core OS is a new project underway by Microsoft. Windows Core OS would create a base version of Windows that could be installed on any type of device. This is great for users and developers alike.

While it will be a long time before Core OS is available, Microsoft is already using it for testing their new Hololens and other devices they’re currently showcasing. It is also a huge part of the development for operating systems that will thrive on foldable devices and mobile devices with more than one screen.

Currently, when a new type of device comes out, like a foldable screen phone, an all-new version of Windows 10 is written specifically for the phone.

It’s programmed from the ground up and works around the device specifications and limitations to create the closest thing to a normal Windows 10 experience as possible.

While many users who use Windows 10 on multiple platforms may not notice many differences, each version requires a lot of work and each device gets a lot of attention.

Windows Core OS would change everything. Microsoft is developing Core OS to be buildable and scalable.

It would allow for a base version of Windows that would run on any device.

Whenever devices are launched with new capabilities, features can be added instead of creating an entirely new operating system. This lightweight operating system will be used on every kind of device you could think of in the not too distant future and – sooner than you think – it will also be running on a lot of devices that you probably couldn’t dream of.

Nine Useful Windows 10 Features You Probably Never Use

Frank DeLuca is a field technician for Tech Experts.

Microsoft’s operating system runs on nearly half a billion PCs and laptops worldwide. It’s so commonplace that most of us don’t pay attention to the ways it can make our lives easier.

These are not secret features that Microsoft doesn’t want us to know about by any means. We may have just forgotten that these powerful tools exist.

Disk Cleanup
Disk Cleanup is a simple way to delete files you no longer need and to ensure your recycle bin is cleared out.

On Windows 10, type “disk cleanup” into your taskbar where it says, “Type here to search.” Then, click on the Disk Cleanup app.

Click on any of the entries in the list to see a description of what the files are and how much space can be reclaimed by removing them. Place a check mark in the box next to each entry you want deleted, such as temporary files.

Malware Removal
It’s more important than ever to have a multilayered approach to cybersecurity. Windows Defender is a security tool that can be set up to block malware attacks in real time or you can perform a scan when you need it.

To make sure Windows Defender is running, type “Windows Defender” into your taskbar. Select Windows Defender app.

Make sure it is set to real-time protection and that virus and spyware definitions are up to date.

Quick Assist
We all have that tech-challenged family member, but did you know that you can remotely manage a friend or family member’s computer (or vice-versa) so you can help fix their tech-related problems?

This handy feature is called Quick Assist and it can really be a lifesaver when offering IT assistance.

In Windows 10, type “Quick Assist” into your taskbar. Select Get Assistance or Give Assistance and then follow the onscreen instructions. You’ll thank me later.

Video Streaming
Windows 10 comes with its own built-in DLNA video and media streaming protocol. All you need is a DLNA-compatible device to stream to, like an Xbox One or Roku.

Type “Media Streaming” into the Windows 10 taskbar. Select Media Streaming Options and follow the instructions.

Task Scheduler
Task Scheduler helps you schedule tasks on your computer, like turning your PC off at a specific time each day. Type “task scheduler” into your taskbar to get started.

Virtual Desktop
The little rectangular box to the right of your “Type here” taskbar will change to display all windows you have open. Or you can click on New Desktop to create a new workspace without closing the windows you have open.

Find Missing Files
The command prompt can help you find files that your Windows operating system needs to work properly. It can also help you fix problems.

Type “cmd” into the taskbar. Right click on Command Prompt and select Run As Administrator. To find missing files, type “sfc /scannow.” To check for system problems, type “chkdsk /f.”

Print PDF
PDF is a print format that is compatible across multiple operating systems and software programs. You may not know that you can print in PDF format from any program running on Windows 10.

To do this, just go through the steps to print that you normally would. When you see the option to choose a specific printer, select the one that says, “Microsoft Print to PDF.”

Record Screen Activity
Did you know you can record videos on Windows 10? Just click the Windows key and the letter ‘G’ at the same time – then follow the prompts to record.

The Latest Expansions To Office 365 Will WOW You!

Thomas Fox is president of Tech Experts, southeast Michigan’s leading small business computer support company.

The availability of productivity apps is astounding. Basic word processors that were the desktop staple haven’t been replaced, but have evolved from requiring installation from a CD-ROM to not even requiring a downloaded program file anymore!

Yes, Microsoft Word, the workplace word processing darling, is accessible online through subscription-based Microsoft Office 365, which has a multitude of integrated apps designed for the flexible workforce.

Create documents in Microsoft Word or spreadsheets in Microsoft Excel and save them to SharePoint or OneDrive, send emails through Microsoft Outlook, design innovative presentations with PowerPoint, and the list goes on.

The list of apps that integrate with Office 365 expands every day! Considering Microsoft Office 365 now includes Microsoft Teams and Microsoft Flow, the possibilities are incredible. If you’ve not yet experienced either of these apps, you’re truly missing out. [Read more…]

Windows 10 Creator’s Fall Update to Bring Hardened Ransomware Protection

jared-stemeye

Jared Stemeye is a Help Desk Technician at Tech Experts.

2017 has seen some of the most high-profile ransomware and cryptoware attacks to date. These incidents have demonstrated that these types of attacks can have catastrophic effects that reach far beyond the ransom demands paid to these attackers.

The cost of downtime and damage control multiplies quickly. Even more damaging is being impacted because critical infrastructure or health care services are unexpectedly unavailable for extended periods of time, consequently costing much more than any monetary value.

Microsoft has stated that they recognize the threat that these cybercrimes represent and have since invested significant yet simple strategies that are proving to be extremely effective as new attacks emerge. These new security features are now coming to all businesses and consumers using Windows 10 with the Creators Fall Update.

These advanced security features are focusing on three primary objectives:

  1. Protecting your Windows 10 system by strengthening both software and hardware jointly, improving hardware-based security and mitigating vulnerabilities to significantly raise the cost of an attack on Windows 10 systems. Meaning hackers will need to spend a lot of time and money to keep up with these security features.
  2. Recognizing that history has revealed vastly capable and well-funded attackers can find unexpected routes to their objectives. These latest security updates detect and help prevent against these threats with new advances in protection services like Windows Defender Antivirus and Windows Defender Advanced Threat Protection.
  3. Enabling customers and security experts to respond to threats that may have impacted them with newly updated tools like Windows Defender ATP. This will provide security operations personnel the tools to act swiftly with completeness of information to remediate an attack that may have impacted them.

Microsoft states this is a proven strategy that has remained 100% successful on Windows 10 S, the new secure version of Microsoft’s flagship operating system. Albeit, this version of the operating system does not allow any software from outside the Microsoft App Store to be installed.

Further, Microsoft states that even prior to the fall security updates rolling out, no Windows 10 customers were known to be compromised by the recent WannaCry global cyberattack. Despite this, Microsoft knows that there will always be unforeseeable exploits within their systems.

This is why the Windows 10 Creator’s Fall Update benefits from new security investments to stop malicious code via features like Kernel Control Flow Guard (kCFG) and Arbitrary Code Guard (ACG) for Microsoft Edge. These kinds of investments allow Windows 10 to mitigate potential attacks by targeting the techniques hackers use, instead of reacting to specific threats after they emerge.

Most importantly, Windows Defender security updates coming in this Fall will begin to leverage the power of the cloud and artificial intelligence built on top of the Microsoft Intelligent Security Graph (ISG) to promptly identify new threats, including ransomware, as they are first seen anywhere around the globe.

Though no exact date is set in stone, all of the amazing security updates detailed above will be available this Fall 2017 for free. For more information about the Creator’s Fall update beyond the security features, visit https://www.microsoft.com/en-us/windows/upcoming-features.

Severe Security Vulnerabilities Patched By Microsoft

Early last month, Microsoft released 13 security patches as part of Patch Tuesday.

While such security measures are usual, this one was particularly important because six of those patches were categorized as critical and require user attention to be put into place.

These six patches addressed programming flaws that had the potential to give cyber-attackers the means to gain full user rights in a wide array of Microsoft’s software programs. The remaining seven patches address the elevation of privileges, denial of service, and ways to bypass security features.

The programs that were at risk from these flaws included all supported versions of Microsoft Windows, the new Edge browser, Internet Explorer, Microsoft Office (including Services and Web Apps), Microsoft Server Software, Adobe Flash Player, and Microsoft .NET Framework.

According to Microsoft, these flaws were detected before any actual security breaches stemming from these issues actually occurred.

If they had not been discovered, cybercriminals may have been able to gain user rights to Microsoft programs via specially crafted websites from remote locations.

Microsoft strongly urges Windows Vista and later operating system users to ensure the latest updates have been installed, especially if they do not have their systems set for Automatic Updates.

Older Internet Explorer No Longer Supported

Microsoft recently made the announcement that it will no longer offer support for Internet Explorer versions prior to Explorer 11.

It is also only through Explorer 11 that users can receive updates for the following operating systems: Windows 7, Windows 8.1, and Windows 10. While this does not prevent users from continuing to turn to Internet Explorer for their browsing needs, it does serve as a call to action for optimum usability and security while surfing the web.

Without up-to-date security patches, devices are at risk of malware and other forms of malicious attacks.

In addition to such security risks, users who continue to use unsupported versions of Explorer may lose Independent Software Vendor (ISV) support or encounter compliance issues.

The company also outlined how Explorer users can update to the latest version, at no extra charge. People who use Internet Explorer (IE) can be roughly divided into three categories: Enterprise users, small to medium businesses, and home PC users. Each groups has a slightly different means to upgrade to Explorer 11; however, their experience should be hassle free.

Albeit, some small-to-medium business owners have expressed concerns about their line-of-business (LOB) application having a dependency on a particular Explorer version. Microsoft has addressed this concern by integrating an Enterprise Mode into Explorer 11 that allows backward compatibility with web applications specifically designed for previous versions of Explorer.

Smaller businesses, whose software does not depend on previous IE versions, can upgrade through Automatic Updates or contact a Certified Microsoft Partner like Tech Experts for assistance.

Home PC users could see an automatic upgrade to Explorer 11 via Automatic Updates.

Still, if the home PC upgrades are set to ‘off’, updates to Explorer 11 will have to be done manually through the Control Panel and the Check for Updates button under the Windows Update tab.

Beware The Fake Microsoft Cold Calls

Scott Blake is a Senior Network Engineer with Tech Experts.

The phone rings and you don’t recognize the number or name on the caller ID. You pick up anyway and the caller tells you that they work for Windows Support or Windows Service Center and they are a Microsoft Certified Technician.

They go on to say they have received log files or have determined that your computer is infected and causing corruption throughout your Windows operating system.

They ask if you’re at your computer now and, if not, to go there. Once there, they walk you through how to open your Event Viewer and show you the Administrative Events under the Custom Views folder.

They are quick to point out all of the red circles labeled “Error” are all Malware infections. They then ask you to look at the number of events listed and they go on to advise this is the total number of infections currently on your computer.

The caller then says they can clean your system of all infections, but they will need to have remote access to the computer.

At this point in the call, most people have been thoroughly convinced by the voice on the other end of the phone that their system is indeed infected and needs to be cleaned. After all, the caller knew where to look for the so-called infections and they do sound like they truly want to help.

The Microsoft “employee” will even tell you that if you don’t let them remove the infections, the “hackers” that placed the malware on your system will have complete access to all of your information.

They warn that your identity is in jeopardy of being stolen. You must give them remote access to your computer. They are your only hope and you must trust them. After all, they say they work for Microsoft.

The fact of the matter is that the caller does not work for Microsoft in any capacity. They don’t work for any of their third party vendors nor any security firm that has been retained by Microsoft.

They are in fact the “hackers” attempting to convince you to give them access to your computer to infect your system and steal your data.

If you allow them remote access, they will start to install malicious programs on your computer. They’ll copy all of your information and, in some cases, encrypt your data.

They will tell you that that the infection is too severe for a “standardized” cleaning and you will need to pay money to have them install removal programs to clean the system.

In mid-2013, NBC News Technology reporter Frank Catalano, reported on receiving one such phone call himself.

After his ordeal with the fake Microsoft, Mr. Catalano contacted the real Microsoft. He received the following reply:

“In 2010, Microsoft began receiving reports of scammers making phone calls or sending emails to people,” replied a spokesperson for Microsoft’s Digital Crimes Unit. They advised that they had referred the cases to the Federal Trade Commission.

One very important thing to remember is that Microsoft (or any of its partners) will never cold call you. They will never ask for remote assistance. They will never ask for usernames and passwords.

If you have fallen victim to such a scam, disconnect your network cable and take your computer to a trusted service center or repair facility and explain in detail what happened as soon as possible.

For questions or advice on what to do about cold call scammers, contact Tech Experts at (734) 457-5000, or by email at info@mytechexperts.com.

Coming Of “Edge:” Microsoft’s New Browser

Up until now, Internet Explorer’s successor has been secretly referred to as Project Spartan during Microsoft’s development stage. At the Microsoft Build 2015 Developer Conference, the project name was finally announced as the company’s newest browser: Edge.

The name was already familiar to those in the know because Project Spartan’s page-rendering engine was known as Edge, but now the name has been elevated to describe the product as a whole.

For those who have had difficulties with Internet Explorer, this new browser is long overdue, but Edge should turn their frowns into smiles because it is much faster and more compatible with modern web standards.

Edge joins its competitors, like Firefox and Chrome, in the use of extensions and actually uses the same JavaScript and HTML standard code.

This means that Microsoft’s new browser can easily adopt its competitor’s extensions. In fact, Joe Belfiore, Microsoft’s VP of Operating Systems Group at Microsoft, demoed a couple of extensions at the conference. However, you won’t see the extensions feature in Windows 10 until later this year.

Cortana, Windows 10’s Siri-like virtual voice assistant, makes an appearance in Edge as well. When needed, Cortana shows up in a blue circle in the browser’s toolbar to relay pertinent information related to the landing page, such as directions to a local business or contact information.

Edge users can also summon Cortana for assistance and extra info by right-clicking on text selections to find out more.

Another Edge feature is the new-tab page, a remnant from Internet Explorer with a few tweaks. When Edge users open a new tab, the page displays thumbnail icons for the most frequently visited sites. It also allows users to reopen closed tabs and makes many suggestions for apps and videos and facilitates access to weather or latest sports scores.

Edge also provides the option to view pages in a reading mode free of distractions such as images and advertisements. Users can even make annotations, such as highlights and notes, on webpages for sharing or storing as an image. Microsoft’s new browser also comes with coding support and will function the same across all platforms. Until Edge is formally released, users can test it on non-critical PCs by downloading Windows 10 and joining the Windows Insider Program.

Major Microsoft Windows Vulnerability Discovered

Microsoft recently released details about the newest vulnerability (MS15-034) in the Windows HTTP stack’s armor. With other recent problems in Microsoft patches, the problem may have been downplayed a bit to save face. This vulnerability, however, is more serious than it initially seemed.

The MS15-034 vulnerability is widespread. Although Windows servers are most at risk, this problem affects most products that run Windows. The chink in question lies in the HTTP.sys component, which is a kernel-mode device driver that processes HTTP requests quickly.

This component has been an integral part of Windows since 2003 and is present in all versions up to Windows 8.1. This means that any device running Windows without up-to-date patches is at risk.

It isn’t difficult to exploit this vulnerability. The only thing Microsoft is divulging about how MS15-034 can be used to compromise devices is that it requires “a specially crafted HTTP request.” It seems that this information is deliberately vague.

All one has to do is send an HTTP request with a modified range header, and access to data is granted, although sometimes limited. A similar attack was documented in 2011 on the Apache HTTPD Web server that was later patched.

There is good news though. As in other areas of life, prevention is far more effective than trying to deal with a problem’s aftermath. It isn’t difficult to protect your devices from the MS15-034 vulnerability.

The first step is to ensure that your server has the latest updates that include the patch to fix the problem.

If your server hosts a publicly accessible application, you can verify your server’s vulnerability by going to https://lab.xpaw.me/MS15-034, enter your server’s URL, and press the Check button for an instant report on your site.

If you then see the report that the website has been patched, you’re safe; otherwise, that particular system will need to be patched.