DrBill.TV #496 – Video – The Elgato Event Plus Your Network Security with Pi-Hole Edition!

The 2021 Elgato Streaming Event, new Amazon FireTV interface, Pi-Hole DNS re-direct for security, the WPAD vulnerability, GSotW: Signal Secure SMS Client, Microsoft Windows 365 Desktop-in-the-Cloud, plus the usual silliness! (Jul 17, 2021)

00:00 Intro
04:22 The 2021 Elgato Streaming Device Showcase Event
07:14 Amazon FireTV new interface
07:44 Microsoft Windows 365 Cloud-PC
09:34 Implementing Pi-Hole and finding several surprises!
25:49 Geek Software of the Week: Signal Secure Encrypted SMS Client
29:38 Sign-off

Links that pertain to this Netcast:

TechPodcasts Network

International Association of Internet Broadcasters

Blubrry Network

Dr. Bill Bailey.NET

BitChute Referral

www.DrBill.TV/VPN

www.DrBill.TV/Linode


Start the Video Netcast in the Blubrry Video Player above by
clicking on the “Play” Button in the center of the screen.

(Click on the buttons below to Stream the Netcast in your “format of choice”)








Streaming MP3 Audio

Streaming Ogg Audio

Download mp4 Download WebM Download MP3 Download Ogg
(Right-Click on any link above, and select “Save As…” to save the Netcast on your PC.)

You may also watch the Dr. Bill.TV Show on these services!

 

Dr. Bill.TV on YouTube Dr. Bill.TV on BitChute Dr. Bill.TV on Rumble Dr. Bill.TV on Vimeo

 


DrBill.TV #496 – Audio – The Elgato Event Plus Your Network Security with Pi-Hole Edition!

The 2021 Elgato Streaming Event, new Amazon FireTV interface, Pi-Hole DNS re-direct for security, the WPAD vulnerability, GSotW: Signal Secure SMS Client, Microsoft Windows 365 Desktop-in-the-Cloud, plus the usual silliness! (Jul 17, 2021)

00:00 Intro
04:22 The 2021 Elgato Streaming Device Showcase Event
07:14 Amazon FireTV new interface
07:44 Microsoft Windows 365 Cloud-PC
09:34 Implementing Pi-Hole and finding several surprises!
25:49 Geek Software of the Week: Signal Secure Encrypted SMS Client
29:38 Sign-off

Links that pertain to this Netcast:

TechPodcasts Network

International Association of Internet Broadcasters

Blubrry Network

Dr. Bill Bailey.NET

BitChute Referral

www.DrBill.TV/VPN

www.DrBill.TV/Linode


Start the Video Netcast in the Blubrry Video Player above by
clicking on the “Play” Button in the center of the screen.

(Click on the buttons below to Stream the Netcast in your “format of choice”)








Streaming MP3 Audio

Streaming Ogg Audio

Download mp4 Download WebM Download MP3 Download Ogg
(Right-Click on any link above, and select “Save As…” to save the Netcast on your PC.)

You may also watch the Dr. Bill.TV Show on these services!

 

Dr. Bill.TV on YouTube Dr. Bill.TV on BitChute Dr. Bill.TV on Rumble Dr. Bill.TV on Vimeo

 


Microsoft Announces Windows 365 – A Cloud PC for Business

Windows 365Some virtualization and Cloud Computing news: Microsoft is starting to offer Windows 10 in the Cloud (actually just a “re-branding” of their “Cloud PC.”) It will allow desktops that business customers can subscribe to, nothing for the regular consumer, of course.

Microsoft unveils Windows 365, a Windows 10 PC in the cloud

Engadget – By: D. Hardawar – “Windows 365, a new service announced today at the Microsoft Inspire conference, is basically an unintentional riff on the Yo Dawg meme: Microsoft put Windows in the cloud so you can run a Windows computer while you’re running your computer. You can just call it a Cloud PC, as Microsoft does. It’s basically an easy-to-use virtual machine that lets you hop into your own Windows 10 (and eventually Windows 11) installation on any device, be it a Mac, iPad, Linux device or Android tablet. Xzibit would be proud.

While Windows 365 doesn’t come completely out of nowhere — rumors about some kind of Microsoft cloud PC effort have been swirling for months — its full scope is still surprising. It builds on Microsoft’s Azure Virtual Desktop service, which lets tech-savvy folks also spin up their own virtual PCs, but it makes the entire process of managing a Windows installation in a far-off server far simpler. You just need to head to Windows365.com when it launches on August 2nd (that domain isn’t yet live), choose a virtual machine configuration, and you’ll be up and running. (Unfortunately, we don’t yet know how much the service is going to cost, but Microsoft says it will reveal final pricing on August 1st.)

Windows 365 likely isn’t going to mean much for most consumers, but it could be life-changing for IT departments and small businesses. Now, instead of managing local Windows installations on pricey notebooks, IT folks can get by with simpler hardware that taps into a scalable cloud. Windows 365 installations will be configurable with up to eight virtual CPUs, 16GB of RAM and 512GB of storage at the time of launch. Microsoft is also exploring ways to bring in dedicated GPU power for more demanding users, Scott Manchester, the director of Program Management for Windows 365, tells us.

Smaller businesses, meanwhile, could set up Windows 365 instances for their handful of employees to use on shared devices. And instead of lugging a work device home, every Windows 365 user can securely hop back into their virtual desktops from their home PCs or tablets via the web or Microsoft’s Remote Desktop app. During a brief demo of Windows 365, running apps and browsing the web didn’t seem that different than a local PC. It’s also fast enough to stream video without any noticeable artifacts, Manchester says. (Microsoft is also using technology that can render streaming video on a local machine, which it eventually passes over to your Cloud PC.) You’ll also be able to roll back your Cloud PC to previous states, which should be helpful if you ever accidentally delete important files.

While the idea for Windows 365 came long before the pandemic, Microsoft workers spent the last year learning first-hand how useful a Cloud PC could be. They used a tool meant for hybrid work — where you can easily switch between working in an office or remotely — while stuck at home during the pandemic.

But why develop Windows 365 when Azure Virtual Desktop already exists? Manchester tells us that Microsoft noticed a whopping 80 percent of AVD customers were relying on third-party vendors to help manage their installations. “Ultimately, they were looking for Microsoft to be a one-stop-shop for them to get all the services they need to,” he said said.

That statistic isn’t very surprising. Virtualizing operating systems has been a useful local tool for developers over the last few decades, but it’s typically been a bit too difficult for mainstream users to manage on their own. And even though a tool like Azure Virtual Desktop brought it to the cloud (Manchester assures us that’s not going anywhere either), it’s even more difficult to manage.

One thing Windows 365 doesn’t mean, at least at this point, is the end of traditional computers. ‘I think we’ll still continue to have great client PC experiences,’ said Melissa Grant, director of Product Marketing for Windows 365, in an interview. ‘You know we have a relationship with our laptops. It is our sort of home and hub for our computing experience. What we want to offer with Windows 365 is the ability to have that same familiar and consistent Windows experience across other devices.'”

Geek Software of the Week: Signal SMS Client!

Signal Secure SMS ClientSpeaking of security and privacy… that applies to your phone as well! This SMS (text messages) client is awesome! Not only can you use it for encrypted, secure texts on your smartphone, you can use the Windows client to send and receive texts while working on your PC! Protect yourself with Signal!

Signal Secure SMS Client

“Speak Freely
Say “hello” to a different messaging experience. An unexpected focus on privacy, combined with all of the features you expect.

Share Without Insecurity
State-of-the-art end-to-end encryption (powered by the open source Signal Protocol) keeps your conversations secure. We can’t read your messages or listen to your calls, and no one else can either. Privacy isn’t an optional mode — it’s just the way that Signal works. Every message, every call, every time.

Say Anything
Share text, voice messages, photos, videos, GIFs and files for free. Signal uses your phone’s data connection so you can avoid SMS and MMS fees.

Speak Freely
Make crystal-clear voice and video calls to people who live across town, or across the ocean, with no long-distance charges.

Make Privacy Stick
Add a new layer of expression to your conversations with encrypted stickers. You can also create and share your own sticker packs.

Get Together with Groups
Group chats make it easy to stay connected to your family, friends, and coworkers.

No ads. No trackers. No kidding.
There are no ads, no affiliate marketers, and no creepy tracking in Signal. So focus on sharing the moments that matter with the people who matter to you.

Free for Everyone
Signal is an independent nonprofit. We’re not tied to any major tech companies, and we can never be acquired by one either. Development is supported by grants and donations from people like you.”

The WPAD Vulnerability I Discovered After Installing Pi-Hole!

So, if you have your own internal LAN network, and if you setup your domain extension to meld with your web-site (which I do), and you install Pi-Hole… you get a surprise! The number one blocked site that first day I set up Pi-Hole was a site that was getting a lot of referrals, and that was “wpad.drbillbailey.net”! Wha….?!?!? There is no “wpad.drbillbailey.net”! So, I found this article:

When domain names attack: the WPAD name collision vulnerability

Naked Security by Sophos – By: Mark Stockley – “A combination of poorly configured networks and new rules on internet domain names are giving cybercriminals a new and easy way to attack entire organizations, according to research out of the University of Michigan.

The vulnerability, described by US-CERT (the United States Computer Emergency Readiness Team) in alert TA16-144A issued 23 May 2016, affects computers that are using WPAD.

WPAD is short for Web Proxy Autodiscovery Protocol, a system that makes it easy for organizations to configure the many web browsers inside their network.

WPAD is supposed to find its browser configuration files on the internal network, but wily attackers may be able to trick WPAD into downloading booby-trapped versions of those configuration files from the public internet instead.

Worse still, if you use a work computer at home, and WPAD is enabled, you may very well end up searching for your browser configuration on the open internet every time, simply because your work network isn’t visible.

And WPAD very often is enabled, as US-CERT points out:

WPAD is enabled by default on all Microsoft Windows operating systems and Internet Explorer browsers. WPAD is supported but not enabled by default on Mac and Linux-based operating systems, as well as, Safari, Chrome, and Firefox browsers.

WPAD explained

Organizations typically allow access to the web through intermediary servers called proxies to improve performance, monitoring and security.

But that creates a “chicken-and-egg” problem: how to tell the browsers inside the network which proxy server to user in order to get web access in the first place?

The easiest way to answer that question is with a configuration file called a PAC (proxy auto-config) file that sets the browser up automatically.

So, before it can find the proxy server, a web browser needs to know: where’s the PAC file?

And that’s where WPAD comes in – a WPAD-enabled browser will automatically look for a PAC file called wpad.dat on the local network.

The browser works out where to look by using the network name of the computer it’s on. A browser on a computer with the network name computer.team.division.company.example would look in the following locations, in order:

wpad.team.division.company.example/wpad.dat
wpad.division.company.example/wpad.dat
wpad.company.example/wpad.dat
The .company.example domain is private to the organization’s network and DNS lookups for *.company.example domains are supposed to be answered by the organization’s own DNS servers.

Unfortunately it doesn’t always work out that way.

If a web browser finds itself on another network, one where the DNS servers don’t know how to respond to queries for .company.example, those queries may be escalated to public DNS servers.

According to US-CERT:

The WPAD vulnerability is significant to corporate assets such as laptops. In some cases these assets are vulnerable even while at work but observations indicate that most assets become vulnerable when used outside an internal network (e.g. home networks, public Wi-Fi networks).

It’s a data leak that happens a lot, according to the University of Michigan:

in two of 13 DNS root servers, roughly 20 million such queries are observed to be leaking to the public DNS namespace every day. This has been a known problem for years but … were not exploitable previously.

This is dangerous because if attackers were able to purchase the domain name .company.example they could put up a website at wpad.company.example and publish their own PAC file that tells browsers to use the attacker’s proxy server.

The attacker would then have a grandstand seat from which to spy on all the web traffic passing to and from that browser, extracting personal data or confidential company information and injecting malware or ads.

WPAD data leakage has been going on for years but some companies have avoided trouble in spite of their poor network configuration because in private they use their own, official top-level domain name, like .example.com, or a made-up top-level domain like .company.test that won’t work on the public internet and isn’t for sale.

The problem is that a recent change in the way that global top-level domains (gTLDs) work is changing that.

How the gTLD project made it worse

Global top-level domains include names that don’t denote any geographical region, such as .com, .org and .net.

In the beginning, the internet had just 7 gTLDs and the number grew very sedately until 2011, by which time there were 22.

But in 2012 ICANN (the Internet Corporation for Assigned Names and Numbers) threw the doors open and started taking applications for the creation of brand new gTLDs and today there are more than 700 of them.

The expanded crop of gTLDs includes everything from .ninja to .city and a number of things that companies might plausibly use internally such as .office, .network, .global and .group.

Domain names that once kept companies immune from WPAD data leakage, because they only worked inside the company, are starting to work outside the company too – and they’re up for sale.

Organizations can no longer assume that the domain names they made up for their private DNS won’t work on the internet, so the problem of WPAD data leakage has become a genuine vulnerability.

The researchers at the University of Michigan have shown that WPAD attacks are possible and practical but not widely exploited:

We find that even though some attack surface domains have already been registered, the overall registration and exploitation status are still in the early stage, indicating that proactive protection strategies are still feasible.

US-CERT recommends that administrators take the following steps to mitigate this vulnerability:

  • Consider disabling automatic proxy discovery/configuration in browsers and operating systems when you set up and device that will not be used on internal networks.
  • Consider using a fully qualified domain name (FQDN) from global DNS as the root for enterprise and other internal namespace.
  • Configure internal DNS servers to respond authoritatively to internal TLD queries.
  • Configure firewalls and proxies to log and block outbound requests for wpad.dat files.
  • Identify expected WPAD network traffic and monitor the public namespace or consider registering domains defensively to avoid future name collisions.
  • File a report with ICANN if your system is suffering demonstrably severe harm as a consequence of name collision by visiting.
  • One more suggestion from us: don’t make up domain names, not even (perhaps especially) for testing or documentation.”

A Clear and Easy Tutorial to Setup Pi-Hole!

This guy does such a great job showing how to setup Pi-Hole, so… I figured why “re-invent the wheel?” Check it out, he not only goes into setup, but how to optimally configure it! It makes for a much happier Internet and network experience from home. I am running it on an old Intel NUC I happened to have laying around, but you could use a virtual machine instance in your home network, or a real Raspberry Pi. I would definitely say, it is worth your time to do so!

The Amazon FireTV Interface gets an Update

FireTV Interface UpdateAmazon Fire TV Update Rolls Out to 2nd Gen Fire TV Stick

Cord Cutters News – By: Jess Barnes -“Amazon announced today that the updated Fire TV experience will begin rolling out to Fire TV Stick 2nd Gen today.

The company first announced the interface update in December, with only the 3rd Gen Fire TV Stick and Fire TV Stick Lite devices receiving the update initially. The all-new Fire TV experience then became available on the Fire TV Stick 4K, Fire TV Cube (1st and 2nd Gen), and Fire TV (3rd Gen Pendant Design) in March.

Changes with the update include an all-new home screen with more personalization. The main menu allows for quick navigation to favorite streaming apps and previews of what’s playing.

An improved search feature allows users to search by genre, free content, and shows and movies already in the user’s content library.

The update also includes the option to make profiles for each member of the family, with up to six profiles available per account. That means everyone can get personalized recommendations and their own watchlist.

Your Fire TV devices should automatically check for the update and install the update when not in use. You can check for the update by going to your device’s settings, selecting My Fire TV, selecting About, and finally Check for Updates.”

DrBill.TV #495 – Video – The Audacity of Big Tech Edition!

Dr. Bill discusses what has happened to the Open Source ‘Audacity’ project recently and the Open Source community’s reaction to that fiasco, and his opinion on how Microsoft may NOT necessarily hate us lowly individual users, but they definitely don’t respect us! Also: Charlotte gets NextGenTV! (Jul 12, 2021)

Links that pertain to this Netcast:

TechPodcasts Network

International Association of Internet Broadcasters

Blubrry Network

Dr. Bill Bailey.NET

BitChute Referral

www.DrBill.TV/VPN

www.DrBill.TV/Linode


Start the Video Netcast in the Blubrry Video Player above by
clicking on the “Play” Button in the center of the screen.

(Click on the buttons below to Stream the Netcast in your “format of choice”)








Streaming MP3 Audio

Streaming Ogg Audio

Download mp4 Download WebM Download MP3 Download Ogg
(Right-Click on any link above, and select “Save As…” to save the Netcast on your PC.)

You may also watch the Dr. Bill.TV Show on these services!

 

Dr. Bill.TV on YouTube Dr. Bill.TV on BitChute Dr. Bill.TV on Rumble Dr. Bill.TV on Vimeo

 


DrBill.TV #495 – Audio – The Audacity of Big Tech Edition!

Dr. Bill discusses what has happened to the Open Source ‘Audacity’ project recently and the Open Source community’s reaction to that fiasco, and his opinion on how Microsoft may NOT necessarily hate us lowly individual users, but they definitely don’t respect us! Also: Charlotte gets NextGenTV! (Jul 12, 2021)

Links that pertain to this Netcast:

TechPodcasts Network

International Association of Internet Broadcasters

Blubrry Network

Dr. Bill Bailey.NET

BitChute Referral

www.DrBill.TV/VPN

www.DrBill.TV/Linode


Start the Video Netcast in the Blubrry Video Player above by
clicking on the “Play” Button in the center of the screen.

(Click on the buttons below to Stream the Netcast in your “format of choice”)








Streaming MP3 Audio

Streaming Ogg Audio

Download mp4 Download WebM Download MP3 Download Ogg
(Right-Click on any link above, and select “Save As…” to save the Netcast on your PC.)

You may also watch the Dr. Bill.TV Show on these services!

 

Dr. Bill.TV on YouTube Dr. Bill.TV on BitChute Dr. Bill.TV on Rumble Dr. Bill.TV on Vimeo

 


1 2 3 382