Microsoft - Windows client Lifecycle

Today I would like to mention this Microsoft article that point to Microsoft Clients O.S. Lifecycles:

https://support.microsoft.com/en-us/help/13853/windows-lifecycle-fact-sheet

Windows 10

Windows 10 version historyDate of availabilityEnd of service 
Windows 10, version 1709October 17, 2017April 9, 2019** 
Windows 10, version 1703April 5, 2017October 9, 2018**  
Windows 10, version 1607August 2, 2016April 10, 2018** 
Windows 10, version 1511November 10, 2015October 10, 2017** 
Windows 10, released July 2015 (version 1507)July 29, 2015May 9, 2017 
* Home edition does not support the deferral of feature updates and will therefore typically receive a new version of Windows 10 prior to the end-of-service date shown.
** Enterprise and Education editions for versions 1511, 1607, 1703 and 1709 will receive an additional 6 months of servicing after the end of service date.
Note: Not all features in an update will work on all devices. A device may not be able to receive updates if the device hardware is incompatible, lacks current drivers, or is otherwise outside the original equipment manufacturer’s (OEM) support period. 
Enterprise LTSB editions 

Windows 10 version historyDate of availabilityMainstream support end dateExtended support end date
Windows 10 Enterprise 2016 LTSB
Windows 10 IoT Enterprise 2016 LTSB
August 2, 2016October 12, 2021October 13, 2026
Windows 10 Enterprise 2015 LTSB
Windows 10 IoT Enterprise 2015 LTSB
July 29, 2015October 13, 2020October 14, 2025
Note: Not all features in an update will work on all devices. A device may not be able to receive updates if the device hardware is incompatible, lacks current drivers, or is otherwise outside the original equipment manufacturer’s (OEM) support period. 
Windows 8.1 and 7

Client operating systemsEnd of mainstream supportEnd of extended support
Windows 7, service pack 1*January 13, 2015January 14, 2020 
Windows 8.1January 9, 2018January 10, 2023
* Support for Windows 7 RTM without service packs ended on April 9, 2013. Be sure to install Windows 7 Service Pack 1 to continue to receive support and updates.

Extra IT - Lorenzo International Real Estate

Today I would like to mention several websites related to a California Broker, CIPS realtor, specializing in Italian Real Estate.


Linkedin profile: www.linkedin.com/in/pierolorenzo
Company Web Sites: www.pierolorenzorealtor.com &  www.pierolorenzo.kw.com
&  www.lorenzorealestate.us
Facebookwww.facebook.com/lorenzorealestate.us

Few years ago we had opportunity to rent an apartment thanks to his intermediation, with satisfaction, in Florence.

Consider that after 13 years as a Real Estate Broker with his own agency, Prince Immobiliare (Florence) he moved, with his wife, to hometown of Santa Cruz, California, in February of 2015.

His mission is to give professionalism support to sellers and buyers thanks his real estate intermediation

It is important to remark that he have italian Real Estate License and a Californian Real Estate Broker License too.

Afterward, if you are going to sell your home, consider that he has a global real estate, he is  GPS (Global Propery Specialist) member and a CIPS (Certified International Property Specialist) designee helped by an huge network of colleagues all over the world to help find buyers.

Finally you should consider that his personal real estate history was mentioned on this important Italian newspaper. This article was discussing about fact that several Italian talent s guys left their country to find more job opportunities and to have their talents recognized and rewarded as well.

https://www.ilfattoquotidiano.it/2016/11/24/riparto-da-zero-in-california-come-agente-immobiliare-e-rischioso-ma-in-italia-non-ce-entusiasmo/3212443/#disqus_thread

You could review presentation video at following web link

http://videos.weebly.com/uploads/7/8/4/8/78480480/lorenzo_international_real_estate_955.mp4




Automation - Domotics for home purpose with Arduino & Android devices & Souliss (open-source SmartHome framework)

In precedent blog posts we mentioned possibility to apply domotic in any home using Arduino & Blink server.

With this new blog articles we would like to mention Souliss product that it is an open-source SmartHome framework to empower your Arduino and Android devices.

This solution does not require any Server (as mentioned in this old blog article) but only an Android device with SoulisApp installed that interface directely with Arduino microcontroller connected through LAN ( Lan card or Wifi)

Arduino it is a C++ programmable micro-controller that could be used in conjunction with Souliss product.

Souliss is an IOS/android application that dialog with Arduino for remote command purpose.


Latter step would be to intregrate it with openHab  to have historical trends and for more complexes automation requirements.

Following images will help you on better focalize about advantages and infrastructure:

souliss

souliss

I am mentioning old blog article that refer to friend's company

It is in italian language but it could be useful to have an overview about opportunities given from domotics/home automation:
APPENDIX:

Domotics/Home automation is growing day by day as a new market technology field applied to constructions/home apartments.

"It involves the control and automation of lighting, heating (such as smart thermostats), ventilation, air conditioning (HVAC), and security, as well as home appliances such as washer/dryers, ovens or refrigerators/freezers. Wi-Fi is often used for remote monitoring and control. Home devices, when remotely monitored and controlled via the Internet, are an important constituent of the Internet of Things. Modern systems generally consist of switches and sensors connected to a central hub sometimes called a "gateway" from which the system is controlled with a user interface that is interacted either with a wall-mounted terminal, mobile phone software, tablet computer or a web interface, often but not always via Internet cloud services.

While there are many competing vendors, there are very few worldwide accepted industry standards and the smart home space is heavily fragmented.Manufacturers often prevent independent implementations by withholding documentation and by litigation.

The home automation market was worth US$5.77 billion in 2013, predicted to reach a market value of US$12.81 billion by the year 2020." Read more here

Graphics - DesignEvo online logo maker

Today I would like to mention DesignEvo, an easy-to-use online logo maker useful to create professional logos

This software has:
  1. 3000+ fully customizable logo templates.

  2. Over one million icons available.

  3. Various editing tools.


If you like you could take a tour viewing this youtube Video.


Recovery - Stellar Phoenix Windows data recovery – Home 7.0

Today I would like to mention this tool "Stellar Phoenix Windows data recovery – Home 7.0"

This is a recovery software that permit to:

  1. Find lost or deleted documents from Inaccessible Hard Drives.
  2. Perform Office Documents, Presentation & Archive Files recover.
  3. Recovers Lost Data from Corrupt, Formatted & Virus Infected Drives.
  4. Quick & Deep Scan.
  5. Mobile Phone Recovery.
  6. Recover lost partitions.
Software requirements:

Windows 10, 8.1, 8, 7, Vista & XP, 1 Gb. free ram, 50 MB. Free disk space

Official download and purchase link:


If you are interested you could review more blog recovery articles here:







Security - Cloud Hacker considerations

I would like to focalize on Trojan aspect applied to Cloud services and relative user accounts.

Trojan could be easily installed on any pc/devices (For example visiting an unknown hackered website)

The concept it is simple: If you have a Trojan that intercept your Cloud user credential you are going to be in a very critical situation. (risk would increase if double authentication would not active on your cloud account)

Credentials could be used to stole your critical data/access to your company servers and be sold from criminals.

A very useful mitigation actions could be start using  next generation antivirus providers that utilizes machine learning indeed than standard AV (this method use  signatures as the primary detection mechanism)

Full interview and details could be found reading this article:

https://www.techrepublic.com/article/how-trojans-steal-credentials-and-attack-cloud-services/



If you are interested you could review these old blog articles/sections:

Cloud

http://www.alessandromazzanti.com/search/label/Cloud

Microsoft Azure

http://www.alessandromazzanti.com/search/label/Windows%20Azure



[update 2018.06.17]

I would like to indicate this Micorosft security video/lessons:



https://mva.microsoft.com/en-US/training-courses/hybrid-cloud-workload-protection-with-azure-security-center-18173?l=Ld0LK42jE_006218965

Tools - OCR On line converter

Today I would like to mention an interesting website that permit you to extract text from PDF and images (JPG, BMP, TIFF, GIF) and convert into editable  Word, Excel and Text output formats.

More verbosely:

Source Formats:


  • PDF (All types of PDF files including multi-page PDFs)
  • TIF/TIFF (Multipage TIFFs supported)
  • JPEG/JPG
  • BMP
  • PCX
  • PNG
  • GIF
  • ZIP files containing the above types of files can also be uploaded.

Image quality is one of the most important factors that improve quality of recognition. A resolution of 200-400 DPI for input images is best for recognition.

Maximum input file size : 200 MB

Destination Formats:

  • Adobe PDF document
  • Microsoft Word document
  • Microsoft Excel document
  • RTF document
  • Text Plain
https://www.onlineocr.net/

Security - CPU Spectre and Meltdown Bug



During previously months it was revealed CPU bugs that are affecting near all produced CPU.

Security it is one of the most warm argument that is growing, correctly, day by day importance (First of all due to global internet devices interconnection).

At actual stage several vendors and O.S. providers released O.S. patches.
Some of these fixes was deployed to mitigate risks.

Consider that one of these bug (Spectre ) need devices firmware upgrade.
In other cases antivirus software upgrade it is necessary before patch/firmware installation.

So I am going to create a blog article with info collected reading several technical documents/articles (indicated at end of article for easily reading)

My idea it is to release minor revisions article updates, during next months, adding fresher information.

  1. Intel CPU produced during these last 10 years are affected from security critical issues.
  2. On these CPUs Intel left an open channel between kernel protected memory and normal user processes.
  3. This design error could permit, to access this memory area, to programs executed at user level permissions, (Java scripts browser app too), permitting sensible data read/stolen (including login and passwords).
  4. It seems that Intel was already aware about this problem but did not notify this information to major O.S. players to strictly work to fix it.
  5. ServerWorkstationPCTabletSmartphone and Smart Devices are impacted. 
    1. Affected chips include those manufactured by IntelAMD, and ARM, which means all devices running Windows operating systems are potentially vulnerable (e.g., desktops, laptops, cloud servers, and smartphones).
    2. Devices running other operating systems such as AndroidChromeiOS, and MacOS are also affected.
  6. CLOUD is impacted too. 
    1. Meltdown could be particularly dangerous on unpatched cloud platforms, due to the possibility of malicious code inside a virtual machine being able to read data from the memory of the underlying host computer, with the threat that one cloud customer could steal data from another.
    2. CPU performances decrease would be between 5% up to 30%. (these performances problems would be a big issue for cloud providers like Azure, Amazon....)
  7. REMARK: 
    1. Hotfix need to have kernel code partially rewritten:
      1. Furthermore kernel and end user memory process separation (Kernel Page Table Isolation (KPTI)) would deeply impact on performances too.
    2. Some old CPUs could not be upgradable.
    3. Patches released are working so deep at kernel level that some AV are not compatible (a.e. Microsoft if informing customers that before begin patching process, you should verify that your antivirus (AV) software is up to date and compatible (check your antivirus software manufacturer's website for their latest compatibility information).

MICROSOFT :
Starting in January 2018, Microsoft released updates for Windows operating systems, Internet Explorer and Edge browsers to help mitigate these vulnerabilities and help to protect customers. They also released updates to secure their cloud services.
Here they are  Microsoft Articles:
Protect your Windows devices against Spectre and Meltdown
https://support.microsoft.com/en-us/help/4073757/protect-your-windows-devices-against-spectre-meltdown
Update to disable mitigation against Spectre, Variant 2
https://support.microsoft.com/en-us/help/4078130/update-to-disable-mitigation-against-spectre-variant-2

From Microsoft January 2018 Security Updates

Operative SystemUpdate KB
Windows Server, version 1709 (Server Core Installation)4056892
Windows Server 20164056890
Windows Server 2012 R24056898
Windows Server 2012not yet available
Windows Server 2008 R24056897
Windows Server 2008not yet available
Windows 104058702
Windows 8.14056898
Windows 74056897

NOTES

Patches released are working so deep at kernel level that some AV are not compatible (a.e. Microsoft if informing customers that before begin patching process, you should verify that your antivirus (AV) software is up to date and compatible (check your antivirus software manufacturer's website for their latest compatibility information)
LINUX has released patches.

APPLE Has indicated that all iPhones, iPads and modern Mac devices are affected by Meltdown. Bullettin link.

ANDROID/GOOGLE bullettin link.
TECHNICAL PART:
  1. This bug has two variant types:
    1. Meltdown (32/64 bit - It permit to read private kernel memory):
    2. It impact all Intel CPUs produced from 1995 to 2013 -Haswell Xeon series included.
    3. CPU ARM Cortex A15, A57 A72 e A75 impacted
    4. REMARK:Patches was released to fix Meltdown and Spectre 1 variant bugs for o.s. and virtual machine vendors.
    5. You can learn more about these vulnerabilities at Google Project Zero
  2. Spectre (32/64 bit - It permit to user-mode applications to estract processess information) 
    1.  It impact all Intel CPUs produced till now.
    2.  It impact some ARM CPUs Cortex A15, A17, A57 A72, A73, A75, R7, R8, A7, A8.
    3.  It impact some AMD CPUs Ryzel, FX ed Pro.
    4. REMARK: Fixes about bug Spectre variant 2 require computer firmware update.These updates are being issued by chip manufacturers and designers such as Intel and Arm. Sometimes  it may require also operating system kernel update.
    5. REMARK 2: Because of the difficulty in addressing Spectre, patches generally mitigate risks from attacks, rather than blocking them completely.
    6. You can learn more about these vulnerabilities at Google Project Zero.

  3. Modern processors accelerate the rate at which they execute instructions by loading data into the processor's on-board cache memory ahead of when it's needed. Data can be retrieved from this on-board cache far more rapidly than from the computer's main memory.

  4. If a processor is executing a set of instructions that branches depending on the input, then processors will try to guess which branch of instructions is most likely to be executed and load the necessary data into the processor's cache. These processes, called Branch Prediction and Speculative Execution, are what can be exploited by Spectre attacks.
  5. Meltdown works slightly differently, taking advantage of a privilege escalation flaw that allows any user able to execute code on the system to access protected memory. 

[original articles]

https://www.achab.it//achab.cfm/it/blog/achablog/meltdown-e-spectre-cosa-deve-sapere-e-fare-un-msp


http://www.lastampa.it/2018/01/09/tecnologia/news/lultima-patch-di-sicurezza-windows-non-fa-pi-avviare-i-computer-amd-microsoft-sospende-gli-aggiornamenti-44j9a7tUG3GsQ1m1T6vxjO/pagina.html


https://www.techrepublic.com/article/spectre-and-meltdown-cheat-sheet/


https://meltdownattack.com/#faq-advisoryhttps://meltdownattack.com/#faq-advisory


https://support.microsoft.com/en-us/help/4073757/protect-your-windows-devices-against-spectre-meltdown


Protect your Windows devices against Spectre and Meltdown

https://support.microsoft.com/en-us/help/4073757/protect-your-windows-devices-against-spectre-meltdown
    Update to disable mitigation against Spectre, Variant 2
    https://support.microsoft.com/en-us/help/4078130/update-to-disable-mitigation-against-spectre-variant-2


    You can learn more about these vulnerabilities at Google Project Zero.


    [update 2018.02.17]

    Oracle is impacted too, I forgot to mention previously

    Oracle Linux (ELSA Security Advisory):

    [update 2018.02.19 ]

    Understanding the performance impact of Spectre and Meltdown mitigations on Windows Systems

    https://cloudblogs.microsoft.com/microsoftsecure/2018/01/09/understanding-the-performance-impact-of-spectre-and-meltdown-mitigations-on-windows-systems/

    [update 2018.03.04]

    Microsoft has published guidance for IT Pros that outlines the steps Microsoft has taken as well as steps you can take to take advantage of all available protections.

    One action that you can take immediately is to ensure that your computers are able to reach the following endpoint:

    http://adl.windows.com



    This may involve adding this URL to your company’s whitelist which may require approval from your security group.  This endpoint is used to communicate updates to Microsoft’s compatibility information with client computers.  By ensuring your computers can reach this endpoint, you can help them get the most up-to-date information Microsoft has available about supported antivirus solutions and versions, security update statuses, etc.

    more details here

    Automation - Domotics for home purpose with Arduino & Blynk server

    Domotics/Home automation is growing day by day as a new market technology field applied to constructions/home apartments.

    "It involves the control and automation of lighting, heating (such as smart thermostats), ventilation, air conditioning (HVAC), and security, as well as home appliances such as washer/dryers, ovens or refrigerators/freezers. Wi-Fi is often used for remote monitoring and control. Home devices, when remotely monitored and controlled via the Internet, are an important constituent of the Internet of Things. Modern systems generally consist of switches and sensors connected to a central hub sometimes called a "gateway" from which the system is controlled with a user interface that is interacted either with a wall-mounted terminal, mobile phone software, tablet computer or a web interface, often but not always via Internet cloud services.

    While there are many competing vendors, there are very few worldwide accepted industry standards and the smart home space is heavily fragmented.Manufacturers often prevent independent implementations by withholding documentation and by litigation.

    The home automation market was worth US$5.77 billion in 2013, predicted to reach a market value of US$12.81 billion by the year 2020." Read more here


    Today I would like to mention, for home domotics application, Arduino solution that it is a C++ programmable micro-controller in conjunction with Blynk that it is an IOS/android application for remote command purpose that interface with Arduino.

    More precisely Blynk is a platform with iOS and Android apps to control Arduino, ESP8266, Raspberry Pi and the likes over the Internet.
    You can easily build graphic interfaces for all your projects by simply dragging and dropping widgets. 

    Documentation could be found here

    Here it is a graphic that better explain if and how it work:



    Usually Blynk utilize propritary cloud server but often, this solution could create some connection/delays issue.

    Installation could be done locally, to avoid internet connection problems, and to improve speed.

    Blynk Server is an Open-Source Netty based Java server, responsible for forwarding messages between Blynk mobile application and various microcontroller boards and SBCs (i.e. Arduino, Raspberry Pi. etc).


    • Java 8/9 required (OpenJDK, Oracle)
    • Any OS that can run java
    • At least 30 MB of RAM (could be less with tuning)
    • Open ports 8443 (for app), 8442 (for hardware without ssl), 8441 (for hardware with ssl)


    More detailed information could be found at this link or this one


    I am mentioning old blog article that refer to friend's company

    It is in italian language but it could be useful to have an overview about opportunities given from domotics/home automation: