// archives

Windows 8

This category contains 3 posts

On Lenovo’s “Superfish” and how to remove it

I am quite a fan of Lenovo devices mostly still from the time where they were IBM ThinkPads. However, when the discussion started on the “Superfish” adware they put onto some Lenovo devices I took a mental step back and asked myself how a company that develops and sells plenty of business devices could make such a bad decision.

There are some good descriptions on what “Superfish” does so I will not repeat that in detail. In the end it seems that the adware hijacks encrypted web sessions and it seems that it may make users vulnerable to https man -in-the-middle attacks that are simple for attackers to exploit. If you are interested in knowing more I recommend that you read the Arstechnica article on that topic.

Lenovo was slow to pick-up on this topic although by now they reacted and the Lenovo CTO said in an interview with the Wall Street Journal that  “we didn’t do enough” due diligence before installing Superfish, but that the company doesn’t believe laptop owners were harmed by the app”. You can read here the full article on the WSJ blog.

Another interesting question on why Lenovo pre-loads any software and here is his response: Hortensius: In general, we get pretty good feedback from users on what software we pre-install on computers. What we’re going to do in the next few weeks is dig deeper, and work with users, industry experts and others to see how we can improve what we do around software that comes installed on consumers’ computers. The outcome could be a clearer description of what software is on a user’s machine, and why it’s there.” It seems that I am clearly not their targeted audience if they say such things. When I get a new computer the first thing I do is to newly install Windows from scratch and with that get rid of any bloatware and adware that might be on there. Then install the necessary drivers (not many any more – Windows 8.1 or 10 is in the majority of cases (if not all) taking care of that) and apply all updates and the computer is running faster, more stable and the disk has quite some more space in most cases than before.

So what to do now if you have a Lenovo computer and are not sure if Superfish runs on there or you know and want to remove it? One way to address this is to run Microsoft’s security software which will detect and remove the Superfish software from the Lenovo device. If you have Windowws 8 or 8.1 on your computer Windows Defender is installed by default so you only need to let it update itself. If you have an older version of Windows you might already have the Security Essentials installed where the same applies to. And if you are not sure check out the website on our free security software that you can download and that will take care of Superfish.

Windows 8.1 Security Functions – Enabling new Workstyles

 

I am now working with Windows 8.1 for a while and I really like it. It enables me to have one device for two work modes. I use the modern Interface when I am more reading/consuming information and then change to the traditonal desktop when I am writing documents, presentations etc.

As a security professional I also like Windows 8.1 because it enables new scenarios in the enterprise. For accessing the most sensitive information I want to be able to know the device that is accessing it and to know the health of the device before letting it so. And with Windows 8 I can now do exactly that for a touch device.

Dustin Ingalls, our Group Program Manager for Windows Security & Identity was attending Black Hat and gave a presentation on the Windows 8.1 security functions and published a blog post about it. I summarize the most important points below and encourage you to read his full blogpost with the details:

The Windows 8.1 update offers a full spectrum of new and improved security capabilities – from features that enable devices to be fully locked down by IT, to remote security options for BYOD devices, to safeguards for personal devices that need to access business resources from home. The main Points are the follow:

#1 Trustworthy Hardware
Trusted hardware is a key investment area for Microsoft in Windows 8.1. Often in a BYOD scenario, if an employee buys a new computer, it can be hit-or-miss as to whether the device will have all the tools baked in that an IT department needs to make sure any data on that device is secure. With Windows 8.1 we take away the guesswork.

#2 Modern Access Control
With Windows 8.1, we’ve focused a lot of attention on the controls that IT departments can place on devices to restrict who can physically access a device. Key Points are here first class biometrics and multi-factor authentication for BYOD.

#3 Protecting Sensitive Data
We’ve also put a lot of thought into how businesses can protect their data even when it resides on employees’ personal devices.
Pervasive Device Encryption: With Windows 8.1, device encryption is now available on all editions of Windows for devices that support InstantGo. In addition we implemented Selective Wipe of Corporate Data: With Windows 8.1, we introduce Remote Data Removal which will allow an IT department to wipe corporate data (e.g. emails, attachments, corporate data that came from Work Folders) off a BYOD device without affecting personal data.

#4 Malware Resistance
As security threats continue to evolve, we continue to step up our built-in malware resistance measures to stay ahead of attackers by improving Windows Defender and enhancements to Internet Explorer.

The points above are only a selection of things and more is in the original post.

Windows 8 – why it matters for business

I have heard a couple of times from enterprises that Windows 8 looks great but that it is a consumer product and that adoption in the enterprise does not seem to bring an obvious advantage as most users work on a laptop and desktop and don’t need a metro surface. While I understand this initial reaction I see a large benefit for business to use Windows 8.

The way people work has changed and more work is done mobile. Until now the challenge was to still have the reliability, productivity and security a business needs. This is one of the strong advantages of Windows 8. It integrates seamlessly into the IT infrastructure and provides enterprise class security. And this even in multiple ways. Windows 8 provides an innovative and fun way to work on a slate or tablet in addition to more traditional laptops and desktop PCs. In addition there is the possibility to have Windows 8 on a USB stick with Windows To Go – a fully managed corporate Windows 8 desktop. Travelling light has never been that easy.

Picking some elements to talk about is not easy as the new functionalities are significant but looking at today’s cybersecurity threats I very much like the improvements that were made with the secure foundation. Trusted Boot is a key element. It validates the integrity of the entire boot process – from hardware, boot loader, kernel, boot-related system files to drivers. With antimalware loaded before all non-critical Windows components we achieve a better protection from rootkits. This in combination with Measured Boot Process, BitLocker Drive Encryption, AppLocker, and claim-based access control delivers end-to-end security like never before.

This is only a short overview on some of the Windows 8 features for business. A deeper and broader description was posted today in the Windows Team Blog here. It is worthwhile reading it.

Also check out the short video for an overview of  some central aspects of Windows 8:

 

 

About the Author

Reto is partner at PwC Switzerland. He is leading the Cybersecurity practice and is member of PwC Digital Services leadership Team. He has over 15 years work experience in an information security and risk focused IT environment. Prior to working at PwC he was Microsoft's Chief Security Officer for Western Europe and also has work experience as group CIO, Chief Risk Officer, Technical Director and Program Manager.

more about me and contact info

replica Rolex