IT

An Impressive Scam

Posted on February 3, 2016February 3, 2016 by Adam Fowler

A while ago, I received a strange letter in the mail from Malaysia. I wasn’t expecting anything, so curiously opened the envelope.

Inside was a travel brochure. Made sense as it appeared to have Asian tourist destinations, and be of reasonable quality.

Front cover of brochure

Back cover of brochure

It looked legitimate. A company physical address, email address and a website (which worked at the time, now no longer exists).

Looking a bit further into the brochure, it even mentioned Australia, but also some complementary scratch cards:

Inside brochure

The final pages mentions the prizes in the competition, look at all those cool prizes!

Possible Prizes

Also in the envelope, were the two scratches mentioned above. Here’s the back of one of them:

And here’s the front after I’d scratched them:

Ingeniously, I’d apparently had 1 losing ticket, and 1 ticket that had won second prize rather than first.

All in all, it was a pretty legitimate looking scam that I have to award points for effort :)

KB3102429 Re-issued, still breaking things

Posted on January 21, 2016 by Adam Fowler

Things are getting a bit silly in the Microsoft patch world.

KB3102429 was originally released on November 17, 2015. It’s a very unexciting update for most people as it will “Update that supports Azerbaijani Manat and Georgian Lari currency symbols in Windows”. I’d be passing on that – but a lot of people have automatic approvals on any Windows Update relevant to their system. This is partly done because Microsoft used to be great at patching and testing; there was rarely an issue that made it’s way to the world. In the last year or so, that has definitely not rung true.

I’ve written about a few of these recently such as KB3114409 Causes Outlook 2010 to run in Safe Mode and Outlook Patch KB2956128 Breaks Profile Changing (and KB3054881) along with the apparent mismanagement of how these updates are handled from Microsoft. KB3102429 seems to be of a similar story.

When KB3102429 first came out, there were some weird problems that arose. The most common one was with Crystal Reports exporting to PDFs as well as some other programs, and other things broke too if you start digging around on Google with the KB3102429 search.

Stranger still, is that Microsoft have now re-relesaed the same KB on the 19th January 2016 with the generic expalantion of ‘Install this update to resolve issues in Windows.’ – something I’d hope all patches do :)

This now means that WSUS is aware of two patches with the same name – even more confusion!

I have had reports of weird Outlook visualisation problems on random computers, which has taken multiple reboots to clear. This was the only patch that was applied to the PC before the issue occured.

Without knowing what this patch does beyond the original November desription, and appearing to have no security impact – I’d suggest uninstalling. If you have any information to share on this, please do!

Intel Skylake CPU Bug

Posted on January 20, 2016January 20, 2016 by Adam Fowler

Back in Mid December 2015, it was reported on Intel Communities that a group had potentially found a bug on Intel’s 6th generation CPU, codenamed Skylake. It was discovered by running certain Prime95 tests, which is a program that stress tests the CPU. When the bug is triggered, which happens sometime during the test (can be quick, can take a long time) the PC will freeze completely.

This sounds very worrying from the outset, as over the years Intel have been caught with a few different CPU bugs; back in 1994 was the first Pentium CPU’s FPU bug (I had one of these CPUs!) which caused a CPU recall, and for me personally, one racing game I couldn’t play. There was also the 1998 Pentium F00F bug, which was rather widespread.

Since the 90’s though, Major Intel CPU bugs have been very quiet. That was until 2014, when a TSX bug was discovered on Haswell and Broadwell CPUs. As it was a hard-coded bug, Intel just disabled the TSX functionality altogether – which was better than the alternative of leaving the bug in place.

There are hundreds of smaller bugs found in Intel CPUS (and AMD for that matter) but they’re usually minor, fixable or only under rare conditions. I couldn’t find a list of these bugs, just random references scattered over the internet – so if anyone can, please share!

Now, the Skylake Bug (no official name, so I’ll call it that) has been found, but doesn’t seem to be causing too much dramas. There’s no reports of problems in day to day usage, but even better is that Intel has worked out what causes the bug, and is liaising with motherboard manufacturers to push out BIOS updates to fix it. At this stage, I can’t find out if it’s disabling the feature, working around it or actually applying code and fixing it.

The first known motherboard manufacturuer to release a patch (in Beta currently) is MSI who have released the patch for two of their newer motherboards. We should see a lot more BIOS updates coming soon from all manufacturers, but the BIOS is probbaly the least patched component of a PC due to the risk and manual work required (i.e. it won’t happen by Windows Updates unless you have a Microsoft piece of hardware).

The last public comment I could find from Intel on providing more communication on this issue was that ‘by the end of this month’ (i.e. January 2016) a specification update will be communicated, ‘which will include information on this issue’.

As a side note, I thought I’d try to replicate this bug on my Lenovo ThinkPad Yoga 260 but could not reproduce after waiting a few hours. I’d already applied a BIOS update after receiving the hardware, but it’s unlikely that already contained the fix.

Softerra Adaxes Identity and Active Directory Management Review

Posted on January 19, 2016September 12, 2021 by Adam Fowler

I’ve been asked to review many products (both hardware and software) on this blog. Many of the things I write about here are triggered by my experiences, which I think adds to the usefulness of the posts. Usually I decline, because I either don’t have an interest in the product, or don’t have the time to invest reviewing something that I can’t get a personal benefit out of the product in question.

Softerra Adaxes was one of these companies. After giving it a quick once over, my interest had been piqued. After extensive testing, I was actually happy to write a review of what the product does, and how I can see it helping people in businesses… so here is my take on the product. This is a sponsored post, but written by myself with my honest view on the product after extensive testing.

What is Softerra Adaxes?

First and foremost, this is an Active Directory (AD) Identity Management piece of software. It will talk to your AD environment (don’t worry, no schema changes required!) and give you a framework to allow automation. I’d previously looked at System Center Orchestrator (SCOrch) to look at the automation of user accounts such as creation, change, deletion – but it was too complicated for my liking. Most things required you to write your own code (PowerShell, .NET etc) and use what I’d call strange variable calls, instead of plain old nice code. To me, you have to wear a developer hat to use SCOrch for anything beyond very basic workflows.

Adaxes takes a different approach. Instead of writing your own code (which you can do still), much of it is driven in a similar way to how Outlook rules work. You can use the Adaxes Console, or Adaxes webpage to perform tasks such as ‘Create User’ – but you define the rules. For example, think of the ‘City’ field in AD. These are the rules you can set for it:

Those rules then end up as the only choices via a drop-down menu:

Having a default value if > 50% of your users are going to be in a particular city is a time saver. Same applies to being able to list several cities, and have a dropdown list to select them from – removing human error from typos. Forcing the property to being required also means it won’t be missed. To me, this gives immediate benefit in the user creation process, if the time is spent setting it up correctly.

User Creation in Adaxes

Once a user is created with your template, ‘Business Rules’ can kick in. These are more rules based on an event happening – such as a successful user creation. For me, I created business rules based on the City. If they’re in Sydney, then do all these things that applies to a Sydney person. This can be the creation of a home drive, but also can hook into Exchange or Lync to create their account in that environment too.

The Exchange and Lync integration allow you to have a user fully set up without even needing to worry about it. The email alias can be pulled from the username, and normal email address policies apply for creation of SMTP addresses. You can specify which DAG the mailbox will be created on too. For Lync, it’s the same story. If you’re lucky enough to have Enterprise Voice, the user’s phone number can be used as a variable to create a Line URI for the user.

Other third party systems can be manipulated by running a PowerShell script or program easily enough, or if you want to start getting tricky… there’s the Adaxes SDK for API.

When it’s all done, you can even trigger an email to alert staff that a user has been created, which could be used to alert other departments of any manual processes they need to do once a user is ‘born’.

Even better, is the easy built-in security roles. You can give HR access to create a user via the native Adaxes web page. No software required, HR follow the bouncing ball of the webpage and see a prompt for any required field, and requests can be configured to require approval before being actioned too.

https://www.youtube.com/watch?v=GlgVcGF7gjA

What Else Can Adaxes Do?

I’ve focused on User Creation so far, because that was the first benefit I saw from Adaxes – but there’s a bunch more this software solution can do. Softerra themselves list many of the features of the product, but it’s a very open framework where you can make the software do what you need to happen.

Group Management

Due to the granular security model they use, you could consider end user management of groups. Email group management for end users is already possible from Microsoft Exchange, but you can’t do the same with security groups. I can see a big benefit in letting key users manage a selection of security groups which could allow things such as access to network drives and folders, access to software or permissions to an internal resource such as a SharePoint site and so on. If you’re in a Microsoft environment, everything should be security based via AD groups anyway, so this is a much nicer solution than giving those key end users an Active Directory User and Computers console.

Password Expiration Notifcation

There are several built in examples of ‘Scheduled Tasks’ – including some I’ve written my own script for! The ‘Password Expiration Notifier’ does exactly what I wrote here, which is to notify end users via email when they have certain days left before their password expires. My preference is to have all of these tools and triggers in a central location where all the right people can see what’s going on with ease, which is better than having Windows based scheduled tasks scattered around your servers being harder to find and manage.

Although I encourage everyone to know PowerShell, the reality is we all have different skills and priorities. Having middle-ware that manages the smarts, and shows you in an easily readable format reduces company risk in both managing automation as well as staff time in making changes should be at least investigated for it’s potential value. The above example out of the box had only the 7 day notification, so I copied and pasted the rules below it, and set the trigger to also happen at 1 day, matching my script. That was 10 seconds of work.

Clean Up Old Computer Records

Another example of a built in Scheduled Task is the ‘Inactive Computer Deleter’. Simply, it does a daily check for computer objects to see if they’ve been inactive for more than 12 weeks. If true, it changes the ‘When Marked Inactive’ property of the computer to the current date and time. It won’t delete the computer until it has approval, and you can tell it who to get the approval from. Tasks like this should save you time as well as helping to secure your network from rogue devices.

Office 365 User Management

There is also Office 365 support, which can automate tasks such as user creation, or license management. At the time of writing, an Office 365 CAL can’t be auto assigned to an Office 365 user when synced from Active Directory, but Adaxes can automate that step for you.

Conclusion

To me, the above is enough of a business case to at least consider Softerra Adaxes. Some time needs to be invested to make the software do what you want to do – every businesses’ user management processes are different. If you’re currently using just a PowerShell script, you could use that from Adaxes and build the workflow and web interface management around it for starters, then migrate tasks to Adaxes as you find time.

I can’t find many weaknesses in this solution – there’s provision for resiliency by having more than one server, the product seems secure and stable. I would like to see more built in options on what you can do out of the box (to Softerra’s credit, there is a lot of options already and is highly configurable). I noticed that I couldn’t specify some extra parameters in Lync beyond the basics of user creation, such as which policies to apply to a user. This will have to be done by calling a PowerShell script I’d write instead.

There’s also a bit of a learning curve around applying security and using the interface – not that it’s difficult, and the online documentation is extensive, but you’ll need to do a bit of tutorial reading to understand the product and how to configure it to your liking.

I also really like the potential of giving end users control over certain things. Empowering users that make decisions to act on those decisions themselves is a time saver – as is having an incredibly easy workflow approval process that doesn’t need a complicated workflow engine and a team of developers behind the scenes.

Overall, I really liked the product and the direction they have taken it. I personally recommend checking it out, and am actually in the process of implementing it in my current workplace as a result of this review, as a paid product!

Other Adaxes videos are available on YouTube, along with pricing available on their website (there’s also a 30 day trial – install is very simple).

Lenovo ThinkPad Yoga 260 Review

Posted on January 15, 2016September 12, 2021 by Adam Fowler

I managed to get my hands on a new Lenovo ThinkPad Yoga 260, so here’s my thoughts on the current Yoga situation and the Yoga 260:

Lenovo ThinkPad Yoga 260

Yoga History

The consumer series of Lenovo Yogas has been making leaps and bounds – from the Yoga Pro 2 I reviewed, up to the new Yoga 900S – many models have come out, all with their improvements from the previous, and attracting a lot of attention.

However, the Yoga 260 and 460 are the first ThinkPad series of Yoga laptops since the ThinkPad Yoga 14 (along with the 15 and 12 models) which were decent laptops, but didn’t get too much fanfare. It was a little on the hefty side for weight, and a little bit chunky which made other options such as the drool-worthy X1 Carbon more attractive, despite not having a tablet mode.

It was still an improvement however, over the earlier ThinkPad Yoga which was too weighty and thick to be a decent hybrid laptop. When I first saw one of these, it wasn’t really a consideration. At the time, the ThinkPad Helix seemed to make more sense with it’s proper tablet mode and crazy battery life, due to having a second battery in the keyboard base.

That has all changed – CES 2016 had a plethora of laptops launched, including the highly regarded ThinkPad X1 Yoga – but you can’t get those yet.

Before all those were launched, the ThinkPad Yoga 260 started coming out in Q3 2015 (not that I could get one until Q1 2016!) and were the first ThinkPad Yogas along with the larger ThinkPad Yoga 460 to feature Intel’s 6th Gen CPU, codenamed Skylake.

It is worth pointing out, that any Lenovo laptop under the ThinkPad name are incredibly robust, and have standards to Mil-SPEC and beyond Mil-SPEC, which is impressive that they now have such thin devices that still meet these standards.

ThinkPad Yoga 260

So here I am, with a Yoga 260 sitting next to me. First impressions of the device are that it’s not as small as I expected for a 12.5″ device, but it’s still reasonably light. I’ve spent some time playing around with it, so I’ll try to cover the bits and pieces I’ve found interesting about this particular model.

Hardware

I’ve put all the specs at the bottom of this post, as there’s a lot of them! Points of interest are:

Keyboard – it’s a nice keyboard, the standard I’d expect from a ThinkPad. Keys are nicely spaced and easy to type on. The trackpad is very clicky which I like – it’s a proper click when you press into it rather than a light click. It has the two proper left/right buttons for those who prefer it, but the standard gestures and left/right click work on the main trackpad too.

ThinkPad Yoga 260 Keyboard

Screen – I don’t like the lower end 1366 x 768 option, but love the 1920 x 1080. Perfect res without being over the top (I don’t think you need more than this on a 12.5″ screen). It doesn’t have a particularly thin bezel, comparing against a 3 year old X1 Carbon, the Carbon is a lot thinner. I’d be curious to know what reasons the engineers chose to not go thinner. At the same time it’s not too thick, but makes the laptop more of what I’d expect from a 13″ size overall.

ThinkPad Yoga 260 12.5″ Screen

Pen – The Yoga 260 comes with an inbuilt powered pen. It’s a supercapacitor stylus using Warcom technology. I calibrated it once after turning on the laptop to improve the accuracy, and it’s very accurate (video below). It’s compact, but personally I prefer the bigger Microsoft Surface Pen – but, I don’t know if that would actually fit inside the laptop. Lenovo’s pen fits snugly into the base of the laptop and you wouldn’t know it was there unless you looked. They’re different use cases I believe – Lenovo’s pen is better for ad-hoc use, where Microsoft’s pen is more designed as a mouse replacement. I also tested, you can’t use a Microsoft Pen on the Yoga 260 :)

The pen requires charge, but uses a super capacitor rather than a battery. Engadget has a great supercapacitor stylus of the technology. It will go for 2 – 4 hours and then need a charge; 15 seconds of charging will give you 80% of the life back, or full capacity in 5 minutes.

Ports – Apart from the discreen pen slot (which I’m calling a port because it charges the pen), there’s quite a few ports on this device. There’s the micro SD slot which is handy if you have another device that uses one (such as a camera), and a SIM slot so you can have 4G straight from your laptop. The other ports are standard, there’s both HDMI and Mini DisplayPort which is nice for options, and the newer dock connection along with 2x USB3. There’s also a very long slot for a card reader, but as this is an optional addon I don’t think mine has the internal card reader.

ThinkPad Yoga 260 Pen and right hand side ports

ThinkPad Yoga 260 left hand side ports

Yoga Mode – As with all Yogas, this laptop does a full 360 on the screen to put it into tablet mode.

Yoga 260 doing a Yoga pose

When in Yoga mode, the keys will sink in to the chassis and not protrude at all:

… and when it’s taken out of Yoga mode, the keys pop back up again:

The laptop itself is very nice to use – the 6th Gen CPU is great, and it’s a nice size to slip into the bag for travel. If you have any questions please post below!

Update 18th Jan 2016:
This has a OneLink+ dock port, which is an upgrade from the older OneLink. They aren’t directly compatible. You can get an adapter if you have a OneLink+ dock and an older OneLink laptop, but that doesn’t help you if you already have a OneLink dock – you’ll need to get a newer OneLink+ dock!

Tech Specs

As taken from Lenovo’s website, here are all the specs. I’ve underlined the parts where there are options to show what I’m using:

ThinkPad Yoga 260 Tech Specs

DESCRIPTION	THINKPAD YOGA 260 CONVERTIBLE ULTRABOOK
Processor	6th Gen Intel® Core™ i3-6100U Processor (3M Cache, 2.3GHz) 6th Gen Intel Core i5-6200U Processor (3M Cache, 2.3GHz), Turbo Boost 2.0 (2.8GHz) 6th Gen Intel Core i7-6500U Processor (4M Cache, 2.5GHz), Turbo Boost 2.0 (3.1GHz)
Operating System	Windows 10 Home 64-bit Windows 10 Pro 64-bit
Display	12.5″ HD (1366×768), anti-glare, 300 nits, 16:9 aspect ratio, IPS, 10-point Multi-Touch 12.5″ FHD (1920×1080), anti-glare, 300 nits, 16:9 aspect ratio, IPS, 10-point Multi-Touch
Digitiser pen (optional)	ThinkPad Pen Pro, active pen for multi-touch display
Hinge / mode	Yoga hinge, 360 degree / Laptop, tent, stand and tablet
Graphics	Intel HD Graphics 520 in processor only, supports external digital monitor via HDMI, Mini DisplayPort; Supports dual independent display Max resolution: 3840×2160 (Mini DisplayPort)@60Hz 4096×2160 (HDMI)@24Hz
Memory	Up to 16GB, 2133MHz DDR4, one DDR4 SO-DIMM socket (8GB)
Webcam	Integrated, HD720p resolution, fixed focus
Storage1	128GB / 192GB / 512GB SSD, SATA3 256GB SSD, SATA3 Opal 2.0 Capable

Dimensions (W x D x H)	309.9 x 220 x 17.8 mm
Weight	Starting at 1.32kg
Case material	Carbon-Fiber Hybrid
Case colour	Midnight black
Battery	4-cell Li-Polymer battery (44Wh)
Battery Life2	Up to 10 hours3
AC adaptor	45W or 65W AC adapter
Keyboard	6-row, LED backlit, spill-resistant, multimedia Fn keys
UltraNav™	TrackPoint® pointing device and multi-touch with 3+2 buttons click pad

Fingerprint reader	Touch style fingerprint reader on the keyboard bezel
Audio support	HD Audio, Conexant® CX11852 codec, Dolby® Home Theater® v4 / stereo speakers, 2W x 2 / dual array microphone, combo audio / microphone jack
Security chip	Trusted Platform Module, TCG 1.2-compliant and Software TPM 2.0
Light sensor	Ambient Light Sensor
G-sensor	3D accelerometer and 3D magnetometer, 3D compass, 3D gyrometer

Wireless LAN	Intel Dual Band Wireless-AC 8260, 2×2, Wi-Fi + Bluetooth® 4.0, no vPro

SIM card	Yes

Mil-Spec test	MIL-STD-810G military certification
Ports	2 x USB 3.0 (one Always On) Mini DisplayPort™ HDMI OneLink+ connector microSD, supports UHS-I SD card Combo audio/microphone jack Security keyhole Optional Card Reader Note: Build your own with USB 3.0 Ethernet dongle, or purchase with a ThinkPad USB 3.0 Ethernet adapter (4X90E51405). Otherwise, use Ethernet (RJ45) port via optional OneLink Dock / Universal Port Replicators.

Share this:

Share this:

Share this:

Share this:

ThinkPad Yoga 260 Tech Specs

Share this: