Google released ChromeOS Flex, a free cloud-based secure operating system for older PCs and Macs in July 2022. Potential users should check if their device is on Google’s list of computers models that are certified to work with ChromeOS Flex. Documentation is available at chromeenterprise.google/os/chromeosflex and at the Chrome OS Flex Help site.
Tag Archives: Chrome
Ransomware decryption tools and victim resources
The No More Ransom project website has free decryption tools for many known ransomware types. Avast Decryption Tools, Trend Micro Decryptor, and ID Ransomware are other websites that can help victims of ramsomware. A list of antivirus software providers for Windows may be found here.
The FBI does not recommend making a payment to remove ransomware.
The United States Cybersecurity & Infrastructure Security Agency (CISA) has a site with tips on how to prevent ransomware attacks.
Google Chrome comes with Chrome Cleanup, a web browser feature that creates alerts when it detects unwanted software and allows the user to remove the software and return Chrome to its default settings.
If a decryption tool is not found, one option is to replace the hard drive and operating system and save the locked drive offline. A decryption tool for the ransomware strain may become available months later to free the data at that point.
Chrome OS automatic updates may not be available for older devices
Google’s Chrome OS is a secure choice for an operating system, but older devices may no longer be supported. When a Chrome device reaches its Auto Update Expiration (AUE) date, automatic updates from Google will no longer be provided.
IFixit has instructions on how to convert a working Chromebook past its expiration date to use CloudReady.
Google urges users to install security updates for Chrome browser
Google has requested that its Chrome browser be updated as soon as possible due to a security vulnerability logged as CVE-2019-5786. Users should make certain that the installed Chrome version is 72.0.3626.121 or higher.
Microsoft Office Online browser extension for Edge and Google Chrome browsers
The Microsoft Office Online browser extension for Edge and Google Chrome browsers allows you to open and create files for Excel, Word, PowerPoint, OneNote, and Sway in your browser without needing Office installed.
This free extension is available from Microsoft Store and Chrome Web Store.
Secure HTTPS websites for free using Let’s Encrypt
Google Chrome will display all non-HTTPS sites as “not secure” with the release of version 68 in July 2018. HTTPS websites will also be ranked slightly higher in Google searches when compared to HTTP sites.
Let’s Encrypt is a free certificate authority that can be used to create HTTPS websites. This project is managed by the non-profit Internet Security Research Group (ISRG). Let’s Encrypt works well for low and medium traffic websites. Websites that experience a great deal of web traffic or need warranty coverage should consider a paid certificate authority. Let’s Encrypt certificates also expire every 90 days and have to be renewed.
Certbot is a free tool made by the Electronic Frontier Foundation (EFF) in order to automatically use Let’s Encrypt certificates on manually-administrated websites to enable HTTPS.
More information is available at:
Google Chrome Remote Desktop
Google Chrome Remote Desktop is an app that allows users to access remote computers through the Chrome browser or the Chromebook operating system using a secure connection. This app is free and runs on multiple platforms, including Windows, Mac, and Linux.
Visual Studio Extensions Marketplace
Extensions for the Microsoft Visual Studio suite of products can be found at marketplace.visualstudio.com. Extensions add support for languages not included in Visual Studio, aid in IDE development, or perform a specific task.
Some current popular extensions are:
- Azure Extensions
- Azure DevOps Extensions
- Visual Studio Extensions
- Visual Studio Code Extensions
- PowerShell (replaces PowerShell ISE)
- SQL Server, Azure SQL and SQL Data Warehouse (mssql)
- Python
- Docker
- Chrome Debugger
- Oracle Developer Tools for Visual Studio Code
- Go language for Visual Studio Code
- PostgreSQL for Visual Studio Code
- Productivity Power Tools Extensions
- Visual Studio IntelliCode for Python and Java
- Visual Studio Live Share
- Visual Studio Pull Requests
- C# and C/C++
- Developer Analytics Tools
- Visual Studio Code Remote for WSL, SSH and Docker containers
- Visual Studio Code – Coding Pack for Java – Windows and MacOS
- Java Language Support (Red Hat)
- All Microsoft Visual Studio Extensions
Extensions can be free, preview, or paid. Paid extensions are often charged per user per month. Preview extensions are eventually converted to paid extensions. Extensions are either written by Microsoft, third party vendors, or individual developers.
More information can be found at code.visualstudio.com/docs/extensions/overview.
Meltdown and Spectre security flaws forces tech companies to release updates
Two recently detected security flaws currently named “Meltdown” and “Spectre” are causing Apple, Microsoft, Google, Intel, and others to release security updates to fix any potential problem. The flaws potentially affect all recent computers, smartphones, and tablets that use a CPU performance feature called speculative execution. There is no evidence that the flaws have been exploited at this time. The general recommendation is to download updates for all devices.
Current Apple products may have the security flaws with the exception of the Apple Watch. Apple is continuing to work on updates and released a statement at https://support.apple.com/en-us/HT208394.
Microsoft issued guidance for Windows users, SQL Server, Windows Server, and has updated most of its Azure infrastructure and will continue to do so. Security update KB4056890 also updates Internet Explorer and Edge browsers. Microsoft also issued update KB4056892 for various Windows versions but notes that some AMD processor machines to stop working after installing it.
Google recommended that Chrome users should turn on site isolation. Google also responded with these blog posts:
https://support.google.com/faqs/answer/7622138
https://googleprojectzero.blogspot.com/2018/01/reading-privileged-memory-with-side.html
Mozilla is working on updates and a fix is available in Firefox 57.0.4 version.
Amazon has updated its servers already and will continue to do so.
Intel released a statement as well and is releasing updates. It also reported some systems rebooted more frequently after the updates. AMD also released a statement on their CPUs and speculative execution.
Oracle issued updates for MySQL, Java, PeopleSoft and other products that it maintains.
The CERT Vulnerability Notes Database has logged this issue as Vulnerability Note VU#584653.
eWeek reported that Linux 4.15 was released with Meltdown and Spectre patches and that further patches would be made for this issue.
More information can be found at https://spectreattack.com.
How to disable Video Autoplay in Mozilla Firefox Browser
Follow these steps to disable nearly all video playbacks in Firefox.
To disable non-Flash Player video:
Type this into web address and press Enter: about:config
Click the “I accept the risk” button when this warning appears.
Right-click on the following lines under media prefixes to set the value to False:
media.autoplay.enabled
media.directshow.enabled
media.eme.enabled
media.encoder.webm.enabled
media.ffvpx.enabled
media.gmp-eme-adobe.enabled
media.gmp-widevinecdm.enabled
media.mediasource.enabled
media.mediasource.mp4.enabled
media.mediasource.webm.enabled
media.mp4.enabled
media.navigator.enabled
media.ogg.enabled
media.peerconnection.enabled
media.peerconnection.video.enabled
media.play-stand-alone
media.raw.enabled
media.wave.decoder.enabled
media.wave.enabled
media.webm.intel_decoder.enabled
media.webvtt.enabled
media.wmf.enabled
To disable Adobe Shockwave Flash video, click the “Open Menu” button at the top right part of the screen, then select “Add-ons”.
Select “Plug-ins”, then change the Shockwave Flash setting to “Ask to Activate” or “Never Activate.”
Non-Flash video playback can be disabled in the Chrome browser by installing a free add-on such as Disable HTML5 Autoplay.
To see all Firefox About menus, type this into the web address and press Enter: about:about