Windows God Mode – How To

Windows users on Windows 7 got a treat in a secret feature called God Mode that gave them access to just about ALL of the controls, settings and options built into Windows. In this article we’ll walk you through unlocking God Mode in Win8. I am told this can be done with Windows Vista as well.

  • Right click on the desktop and create a new folder, name it whatever you like.
  • Right click on the folder and click rename.
  • Copy and paste the following as the new file name:

Gmode.{ED7BA470-8E54-465E-825C-99712043E01C}

  • The icon will change from a folder to the control panel icon.
  • If you start up the panel you will get a window with all settings broken down by categories.

Go have fun, careful not to break anything 😉

Edit

This works in Windows 10 as well.. 😉

Advertisements

Shellshock: Better ‘bash’ patches now available

The first patches for Shellshock didn’t offer complete protection. The latest revisions of this patch for the popular Mac OS X, Linux, and Unix bash shell security problem were released on Friday, offering greater defenses against hackers.

The problem with the first patch, as Red Hat explained in its Shellshock FAQ, was that it only took care of the original bash flaw CVE-2014-6271. This, the true Shellshock bug, is the worst bash security hole. There were also others.

Red Hat said: “Shortly after that issue went public a researcher found a similar flaw that wasn’t blocked by the first fix and this was assigned CVE-2014-7169.” This bug is also a security problem, but it’s not as bad as the other flaw.

Later, Red Hat Product Security researcher Florian Weimer found additional problems and these were designated CVE-2014-7186 and CVE-2014-7187. Fortunately, these bugs are less serious and the latest patch takes care of these as well. As Red Hat’s Huzaifa Sidhpurwala told me: “The latest version of bash fixes all the CVE issues.”

So, what you want to do now, if you haven’t already, is check to see if you’re running a vulnerable version of bash. Continue reading Shellshock: Better ‘bash’ patches now available

FOSS Around the World: Latin America

Too often coverage of free/open source software news and commentary tends to focus on either developments and activities in North America or in Europe. While much of the news is made on these two continents, there’s a wider world out there where folks are doing some substantial things, and promoting FOSS in their own way in their own areas.

Periodically, we at FOSS Force will be looking at areas of the world which have been either overlooked or neglected in digital news coverage. Today we’ll start south of the U.S. border with Latin America — Mexico, along with Central and South America, for those of you keeping track on maps at home.

We start this with a quick overview of the region itself, and the canvas is a large one.

Jon ‘maddog’ Hall travels extensively as executive director of Linux International and is likely the most well known de facto ambassador for all things Linux and FOSS. A world traveler, he regularly speaks in South America where he says the use of FOSS is varied.

“Central and South America is a very big region,” Hall said. “The spread of FOSS is uneven, as you might expect. Likewise, FOSS is more than just GNU/Linux, so the use of FOSS is also uneven.”

Who is the top FOSS user in this hemisphere south of the equator?

“Brazil continues to be the biggest user of FOSS, due to both laws and attitudes of its government,” he said. “However, in some places where FOSS was used, proprietary software has reasserted itself due to changes in management, usually management that is friendly to closed-source companies.”

Complete Story

Heartbleed is back and it’s looking for enterprise wireless networks

A researcher has uncovered new ways to exploit the Heartbleed OpenSSL vulnerability, potentially exposing enterprise wireless networks, and the devices that connect to them, to a new wave of Heartbleed attacks.

Originally exposed in April, Heartbleed is a critical vulnerability in the OpenSSL encryption library that could expose up to 64 KB of memory on a vulnerable client or server if exploited, including keys used for X.509 certificates, authentication credentials and other communication protected by the open source encryption project.

The Heartbleed flaw was the result of a missing bounds check in the handling of the TLS heartbeat extension, and was thought to be exploitable only over TCP connections and after the TLS handshake. However, Luis Grangeia, a researcher with Portugal-based infosec consulting firm Sysvalue, found new ways to exploit the OpenSSL vulnerability.

In a May 30 blog post, Grangeia provided details on the new proof-of-concept, dubbed Cupid, which exposes TLS connections over the Extensible Authentication Protocol (EAP), and that allows for the deployment of authentication mechanisms like smart cards and one-time passwords over wireless networks. Grangeia explained that the EAP mechanisms potentially affected by Cupid include those that use TLS, namely EAP-PEAP, EAP-TLS and EAP-TTLS. Continue reading Heartbleed is back and it’s looking for enterprise wireless networks

Beta Testers needed for Next OS X Mavericks Update

Apple launched beta testing for OS X 10.9.3 a bit ago, giving interested people a chance to test drive the next update to the company’s Mac operating system. The OS X Beta Seed Program requires an Apple ID and is free to Mac users signing up to participate and prepared to adhere to a confidentiality agreement associated with the beta testing process. Apple did not reveal when OS X 10.9.3 will be released as a general update to Macs running OS X, currently updated at version 10.9.2, or Build 13C64.

Customers who download the beta seed of the OS X 10.9.3 update will be required to “provide feedback to Apple directly” via automated dialog boxes and other correspondence methods, Apple said. The OS X Beta Seed Program is distinct from Apple’s Mac Developer Program, which furnishes additional tools for developers of software for OS X, the company said.

Participants in the program won’t be compensated, Apple said in a OS X Beta Seed Program FAQ, and the confidentiality agreement serves up some pretty strict guidelines for how to use the 10.9.3 download for those choosing to register.

Apple also noted that installing the OS X 10.9.3 beta update won’t void hardware warranties and recommend that program participants back up their Macs via Time Machine, with the promise that AppleCare customer support specialists would be on hand to help beta testers with any problems that might arise.

Interested parties can visit Apple’s OS X Beta Seed Program landing page to begin the process of registering for the program and downloading the update.

Active 0day attack hijacking IE users threatens a quarter of browser market

If you are still using Windows and live your online life using any version of Internet Explorer you will want to keep up with this. My suggestion? Start using an alternate browser like Firefox or Chrome.

No patch available yet for critical bug affecting all supported versions of IE.

Attackers are actively exploiting a previously unknown vulnerability in all supported versions of Internet Explorer that allows them to surreptitiously hijack vulnerable computers, Microsoft warned Sunday.

The zero-day code-execution hole in IE versions 6 through 11 represents a significant threat to the Internet security because there is currently no fix for the underlying bug, which affects an estimated 26 percent of the total browser market. It’s also the first severe vulnerability to target affect Windows XP users since Microsoft withdrew support for that aging OS earlier this month. Users who have the option of using an alternate browser should avoid all use of IE for the time being. Those who remain dependent on the Microsoft browser should immediately install EMET, Microsoft’s freely available toolkit that greatly extends the security of Windows systems. Continue reading Active 0day attack hijacking IE users threatens a quarter of browser market

Chrome Eavesdropping, Balkanized Internet & More…

Is your Chrome browser spying on you?

It’s convoluted and unlikely, perhaps, but there’s a way that websites can trick the Chrome browser into leaving the mic open, allowing who knows whom to eavesdrop.

In Chrome, whenever a website wants to access a visitor’s microphone the browser prompts the user for permission which, if granted, is for that session only. Move to another site or close that tab and the mic is disabled. However, PCWorld reported on Wednesday, there is a way for a site to keep the mic turned on.

“But as Web developer Tal Ater discovered, malicious sites can use pop-under windows to keep listening even after the user has gone to another site or closed the main browser window. Unlike a regular browser tab, pop-under windows don’t show the recording status icon, and can continue to listen in for as long as the pop-under window stays open. The exploit can also stay dormant until the user utters certain key phrases.”

Techworld reported Thursday that although Google had a patch readied to fix this vulnerability on September 24, they decided not to use it.

“‘We’ve reinvestigated and still believe there is no immediate threat, since a user must first enable speech recognition for each site that requests it,’ it [Google] said.”

This kind of makes the case for just using a plug-in mic instead of having one built-in, doesn’t it?

Is the balkanization of the Internet at hand?

It’s no longer news that quite a few countries are concerned enough about the NSA’s actions that they’re taking steps to protect themselves from our spying. This is leading some to suspect this might eventually result in a system of national Internets, as noted by IEEE Spectrum on Thursday.

To a degree, this is already happening. Germany is taking steps to assure that data packets originating in-country to be delivered in-country are never routed outside of Germany. In South America, Brazil’s president Dilma Rousseff is seeking legislation that will force companies, including Facebook and Google, to store all data on servers located within Brazil.

In addition, the NSA’s actions have resulted in a revival of the Open Root Server Network (ORSN), a system of root nameservers operating independently from ICANN. Taken offline in 2008, the system was put back in service in June as a result of Edward Snowden’s whistle-blowing.

Complete Story

Firefox for Organizations – Enterprise Working Group (EWG)

Think Firefox is just for home use? Think again, Mozilla now has a plan to ensure that your company is getting all the benefits from using Firefox but on an Enterprise level.

What is Mozilla Firefox ESR?

Mozilla offers an Extended Support Release (ESR) based on the official release of Firefox for desktop for use by organizations including schools, universities, businesses and others

who need extended support for mass deployments. You can read more about the plan here. Continue reading Firefox for Organizations – Enterprise Working Group (EWG)

Removing Ubuntu Overlay Scrollbars

Seeing that Ubuntu is heading toward touch and mobile screens they decided at 11.04 and Unity Desktop to go with overlay scrollbars. Why? Well, to allow your browser to use the entire screen and with touch screens you really don’t need scrollbars.

The following is per user. For system wide change scroll to the bottom of the page.

Disabling on Ubuntu 12.04 and earlier

  • Open a Terminal
  • type in the following command:
gsettings set org.gnome.desktop.interface ubuntu-overlay-scrollbars false

Disabling on Ubuntu 12.10 and later

  • Open a Terminal
  • type in the following command:
gsettings set com.canonical.desktop.interface scrollbar-mode normal

The change should take immediately. Enjoy your traditional scrollbars.

Re-enable Overlay?

Don’t like the look anymore and want to return to the new look?

Enabling on Ubuntu 12.04 and earlier

gsettings reset org.gnome.desktop.interface ubuntu-overlay-scrollbars

Enabling on Ubuntu 12.10 and later

gsettings reset com.canonical.desktop.interface scrollbar-mode

System Wide Changes

To disable overlay scrollbars systemwide open a terminal and run this command:

sudo sh -c ‘echo “export LIBOVERLAY_SCROLLBAR=0″ > /etc/X11/Xsession.d/80overlayscrollbars’

 

LightZone – Professional-level digital darkroom software

LightZone is professional-level digital darkroom software for Windows, Mac OS X, and Linux. Rather than using layers as many other photo editors do, LightZone lets the user build up a stack of tools which can be rearranged, turned off and on, and removed from the stack. It’s a non-destructive editor, where any of the tools can be re-adjusted or modified later — even in a different editing session. A tool stack can be copied to a batch of photos at one time. LightZone operates in a 16-bit linear color space with the wide gamut of ProPhoto RGB.

While many of LightZone’s tools are standard fare, it offers some unusual ones for tonal control — meaning brightness, contrast, shadows, highlights, etc. Some are inspired by the Zone System, and some are inspired by HDR tone-mapping. These tools put LightZone in a class by itself for working with black-and-white imagery. They’re useful for color photos, too.

LightZone was created by Light Crafts, Inc., as proprietary software, and was sold starting in 2005. In 2007, MacWorld gave LightZone its Editor’s Choice Award. Light Crafts ceased operation in September 2011 and released LightZone to open source in December 2012.

Install LightZone on ubuntu 13.04/12.10

Open the terminal and run the following commands

sudo wget -O -- http://download.opensuse.org/repositories/home:/ktgw0316:/LightZone/xUbuntu_13.04/Release.key | sudo apt-key add --
sudo sh -c "echo ‘deb http://download.opensuse.org/repositories/home:/ktgw0316:/LightZone/xUbuntu_13.04/ ./' > /etc/apt/sources.list.d/lightzone.list"
sudo apt-get update && sudo apt-get install lightzone

Install LightZone on ubuntu 12.04

sudo wget -O -- http://download.opensuse.org/repositories/home:/ktgw0316:/LightZone/xUbuntu_12.04/Release.key | sudo apt-key add --
sudo sh -c "echo ‘deb http://download.opensuse.org/repositories/home:/ktgw0316:/LightZone/xUbuntu_12.04/ ./' > /etc/apt/sources.list.d/lightzone.list"
sudo apt-get update && sudo apt-get install lightzone