10/8/2022: Printer Settings on Local Computer Carry Over to VMWare
When you send a job to a printer not on your office network from inside VMWare or another VPN, you may not see all of the options which should be available in the properties for the printer.
Apply the settings for the printer on the local computer on which you are running VMWare. The selections should carry over to the VMWare instance and you’ll be able to print jobs from the VPN with settings not available in the properties displayed for the printer within in the VPN.
10/15/2022: Office 365’s Poor Email Encryption Method
A European cyber security company, With Secure, recently posted its findings on a flaw in the encryption method used in the local installation version of Microsoft Office 365.
Office Message Encryption (OME) works with Electronic Codebook (ECB). A party attempting to decrypt Office encrypted messages (which are sent as email attachments), may be able to determine the content by detecting where certain blocks of text, such as confidentiality footers or headings, repeat in multiple messages. The structure will be apparent even to a party that doesn’t have the key for the encrypted text. ECB will encrypt repeating blocks of text in the same way. As stated in NIST Special Publication 800-38A, Recommendation for Block Cipher Modes of Operation, “in the ECB mode, under a given key, any given plaintext block always gets encrypted to the same ciphertext block. “
Unlike a more secure encryption method like Cipher Block Chaining (CBC) ECB does not use an initialization vector, a random factor which prevents blocks of identical plaintext (unencrypted text) from having the same encryption. This diagram on the Sophos cyber security blog, demonstrates the problem with ECB:
With Secure’s post points out that a 2021 Microsoft FIPS (Federal Information Processing Standard) Compliance post [made to comply with the Information Technology Management Reform Act of 1996’s encryption requirements] states that, “Legacy versions of Office (2010) require AES 128 ECB, and Office docs are still protected in this manner by Office apps.”.
So apparently in order to avoid trouble with users running older versions of MS Office being unable to decrypt messages encrypted with CBC or another encryption method, Microsoft will continue to use the weaker ECB method.
10/22/2022: Office 365 versus Microsoft 365
While you may find people using the terms interchangeably, Office 365 and Microsoft 365 are two distinct plans offered by Microsoft. Office 365 includes Microsoft Exchange and SharePoint for businesses which have their own network., and an active directory service to authenticate the users with access to the network. This is in addition to the standard MS Office programs, Excel, Word, PowerPoint, and Access.
Microsoft 365 expanded on Office 365, and is meant to replace it. While it also has Word, Excel, PowerPoint, and Access, It is tailored for offices that rely on the cloud, and don’t have their own network. Azure Active Directory comes with Microsoft 365. It is a cloud-based system for authenticating users, but you cannot set it up with a server. Azure Active Directory works with Microsoft Intune in M365 to restrict access to data. Microsoft 365 also includes Enterprise Mobility and Security which facilitates the control of devices which are in different locations.
10/28/2022: Extracting the links for multiple files uploaded to Box
The Tip of the Night for June 24, 2020 discussed how to get the links for multiple files uploaded to a Box file share site. There is a limitation to this approach – the source code for any one web page for a Box folder may only list the first 20 files that auto load after you visit the site. Even if you scroll down to load additional files, the urls for them will not appear in the source code for the web page.
I haven’t found an ideal way to deal with this problem, but I have figured out a useful workaround. You can use an add-in for Chrome called Linkclump which will allow you to select and open multiple links on any web page. See: chrome-extension://lfpjkncokllnfokkgpkobnkbkmelfefj/pages/options.html?init=true
Linkclump will show up as a icon that looks like a bunch of scallions in the browser to the right of the address box. If it doesn’t display click on the puzzle piece icon which will give you the option to pin any add-in or extension to the browser.
Display any many links as possible in the Box folder by zooming out, and perhaps setting the monitor to portrait mode.
Hold down ‘z’ on your keyboard and click and drag a box over the links. When you release the left click button each selected file will open in a new tab.
Next go to Chrome’s 3 dot menu and select ‘Bookmark all tabs . . .’
[It’s not necessary to wait for each file to fully load in the new page.] Create a new folder to hold all of the urls currently open in your browser.
As many times as needed open additional file links in the Box folder until all files are open.
Next, browse to the folder containing the urls in Chrome’s Bookmark Manager.
You be able to select each file and copy and paste the links into an Excel spreadsheet. After this is done, click on the 3 dot menu to the right of the Bookmark Manager and export the bookmark names.
The exported file will be a html file from which you can copy and paste the names for each file in the Box folder.
Remove the references to ‘ | Powered by Box’ and you will have the complete list of urls cross referenced with file names in the spreadsheet.
*The views expressed in this blog are those of the owner and do not reflect the views or opinions of the owner’s employer. All content provided on this blog is for informational purposes only. The owner of this blog makes no representations as to the accuracy or completeness of any information on this site or found by following any link on this site. The owner will not be liable for any errors or omissions in this information nor for the availability of this information. The owner will not be liable for any losses, injuries, or damages from the display or use of this information. This policy is subject to change at any time. The owner is not an attorney, and nothing posted on this site should be construed as legal advice. Litigation Support Tip of the Night does not provide confirmation that any e-discovery technique or conduct is compliant with legal, regulatory, contractual or ethical requirements.
