Friday, 14 September 2018

WARNING: Edge (Sync) Ate All Favourites - Favourites Gone!

We've been doing _a lot_ of work setting up a Grafana/InfluxDB/Telegraph monitoring and history system lately.

The following is our custom Kepler-64 Storage Spaces Direct 2-node cluster being tracked in a Grafana Dashboard that we've customized:

image

Grafana graphs, PerfMon RoCE RDMA Monitoring, and VMFleet Watch-AllCluster.PS1 (our mod)

Needless to say, a substantial number of links to various sites about running the above setup on both Windows and Ubuntu were lost after something seemingly went wrong. :(

Edge (Sync ?) Hiccups then Pukes

As we were quite busy throughout the day and Edge was being very uncooperative we started using Firefox for most of the browsing throughout the day.

image

Edge: Favourites Bar Shortcut Count Drastically Trimmed

The first response once things started misbehaving should have been was to use the Edge Favourites Backup feature and get them out!

When we opened Edge later in the day this is what we were greeted with:

image

Edge: Favourites Bar Shortcuts Gone!

As a small caveat one of the behaviours with Edge has been for it to either go unresponsive requiring a Task Manager Kill or when another Edge browser session was opened for it to not allow Paste or Right Click in the Address Bar or any Favourites, History, or other buttons to be shown.

So, Task Manager Kill? Nope. They were not there.

Log off and back on again? Nope.

Reboot the machine? Nope.

Both the Favourites Bar content and _all_ of our Favourites were gone.

Back Them Up!

During the above day when things started to misbehave the next step _should have been_ to grab one of the tablets they were syncing to and run a backup process without allowing the tablet to connect to WiFi and sync! Ugh, hindsight is 20/20. :P

And, much like the advice we always start out with when training users on the use of Office products the very first step they need to take is to _save_ their work before doing anything! And, once the work is done, to _save_ their work. Well, that advice is something that we will be taking from now on with regards to Edge and Favourites.

After a big day of Favourites building a backup should be taken.

So, Where Are Those Favourites?

Why, oh why do software vendors move my cheese?

In this case, the original location for those Favourites when using IE back in the day was OneDrive. If there was a hiccup somewhere between the number of different clients OneDrive Sync would append the name of the machine to the conflicting shortcuts and we'd be left with doing a quick Search & Destroy post mortem. No biggie. Not so with Edge.

Thanks to Michael B. Smith via a list we were pointed to:

The location that Edge stores those favourites is here:

  • Stored under %LOCALAPPDATA%\Packages\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\AC\MicrosoftEdge\User\Default\DataStore\Data\nouser1\120712-0049\DBStore
  • Database Name: Spartan.edb

Change the somewhat hidden dropdown to Favourites and:

image

Some Edge Favourites Post Backup Import

What Does All This Mean? Edge Bug

It means that there's a serious bug somewhere in the Edge setup with Data Loss being one possible result.

It means that, for now one needs to run the Edge Export process to back those Favourites up after a serious day of adding to that list!

  1. In Edge click the Favourites/History/Downloads button
    • image
  2. Click the Favourites Star if they are not shown as above
  3. Click the Gear
  4. Click the Import from another browser button
    • image
  5. Click the Export to file button
    • image
  6. Choose a location and give the file a name
    • We drop ours in OneDrive to keep it backed up
    • image
    • Naming convention: DATE-TIME-Location.HTML

The above process will at least help mitigate any choke in the Edge Favourites setup that may happen.

Warning Note

IMPORTANT NOTE: Edge does not have any kind of parsing structure for the import process.

We cannot pick and choose what to import, and, if there are still Favourites _in the database_ they may disappear/be deleted when importing!

If the bulk of the Favourites are still there then an alternative to a wholesale import would be to open the backup .HTML page and click on the needed links and Favourite them again. *sigh*

Conclusion

What does all of this mean?

Considering that we've lost data there's a very serious problem here. In our case, we're talking about a very long and full day's worth of bookmarks/favourites gone. :(

For now, it means back those favourites up _a lot_ when doing critical work that requires knowledge keeping!

Oh, and we need to set aside some time to delve into the NirSoft utility linked to above to see if there are features in there to help mitigate this situation.

Philip Elder
Microsoft High Availability MVP
MPECS Inc.
Co-Author: SBS 2008 Blueprint Book
www.s2d.rocks !
Our Web Site
Our Cloud Service

Monday, 10 September 2018

Security: RBC Royal Bank: Best laid plans of mice and men

We did some banking work with our bank, RBC Canada. In the process they sent us a few "Secure Document Access" requests that the agent provided the password for via a phone conversation.

When the first one came in, it was a bit of a system shock.

image

RBC Royal Bank "Secure Message"

The highlight is ours. Huh?!?

Given the nature of today's phishing attacks a phone call was very quick to happen to our contact after receiving the above to verify its legitimacy.

We received a number of subsequent "secure" e-mails using the same method.

The encryption process we use, and our clients use, on the ExchangeDefender (xD) system is a link to an Internet property owned by xD with the appropriate SSL properties in place to assure the recipient that they are in the right place. That's after we indicate to the recipient in a prior e-mail of the upcoming process to obtain the encrypted content.

The RBC Royal Bank method is close to that but why the .HTM attachment requirement? That's just plain weird. :S

Sure enough, this is what was in an Inbox here this morning:

image

Phishing Message

It's a poorly crafted phish attempt at best.

image

E-mail Header

The trail is pretty clear as far as where it came from and the "how" looks to be fairly clear as well.

All it would have taken was a bit better in the way of timing on the phisher's part and a bit of distraction on our part and BOOM we could have been hooked. :(

RBC Royal Bank Canada needs to change their secure document transmission methodologies please.

And, Microsoft, please give us built-in DKIM abilities for on-premises Exchange instead of keeping that to online properties only. That's not polite in the least.*See Note Below

Outlook Header How-To

Outlook users, here's how to get the header information shown above:

  1. Double click on the e-mail
  2. Click the Message tab
  3. Click the break-out button on the bottom right of the Tags category
    • image
  4. Click anywhere in the small information window
    • image
  5. Keyboard:  CTRL+A then CTRL+C
  6. Click Close and close the e-mail
  7. Paste the content into the destined app (we use Notepad)

After examining a few headers it gets pretty easy to identify the legit and illegitimate messages hitting our Inbox every day. While the process may be a bit time consuming, figuring out whether something is legit or not could be the difference between DELETE and an encryption event or Inbox/Contacts harvesting.

Happy Monday everyone and thanks for reading! :)

2018-09-10 EDIT: Oops, that Microsoft sentence should have been CUT along with the other sentences that were in a previous paragraph. Suffice it to say, we've been working on DMARC/DKIM requests and discovered that Microsoft seems to be holding DKIM off from on-premises Exchange. Thus, we need to go third party to get to use that business critical security feature. :(

Philip Elder
Microsoft High Availability MVP
MPECS Inc.
Co-Author: SBS 2008 Blueprint Book
www.s2d.rocks !
Our Web Site
Our Cloud Service

Friday, 7 September 2018

Surface Pro 4 or Surface Book phantom touches

A couple of days ago one of our docked Surface Pro 4 (SP4) units started to experience what looked like an ongoing touch in the middle between the two screens near the bottom.

A reach over to the SP4 and a touch to figure out where the phantom touches were happening brought about the discovery that it was near the bottom righthand corner of the touch screen.

Weird.

Okay, so pull it off the dock, give it a good screen cleaning, and for good measure blow it out since it's been sitting there for a while.

It seemed okay but the problem came back.

A reboot would not fix it either.

So, in to the Microsoft Store we went today. The tech took it into the back for a few minutes then came back and said it's good to go.

What was done? They have a calibration tool there at the store to recalibrate the touch screen.

Since that was done the SP4 has been behaving. We'll see, but let's hope it's all good.

As it turns out, the task run by the Microsoft Tech is in the above KB article.

So, if experiencing phantom touches download and run the calibration tool found in that article.

UPDATE 2018-09-10: They came back. :(

As  an FYI, this time around instead of hugging one side of the screen we had a line of touches running across the screen.

So, instead of heading back to the store we ran through the hotfix e-mail process and ran the utility.

The phantom touches disappeared again. We'll see for how long.

Philip Elder
Microsoft High Availability MVP
MPECS Inc.
Co-Author: SBS 2008 Blueprint Book
www.commodityclusters.com
Our Web Site
Our Cloud Service

Wednesday, 5 September 2018

When Software Bugs can Kill: Dodge RAM 1500 Cruise Control Bug

A while back there was a scary moment where the cruise control in our 2016 RAM 1500 refused to release via any of the buttons on the steering wheel.

In that moment, rushing up on a vehicle fairly far ahead of us and going over a bridge, there were only a few options left:

  1. Brakes release the cruise
  2. Try and Power Down & Brake
  3. Ditch @ 100KM/H on a bridge bank

Fortunately, the cruise released when the brakes got hit, we were able to avoid rear ending the person in front of us, and in fact the cruise system crashed right after the brakes were applied.

When addressing the complaint with Dodge and the dealer there's the, "Oh, no we didn't realize there was a problem there" type of response.

Well, obviously there was a problem that needed to be addressed as the bellow letter shows.

image

So, being that the problem could be life threatening we took the truck in to have it flashed as soon as the above showed up and the dealer had a spot open.

Here we are a few weeks or more from the day the flash was done and the behaviour happened again this morning. :S

Fortunately, at that moment there was less panic and more "Oh, hopefully the brakes work to kick it off this time" happening. ;)

A call into the dealer and the service tech indicated they'd have a conversation with the service manager since the tech was not sure whether there would be a "re-flash" of the module or the problem would need to head further up the Fiat Chrysler Canada food chain.

The Customer Service Wall

It's understandable that companies try and hide their mistakes. Yet, time and time again it's been shown that companies that are up-front about mistakes made and changes made to mitigate or eliminate them happening again tend to do quite well. It seems the lawyers tend to win this argument, and the ridiculous cases that have forced the issue, to keep things relatively hidden.

For the end-user it's very frustrating to face that "Customer Service Wall" with virtually no hope of getting anywhere beyond the person standing in front of that wall. In this case, it's the "Service Technician" that is in front of the Wall.

The reality is that the Customer Service Wall is a very well designed system to keep the person/user who is essentially paying the bills as far away from the manufacturer/vendor as is possible.

The same is true of voice recognition systems that users/customers hit as soon as they call "Customer Service".

There is no lack of irony in the above two sentences.

Conclusion

Sadly, the situation with the Dodge software bug, which can be deadly, will remain a mystery for a little while longer. With a bit of awareness, and a good dose of caution, we will be able to mitigate the bug's release block and not hit anyone including the ditch.

But for now, we wait until the folks that do the programming can figure out where the bug really lies and hopefully fix it … without introducing an even deadlier bug.

Philip Elder
Microsoft High Availability MVP
MPECS Inc.
Co-Author: SBS 2008 Blueprint Book
www.s2d.rocks !
Our Web Site
Our Cloud Service