Michael Horowitz

About the Author Michael Horowitz


Testing an AmpliFi mesh point as a Wi-Fi extender

When mesh router systems started appearing last year, I purchased a Ubiquiti AmpliFi system for someone whose house was a worst case Wi-Fi scenario. The internet entered the home in the basement on the south side of the house, while the bedrooms are on the second floor in the north side.

I liked the AmpliFi line, sight unseen, because unlike most other mesh systems, it did not require you to register with Ubiquiti and it did not phone home with who knows what data about your network. Still, in October of last year, I griped that the AmpliFi mesh system lacked remote control. This is no longer true. 

To read this article in full or to leave a comment, please click here

Read more 0 Comments

Testing an AmpliFi mesh point as a Wi-Fi extender

When mesh router systems started appearing last year, I purchased a Ubiquiti AmpliFi system for someone whose house was a worst case Wi-Fi scenario. The internet entered the home in the basement on the south side of the house, while the bedrooms are on the second floor in the north side.

I liked the AmpliFi line, sight unseen, because unlike most other mesh systems, it did not require you to register with Ubiquiti and it did not phone home with who knows what data about your network. Still, in October of last year, I griped that the AmpliFi mesh system lacked remote control. This is no longer true. 

To read this article in full or to leave a comment, please click here

Read more 0 Comments

Verifying and testing that Firefox is restricted to TLS 1.2

TLS is the protocol invoked under the covers when viewing secure websites (those loaded with HTTPS rather than HTTP). There are multiple versions of the TLS protocol, and the most recent version, 1.2, is the most secure. Last time, I discussed tweaking Firefox so that it only supports TLS version 1.2 and not the older versions (1.0 and 1.1) of the protocol.

But that begs the question: what happens when a security-reinforced copy of Firefox encounters a website that does not support TLS 1.2? The answer is shown below.

To read this article in full or to leave a comment, please click here

Read more 0 Comments

Restricting Firefox to TLS version 1.2 makes browsing safer

Although its common to think of a secure website as the opposite of an insecure one, the choice is not, in fact, binary. For a website to be truly secure, there are about a dozen or so ducks that all need to be lined up in a row.

Seeing HTTPS does not mean that the security is well done, secure websites exist in many shades of gray. Since web browsers don’t offer a dozen visual indicators, many sites that are not particularly secure appear, to all but the most techie nerds, to be secure nonetheless. Browser vendors have dumbed things down for non-techies.

Last September, I took Apple to task for not having all their ducks in a row, writing that some of their security oversights allowed Apple websites to leak passwords.

To read this article in full or to leave a comment, please click here

Read more 0 Comments

Are Android bug fixes worth $510 when buying a phone?

Techies are supposed to focus on the latest and greatest, the biggest and fastest. I’ve never been like that. Especially when it comes to cellphones, my computing needs are modest.

So, consider the fairly low end ASUS ZenFone 3 MAX ZC520TL phone which Asus currently sells for roughly $140.

It has a 5.2 inch IPS screen with a resolution of 1280×720. Many phones offer more pixels, but this is sufficient for me and fewer pixels should help with battery life. It has 2GB of ram, 16GB of storage, an FM radio, a 4100 mAh battery and its made of metal, not plastic.

On the downside, the Wi-Fi is limited to the 2.4GHz frequency band, it only works with AT&T and T-Mobile and the battery is not removable. Considering the price, it’s good enough for some of us, myself included. 

To read this article in full or to leave a comment, please click here

Read more 0 Comments

Windows Defender does not defend Windows 7 against WannaCry

Thanks to Kaspersky, we now know that 98% of the Windows machines infected by WannaCry/WannaCrypt were running Windows 7. Since, once it gets a foothold, the malware can infect an entire network, most of the attention was focused on LAN based attacks. My previous blog was about using the Windows firewall as a defensive measure.

But any malware can spread in multiple ways so there is always a need for anti-malware software on Windows PCs. The May 12th blog post, Customer Guidance for WannaCrypt attacks, in which Microsoft announced the release of a bug fix for Windows XP, mentioned that 

To read this article in full or to leave a comment, please click here

Read more 0 Comments

The Windows firewall is the overlooked defense against WannaCry and Adylkuzz

Despite all the attention currently focused on Windows computers being infected with WannaCry ransomware, a defensive strategy has been overlooked. This being a Defensive Computing blog, I feel the need to point it out.

The story being told everywhere else is simplistic and incomplete. Basically, the story is that Windows computers without the appropriate bug fix are getting infected over the network by WannaCry ransomware and the Adylkuzz cryptocurrency miner. 

We are accustomed to this story. Bugs in software need patches. WannaCry exploits a bug in Windows, so we need to install the patch. For a couple days, I too, ascribed to this knee-jerk theme. But there is a gap in this simplistic take on the issue. Let me explain. 

To read this article in full or to leave a comment, please click here

Read more 0 Comments