Classics Promo: get your old games fix at a discount over at Gog

Posted on by Martin Brinkmann

Gog is an excellent resource for classic computer games. The platform runs a sale currently that offers discounts on more than 1,000 – mostly – old computer games. While that may deter gamers that want high-end graphics, it is a treasure trove for gamers who want to replay or play some of the greatest classics in computer gaming.

As an added advantage, games on Gog are not as expensive as modern titles. Even without discounts, you barely pay more than $10 for a game. During sales, prices drop to a few Dollar for many of the games.

Want some examples?

  • Dragon Age Origins: Ultimate Edition, arguably the best title of the Dragon Age series, is available for less than $6 for the next eleven days.
  • Ultimate VII The Complete Edition is available for $1.37. The other Ultimate games, are available in two packs (Ultimate I, II, and II, and Ultimate IV, V, and V) for $1.37 each as well. There are also discounts for Ultimate Underworld, and Ultimate IX.
  • Thief II The Metal Age, one of the greatest stealth games of all time, costs $1.07.
  • X-Com 2, one of the best turn-based strategies, is available for $2.74
  • Jagged Alliance 2, another classic turn-based game, costs $2.18

Just browse the list and you will find huge discounts for games of all genres. The games are compatible with modern Windows PCs. While controls or visuals may not be on par with modern games, you can still have days of fun with some of the games easily.

These games should also work well on older PCs, as they are not that demanding than modern games.

While this reads like an advertisement, it is not. I like Gog a lot and buy games there regularly to replay old classics or play classics that I missed out on when they were released initially.

Now You: do you play computer games at all? If so, which games to you like and do you prefer modern or classic games?

Windows updates

Microsoft releases out-of-band Windows updates, but you likely don’t need them

Posted on by Martin Brinkmann

Microsoft has released out-of-band updates for Windows shortly after it released the cumulative security updates for Windows earlier this week.

These new updates are available for Windows 11, version 23H2 and 22H2, as well as several Enterprise and server versions of Windows.

Good to know: out-of-band updates are usually released to fix pressing issues. Most need to be downloaded and installed manually, as the issue may not affect all installations.

The updates affect a logon auditing issue in Windows. Since logon auditing is usually not configured on home systems or unmanaged systems, it is an issue that affects Enterprise devices mostly.

Here is Microsoft’s description of the issue:

It addresses a known issue where Audit Logon/Logoff events in the local policy of the Active Directory Group Policy might not show as enabled on the device even if they are enabled and working as expected. This can be observed in the Local Group Policy Editor or Local Security Policy, where local audit policies show the “Audit logon events” policy with Security Setting of “No auditing”.

To sum it up: this is a reporting issue only that does not impact functionality.

The patch can be installed on affected systems to resolve the issue. The vast majority of home users does not need the patch.

Here are the links to the support articles:

  • Windows 10, version 23H2 and 22H2: KB5058919
  • Windows Server 2022: KB5058920
  • Windows 10, version 20H2, and Windows Server, version 20H2: KB505892
  • Windows 10, version 1809 and Windows Server, version 1909: KB5058922

Click on the link to the Microsoft Update Catalog website on the linked support websites to download the patch. It needs to be installed manually after download. This is usually done by double-clicking on the downloaded patch file and following the instructions that appear on screen.

Latest Rufus release fixes side-loading vulnerability

Posted on by Martin Brinkmann

Rufus, one of my favorite open source tools, is now available in a new version. Rufus 4.7 is a security release that includes new features and non-security fixes.

The developer fixed a side-loading vulnerability in the application that allowed an attacker to load a malicious DLL with escalated privileges.

For this to work, the attacker had to plant the malicious DLL file into the same directory as the Rufus executable. The impact seems low, but it is still good that the issue got fixed.

Here is the info provided on the Rufus Security forum:

A DLL hijacking vulnerability in Rufus 4.6.2208 and earlier versions allows an attacker loading and executing a malicious DLL with escalated privileges (since the executable has been granted higher privileges during the time of launch) due to the ability to inject a malicious cfgmgr32.dll in the same directory as the executable and have it side load automatically. Versions 4.7 and later are not affected by this vulnerability.

So, it is recommended to update Rufus to the latest version to patch the issue.

Note that the internal update finder may not find the update yet. You can download it manually from the project’s GitHub repository in the meantime.

As far as other features are concerned, there are a handful:

  • Ability to detect and download updated DBXs from the official UEFI repository.
  • Support for ztsd compression for disk images added.
  • Exclusion feature in Settings to “ignore disk with a specific GPT GUID”.

There are also some fixes included, which you find listed here.

Arc Browser: and then there was Dia

Posted on by Martin Brinkmann

I have to admit that I’m not a huge fan of Arc Browser, a Chromium-based browser by the Browser Company that has been making some waves lately in the influencer-sphere. While I like some features, I disliked others like the forced registration on start or the lack of customization options.

Some time ago, the makers of Arc announced that they started to work on yet another browser. This one less focused on experienced or professional browser users but on artificial intelligence.

Called Dia, it is currently only available with an invite. The Browser Company did publish a short video on YouTube that provides a quick tour of the browser though.

Here it is:

The main feature that the company highlights is the integrated AI. Search, for example, combines answers from the web using large language models and open browser tabs. While you can still search the web normally, you can also direct your questions to the baked in AI to get an answer generated.

This works similarly to how all other AI tools work today. You write something, the AI responds, and you may follow-up. The most interesting feature from my perspective is the ability to use the AI to interact with open tabs in the browser.

So, you could open up tabs during research that list different products. You could use the integrated AI to find out more about these exclusively.

There is also an “ask” button available on all webpages that you may activate to ask the AI questions about the current webpage.

The main question is whether this is enough to convince users to give it a try or even switch to it. My initial guess is that this is not sufficient for that. While Arc may convince some users to give it a try or even stick to Dia, it seems to lack the same features as Arc.

To be fair, Dia is still in active development and it may take a while before the browser is published publicly.

Now you: what is your opinion on baking AI into browsers? Good thing that is useful or rather something that you don’t want at all?

Gmail’s new end-to-end encryption feature is atrocious for non-Gmail users

Posted on by Martin Brinkmann

Google announced support for end-to-end encrypted emails on Gmail for organizations and later this year for end users last week. This allows Gmail users to encrypt emails so that only the recipient can read them.

Gmail is far from being the first email provider to offer such a feature. Proton Mail, for instance, supported end-to-end encrypted emails from the get-go.

When you read Google’s announcement, you may stumble upon the explainer on how this is implemented. Not technically, but how it works from the user’s perspective.

According to Google, end-to-end encrypted emails on Gmail work differently depending on whether you are a Gmail user or not, and whether an administrator has configured use of the restricted Gmail version for all users.

So, here are the different scenarios when someone sends an encrypted email from Gmail.

  • When the recipient is a Gmail user, the user may read it in their inbox. The email is decrypted when it reaches the inbox and the email can be read.
  • When the recipient is not a Gmail user, they receive an invitation to open the email in a guest Google Workspace account. This allows them to view and reply to the email in a restricted version of Gmail.
  • If S/MIME is configured, Gmail sends the encrypted email via S/MIME.

Google Workspaces administrators may furthermore configure encrypted emails to always require the restricted version of Gmail.

Here is why that is bad

Some emails, all end-to-end encrypted ones, no longer land in your inbox, if you do not use Gmail or when the admin enabled restricted mode. You furthermore need to sign in using an invite link and a pin. Organizations may furthermore limit access to emails by revoking access at any time.

To be fair, this is not all that different from how Proton Mail handles sending encrypted emails to non-Proton users.

Still, if you are not a Gmail user, you may have to read some emails on the Gmail website in the future using the guest account feature of Google Workspaces. This may have severe consquences:

  • When you search emails in your dedicated client or web service, encrypted email content is not included.
  • Filters may not work correctly, as they may only apply to the public part of the email and not the body.
  • Security tools can’t scan the emails.

It is probably only a matter of time before malware campaigns start to use the new feature.

Now You: what is your take on this? Do you use encrypted email already? Feel free to leave a comment down below.

Pause Windows Updates

Pause Windows Updates with a tiny script

Posted on by Martin Brinkmann

While it is generally recommended to install Windows security updates, there are situations that make you want to postpone the installation. Maybe it is because of another faulty update that Microsoft released, a bug that you already experienced after an update was installed on your system, or just the desire to keep the PC running for a long period without forced update reboots.

Quite a few solutions exist that let you toggle the functionality using applications or scripts. Sordum’s Windows Update Blocker is just one program that you may use for the purpose.

And now there is also Pause Windows Updates. It is a tiny open source script that you may run on your Windows PC to pause updates.

Here is how it works: run the script after you have downloaded it and accept the security prompt to get a simple interface. There you may press keys on the keyboard to run corresponding actions. There are:

  • (1) Disable Updates
  • (2) Enable Updates
  • (3) Disable Microsoft Telemetry
  • (4) Remove Update Files
  • (5) Manage Update Service

Press the h-key to get information about each of the actions. When you select the disable option, all update downloading and installing is halted. This includes updates that are in the process of being downloaded to the system.

Any update that has not been installed fully at this point needs to be downloaded in its entirety again once you enable updates on the system.

Since it is a script, you may review it before you run it on your system. Just load it in a plain text editor like Notepad to do so.

Closing Words

Pause Windows Update is an easy to use option to block updates on Windows machines temporarily. Most users probably won’t need the script or similar apps ever, but there are situations where it may come in handy.

Now You: how do you handle updates on your Windows PCs? Do you let them install automatically or prefer manual control over updates? Any tools you use? Feel free to leave a comment down below. (via Deskmodder)

Windows 11: you can soon turn off one of the biggest Start menu annoyances

Posted on by Martin Brinkmann

If you’d ask me to name the most annoying feature of Windows 11’s Start menu, I’d probably pick the Recommended section. Here specifically the inability to remove it from the Start menu.

While you can configure Windows to stop giving recommendations, you cannot remove the then-blank section from the Start menu. That is, until now.

The Sherlock Holmes of Windows, Phantom of Earth, discovered that Microsoft has had a change of heart in the latest Windows 11 Insider build.

The hidden feature introduces major changes to the operating system’s start menu, including the ability to remove the recommended section.

Here is his post on X that highlights the change.

Here is how this works:

  1. Open the Settings on the system.
  2. Switch to the Start category.
  3. Disable “Show recently added apps”.

Disabling the option will remove the entire Recommended section of the Start menu, including the header that could not be removed previously.

Show recently used apps is going to remove Recommended in the Start menu. Source: Phantom of Earth

Here is why this is important. Up until now, Recommended would take up space in the Start menu, even if you did not use it. You could not use the space to display more pinned apps, which some users might prefer.

Phantom of Earth notes that there is another feature available now that complements the change. You may now choose to display “all pins by default”. You had to click on the All button up until now to display them all. The change places these icons in the area of the recommended section.

Closing Words

It is rare these days that I applaud Microsoft for the changes that it makes to the Windows operating system, but this one, albeit years too late, is a welcome addition.

Considering that it is currently only available in Insider builds, it may take a while before it lands in Stable. And yes, there is always the chance that a feature gets pulled again. Let us hope that this is not one of those cases.

Now You: do you use the Windows start menu or do you prefer to use a replacement?

Windows 11 is removing an option to bypass Microsoft account and internet during setup

Microsoft bringing a useful Windows Update feature to Windows 11, but restricts it artificially

Posted on by Martin Brinkmann

Microsoft’s Windows 11 operating system has its fair share of annoyances. From mediocre apps, Telemetry and ads to other design decisions that seem to serve Microsoft more than the users of the operating system.

Windows Update and the requirement to restart the PC to install updates is certainly on the list of some users. Especially the operating system’s habit of restarting the PC when it perceives it as idle needs to be mentioned. You find plenty of horror stories online about users losing work because of automatic restarts of their PCs.

Hotpatching

Microsoft created a solution for that some time ago. Hotpatching was introduced in 2022 for Windows Server. This allows updates to be installed without a reboot of the system. Unfortunately, this feature has been limited to Windows Server products up until now.

Good news is that Microsoft has finally ported the Hotpatch functionality to Windows clients, more specifically, Windows 11, version 24H2. Bad news is that this is limited to Enterprise clients at the time of writing.

Microsoft employee David Callaghan revealed the news on the company’s Windows IT Pro Blog. Hotpatching, according to Microsoft, offers several benefits over the traditional method of installing security updates.

  • Updates are applied immediately and not after the next reboot.
  • Security is always up to date.
  • Disruptions for users are minimized, as systems do not need to be rebooted anymore to install updates.

Note that some updates, feature updates or firmware updates for example, still require reboots. This is also true for what Microsoft calls cumulative baseline updates. These are released in January, April, July, and October of each year. They continue to require restarts.

The updates inbetween are hotpatch updates, which means that they do not require restarts.

In other words, four updates per year continue to require restarts, while the other eight cumulative updates of the year do not.

The big downside to the improvement is that home users and many small and medium-sized businesses do not gain access to the functionality. It is reserved for Enterprise customers (Windows 11 Enterprise E3, E5, or F3, Windows 11 Education A3 or A5, or a Windows 365 Enterprise subscription).

Another restriction is that the ARM version is still in public preview. It requires additional prerequisites, specifically a Registry Key needs to be set as outlined by Microsoft.

Closing Words

Windows is not the only operating system that requires reboots when updates get installed. It is still a major nuisance, especially if the system reboots automatically suddenly, which may lead to lost work.

A big MSEdgeRedirect update has just been released

Posted on by Martin Brinkmann

When Microsoft launched its Edge web browser, it used Windows to quickly push the usage share of the browser. One of Microsoft’s ways of doing so was to create artificial protocols in Windows that would open only in Edge.

Clicks on web searches in Start or news would always open in Edge, even if the browser was not the default browser on Windows.

The small tool MSEdgeRedirect was created to address this. The main idea was to redirect requests that Windows would push towards Edge to another browser.

There have not been any updates for over a year, but a new update just hit. Good news for users of the project, as it is improving the redirector in several ways.

Note: The open source program is still a beta officially. While it works well, you may run into bugs or issues using it. Also, Microsoft may change things and that may break functionality.

So, here is what is new in MSEdgeRedirect 0.8.0.0:

  • The minimum supported system is now Windows 10. Windows 8 is no longer supported.
  • Fixed Windows Spotlight, PDF file handling, some UWP apps no longer working in Service Mode.
  • New AI-less Google Search results option.
  • Improved news handler.
  • Adds support for –from-ie-to-edge and bing.com/WS/redirect.
  • Adds passthroughs for –user-data-dir and –win-session-start.

The update is a bug fix update for the most part that fixes some existing issues. If you use the tool already, you should upgrade to the latest version. That is, unless you still run Windows 8.1, as this is no longer supported. Oh, and Europe mode is still a thing, why not give it a try.

All in all, it is good to see that the project has not been discontinued.

Now You: do you use MSEdgeRedirect or have used the app in the past?

Firefox AI Summaries

First Look at Firefox’s new Link Preview feature with AI Summaries

Posted on by Martin Brinkmann

Mozilla is working on introducing link previews in its Firefox web browser. The feature is in testing in the latest Nightly version currently and includes support for local AI summaries.

The main idea behind the feature is to give users a tool at hand to check information about linked resources without visiting them directly.

Here is how it works: You hold down the Shift and Alt-keys on the keyboard and move the mouse cursor over links in the browser’s interface. Firefox displays a popup then that shows a preview image, the page title, and some basic information.

It uses AI, processed locally entirely according to Mozilla, to create key points that are displayed in the popup. This works for English webpages only at the time. Sören Hentzschel notes that you may add additional language support in the advanced configuration, but that the summaries are often in English.

The speed of processing depends entirely on the local system and its capabilities. I tested this on a fairly old computer and the processing took too long to be of use. Still, even without it, link previews worked quickly and reliably already.

How to enable the feature

You need the most recent version of Firefox Nightly, as this is only baked into Nightly at the moment. Note that the feature is in active development and that some features may be missing and that you may experience bugs while using it.

To enable Firefox’s new link preview feature:

  1. Load about:config in the Firefox address bar.
  2. Confirm that you will be careful.
  3. Search for browser.ml.linkPreview.enabled.
  4. Set the experimental preference to True.
  5. Restart Firefox.

Tip: you can add new supported languages to the preference browser.ml.linkPreview.allowedLanguages. Just append them. The default value is en. To add Spanish and Japanese, expand the string so that its value is en,es,jp in the end.

Again, languages other than English may not work overly well at this stage in development.

Closing Words

Firefox supports link previews on mobile already. You can long-press a link to get a preview. On desktop, users need to install extensions for that purpose, unless I’m mistaken (correct me please on this if that is the case).

The shortcut Shift-Alt is not overly elegant, but it works. The preview opens quickly and you get some information that you would not get otherwise, including the page title and a short description.

The AI summary feature did not work well on an older test system, but it may work better on modern hardware.

Now You: do you make use of link previews regularly or click on links right away all the time? Would you use Firefox’s new feature? Feel free to leave a comment down below.