Critical security bug in the font-handling in Windows 7 and above, but they’re only going to patch supported versions, so if you’re still running 7 or 8 and aren’t an Enterprise customer with an extended support contract, you’re pretty well fucked. Don’t ever open downloaded documents again, in any format.
The specific issue is in support for the long-abandoned Type 1 Multiple Master format from Adobe. This format predates Unicode font support, which tells you how long it’s been gathering dust with nobody supporting the code (except for some export tools to generate a standard family of Type 1 fonts by twiddling the available knobs).
Congratulations on completely destroying the sync ability of the iOS version of OneNote. Your mother must be so proud.
Update: Surprisingly, it still worked on my iPhone while being totally borked on my iPad. None of the fixes people have been suggesting in the forums (lots of people hitting this bug this week) fixed it. Failing to authenticate for sync has actually been an issue with the iPad version of OneNote for quite a while, but in the past, force-quitting the app was sufficient to fix it. It looks like a nuke-and-pave of the app is necessary but not sufficient; I’m not actually sure what eventually persuaded it to start working again, but I suspect it was the animal sacrifice.
An app whose functionality depends on reliable sync needs to sync reliably. I migrated everything over from Evernote and let my paid subscription lapse because they were ignoring the core functionality of “sync my notes between phone/laptops/tablets”. Your recent attempt to provide the (not-quite-the-) same (poor) user experience on all platforms is the sort of development diversion that cost them customers.
Oh, and if you really want to make the user experience the same, add the “Recent Notes” tab to the desktop clients. It’s one of the most useful features of the mobile clients, and completely missing on the full app. And bring the Mac client up to feature parity with Windows, maybe?
Update: Happened again on 6/6. I had to delete the app, re-download it, and then re-sync all my notebooks. WTF, MS?
Very rough at the moment, with lots of issues that make it an early Beta, but it was nice to be able to scp over the save-hacking bash script I just wrote and have it Just Work, including creating a symlink to the save directory used by the Windows version of the game so that I could easily go back-and-forth between editing and testing. The supplied version of Ubuntu came with an old version of JQ, but I just grabbed the latest Linux binary with wget and all was well.
I’m going to try to build a decent Perl environment with Perlbrew, so that it survives reinstalls and upgrades. Then I can have some fun. If they ever get the Japanese IME working with WSL (or more precisely, their console window), I can have real fun.
"It's taking a bit longer than usual, but it should be ready soon"
--- Windows 10 installer on a Lenovo S12
That’s what she (Cortana) said.
[Update 10/15: Ars Technica reports that Microsoft has called this a “mistake” and promised to fix it in the next update.]
I’d like to say a hearty “fuck you” to the person who decided that the optional update “Upgrade to Windows 10 Pro” should be selected by default. I caught it in time, but damn. That’s “anal probe with a rusty crowbar” behavior.
[Update: this isn’t happening to everyone, so I suspect the fact that this device is a Surface Pro 2 is the reason. They may pull this stunt on other users later, but someone likely decided that people who owned a Microsoft-branded tablet would be thrilled rather than appalled. They’re wrong, of course, since there’s no way to undo it and they removed full system backup/restore in Windows 8 (Acronis works nicely). They seem to think that their “system restore” functionality plus user-data backups is sufficient, neglecting the days of work it would take to reconfigure applications and restore data that isn’t covered by their partial backups.]
[Update: at this point, it looks like the auto-install kicks off if the background downloader has successfully finished copying the N-gig image to your hard drive. If you don’t leave your machine on unattended for long periods of time, you might not get the surprise for a while.]
I think I speak for every network manager and privacy advocate in the world when I say, “fuck you with a rusty crowbar”.
For those who don’t know, one of the features in the Windows 10 beta (and already in the field in Windows Phone 8.1) is WiFi Sense. The short version is, if you share your wireless access with someone, you’re now potentially sharing it with everyone on their contacts list from Outlook.com, Skype, and even Facebook if they link their accounts.
And the network owner can’t stop them from sharing the password, or even find out that it’s happened. MS offers only one way to prevent this from happening, and that’s changing your network’s SSID to contain the string “_optout”. (This article notes that Google has their own magic string to prevent your wireless from being mapped by their cars, so the new hotness is “_optout_nomap”. No doubt Apple will jump on the bandwagon as well, and next year it will have to be “_optout_nomap_nocandyfromstrangers”).
They claim it will only give limited access to all these strangers, and not let them see anything else that’s on your home network, but that requires that we not only believe that there are no security holes in a Microsoft product, but that the raw password is securely stored in three different online services and every stranger’s device.
The only real defense is to use WPA2 Enterprise authentication, which requires a Radius server. Unfortunately, a lot of consumer-grade wireless-only products won’t do that at all. Last time I tried to get a Kindle to use it, it detected it but never actually sent the username/password combination.
[Update: Microsoft’s FAQ for this misfeature includes the statement:
It can take several days for your network to be added to the opted-out list for Wi-Fi Sense. If you want to stop your network from being shared sooner than that, you can change your Wi-Fi network password.
Crowbar, Rusty. Rinse and repeat.]
[Update: just tested a Kindle Paperwhite against a WPA2 Enterprise wireless running TTLS/PAP user-based authentication. It sent an empty password, so no, you can’t protect your home wireless from Wifi Sense if you plan to connect common small devices to it.]