Microsoft officially released the Surface Pro 5 in June 2017 and continued selling it as a current model until its successor was released in October 2018. That means your Surface Pro is probably about four years old and should have plenty of useful life remaining. Alas, its 7th Generation Intel Core CPU isn’t on the list of Windows 11 compatible CPUs, which means upgrades via Windows Update are not supported and probably never will be.

If you’re willing to perform a clean install of Windows 11, you can boot from installation media and run Windows Setup. That option skips the CPU compatibility check completely.

To upgrade your system, you need to modify the registry, as documented in this Microsoft support document. (The usual warnings apply when working with the registry. Make a complete backup before proceeding.) Open Registry Editor and navigate to the following key:

HKEY_LOCAL_MACHINE\SYSTEM\Setup\MoSetup

Create a new DWORD value, AllowUpgradesWithUnsupportedTPMOrCPU, and set it to 1.

You can now perform the upgrade by downloading an ISO file, mounting it as a virtual drive, and running Setup from Windows 10. You’ll see a stern warning about compatibility issues, but after you click OK on that dialog box your upgrade should proceed without any serious issues.

1. Open Regedit by hitting the Windows key and typing regedit. Hit Enter to launch it.

3. Right-click > New > Key, and paste in this name: {86ca1aa0-34aa-4e8b-a509-50c905bae2a2}

4. With the new key you just created highlighted, again right-click > New > Key, and paste in this name: InprocServer32

5. Double-click the (Default) registry entry and then hit Enter without typing anything to set its value to blank. Before making this change, you’ll see under the Data column that it says (value not set), but once you hit Enter it’ll show nothing. 

The battle against ransomware is challenging because not only are ransomware attacks extremely disruptive, but in many cases, victims opt to pay the ransom demand for a decryption key – fueling additional ransomware attacks because criminals know they can make easy money. 

However, one scheme continues to take the fight to ransomware gangs and has now helped over 1.5 million victims successfully decrypt their machines without giving into ransom demands, preventing an estimated $1.5 billion from ending up in the hands of cyber criminals. 

The figures come from Europol on the sixth anniversary of No More Ransom, the European Union law enforcement agency’s anti-ransomware initiative.

First launched in 2016 by Europol, the Dutch National Police (Politie), and a handful of cybersecurity and IT companies with four decryption tools available, No More Ransom has now grown to offer 136 free decryption tools for 165 variants of ransomware, including GandCrab, REvil, Maze, and more. 

Over 188 partners from the private sector, the public sector, law enforcement, academia and others are now involved in the scheme, which continues to provide new decryption tools, with a portal available in 37 languages to help victims of ransomware attacks around the world. 

According to Europol, the scheme has helped over 1.5 million victims decrypt their devices without needing to pay a ransom for a decryption key. However, the agency is under no illusions that the battle is won, especially as ransomware not only continues to be a problem, but it also continues to become more dangerous and effective. 

“It’s up to us as Europol and other law enforcement agencies to keep evolving ourselves as well, rethink our strategies beyond No More Ransom. The No More Ransom platform is in place and hopefully it will stay in place for a long time as an answer to many of those scams,” said Marijn Schuurbiers, head of operations at Europol’s European Cybercrime Centre (EC3). 

Law enforcement agencies are also looking at new ways to stop attacks: that includes disrupting infrastructure being used by cyber criminals. Europol has previously taken action against cyber crime in this way. 

There are also actions which everyone can take to help avoid falling victim to ransomware. Europol recommends regularly backing up data on devices, so it can be recovered without paying a ransom, ensuring security software and operating systems are up to date with the latest security patches, and using multi-factor authentication to help prevent accounts being hacked and abused to help launch ransomware attacks. 

In the event of falling victim to a ransomware attack, Europol urges victims not to pay a ransom but to check the No More Ransom portal for help and report the incident to the police – because each report of a ransomware attack can help provide additional insights into how ransomware works.

It doesn’t matter whether you are working at the office or remotely, a high-performance network connection is vital to your productivity. This simple fact is why so many people working from home offices have opted to purchase high speed broadband internet connections. But getting the fastest internet connection does not guarantee a high-performance network—the are other factors to consider.

The default network configuration settings in Microsoft Windows 10 are notorious for being programmed to what are considered safe, stable values. Predictably, safe and stable does not always equal fast and high-performance, especially with regard to network connections. 

This how-to tutorial shows you how to edit the Windows 10 Registry file to change an obscure setting known as IRPStackSize. Increasing that parameter’s value should considerably increase the overall network performance of your Windows 10 personal computer.

Disclaimer: Editing the Windows Registry file is a serious undertaking. A corrupted Windows Registry file could render your computer inoperable, requiring a reinstallation of the Windows 10 operating system and potential loss of data. Back up the Windows 10 Registry file and create a valid restore point before you proceed.

How to improve network speed in Windows 10 by increasing IRPStackSize

The I/O Request Packet Stack Size (IRPStackSize) refers to how many 36-byte receive buffers your computer can use simultaneously. A larger number of buffers means your computer can handle more data simultaneously, which, in theory, should make your computer perform more efficiently.

While there is little official Microsoft documentation concerning this parameter, the default setting is 15, which is adequate for most normal speed (10 Mbps) network connections. The maximum number is limited to 50, and Microsoft warns that choosing values in the 33 to 38 range can cause stability issues. For our example, we are going to increase the value to 32.

Type “regedit” into the Windows 10 desktop search box and select regedit.exe from the list of results. Use the left-hand windowpane to navigate the Windows 10 Registry file until you find this specific key, as shown in Figure A:

Computer\HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\LanmanServer\Parameters

Figure A

For most users, there will be no entry for IRPStackSize, so we will have to create it. Right-click the Parameters folder (or right-click an open area in the right-hand windowpane) and select New | DWORD (32-bit) Value from the context menu. Give the new key entry the name IRPStackSize, as shown in Figure B. Note: The capitalization is vital to the success of this configuration change.

Figure B

Double-click the new IRPStackSize key you just made and change the value base to Decimal to make your life easier. Then, as shown in Figure C, change the Data value to 32.

Figure C

Click OK to lock in the change and then exit out of regedit. To finish the process, you will need to reboot your PC.

If you are connected to a broadband network with speed ratings exceeding 10 Mbps, you should see improved network performance right away. If you have a connection rating under 10 Mbps, you will likely see no benefit. However, if you have ever received this strange error message, “Not enough storage available to process this command,” then this change may solve that problem for you, as well.

After running the chkdsk, users would be presented with a Blue Screen of Death (BSOD) pointing to a NTFS_FILE_SYSTEM error. Microsoft has now acknowledged the problem in an update to the “Known Issues” for the KB4592438 update. “A small number of devices that have installed this update have reported that when running chkdsk /f,” Microsoft writes. “Their file system might get damaged and the device might not boot.”

According to Microsoft, a fix has already been rolled out automatically to non-managed devices. However, the company states that it can take up to 24 hours for the fix to propagate to all non-managed devices. If you’re in a hurry to get this problem fixed, Microsoft says that you can restart your device to expedite the installation of the fix.

“For enterprise-managed devices that have installed this update and encountered this issue, it can be resolved by installing and configuring a special Group Policy,” Microsoft adds. “To find out more about using Group Policies, see Group Policy Overview.”

If your system has already been kneecapped with disk corruption and you are currently unable to boot into Windows 10, Microsoft details the following workaround:

1. The device should automatically start up into the Recovery Console after failing to start up a few times.
2. Select Advanced options.
3. Select Command Prompt from the list of actions.
4. Once Command Prompt opens, type: chkdsk /f
5. Allow chkdsk to complete the scan, this can take a little while. Once it has completed, type: exit
6. The device should now start up as expected. If it restarts into Recovery Console, select Exit and continue to Windows 10.

It should be noted that your device will likely run chkdsk once again when you go through the above steps. However, rest assured that it won’t cause your machine fail this time around.

Following are 4 ways internet scammers are trying to get into our systems and ways to protect your organization and yourself.

1. Scam with a Familiar Name through Email

Phishers and hackers have become a lot better at copying email addresses and sending them in a way that makes them look legitimate. A familiar scam that’s been circulating lately is an email that looks like it’s from your parish priest. Typically, it’s a hastily written request for the recipient to purchase gift cards for sick hospital patients he is “visiting” or for a parish event like an upcoming auction.

Usually, “Bob” will ask the person to pick up some Google Play or iTunes gifts cards in various denominations, take pictures of the back with the PIN numbers scratched off, and have them email the information back to him. Unfortunately, this is a common scam that a lot of people fall for. Once those numbers are revealed and sent, funds can be depleted within a matter of minutes. Even if you were to discover the scam within a short period of time, gifts cards are typically non-returnable … and can be used by anyone with the PIN.

2. Payroll Scams via Email

Payroll scams through email are especially popular today. Using a familiar name but fake email address, the fraudster will ask someone in the finance department for their direct deposit paycheck to be sent to a new bank account and routing number, which is all supplied through email. However, you guessed it: it’s a scam.

You should never accept vital information sent through email, no matter how authentic it might appear. Always request a voided check and verify with each parish employee any changes to a paycheck, checking account, or financial institution. All it takes is a quick phone call or a stop at their desk to verify whether this is a true request.

3. Phishing Attempt via Text Messaging

Imagine that you just received a notification on your phone that “you’ve got mail.” Checking your email on the fly, you see a communication from your pastor, asking for a huge favor. They ask for your phone number so they can text you, and you send it. Minutes later, you receive a text message. “I’m in a meeting and can’t talk,” it reads. “I need you to stop at the nearest gas station. It’s important.” Congratulations — you’ve been phished.

Falling for this type of scam is even easier if you use your phone to check email, because it doesn’t automatically show the email address it’s sending from, just the name, which is easy to customize. And if your boss or pastor is a fast-paced kind of person, a random email from them isn’t that unusual. But even so, if you were to have followed instructions, you’d have ended up purchasing gift cards, and then asked to scratch off the back so you could send the details via text.

4. Phishing Attempt via Account Verification

It’s normal for employees, parish staff, and other organizations to send files back and forth through email. However, rarely, if ever, do these files require you to enter personal information in order to open them. A trending phishing scam is an email sent to a person with a PDF document attached. Using a simple message that conveys that this is an urgent request, someone clicks the link and is then prompted to enter their Adobe login/password to open the document. Unfortunately, you’ve been phished, and your personal information is now at risk.

If you’re like most people, you have a password that you use for multiple accounts. So if a hacker is able to guess even one password for one account, it won’t take long until they start finding more of your accounts and try that same password. In addition to not falling for this particular phishing scam, you should also be sure to use multiple passwords for various accounts and update them often. You should also consider a secure password manager, like 1Password.com or lastpass.com, which holds all of your logins and passwords in one secure spot, but also suggests better passwords and remembers them for when you need them. No need for post-it notes under your keyboard, multiple passwords that get forgotten, or a chance of one being guessed by a hacker.

Every day, you hear of a new internet scam. The best way to not fall for these scams is to remain vigilant, always verify, and always think before you click. For more ways to protect yourself, visit the Federal Trade Commission’s Consumer Information website for some great tips.

Staying safe on the internet means defending yourself against any and all scripts, plugins, applets, and pop ups that may appear. Here are five apps that can do just that.

Ghostery

Everything you do online is tracked—that’s just the way of the modern web. Sites use tracking to target ads, generate analytics, and track users in the name of a better UX, but they also result in a long, detailed paper trail of all your online activity.

Ghostery is a browser plugin that disables tracking functionality of most any kind and it’s super simple to use. It’s even available on Android and iOS as a standalone browser.

If you want to be sure targeted ads, location data, personal info, and other details are inaccessible to the places you visit Ghostery is for you.

Tor browser

When it comes to anonymity on the web there’s no better tool than the Tor browser. This self-contained browser uses The Onion Router, a secure way to redirect web traffic to a number of sources before routing it to its final destination. The end result is completely anonymized traffic—think of it as the money laundering of the data packet world.

You don’t need to be a nefarious hacker, government dissident, or drug smuggler to make good use of Tor. Installing the browser is a good idea for anyone who requires complete anonymity from time to time.

You don’t need to be tethered to your desktop for this level of privacy either. Tor offers browsers for iOS and Android too.

Adblock

While most tech professionals know better than to click on a banner ad, that wisdom isn’t universal to all computer users. It doesn’t matter which camp you’re in—installing an adblocker is a good idea if you want to maintain your privacy and anonymity.

Ad blockers like Adblock and Adblock Plus are both able to sift through the junk, but be warned: Many sites have developed tools to detect adblockers and block traffic unless the site is whitelisted. Ad blocking isn’t a catch-all solution for privacy but it is a way to minimize the clutter. You just have to use your judgement on who to block.

Privacy Badger

Privacy Badger is the Electronic Freedom Foundation’s take on a web privacy browser plugin. It’s actually based on Adblock Plus’s code, but is designed to go further by automating the whole blocking and filtering process.

When you install Privacy Badger it starts building a log of all the domains that feed you content on a particular website. If it starts to see similar ones popping up, which indicates tracking, it blocks them automatically. The more you use it the cleaner your browsing experience will be, at least in a perfect world.

HTTPS Everywhere

Also from the EFF, HTTPS Everywhere forces secure connections on any website which has the capability. HTTPS is almost necessary on the modern internet, but many sites which support it still default to unencrypted HTTP.

HTTPS Everywhere will add one more layer of security to your browsing experience, and all it takes is a couple clicks to install.

Good security practices start at the lowest level.

So what does this mean for your data if it’s something that can’t be stopped? Well, many of the best practices still apply. For instance, making sure you’re up to date on system and application patches, rolling out modern antivirus with malware protection that is both updated and that actively runs in the background, and performing multiple scheduled backups are good computing habits. Of course, staying clear of questionable websites and not clicking on links or attachments sent to you via email, social media, or just about anywhere are excellent safety guidelines to practice too.

But even with all that, you’re still susceptible to data compromise. So what’s next? Well, next might be RansomFree. This proactive ransomware detection application watches your computer for files being accessed and monitors their interaction closely to determine whether encryption is taking place. Using behavioral detection techniques, if RansomFree determines the behavior being displayed to be ransomware, it immediately halts the process and flags it, creating an alert onscreen. At that point, the user must authorize the process before it will proceed, according to RansomFree’s developer.

How does it do it?

The secret to RansomFree’s success is not in signature files similar to antivirus applications, but rather in how it detects ransomware-like behavior (e.g., the local encryption of user data). This makes the application good at doing its job, since all ransomware thus far has displayed the same characteristics regardless of its payload. Whether the attack is a Trojan, vulnerability exploit, or malicious code (aka file-less ransomware), RansomFree is designed to deal with the interaction of the file(s) with the system and bring it to an immediate halt once the behavior is classified as a threat and until the user intervenes.

While testing this application myself, I did find evidence of false-positives being detected when using some 3rd-party software. However, it would stand to reason that this is a real possibility, given that some applications offer the ability to encrypt single files they use, or in the case of 3rd-party encryption applications, as was my specific case. Either way, that would appear to me to be a small price to pay to avoid going through the removal and data recovery process in cleaning up a ransomware infection—or having to pay to get your data back and waste all the time that takes to complete.

RansomFree worked as advertised. It’s also small and runs largely in the background, checking processes for malicious activity. And did I mention that it’s free? Not for a trial period or pending an ongoing subscription, but as in free for personal and commercial use on both client and server versions of Windows operating systems. There’s really no excuse not give it a shot and let it work to stop a possible ransomware infection from occurring like it did in my tests. If you’re not targeted, you’d never know it was there—but isn’t it great peace of mind to have it on your side in the event of a breach? I think so. That’s why I’ve added it to my “fleet”of go-to software apps and installed it on all my personal and commercial computers and servers.

The most common ways for an attacker to make these attacks is with HTML in an email that you view or JavaScript in an email or website that you view.

Unfortunately, you cannot fully protect yourself against all CSRF attacks—those protections must be implemented by the websites and applications that you use. However, you can substantially reduce your risk of exposure to CSRF attacks by following these web security best practices.

These security practices are based on recommendations from the Open Web Application Security Project (OWASP) Cross-Site Request Forgery (CSRF) Prevention Cheat Sheet:

• Always log out of websites as soon as you are done using them, particularly any site that sends or receives payments or stores sensitive information.
• Never open email messages with attachments when you do not recognize the sender.
• Never open attachments that don’t seem trustworthy or that you did not request.
• Be suspicious of mass email messages that contain links, pictures, or attachments, even if they are from people you know.
  Email accounts can be compromised by a virus.
• Always keep your web browser up to date.
  Never use a browser that is no longer being updated by the developer. New security vulnerabilities are found regularly, and browsers must release regular updates to combat them.
• Do not allow your web browser to save any passwords or other login information.
• Do not allow your web browser to save your personal or financial information and fill out web forms with it.
• Do not allow any websites, particularly banking or shopping websites, to remember your personal information, including login information.
  Websites use cookies to remember you, and those stored cookies put you at risk for CSRF attacks.
• Clear your web browsing data and cookies regularly, preferably after each browsing session.
  Many browser extensions, such as Click & Clean, can do this automatically when you close the browser. The Click & Clean extension is available for both Firefox and Chrome.
• Use a browser extension such as NoScript (only available for Firefox), which blocks the execution of JavaScript on websites that are not on your list of trusted sites.
  JavaScript is the tool used in most CSRF exploits to execute commands without your knowledge.

JavaScript is essential for many webpages to function as intended, so NoScript will affect your browsing experience. However, it is a useful tool for reducing your risk of CSRF, cross-site scripting (XSS) and other common web exploits.

• Use two different web browsers: one for accessing sensitive information, such as shopping or banking details, and one for freely browsing the web.
  For example, consider using Firefox, which has NoScript and Click & Clean, for online banking, email, and shopping, and using a different browser, such as Chrome or Safari, for regular web browsing.

For more information about CSRF, see page 12 of The Ten Most Critical Web Application Security Risks from OWASP.

For more information about computer and web security, see the United States Computer Emergency Readiness Team (US-CERT) article on Securing Your Web Browser.