Windows 10: private app store for XLStyles Tool

I’ve received questions from a small number of users that have Windows App store disabled by their IT departments.  Microsoft fully supports private store app distribution for approved by IT apps. If you work in one of these locked down organizations, please encourage your IT to try these steps: Windows Apps store is by far much more secure way to distribute and seamlessly update modern apps. I’m posting this because someone just now chimed in and said that his IT department locked the app store distribution, but would allow him to run an exe. This is such backwards thinking. App store apps at the time of publishing are checked by Microsoft staff, scanned for viruses and are digitally signed when they pass pretty stringent security, regulatory and quality criteria. We need to collectively do some IT educating here – if they lock down the app store access, they definitely should invest in the setup of the private store for critical to business users app like the XLStyles Tool. Now, I don’t have the environment to test this out, so if you went through the steps in your org, please share your experience.  You are getting XLStyles Tool for free, so please spend  couple of minutes for the benefit of the user community to share your experience and important tips if you successfully setup you private store.

Posted in Computers and Internet | Tagged , , , , | 14 Comments

ImageShrinker updated in response to OneDrive restrictions

I received an e-mail notifying me that my OneDrive quota got reduced. I use OneDrive to securely distribute non-Microsoft store apps from this blog. It was time to do two things: 1) Complain to get the storage back. It is pretty lame to give and take it back especially when cloud storage is so cheap. 2) Dust off good old ImageShrinker and reduce size of my cloud stored pictures. I updated it in the process:

  1. Added higher resolution width option of 2048 (previously 1024)
  2. Added image folder drag and drop. No need to select the folder using file picker dialog, just drag and drop folder from file explorer
  3. Added tool tip to “Get Path” button to make it more obvious that there is drag and drop option in the updated app
  4. Improved error handling
  5. Improved dpi settings to get better compression

If you ended up in the same situation with OneDrive as me and have a lot of images there, you can shrink them without noticeable loss of quality using my app. I got on average 75% reduction in file sizes. Now I’ll be waiting for Microsoft to wake up and get loyal OneDrive users storage back.

Posted in Uncategorized | Leave a comment

Windows store app shows: “End of Central Directory record could not be found”

I’ve seen a couple of crashes captured in the windows app store telemetry over past couple years. No one has reported exact repro steps or provided even a slightest hint in the comments yet that may point to the root cause, so I decided to simulate the crash myself.  I didn’t succeed, but I did find out that in Windows 10 encrypted files (i.e., files saved with password to open) result in a message that doesn’t explicitly say that the file is encrypted.  In the WinForms app the message was “file contains corrupted data” and it was well documented on this site and the ReadMe file. If you see the message above in the app store app, remove the file password before running the file scan in the app.

If someone can get me crash repro steps I would very much appreciate it.  I want to know if this is the app, OS or something in the users files that is causing it.

Posted in Uncategorized | Leave a comment

2015 in review

The stats helper monkeys prepared a 2015 annual report for this blog.

Here’s an excerpt:

The Louvre Museum has 8.5 million visitors per year. This blog was viewed about 160,000 times in 2015. If it were an exhibit at the Louvre Museum, it would take about 7 days for that many people to see it.

Click here to see the complete report.

Posted in Uncategorized | 1 Comment

Windows 10 and SL5 version of the tool

I updated Azure hosted SL5 version of the XLStyles Tool couple of minutes ago to stop working on Windows 10 since it went RTM last week.  There are couple of reasons for it: Silverlight is not supported in the Windows 10 Edge browser just like it wasn’t supported in the immersive IE in 8.1 (makes it really confusing for the users), as unfortunate as it is SL5 is not coming back and I’m starting to look into potential modifications that may come from Office 16 and would like to focus on the most popular versions of the tools first. The app store version is optimized for Windows 8/8.1/10 experiences and actually looks pretty awesome in Windows 10.  Let me know if for any reason you want me to add SL5 version support back for Windows 10.

Posted in Computers and Internet | Tagged , | 26 Comments

Build Conference 2015 and Significance of Windows 10

I really wanted to make this post in time for the Build 2015 Conference that opens tomorrow in San Francisco. Windows 10 will be in the spotlight. Why is Windows 10 important? It is not about the new UI features and the return of the start menu for me. It is all about security improvements. I’ve helped numerous friends and family members over the years to deal with various types of malware. It made me learn several fascinating subjects in the area of cyber security. Windows 10 seem to be closing many of the security vulnerabilities and some of the well-known attack vectors. One of my FB friends got her PC user files fully encrypted by a malware couple of weeks ago. Someone on FB went as far as to suggest using Linux. I wanted to see for myself what was done in the latest Windows builds to mitigate the attacks. I spent a couple of weeks hammering on what I could find (it included the latest Windows 10 and 8.1 builds) using some well-known hacking tools. I would strongly recommend to anyone on older versions of Windows to upgrade if you care about security. For example, in-memory credentials theft using tools like mimikatz by total genius Benjamin Delpy is no longer possible unless you are explicitly enabling legacy providers on your PC. Windows 7 and even Windows 2012 Server (non-R2) still has in memory credentials vulnerability. The one vector that still worked on Windows 10 was PTH. I explored this scenario in depth. The scary part was that in one of the scenarios that I tried I re-set the test account password that I used in the session that I took over, but the token from a week old session still worked and allowed me to access resources available to that account. This last attack requires administrator privilege though. If someone gets privilege elevation and admin access it is pretty much over for the local machine anyway. I’m sure there will be PTH defenses for the networked environments and will make another post when I will get more research done on this subject. PTH threat is still out there, but at least Windows 10 and latest builds of 8.1 make your credentials much safer. At least if you will run Windows 10 you will be sending script kitties to look elsewhere to practice their hacking skills.

Posted in Computers and Internet | Tagged , , , , | Leave a comment

XLStyles Tool store app works great on latest Windows 10 build 9926

I installed Windows 10 Technical Preview today and went through all XLStyles Tool usage paths. All issues that came up in the previous build have been fixed (e.g., file picker started working as expected, cancelling file open action no longer pops an error message, etc…). I haven’t found a reason to re-compile the most recent build of the app yet. Windows 10 feels very clean, fast and responsive.

Posted in Uncategorized | 21 Comments