CredSSP encryption oracle remediation error when you try to RDP to a Windows VM in Azure

Scenario 1: Updated clients cannot communicate with non-updated servers

The most common scenario is that the client has the CredSSP update installed, and the Encryption Oracle Remediation policy setting does not allow an insecure RDP connection to a server that does not have the CredSSP update installed.

To work around this issue, follow these steps:

1. On the client has the CredSSP update installed, run gpedit.msc, and then browse to Computer Configuration > Administrative Templates > System > Credentials Delegation in the navigation pane. 
2. Change the Encryption Oracle Remediation policy to Enabled, and then change Protection Level to Vulnerable.

If you cannot use gpedit.msc, you can make the same change by using the registry, as follows:

1. Open a Command Prompt window as Administrator.
2. Run the following command to add a registry value:
   REG ADD HKLM\Software\Microsoft\Windows\CurrentVersion\Policies\System\CredSSP\Parameters\ /v AllowEncryptionOracle /t REG_DWORD /d 2

Scenario 2: Non-updated clients cannot communicate with patched servers

If the Azure Windows VM has this update installed, and it is restricted to receiving non-updated clients, follow these steps to change the Encryption Oracle Remediation policy setting:

1. On any Windows computer that has PowerShell installed, add the IP of the VM to the "trusted" list in the host file:
   Set-item wsman:\localhost\Client\TrustedHosts -value <IP>
2. Go to the Azure portal, locate the VM, and then update the Network Security group to allow PowerShell ports 5985 and 5986.
3. On the Windows computer, connect to the VM by using PowerShell:
   For HTTP:
   $Skip = New-PSSessionOption -SkipCACheck -SkipCNCheck Enter-PSSession -ComputerName "<<Public IP>>" -port "5985" -Credential (Get-Credential) -SessionOption $Skip
   
   For HTTPS:
   $Skip = New-PSSessionOption -SkipCACheck -SkipCNCheck Enter-PSSession -ComputerName "<<Public IP>>" -port "5986" -Credential (Get-Credential) -useSSL -SessionOption $Skip
4. Run the following command to change the Encryption Oracle Remediation policy setting by using the registry:
   Set-ItemProperty -Path 'HKLM:\Software\Microsoft\Windows\CurrentVersion\Policies\System\CredSSP\Parameters' -name "AllowEncryptionOracle" 2 -Type DWord

Firms 'ill prepared for IT failure'

Almost three-quarters of firms and public sector organisations across nine European countries may not fully recover their computer systems or data after an IT failure, a survey suggests.

The report by IT group EMC said 74% were "not very confident" they could fully restore their networks.

It also found that 54% admitted they had lost data or suffered systems downtime in the past 12 months.

A total 1,750 IT bosses in countries including the UK were questioned.

The other countries covered in the survey were Germany, France, Italy, Spain, Belgium, Netherlands, Luxembourg and Russia.

EMC said firms needed to put more focus on backup and recovery systems.

Its report found that the most common cause of data loss and downtime was hardware failure, followed by power outage and software malfunction.

COMPUTER SYSTEM FAILURES NEWS STORIES, ALWAYS ANALYSE YOUR PROJECTS.

BBC abandons £100m digital project 

The BBC has scrapped a £98m digital production system, which its director general said had "wasted a huge amount of licence fee payers' money".

The Digital Media Initiative was set up in 2008 but was halted last autumn having never become fully operational.

"I have serious concerns about how we managed this project," BBC director general Tony Hall said.

An independent review has been launched "to find out what went wrong and what lessons can be learned", he said.

The Digital Media Initiative (DMI) was intended to transform the way staff developed, used and shared video and audio material and was seen as an important part of a move of resources to Salford.

"Ambitious technology projects like this always carry a risk of failure," Lord Hall said.

"It does not mean we should not attempt them but we have a responsibility to keep them under much greater control than we did here."

WHAT WAS THE DIGITAL MEDIA INITIATIVE?

• The Digital Media Initiative (DMI) was designed as a production tool that would make BBC recordings accessible to staff via a desktop - from the raw footage right through to the final edit.
• Archive material would also have been accessible via the DMI, making it a one-stop shop for staff making TV and radio programmes.
• While it would have been available to both radio and television producers, DMI was primarily designed for TV output.
• Off-the-shelf production software like Apple's Final Cut Pro and Avid's Pro Tools are widely used by the rest of the media industry.

The contract to deliver the DMI was originally awarded to technology company Siemens in 2008 but was taken over and relaunched by an in-house BBC team in 2010.

Between 2010 and 2012, the project cost the corporation £98.4m. An internal review was set up in October 2012 after the BBC Trust expressed serious concerns.

In a letter to Margaret Hodge, chair of the House of Commons Public Accounts Committee, the BBC Trust's Anthony Fry revealed the project had generated "little or no assets".

"It is of utmost concern to us that a project which had already failed to deliver value for money in its early stages has now spent so much more of licence fee payers' money," he said.

"We intend to act quickly to ensure that there can be no repeat of a failure on this scale."

Mrs Hodge described the episode as "a terrible shock and clearly completely shambolic".

The corporation said the initiative had been badly managed and outpaced by changing technology, and that to carry on would be throwing good money after bad.

"It's struggled to keep pace with new developments and requirements both within the BBC and the wider broadcasting industry," Lord Hall wrote in an email to BBC staff.

Disciplinary action

"There are now standard off-the-shelf products that provide the kind of digital production tools that simply didn't exist five years ago.

"We will be looking into what has happened and will take appropriate action, disciplinary or otherwise," he added.

John Linwood, the BBC's chief technology officer, has been suspended.

In 2011, then director general Mark Thompson told the the Public Accounts Committee that the initiative was "critical" to the BBC's move to Media City in Salford and the establishment of new Broadcasting House.

"A lot of the future of the BBC is tied up in the successful delivery of this project," he said, at the time.

James Purnell, the BBC's director of strategy and digital, said: "In the future we are going to rely far more on off-the-shelf technology. We've messed up and we apologise to licence fee payers for that."

Yet he insisted the failed project was "the exception rather than the rule", citing technical successes such as the BBC iPlayer.

http://www.teach-ict.com/news/news_stories/news_computer_failures.htm 

24/05/13.

Effects of the Ban on Used Computers back in 2010 in Uganda, see the article below;

Majority of the Market players are Indians and they are bringing in refurbished. 

Whats does refurbish mean? renovate and redecorate.

Refurbished computers rather than New Computers or Used, but being original, the end users are suffering, daily breakdown, board failure, too expensive to mention but a few.

Ban On Used Computers Cause for Concern in Uganda

Computing:

Leading the fight against electronic waste which pollutes the environment in Africa is Uganda. The country has implemented a complete ban on the import of second hand electronics. But since the restrictive policy has slowly taken full effect, growing criticism from businesses as well as NGOs and consumers raises the question: who really benefits from the ban?

When the ban was implemented in May 2010, importers of second hand appliances were the first to cry out. And not without reason: the 'E-waste Special Interest Group' has estimated that 80 per cent of Uganda's 200 ICT enterprises have gone out of business or have been relocated since the ban.

This cost Uganda over a thousand skilled jobs and left former customers without a source of affordable IT hardware. Second hand appliances started running out and consumers, on their turn, started to raise their voices.

"When someone with little money asks me for advice on what computer to buy, I advise them to buy second hand," says IT teacher at Kampala's Makerere University, Richard Ssekibuule. "They're cheaper and better than new, unbranded ones. In many cases unbranded computers fail, because they have faulty components such as processors that didn't pass manufacturer's tests."

A second hand computer, costing about $200 (about Sh300,000), is within reach for the average Ugandan. There is a vast difference with unreliable unbranded computers, which sell for $600 to $800. Harboured in electronics are heavy metals like lead and mercury. These pose a danger to the environment and public health if they are not recycled carefully.