Though its still used on over half of all Windows-based computers around the world, Microsoft has stopped providing certain versions of Windows 7, specifically Home Basic/Premium and Ultimate, to computer manufacturers worldwide. Once the current inventory runs out, the only computers that can be bought with Windows 7 will be business-class machines (such as Dell’s Optiplex and Latitude model lines) with the “Pro” or “Enterprise” version installed. Everything else will be Windows 8 or 8.1 until Microsoft launches Windows 10 mid-next year.
What this means for you:
While it’s true that the average consumer may have trouble purchasing a Windows 7 machine for the foreseeable future, Microsoft has no intention of cutting off support for Windows 7 like it did for Windows XP earlier this year. There is still a very large base of enterprise installations running contentedly on 7 and some companies have only just recently completed their migration from XP! Microsoft will continue to provide licensing avenues for companies that need to expand their existing Windows 7 fleets, and most IT organizations appear content to wait to see what Windows 10 has in store for their companies as opposed to switching their operations to the much maligned 8.
All this being said, if you need a new computer, don’t let the lack of 7 or the presence of 8 deter you from a purchase. As mentioned above, it is still possible to purchase Windows 7 Pro machines, though they come with a premium price as compared to the cheaper consumer lines that sold with Windows 7 Home. If you can’t get a Windows 7 machine, consider shopping for one that has 8.1 (not 8), which has multiple improvements (mostly under the hood) over its predecessor. Be prepared for some transition pain – mostly in learning how to navigate Windows 8’s dual-personality interface, but once you get settled in, the experience will largely be the same as what you enjoyed in Windows 7.
Before the advent of computers and the internet, getting control of the “paper tiger” was a common topic of conversation, both in the home as well as in the office. While paper is still an issue, most of us are distracted by a new predator that stalks us: the never-ending stream of email. Properly dealing with an overflowing email inbox is easy to put off until another day, because, unlike paper, it doesn’t create a physical mess that is hard to ignore, but it will render email much less useful, and in the long run it can wreak havoc on your productivity.
For email to be an effective work tool, your goal should be zero unread messages by the end of each workday.
For some people who have an excess of 1,000 unread messages in their inbox at any given moment, this may seem unattainable, but “inbox zero” is achievable with a little work. It will take more than one clean-up session and it requires ongoing discipline to maintain, but the results are worth the effort. It also takes some amount of ruthless dedication focused on deleting messages that you haven’t read and probably never will. With this in mind, it is okay to leave some messages in an unread state, especially if they can’t be dealt with at that moment.
The “unread” status of an email is a marker for what needs to be handled every time you read your email.
With these two concepts in mind, here are five things you can do to achieve this objective:
- Set aside time during the work week for email “housekeeping”. Block out the time on your calendar if you have to, and if your schedule allows it, make it the same time each day. Different times of day and various amounts of time will work for different people, depending on your average email volume. If your load is heavy, you may want to consider bracketing your day with 30-minute sessions. Focus purely on email. Seclude yourself – close your door, put on headphones, forward your phone to voicemail, etc. – and ignore those other distractions.
- Set up automatic rules or filters to process non–urgent emails. This could be anything from system generated emails from various workflow platforms, receipts from online purchases, newsletters that you do plan to read (but see item #3), or mandatory distribution lists (some of this is unavoidable if you are in a supervisory position). You could even go so far as to automatically delete emails that you can’t avoid receiving and don’t necessarily need to read, such as automated responses, or out-of-office messages from folks who use it even when they are only out for the day or weekend. The ultimate goal is to reduce the number of emails you have to manually process during your scheduled email sessions.
- Unsubscribe from all those mailing lists. Yes, I know they are full of information and relevant to your interests, but having them pile up unread, week after week, is the digital equivalent of hoarding. If they were important to your job, they wouldn’t be contributing to an unread Mount Everest. If your unread count on any given list exceeds 5 or more, you are not likely to ever catch up, so delete them, and seriously consider canceling your subscription. It’s likely the list maintains an online archive in case you ever need to research something, so not getting it in email does not equal knowledge lost forever. At minimum use #2 to get them out of the way of item #1, and set up another rule to auto-delete after a certain amount of time.
- Separate work and personal email. Before the advent of mobile devices and webmail, this wasn’t too hard to ensure, as many companies just disallowed access to personal email. In today’s work environments, personal emails are literally a swipe or two away. Aside from obvious safety and security reasons (opening a strange email from a Facebook friend on your work computer is not a good idea!), disciplining yourself to not check personal email during work hours, and vice versa, will help keep you focused when working, and allow you to relax when you are not.
- Delete. Empty your trash can. The trash can is not a storage folder, it’s meant as a short-term safeguard to retrieve emails you accidentally deleted. Just like cleaning up around the house, the last task you should be performing in your email housekeeping is emptying the trash. It will help keep your inbox to a manageable size which is still important, even in the days of seemingly unlimited mailbox storage. Also, delete everything you don’t need to keep, especially old newsletters, automated emails, etc. If you delete while you read, you’ll get to inbox zero faster than you might think. Regardless of how fast computers actually are, important information can be found much faster when your CPU doesn’t have to wade through thousands of useless emails.
We have the entirety of humanity’s knowledge at the tips of our fingers, but if it’s lost in an inbox with 3,000 unread messages, it’s not doing us much good. These five tips are only baby steps towards processing the fire hose of information that is today’s internet-connected work environments. Managing your email will allow you to spend more time on the other things that aren’t so easily corralled, such as building a successful business and leading a fulfilling and stress-free life.
Image courtesy of cuteimage at FreeDigitalPhotos.net
In the ever-escalating cloud services arms race, Microsoft just trotted out a whopper of a one-up over just about everyone in competition: Microsoft’s OneDrive VP just announced on the OneDrive blog that all Personal, Home and Education Office365 subscribers will have access to unlimited cloud storage for no additional cost. Lest you feel left out in the cold, business subscribers, Microsoft has plans to extend your storage in a similar fashion in 2015. All a part of its master plan, Microsoft envisions a future where everything is done in the cloud, and they want to make sure you are firmly rooted in their ecosystem.
What this means for you:
Before you rush off to move all your files to the cloud as Microsoft suggests, you should consider the implications. Cloud storage of any type is a double-edged sword: on the one hand, once you get your data uploaded, you can (supposedly) stop worrying about mechanical failures, such as hard drive crashes and sending your USB thumb drives through the wash. Another great benefit is your data is essentially accessible from anywhere on the internet. Setting up technology to provide this type of of service is not trivial. Even when you are as big as JP Morgan, it’s still possible to misconfigure your servers, so having a provider who is (probably) an expert at this is better than trying to do it yourself, especially if your company can’t afford a full-time IT professional.
On the other hand, your data is now stored on hardware (and a service) over which you have very little control, and which requires an internet connection. There is also the possibility that your data could be accessed without authorization, either by hackers who manage to penetrate the services security, or by the provider itself, who may be subject to government subpeona, or even by a provider employee with malicious intent.
Given the two sides of this very sharp sword, one must make a reasoned decision about whether to employ cloud storage as part of your technology profile. The most important factor will be the type of data you are planning to store: if any of the alphabet-soup laws apply (HIPPA for example), you may be severely limited in what you can legally store on a cloud-based service. Even if the laws don’t seem to directly apply, consider the consequences if any of your data were to be exposed on the internet for anyone to see: would it be damaging to your business or your clients? If so, you may want to rethink whether the cloud is ready for you.
Several technology manufacturers, including Broadcom (whose chips you probably have in several devices around your home and office) are planning to release in 2015 chips for a new networking protocol called G.Fast which can push bandwidth transmissions on twisted-pair copper lines to near fiber-optic speeds of one gigabit per second. Throughout the US and many other developed nations with significant communication infrastructures, internet speeds aren’t limited by technology but by physical wiring. The most common form of internet service in the US, Digital Subscriber Line (DSL), is delivered via the same wires that provide basic telephone service, that were, up until now, limited in how fast they could transmit data mainly by what amounts to a simple (but hard to overcome) physics problem: copper wires are susceptible to radio-frequency interference from adjacent sources, including each of the strands in a single pair that delivers the signal.
What this means for you:
Don’t rush out to cancel your existing internet service. G.Fast isn’t expected to make an appearance until 2016 at the earliest, and providers will still have to grapple with an issue that they have faced many times in the past: the full, gigabit transmission speed of G.Fast is still limited by distance, with the last leg not exceeding about 160 meters before the speed drops off drastically. This means that ISPs will still need to install equipment proximate to residences and offices, something that is costly and time-consuming to execute, and very few ISPs (maybe with the exception of Google and their Fiber initiative) have demonstrated a willingness to pursue until they are forced to (see ATT’s GigaPower counter to Google Fiber). However, the fact that this technology can utilize existing wiring that is available in just about every building in the US means that getting to gigabit internet speeds might not require companies tearing up streets and hanging from telephone poles to string the more expensive cables needed for fiber-based solutions. And you can bet that companies like ATT and Verizon will seize on any opportunity to compete with Google, especially when they can spend less money to field a competitive solution.
Image courtesy of David Castillo Dominici at FreeDigitalPhotos.net
According to security and censorship watchdog Great Fire, the latest iPhone just made its debut in China, and already new owners are being hacked by what appears to be a state-sponsored “man in the middle” attack. Though there have been many other allegedly government-backed attacks on US-based companies, presumably for commercial or political gain, this appears to be aimed at gaining iCloud identities of its own citizens, and its hard to not draw a dotted line to the recent Hong Kong protests, images and news of which were widely disseminated by mobile devices like the iPhone.
What this means for you:
Unless you are a Chinese citizen that has somehow managed to find your way to this modest blog, this particular event won’t have much impact on you. The hack is actually being perpetrated by China’s “Great Firewall” and only affects a specific, Chinese-only browser called 360 Secure Browser made by a company called Qihoo. Use of this browser is apparently mandatory for all education institutions in China. Seeing as other browsers not under the control of the Chinese government like Firefox and Chrome appear to be unaffected by the hack, it’s hard not to jump to some obvious conclusions. While the more conspiratorial among you may whisper that the American government is only a few steps behind the Chinese in this egregious breach of privacy, it’s important to note that unlike China, US-provided internet is not gated by a single, government-controlled firewall like China’s Great Firewall, nor our are students and teachers mandated to run a (allegedly) state-backed browser. However, this does not mean you should be less vigilant in protecting your security and privacy, as its quite apparent that US agencies like the NSA have no problems snooping on its citizens anyways.
If you thought you had data breach fatigue, prepare to be exhausted this week:
- Hacker tries to scam Internet with fake DropBox password database – DropBox refutes the claim, noting the “proof of hack” provided consisted of known stolen passwords from other sources.
- Kmart Hacked – Undisclosed Quantity of Credit Card Numbers Stolen – Sears-owned retail outlet may have been a victim of known point-of-sale malware “Backoff”, says no identity info stolen, just credit and debit card numbers.
- SnapChat denies it was source of potential racy photo leak – Third-party addon app “SnapSaved” blamed for providing an avenue for hackers to save pictures from SnapChat. SnapSaved admits to security breach, but downplays claims that hackers could provide a “searchable” database of photos.
- NATO Summit Gets Breached by Russian Hackers – Hackers whom security analysts believe to be Russian exploited a Zero-day flaw in Windows operating systems through a spearphishing campaign targeting Ukrainian government workers, leading to breaches on government servers and probably information leaks from Summit proceedings.
- Google Documents Flaw in SSL 3.0 Protocol – Google documents a serious flaw in encryption protocol SSL 3.0, immediately removes it from Chrome web browsers. Though outdated, SSL 3 is still widely used as a fallback protocol when newer protocols fail to function.
- 850K Records Exposed in Oregon Employment Dept Website Breach – State-run website exposes personal information on hundreds of thousands of job seekers. No financial information was exposed, but leaked info could lead to identity theft.
First the country’s largest bank has a huge data breach, and now the nation’s largest bond insurer admits that it inadvertently exposed sensitive customer information through its website. As an example of the old maxim, “Man has no greater enemy than himself,” MBIA, Inc. allowed unfettered access to a subset of very sensitive customer information (think: customer names, account and routing numbers, balances and dividend amounts) via a poorly configured webserver that opened up this data to the general internet. Access was so unrestricted as to allow search engines to index up to 230 pages of information that also included administrative login credentials that could lead to much more significant security breaches throughout the MBIA infrastructure.
What this means for you:
Today’s technology is a resounding testament to how innovative humans are, but equally apt to demonstrate just how fallible we can be. In the digital world, a simple mistake can lead to millions being compromised in life-affecting ways. Most of you aren’t responsible for millions of customers or their data, but imagine if you had to contact your hundreds or thousands of customers with the bad news that “due to a configuration error” their data was leaked to the internet, and probably in the hands of cybercriminals. Whether it is thousands or millions, it would still be a nightmare, especially if your business isn’t big enough to be able to count on the data breach fatigue that has allowed Target, Home Depot and JP Morgan to sail past titanic failures in security. In the end, your security boils down to one thing: humans, not machines. Knowing this, you should always hope for the best (we will get better at this) and plan for the worst: we’re going to make a lot of mistakes along the way!
America’s biggest bank JP Morgan Chase announced last week that it was the latest victim of a major security breach. According to their regulatory filing, data from nearly 80 million customers was exposed in a successful hacking attempt earlier this year. Though the bank was quick to emphasize that our money and most sensitive bits of info such as dates of birth, social security, passwords and IDs weren’t stolen, names, addresses, emails and phone numbers were – all which could be used to facilitate an identity theft, but which aren’t considered protected or sensitive in most cases. While it’s troubling that the country’s number one bank got hacked, what’s even more worrying is that the media, the public, and even Wall Street seemed to shrug it off and carry on.
What this means for you:
Americans seem to be developing what some analysts are dubbing data breach fatigue: everytime we look up, yet another high-profile company or livelihood staple has been hacked. The list reads like a modern family’s honey-do list: Target, Home Depot, Neiman Marcus, EBay, UPS, Apple, Nintendo, Sony, Albertsons, SuperValu, CHS, etc. There have been nearly 600 data breaches reported this year, up 27% over last year, and we aren’t even done with 2014. Fortunately, only a small percentage of the total population have been negatively impacted in a signficant way, though most of us have probably had one or more credit cards get canceled and replaced for fraudulent activity. What this is leading to is the general perception that these data breaches are “bad” only in a vaguely annoying way, and there is not much that an average person can do to protect themselves, “Heck, if JP Morgan can’t figure out how to keep the hackers at bay, how can I ever stand a chance?”
While it’s true you can’t stop JP Morgan from getting hacked, you can make it harder for cybercriminals to hack you: don’t give in to the fatigue – make them fight for every bit they try to steal from you. Change your passwords regularly, and use unique passwords for your important accounts. Keep a close eye on your credit card statements and your credit history. Make sure your all computers you use have up-to-date and functioning antivirus software. Avoid email attachments and unfamiliar websites. What was once considered “paranoia-level” precautions are the new standard of online safety. Considering that nearly half of Americans adults have had some form of their personal data stolen through an online breach, it’s safe to say that “they” are out to get you – paranoia or not.
Obviously stung by the world’s tepid reception of Windows 8, Microsoft announced that the next version of their operating system will be skipping Windows 9 and heading straight to 10. The jump is meant to signify a considerable advancement in the base operating system: this version of Windows isn’t just an incremental upgrade or updated version of 8. Microsoft intends to unify the operating system across mobile devices and traditional workstations (much like Apple is attempting to do with iOS), providing app makers a simpler development environment and presumably a much larger market. Previously known as “Threshold”, Windows 10 won’t be available to the general public until 2015, but preview-builds will supposedly be available starting October 1.
What this means for you:
If you’ve been holding out on upgrading your Windows 7 machine in the hopes that something better than 8 would come along, your prayers (may) have been answered. Early reports suggest that 10 is a mix of the best of 7 and 8, though you may wonder what parts of 8 qualified as “best.” Most gratifying will probably be the return of the beloved Start Menu, but with an 8 twist – the ability to add tiles to the menu (like the ones on the 8 start screen). Another eagerly anticipated feature will be improved window management utilizing the poorly-documented “snap” features of 7 and 8, as well as multiple desktops (something Linux users have had for years).
How should you prepare for coming of the mighty 10? There are rumors that 10 may be free to current Windows 8 users, but Microsoft refused to confirm this. If you have Windows 8 and were contemplating downgrading, you may want to hold off just in the off chance you can get 10 for free. Early reports indicate that Windows 10 will have the same hardware requirements as Windows 8, so older hardware may be left behind, but anything made in the past 2-3 years should be fine. If you want prepare right now, a larger monitor may provide you with the most bang for your buck, as Windows 10 looks like it will make multi-tasking even easier. More windows open equals getting more done, right?
While the world is trying to mop up the mess that Heartbleed left behind, along comes another vulnerability that might be just as big. Dubbed “Shellshock” because it affects the Bash shell commonly found on Linux computers, and (this may surprise you) some Mac OS X servers. “Shells” are the technical term for the user interface of a computer, something you may know as a “GUI” (sometimes pronounced “gooey”, an acronym for graphical user interface). In this case, Bash is a text-based user interface that has been in use on Unix & Linux machines since 1989. What makes Shellshock so alarming is the ease of which could be exploited by hackers, the scope of hacks which could come from exploiting the weakness, and the number of machines potentially vulnerable to this bug.
What this means for you:
Unless you run a Linux or Mac OS X Server, most folks could be affected by this the same way they were exposed with Heartbleed – anyone who uses the internet has probably visited a site or used a service that is run on Linux-based webservers, and a large percentage of them probably use Bash. Security firms have already discovered attacks “in the wild” attempting to exploit un-patched servers, and due to the pervasive access a command line interface has to the computer’s operating system, any number of system compromises can be executed once the hacker has control of the Bash shell. In other words, if an internet service you use gets “Shellshocked”, any data they may be storing about you on their servers could be exposed. For now, unless you are a server administrator, there’s not much you can do, other than inquire with your critical providers whether they have taken steps to protect against the Shellshock vulnerability.