Just when you think Microsoft might have its act together security-wise, some clever/persistent security researcher will do their damndest to shatter your fledgling comfort with the latest exotic bug. In this case, the bug has been around since 1997 – it’s so old it’s officially Bug #4 in Internet Explorer. As in the fourth bug discovered in Internet Explorer, ever. And never fixed! Sadly, this negligence has arisen as a critical security flaw in both Windows 8 and 10, and could lead to your Microsoft Live account being exposed.
What this means for you:
This flaw does not affect the following:
- Windows 7,
- Windows 8 or 10 computers attached to a domain,
- Windows 8 or 10 computers accessed via local accounts,
- Windows 8/10 users who do not use Internet Explorer, Edge or any version of MS Outlook.
The people who fall into #2-4 are what I would call a “select” demographic, which is to say that it’s more likely you are using Windows 8 or 10 with a Live account. Via trivial exploit, a hacker could obtain your login and a hashed version of your password, and depending on how complex that password is, that hash could be cracked in less than a minute, meaning your Live account is now fully compromised. In case you weren’t sure what Live accounts can do, they give you a wide variety of access to Microsoft services including OneDrive, Skype, MS Office, and XBox Live to name a few, not to mention your actual computer, should the hacker somehow gain access to your local network or the device itself.
Before you start panicking, there is a (relatively) simple solution: change your password and switch your Live account to use 2-factor authentication. This won’t change how you log into your computer, but it will force anyone trying to use your credentials elsewhere online from using them without that second authorization that 2-factor provides, even if they manage to steal your password again. To really circumvent this bug from impacting you, switch to using a local account on your computer, or to stop using IE/Edge and Outlook until Microsoft fixes this ancient, but dangerous bug.
Image courtesy of Stuart Miles at FreeDigitalPhotos.net
It’s time for Decision 2016, but unfortunately not the decision most of us would rather get out of the way to get on with our lives…or is it? Microsoft is ending its year-long offer this Friday of a free upgrade for Windows 7 and 8 machines to Windows 10. Though I may say with no small amount of sarcasm that I’m surprised more people haven’t taken advantage of this offer (or been taken advantage of, depending on your vantage point), Microsoft is sticking to its guns and after Friday, Windows 10 Home upgrade will be $119. And the decision, in case it hasn’t already been made for you (sound familiar?), is whether or not you should upgrade to Windows 10. With nearly a year of watching people being flung into the upgrade abyss without warning, my answer hasn’t changed, and the release of the cost of taking the free road makes it easier for me to explain why. For every single trouble-free upgrade I’ve come across, I’ve come across 3 that are in varying degrees of dysfunction. If you like those odds, or value multiple hours of your time at less than $119, then push that button before Friday.
Dang it, Woo, why you gotta be such a Debbie Downer?
Windows 10 on a brand new machine runs great. It’s a nice evolution of the Windows operating system, and for the most part it runs just like Windows 7 with a little 8 for spice. The new OS isn’t the problem – the problem is your old computer and its years-old operating system. Even if it’s been professionally managed, kept squeaky clean and “barely used”, all Windows operating systems build up what I call “cruft” over time. With use, Windows computers builds up the technical equivalent of barnacles, but unlike ship hulls, we can’t dry-dock your PC and scrape it clean. If you want to upgrade your computer to Windows 10, the most trouble-free experience will only come if the computer hard drive is wiped clean and Windows 10 installed fresh. Even then, there are no guarantees that your computer (despite Microsoft’s insistence) is really ready for Windows 10. The most common, aggravating problems my clients have experienced have come from buggy drivers for their video cards, network interfaces and peripherals, as well as forced upgrades to Internet Explorer 11 which many times will render older corporate web apps unstable or unusable. The latter problem will be fixed (over time, maybe), but for some older hardware, there won’t be upgraded drivers, forcing you to upgrade the affected device, if you even can. Another inexplicable and (eventually) untreatable problem is a slow degrade in performance after your OS is upgraded. Windows 10 will run, but parts will frequently crash or just won’t open their interfaces. Your computer will take long pauses for no apparent reason, sometimes for Windows updates being applied with no notice, and many times just because.
If you really want to upgrade your computer to Windows 10, here is the recommended path:
- Backup your entire hard drive – sometimes called “imaging” or making a bootable copy
- Backup your data and settings separately.
- Make sure you have installation media/files for all your critical applications, including activation keys, codes, proof of purchase, etc.
- Let Microsoft upgrade your computer to Windows 10, and then activate your copy online when the upgrade is complete.
- Create Windows 10 installation media (either DVD or bootable thumb drive)
- WIPE THE DISK
- Reinstal Windows 10 from scratch
- Re-activate your install
- Restore your data and apps to your brand new Windows 10 computer.
- Have a much better day than your peers who stopped at step 4.
Image courtesy of Stuart Miles at FreeDigitalPhotos.net
Let’s face it: that shiny new computer you “just bought” doesn’t have the pep it used to have when you first bought it. Professionally-managed computers can usually forestall this degradation by several years, but all Windows computers, no matter how expensive or powerful or well-maintained (one does not necessarily equate to the other) will see a gradual performance decline with regular use. There are some obvious ways to put some zing back into the device – replace it with a newer one (a simple, if expensive option), or wiping out the operating system and starting over (not for technically disinclined) can restore it to a “fresh out of the box” level of performance. A more reasonable (and lower-cost) approach would be to do some clean-up and maintenance, both physical and digital on your computer.
Blow out the dust.
Most desktops and laptops keep their electrical components cool by blowing air across metallic heat-sinks. Over time, those components can become caked with dust, severely impairing their cooling capabilities. When your CPU runs too hot, your computer is smart enough to slow itself down to prevent the CPU from overheating and frying itself. As you can imagine, if your heat-sink can’t keep your CPU cool because it’s covered in a fuzzy sweater, your computer will be forced to run slower (or even shut itself off, in extreme cases). Desktops can usually be opened up and blasted with canned air for a thorough cleaning, but laptops aren’t as easy. While the laptop is on, use your hand to find out where the hot air is coming from, then turn off the device, and give that opening a puff or two from some canned air. Make sure you do it outside or somewhere with good ventilation, as a large cloud of dust will probably be blasted out. If you happen to have a model that is sealed or uses passive cooling (no moving air or parts), dust is not likely to be a problem.
Clean up that hard drive.
Just like your physical space, clutter and junk can ruin your computer’s efficiency. This particular maintenance task is multi-faceted, so make sure you check each of these areas:
- Scan for malware. Even though you might already have an anti-virus program installed, you should check at least once a quarter for viruses and other unwanted software (pop-up generators, coupon offers, etc.) using a program like MalwareBytes or RogueKiller (or both). You might be surprised by what they find. Many viruses are actually designed to run “under the radar” to remain undetected for as long as possible, and may have circumvented your antivirus to do so. Infections are a primary source of performance slow-downs.
- Remove “bloatware”. Even brand new out of the box, most name-brand computers come installed with what IT professionals call “bloatware” – software added by the manufacturer that is really there to sell you additional products or services. If your computer was procured by an internal IT department you usually don’t have to worry about factory-installed bloatware, but over time your computer can still accumulate it’s own set of software “barnacles”. Take a look at the “Programs & Features” control panel (Windows 7) and carefully remove any unnecessary programs. HP and Canon printers are notorious for adding a several arguably useful programs that will slow you down. Write down what you removed, just in case something you do need stops functioning properly.
- Ignore “PC Optimizer” software. Remove them if you installed them (see #1). Defragmenting your hard drive used to be an important facet of computer maintenance, but modern hardware and operating systems essentially obviate any degradation caused by fragmentation. The same goes for “registry cleaners”. At best, most of the “PC Optimizer” products out there are just scams, and a small number are actually malware in disguise. There are legitimate cleaning products out there that will help you maintain your computer (CCleaner is one of them), but the performance gains you will see are merely from clearing out the “digital gunk” that accumulates over time.
- Make sure you have enough free space on your hard drive. Steps 1, 2, and 3 may help you out quite a bit here, but if you are working with less than 15% free hard drive space on your primary drive, you can run into trouble and performance issues. Remove any unused or old programs, and archive old data to external storage. Windows is infamous for eating up drive space with temporary files as well. I recommend using a program like CCleaner to clean them up rather than doing it manually, as it can be tricky to find all the various locations Windows (and other programs like Internet Explorer) stash these files.
Free up RAM.
You may gain some RAM from getting rid of malware, fake optimizers and bloatware, but it also can come from closing out of applications that you aren’t using. Many folks either forget to close seldom-used applications, on top of keeping memory-hungry ones open all the time. Microsoft Outlook and Google Chrome are both memory hogs, and can soak up quite a bit of performance, even if minimized in the background. If you don’t need to keep an application open, “Quit” the app and check your RAM usage via Task Manager. If you’ve “trimmed the fat”, but you still have less than 20% of your total RAM free, you are going to see performance issues. Even though Windows 7 can run on less than 2GB of RAM, if you are multi-tasking power-user, you are going to need more RAM, and should consider some form of hardware upgrade.
Consider a faster hard drive, and/or install more RAM.
If you’ve performed all the above and still haven’t achieved the performance boost you were hoping for, but aren’t quite ready to spring for an entirely new computer, you may be in a position to upgrade your hard drive with a faster drive. In many cases, solid-state drives (SSD) can provide a significant boost in speed, especially in laptops, which might have started with a slower hard drive out of the box (usually for cost and/or battery-life considerations). This is definitely not an upgrade that can be handled by the average computer user, but even after factoring in the cost of the drive and the installation, may make more sense than a completely new computer.
Depending on the hardware and installed operating system, installing more RAM may be another low-cost way to breathe new life into your computer. In order for your computer to use more than 3GB of RAM, you must have an 64-bit OS installed, which isn’t always guaranteed, so make sure you can use it before you buy it. In many cases RAM can be purchased inexpensively, and installed quickly. Windows 7 and later really shines when you can give it more than 4GB of RAM, especially if you run RAM-hungry programs like Quickbooks, MS Office or any graphic-intensive application like the Adobe Creative Suite.
Do the math.
Before spending money (and don’t forget, time is money as well), it may be worth the effort to do some back of the napkin calculations on whether your time and money is better spent on trying to revive an aging computer, or biting the bullet and getting a brand new one. Though it has slowed somewhat, technology advancement is still accelerating, and each successive generation of computers are seeing shorter usable life-spans. Where 6-7 years before it may have seemed reasonable to get 4-6 years from a well-built computer, today you should expect a maximum of 3 years of optimal performance from the average laptop or desktop, and a sharp drop off in utility past that age. These numbers are considerably compressed if you work in an industry where change is constant (software development, content creation, customer service/retail) and maybe less constrained in industries that are a bit more conservative (finance, health, manufacturing). As a civilization, we are all becoming increasingly technically savvy and heavily reliant on the internet, which is advancing at a blistering pace. To stay viable in the market our tools need to keep that pace, and until there is a revolution in how computers are built, they will need constant upgrading and replacing for the foreseeable future.
It feels strange to be writing about Microsoft and not mentioning a security loophole or zero-day exploit, but it is the day before April Fool’s after all. Fortunately for the iPad faithful, this isn’t a prank. On March 27, Microsoft launched iPad versions of it’s most used office productivity applications: Word, Excel and PowerPoint, all of them available for free download through the App store. “What’s the catch,” I hear you say? You can use them free, forever, to view documents, but if you want to create or edit documents, you need to have a subscription to Office365.com, the minimum of which is $70/year.
What this means for you:
The lack of any official MS Office software may have been one of the remaining tenuous barriers holding the iPad back from a complete domination of corporate boardrooms. Long a favorite of executives but usually relegated to email-only roles because of this lack, Office for the iPad may allow the C-suite to completely cut the cord on any vestigial Windows laptops they have been “forced” to carry around to do anything other than reading emails. I also know a lot of road warriors who may view the new apps with a mix of joy and trepidation, as it will conceivably allow for more effective work-related use of their iPad on those cramped, coach-fare flights. The excuse of “not being able to edit that Word document during the flight because all I have is my iPad” just won’t cut it anymore.
In all seriousness, this also marks a significant change in vision for Microsoft, a company that up until the new CEO’s arrival, had been a company that always put “Windows first”, even when it may have meant losing marketshare, as it has for so long in the iPad space. It’s still too early to tell whether this change in corporate values will lead to other transformations and products for other platforms (Office for Android anyone?), but this is certainly a step in new direction for the company.
The winter holidays are upon us, and with them comes the shopping, traveling and general merry-making. Law enforcement is also warning about the increasing rate of smartphone thefts as criminals take advantage of the increased distraction, armfuls of packages and winter clothing to abscond with devices they know most people carry and use these days. Though you can do a lot to lower your profile as a potential victim, its an virtual guarantee that a certain percentage of you will have your phone stolen or lost, and aside from the loss of the device itself, your data could also be exploited to your further detriment if your device isn’t properly safeguarded against possible theft. CNET has a comprehensive article detailing how you can secure your data and increase your chances of recovering your iOS, Android or Windows smartphone in case it is stolen, but if you are in a hurry (and who isn’t, these days?), I’ll provide a summary of the basics below.
What this means for you:
For all phones:
- Use a pin, password, or fingerprint to lock your phone.
- Encrypt your phone data. iPhones and Windows Phones do this by default, but it must be enabled manually on Android devices.
- Back up your critical data, whether it’s contacts, emails or photos.
For iPhone Users:
- Disable access to any features made available through the lockscreen, such as dialing and texting via Siri.
- Set up an iCloud account and enable “Find my iPhone” so that your device can be tracked in case of loss or theft.
For Android Users:
- Disable access to lock screen features.
- Setup Android Device Manager and make sure tracking and control of your device is enabled.
- If you use a microSD card, be aware that it cannot be wiped remotely like the phone’s internal memory (but it can be encrypted).
For Windows Phone Users:
- Sit back and relax, as tracking is enabled by default and the lock screen doesn’t allow access to anything.
The article is really worth reading. If you truly are pressed for time, skip to the part that is pertinent to your specific phone platform. The author provides much more detail on how each tracking system works, as well as what the systems can and can’t do. It may mean the difference between having a happy holiday or a blue Christmas if (when) you get separated from your smartphone.
Image courtesy of Stuart Miles / FreeDigitalPhotos.net
Earlier this year, CEO Thorsten Heins of beleaguered tech company BlackBerry infamously stated, “In five years I don’t think there’ll be a reason to have a tablet anymore.” The press had a field day with this quote and the explosive growth of tablets in 2013 alone seems to be proving otherwise. As if to rub Mr. Heins’ and other tablet-doomsayer’s faces in it, October is seeing the launch of multiple new tablets, including new lineups from Microsoft, Nokia and Apple, all essentially debuting on the same day.
Apple dominated the American media on Oct 22 with the debut of “the lightest full-sized tablet” on the market, the iPad Air, weighing in at a diminutive single pound. It also updated the wildly popular iPad Mini with its high-resolution “Retina” display, bringing the 7″ tablet up to par with competing models from Google and Amazon. In an attempt to not be out-done (and sadly not quite succeeding in that effort), Nokia announced its first tablet today as well. The Lumia 2520 will run Microsoft’s Windows RT, a move that analysts questioned given the tepid consumer response to Microsoft’s tablet OS, but is not unexpected in light of the Redmond tech-giant’s recent acquisition of Nokia’s hardware business. Not wanting to be left out of the tablet party, Microsoft held its own midnight release event on Oct 21 at its retail stores around the country to celebrate the arrival of the Surface 2. Despite loud music, flashy displays and enthusiastic staff, the Surface 2 launch parties seemed to be (unsurprisingly) sparsely attended.
What this means for you:
If you’ve been holding off on buying a tablet for some reason, the market is currently overflowing with choices, and many of them are very strong on features and backed by staunch developer support and healthy ecosystems, notably the iOS and Android family of products. Though many are saying it’s too early to tell, the Windows RT and Windows 8 tablets have a stiff, uphill climb in the market, something that is keeping developers away from the OS, leaving Microsoft’s app marketplace relatively barren compared to the competition. There’s been a minor stir of interest in the Surface tablets from the arts industry, primarily because of the hardware’s robust pressure sensitivity, but unless you have a specific use case in mind, I’d steer clear of the Windows tablets for now. If you’ve been concerned about the size and weight of the 10″ tablets (very hard to use as bedtime readers or if you spend any time as a standing commuter) you can’t go wrong with a 7″ tablet from either Apple, Google or Amazon, all of which now feature high-definition screens, robust app stores and great portability.
One of the claims by loyal Apple fans is that the Apple desktop operating system is more secure than Microsoft Windows because they are affected by markedly less malware. This has more to do with the fact that virus-writers would rather spend their time creating malware for an OS that is much more widely installed and has many well-known security weaknesses and bugs to exploit, and less to do with any inherent security strengths in OS X.
Which ever side of the fence you fall on, Mac users have recently been falling prey to a new form of ransomware that is delivered via Apple’s Safari web browser. Affected users are displayed the usual threatening messages that purportedly come straight from the FBI, demonstrating “proof” that your Apple computer has been engaged in illegal activity. Users are given the opportunity to pay a “fine” which will supposedly allow them to regain control over their machine and remove the warning messages blocking their screen.
What this means for you:
If you are a Windows user, you’ve probably already seen this form of malware in action. The Apple variant is slightly less annoying than its Windows counterpart, relying heavily on “iFrames” to pop-up the warnings. Savvy Safari users can close these windows to escape the ransomware’s clutches temporarily (something that’s not possible on the Windows side), but should still reset their browser settings (FBI provides instructions here) to clear out any rogue alterations made, and then run a full anti-malware sweep to ensure they didn’t pick up anything else alongside of the ransomware scam.
As always, you should never heed instructions to pay a “fine” levied by some governmental institution via online method. Law enforcement agencies do not operate in that fashion. Regardless of the brouhaha ongoing with the NSA and the Prism surveillance, no government entity is going to handle illegal activity via automated fines, and especially not through dodgy online payment websites. Use your common sense. If you encounter this form of malware and are unable to fix it yourself, shut down your workstation and pick up the phone to call a professional.
Ars Technica is reporting that there was a significant increase in exploitation attacks over the weekend on a previously unknown vulnerability in Microsoft’s Internet Explorer, including the most recent version, IE9. What’s very unusual is that this vulnerability appears to occur in all major versions of Microsoft’s OS, including Windows XP, Vista and 7, and and uses the Adobe Flash Player plugin to gain a foothold on a user’s computer. This exploit has been able to circumvent most commercial anti-virus and anti-malware programs in use currently.
What this means to you:
On an Apple computer like an iMac or MacBook? Nothing you need to worry about – this exploit only affects Windows-based computers.
For all Windows users: Until Microsoft admits to, and then patches this vulnerability (so far they haven’t responded), and until the major anti-malware manufacturers like McAfee, Symantec, etc. can successfully detect and protect against this exploit, using any version of Internet Explorer will come with increased risk, especially if you surf to unknown or undocumented sites (ie. follow a link sent by a friend or co-worker, without knowing whether the link is legitimate). If it’s possible, I would recommend installing and using Google Chrome or Mozilla Firefox, at least until MS can patch this vulnerability.
- Make sure your computer has a working anti-virus program installed, updated and running.
- Avoid browsing websites with which you are unfamiliar.
- Stay alert for unusual behavior on your computer, such as sluggish performance, unusual pop-up windows and inability to surf to websites, specifically anti-virus websites and the alternate browser sites that I linked above.
Keep in mind, if your computer is managed by an IT department, using a browser other than IE may not be allowed, or, if it is allowed, Chrome and/or Firefox may not work with some of your company’s web applications, as many are designed and tested to work with IE only.