Shop Safely This Holiday Season!

BREAKING NEWS FLASH:  Microsoft’s Internet Explorer Has a Security Flaw! 

As Yogi Berra famously said, “It’s déjà vu all over again”.

This is not the first time and certainly will not be the last that Microsoft issues critical security bulletins and patches. This warning is particularly timely in light of the upcoming holiday shopping season.  According to comScore, online purchases during the 2011 holiday season topped $37 billion, a 15% increase over the previous year.  Forecasters are projecting growth of 12% or more in 2012.

One of the security bulletins released on November’s Patch Tuesday addressed multiple vulnerabilities in Internet Explorer (IE). For those of you who have not followed my recommendation to dump IE in favor of Google’s Chrome browser, it is absolutely critical to apply this update as soon as possible.   This is even more urgent if you plan to shop online next week and enter your credit card information.

To make sure that Windows (and IE) is completely up to date, take a look at my September post.  It outlines the steps to verify whether Windows Updates are current and how to ensure they are installed automatically going forward.

While you’re at it, take a look at my March 2012 blog post about staying safe online. There I touch on public wireless networks, antivirus software, applying Windows Updates and utilizing strong passwords.  I also discuss the importance of ensuring that a website is secure (https://) before entering credit card information.

If you want more details on the current batch of Microsoft Updates (or simply need help sleeping), take a look at the article in PC World or Microsoft’s Security Bulletins.

Stay safe out there.  Please contact me if you need assistance securing your system.

The Problems with Free Email

You finally made the jump from DSL to your cable internet service provider (ISP) and they offered a pile of “free” email addresses.  Awesome, right? Not so fast!

Before changing your address to billybob@coyotecable.com, there are a few things you should consider.

I work and communicate with a lot of people who took advantage of free email addresses provided by their ISP.  I always wonder what they will do when they decide to switch ISPs again to save a few bucks, improve their TV channel line up or escape a bad customer service situation.

Most of the free addresses in my area are with Time Warner Cable (TWC) or Bellsouth / AT&T.  In the last few years, AT&T’s U-Verse (TV/Internet/phone) has made a big splash in our market and lured away many long time cable and DSL customers.  So what happens with your Roadrunner email address when you jump ship?  I called the cable company to find out.  Unfortunately for cable customers, the email address goes away when you cancel cable.  Suddenly those free email addresses don’t look so free anymore!

Here are a few good reasons that using your provider’s free addresses is a bad idea:

  1. Portablility – as mentioned above, you frequently cannot take your email address with you when you leave the cable company for a new ISP.  A buddy of mine has moved from Chicago to New Orleans to California.  Each time he moves, his email address changes to the local cable company. I never know where to find him.
  2. POP – most cable companies offer very basic POP3 services.  In its most basic setup, any messages downloaded to Outlook or Outlook Express are removed from the email server.  Thus, if you want to look at your messages from another computer (at work) then you’re out of luck.
  3. Lack of features – many cable services offer email only.  While they have limited contact management features on their webmail portal, contacts don’t sync up well with Outlook or other mail clients. In the unlikely event that an online calendar is offered, it’s not very robust.
  4. SPAM – keep your email address long enough and you will eventually get so much spam that it’s tempting to abandon the account.
  5. Capacity – while some ISPs now offer larger email boxes, they have traditionally not provided a whole lot of capacity.  I recently looked at a business-class client whose ISP only allocated 100 MB to each mailbox.  That’s only about 20-25 photos of your newborn niece.
  6. Cost – “free” addresses are included in your monthly internet service bill.  However, if you jump ship to another company, be prepared to pay a monthly fee to maintain your old email address so friends, family and online retailers can find you. This, of course, assumes that you can keep your address at all. This happened to me when I left Mindspring a few years back.  I was able to keep the address for a monthly fee.
  7. Relay – Have you ever taken your laptop to a coffee shop or hotel and tried using Outlook or Windows Live Mail to answer your emails?  Incoming messages work fine. However, outgoing messages get stuck in your outbox and cannot send until you’re back at home.  This is because many POP3 accounts require authentication when a user is connected to a network outside of their home network.  This can be fixed with the right configuration.  Good luck setting it up so that it works right every time.

Back in the early days of the internet and email, I signed up for new dial up services every few months depending on who sent me floppy disks and a free trial.  I jumped from AOL to Prodigy to Infinet to CompuServe to WorldCom… It wasn’t a big deal because no one used email for important correspondence – just for forwarding jokes.

Changing your email address is not so easy today.  When you change your address, you not only have to notify friends and family, but also your customer accounts with Amazon, iTunes, ABC Bank, etc.  Changing addresses and logins tied to an email address can be a monumental hassle. As such, plan to transition to a new address over the course of several months.

What to use?

There are a variety of web-based email providers that are not tied to your physical connection.  Players include Gmail, Hotmail (now Outlook.com), Yahoo!, Netscape, AOL, Netzero, MSN, etc., etc., etc.  These are all free and will not change when you jump internet providers.

 Folks that know me and my love for all things Google will not be surprised to hear me recommend Gmail. There are a variety of reasons that I recommend Gmail including:

  1. Portability – since Gmail is web-based and not tied to your physical connection, there’s no need to change if you move your internet service.
  2. Web/cloud based – while it is possible to use an email client such as Outlook or Outlook Express, there’s no compelling reason to install anything onto your PC. Simply launch your browser and navigate to Gmail.com. If your hard drive crashes, there’s no need to worry about losing years of email, hundreds of contacts or your calendar. All of this information is stored safely in the cloud.
  3. Features – Gmail includes your email platform (complete with folder capabilities), a robust calendar system (allows multiple calendars and shared calendars) and a good contact manager. Additionally, Google Docs provides a web-based alternative to costly MS Office applications (Word & Excel).
  4. SPAM Filters – Google’s SPAM filters are phenomenal.  I have seen Yahoo accounts that receive SPAM 5:1 over legitimate messages.  On the rare occasion that SPAM gets through Google’s filters, I can flag it as SPAM and Google learns and prevents it in the future.
  5. Large capacity – the standard free account now offers 10GB of space – FREE.  That’s tremendous capacity.  I have used my Gmail account for almost 5 years and have only filled 31% of their generous allocation.  If that’s not enough space, purchase Google Apps for $50/year. They give you 25GB of space and a few other bells & whistles.
  6. FREE – yes, that’s correct.  It costs nothing.
  7. Relay – since Gmail is web-based you never have to worry about outgoing messages getting stuck in your outbox when you’re away from your home network.
  8. Mobile Sync – if you’re using an Android phone or tablet, simply link your device to your Google account and your email, calendar, contacts, cloud documents, etc. all seamlessly sync between Google’s cloud and your device. Apple’s devices sync well with your Google account too, once you configure the account properly.  Plus, when you delete or file messages on your portable device, they are synced with your inbox back at the computer and vice versa.  Blackberry?  Maybe.  Google has cooled to the BB platform, so support may be lean going forward.
One last thing to consider: Several free providers, including Yahoo and AOL, are tired of losing accounts to Gmail and have made it difficult to walk away from your account.  The most notable methods they use is to disable forwarding to another address and disable POP3 access.  This removes your safety net, since many people would simply keep the old account and forward it to the new account indefinitely. Yahoo will enable forwarding and POP3 if you pay them $20/year for a Premium account.

If you have an existing ISP email address and are thinking about jumping to another internet provider, it’s probably a good time to begin the process of closing your existing account and migrating to a new online account. I usually advise 3 months.

If your business is seeking branded email, we can help set that up as well.

Ready to make the jump but unsure where to start? Contact PartnerTechs for guidance and we will launch you painlessly into the 21st century.

 

Ready for Big Time Productivity?

In the past month, I have set up dual monitors for several clients.  A couple of these users had seen multiple monitors used by others and were ready to make the jump.  One user did not know it was possible, but has been blown away by his increased productivity.  In most cases, the users were non-technical and thought that multiple monitors were either costly to purchase and setup, beyond the capabilities of their existing equipment, or too difficult to use.  After experiencing their expanded screen real estate for a few days, they’re hooked for life.  

I have used dual monitors for almost a decade.  Not only does it reduce constant toggling between open applications (Alt+Tab), it also saves on paper usage.  Just think of all the times you have printed a document simply to transfer information from one page into a spreadsheet or document.  Imagine eliminating the printed page(s) and transcribing (or copying/pasting) from one screen to another.  I typically keep email/calendar open on the left (smaller) screen and spreadsheets or web sessions on the right (wide) screen.

Researchers are divided on whether productivity actually increases with extra monitors. A New York Times article cites several studies and academic opinions on the topic. Some academics think that multitasking kills productivity, while others laud the benefits of extra screens. At the end of the day it comes down to the type of work you’re doing, your work habits and your ability to efficiently juggle multiple tasks.

VGA and DVI PortsMost desktop computers include dual video ports – an analog VGA (blue) and digital DVI (white).  Laptops generally have a video port that supports an external monitor, although some Ultrabooks do not include external video ports.  Be sure you look at the ports available on your PC to make sure the display that you select matches up. Some monitors have both VGA and DVI connections, although the cheaper models will have only one.  Before you carry it out of the store make sure the box contains the appropriate video cable, otherwise you will have to make another trip.

Also, be aware that installing a second monitor can adversely affect your PC’s performance, especially if the graphics adapter is embedded on your motherboard.  When this is the case, the computer’s processor and system memory have to carry the load of two displays, so less memory is available for the operating system and programs to use.  You can avoid this performance hit by installing a graphics card with its own processor and memory.

Installing an extra monitor is usually as simple as connecting to the appropriate port on your computer.  Once the monitor is connected, you will need to enable multiple monitors in Windows, tweak the resolution settings for the new monitor and turn on Clear Type in order to smooth the fonts.  Instructions for these tasks are beyond the scope of this article but can be found here.   Installing a graphics card is a bit more complicated and beyond the scope of this article. Windows 7 display settings

Computer monitor costs have plummeted dramatically over the last few years.  Once a high cost item, a 20” monitor can now be had for about $100. In fact, CompUSA is currently advertising a 20” monitor for $79.97.  Larger 21” – 23” displays are available for $100 – $125.  When displays were expensive I used to get caught up on name brands.  At today’s prices who cares if you buy a monitor manufactured by Joe’s Computers and Hair Products?  If you cruise the monitor aisle at Best Buy, CompUSA, or Amazon you will notice that the big names like Samsung command premium prices.  However, to save money, look at brands you’ve never heard of such as AOC, Planar, and Hannspree.  At $99 for a 22” device, it’s not too painful if you only get 3 years out of it. And don’t waste your money on an extended warranty.  This is just a ploy for retailers to squeeze out a little more profit margin.

If you’re ready to make the jump but concerned about fouling something up, give us a call.  In most cases this add-on can be setup and configured in less than an hour.

Once you’ve installed the desktop expansion and had a few weeks to play with it, post a reply and tell us what you’re doing with all your new found spare time!

Microsoft Issues Critical Update for Internet Explorer

In case you missed my Facebook and LinkedIn posts over the weekend, Microsoft issued a Critical Security Bulletin on Friday to address vulnerabilities in Internet Explorer.  The security hole may allow remote hackers to access your computer and execute code on it. In other words: NOT GOOD.

If you regularly use Internet Explorer (IE) you should install the Microsoft patch without delay. If you don’t use IE you should update anyway. Either way, you should always make sure you apply all Windows Updates as well as updates for troublesome apps such as Adobe and Java.

If your computer is set to automatically install updates, you’re probably fine.  However, it’s worthwhile to check your system tray (bottom right hand corner of the screen) to make sure you don’t have any pending Windows Updates.

For more geeky details and analysis, take a look at this article in Information Week.

ADD ON:

After sending out this post, I received several responses asking how to verify that Windows Updates are up to date.  Here’s the easiest way to check and also set them to install automatically so you won’t have to worry:

Windows 7:

1. Start>All programs>Windows Update

2. At the top left of the Windows Update page click on Check for Updates

(this will take a few minutes)

 

 3. Once it’s complete, look for ‘Important Updates’.  If any are listed, click the ‘Install Updates’ button.  If there are none, you’re fine.  It will probably list Optional Updates, but I would not install those.

To make sure your updates are applied automatically in the future:

1. On the same page as above, click on ‘Change Settings’.

2. Under Important Updates, change to ‘Install Updates Automatically’.

 

Windows XP:

1. Start>All Programs>Windows Update

2. A web browser will open and navigate to the following page:

3. Click on Express and Windows will check for updates.  Once the scan is complete, choose Install Updates.  Once this is complete, the machine will likely require a restart.

4. To make sure that Updates are applied automatically going forward:

Start > Control Panel > Security Center > Windows Updates (select Automatic)

That’s it.

Stay safe out there!

Ken

 

For Whom the Bell Tolls: Microsoft Ending Support for XP in 2014

Microsoft announced in April 2012 that it will end support for Windows XP and Office 2003 in April 2014. This is certainly no surprise since the operating system will celebrate its eleventh birthday this October. By the time Microsoft ends support, it will have been on the market for almost 12.5 years — 2.5 years longer than the company typically supports an operating system (“OS”).

So what’s the big deal?  No one really uses XP anymore, do they?  As a matter of fact, XP has maintained strong market share despite the popularity and stability of Windows 7. According to StatCounter.com, Windows 7 finally overtook XP in the fall of 2011 – a full 2 years after Windows 7’s October, 2009 release. This is a pretty remarkable stat for a ten year old operating system that is 2 generations removed from Windows 7.  Windows 7 now holds a firm lead at 49% of the OS market with XP now trailing at about 31%, Vista at 8%, and Mac OSX at 7.5% .

Is it time to run out and spend $100+ for Windows 7?  Probably not, unless you have other compelling reasons (like Vista) to upgrade. You still have some time and there’s a good chance that you will decide to replace your aging computer between now and XP’s scheduled sunset in April, 2014.  After all, XP has not sold on retail shelves since late 2010, so your PC will be at least 4 years old by then.

For most people, migrating to a new operating system is a big hassle, but can be done over the course of a weekend.  An enterprise, however, can take 18 months or more to migrate to a new OS. About six months ago, an international law firm replaced all of their laptops and desktops across the firm.  Surprisingly, the IT staff decided to wipe Windows 7 from all of these new machines and replace it with Windows XP – quite a surprising move in light of XP’s advanced age.

In a world where online threats are constantly plaguing systems, and where hackers have successfully defeated Windows Updates digital certificates, it is critical to run an operating system that still receives updates – especially when that software company has a history of releasing operating systems with gaping security holes. You know those Windows Update notifications you receive several times a month?  Some of those make the system run a little better or tweak instability issues.  Most of the updates, though, patch security vulnerabilities that Microsoft has identified or that hackers have already exploited.  Thus, it’s pretty critical to abandon an operating system that is no longer supported.

If you decide to upgrade, should you wait for Windows 8, or choose Windows 7?  As much as Microsoft wants Win8 to set the new standard the way Windows 95 did, their track record is not so great. Most in the IT field will agree that every other major Microsoft OS release has been junk (Windows 95 [sure, it turned out to be decent after a challenging start], Windows ME, and Windows Vista were all stinkers).  Will Windows 8 break Microsoft’s trend of substandard operating systems?  I have a theory that they release bad operating systems to build demand for subsequent releases.  Plus, they buy time for hardware manufacturers to develop drivers for the new release and software developers to build compatible apps.

Think about Vista: I have seen plenty of Vista machines that became so corrupt or slow that it made more sense to simply erase the OS and reload.  In the likely event that the user lost their system installation disks or simply decided to pull the plug on a bad OS, they shelled out $100+ to purchase Windows 7.  Thus, Microsoft got paid when Dell, HP, and others sold the new computer, and MS got paid again when users became fed up with [insert crappy Windows release] and purchased a new retail copy.

Back to Windows 8, one major factor in Microsoft’s corner is their push to make a consistent user interface (UI) for desktop/laptop computers, tablets and phones the way that Apple has done.  One of Apple’s strengths is that the UI is consistent from their desktops/laptops to iPhones to iPads to iPods. No one else has mastered this yet:  Android’s UI on phones and tablets is consistent, but they don’t have significant market share in their ChromeBook category.  I don’t know if Microsoft’s UI is consistent from PCs to mobile devices because no one is buying them yet...  MS has only grabbed up about 2% of the U.S. smartphone market. They’re not winning any fans either, following recent announcements that the new Windows Phone 8 OS cannot be installed on existing Windows 7 phones… GASP!

If you listen to the Apple fanboys, the desktop/laptop era is dead and PCs will give way to tablets and handheld devices.  While reports on the death of the PC are greatly exaggerated, most industry experts believe that mobility is where the biggest innovations (and profitability) will be for the foreseeable future. Thus, Windows needs to get it right NOW with their mobile platform or cut bait. But I digress.

The bottom line on XP is that it’s time to start thinking about upgrading your business systems, especially if you have a large number of users still on XP.  It’s probably safe to hang on another year or two with your personal XP system(s) since you will likely replace those systems anyway. I certainly will!  To avoid major security issues, though, it’s critical to jump the XP ship when Microsoft pulls the plug in 2014.

I have no intentions of rushing out and upgrading to Windows 8 when it is released in late 2012.  If history teaches us anything, Windows 8 will be buggy out of the box and will emerge as yet another problematic OS that will ultimately be fixed by its successor, presumably Windows 9.  Windows 7 will become the new XP in that its solid performance, security and stability will make it a market leader for the next decade.

Share your thoughts and stories on XP or other Windows releases.  I would also like to know your predictions for Windows 8.

As always, if PartnerTechs can help you with your small business technology needs, please contact Ken Carmack.

 

6.5 Million LinkedIn Passwords Breached

This just in:  6.5 Million LinkedIn Passwords Were Breached

You may be thinking “what’s the risk?”  Big deal if some Russian hacker adds a Ph.D. to my name or a NASA internship to my resume.

But there might just be a big risk. If you’re one of those people that uses the same password for everything from online banking to your email account, then now is a great time to change your LinkedIn passwords.  If you haven’t changed passwords for other accounts containing sensitive data, there’s no time like the present to do so.

Take a look at the following article for details on the breach as well as some best practices for creating and managing passwords.

http://bits.blogs.nytimes.com/2012/06/06/linkedin-was-breached-now-what/

For more information on passwords, you can also take a look at my article on the topic.

http://partnertechs.com/2012/03/15/whats-the-password/

 

 

Flame Malware Spreading Via Bogus Windows Updates

I frequently chastise people for ignoring Windows Update messages and prompts to apply patches to other applications such as Adobe products and Java. The response I frequently hear is “How do I know if the updates are real?” or “Yeah, I keep putting that off”.

I’ve always assumed that when Windows Update pops up in the system tray (the bottom right corner of your screen) that the messages are legitimate and safe since digital certificates are used by the operating system to verify authenticity.

You may not have heard about the newly publicized Flame malware since it has not made a splash in the U.S… yet.  However it’s all the rage in tech articles and blogs lately.  The Flame malware has created counterfeit security certificates that fool Microsoft Windows into thinking that bogus updates are real.  If these “updates” are applied, your computer is infected.

Fortunately, security companies and Microsoft have jumped up and issued (or will issue) updates to protect against these attacks.  However, they’re fearful that the malware may have other exploits that they have not yet discovered.

What to do? Unplug your computers from the internet!

HA! That’s not really an option.  However, it’s now more important than ever to make sure all operating system updates and patches are applied, that your antivirus software and definitions are updated, you’re running approved firewall software, and that you apply all updates and security patches to applications such as Microsoft Office, Adobe products and Java.  If you’re not running antivirus software, find one.  There are plenty of free (and very effective) options out there. 

For more information, take a look at this article from PCWorld:

http://www.pcworld.com/article/256862/flame_malware_spreading_itself_via_bogus_windows_updates.html#tk.nl_dnx_h_crawl

Stay safe out there!

Ken

P.S. If you want to “geek out” and read more, take a look at the next articles.  While security firms are still wrestling with the code, so far they have found that Flame can monitor email inboxes, take screen shots of what you’re working on and even record conversations you’re having near your computer. It also exploits BlueTooth to spread to other devices. What’s really interesting is that this malware does not appear to be the work of bored teen geeks or crime syndicates from the former Soviet Union.  Instead, because it has to date targeted computers in Iran, security experts believe it was created as a cyber weapon by a nation-state.  Enjoy!

http://security.blogs.cnn.com/2012/06/05/decoding-the-flame-virus/?iref=allsearch

http://www.pcworld.com/article/256644/flame_cyberweapon_lurked_for_years.html