joe

joe

What is Cloudbleed?

A bug in Cloudflare’s code dubbed Cloudbleed has recently exposed confidential information such as messages from dating site, emails, healthcare information, and passwords for websites they host. On February 19th 2017, Travis Ormandy (security researcher at Google’s Project Zero) reported a bug in Cloudflare’s code. As of February 23rd Cloudflare has patched the issue and released an official incident report on their blog. Unfortunately the leaked data had time to be publicly cached in search engines like Google, Bing, and Yahoo, who have since scrubbed the leaked data. However other search engine caches such as DuckDuckGo, and services that mirror these public caches exist make it nearly impossible to delete the leaks completely from the Internet.

Who is affected?

In total there are 4,287,625 domains that are potentially affected by the Cloudbleed flaw in the five months (9/22/16 – 2/20/17) Cloudbleed went undetected. Affected websites include Uber, Yelp, OkCupid, Patreon, Digitalocean, Glassdoor, and Fitbit. A complete list can be found here. Additionally mobile security firm NowSecure has reported a list of 200 iOS apps that may be affected as well.

What can you do about the Cloudbleed bug?

It is highly suggested that internet users change the passwords to their accounts, especially if they use the same password across multiple sites. It is also suggested that two-factor authentication is used when available. Websites such as lastpass and 1password can be used to maintain secure passwords across all sites.

Who Killed Windows XP?

12 years. To a kid starting the 1st grade, they have 12 more years of school before they put on the cap and gown for high school graduation. To an astrologist, that’s how long Jupiter takes to complete one full cycle. If you’re Windows XP, 12 years is when big daddy Microsoft kicks you out of the house and cuts you off for good. You’re out on your own XP, and the world is a scary, cruel, and dangerous place.

All drama aside, there are very understandable reasons why some people are still running Windows XP. There’s the very legitimate business users who are stuck using the operating system to run some custom or discontinued software or hardware that just won’t work on newer setups. I feel for these people because they have a lot invested in their systems and sometimes it’s not possible to move on without spending a considerable amount of money. Then there are the people who bought a computer 10 years ago and it still works and they like it. Again, it’s hard to tell someone to replace something that works – It’s rare to buy anything that plugs in and will last more than a few years these days, so bravo to the person who’s able to keep their old computer up and running all this time. Regardless, the growth of technology just isn’t forgiving to any of us in these situations.

I wrote an article about kicking the XP habit 4 years ago when Microsoft ended mainstream support for it. It’s hard to believe that we find ourselves in a situation where as of February 2014, Windows XP is still running on 29% of the computers in world!

imgres

So, the big question is, what will happen after April 8th if you continue to run Windows XP? Well, not much immediately will change, so don’t panic – You’ve still got some time to act. The first change is that technical assistance directly from Microsoft will no longer exist for XP. According to Microsoft, your computer will become up to five times more vulnerable to security risks and viruses. The biggest change that will immediately affect consumers is that Microsoft will no longer offer their free anti-virus application Microsoft Security Essentials to Windows XP users. If you already have it, it should keep working, but Microsoft warns that it will only work for a limited time. Because Microsoft is no longer providing any form of support for it, manufacturers of hardware and peripherals will soon abandon writing XP compatible software drivers for newer devices.

Microsoft’s advice for action is to either upgrade to a new PC, or to upgrade your operating system if your current computer can handle it. If you’re planning to upgrade your operating system, you can download and run the Microsoft Upgrade Assistant to find out if your PC can handle the newer software. In addition to providing a full set of upgrade instructions, Microsoft is providing a free version of PCMover Express software to transfer your files and settings for you. If all of this sounds daunting, you can always contact us for help.

In all reality, getting an older machine upgraded to be able to run the latest version of Windows is not only time consuming, it might cost you almost as much as a new PC! Evaluate your needs – You might be better off moving to a tablet, or possibly a Chromebook is enough to meet your needs. Maybe now’s the time to splurge a little on a Mac. For businesses, if you don’t have a plan in place yet to move off of Windows XP, it’s something you really need to consider doing soon. Contact us today and let’s put together an action plan to keep your company up and running as safely and securely as possible.

Use Google Docs To Populate Your Holiday Card Mailing List

This morning I was trying to put together my mailing list for my family’s holiday cards. I didn’t want to go and contact every single friend/family member to ask them for their current address, so I decided to put the power of Google Docs to work for me.

Here’s the overview of how this works:
-Create a spreadsheet with headers for each element of the address (Name, Address, City, etc.)
-Generate a form that you share on Facebook, Twitter, email, etc.
-Download the populated spreadsheet as a CSV file
-Use the CSV file with Avery Design & Print Online to perform a mail merge and print mailing labels

1) Creating the Spreadsheet
First off, you need a Gmail/Google account. If you don’t have one, then go get one now. Once you log into Gmail, at the top of the Gmail interface click on the link to “Drive”. In there, click on the “Create” button and choose “Spreadsheet”.

In the first row of the spreadsheet, put the following titles in individual cells from left to right: “Name” “Last Name” “Street Address” “City” “Postal Code”.

2) Create the Form
Go to “Tools” in the spreadsheet’s menu and choose “Create a form”. In the new window that pops up, Give the form a title and fill out the description so that your friends and family know what the form is for. Next to each of the fields that we had generated in the spreadsheet should be a little pencil icon (you’ll have to hover your mouse of the field to see the editing icons). Make sure the “Make this a required question” option is checked for every field in the form, otherwise people will just hit submit without entering data and you’ll have a bunch of empty records.

Now when you go back to your spreadsheet, you’ll see a few changes – a Timestamp header has been automatically added in front of your fields, as well as a “Form” menu option. In the “Tools” menu, you might want to change the “Notification rules” to email you whenever a record has been entered.

3) Generate a CSV File
Once you have all of the data collected into your spreadsheet, go to the “File” menu in it and choose “Download as” and then “Comma Separated Values”

4) Perform a Mail Merge
You can feel free to perform the mail merge with an application like MS Word, but I’ve found that using Avery Design & Print Online is a simple and free solution. Just follow the instruction on their website and print out your mailing labels. It’s much easier than you think 😉

Windows 8 Is Here

Brace yourself, because Microsoft has released its latest flagship product and this is one that you will not be able to avoid for long. In its newest flavor of the Windows operating system, MS has decided to leap-frog Apple’s gradual convergence with its mobile device operating systems to give you a Frankenstein operating system that is initially just plain shocking.

I don’t plan on doing a comprehensive review of the software, you can find those here or here. I just want to give you my initial thoughts from the perspective of a consumer.

Since I deal with the end user primarily in this business, I decided to start my Windows 8 experience much like an average person. I didn’t test it, read reviews of it, or dig deeply into it at all prior to Friday’s release. I deliberately wanted to understand what you, my customer, may be going through.

I have deployed Windows 8 on a 5 year old Dell Optiplex 740 desktop computer that originally shipped with Windows Vista, was upgraded to Windows 7, and now has been upgraded to Windows 8. Not an ideal setup by any stretch of the imagination for most technical people. The common thought towards upgrades is that it’s better to do a clean installation than to do an upgrade. When I upgraded this PC to Windows 7, I was thoroughly impressed by how well it performed and it continued to run much better than it ran in Vista. Upgrading again to Windows 8 netted similar results. The computer works great. Could it work better if I started from scratch? Most likely, but my interest is in mimicking what a non-technical consumer would do, not what another techie would do.

Because I upgraded a machine with 5 years of history on it, the upgrade process took a while – a little over an hour in total from purchase to seeing the desktop. After answering only a few setup questions, I was ready to start digging in.

My first thought: Oh crap, a lot of my customers are going to be lost. There is no more start menu. Where are my application shortcuts? If I click on any of the default panels in the new interface, it wants me to sign in to a Microsoft account, then link other services to themselves, and then arrange them in ways that are not intuitive with a mouse. And if I click on something like the new Microsoft App Store, I can’t close it. It’s just there in full screen. I can open other stuff on top of it, but they never quit. I have to use the Task Manager to quit these new applications. Oh boy. I thought the operating system was called Windows, not Walls. The name of the operating system has lost all meaning with this new interface since Microsoft wants everything to work in full screen much like a cell phone or tablet. Maybe they should have renamed the operating system completely with Windows 8.

OK, well how to I navigate this thing? Luckily a Windows Explorer shortcut still exists in my task bar if I close the new Start interface by clicking on the Windows button on my keyboard. I notice that it has been re-branded to “File Explorer”, but it looks similar to Windows explorer with a Microsoft Office Ribbon interface at the top. This is a good thing. I’m a fan of the Ribbon.

But what about just starting an application? I’m not a big fan of desktop shortcuts, so I don’t have many. Where are my application shortcuts that were in the old Start Menu? Well, if you hover your mouse on the right corners of the screen with your mouse, a menu slides out. If you click on the Search icon, a full screen interface with all of my application shortcuts pops up. There it is! OK, I can handle that, and I do like using the instantaneous search function to call up applications. But the whole thing seems so counter-intuitive on a desktop PC. I found that using the keyboard shortcut of the Windows Key + F was the fastest way to get things done on Windows 8. Honestly, if you use this shortcut, you may find Windows 8 to be incredibly productive and getting things done will be faster than any other version of Windows for the average multi-tasker. That, plus the use of the Windows Key + Tab, which brings up the new application switcher, will tame the confusing new hybrid interface.

I still use Microsoft Office 2007 on this computer because I don’t see a valid reason for myself to upgrade to 2010. The good news is that it works perfectly fine in Windows 8. In fact, the only applications that were flagged as incompatible were my anti-virus application and my Brother printer software (which only needed to be re-installed). This is when I had the most interesting revelation about Microsoft’s new approach to security. When I went to install Microsoft Security Essentials as a replacement to my old anti-virus program, I was notified of this on the download website for Security Essentials:

Windows Defender for Windows 8 and Windows RT provides the same level of protection against malware as Microsoft Security Essentials. You can’t use Microsoft Security Essentials with Windows 8, but you don’t need to — Windows Defender is already included and ready to go. But if you’re looking to protect a PC with an older version of Windows, you can use Microsoft Security Essentials to help guard against viruses, spyware, and other malicious software. It provides free* real-time protection for your home or small business PCs.

So, as I understand this, I don’t need to install anti-virus software on Windows 8. At all. This is a huge deal. I’ve been a big fan of Security Essentials and if what they’re saying is true this is a huge win for consumers. Most average people don’t even know that Microsoft offers a fantastic and free anti-virus solution on Windows XP, Vista, & 7. Now it’s there right out of the box. Does this mean that PC vendors will abandon packaging terrible free trials of security software on PCs? Probably not, but at least when those trials run out, and the average person perpetually neglects to renew or replace it, Windows will still be secured to a certain degree by default.

Another positive change is that Internet Explorer 10 has the Do Not Track setting turned on by default. This pisses off internet marketers, but is a win for privacy. Also, much like Google Chrome, Internet Explorer updates and patches itself automatically without asking, which is a good thing. I’m still sticking with Chrome, but I know so many people still reluctantly use Internet Explorer. Microsoft is taking the browser wars seriously since the playing field has changed so drastically in relatively short period of time. Now they’re in competition with not only Chrome & Firefox, but mobile device browsers as well.

Overall, I do feel l like Microsoft has put a brand new facade over the already spectacular Windows 7. Finding things and getting things done using the previous philosophy of finding an icon and clicking on it will be maddening to most. Searching with the Windows Key + F method will redefine how many people use Windows on a traditional desktop or laptop PC. But underneath that, your old programs, printers, scanners, and such will work as they did before. I have yet to use the new Windows on a touch screen interface, and I imagine it will be a very different animal in that iteration. Will this marriage of old and new work, or will it go the way of Microsoft Bob? I would imagine that since Apple has been slowly migrating to a touch interface for it’s desktop operating system even though there are no touch screen enabled Macs yet, that this is going to stick around. It will be a rough start for Microsoft, who I feel have made a risky leap forward, but soon the traditional PC is going to fade from popular usage and Windows 8 may be the training wheels that get the masses there.

Movember 2011

Last year I participated in “No Shave November“, which was a fun way to spice up the month. Unfortunately, it didn’t mean anything! This November I’ve joined the local Movember team, which actually has a global movement behind it.

During November each year, Movember is responsible for the sprouting of moustaches on thousands of men’s faces, in the US and around the world. With their Mo’s, these men raise vital funds and awareness for men’s health, specifically prostate cancer and other cancers that affect men. Read more about Movember here.

So, if you want to help raise awareness about men’s health, or if you find the prospect of my hairy lip interesting, visit my Movember page and donate today.

Protecting Yourself On Windows

I received an email from the Post & Courier last week asking about a rise in malicious software infections in the Charleston, SC area. I let the reporter know that I hadn’t seen a spike recently, but that it’s more of a constant issue that customers call about. I also wrote up a summary of the things that leave people more vulnerable to viruses, trojans, & most other forms of malicious software. I thought I’d share that with you here:

The number one issue is that people are still using Internet Explorer. I can’t stress enough to people to please use Google Chrome instead. I used to be a big fan of Firefox, but in recent months it too has often failed on the security front. Google’s approach has been the most effective to date by keeping the browser in a virtual sandbox.

Consumers don’t update their software. Software companies are constantly patching their software against bugs and security holes, and many infections take advantage of holes that have already been patched – because they know that the consumer hasn’t applied the update yet! The bad guys prey on the fact that people don’t patch their computers because patching software is time consuming and confusing. Each vendor has a different method and they all want to do it as soon as you turn on your PC, so much so that you ignore all of them so you can just do whatever it was you sat down in front of your PC to do. It’s your responsibility to put some time aside each week to pay attention to those nagging updates and take the proper action on them. If you’re not sure about an update, then Google it and make sure it’s legit.

People trust their security software too much. The problem used to be that people wouldn’t keep their anti-virus software up to date, and their neglect would result in a vulnerable computer. I can tell you that every computer is a vulnerable computer! Malicious code writers have made a profitable industry for themselves and will continue to be a day ahead of the anti-virus software vendors. You need to be a bit more diligent when you click on anything at anytime. Read before you click and pay attention to what you are doing. Most of the infections are introduced by no more than old fashioned carnival tricks – they trick you into clicking, installing, and even giving over your credit card information! Trust no one and click wisely. Nobody is going to contact you on Facebook with a pornographic video starring you, so don’t fall for it!

Lastly, if you are using a web email client such as Yahoo Mail or Hotmail that displays graphical ads, ditch it. Move over to GMail. A large percentage of infections I have gotten calls about were transmitted through Yahoo or Hotmail. I have only once seen a GMail user get infected, and that was more of a case of “clicking on a link before thinking” issue. If you don’t want to switch, then try using a program such as AdBlock Plus to control the display of graphical advertisements.

And there you have it. I hope this gives you an edge on using your Microsoft Windows-based PC more securely.

New Rates Effective July 20th, 2011

I have strived for the past three years to keep my costs down so that I wouldn’t have to raise my hourly rate and have kept the same rate since July of 2008. The cost of living and doing business has unfortunately not slowed and it is time that I raise my rates.

As of Wednesday, July 20th, 2011 the hourly rate will be $95 per hour.

I am very proud of the service that Charleston Tech Support has provided, and even more proud of the relationships I’ve formed with my clients. Charleston Tech Support has been serving the greater Charleston area since 2006.

Now Accepting Credit Cards On-Site

As of today, we are using the new Square credit card reader to accept payment for service calls while at your location. This means that we can quickly and efficiently process your payment using a credit or debit card. We now accept Visa, MasterCard, American Express, & Discover.

Square charges 2.75% for each swipe, which will be factored into your bill if you choose to pay via card. We still accept checks and cash as well, and you can still pay via PayPal through our website.

Please Protect Yourself

This year, 100% of electrical surge related failures that Charleston Tech Support responded to were generated over either the cable (ie Comcast) or DSL (ie AT&T) lines. That’s right, not one surge came over the power lines and destroyed computer equipment for any of my customers so far this year. They have all come via an internet connection and there have been a considerable amount here in the low country. So, I wanted to quickly give you a pointer that will save you downtime and costly equipment replacement. Purchase a quality surge protector that filters your coaxial cable or DSL phone lines (depending on which kind of service you use as your Internet Service Provider).

Here is an example of a surge protector that protects no only the electrical outlets, but also coax, phone lines, and computer network cable (AKA Cat5 or Ethernet).

You can pick one of these up starting at about $20 (beware of really cheap ones). Check and make sure you have sufficient cable as not all of them ship with spare coax or phone lines – you may have to pick those up separately.

For maximum protection, I suggest you use a UPS instead of an ordinary surge protector. These will also protect your computer from file corruption due to improper shut downs in the case of power outages or dips in current. They start at about $50 and are worth every penny for your desktop PC as well as networking equipment. A pointer for properly using a UPS is to make sure you plug you computer into a receptacle on it that is labeled “Battery Backup”, as most consumer models have outlets that are surge protection only as well as battery backup ones. About half of the time I see these in people’s homes or businesses, they have the computer plugged into the wrong receptacle!

Keep your equipment safe and don’t forget to backup your data as well!