What should you do about “HeartBleed?”

The following was originally posted on the Shoreline Area News, March 13, 2014 as part of the Tech Talk series

Last Monday, news broke about a key vulnerability in the primary encryption method used to ensure the security of the web sites we use. If your eyes just glazed over during that last sentence, it’s time to put a pot of coffee and see why this is a potential threat for you…and what you can do about.

The Story and the Danger
If you do Internet shopping, banking, and web-based email, you have made use of a “https” connection. This connection, also known as a SSL/TLS (Secure Socket Layer/Transport Layer Security) connection is designed to insure the privacy and security of your interaction.

The key provider of SSL/TLS is OpenSSL, an open-source project. As a majority of web servers, routers, and other network connection make use of OpenSSL, potential for stolen passwords and other critical data is high, especially since software designed to exploit this vulnerability has also been discovered.

While the vulnerability is limited to a couple of recent versions of OpenSSL, the pervasiveness of the protocol improves the chance your information can be stolen and used.

How does this affect me?
Unlike the hacks at Target and other companies, this is not a localized threat. Using encrypted connections is at the heart of our Internet commerce and communication. Since we all use credit cards, communicate with banks, and share passwords and other personal data over SSL/TSL connections, that data could have been at risk.

The challenge in this case is that unless you encounter signs of theft (card card use, account hacking, identity theft), there is no way to determine whether your data has been compromised. In security blogger Brian Kreb’s story on this topic, he quoted Jonathan Sander of Stealthbits Technologies as saying, “Heartbleed is like finding a faulty car part used in nearly every make and model, but you can’t recall the Internet and all the data you put out on it.”

This sounds awful scary…
Yes, it does, largely because of the uncertainties involved. There have been a lot of people who manage web sites working very hard to correct this problem. Sites like Tumbler, Facebook, Instagram, Pinterest, Dropbox, Intuit (Turbotax, Quicken) and Google announced their sites are now patched to prevent future incursions. The Canada Revenue agency shutdown its taxpayer sites until servers could be patched or features with the vulnerability are disabled.

Other sites that have NOT be affected according to company statements include Twitter, Microsoft services, Paypal, Amazon, AOL, and LinkedIn. Most major US banks and brokerages, according to Mashable.com are also safe from Heartbleed attacks, as a number of regular retailers, including Target.

…but is getting better.
Over the last week, web sites that have been affected have been fixing Heartbleed so they are no longer vulnerable. A scan of the top 10,000 web sites on April 8th, one day after the public announcement showed 630 still vulnerable to attack. A follow up scan on April10th showed this number at 137. By the 11th, this was down to 104 sites. This is a service set up by Filippo Valsorda, an Italian security expert.

So, one part of this problem, current vulnerability, is being addressed, by most web site owners. That window of vulnerability is closing.

However, the danger isn’t over until you take some actions. After all, this bug was in place for two years and there is a chance that your passwords and other personal information have already been taken for use or sale. You now need to reduce your own vulnerability.

What should I be doing?
Be prepared to change passwords on the affected web sites…once you know that the site has been able to correct the problem. It’s important to confirm that the site is now safe before changing passwords.

Key questions to answer:

Determine if the web site is affected by the vulnerability There are a few ways to figure this out if the web site that concerns you was not listed above.

Look for a notice on your website regarding OpenSSL or Heartbleed. Search for news accounts of your site and press releases it might have made. Many sites have sent emails over the last few days advising their customers about the site’s vulnerability or need to change passwords. Check your Spam or Junk Mail folder in case the message was diverted there.
Besides Mashable’s list, you can look on this comparison list Filippo Valsorda built using his lists of the top ten thousand web sites to see if your web site was listed as vulnerable. Filippo has listed site that were vulnerable earlier in the week and whether they are is still vulnerable.

Lastly Filippo has a test site at http://filippo.io/Heartbleed/. If your site passes, it is either because the vulnerability has been fixed or it wasn’t affected at all.

Change passwords on any sites that you believe had the vulnerability once the bug has been eliminated. The point of changing passwords is to eliminate further access to information using passwords acquired prior to the bug being fixed.

Keep an eye on your credit and accounts. Since we don’t know who, if anyone , might be affected during the two years this vulnerability was open, it’s a good idea to watch your credit card purchases and account information a little closer. If unusual activity occurs, report it promptly to the institution or site account manager

Why this bug is called Heartbleed
The bug is based in an extension of OpenSSL called HeartBeat. HeartBeat. that keeps the secure connection active, even when no data is being transmitted. Heartbleed allows someone to eavesdrop on communications and even impersonate services and users.

If you are interested is in how something like Heartbleed works, this comic rendition by Randall Munroe of xkcd.com does a great job of explaining it.

How bad is this, really?

From the Internet perspective, this is pretty bad and a lot people have been scrambling about to fix things. From your perspective, it could be bad if you haven’t changed passwords on vulnerable site once they are fixed.

In the long term, this is probably just a glitch from which we all will recover. In the meantime, taking the proper precautions will help it stay as a glitch for you.

The 27.69 percent-ers: Surviving with Windows XP?

The following was originally posted on the Shoreline Area News, March 6, 2014 as part of the Tech Talk series

Last week, I shared a graphic on the current market share for desktop operating system.  Unfortunately, while the data I fed was accurate, the percentages listed on the chart were not accurate.  My apologies.

This discrepancy did not affect the versions of Mac OS X more than a percentage point (the subject of my posting), but it did skew the percentages of Windows versions.  Windows XP was listed at 24% and should have been 29 and a half percent.  Windows 7 should have been over 47% but ended up at 39%.  For the chart below, I updated last week’s worldwide usage chart to show March’s figures and the date of each OS release.

Errors or not, these figures do show there are still a lot of Windows XP users out there and Microsoft is ending support for the operating system in just a few days. It’s almost as if most of the townspeople of Windows XP has been evacuated to safer ground and nearly 3 out of ten folks have decided to stay in town..

Sticking It Out with Windows XP

(Illustration by Tony Auth)

There are a lot of reasons why people stay in their homes in the face of potential dangerA 2009 study in the journal Psychological Science of those who stayed in the Hurricane Katrina’s danger zone showed many of them felt they didn’t have a choice, either because of money, community roots, and other local considerations. While a Windows upgrade is not in the same league as Hurricane Katrina, many of the same motives keep people from upgrading:

Cost – While computer built in the last five years do well upgrading to Windows 7 or 8/8.1, computer sold in the first eight years are probably lacking in processor capability (single core), memory (one GB or less) or are simply too worn out to do an upgrade. That means buying a new computer. Though you can get a new and more advanced desktop system for same price the old one cost, it’s still an expense above and beyond others.


Dedicated Equipment – Some XP owners hang on to the OS because it is necessary to run older equipment that isn’t supported under a new OS. I have seen this in film recorders, plotters, or old printers. The reason is that the manufacturers of these devices either no longer exist to provide device drivers or they have chosen not do so. While Windows provides numerous ways through its Compatibility Mode or virtual machines to simulate a Windows XP environment for old software, a lack of available drivers can prevent an upgrade.

Fear and Uncertainty – The consequence of having an operating system around for 13 years is that people become unaccustomed to change in the face of all the other changes around them. For many consumers, Windows XP was the first operating system on their first computer. In that scenario, leap-frogging from XP over four versions to a different looking Windows 8.1 is terrifying. For businesses who spent thousands of dollars on the creation of internal business application around Internet Explorer 6 (Windows XP’s default web browser), the uncertainty and cost around retooling keeps the OS in business.

On April 8th, those folks staying in town with Windows XP will be tested along with users of Microsoft Office 2003 when Microsoft officially stops supporting these products. What can they do?

I talked a bit about this in February and have a few more insights today that might help the 27.69 percent-ers buy some additional time or at least put some plywood up for additional protection.


Things that will still work

  1. Windows XP will still be installable and automatically activated on a system
  2. Windows Update will still work and allow you to download currently available updates for Windows XP
  3. People who have Microsoft Security Essentials installed will still get anti-malware signature updates through July of next year.
  4. The Malicious Software Removal Tool will still download via Windows Update through July of next year.


Things that will no longer be available

  1. New Windows XP Security or software updates after April 8th
  2. Downloads of the Microsoft Security Essentials program itself.

Things that might help

While upgrading to a new version of Windows and purchasing a new system are still the best options, there are still individual things that can be done to reduce risk. While has been speculation about zero day exploits happening after April 8th.

  • Don’t access the Internet. Either unplug your network cable or turn off your computer’s wireless connection. If you must be online, don’t stay online more than necessary. Internet Explorer versions 6,7, and 8 for Windows XP will not be updated. You should download Google Chrome, Mozilla Firefox or Opera as they will at least be providing browser support on Windows XP for the next year.
  • Avoid using the system for email. Email is a common entry point for phishing attacks. While some people argue that web-based email is safer, systems still get infected my clicking on content in webmail.
  • Remove Java, if installed. Java has traditionally been an entry point for malware on Windows.
  • Keep programs like Adobe Flash and Microsoft Office up-to-date so they don’t become an entry point as well.
  • Avoid using removable drives. USB-base hard drives or flash drives are another common entry point for malware.

If this appears to be onerous or too-restrictive, you probably should look again at upgrading or a new computer purchase. It takes more work to stay safe in a tough neighborhood and the town of Windows XP is now in a real-tough neighborhood.

The Mythology of Macs and Malware

The following was originally posted on the Shoreline Area News, March 30, 2014 as part of the Tech Talk series

At Sunday’s Computer Q&A at the Commons, one of the participants shared her experience at a local Apple store while buying a new Mac. Multiple employees assured her that she didn’t need any anti-virus software. I was shocked that they told her the only reason they needed malware protection was if the system would also be booting Windows.

Yes, Macs can “dual-boot” between Apple’s OS X and Microsoft Windows if set up to do so. If you do that you should definitely add an anti-virus to your Windows installation if one is not already available.

However minimizing the risk of malware inflection on OS X itself is a kind of response I would have expected a few years ago, not in a contemporary Apple Store.

My Virus Roots
Ironically, the first virus I ever personally encountered was a Mac virus called WDEF in 1990. I was managing tech support for a small company making both Mac and PC software. Like most viruses of that period, WDEF’s primary goal was to simply keep replicating itself, hitching a ride on any available floppy disk to go to from Mac to Mac.

While WDEF did cause some specific Mac II models to crash, that was due more to bugs in the virus than any malicious intent. WDEF first made its appearance in 1989 amongst colleges and universities. It was accidentally shared through some disk-based computer magazines and some commercial software, including a version of Microsoft Excel for the Mac, released in 1990.

It made its way to our door through Grammatik, one of the first grammar-checking programs available for either the PC or the Mac. It was also easy to remove, thanks to one of the first commercial anti-virus programs available, Symantec AntiVirus for the Macintosh or SAM as it was more commonly known. This was about the time that Peter Norton’s company merged with Symantec but a good five years before Norton launched Norton Anti-Virus for Windows 95.

So Why Do People Think Macs are Immune to Viruses?
For people aware of the Mac’s viral past, they say that OS X’s multiuser functionality, improved component isolation and better security eliminated most technical concerns about viruses. Of course, that was the same argument used about the same time for Windows XP over earlier versions of Windows. While both OS X, Windows, and malware have continued to evolve, these opinions also continue to be shared as fact:

“OS X has fewer flaws than Windows”
A flaw is a general term, but if we narrow the definition to a vulnerability that can be exploited by malware, there are some good reasons why people might think this. Because of business customer needs, Microsoft has created a predictable and quite public monthly update time knows as Patch Tuesday to provide updates and security patches. This and regular press coverage of these security updates can give the impression of Windows as an extraordinarily flawed system.

Apple’s update and security patches are less predictable or publicized. Apple’s only security update this year was at the end of February. It lists 19 security fixes and one additional update for its Safari web browsers version to fix in recent versions of OS X. Microsoft’s total security updates this year for all Windows versions and Internet Explorer was two for January, seven in February, and four released in March, a total of 13.

“OS X does not get viruses like Windows does”
Yes, OS X does not have the same technical “attack vectors” (as security experts call them) that Windows has. However, there are many similarities in how malware can infect Mac and Windows systems.

Third-party components like Oracle’s Java or Adobe Flash have been a popular vehicle for Mac malware. Mac are the only OS with this problem. Most of Windows 8.1 security updates have been to fix problems with Flash.

Social engineering is a prime cause of inflection on both the Windows and Mac systems. Anti-virus software not only monitors system vulnerabilities but protects users who may be deceived into installing something unknowingly harmful. Some people have argued that adding an anti-virus to a Mac will lead to a false sense of security. Telling people that Macs don’t get viruses could have the same result without any protection.

“OS X is a less attractive a target as Windows because of its small user base”
It is true that OS X Mac users make up only about 7.5 to 15 percent of the computer market, depending on who is counting (examples, NetMarketShare, StatCounter). While Windows has a bigger bull’s eye for malware developers and distributers to hit, it doesn’t mean that Mac users are more secure.

Some Apple employees discovered that first hand in February 2013 when their systems were inflected through flaws in a third-party plug-in. As security expert Charlie Miller said at the time, “The only thing that was making [a Mac system] safe before is that nobody bothered to attack it. That goes away if somebody bothers to attack it.”

Last year at their Worldwide Developers Conference, Apple announced its Mac install base had grown to 72 million machines. Though still a low percentage of system overall, if a majority of that installed base is not using anti-virus protection, it sounds like fertile ground for an attack.

So what can you do to protect your Mac?

Start with a greater awareness of how your system can be attacked from a technical and social standpoint.

  • Update OS X promptly. Any system vulnerabilities for which Apple has released fixes need to patched as soon as possible. Otherwise Apple’s security update notices simply become a menu for how the bad guys can attack your system. If you are still running an earlier version of OS X, consider upgrading to Maverick as it will protect you better than previous OS version.
  • Update or Eliminate third-party apps and plug-ins. Old versions of Java and Flash provide plenty of opportunities for malware infection. If you need them for programs you run or websites you visit, update them. If you don’t, remove them.In addition, unpatched applications like Microsoft Word 2008 can be susceptible to “boobytrapped” documents. Documents of this type were circulated amid allegations of abuse in Tibet, Syria and East Turkestan in the last year.
  • Be mindful of what you install or consent to. With human factors a major input point for Mac malware, you need to be smart about your actions.Think twice about opening email attachments, especially if the sender is unknown to you or is something a known sender would not normally do.
  • Know what you are actually clicking on in an email message or unusual web link.
  • Avoid peer-to-peer networking connections like “torrents” as they can often contain malware.
  • Add an anti-virus monitor. As in Windows installations, these are free tools like Sophos’ Antivirus for Mac  or avast! Free Antivirus or paid versions like ESET Cyber Security or Kaspersky Internet Security. An added benefit of many of these tools is the ability to detect Windows –based malware and avoid passing them on to others.

Those of you who have heard me speak before on security know this is the same advice I share with Windows PC users. Since Windows and Mac users live in the same world, it makes sense to take the same precautions.

Even if statistically, Mac users are less likely to be infected, the distinction fades pretty quickly the moment you become that statistic. Protect yourself from that moment.

Making Email Work Best in a Mobile World

The following was originally posted on the Shoreline Area News, March 7, 2014 as part of the Tech Talk series.

Email used to be simple. Connect, access your email and disconnect. However as more of my clients access email between their PC, and newly purchased smartphones and tablets, they are discovering that the email access methods that worked well for their single PC or Mac are no longer adequate. What do we need to do to adjust?

Let’s start with a little history of email access.

The “Dial-up” Days
For many users in the 80’s and early 90’s, “connect time” meant either inconveniently tying up a phone line or expensive per-minute charges. So, Email servers used a “store and forward approach” to make connection time more efficient.

You would load an email application to retrieve email and store it locally on your computer. Any replies or new communication would also be stored locally and then passed to the email server then the next dial-up connection was made.

The process was pretty efficient with an online connection lasting only the period of time necessary to retrieve new messages from the server and send your outgoing messages.

This process is not unlike how “snail mail” is delivered from or sent to your local post office. Given that, it’s not surprising that this method become known as the Post Office Protocol (POP). Technically, POP only handles received email. To send email, we use another protocol, SMTP (Simple Mail Transfer Protocol), a topic for another time.

The latest version, POP3, is a very simple retrieval method that downloads your mail, deleting it from the server. Virtually all Internet Service Providers (ISPs) and major email services like Google’s Gmail and Microsoft’s Hotmail/Outlook.com support POP email access.

The downside of POP today is that it is designed for a single computer to collect your email. A Harris/Teamview study in 2011 found that 63% of people surveyed “use at least two computing devices” a week. The chance of losing mail between two computing devices is irritatingly high.

While POP lets you leave a copy of email messages on the server for another device to collect, that lays the burden on you to manage a lot of duplicate mail.

Always Connected and On the Web

“Webmail” eliminated local storage of email and allowed multiple computers to access messages through their web browsers. Hotmail’s and Gmail’s email web sites became a major draw for users, competing for awhile on how much web storage of email they offered.

Today, Outlook.com offers 5 gigabytes (GB) of storage initially but provides for unlimited expansion. Gmail combines email storage with Google+ Photo on the 15 GB offered free through their Google Drive cloud service.

The popularity of webmail as a service has lead ISPs to offer it for their own email accounts. Unfortunately, using webmail requires you to stay online all the time, something not be possible on wireless-only tablets between Wi-Fi hotspots. Smartphones can still stay connected through cellular data plans, it can be an expensive proposition for plans with limits on data usage,. Also, webmail sites are challenged by the need to accommodate a wide range of screen sizes…and users are often challenged by the results!

The Online/Offline Mobile Experience

Today’s email access needs the flexibility of being offline periodically and still be able view email, while creating new mail that can sent while online or held for the next online opportunity. It also needs to accommodate different screen sizes and be able to synchronize changes with the email server that other devices can see emails previously read/written. The most common solution is to reach back into the past and use IMAP.

IMAP – Internet Message Access Protocol has been around nearly as long as POP but uses a model that duplicates the email found on the server and then synchronizes any additions or changes made. Since IMAP or its latest version, IMAP4, is just a protocol, you need a IMAP-aware email program installed to handle your local mail management. Fortunately, there are many free or low-cost programs to handle this task on virtually any desktop or mobile device.

While IMAP is well-supported by email service like Outlook.com, Yahoo, and Gmail, it is less common among Internet service providers. Earthlink and Frontier don’t provide support. Through Comcast doesn’t promote it, they do have a sign-up site to convert your account to IMAP.

Syncing with EAS

Microsoft Exchange and Outlook.com email users have another email alternative, EAS. Exchange Account Service is the protocol originally designed for mobile devices but is now also being used in desktop.

EAS allows these users to not only synchronize email but also calendar and contact information. Users of Office Outlook may not know the name of the protocol but they may be familiar with the “Outlook Connector. ” The Connector uses EAS to connect with the Microsoft email addresses like @hotmail.com.

Google used to also directly support their Gmail, Calendar, and Contacts through their EAS-based Google Sync service. That changed last year when they restricted usage to Google Apps for Business, Government, and Education customers.

Windows 8 and 8.1 shipped with the Mail, Calendar and People apps that make use of EAS to connect Microsoft domain users. If you have an outlook.com, msn.com, hotmail.com or live.com user account, it is automatically used as a Microsoft Account in Windows, connecting you not only to mail, contacts, and calendar items but backup your account settings, and other information.

Mix and Match Your Email Options

What you choose to use with your PCs, Macs and mobile devices can be pretty individual, especially for the major email services. For example, you might use IMAP in the Mac’s Mail program to access Google Gmail. For your iPad, you can choose either the built-in Mail program or the official Gmail app in the in App Store.

The mix ultimately depends on your email provider and the email access they support, the devices you intend to use, and the email applications you prefer to use.The nice thing is that once you make set up these choices, email across your computing devices can work remarkably well…and accessing your electronic can become “simple” again.

When Text Size Varies and Defaults Don’t Apply

The following was originally posted on the Shoreline Area News, March 1, 2014 as part of the Tech Talk series.

A couple of weeks ago, I started talking about how to make text and objects on your screens more visible and usable. It’s a step in my personal campaign to have technology work to our benefit instead of us having to accommodate small screens, tiny pointers, and hard-to-read text. The basic changes we covered help in many cases, but not all situations. While application developers are encouraged to accommodate changes in font size and other options in their programs, it has taken many years for this approach to become standard practice.

Applications Which Make Up Their Own Rules
iTunes, for example, is notable for not following the font sizes you chose in Windows or on the Mac. While going its own way gives iTunes a unique look, it can also challenge those trying to see its song lists and sidebar. Those items shown in their default size can be challenging on a high-resolution screen.

iTunes 11 provides a minimal solution to this problem. For the Mac you can go to Preferences under the iTunes Menu. On the PC, it is either the Edit Menu in the application or the app’s general menu (). Once in Preferences, you can go to the General tab and click the check box to “Use large text for list views.”

When in Doubt, Just Magnify Everything!

If that adjustment isn’t enough in iTunes or the application you are using doesn’t provide any font size adjustment, there is a still a “fall-back” option. You can use the magnification feature in the operating system to magnify the display.

For Apple Mac this is called “Zoom” that can be turned on in Accessibility settings In System Preferences. Microsoft chose to make its “Magnifier” a separate program in Windows that can be launched through an icon or keyboard shortcut. Both increase and decrease the screen magnification by using keyboard combinations.

Apple’s tablets and smartphones also have Zoom capability as well as their competitors, Android, and Windows Phone.

With the exception of Windows Magnifier, these magnification tools first need to be switched on in their respective Accessibility or “Ease of Access” settings before zooming controls will work.

Expanding Your Web Browsing Experience

While complete screen magnification can relieve most screen “squinting,” it isn’t always the best viewing experience. An expanded view means that you have to move around to see everything, especially on busy web pages to find information or click links.

Fortunately, most web browsers provide ways to magnify and reflow page text and images. This is a much nicer way to display web pages, especially pages.

On the PC side, Microsoft’s Internet Explorer, Google’s Chrome, and Mozilla’s Firefox web browsers all use Ctrl+Plus (∪) and Ctrl+Minus (‒) to expand or contract text on a web page. If you prefer to use the mouse’s wheel, you can perform the same actions while holding down the Ctrl key and moving the wheel back and forth. Touch systems with IE and Chrome can also use two fingers stretching apart to expand or pinching together to contract.

For Safari on the Mac, it’s a similar keyboard combination for expanding/contracting, Cmd+Plus and Cmd+Minus. In the more touch-oriented iPhone/iPhone works, the stretch/pinch technique works fine in Safari.

Fortunately, browsers on most other mobile devices running on Android and Windows Phone also use stretching and pinching to enlarge or reduce text size on web pages. It’s nice to see this level of conformity across web browsers.   Now we just have to get other application makers to follow suit.

Playing with Your Sizing Options

Do you have applications with hard-to-read text or images?  If the techniques I laid out in my last article on this topic don’t improve the situation, check the application’s preferences or display options for ways to control the size of these items. Failing that, you can try these tips to improve your experience and reduce the discomfort of accommodating your technology.

“We’ve noticed you have a virus on your computer…”

The following was originally posted on the Shoreline Area News, February 22, 2014 as part of the Tech Talk series.

This week I had intended to follow up with part 2 of my exploration of how to make your computer adjust better to your needs. However, as they say in the news media: We interrupt our regularly scheduled program for this important announcement:




Seriously, hang up! They will be persistent and patient. They have been doing this for years. You will need to steel your nerves, abandon your usual phone etiquette and hang up without comment.

They were talking to my client a week ago when I showed up for our regular appointment. Relieved, she said to the caller, “You can explain all this to my computer specialist.”  They hung up the phone before I said “hello.”


The Sordid Truth
Have you guessed by now? She wasn’t called by anyone from Microsoft. That is because Microsoft never calls people out of blue to tell them they have an infected system.

It is and has been a scam going around since at least 2009. Microsoft does not send unsolicited emails either. What confused my client especially was this email:

From: Microsoft Corporation

Sent: Fri, Feb 14, 2014


Subject: Microsoft Corporation

This is to let you know that your computer has been sending us some error notifications as its been filled with a lot of junk programs which are malfunctioning with your computer from DELL and it may crash your system at any point of time.

Hence, you got a call from one of our representative.

Thank You.



I haven’t seen this wrinkle before. Normally these kinds of calls are more random. However this email is not from an official Microsoft support email address, contains grammatical errors and assumes that Microsoft’s error collection service (Windows Error Reporting) collects information that can be used to identify individual users.


How the Scam Works
The method is consistent. You are informed that Microsoft has received information that your system is infested with viruses or problematic software and the caller, identified as a support person from the Windows Technical Department Support Group / Microsoft Support / Windows Service Center or other appropriate-sounding name has been asked to help you.

Their actual goal is to collect more information from you, either by having you download remote access software so they can get into your computer or by having you share account or credit card information that they can use. If you stay on the phone with them but appear resistant, they will claim that “unless something is done soon, your computer will crash.”

Depending on the caller, they can become quite argumentative. During one of my calls, (I have had three), I explained that I used to work for Microsoft and knew they were a scam … and they still argued. As long as they have you on the phone, logic must be that you can be worn into submission.

We must getting a lot of these calls right now because A.G. Schneiderman, New York’s Attorney General, issued an consumer alert earlier in the week warning New Yorkers about the scam.

So Want Can You Do?
First, learn about this problem so when you receive the call, you can recognize the scam. Microsoft has information on this kind of scam and other common scams that use its name.

Second, know your computer and its current health so you won’t be vulnerable to this scam. Besides your regular anti-virus software, run a second malware scanner monthly or quarterly that uses a different engine and virus database to get a second opinion. Malwarebyes Free Edition, Kaspersky Security Scan and Trend Micro’s HouseCall are excellent free scanners for this purpose.

Third, spread the word about this problem to your friends and family. The chances of someone you know having this experience is high. Besides my client, two other immediate members of my family have had these calls.

Explain that if the scammer has gained access to the system, they should uninstall any remote software on the system added, run complete malware scans (See Step Two), and change any system passwords as well as passwords to financial or critical websites to avoid potential identity theft (more information). They can also file complaints with the FTC, and your state attorney general (WA state).

Fourth … when your turn comes and the “Microsoft” tech person calls for you … hang up!

Do you accommodate technology too much? Sizing up the options

The following was originally posted on the Shoreline Area News, February 15, 2014 as part of the Tech Talk series.

Cartoon - I'm fine!  This is just my computer face.
The tension is obvious. Head and neck pitched forward; shoulders hunched; brow furrowed, eyes squinting … all supporting the virtual manipulation of objects on a computer screen. I see it all the time, not just in client’s offices and home, but at internet-enabled cafes and in other public spaces. We work very hard to create, modify, read, and navigate our computers and mobile devices.

As a result, we develop CVS (Computer Vision Syndrome), a combination of headaches, eye and neck problems from staring fixedly at the screen. 90% of people who use a computer screen three hours or more are likely to experience these problems. Besides display-related problems, repetitive motions like typing and mouse clicking also take their toll in the form of Carpal Tunnel Syndrome and RSI (Repetitive Stress or Strain Injuries).

Most of the time of we work harder than we need to, accommodating how information is presented on the screen or how information is entered, instead of having the screen or software, or input devices accommodating us. It doesn’t have to be that way, because there are many ways to adjust existing settings to improve the experience.

Typical Icons sizes from 16x16 to 48x48 pixels

Making things easier to see

Most icons, mouse pointers, cursors, and text are too small to comfortably locate or understand at today’s high screen resolutions. Icons and pointers, for example are usually 16×16 or 32×32 pixels (picture elements). This was fine years ago on a 19” monitor with 1024×758 pixel resolution. However, a common scenario today is closer to a HD screen (1920×1080 pixels) on a 15” laptop. This reduces the relative size of these objects tremendously. Here are some ways your system can adjust this relative size.

Available Mouse Pointers in Windows 7

Change the size of your mouse pointer

Mac: On older Macs, go to Universal Access in System Preferences, choose Mouse and Trackpad. For newer Macs, locate Accessibility in System Preferences (or press Command-Option-F5, choosing Preferences) and select Display. In all cases, locate the cursor size slide control and adjust the slider to your desire pointer size.

Mac OSX Mountain Lion Accessibility Display Options

Windows: Choose one of the large or extra-large Schemes in the Pointer tab of Mouse Properties. In Windows 7 or earlier, you can quickly search for Mouse Properties by typing “mouse” directly in Control Panel (upper right-corner) or from the Start Menu. In Windows 8/8.1, use the Search charm to locate this Control Panel item.

Windows 7 Mouse Properties - Pointers

Change the pixel size or DPI (dots per inch) of your text and icons

Mac: Right-click on the Desktop and choose Show View Options from the menu. This will display a panel that lets you adjust both icons and text for the Desktop. There are also additional options for adjusting finder windows and applications.

Mac - Show View Option

Windows: Right-click on the Desktop and choose Screen resolution from the menu. Click on the link “Make text and other items larger or smaller.” The Control Page that displays will let you switch from the default of 100% to 125% or 150% (the last item only appearing on systems supporting at least 1200×900 pixels). You can also set a custom or larger size using the “set custom text size (DPI) link on the left side. For Windows 7 and later, this is consistent. The procedure changes for Windows Vista and Windows XP.

Maker Text Bigger - Windows 7

For Windows 8/8.1, these settings do not impact the new Windows 8 UI or apps. For those, go to Ease of Access in PC Settings at bottom of the Settings charm and turn on “Make everything on your screen bigger.” This option is disabled on displays less than 1024 pixels high.

Windows 8 - Ease of Access - Make everything on your screen bigger

Other sizing and accommodation alternatives

Of course, your web browser also has the ability to resize text on web page. We will explore some of those options next week.

April 8th – The End for Windows XP?

The following was originally posted on the Shoreline Area News, February 8, 2014 as part of the Tech Talk series.

Today marks the 48th-day countdown to a major event in the computer world. It’s not a major product launch or a new technical advance. “It’s the end of an era,” some say or at least, the beginning of the end <smile>.

On April 8th, Microsoft stops supporting Windows XP.

Microsoft has been promoting this day for years in the tech press, hoping to move businesses and consumers out of an operating system that launched the same year they launched the original Xbox game console, and were still working out an anti-trust agreement with the US Justice Department. It was 2001, the year of the 9/11 attacks and our entry into Afghanistan; the year Wikipedia went online, Apple started a music download service called iTunes and their first portable music player, the iPod.

Windows XP, despite its age, is still being used by 29% of Windows users, according to Netshare, so there is concern about what this move by Microsoft means. Here are some answers to the common questions I am hearing about the 12 year-old operating system.

Does Windows XP stop working on April 8th? Can I continue to install it or reinstall it.
No, Windows XP will continue to function and you can continue to install it on computers. Of course Windows XP has not been available as a new purchase with or without a computer for years.

Since Windows XP still requires activation to continue to use it within 30 days of installation, the online activation feature will still continue to function. What will not be available is activation through a phone call. Microsoft will no longer be staffing that service.

What does Microsoft mean by “end of support?”
End of support is defined in some detail for Windows XP on Microsoft’s Support Lifecycle page, but essentially it falls into Mainstream support and Extended Support categories. Mainstream includes free warranty support for a new product installation and other no-charge support options. For Extended Support, focus shifts to paid support, and free online support options.

At the end of Extended Support (in this case, April 8, 2014), Microsoft stops staffing support, as well as development and testing of updates for the product. While many of these free online support options like the Microsoft’s Download Center may still continue to be available, any active or staffed services related to Windows XP will not. Windows XP-specific support topics in Microsoft’s Knowledge Base will still be available on the web site, but no longer be updated or maintained.

Microsoft’s most utilized support service is Windows Update. WU provides product fixes and security updates to improve the system and keep it protected. End of support for most people means the elimination of that service. The implications of not receiving additional security updates is that Windows XP will not be protected from attack if there are vulnerabilities discovered after April 8th.

What are the dangers of going on the web with my Windows XP system after the 8th?
Without the protection of new security updates for Windows XP, the chance of a newly discovered security weakness being exploited by malware is very high. Some people are suggesting that malware authors will try to hold information back on vulnerabilities in order exploit them on Windows XP after the April date. Others speculate that Windows XP will simply become more vulnerable as time goes on.

While up-to-date anti-malware software will often catch viruses and other malware, a system update is the most effective deterrent against infection, data loss, or other consequences. For that reason, I recommend that you not connect a Windows XP system to the Internet after April 8th.

I need my Windows XP computer for Internet access to email and other web sites, what do I do?
I recognize this is a tough spot if your goal is to keep your existing computer running Windows XP. Aside from purchasing a new computer, you might also upgrade your system to Windows 7. Though less common today than a year ago, it is still possible to find Windows 7 available for purchase online. The key concern is whether your computer hardware will support a later version of Windows. Downloading the Windows 7 Upgrade Advisor can help you determine this.

While Microsoft is providing some customized options for large companies, the only other alternative is to purchase a new system. Fortunately, the average price range of a new PC desktop or laptop is about the same it was 10 years ago though the system has evolved in capability and capacity.

I am running Windows 7 but have programs running in “Windows XP Mode.” Does this impact them?
Windows XP Mode is the capability of Windows 7 to run applications that don’t work under Windows 7 itself in a “virtual” Windows XP system. As this is a complete Windows XP environment, that environment is also subject to the same lifecycle constraints as Windows XP on the standalone computer. If you truly need Windows XP Mode to run your program and do not need Internet access, I recommend going to the settings of Windows XP Mode (right-click on XP Mode in the Windows Virtual PC folder and chose settings) and under Networking, change Adapter in use to “Not Connected”

I heard that Microsoft Security Essentials for XP will also no longer be supported. Is this true?
Yes, but in April, the only restriction is that the Security Essential for XP program will no longer be downloadable. If you are current using Security Essentials on XP as your anti-virus, virus signature updates will continue to be available until July 2015.

Is Microsoft ending support for anything else soon?
Yes, Microsoft Office 2003, the last version of Office that doesn’t use the Office “ribbon” also reaches its end of support on April 8th. Many of the same security concerns about Windows XP also apply to this version of Office.

A Little White Lie Trips Up Apps

Author’s note: I recently started writing a tech column for an online community newspaper on the theory that if I couldn’t regular commit to regular posts on my own blog, it might be easier to commit to someone else’s publication.  We’ll see how this works.

The following was originally posted on the Shoreline Area News, January 25, 2014 as part of the Tech Talk series.

“Quicken 2014 says my Windows 7 is not supported.”

That was the problem posed to me a few weeks ago by a client who had been using Intuit’s accounting package for years, faithfully upgrading it each year. Starting Quicken after his most recent upgrade produced two puzzling error messages.

The first message stated that Quicken does not support “running as administrator.” Closing that message produced another message, stating that “Quicken requires Windows XP Service Pack 2 or later to run.” and adding that his version of Windows is not supported.

Since my client had the only account on the PC, he was the administrator, but the first message suggests he shouldn’t be. The other message suggested that he might be running a pretty old version of Windows. It was very confusing.

Why were these messages appearing? Because Windows 7 was telling Quicken 2014 what it thought it wanted to hear … all in the name of program compatibility.

Compatibility Is in the Eye of the Application

As Windows has changed in feature sophistication and security, its compatibility with existing applications becomes more problematic. Older applications are unaware of these changes and often have difficulty handling the new restrictions placed on them. The most common compatibility problems occur for programs when (1) they either do something no longer permitted or (2) the Windows version is interpreted incorrectly.

As a result applications, as they start up, typically make requests of the operating system to check for earlier, incompatible OS versions. Unfortunately, many applications misinterpret the results of those requests, disqualifying a new, unfamiliar OS.

For this reason, Windows has included the ability to “lie” to applications, telling them that the current version of the operation system is actually earlier version of Windows that is more acceptable to the application.  This functionality has been built into Windows for the last decade or so under the name “Compatibility Mode.” Compatibility mode will also change Windows’ interaction with the program to accommodate the use of old-style program requests. The latest form of this is included in the Program Compatibility Assistant.

Older programs are also unaware of many security restriction Windows now have in place to protect the system and other applications from malware infection. So these programs often fail if they cannot access or save to protected areas of the hard drive or system memory. In order to run successfully, they need “administrator access.” or to “run as an administrator.”

The Compatibility Tab

As a result, the properties for a program displays a tab for Compatibility (example shown here from Windows 8). To view this on your Windows 8.1 and earlier system, Right-click on a Desktop or Explorer program icon and chose Properties from the resulting menu.)

Though settings have evolved over the time, two of the most useful are “Run this program in compatibility mode for…” and “Run this program as an administrator.”

The first allows you to tell an application you are running in a previous version of Windows. The second grants the program “administrative rights” to access normally protected parts of the system.

Compatibility Settings are a Double-Edged Sword

Of course, setting administrative rights and a different version of Windows can also backfire, especially with an up-to-date version of a program like Quicken 2014.

A check of the compatibility tab on the icon for my client’s version of the software showed both the administrator and compatibility mode options checked and the compatibility mode was set to Windows XP, Service Pack 2.

Now the error messages actually make sense. Quicken 2014 does not support any version less that Windows XP, Service Pack 3. And, as it was designed to work within the security boundaries of Windows 7, an objection was made running the using less secure administrator settings.

How Were These Compatibility Settings Applied Initially?

Its hard to know for sure, but I suspect the icon and its compatibility settings were “inherited” from one version of Quicken to another over the years, until a version of the software was installed wouldn’t tolerate them in place anymore.

This Could Happen to an Application Near You

Given that Windows XP, an common compatibility emulation for Windows Vista, 7, and 8/8.1, is reaching its “end of support” cycle this year, we will probably be seeing more of these scenarios in the coming months. More and more application updates will drop support for Windows XP, and if Windows XP compatibility settings are in place, they will also complain as Quicken 2014 did for my client.

“It was working fine until I installed/updated/changed that @%$^$@%^ thing!”

In the years supporting computer software, this is probably the most common phrase I have heard and continue to hear. For most regular folk, computers straddle that chasm between a modern convenience and an infernal contraption….and it seems like it only takes one thing to topple it the wrong way. It could be a new tool, a security update or even removing something that you didn’t need any more that could balance. Often, it not clear what is updated or changed, especially with all the automatic updates that software programs make to correct bugs or stay ahead of bad guys wishing to exploit their code

When I hear about the situations, the system has been often troubles for days and often weeks. So, “it was working fine until..” is usually follow by “I just want it work like was “before.”

You can never go back…well, maybe you can
A decade ago, this was a tough thing to do and often required a new installation of the system and applications to take the machine back to a state before the problem occurred. For Windows, this pattern changed, starting with Windows XP and the ability to “roll back” a driver for the device having trouble. By saving the old driver and its configuration information, you could restore it easily in case there were problems with the new driver. This was great for situations where you knew that new driver was the culprit. If it wasn’t clear who the culprit is, never fear! There was another option: System Restore.

System Restore periodically stores a snapshot or “restore point” of the current system, applications, and settings, and allow you undo changes made since that restore point was established. While System Restore is a reasonable name, it doesn’t begin to describe its capabilities to people who have had to use it. Macintosh OS X has a version of this feature with more exciting name (Time Machine) and while there are differences between the two tools, they both let you roll back the system to an earlier time…hopefully a time before your problem started.

A good idea with mixed reviews
System Restore made its first appearance in Windows ME before finding itself in Windows XP and future versions. While the idea was laudable, the initial reaction to the utility was mixed, largely because of the amounts of disk space the feature used. Back then, average hard sizes were much smaller. At the release of the Windows XP, 300 gigabytes (GB) drives were just hitting the market and people were more likely to have a drive in the 40-80 GB range. Since System Restore could take over 10% of that drive, people were often advised to lower the maximum space it could use or turn off the feature all together.

Fortunately, space is less of a problem these days with terabyte-sized drives costing the same as those old 80 GB drive. Yes, System Restore takes space… and that space is good insurance against trouble. Just how much size depends on your version of Windows:

Windows XP Drives over 4 Gig Drives 4 Gig and under
  12% of total disk space 400 megabytes (MB)
Windows Vista All Drives  
  15% of drive size or 30% of free disk space
Windows 7 Drives over 64 gig Drives 64 gig or under
  5% of drive or 10 GB Max 3% of drive max

It’s all about timing
Of course, the concern about disk space was also fueled by how often the system automatically sets restore points. In the opinion of many, Windows XP created restore points too often:

Windows XP Restore point is created every 24 hours of operation..
Windows Vista A restore point is created every 24 hour period if no other restore points were created that day.
Windows 7 Restore points every 7 days unless other restore points are created during that period.

With a 24 hour interval, people weren’t terribly happy with how System Restore worked in Windows XP. Also, since the time period not a 24 hour time period but 24 hours of system operation, the interval timer would pause and resume as people shut down or suspended their computers. This made the actual timing of the next restore point difficult to predict.

While the user interface does not provide a way to change this interval setting, you can adjust it by changing a setting directly in the System Registry, something I usually only recommend for knowledgeable people used to working in the Registry (if you are…see Resources for how). Joli Ballew wrote a great article on using System Restore in Windows XP that will help you better use the tool and adjusts many of its settings.

In Windows Vista and Windows 7, the system shifted further away from a rigid schedule, depending more on the actual system changes to determine when to set a restore point. Since most of issues that System Restore can address are related to these system changes, setting a restore point prior to these changes is the most effective and efficient approach. Here are some of the activities that will set a restore point:

· Application installations that work with System Restore. For example, if the application uses the Windows Installer or to add itself to the system, it will set a restore point before any changes are made.

· If an item is automatically downloaded through Windows AutoUpdate, restore point is set prior to installation.

· When you begin a System Restore operation, a restore point is set just in case you need to return to the current system. This is helpful if System Restore fails or the roll-back results in missing applications or settings you had not anticipated.

Understanding what you can lose in a System Restore
While knowing some of the mechanics around restore points is helpful, probably the most important thing to understand is what is saved when a restore point is set and what is not saved. System Restore does not change your documents or saved data at all, only the files and settings used to maintain the system and its applications.

The positive side of this is that system rollback won’t impact your documents when you restore to an earlier time. The downside is if the application you used to create the documents was installed or modified after the restore point used, you will likely have to reinstall or reconfigure the application to return it to the same state it was before the restore.

I recently had to use System Restore on a client’s machine to take the system back a month in time. While this resolved her problem, it also meant that the system needed nearly an hour of security updates to the system, anti-virus software, and other normally automatic updates to other applications. It was as if she had shut the computer down for the month and then had to catch up all at once.

The other point to remember is that System Restore is not a substitute for backup. It only stores executable files, the system registry and other files important to system operation. Windows XP uses the file extensions listed in Filelist.xml (found in the windows\system32\restore folder) as its guide for the files to save. For Windows Vista and Windows 7, that file is not used. You can find the listing of extensions on the Microsoft Developer Network website.

You should make sure that your documents and other hard-to-replace data are separately backed up and protected. If you have downloaded executable files that you need to keep, even if they are in the My Documents folder, I recommend you rename them prior to a system restore. If the restore point is before the file was downloaded, it will be removed unless you do this.

Going back with System Restore can help
As long as you take these precautions, System Restore can be a valuable tool to take your system back before the problem started…providing that the problem is due to a system change. While uninstalling or correcting the offending application are good first and second steps, System Restore is a solid third step to consider.

All Windows versions
How to Set a Restore Point
Microsoft Knowledge Base:The Registry Keys and Values for the System Restore Utility

Windows XP
Joli Ballow:
Windows XP System Restore Is Easy to Use
Kelly’s Korner: System Restore for Windows XP
Microsoft Storage Team: Understanding how System Restore in Windows Vista treats executable files
Microsoft Knowledge Base: How to set a system restore point in Windows XP
Windows BBS: How to schedule creation of restore points

Windows Vista/7
Create a Restore Point for Windows 7 or Vista’s System Restore
Microsoft Developer Network: Restore Points