Windows 10 Enforces Updates on Home Users

Standard

Windows_10_Logo.svg

Earlier this month, The Register revealed that Windows updates will now be mandatory. This was determined after reading the End User License Agreement on the Windows 10 Preview for the home version.  Microsoft has been moving in this direction for years. In past operating systems, during the installation phase, Microsoft would prompt to allow updates to install without any further notification. You always had the option to turn that off or choose to download the updates, but not install them. That is no longer going to be the case for home users.

The exact wording in the EULA comes from build 10240 and states the following:

The software periodically checks for system and app updates, and downloads and installs them for you.

You may obtain updates only from Microsoft or authorised sources, and Microsoft may need to update your system to provide you with those updates.

By accepting this agreement, you agree to receive these types of automatic updates without any additional notice.

On one hand, this is good for end users, as most home users do not take the time to install their updates. On the other hand, the issue that some home users will run into is if Microsoft rolls out updates without the end user knowing, this could have the potential to break applications.  Microsoft is prepared to take that risk in order to stay current with the latest technology and keep its end users protected from threats, as the world becomes increasingly unsafe in the cyber community.

Microsoft is currently only rolling out automatic updates on its home versions of Windows 10. The Pro and Ultimate versions will still give users the option to download or install if they choose to. This is a smart idea, as most Pro and Ultimate users likely need to pay attention to updates and take care of them accordingly. Most Businesses rely on the Pro or Ultimate versions, as Microsoft Windows’ Professional Operating Systems and above are the only ones that can connect to domain controllers.

Businesses rely on many different ways to update their systems and these methods will likely still be as relevant as ever. Microsoft still packages its server with the role of Windows Software Update Services, or WSUS for short. There are also many different third party applications that help keep track of updates and ensure they get deployed out to all machines in a network. GFI is a company that makes a product called LanGuard, which not only handles patch management for Windows devices, but also covers Apple products and gives great reporting on the status of devices, among other features. With products such as these, it gives businesses a much more complete overlook into ensuring their machines are up-to-date.

The job of patch management for businesses is very critical. It can be a full time job, depending on the amount and complexity of the devices involved, but ensuring your network is fully secure and up to date is critical to ensuring the safety of your employees and your data.

If you are interested in the options that Everon employs in regards to patch management, give our offices a call at 1-888-244-1748.

New iPhone/Mac Vulnerabilities That Can Impact Your Business

Standard

 

Recently Apple was hit with two big issues in the same month. These gave rise to concerns that Apple products might not be as secure as most think. The first of the two came in the form of a text message that can be sent to Apple iPhones.

The text, which is entirely in Arabic, can be sent to anyone with an iPhone, and it will immediately shut down the phone. While this is more of an annoying bug than a security concern (although it definitely can be viewed as a security concern, depending on the owner of the phone and his/her need for uptime), it doesn’t seem to be harmful to the devices. Users in the  Reddit.com forums found the bug, and it appears they did so by accident.

Credit: parts of this image are reproduced with permission from: https://commons.wikimedia.org/wiki/File:Unibody_Macbook.JPG.

Credit: parts of this image are reproduced with permission from: https://commons.wikimedia.org/wiki/File:Unibody_Macbook.JPG.

If your phone receives the dreaded text message, you will need to turn on your phone and delete that message. One workaround to the text issue is to go into the settings,and turn off text message previews that appear on the home screen. Apple is aware of the bug and will resolve the issue in its latest update, which should be coming very soon.

The second security concern, and one that is very critical to businesses is the latest exploit which allows someone to put a permanent backdoor onto your Mac by rewriting the firmware for the BIOS to allow remote connection to the device. This affects all Macs older than mid-2014.

The reason this security concern is so troubling is, unlike other types of exploits, where if you were to be hacked you could wipe your hard drive and start clean with the appropriate updates, this targets the BIOS, meaning no matter how often you wipe your hard drive, hackers can exploit the vulnerability over and over again.

The vulnerability can be enacted as soon as a machine is woken from Sleep Mode. The security researcher who found the exploit, Pedro Vilaca, stated you can stop your machine from going into Sleep Mode to bypass the exploit. However, Apple is aware of the exploit and should patch it soon. Vilaca also stated that this is very similar to last year’s “Thunderstrike Proof-of-Concept” exploit.

While nothing will protect against this current exploit (i.e. antivirus, anti-malware), it does show that as Macs become more popular, holes are being found in the OS and, in this case, in the hardware itself. Business owners must be aware of both where their employees go on the Internet and how to protect their assets from hacking attempts.

Everon offers antivirus for Macs, as well as PCs, with a product called Webroot Secure Anywhere. We can assist in setting up hardware proxies that will prevent unauthorized access to the Internet. If you have any questions about what we can do for your Apple environment, feel free to call our techs at 1-888-244-1748 (or email at [email protected]). We’re here for you. Twenty-four/seven, 365.

——-

You may also like:

 

Microsoft to Stop Making Windows OS: How this will impact your business

Standard

windows 10 - last osIn a recent conference speech, Jerry Nixon, a Microsoft exec, announced that Windows 10 will be the software giant’s last operating system. Instead of creating an entirely new OS after Windows 10 is released (widely rumored to happen in July), Microsoft will continue to make improvements to Windows 10 through regular updates.

This type of OS-updating is already seen to some extent with the Apple OSX architecture. Nixon stated that a big reason behind the move was due to how the development team would lock themselves away for three years to create the next operating system… but their end-result would be a product the world wanted three years ago. Given how quickly technology changes, this new process will be a welcome departure.

Microsoft has not yet determined what it will call its iterations, post-Windows 10. However, we will not see the continued numerical names to its OS. Microsoft also mentioned that this will help sales, as the idea of selling end users on entirely new operating systems has become increasingly difficult. This way of thinking can be somewhat attributed to the failures of Vista and Windows 8.

Windows 10 will have some version of the Start Menu, which is what seemed to be a stopping point for many businesses. You can download a free preview of the operating system here. (For information on how to create a virtual Windows 10 preview, see my previous blog post, found here.)

Of special note, if you are a small-medium business: you can rejoice in the fact that you will no longer have to have a test machine in your network, to test all of your applications and specialized network setup, every time Microsoft releases a brand new OS. Once your company moves to Windows 10, you should not need to worry about having a new operating system, preventing your company from moving to the latest version. (Although you will want to ensure you are getting the appropriate updates, as they will be critical for keeping your computers protected, and allowing Microsoft to patch security flaws.)

Microsoft’s updates to Windows 10 will likely be free, similar to the way Apple handles its updates to OSX. In fact, if you own Windows 7 or later, and you update within the first year of Windows 10′s release, you will get Windows 10 for free. (Details for that can be found here.) The Windows 10 free upgrade is also free for users who have pirated software as well. (Details for that can be found here.) Microsoft is allowing this to happen to help combat piracy and ensure their OS is patched and in the hands of as many end users as possible.

Microsoft’s idea of giving away their OS for free is a departure from their old way of thinking. It is a strategic move, as Microsoft continues to battle Apple for the OS user base.

Microsoft has made some other bold changes lately, including a decision to discontinue its popular web browser Internet Explorer for its new product, Spartan. Spartan will reportedly be lightweight and very similar to other popular lightweight browsers on the market, such as Chrome and Firefox. The new browser will appear on Windows 10.

Our engineers at Everon are constantly staying on top of the tech-trends that affect small to medium businesses. If you have any questions about Microsoft or Windows 10, feel free to call 1-888-244-1748.

——-

You may also like:

Internet.org, Net Neutrality, and Your Business

Standard

Mark_Zuckerberg_TechCrunch_2012

Photo by TechCrunch [CC BY 2.0 (http://creativecommons.org/licenses/by/2.0)], via Wikimedia Commons

Earlier this week Facebook CEO Mark Zuckerberg’s venture, Internet.org, was scrutinized, amid claims that it does not support net neutrality. Various Indian companies  have withdrawn support for the project. Zuckerberg responded, saying that the two principles “can and must coexist.”

If you’re not familiar with it, Internet.org is an interesting concept where unmanned drones are being tested to provide Internet access to users on the ground in developing countries, where access otherwise wouldn’t exist. The service allows users to connect to specially-created apps, such as health sites, Wikipedia, and Facebook. The drones have already been tested in the UK. The goal is to expand to 100 developing countries, giving Internet to some of the world’s poorest.

The catch (here’s where the net neutrality debate comes into play) is that this venture only allows users to connect to apps that are specifically designed for this package — they can’t go just-anywhere on the Internet. Furthermore, Zuckerberg is hoping that by bringing on large companies, such as Microsoft and Samsung, they can provide a premium service, where users pay for more content.

Net neutrality is a fairly new term, but it is something every business should be aware of. The idea is that the Internet should be free, in the sense that Internet Service Providers should allow access to all content, regardless of where it comes from. They should not allow any favoritism, even to someone willing to pay a higher price. However, if net neutrality fails, and ISPs are allowed to block content, or if they provide favoritism, then your business could have its bandwidth throttled in order to allow service to your neighbor, who might be able to pay a better fee.

The ACLU notes:

“In the past, telecom companies were always forced – formally or informally – to adhere to net neutrality principles…. All that changed in January 2014 when a major court decision stripped the FCC of its power to enforce network neutrality protections under the regulatory framework it was using. This decision provides an opening for the telecom companies to begin exploiting technologies by monitoring and controlling data sent via their networks.” -source

So Mark Zuckerberg’s comments that he would like to see premium services added to his Internet.org package seem to contrast with the concept of net neutrality. Zuckerberg’s idea would not only prevent unlimited, unfiltered access to the Internet for the developing countries’ users, but it would put a price on the content he allowed to be delivered to them.

Net neutrality is something businesses cannot ignore any longer. The decision will come to a head soon and it will affect every single Internet user in the US and all over the globe. (Global ISPs are starting to take note of what is happening in the US.)

For a further overview of net neutrality, visit: http://www.pbs.org/moyers/moyersonamerica/net/neutrality.html. 

And if you need tech support for your small-to-medium business, give us a call at Everon: 888-244-1748, or [email protected]We’re here to help you, 24/7, no matter your company’s needs.

——-

You may also like:

Can Your TV Steal Your Information?

Standard

Hacker

This morning Samsung revealed to customers that there is a possibility that its Smart TVs are listening to your conversations and sending your data off to a third party company. It’s warning users not to talk about sensitive and personal details in front of their TVs.

This warning sounds like something out of a sci-fy movie, but, unfortunately, it’s here.

Samsung states they want to be as transparent as possible, so in an effort to do so, they mentioned that if users utilized the voice recognition software on their Smart TVs, what they say can be picked up by a third party. The assumption is that the third party picking up the data is the voice-to-text translation software. To further clarify Samsung’s comments in their privacy policy, they reiterate that they are not selling any data or storing any data themselves.

This is not the first time we have heard about your devices listening and watching, and unfortunately will not be the last. Since technology has gotten better, many items that have voice recognition and listening capabilities are subject to being hijacked, in order for hackers to get your data.

In 2013, LG was found to be storing important information from their Smart TVs. They have since created a software update that has stopped this functionality, but not before it was discovered by an end user. (That information can be found here.)

For a long time, too, the XBox Kinect, with its listening and viewing powers, has been at the forefront of concerns about its security. Microsoft’s take on this is that you can turn the Kinect off, so it is not always viewing and listening. However, it is reasonable to assume that even with the device off, if the XBox, itself, is connected to the Internet, a hacker will find a way through eventually. If it hasn’t already happened, that is.

Just a few months ago, it was revealed that a Russian website had hacked thousands of baby monitors and displayed their feeds online for anyone to see. Once this site was outed and taken down, the bold hacker posted his resume online, in an attempt to get a proper job based on his elite hacking skills.

Instances like these should not be taken lightly. It goes to show just how important basic security for your home network has become. (In Samsung’s case, they state that users can opt to turn off the voice-activation feature, on the “Settings” within their Smart TVs.) In this age of always wanting to be connected to the Internet, end users are constantly getting hacked and exploited.

This informational sitegives a great view of the hacking breaches throughout the world (that are known). The data is pretty damning. Hacking is becoming a common occurrence, and it is believed that foreign governments could be driving this onslaught. In the case of Anthem, it has been speculated that China is involved, and in the case of the Sony Pictures hack, it is widely believed that North Korea was the culprit.

We have discussed on our blog many times on how to protect yourself (start by checking here, here, here, and here). In 2015 it seems as if the need to protect yourself has never been more apparent.

Stay tuned tomorrow, when we’ll publish a basic primer on home network security. And remember, if you have questions or need help getting set up, you can always contact us at Everon (888-244-1748, or [email protected]). We’re here for you, 24/7, 365.