Tag Windows

Laptops Microsoft Office 365 PCs Software Windows Windows 8.1

The 16 most pivotal events in Windows history

System Tech 0 Comment

Thirty years of Windows is a lifetime.

30yearsofwindows-1

Thirty years of Windows

For better or for worse, Windows has defined the modern era of personal computing. Microsoft’s signature OS runs on the vast majority of PCs worldwide, and it has also worked its way into servers, tablets, phones, game consoles, ATMs, and more.

Windows’ 30 years or so of existence has spanned generations of computing and entire lifetimes of companies and their products. Understandably, choosing the most noteworthy moments of Windows’ long life has been a challenging task, but we went for it. On the following slides we present our our list of the obvious, and not-so-obvious, milestones in Windows history.

30yearsofwindows-2

Windows 1.0

On Nov. 20, 1985, Microsoft launched the first iteration of Windows, essentially a graphical shell that overlaid Microsoft’s well-known MS-DOS. Requiring a couple of floppy drives, 192KB of RAM, and, most importantly, a mouse, Windows wasn’t actually that well-received. But Bill Gates told InfoWorld that “only applications that run Windows will be competitive in the long run.” He was right—for a time.

Featuring tiled windows that could be minimized or extended to cover the full screen, plus “apps” like Calendar and Write, Windows was the precursor to what the majority of PC users run today. Oh, and it was sold by Microsoft’s eventual CEO, Steve Ballmer, in perhaps the best computer commercial (Apple’s “1984” ad notwithstanding) ever shown.

30yearsofwindows-3

Windows 3.x

Windows puttered along until May 1990, when the first iconic Windows release, Windows 3.0, was released. It’s difficult to decide whether Windows 3.0 or its immediate successor, Windows 3.1, was more important; Windows 3.0 introduced sound to the Windows platform, but Windows 3.1 added TrueType fonts.

Yes, Windows 3.1 included File Manager (drag and drop!) and Program Manager, but the real innovations were more fun: support for MIDI sound and AVI files.  More importantly, Windows 3.x introduced screensavers (a staple of shovelware for years) and the ultimate timewasters: Solitaire (Windows 3.0) and Minesweeper (Windows 3.1). An entire generation learned how to place digital playing cards, one on top of the other, all for the glory of seeing all the cards bounce when a game was completed.

30yearsofwindows-4

Windows 95

Early iterations of Microsoft’s Windows operating system catered more toward the business user than anyone else. That changed on August 24, 1995 with the launch of Windows 95.

It featured a few key technical upgrades: Windows 95 was Microsoft’s first “mass-market” 32-bit OS. It was the also first to add the Start button that we use today. The first integrated web browser, Internet Explorer, just missed the launch and shipped later.

With a promotional budget of hundreds of millions of dollars, much of what we remember about Windows 95, though, was tied up in the marketing: a midnight launch, an ad campaign built around the The Rolling Stones hit “Start Me Up,” a partnership with Brian Eno that produced the iconic boot melody.

Oh, and Windows 95 also allowed users to pay $19.95 to try out a time-limited beta of the OS, which expired at the launch. Good times.

30yearsofwindows-5

Microsoft Bob

Windows 3.1, however, also gave us Microsoft Bob, a March 1995 release that remodeled Windows as a series of “rooms.” Each was populated by virtual objects that might have a purpose—but you wouldn’t know until you clicked on them. Bob also featured a series of “assistants” that offered to help you perform all sorts of tasks, whether you wanted to or not.

Bob bombed. But Microsoft never quite gave up on trying to humanize Windows, a noble if slightly pathetic effort that would later produce the unfortunately iconic Clippy assistant.

30yearsofwindows-6

Windows NT

Though PCWorld tends to focus on the PC (natch), we’d be remiss to neglect Windows NT, the precursor to Windows’ expansion into the server and workstation space. Windows NT was Microsoft’s first 32-bit OS designed (and priced) for both the server and workstation market, with specific versions optimized for the X86, DEC Alpha, and MIPS series of microprocessors. It eventually was combined with the standard Windows architecture to form Windows XP.

Today, Microsoft has built a sizeable portion of its business upon Windows Server, SQL Server, and Windows Center, among others, plus its investments in the Azure cloud. All of this originated with Microsoft’s desire to take on UNIX in the server space.

30yearsofwindows-7

Windows XP

Whether it’s due to nostalgia, good design, or the famous “Bliss” backdrop featuring an emerald-green hillside in California’s wine country, 2001’s Windows XP remains one of the more beloved Windows operating systems. Shoot, it managed to erase the memory of Windows ME, one of Microsoft’s biggest blunders.

Windows XP shipped in two editions: one for professionals, the other for home users, with features stripped out of the “pro” version, such as domain join. But Windows XP also shipped with a Media Center edition that transformed a PC equipped with a TV tuner into a powerful DVR. (Media Center remains one of the more popular, and mourned, features of Windows today—it’s one reason users cite for refusing to upgrade to Windows 10.)

30yearsofwindows-8

Windows Genuine Advantage

Maybe you thought every pivotal Windows moment was a product release. Not so. As good as it was, Windows XP also unleashed Windows Genuine Advantage—or what we now refer to as “activation”—upon an unsuspecting world. It was the first step in evolving Windows from a “hobby” to what some would refer to as “Micro$oft.”

This attitude was nothing new. In 1976, Bill Gates penned “An Open Letter to Hobbyists,” where he complained that the amount of royalties paid by customers using its BASIC software amounted to about $2 per hour. “Most directly, the thing you do is theft,” Gates wrote, essentially equating sharing code with outright stealing.

Microsoft sought to curtail this activity with the release of Windows Genuine Advantage, which stealthily installed itself onto millions of PCs by way of a high-priority “update.” (Sound familiar?) Windows Genuine Advantage consisted of two parts, one to actually validate the OS and another to inform users whether they had an illegal installation: In 2006, Microsoft said it had found about 60 million illegal installations that failed validation.

Now? Virtually every standalone product Microsoft sells comes with its own software protections and licenses. If you want a “hobby” OS, you run Linux—which Microsoftalso spent millions trying to discredit, to no avail.

30yearsofwindows-9

United States v. Microsoft

In May of 1998, following government concerns that bundling Internet Explorer within its operating system gave Microsoft an unfair advantage, the Department of Justice and several states filed a landmark antitrust suit against the company.

The trial lasted 76 days. Cofounder and chief executive Bill Gates appeared on videotape, seemingly dismissing questions put to him by government lawyers. Judge Thomas Penfield Jackson ultimately ruled that Microsoft had acted as a monopoly and should be broken up into two companies, though that ruling was later overturned by an appeals court.

Years later, an integrated browser is generally viewed as part and parcel of an OS, though consumers are free to select any browser they choose. Today, Microsoft and IE still power most older PCs, but consumers selecting new browsers are turning to Chrome.

Judge Penfield argued that consumers would have benefitted from a breakup of Microsoft. But we’ve argued before that Microsoft would have, too.

30yearsofwindows-10

Browser-choice screen

In 2009, Microsoft struck a deal with the European Commission, ending the EU’s own antitrust investigation. That agreement created what became known as the “browser-choice screen,” encouraging European consumers to pick a browser besides Internet Explorer.

The browser-choice screen didn’t kill Internet Explorer; in fact, IE remained the most popular downloaded browser until March 2016, when Windows 10 helped push it out of the top spot. But the browser-choice screen certainly reminded consumers that other browsers existed, and that they could pick and choose whichever they preferred, rather than accepting what Microsoft provided to them.

30yearsofwindows-11

Windows 7

For many, Windows reached its apex with Windows 7, which continues to be the dominant OS in Windows’ history: It reached a high of almost 61 percent market share in June 2015, and still commands about 47 percent of the market today.

Why? Any number of reasons, not the least of which is familiarity: Windows’ UI remained relatively static for almost 11 years, from the 2001 launch of Windows XP on up to the dramatic tiled revamp of 2012’s Windows 8. Windows 7 also added several elements that we take for granted in Windows today: the taskbar, a more evolved Snap function, and support for multiple graphics cards. It’s also important to note that Windows 7 supports DirectX 11.1, which is arguably still the dominant graphics API today. Until DirectX12 supersedes it, gamers won’t have a reason to leave.

Windows 7 also eliminated many of the annoying UAC popups that its predecessor, Windows Vista, had put in place. And (as our commenters have repeatedly pointed out) it lacks the frustratingly frequent updates of the current Windows 10, allowing users to essentially “set it and forget it.”

30yearsofwindows-12

Laptop Hunters ads

Microsoft ran a series of “Laptop Hunters” ads during 2009, featuring real people buying real laptops from real stores—and consistently picking Windows PCs over the more expensive Apple options. For about three years, Microsoft had been stung by the barrage of “I’m a Mac/I’m a PC” ads portraying PCs as clunky and out of touch, and “Laptop Hunters” effectively skewered that message as pretentious and expensive.

The campaign followed a $300 million “I’m a PC” push a year earlier, which lacked the real-world punch of Lauren and other real-world customers. Both campaigns illustrated Microsoft’s pivot to being the face of the PC. The “Dude, you’re getting a Dell!” days are long gone.

30yearsofwindows-13

Windows 8.1

I vividly remember the first time I saw a Windows 7 user try out Windows 8: He stabbed at tile after tile, unable to figure out what to do with Microsoft’s new OS. Most of the public did the same. Today, we barely even talk about Windows 8.

Instead, we talk about Windows 8.1: the “service pack” update that undid at least some of the flaws that plagued Windows 8. In my opinion, the most notable thing about Windows 8.1 was that it showed Microsoft was listening to its customers again, even adding a hidden “boot to desktop” command to remedy one of its users’ biggest complaints. (It also was the last time SkyDrive, later renamed OneDrive, actually acted like the cloud backup we wanted.)

By itself, Windows 8.1 is a relatively minor release. But it stands as an important admission of guilt, and an apology, for the sins of its predecessor.

30yearsofwindows-14

The rise of Android, the fall of Windows Mobile

In February 2007, Microsoft debuted Windows Mobile 6, its first mobile operating system for true smartphones and arguably one of the company’s most successful. In November 2007, however, the free Android OS debuted. A year later, HTC launched the first Android smartphone: the HTC Dream, seen here. It was all downhill from there for Microsoft.

Yes, you could make a strong argument that Microsoft’s massive $7.8 billion acquisition of Nokia’s devices business in 2013—which, by now, has been almost completely written off—was actually the last gasp of Microsoft’s mobile vision. But the launch of the Dream, and the hundreds of millions of Android phones that followed it, lured away third-party developers Microsoft needed for its mobile aspirations to thrive.

30yearsofwindows-15

Windows 10: The ‘last Windows’

With Windows 10, Microsoft made the gutsy call to bring beta testers in as partners rather than as guinea pigs. The Windows Insider program lets users try out and evaluate builds almost as quickly as Microsoft can churn them out, fostering an air of camaraderie between users and Microsoft.

Windows 10 also introduced a number of features: a revamped Start menu, better notifications, virtual desktops, and more. It launched Cortana, a digital assistant that Microsoft hoped would eliminate the grunt work of setting reminders and sending quick texts and email.

But Cortana’s privacy-intruding nature and Microsoft’s aggressive upgrade practiceswashed away some of the goodwill Windows 10 originally engendered. Today, Windows 10 is one of the more polarizing operating systems in recent memory, with many Windows 7 fans loudly criticizing it, and others supporting the direction Microsoft has taken.

30yearsofwindows-16

The evolution of the digital assistant

 Of course, Microsoft has a long, controversial history with digital assistants, beginning way back in 1995 with the debut of Microsoft Bob. That program was meant to help familiarize Windows users with various applications by anticipating the users’ needs. While universally derided, Bob introduced the concept of ostensibly helpful characters, from a superhero dog to a clone of Albert Einstein to the infamous Office assistant  “Clippit,” aka “Clippy.”

You can make the case that Clippy and its ilk evolved, over time and behind the scenes, into the far more sophisticated digital assistant that’s built into Windows 10: Cortana. The difference, of course, is that Cortana is part of a larger trend, joined by Google Now and Siri, digital assistants in their own rights for the Android and iOS platforms, respectively. Indeed, Microsoft is pushing its Bot Framework, which enables the creation of intelligent digital helpers, into all sorts of new applications beyond the OS, such as Skype and Bing.

30yearsofwindows-17

Patches, good and bad

Windows has bugs. Windows requires patches. And while there have been many, many updates over the years to fix bugs, slowdowns, and other incompatibilities, there have also been many, many screwups, too. InfoWorld has an entire list of them.

My favorite? A patch that put a mysterious black bar on one side of Internet Explorer—and if you clicked it—CRASH!—down came your machine with a BSOD. For a time, Microsoft allowed you to refuse Windows patches. Windows 10, unfortunately, did away with all that.

That concludes our list of Windows’ most pivotal moments. We could have spent dozens upon dozens of slides diving deep into Windows’ history, but we had to stop somewhere. Is there anything we missed? Tell us below.

Have questions?

Get answers from Microsofts Cloud Solutions Partner!
Call us at: 856-745-9990 or visit: https://southjerseytechies.net/

South Jersey Techies, LL C is a full Managed Web and Technology Services Company providing IT Services, Website Design ServicesServer SupportNetwork ConsultingInternet PhonesCloud Solutions Provider and much more. Contact for More Information.

To read this article in its entirety click here.

Apple Entertainment Technology Internet Security iOS iPhone Smartphones Social Networking Software

CES 2016: Fitbit launches $200 Apple Watch competitor

System Tech 0 Comment

Step aside, Apple, there’s a new watch in town. At CES 2016, Fitbit unveiled the Blaze, a smartwatch that does things the Apple Watch can’t, and at a lower price point.

fitbit-blaze

The new Fitbit Blaze is a smart fitness watch unveiled at CES 2016. Image: Fitbit

The basic utilitarian look of Fitbit is so last week, with today’s CES 2016 debut of Fitbit Blaze, a smart fitness watch with a color touchscreen that heralds in the next generation of the company’s popular fitness device line.

Fitbit Blaze does many of the same things as more expensive smartwatches, such as the Apple Watch, but it does it at a lower price point. The basic Fitbit Blaze comes with an elastomer band and will be available for retail sales in March 2016 with a $199 price tag. It tracks fitness and sleep stats and provides notifications for calls, texts, calendar alerts and music control. It’s compatible with Windows, iOS, and Android platforms.

One of the main features of the watch is how the bands are interchangeable to go from the gym to the office and out for the evening. Accessories will include additional elastomer bands for $29.95 each, leather bands for $99.95 each, and a steel link band for $129.95 each. The device is available for presale beginning today at Fitbit.com and tomorrow at various major retailers. For those who want to see the watch in person before ordering, on February 20 customers can go into Best Buy to try on the watch and pre-order.

“The product is about the balance of fitness and style. While it may look like a smartwatch, we think we’ve gotten it right. It has a distinct focus on fitness. That’s why we’re calling it a smart fitness watch. It puts fitness first,” said James Park, CEO and co-founder of Fitbit, at the CES 2016 press conference.

Fashion and style have long been a sore spot in the world of wearables and smartwatches. Because, even if a device has a stylish appearance, oftentimes it’s not feasible to wear the same product 24/7 for every occasion. The Fitbit Blaze eliminates this issue with the range of affordable interchangeable bands.

Fitbit Blaze includes many of the same features as previous Fitbit wearable fitness devices, such as all-day activity stats, but it also includes a color touchscreen, along with a partnership with FitStar for an onscreen workout. It also includes connected GPS for real-time exercise stats and PurePulse wrist-based heart rate tracking, which the company introduced last year.

The watch has a substantial battery life, lasting up to five days and nights, according to Fitbit Chief Business Officer Woody Scal.

Park said the Fitbit Charge, which was introduced last year, is the number one selling activity tracking device in North America, and the Fitbit Surge is the number one selling GPS tracking watch. On Christmas Day and the day after, Fitbit was the number one free app download.

“We are one of the larger technology IPOs of 2015. We are still trading about offering price which we think is rare. We’re pretty proud of that,” Park said.

Park took the opportunity at the press conference to point out how Fitbit is mentioned in the media, such as numerous photos with President Obama wearing a Fitbit Surge.

“For me it’s been really fun to see Fitbit mentioned on popular TV shows such as Big Bang Theory,” he said.

One of the biggest challenges that Fitbit faces is that its products have a 50% abandonment rate, compared to 6% for the Apple Watch. That makes the Blaze a strategically important move for Fitbit. The early reaction to the Blaze has been mixed as Fitbit’s stock dropped 13% following the announcement.

Have questions?

Get help from IT Experts/Microsofts Cloud Solutions Partner
Call us at: 856-745-9990 or visit: https://southjerseytechies.net/

South Jersey Techies, LL C is a full Managed Web and Technology Services Company providing IT Services, Website Design ServicesServer SupportNetwork ConsultingInternet PhonesCloud Solutions Provider and much more. Contact for More Information.

To read this article in its entirety click here.

Microsoft Office Microsoft Outlook Microsoft PowerPoint Microsoft Word News Office 365 Quick Reference Guides Tips & Info Windows

Patience will be the key to a successful Windows 10 upgrade

System Tech 0 Comment

let the dust settle before you attempt the free Windows 10 upgrade.

Windows 10

With the official Windows 10 launch and Microsoft’s promise that the upgrade for Windows 7/8.1 systems will be free for the first year after launch, you’ll have until July 29, 2016, to make your move. Just because it’s free doesn’t mean you have to rush to get your copy—unless, of course, it’s a status thing.

For the ordinary Windows user, there really isn’t any immediate need to be one of the first people to download Windows 10. In fact, you’ll probably have a better upgrade experience if you hold off for a bit. Wait for the hype to die down, wait for the load on the Windows Update servers to wane, and more importantly, wait for the first wave of updates to make their way out to the masses of Windows users who had to be the first.

Besides, unless you’re a Windows Insider program participant, chances are that you won’t be able to get Windows 10 right away anyhow.

In his July 2nd blog post, “Windows 10: Preparing to Upgrade One Billion Devices,” Terry Myerson stated:

“We want to make sure all of you have a great upgrade experience, so we’ll roll-out Windows 10 in phases to help manage the demand.”

He then goes on to say:

“Starting on July 29, we will start rolling out Windows 10 to our Windows Insiders. From there, we will start notifying reserved systems in waves, slowly scaling up after July 29th. Each day of the roll-out, we will listen, learn and update the experience for all Windows 10 users.”

That last sentence hints at the fact that the Microsoft is anticipating the possibility that there may be some glitches in the first wave of the roll out.

To be sure, I’m not suggesting that you hold out for months before you upgrade—rather, I’m saying that you may want to give it a couple of weeks just to see how others are faring with Windows 10. With Microsoft’s Windows as a service model, the ongoing testing via the extension of the Windows Insider program, and the rapid update system developed during the Windows Insider preview program, the hope is that any issues that crop up in the first weeks after initial availability will be quickly resolved.

Have questions?

Get help from IT Experts/Microsofts Cloud Solutions Partner
Call us at: 856-745-9990 or visit: https://southjerseytechies.net/

South Jersey Techies, LLC is a full Managed Web and Technology Services Company providing IT Services, Website Design ServicesServer SupportNetwork ConsultingInternet PhonesCloud Solutions Provider and much more. Contact for More Information.

To read this article in its entirety click here.

Microsoft 8 Pro Microsoft Office Microsoft Outlook Microsoft PowerPoint Microsoft Windows 8 Pro Microsoft Word Office 365 Windows Windows 2012 Server Windows 8.1

Can’t Change Windows 7 Theme?

System Tech 0 Comment

Can’t change the Windows 7 theme? Is your Windows 7 theme stuck on “classic”? If it is stuck, then you can try to apply a few fixes and see if if you can unstuck it! Often it is stuck, because your PC is configured to be optimized for best performance, rather than best appearance!

 

Windows

Overview

Configure PC for better Appearance
Start Windows 7 Themes Service
Problem: Themes Service Cannot Be Started

Use Visual Styles on Windows and Buttons

Often the reason why your Windows 7 theme could be stuck on classic is that your PC is configured to be optimized for better performance. I could imagine that some laptops are even pre-configured that way. Actually, it’s a good setting, but if you want a better appearance I can understand that it’s annoying to be stuck on “classic” theme. So, if you can’t change your Windows 7 theme, you might want to check your PC configuration first:

1. StepOpen the Control Panel

Control Panel


2. Click on “System and Security”:

3. Step Click on “System”.

4. Step In the sidebar, click on “Advanced System Settings”:

5. Go to the tab “Advanced” and click on “Settings”:

System and Security

 

6. Step Scroll down the list, at the bottom double-check that the item “Use Visual Styles on Windows and Buttons” is checked. If this is not checked, your Windows 7 theme will be stuck on “classic” for a long time, because this completely disables your fancy visual Aero appearance.

Windows 7 Themes

This is also often the problem why people can’t seem to be able to active the Windows 7 Aero theme, because their PC is configured to be optimized for the best performance and not the best appearance.

Themes service is not started

If your Windows 7 themes service is not started your Windows 7 theme will be stuck on “classic”. You can’t change your Windows 7 theme when the theme service is disabled. So, let’s check if your themes service is up and running.

1. Step Click on “Start” and enter “services.msc” into the search field. Click on the item that appears.

2. Step Scroll down the list until you find the item “Themes” (or enter Themes while one item is selected)

3. StepYou will now see if the Themes service is running currently and what mode it is in (Automatic, Disabled, Manual):

If it’s currently “Disabled” or in “Manual” mode and not started, you have to start it manually and change the mode to “Automatic”.

4. StepDouble-click on “Themes” and from the dropdown select “Automatic”, click on “Start” and then on “Apply”.

Themes Properties

Have questions?

Microsoft’s Cloud Solutions Partner are here to help.
Call us at: 856-745-9990 or visit: http://southjerseytechies.net/

South Jersey Techies, LLC is a full Managed Web and Technology Services Company providing IT Services, Website Design ServicesServer SupportNetwork ConsultingInternet PhonesCloud Solutions Provider and much more. Contact for More Information.

To read this article in its entirety click here.

 

Internet Security News Quick Reference Guides Security SSL Certificates Tips & Info Windows

Is Your Organization Using SHA-1 SSL Certificates? If so here’s what you need to know and do:

System Tech 0 Comment

ssl

 

Following a recommendation by the National Institute of Standards and Technology (NIST), Microsoft will block Windows from accepting SSL certificates encrypted with the Secure Hash Algorithm-1 (SHA-1) algorithm after 2016. Given the number of mission-critical SSL certificates that are allowed to expire from inattention, administrators have their work cut out for them. By knowing what will happen, why it’s happening, and what you need to do, you won’t be surprised by these important policy changes.

What’s Happening?

On November 12, 2013, Microsoft announced that it’s deprecating the use of the SHA-1 algorithm in SSL and code signing certificates. The Windows PKI blog post “SHA1 Deprecation Policy” states that Windows will stop accepting SHA-1 end-entity certificates by January 1, 2017, and will stop accepting SHA-1 code signing certificates without timestamps after January 1, 2016. This policy officially applies to Windows Vista and later, and Windows Server 2008 and later, but it will also affect Windows XP and Windows Server 2003.

SHA-1 is currently the most widely used digest algorithm. In total, more than 98 percent of all SSL certificates in use on the Web are still using the SHA-1 algorithm and more than 92 percent of the certificates issued in the past year were issued using SHA-1.

Website operators should be aware that Google Chrome has started warning end users when they connect to a secure website using SSL certificates encrypted with the SHA-1 algorithm. Beginning in November 2014 with Chrome 39, end users will see visual indicators in the HTTP Secure (HTTPS) address bar when the site to which they’re connecting doesn’t meet the SHA-2 requirement. Figure 1 shows those indicators.

 

Figure 1: Visual Indicators in the HTTPS Address Bar

 

Google is doing this to raise end users’ awareness and to help guide other members of the Internet community to replace their SHA-1 certificates with SHA-2 certificates.

Why Is Microsoft Deprecating SHA-1?

SHA-1 has been in use among Certificate Authorities (CAs) since the U.S. National Security Agency (NSA) and NIST first published the specification in 1995. In January 2011, NIST released Special Publication 800-131A, “Transitions: Recommendation for Transitioning the Use of Cryptographic Algorithms and Key Lengths.” This publication noted that SHA-1 shouldn’t be trusted past January 2016 because of the increasing practicality that a well-funded attacker or government could find a SHA-1 hash collision, allowing them to impersonate any SSL website.

Realizing that it’s highly unlikely that CAs and the industry at large will adopt more powerful encryption algorithms on their own, Microsoft is leading the charge by making Windows reject certificates using SHA-1 after January 1, 2017. Doing this will lead website operators to upgrade to stronger SHA-2 certificates for the betterment of all Windows users and the broader public key infrastructure (PKI) community. The Windows PKI blog post “SHA1 Deprecation Policy” noted that, “The quicker we can make such a transition, the fewer SHA-1 certificates there will be when collisions attacks occur and the sooner we can disable SHA1 certificates.”

In the end, the issue isn’t if SHA-1 encryption will be cracked but rather when it will be cracked.

What Do I Need to Do?

January 1, 2017, might seem like a long way away, but now is the time to understand the problem and how to mitigate it.

As per Microsoft’s SHA-1 deprecation policy, Windows users don’t need to do anything in response to this new technical requirement. XP Service Pack 3 (SP3) and later versions support SHA-2 SSL certificates. Server 2003 SP2 and later versions add SHA-2 functionality to SSL certificates by applying hotfixes (KB968730 and KB938397).

Web administrators must request new certificates to replace SHA-1 SSL and code-signing certificates that expire after January 1, 2017. As of this writing, that would probably affect only public SHA-1 certificates that were purchased with a long expiration date (three years or more) or long-duration certificates issued by internal SHA-1 CAs. Most third-party CAs will rekey their certificates for free, so you simply need to contact the CA to request a rekeyed certificate that uses the SHA-2 algorithm.

When ordering new SSL certificates, you should confirm with the CA that they’re being issued with the SHA-2 algorithm. New certificates with expiration dates after January 1, 2017, can only use SHA-2. Code-signing certificates with expiration dates after December 31, 2015, must also use SHA-2.

Note that the algorithm used in SHA-2 certificates is actually encoded to use SHA-256, SHA-384, or SHA-512. All of these are SHA-2 algorithms; the SHA number (e.g., 256) specifies the number of bits in the hash. The larger the hash, the more secure the certificate but possibly with less compatibility.

It’s important that the certificate chain be encrypted with SHA-2 certificates. (A certificate chain consists of all the certificates needed to certify the end certificate.) This means that any intermediate certificates must also use SHA-2 after January 1, 2017. Typically, your CA will provide the intermediate and root CA certificates when they provide the SHA-2 certificate. Sometimes they provide a link for you to download the certificate chain. It’s important that you update this chain with SHA-2 certificates. Otherwise, Windows might not trust your new SHA-2 certificate.

Root certificates are a different story. These can actually be SHA-1 certificates because Windows implicitly trusts these certificates since the OS trusts the root certificate public key directly. A root certificate is self-signed and isn’t signed by another entity that has been given authority.

For the same reason, any self-signed certificate can use the SHA-1 algorithm. For example, Microsoft Exchange Server generates self-signed SHA-1 certificates during installation. These certificates are exempt from the new SHA-2 policy since they aren’t chained to a CA. I expect, however, that future releases of Exchange will use SHA-2 in self-signed certificates.

What About My Enterprise CAs?

If your organization has its own internal CA PKI, you’ll want to ensure that it’s generating SHA-2 certificates. How this is done depends on whether the CA is running Windows Server 2008 R2 or later and if your CA has subordinate CAs.

If you have a Server 2008 R2 or later single-root CA without subordinates, you should update the CA to use SHA-2. Doing so will ensure that subsequent certificates generated will use the SHA-2 algorithm. To check which hash algorithm is being used, you can right-click the CA and go to the General tab. If SHA-1 is listed, you can run the following certutil command to configure the CA to use the SHA-256 algorithm:

certutil -setreg ca\csp\CNGHashAlgorithm SHA256

You must restart the CertSvc service to apply the change. Now when you view the CA properties, you’ll see that the hash algorithm is SHA-256. All future certificates issued by this CA will use SHA-256, but keep in mind that existing certificates will still be using SHA-1. You need to renew any SHA-1 certificates issued by this CA to upgrade them to SHA-2 certificates.

If your CA is older than Server 2008 R2, you can’t upgrade the CA to use SHA-2. You’ll need to rebuild it with a newer version.

If your organization’s internal CA is multi-tiered with one or more subordinate CAs, you’ll need to reconfigure them to use SHA-2. This is done using the same certutil command just given on each subordinate or issuing CA. Keep in mind that if you use subordinate CAs, you’re not required to update the root CA to SHA-2 since that certificate is at the top of the certificate chain, but it won’t cause any problems if you do. You still need to renew any SHA-1 certificates issued by the subordinate CAs to upgrade them to SHA-2 certificates.

Take Action Now

Administrators and website operators should identify all the SSL certificates used in their organizations and take action, as follows:

  • SHA-1 SSL certificates expiring before January 1, 2017, will need to be replaced with a SHA-2 equivalent certificate.
  • SHA-1 SSL certificates expiring after January 1, 2017, should be replaced with a SHA-2 certificate at the earliest convenience.
  • Any SHA-2 certificate chained to an SHA-1 intermediate certificate should be replaced with another one chained to an SHA-2 intermediate certificate.

The following tools and websites are useful for testing and for further information about SHA-1 remediation:

  • Microsoft Security Advisory 2880823. This website discusses the deprecation policy for the SHA-1 hashing algorithm for the Microsoft Root Certificate Program.
  • Migrating a Certification Authority Key from a Cryptographic Service Provider (CSP) to a Key Storage Provider (KSP). The section “How to migrate a CA from a CSP to a KSP and optionally, from SHA-1 to SHA-2” in this TechNet web page provides detailed instructions for upgrading a CA to use SHA-2.
  • Gradually sunsetting SHA-1.” This Google Online Security Blog post explains how the transition to SHA-2 affects Chrome and details Google’s rollout schedule.
  • SHA-256 Compatibility. This GlobalSign web page lists OS, browser, server, and signing support for SHA-256 certificates.
  • DigiCert SHA-1 Sunset Tool. This free web application tests public websites for SHA-1 certificates that expire after January 1, 2016.
  • DigiCert Certificate Inspector. This tool discovers and analyzes all certificates in an enterprise. It’s free, even if you don’t have a DigiCert account.
  • Qualys SSL Labs’ SSL Server Test. This free online service analyzes the configuration of any SSL web server on the public Internet.

Internet Security News Quick Reference Guides Security Servers Tips & Info Windows

End of Support for Microsoft Windows Server 2003

System Tech 0 Comment

end windows server 2003

 

A large number of businesses still run Microsoft MSFT -1.71% Windows Server 2003 and it’s unlikely they all will upgrade before Microsoft Corp. ends support on July 14, 2015, say analysts. Companies that don’t upgrade increase their cyber security risks because the company will no longer issue security updates and these systems will be more vulnerable to hackers.

Businesses worldwide run an estimated 23.8 million physical and virtual instances of Windows Server 2003, according to data released by Microsoft in July 2014. Analysts say the technology is more prevalent in industries such as health care, utilities and government. Yet it’s also still used in about 7% of retail point of sale systems, according to a report Thursday by Trend Micro Inc.4704.TO -1.11%

“Microsoft does not plan to extend support for Windows Server 2003 and encourages customers who currently run Windows Server 2003 and have not yet begun migration planning to do so immediately,” said Vivecka Budden, a Microsoft spokesperson, in an email.

South Jersey Techies offers various migration options to include Windows Server 2012 R2, Microsoft Azure, hosting partners and Office 365.

“It is going to be difficult to get this done in time,” said David Mayer, practice director of Microsoft Solutions at Insight Enterprises Inc.NSIT -1.12%, a provider of IT hardware, software and services.

Many of these same industries were impacted by the end of service for the Windows XP operating system on April 8.  Microsoft broadcasts these sorts of moves years in advance, so it shouldn’t come as a surprise to anyone. But, the product was stable and for many companies there simply wasn’t incentive to update.

“In general, everyone has been slow to migrate, especially those with servers that are running applications,” said Rob Helm, vice president of research at Directions on Microsoft consulting firm.

The problem in industries such as health care and utilities is that companies run legacy apps written by vendors who still require Windows Server 2003. For example, there are smaller vendors in health care that have not kept up with development and application modernization, said a health-care CIO who asked not to be identified. A hospital may have an inventory of 100 to 500 different applications and many applications will still require Windows Server 2003, he added.

Electric utilities, for example, widely use Windows Server 2003. There hasn’t been much movement to upgrade those systems, said Patrick C. Miller, founder of the nonprofit Energy Sector Security Consortium and a managing partner at The Anfield Group, a security consulting firm. Instead, utilities are working to better secure and isolate those systems.

“I’m concerned about directory services such as application authentication and user permissions,” said Mr. Miller. “If you compromise an Active Directory server, you get access to everything.”

For now, analysts are recommending that companies work out their risk of exposure and make plans to first migrate those applications that will be most difficult. Companies should make plans to harden servers that can’t be updated. That might entail putting those systems on an isolated network, where they’d be less prone to outside attack, said Mr. Helm.

To protect and upgrade your home or business

 please contact us 856-745-9990 or click here.

 

Windows

XP will be Non-Compliant

System Tech 0 Comment

logo_footer_hipaa

Windows XP was released on October 25, 2001 and has become one of the most popular versions of Windows for home and business environments.

The HIPAA Security Rule requires all systems to be updated regularly, as of April 8, 2014 Microsoft will end support for Windows XP, after which no new updates, hotfixes, patches or support will be issued.

This is a major problem within the healthcare industry since many computers are still running XP.  Migrating to a new operating system can be a challenging task because some XP machines have proprietary software that are not compatible with Windows 7+.  

Evaluate the technical infrastructure including servers, workstations and network equipment to create a migration plan.  Communicating with product vendors will help create the migration plan.  Vendors can provide support for updating and upgrading the software/hardware.  Implementing Virtualization within your network is a centralized option to replacing your current setup.  A virtual desktop infrastructure is having 50+ desktops reside on one physical server and sharing the resources, such as CPU, storage and memory.

During the migration, providing an efficient setup for the clinical staff may also include upgrading the manageability of the network and designing a much more scalable and secure IT infrastructure.

To protect and upgrade your home or business

 please contact us 856-745-9990 or click here.

 

News Windows

‘Zero-Day’ for Microsoft XP Users

System Tech 0 Comment

194212

On April 10, 2012, Microsoft officially announced that as of April 8, 2014 they will end extended support for Windows XP and Office 2003, after which no new updates, hotfixes, patches or support will be issued.  “Since a security update will never become available for Windows XP to address these vulnerabilities, Windows XP will essentially have a “zero day” vulnerability forever” said Tim Rains from Microsoft.  Zero-day attacks are when attackers exploit a vulnerability before the developer is aware or can fix the problem.

Windows XP already has a notably higher infection rate than its successors Windows 7 and Windows 8.  Those preparing to continue using XP after the cut-off date, are going to be in a unpleasant situation trying to protect their intellectual property.   With Microsoft ending their support, the vendors for applications running on it will most likely end support.

Attackers will have the upper hand once Microsoft cuts off XP support and presumably will have more information than the defenders about system and application vulnerabilities.  Also, attackers will have the possibility of compromising the system and applications if they exploit the zero-day vulnerabilities.

For more information regarding Windows XP End of Life, click here.

According to NetMarketShare.com, Windows XP still has about 37 percent desktop operating system share as of June 2013.   Although it is the second most used operating system, Microsoft said that they will not be extending support for XP after April 8, 2014.

xp

To protect and upgrade your home or business

 please contact us 856-745-9990 or click here.

 

Windows Windows 8.1

10 Enterprise Benefits of Windows 8.1

System Tech 0 Comment

3

Windows 8.1 will be released on October 17, 2013, followed by a full launch on October 18, 2013.  Although Windows 8.1 is not a “new” operating system, the major updates created for 8.1 have made the upgrade more than a simple service pack.

Enterprise Benefits:

1.  Mobility

Windows 8.1 benefits a wider range of employees to include a combination of productivity and mobility.  IT can manage Windows 8.1 devices, such as desktops, laptops, and tablets, with a universal management client.

2.  Tablets

Enabled hardware for Windows 8  offers the option to have a standard operating system for enterprises, but allow individual users to select their device, such as desktops, laptops, and tablets, and have a consistent interface across these devices. 

3.  Application Development

Streamlining Windows 8.1 allow developers to design applications that can work across devices, such as desktops, laptops, tablets and smartphones.

4.  IT Support

To reduce the strain on IT resources for business mobility, standardizing on Windows 8.1 allows a majority of IT support to become simplified. 

5.  Total Savings

Standardizing on Windows 8.1 will reduce the cost for development, maintenance and support.  Also, reducing costs by eliminating licensing/support costs of a enterprise environment with varied devices.

6.  Restore Optimization

Windows 8.1 has the ability to restore factory settings for the operating system.  For all businesses, this is an advantage and a simple way to reduce costs and recover time for IT departments. 

7.  IT Operations

Windows 8.1 is a services pack for Windows 8 that includes new features, not just fixes.  Creating user documentation can be streamlined for Windows 8.1 for all applications.  Additionally, future service packs will follow in the footsteps of Windows 8.1 to include new features; then IT departments can frequently provide updates to user documentation.

8.  Reduced Confusion

To reduce user confusion, after a user joins to Windows Intune Management Service the user gains access to the Company Portal.  The company portal has access to the applications, data, and device settings.  Also, users can troubleshoot their own devices using the service desk self-help portal.

9.  Security

Microsoft is enhancing security with Windows 8.1 with Remote Business Data Removal and the new Internet Explorer.  Remote Business Data Removal provides control over encrypted data that can be wiped from any device.  The new Internet Explorer has Anti-Malware included to scan binary extensions to prevent infections.

10.  Education

Windows 8.1 offers an evaluation of current infrastructure, how to execute migrations plans and ways to educate users on how to use the new version.  Microsoft ends support for Windows XP on April 8, 2014, business should consider the option of upgrading to Windows 8.1. 

For more information regarding Windows 8.1 click here.