Is Apple losing its edge?

Apple laptops and desktops are often the favourite hardware for businesses, partly for quality and partly because they have always been seen as largely hack-proof.

But a recent problem has caused some technical writers to question whether the “big A” is beginning to lose its edge.

A flaw was discovered in the most recent version of MacOS High Sierra, that enabled anyone to enter the machine without a password.

The bug was discovered in late November by a Turkish developer, who discovered that entering the username “root” and leaving the password field blank, hitting “enter” a few times, he could gain access to the machine.

The vulnerability, which fortunately could not be used remotely, could give someone with root access more powers than a normal user, for example to read and write files to other accounts.

More seriously a superuser with root access and with malicious intent could have deleted crucial system files, rendering the computer useless – or install malware that might be undetectable to typical security software.

Apple issued a temporary workaround by allowing users to set a root password while it fixed the problem.

The instructions are here

However, according to the tech publication WIRED, there were more problems when Apple rushed out a patch, within 18 hours, and users discovered that the “root” bug returned if they updated to the 10.13.1, version.  The machine had to be re-booted for the patch to work, but Apple had not included this in the instructions.


Broadband speeds are not what they’re claimed to be?

Broadband speeds are not what they’re claimed to be

A new survey by Which? has found that more than half of internet users are getting broadband speeds that are up to 62% slower than their providers claim.

The Which? figures taken from more than 700,000 consumer speed checker tests and compared with information collected in 2016 by Ofcom, found that in in 52% of local authority areas, people are recording median speeds that are at least 10 per cent slower than the median speeds estimated by providers.

Moreover in 35% of areas speeds are up to 20% slower.

The list of regions with broadband slower than the recommended 10Mpbs includes Ryedale, Purbeck, West Devon and Powys. While, along with Tamworth, Reading, Luton and Enfield get some of the quickest speeds.

Which? MD of home services said that in some locations “there can be a big gap between what people may expect versus what they actually experience in their homes”.

He questioned whether customers were really getting the service they were paying for.

It is timely, then, that Ofcom has recently announced that customers are to be automatically compensated by providers for delays in fixing problems with landlines and broadband, including for slow repairs, missed appointments and delayed installations.

Under its new scheme, to be introduced in 2019, customers will automatically get £8 for every calendar day on which the service is not repaired, after two full working days. They will also get £25 for an engineer missing an appointment or cancelling with less than 24 hours’ notice, and £5 for each calendar day without service after the day they were promised a provider would start that service.

Although the compensation does not cover slow broadband speeds, the Ofcom ruling is a welcome step in getting providers to improve their services to customers.

High Sierra before you update

Before updating to High Sierra, what to know

Apple’s new OS system

Many businesses will use Apple computers believing that the technology is far superior and less vulnerable to hacking and viruses.

However, reviewers of the latest version of the operating system, MacOS High Sierra, warn Mac users to wait a while before installing it and to make sure they do an external back-up before they begin.

According to The Independent tech reviewer Andrew Griffin, in late September, there are two main reasons to wait a few days before installing: “the risks are much higher and the rewards are much less interesting.”

The danger is that in installation, he says, cherished pictures and other data could be lost, and this will be a catastrophe if the installation is on the owner’s main computer.

The High Sierra system has completely revamped the way files are stored with the intention of speeding up some computer tasks. But the question is whether the new system is quite glitch-free.

MacWorld’s Dominic Preston has compared the High Sierra Version with the previous Sierra version and concluded that it isn’t “the most exciting” MacOS upgrade.

On the subject of the revamped file system MacWorld’s review says:

“First of all, copying files and finding the size of files and folders should now be near-instantaneous, the sort of small improvement that will add up over long-term use.

It also helps keep files safe thanks to built-in encryption, data protection for power outages and system crashes, and simplified data backup. It’s also compatible with HFS drives and data so you shouldn’t lost anything during the upgrade – though we’d still always recommend a backup first.”

There have been tweaks to Safari to prevent auto-playing videos and include tracking prevention. There have also been tweaks to mail and messages.

Preston’s conclusion is that there is little reason to not upgrade to High Sierra, but he, too recommends a back-up just in case.


Do you need faster broadband?

How crucial to your business is a faster download speed?

It may be in the interests of Internet service providers to increase their revenue by encouraging you to upgrade to a service that gives you faster connectivity and download speeds, but it is wise to do the research before committing.

Firstly, it’s about bandwidth, expressed as Megabits per second (Mbps).  The larger the bandwidth, the more and faster data can be moved.

Secondly, it is about the purposes for which you use the internet – whether it is downloading movies, using VOIP to make conference calls between different parts of your business and with customers, or simple email communication and internet browsing.  Does your business have to regularly upload large files?

For example, it can be a problem if VOIP calls are constantly breaking up or interrupted when the participants are in the midst of an important discussion or negotiation.

Having defined the purposes for which your business uses the internet the next step is to check on what bandwidth your internet service provider (ISP) is offering, in theory and in practice.

Why might you want to check your bandwidth?

It may be that you think, or suspect, that you are not getting the bandwidth you’re paying for, either on purpose or because something is wrong. Signs may be web pages taking a long time to load or the VOIP example mentioned earlier.

Perhaps, also, you want to check that the internet speed is adequate for a service you are considering buying.

While there are plenty of online free services to test your download speed, it is a good idea to use the test offered by your ISP.  You should do several tests over the course of a day and take screenshots of each, identified with date and time.

This will give you the evidence you need if the service you are paying for is not as good as you have been promised and you want to challenge your ISP.

However, there are other variables that it is worth bearing in mind that can affect internet speed. This is why ISPs always promise speeds of “up to” stated Mbps. The service is being shared with other households and businesses in the neighbourhood and the factors that will affect it include how may users are online at a given time and, within a company where there will be multiple users, how many people are using the system, and for what operations, at the same time.

Only once a business has gathered all the information, defined its internet needs and done the checks will it be in a position to decide whether paying for faster speeds is going to be viable and necessary.


How to avoid email phishing scams

According to the security software provider Malwarebytes 33% of businesses have suffered a ransomware attack in the last 12 months.

Their research also revealed that 20% of UK businesses feel they’d have no chance in stopping a ransomware attack.

But actually, there is a lot that a business can do to protect itself, especially since the majority of approaches designed to either get the recipient to share their personal bank details or to install malicious software that locks the machine until a ransom is paid.

Emails that appear to come from a bank, from HMRC (HM Revenue and Customs) or from well-known companies, even social media accounts like Facebook, often either alert you to a problem, such as a suspended account, or to your being due a refund.  The giveaway is that invariably the message will include an invitation to click on a link in the email.

The main thing to be aware of, apart from the obvious one that you may not in fact have ever used that particular organisation’s services, is that in general neither banks nor HMRC will contact you via email with such information.

Unless you have specifically set up e-mail communication with the bank or other organisation an obvious giveaway of a fake is that it will not detail account numbers but also full names and may also contain spelling mistakes or grammar oddities.

Firstly, businesses should make sure every employee is alert to the possibility of emails being fake, regardless of how authentic the branding may look, and make sure they never click on any links contained in a suspect email.

If you have any doubts, the first thing to do is to hover the cursor over the alleged sender’s email address without clicking on or tapping it.  It should reveal the detailed address, and that will usually be enough to make you suspicious.

Your can do the same with any link in the email you are invited to open. If you are still unsure, log on to the organisation’s website from elsewhere, NOT via the email and check what it says about communications security and any specific alerts mentioned in the email.

Alternatively, if an email appears to come from an organisation with which you do have dealings it is always worth a phone call to check whether it is authentic.

Finally, report or flag the email either to your email provider or the organisation named in the email and alert them to the attempted scam.


Online security is a must for businesses

Businesses should be much more aware of online security after last month’s WannaCry ransomware cyber-attack attacked 200,000 computers in 150 countries, causing chaos for the UK’s NHS.

So many businesses these days rely on their IT systems for record keeping and for communications that it makes sense to do everything possible to keep them both secure and running. Ransomware attacks can take over a machine and lock the owner out until they pay a fee to the hacker.

It is estimated that such incidents have increased by 50% in the last 12 months.

The first thing to do is to ensure that the operating system is up to date, and that any security patches issued by the provider are installed promptly.

Also make sure to protect the system with a reputable anti-virus protection programme.

Remember that as Microsoft rolls out new operating systems, sooner or later it will withdraw support for older ones. This was part of the problem with the NHS meltdown, where some of its system was still using Windows XP, long after Microsoft withdrew support.

The second thing to do is to ensure that all data crucial to the business’ operation is backed up elsewhere, either in the cloud or on an external hard drive, preferably both.

Thirdly, all staff should be trained to be on the alert for suspicious e-mails and above all to never click on any links they contain.  Often such emails will appear to come from a reputable organisation, such as HMRC.

If in doubt about a link, hover the mouse over the link and the complete URL will pop up.  That is often a good indication that it is suspicious. Further checks could be done by either calling the sender or checking its website via a search engine not via any links in an email.

Remote monitoring by your IT support company is another option.  We offer remote monitoring and back-up options via AVG.  Better to be safe than sorry when your livelihood is at stake.


Updated Data protection regulations coming into force

From 25 May 2018 GDPR (General Data Protection Regulations) will be in force throughout the EU and the UK Government has confirmed that it will comply regardless of the decision to leave the EU.

The GDPR is designed to improve consistency in protecting and strengthening consumers’ rights over their personal data, although work is continuing on refining the regulations.

Many organisations collect and keep personal information for a range of legitimate purposes, from use in targeted business marketing, to records kept by organisations providing health and other services and also for research.

But rarely a week passes without news of yet another organisation’s customer database being invaded or “hacked”.

Any business or organisation that collects information from people who either work for or use its services has a duty to ensure it is stored securely and safely.

When the new regulations come into force both businesses and those who process digital records for them will now be accountable. They will have to document decisions that are made about processing the data that has been collected. This means showing that the data has been lawfully collected for specified and legitimate purposes, and that the details of what has been collected are specific and limited to those purposes.

Crucially the information must be protected and held securely and must be stored for no longer than required.

Any organisation or business that keeps lists containing people’s personal data will need to look at their data collection, storage and processing systems to be ready in time for the new regulations.  They must ensure they have proper permissions for collecting and holding personal information and can verify this. Silence or pre-ticked boxes are not proper consent.

They must also give individuals a right of access to and correction of the information being held, the right to its removal and to restricting it and the right to object. So, they will need to put in place acceptable governance to ensure all these rights are acted on, on request and in a timely manner.

Opt-outs from the regulations, known as derogation, will be allowed only in some situations – such as for national security reasons.


The End for Windows Vista

No more support for Windows Vista

It is ten years since the Windows Vista operating system was launched and this week on April 11 2017 Microsoft finally withdrew support.

Vista users will no longer receive security updates that can help protect PCs from harmful viruses, spyware, and other malicious software that can steal personal information.

When it was launched, Vista was supposed to revolutionise Windows because of its new file system and user interface.  But the new system was “graphically intense” and took up a lot of space, especially on laptops.  It was also too much for many netbooks.

Users complained about file transfers being slower than Windows XP, video games were sluggish, and on-screen prompts constantly pestered PC owners.

Vista reportedly became one of the most disliked software packages, especially when compared with Windows XP, which was two years older than Vista.

At the time, Microsoft was criticised for failing to understand customers’ needs and for not listening to them.

While those who still have Vista on their machines will still be able to run it, they should be aware that they will no longer be protected and if they store sensitive information, where security is important they should consider changing to a different operating system.

They may also find that their PCs will no longer work with other hardware, such as printers, scanners and cameras that have been manufactured to be compatible with more recent operating systems.

If you want to find out about the life cycles for support on other Windows operating systems there’s a fact sheet here

If you want help to upgrade to a newer system Colchester IT can assess whether your existing computer hardware is powerful enough to cope as Windows 10, for example, is very power-hungry needs at least 1GB of RAM, between 16 GB and 20 GB of free storage, and a display with a resolution of at least 800 x 600 pixels.

Call us for advice and to help you through the process of upgrading.


New ruse by scammers to get control of your computer

In the last couple of days there have been warnings about a sneaky new tactic being used by scammers to get control of people’s computers, as ever with the objective of extorting or stealing money.

The warnings have come from the UK’s National Trading Standards e-crime team.

In this scam the problem starts when the computer owner has a printer that develops problems and then goes online to find a printer helpline, which they then call.

“This printer helpline scam is particularly pernicious because it encourages victims to unknowingly contact the fraudsters of their own accord,” said Mike Andrews, the team’s lead co-ordinator.

This new ruse is a 21st Century version of the psychology used in old-fashioned distraction burglaries, where the criminal depends on the victim’s attention being on something else and therefore not alert to the real danger they are in.

Callers to the fake printer helplines are fooled into allowing remote access to their computers. Then, in the same way as the more well-known scams that depend on an unsolicited phone call claiming to be from Microsoft, victims are persuaded to allow remote access to their computer to fix the problems, only this time supposedly with their printer.

Victims are likely to be less alert to a possible fraud because their attention is not on their PC but on a printer issue.

From there on the victims are trapped by the usual scammer tactics of either refusing to hand back control until the owner pays them some money, or by the scammers inserting malware into the computer that allows them to steal the owner’s bank account details, again to extract money.

The best advice is to either access the printer manufacturer’s own website online and search for its official troubleshooting advice or helpline, or consult the brochure that came with the machine if there is one.

You should never, ever, allow remote access to your computer by someone you have not met and are talking to on the phone. Equally important is to keep virus and malware protection software up to date to protect the computer from the latest scams.

This is the latest variation to add to a growing list of telephone and email scams that also include emails that appear to be from legitimate banks or Internet service providers (ISPs). These usually contain a link for the recipient to click on, at which point the scammer has access to either steal financial information or to encrypt the machine then demand a ransom payment to unlock it.

According to the organisation Action Fraud, there were more than 32,000 instances of various types of computer service fraud in 2016, an increase of 47% since 2014.

If you have been effected by this scam or have any concerns contact us at ColchesterIT for FREE no partial advice. Or simply call us on 01206 634063


Charity Sky Dive

ColchesterIT Charity Skydive

Extreme thrill and adrenaline rush was on the cards for ColchesterIT owner, Nigel, last week as he braved jumping out of an aircraft and plunging down to earth at speeds of more than 120 mph for a great cause.

This immense breathtaking experience was a skydive at 13,000 feet (just over three miles!) in aid of raising funds for the The Isobel Parmenter Memorial Fund, a charity close to the hearts of many. Nigel’s jump took place in Lowestoft with UK Parachuting, and raised a stonking total of more than £750!

You can watch his exhilarating experience on YouTube here:

Well done, Nigel!

Nigel’s skydive was in aid of an extremely worthwhile cause – The Isobel Parmenter Memorial Fund at CCLG. A small person inspiring people to do BIG things! This is funding essential research into the causes, diagnosis, and treatment of histiocytosis – a rare cancer group of diseases caused by an increase of white blood cells in the blood and tissue. It is hoped that one day a cure will be found.

To find out more about this amazing charity, and how you can give your support and get involved, please visit: