The Web Design team of South Jersey Techies has been constantly working on developing the best websites including easy mobile approach and the latest website developed by the team is J-Marks Painting. J-Marks Painting has been serving and satisfying more than 3000 clients in the South Jersey area since 1995. They have the expertise, knowledge and talent to make your dream project come true.
Want to know how the websites developed by our team appears on your smartphone? Here is a glimpse.
If you spend most of your day at a desk, any one of these tech tools will make your work station more comfortable and give your body some much-needed relief.
Ergonomics – they do a body good
Do you work long hours on your computer? If so, we know the feeling and have identified a list of gadgets that you can use at your workstation, and which offer the necessary support and comfort as you work. While some may require making some adjustments or take some getting used to, your body will grow to love any of these devices — in the form of reduced aches and pain.
Kensington SmartFit Conform Back Rest
If you don’t have an ergonomic chair, the Kensington SmartFit Conform Back Rest lets you convert a plain office chair into one. The attachment fits onto most chairs with a back, and delivers support for your spine and lumbar using two ventilated back panels resting on four independent springs. The fit can be slightly adjusted for support that is highly comfortable, while the fabric itself can be removed for washing.
Price: $60
[ Find it on Amazon ]
Microsoft Sculpt Ergonomic Keyboard
The Microsoft Sculpt Ergonomic Keyboard sets a new standard for the support and comfort of your wrist for those who type a lot at work. The split keyboard layout and arc shape of this wireless keyboard helps keep hands and arms in a relaxed position to significantly reduce the risk of repetitive stress injuries. The numeric keypad comes as a separate device so right-handers can hold their mouse at a more accessible angle. Though the keyboard does take some getting used to, you’re soon be wondering why you ever settled for the cramped layout of a normal keyboard.
Price: $81
[ Find it on Amazon ]
Microsoft Natural Ergonomic Keyboard 4000
The Microsoft Natural Ergonomic Keyboard 4000 adopts a similar split keyboard layout and arc shape of the Sculpt Ergonomic keyboard, though in a more conventional wired keyboard design. In addition, it comes with additional multimedia buttons that can be customized to quickly access files, launch web pages and create hot keys shortcuts to get things done faster. A dedicated slider located in the middle of the Natural Ergonomic Keyboard 4000 also makes it easy to zoom in and out.
Price: $50
[ Find it on Amazon ]
Logitech MX Master
The Logitech MX Master is a wireless desktop mouse that offers a sculpted design meant to support your hand and wrist in a comfortable and natural position. Aside from the usual plethora of technologies such as dual Bluetooth and RF wireless modes and support for pairing with up to three devices, the MX Master also comes with a couple of additional capabilities that should reduce wrist fatigue. For example, a speed-adaptive scroll wheel makes scrolling through long documents easier than ever with its ability to automatically shift between normal “click-to-click” scrolling to hyper fast scroll, while a thumb wheel offers side-to-side scrolling.
Price: $100
[ Find it on Amazon ]
Kensington Expert Mouse Wireless Trackball
Users who find that a normal mouse just doesn’t cut it for them will appreciate the use of a trackball-based solution such as the Kensington Expert Mouse Wireless Trackball. The giant trackball help keeps wrist and hand movement is kept to a minimum, and uses optical tracking technology for smooth control. Notably, the Expert Mouse Wireless Trackball works just as well for right-handed and left-handed users, while a scroll ring positioned around the trackball also makes it easy to scroll up and down lengthy documents or Web pages.
Price: $100
[ Find it on Amazon ]
Microsoft Sculpt Ergonomic Mouse
Shaped almost like a slightly squashed softball, the Microsoft Sculpt Ergonomic Mousewas created to offer a more natural hand, wrist and forearm posture. While its ergonomic design may take get some getting used to, the Sculpt Ergonomic Mouse is arguably more like a normal mouse than some of the other vertical mouse designs on the market. A thumb scoop is positioned to help maintain the correct hand and wrist position, while the scroll wheel supports four ways scrolling: Left, right, front and back.
Price: $60
[ Find it on Amazon ]
Swiftpoint GT Mouse
The Swiftpoint GT mouse is a compact, travel-friendly mouse designed to reduce fatigue caused by your normal portable mouse. The Swiftpoint GT’s pen-like grip is more natural than the claw grip that is necessary for many of the travel mouse out there, yet is small enough to be used on your laptop next to the touchpad. Moreover, it has a touch surface that enables a full range of touch gestures such as swiping, flicking and zooming. You can also easily “park” the Swiftpoint GT on your laptop when moving between meetings with its included magnetic clip.
Price: $149
[ Find it on Amazon ]
Kensington SmartFit Mouse Pad
The Kensington SmartFit Mouse Pad is created to combat improper positioning of one’s wrist when using a mouse. It comes with a soft gel support to relief pressure points on the wrist, and stands out from your run-of-the-mill mousepad by how its height can be adjusted with the use of removable inserts. A nonskid base adds stability, while an anti-microbial surface to resist strains and odors to set the SmartFit Mouse Pad further apart from the rest.
Price: $20
[ Find it on Amazon ]
Ergotron WorkFit-P, Sit-Stand Workstation
Laptop users looking to get off their butts in the office can consider the Ergotron WorkFit-P, Sit-Stand Workstation, an elegant height-adjustable laptop stand. Made of solid-aluminum construction, the WorkFit-P works like a standard monitor arm in how it can be quickly adjusted various positions – including for use while standing. The large surface has more than adequate space for a laptop and external mouse, and can also serve as an adjustable tray for writing or drawing with a graphics tablet.
Price: $299
[ Find it on Amazon ]
HiRise for MacBook
While its name suggests that it can only be used for a MacBook, the HiRise for MacBook is a height-adjustable stand that works just as well for other laptops. The beautiful brushed metal design aside, the stand lifts your laptop up to a half foot off the desk, bringing it to a more optimal height for your overstrained eyes. You will need a separate keyboard and mouse to work with your machine, but laptop’ keyboard and trackpad were never great for ergonomics anyway.
Price: $70
[ Find it on Amazon ]
Ergotron MX Mini Desk Mount Arm
The Ergotron MX Mini Desk Mount Arm is a monitor arm that offers a slim profile without giving up on the expansive height adjustment range of full-fledged monitor arms, including full tilt, pan and rotation capability. This means you can set the ideal height and angle for optimal individual comfort, and adjust it as necessary to avoid the morning or mid-afternoon glare. The MX Mini Desk Mount Arm works with lightweight LCD monitors of up to 24-inches, as well as tablets such as the Apple’s iPad and Microsoft’s Surface.
Takeaway:How to use PC Remote App & Server software to control your PC with a Windows 8 Phone.
PC Remote App is an easy and secure way to remote into your PC from a Windows 8 Phone. Two versions are available, PC Remote (free) and PC Remote Pro ($2.99).
Step 1 – Install PC Remote Server
1. Download the PC Remote Server from http://www.pcremoteserver.com/PCRemoteSetup.msi 2. Run PCRemoteSetup.msi file 3. After install, you can setup a password. Select “Password” Tab.
5. Check “Enable” 6. Enter the password 7. Select the “General” Tab and then Click “Update Server”.
Step 2 – Download PC Remote Mobile Client
1. Open Windows Phone Store App. 2. Search for “PCRemote” (Select Free version) and tap “Install”. 3. Select “+” to add the IP address of the server machine.
4. Insert the IP address of the server machine and password you selected in Step 1. 5. Return to the main screen and select your machine. 6. From the control menu you can choose multiple control options.
The Galaxy S8 might be the best phone of 2017, but the year’s not over until the next iPhone makes its debut. Here’s how Apple can take the crown back from Samsung.
If there wasn’t already a mountain of pressure on Apple to deliver something spectacular with this year’s iPhone update, there surely is now. If you haven’t noticed, Samsung has released the Galaxy S8 and S8+, and they’re pretty remarkable. As a former iPhone 7 Plus user, the S8+ might very well be the best phone I’ve ever used, with a stunning screen, speedy processor, and, yes, a gorgeous design.
But what makes the S8 so amazing is how unique it is. For the first time in a while, Samsung is standing alone on the cutting edge with a phone that needs to be seen to be believed. From its barely there bezels to its brilliant wraparound screen, the Galaxy S8 truly gives Apple a run for its money. No joke, it actually makes the iPhone 7 look pretty stale.
But there’s still a lot of time between now and the release of the next iPhone. According to rumors, the lineup this year will consist of the usual S models along with a fantabulous iPhone 8, which looks to adopt a similar aesthetic to the Galaxy S8, with an edge-to-edge OLED display and the removal of the physical home button. But just because it might look similar doesn’t mean it can’t still be better. Here’s how Apple can still steal the crown from Samsung:
The Galaxy S8 has a killer camera but the iPhone 7 is no slouch.
Killer camera
The Galaxy S phones has always had a camera on par with the iPhone, so it was a little surprising that Samsung didn’t upgrade the S8’s all that much. The iPhone 7 Plus is already a step ahead here, with 2X optical zoom and the sublime Portrait Mode, but the iPhone 8 could really separate itself from the S8 by taking it even further. Along with a megapixel bump, Apple could add optical image stabilization to the second lens, which will go a long way toward increasing photo and zoom quality. But what would really set it apart would be a larger sensor and greater ISO range to make it a low-light leader.
The Gear VR is a big part of the S8, but AR could be the iPhone 8’s big play.
AR not VR
While Samsung is going all-in on virtual reality with the Galaxy Gear and the S8, rumors suggest that Apple is more interested in augmented reality. And that could be one of the features that sets the iPhone 8 apart. Smartphones have been slow to incorporate AR into the interface, but if Pokémon Go has taught us anything, it’s that people are way more interested in seeing the world through their screens than strapping a headset to their faces. An AR-fueled iPhone 8 could connect us to the world in fun new ways without separating us from reality.
The Galaxy S8’s fingerprint sensor is just in the worst place.
Well-placed fingerprint sensor
While the Galaxy S8 is one of the best smartphones ever made, one tragic flaw prevented it from being perfect: the placement of the fingerprint sensor. For some god-awful reason, Samsung put it right next to the camera, all but ensuring your finger will not only miss it, but also repeatedly smudge the lens. If the rumors are correct that Apple will also be removing the home button in the iPhone 8, it has two options: under the screen or on the back. A first-of-its-kind in-panel sensor would be revolutionary, but if it’s on the back, Apple needs to learn from Samsung’s mistake and put it lower, like on the Pixel.
Bixby hasn’t exactly exploded out of the gate, but it does a lot that Siri doesn’t do.
Expanded Siri
When Samsung unveiled the S8, a major part of the presentation was spent introducing its new AI assistant, Bixby. However, the new service wasn’t just a competitor to Siri, Alexa, and Google Assistant. Samsung integrated Bixby deep into the interface to let it access apps, fetch information, and cut down on how often we need to touch our phones. It’s a cool idea, except the only problem is it doesn’t really work. If Apple could do something similar with Siri and expand its reach to work inside apps while we’re using them, it could beat Bixby at its own game.
The Galaxy S8’s screen is pretty, but It also uses its software to accentuate it.
iOS 11
One of the biggest gripes people have had about Samsung’s phones has always been its TouchWiz interface. But that’s changed with the S8, as Samsung has crafted an intuitive, refined system that takes full advantage of its superb hardware. If Apple is going to release a radically redesigned iPhone with curved edges and a wraparound screen, the same old iOS isn’t going to do it justice. It might be time to rethink iOS for modern times and give it more than new features and a fresh coat of pixels.
Samsung’s wireless charging supports Qi and PMA standards, and the pad stands up or lies flat. But it’s not long range wireless.
True wireless charging
While Samsung has had wireless charging in the Galaxy S since the S6, Apple has been slow to adopt it for the iPhone. All signs indicate that’s going to change for the iPhone 8, but if Apple wants to top the Galaxy S8 and not just keep pace, it’s going to need something a little more exciting than a pretty charging pad. One of the rumors we’ve read suggests that Apple could adopt true long-range wireless charging for the next iPhone, which would power up the battery whenever you’re within range of the charger, even if it’s in your pocket. That alone would be an S8 killer.
The Galaxy S8 includes a pretty great pair of earbuds.
Bundled AirPods
Samsung didn’t just resist the trend to ditch the headphone jack on S8, it embraced the 3.5mm jack in a big way. Inside the S8 box is a pair of premium AKG-tuned earbuds that are a few steps above the usual build and sound quality you get for free—certainly better than what Apple gives us. But if Apple really wants to embrace the wireless future of the iPhone, it needs to stop including a wired set of EarPods, even if they are Lightning. A pair of AirPods in the box (or a cheaper Beats alternative) would really set it apart from the 3.5mm S8 and make a strong statement.
The battery life on the S8 is really good, but the iPhone 8’s could be even better.
Blow-away battery
Samsung has had its share of battery issues, but the S8 looks to put them in the past with a long-lasting battery that hopefully won’t blow up. But while it can get through the whole day for the most part, the S8 didn’t deliver the the real breakthrough we were hoping for. We’re still waiting for a phone that lets us completely forget about the battery until our day is over, and we’d love to see the iPhone 8 deliver something in the range of 12 hours and truly change the game.
Apple just made upgrading to an iPhone 7 a philanthropic decision by adding a red special edition to the lineup. The new red aluminum finish, which is available to order for both iPhone 7 and 7 Plus in-store and online on March 24, is a fundraising effort for the Global Fund. Apple will contribute a portion of red iPhone sales to the fight against AIDS and HIV.
The two new red iPhones will come in 128GB and 256GB storage variations and start at $749 in the U.S. Apple will sell the special editions in more than 40 countries by the end of March, with Brazil, Chile, Colombia, India, and Turkey to come in April. If you live in the U.S., U.K., or China and are part of the iPhone Upgrade Program, you’ll be able to snag an unlocked red iPhone with AppleCare+. In the U.S., the 128GB iPhone 7 will start at $37 a month with the ability to upgrade every year.
Apple has a long-standing relationship with the Global Fund and has a variety of products in its red lineup, including iPod’s, cases, headphones, and speakers. Last December, Apple celebrated its decade-long partnership with the Global Fund by donating proceeds from in-app purchases, exclusive downloads, and newly launched accessories to the nonprofit. The company has so far donated more than $130 million to the Global Fund, making it the organizations’s largest corporate donor.
You can snag a flashy new red iPhone 7 on March 24, starting at $749.
iPhone SE gets a bump, too
Apple hasn’t forgotten about the littlest phone in its lineup, the iPhone SE. The company just doubled the 4-inch phone’s storage to 32GB and 128GB, up from 16GB and 64GB. Those models will be phased out and the roomier new options will start at $399 beginning March 24.
While the flashy new color and iPhone SE upgrade aren’t the biggest iPhone news of the year—that will come in September with the 10th anniversary iPhone 8—it’s nice to see Apple add a little something extra to both its existing flagship and its entry-level phones.
If your mobile connection keeps cutting out, this update should fix it.
Apple on Monday released iOS 10.0.3, an update for the iPhone 7 and iPhone 7 Plus. To install the update, open the Settings app and tap General > Software Update. The update can also be installed by connecting your iPhone 7 to your Mac and using the iTunes app.
iOS 10.0.3 addresses an issue that could cause the iPhone 7 to “temporarily lose cellular connectivity.” The workaround to the issue before the update was to turn off Voice over LTE.
Since the 10.0.3 update addresses an issue specifically for the iPhone 7, the update is not seen by other iPhone models. For now, the iPhones in Apple’s current lineup are on different iOS versions. When Apple releases the iOS 10.1 update, which includes the Portrait mode camera feature, the iPhones will probably be back in iOS version alignment.
Tip:Before updating your iPhone 7, be sure to back up your data.
5 things to do before giving an old iPhone or iPad to your kid
Don’t hand over an aging iOS device to your eager youngster before doing a little kid-proofing first.
Like it or not, little kids love iPhones and iPads. They love to look at them, they love to tap and swipe the screen, they love playing iPhone games, and most of all, they love watching videos on them. (“Curious George” is my daughter’s favorite—for this week at least.)Giving your little ones a hand-me-down iOS device is an easy way to satisfy their desire for a screen of their own—my kid is the proud owner of an iPhone 3GS and a third-generation iPad.That said, you shouldn’t hand over your old iPhone or iPad without doing some kid-proofing first. Read on for five ways to prep an aging iPhone or iPad for your youngster, from wiping your data and setting up a child’s iCloud account to blocking web access and keeping her from racking up in-app charges on your credit card.
Wipe your old data
Before you hand over your old iPhone to your kids, you’ll want to make sure any and all of your personal data has been wiped clean. The best way to do so is to perform a “factory” reset, which wipes the iPhone’s storage and returns it to its factory settings.
Make sure to back up and then wipe your data before handing over your old iPhone to your child.
Naturally, you should first make sure you’ve backed up any old iPhone or iPad data you want to preserve. You may already have taken care of this step if you’ve previously upgraded to a new iPhone or iPad and restored your data from iCloud. If not, tap Settings, tap your iCloud profile, then tap iCloud > Backup > Back Up Now. You can also back up your old iPhone or iPad by connecting it to your Mac or PC and syncing it with iTunes.
Once you’re satisfied that your data is safe and sound, go ahead and wipe the device. Tap Settings > General > Reset > Erase All Content and Settings. Once the reset is complete, your old iPhone or iPad will return to its factory settings, just like the day it came out of the box.
Create a child’s iCloud account
While it may seem a little soon to, say, create an Apple ID for a toddler, take it from me: it won’t be long before your onesie-clad cutie is walking, talking and pleading for an iPhone upgrade—and when that happens, it’ll be easier to migrate her data and apps if she already has her own iCloud account.
Just because your child is under 13 doesn’t mean she can’t have her own iCloud account and Apple ID.
Even if your kid is younger than 13 years old, she can still have her own iCloud account and Apple ID. All you need to do is create the account under iOS’s “Family Sharing” umbrella. With her iCloud account, your child will be able to sign in to an old iPhone or iPad, download apps, and even purchase items from the App Store—only with your approval, of course.
Also, keep in mind that just because she has an iCloud account, your daughter or son won’t be able to start web surfing, tweeting, or posting selfies on Instagram without your say-so. (More on iOS’s parental controls in a moment.)
You can create a child’s iCloud account directly on your own iPhone or iPad. Just tap Settings, tap your iCloud username, then tap Family Sharing > Add Family Member > Create an Apple ID for a child.
You’ll need to enter your kid’s birthday, agree to some disclosures and legalese, choose a payment method for App Store purchases (which, again, you can control and/or block), then choose an Apple ID username and password.
By default, your kid’s new iCloud account won’t let her make App Store purchases without your consent. To double-check the “Ask to Buy” setting, tap Settings, tap your iCloud account name, then tap Family Sharing and your kid’s name.
Control what your kid can—and can’t—do on her iPhone or iPad
Once you’ve got your old iPhone or iPad set up with your child’s new iCloud account, it’s time to make some decisions on which iOS features will be fair game for your kid, and which will be off-limits.
Don’t want your child surfing the web or snapping photos on her hand-me-down iPhone? You can block those activities in iOS’s Restrictions settings.
Tap Settings > General > Restrictions > Enable Restrictions, then create a Restrictions passcode.
Next, scroll down and disable all the iOS features that you’d rather your kid not mess with. You’ll probably want to disable Safari and the iTunes store right away. You may also want to block your child from installing apps, and if you don’t want your little one snapping a million photos of their crib, you might want to nix the Camera app, too.
In the “Allowed Content” section, make sure to disable in-app purchases, as well as block music with explicit music and any grown-up movies, TV shows and books.
In the Privacy section, you can control which apps can access location services, contacts, the microphone, and more on your kid’s iPhone.
At the bottom of the Restrictions screen, you can also disable access to multiplayer games, friend adding, and screen recording for any Game Center-ready games.
Hide Settings, Mail, and other Apple apps
Even after you’ve thoroughly managed all of iOS’s Restrictions settings, you may still see some home-screen icons on your kid’s iPhone or iPad that you’d rather she not mess with. For example, the Settings icon should probably stay out of her hands, as well as the Mail app, Game Center, and the App Store.
You can hide the Mail, App Store, and other Apple apps in a folder, preferably on its own home screen in the back.
Here’s what I did before I gave my daughter my old iPhone: I hid all those various Apple apps in a “Hidden” folder in the very last iOS home screen. To create a home screen folder, drag one app icon on top of another, name the folder, then start dragging other app icons into the newly created folder.
Naturally, older kids who are a bit more iOS savvy may quickly sniff out the “Hidden” folder. My five-year-old, for example, knows exactly where I’ve tucked away the Settings icon, but she doesn’t really care—probably because tapping Settings won’t get her any closer to Curious George.
Turn on Airplane mode
One way to make sure your little one doesn’t wander into a grown-up corner of the Internet on her iPhone is to cut off Internet access altogether, and the easiest way to do that is to turn on Airplane mode. (Of course, you can kiss Airplane mode goodbye once your children start clamoring for the streaming PBS Kids video app, which they’ll do once they hit about 3 or so.)
Just tap Settings, then flip on the Airplane Mode switch.
Turning on Airplane mode is an easy way to keep tiny iPhone users off the Internet.
If your old iPhone or iPad is running on iOS 6 or later, you may also want to disable home-screen and in-app access to Control Center, the flip-up control panel that includes an Airplane Mode button, To do so, tap Settings > Control Center, then switch off the Access on Lock Screen and Access Within Apps settings. That won’t completely disable Control Center, but at least it’ll make it a tad more challenging to find.
Microsoft is now offering significant discounts on its product upgrades. Discounts are available for Open License programs.
Microsoft officials are well aware that its biggest Windows 7 and Office 2010 competitors are its own previous product iterations (Windows XP and Office XP/2003). To try and wean users away from older, “good-enough” releases, Microsoft is introducing a new licensing promotion.
The revamped “Up to Date Discount” program is targeted at small/mid-size business (SMB) customers running older versions of Windows and Office. Between January 1 and June 30 of this year, Microsoft is enabling users running Windows XP or Vista (on the operating system side) and Office XP, Office 2003 or Office 2007 (on the productivity suite side) to receive a discount of 50 percent on the cost of their licenses for Windows 7 and Office 2007 (or Office 2010, once it is released by June 2010).
The 50% discount calculations “are based on estimated retail prices and reseller prices may vary,” Microsoft officials acknowledge. But the Softies say U.S. customers who sign up for the program “would be paying $35.00 for a Windows 7 Professional Upgrade and/or $91.00 for Office 2007 Professional Plus in year 1, plus receiving all of the Software Assurance benefits (such as an automatic upgrade to Office 2010 when it launches, Office Home Use Rights, and much more) for that price.”
As you’d expect, there are lots of caveats. First,customers get the 50 percent discount only for the first year of their Open Value Subscription (OVS) payment. (OVS is a Microsoft licensing program, introduced last year for SMBs, which allows users to pay for software licenses over time and includes many of the same provisions as Microsoft’s Software Assurance licensing program.) The new deal applies only to those customers using the Professional versions of Windows and/or the Professional versions of Office.
The new promotion, which Eric Ligman, Global Partner Experience Lead with Microsoft’s Worldwide Partner Group, announced via the Microsoft SMB Community Blog on January 1, goes beyond the current Up-to-Date Discount offer. Before the new so-called “N-2? update to the program was put in place, Windows XP users and Office XP users were ineligible for the discount. But Microsoft is now offering users of the older Windows and Office releases coverage if they’re willing to sign up for the Open Volume Subscription plan.
Meanwhile, speaking of new Microsoft licensing promotions, Microsoft is introducing “version 4.0? of another SMB promotional licensing offer, known as “The Big Easy,” according to Ligman.
Starting January 3, SMB customers can increase dollars available for them to spend with Microsoft partners “by purchasing multiple qualifying product groups, adding Software Assurance to their orders and/or acquiring advanced, premium or Enterprise editions of the MIcrosoft Solutions.” To qualify, customers need to buy products through their Microsoft partners between January 3 and March 31 via the Microsoft Open License, Open Value and/or Open Value Subscription programs.
Products included under the program include Dynamics CRM, Office Communications Server, SharePoint Server, SQL Server, Systems Center and Windows Server, among others.
Following a recommendation by the National Institute of Standards and Technology (NIST), Microsoft will block Windows from accepting SSL certificates encrypted with the Secure Hash Algorithm-1 (SHA-1) algorithm after 2016. Given the number of mission-critical SSL certificates that are allowed to expire from inattention, administrators have their work cut out for them. By knowing what will happen, why it’s happening, and what you need to do, you won’t be surprised by these important policy changes.
What’s Happening?
On November 12, 2013, Microsoft announced that it’s deprecating the use of the SHA-1 algorithm in SSL and code signing certificates. The Windows PKI blog post “SHA1 Deprecation Policy” states that Windows will stop accepting SHA-1 end-entity certificates by January 1, 2017, and will stop accepting SHA-1 code signing certificates without timestamps after January 1, 2016. This policy officially applies to Windows Vista and later, and Windows Server 2008 and later, but it will also affect Windows XP and Windows Server 2003.
SHA-1 is currently the most widely used digest algorithm. In total, more than 98 percent of all SSL certificates in use on the Web are still using the SHA-1 algorithm and more than 92 percent of the certificates issued in the past year were issued using SHA-1.
Website operators should be aware that Google Chrome has started warning end users when they connect to a secure website using SSL certificates encrypted with the SHA-1 algorithm. Beginning in November 2014 with Chrome 39, end users will see visual indicators in the HTTP Secure (HTTPS) address bar when the site to which they’re connecting doesn’t meet the SHA-2 requirement. Figure 1 shows those indicators.
Figure 1: Visual Indicators in the HTTPS Address Bar
Google is doing this to raise end users’ awareness and to help guide other members of the Internet community to replace their SHA-1 certificates with SHA-2 certificates.
Why Is Microsoft Deprecating SHA-1?
SHA-1 has been in use among Certificate Authorities (CAs) since the U.S. National Security Agency (NSA) and NIST first published the specification in 1995. In January 2011, NIST released Special Publication 800-131A, “Transitions: Recommendation for Transitioning the Use of Cryptographic Algorithms and Key Lengths.” This publication noted that SHA-1 shouldn’t be trusted past January 2016 because of the increasing practicality that a well-funded attacker or government could find a SHA-1 hash collision, allowing them to impersonate any SSL website.
Realizing that it’s highly unlikely that CAs and the industry at large will adopt more powerful encryption algorithms on their own, Microsoft is leading the charge by making Windows reject certificates using SHA-1 after January 1, 2017. Doing this will lead website operators to upgrade to stronger SHA-2 certificates for the betterment of all Windows users and the broader public key infrastructure (PKI) community. The Windows PKI blog post “SHA1 Deprecation Policy” noted that, “The quicker we can make such a transition, the fewer SHA-1 certificates there will be when collisions attacks occur and the sooner we can disable SHA1 certificates.”
In the end, the issue isn’t if SHA-1 encryption will be cracked but rather when it will be cracked.
What Do I Need to Do?
January 1, 2017, might seem like a long way away, but now is the time to understand the problem and how to mitigate it.
As per Microsoft’s SHA-1 deprecation policy, Windows users don’t need to do anything in response to this new technical requirement. XP Service Pack 3 (SP3) and later versions support SHA-2 SSL certificates. Server 2003 SP2 and later versions add SHA-2 functionality to SSL certificates by applying hotfixes (KB968730 and KB938397).
Web administrators must request new certificates to replace SHA-1 SSL and code-signing certificates that expire after January 1, 2017. As of this writing, that would probably affect only public SHA-1 certificates that were purchased with a long expiration date (three years or more) or long-duration certificates issued by internal SHA-1 CAs. Most third-party CAs will rekey their certificates for free, so you simply need to contact the CA to request a rekeyed certificate that uses the SHA-2 algorithm.
When ordering new SSL certificates, you should confirm with the CA that they’re being issued with the SHA-2 algorithm. New certificates with expiration dates after January 1, 2017, can only use SHA-2. Code-signing certificates with expiration dates after December 31, 2015, must also use SHA-2.
Note that the algorithm used in SHA-2 certificates is actually encoded to use SHA-256, SHA-384, or SHA-512. All of these are SHA-2 algorithms; the SHA number (e.g., 256) specifies the number of bits in the hash. The larger the hash, the more secure the certificate but possibly with less compatibility.
It’s important that the certificate chain be encrypted with SHA-2 certificates. (A certificate chain consists of all the certificates needed to certify the end certificate.) This means that any intermediate certificates must also use SHA-2 after January 1, 2017. Typically, your CA will provide the intermediate and root CA certificates when they provide the SHA-2 certificate. Sometimes they provide a link for you to download the certificate chain. It’s important that you update this chain with SHA-2 certificates. Otherwise, Windows might not trust your new SHA-2 certificate.
Root certificates are a different story. These can actually be SHA-1 certificates because Windows implicitly trusts these certificates since the OS trusts the root certificate public key directly. A root certificate is self-signed and isn’t signed by another entity that has been given authority.
For the same reason, any self-signed certificate can use the SHA-1 algorithm. For example, Microsoft Exchange Server generates self-signed SHA-1 certificates during installation. These certificates are exempt from the new SHA-2 policy since they aren’t chained to a CA. I expect, however, that future releases of Exchange will use SHA-2 in self-signed certificates.
What About My Enterprise CAs?
If your organization has its own internal CA PKI, you’ll want to ensure that it’s generating SHA-2 certificates. How this is done depends on whether the CA is running Windows Server 2008 R2 or later and if your CA has subordinate CAs.
If you have a Server 2008 R2 or later single-root CA without subordinates, you should update the CA to use SHA-2. Doing so will ensure that subsequent certificates generated will use the SHA-2 algorithm. To check which hash algorithm is being used, you can right-click the CA and go to the General tab. If SHA-1 is listed, you can run the following certutil command to configure the CA to use the SHA-256 algorithm:
certutil -setreg ca\csp\CNGHashAlgorithm SHA256
You must restart the CertSvc service to apply the change. Now when you view the CA properties, you’ll see that the hash algorithm is SHA-256. All future certificates issued by this CA will use SHA-256, but keep in mind that existing certificates will still be using SHA-1. You need to renew any SHA-1 certificates issued by this CA to upgrade them to SHA-2 certificates.
If your CA is older than Server 2008 R2, you can’t upgrade the CA to use SHA-2. You’ll need to rebuild it with a newer version.
If your organization’s internal CA is multi-tiered with one or more subordinate CAs, you’ll need to reconfigure them to use SHA-2. This is done using the same certutil command just given on each subordinate or issuing CA. Keep in mind that if you use subordinate CAs, you’re not required to update the root CA to SHA-2 since that certificate is at the top of the certificate chain, but it won’t cause any problems if you do. You still need to renew any SHA-1 certificates issued by the subordinate CAs to upgrade them to SHA-2 certificates.
Take Action Now
Administrators and website operators should identify all the SSL certificates used in their organizations and take action, as follows:
SHA-1 SSL certificates expiring before January 1, 2017, will need to be replaced with a SHA-2 equivalent certificate.
SHA-1 SSL certificates expiring after January 1, 2017, should be replaced with a SHA-2 certificate at the earliest convenience.
Any SHA-2 certificate chained to an SHA-1 intermediate certificate should be replaced with another one chained to an SHA-2 intermediate certificate.
The following tools and websites are useful for testing and for further information about SHA-1 remediation:
Microsoft Security Advisory 2880823. This website discusses the deprecation policy for the SHA-1 hashing algorithm for the Microsoft Root Certificate Program.
“Gradually sunsetting SHA-1.” This Google Online Security Blog post explains how the transition to SHA-2 affects Chrome and details Google’s rollout schedule.
SHA-256 Compatibility. This GlobalSign web page lists OS, browser, server, and signing support for SHA-256 certificates.
DigiCert SHA-1 Sunset Tool. This free web application tests public websites for SHA-1 certificates that expire after January 1, 2016.
DigiCert Certificate Inspector. This tool discovers and analyzes all certificates in an enterprise. It’s free, even if you don’t have a DigiCert account.
Qualys SSL Labs’ SSL Server Test. This free online service analyzes the configuration of any SSL web server on the public Internet.
Hulu’s channel bundle attacks the norms of pay TV service—for better and for worse.
Hulu with Live TV is not the channel bundle you might’ve grown up with. The $40-per-month streaming service clearly wants to be something other than cable.
Aside from being cheaper than the average pay TV package, Hulu’s new bundle aims to blur the lines between live TV, on-demand shows, and DVR. It pushes personalized recommendations on what to watch, and it shunts the notion of channel-flipping out of the spotlight. Recordings, on-demand episodes, and Hulu’s existing TV and movie library intermingle in ways that obscure the source of what you’re watching, as if to suggest that only the content matters.
Hulu’s attempt to distance itself from the legacy TV experience is refreshing, and it can lead to discovering some great television. But it can also be disorienting, due to an expansive, sometimes confusing menu system. Hulu also accurately describes the current service as a beta, and it’s marred by limited device support and occasional glitches. We’re not going to render a review score until Hulu lifts the beta tag; in the meantime, cord-cutters signing up for the service in its current state should be aware they’re paying for an unfinished product.
Hulu’s bundle is one-size-fits-all, with more than 60 channels for $40 per month. That puts it in the ballpark of other streaming bundles’ primary offerings, though Hulu throws in access to its existing on-demand service—an $8 per month value—to sweeten the deal. The ad-free version of that existing service costs an extra $4 per month, and you can still tack on Showtime’s on-demand catalog for another $9 per month.
Channel highlights include ESPN, Disney channels, regional sports from Fox and Comcast, all three cable news networks, and on-demand video from all four major broadcast networks. In certain markets, you can get live feeds from local broadcast stations as well. (A full channel list appears at the bottom of this review, and Hulu’s sign-up page lets you enter a zip code for a list of local stations.)
Hulu includes roughly 60 channels for $40 per month—no more, no less.
Like other streaming bundles, Hulu omits some networks to keep prices down. AMC Network channels, Discovery channels, and Viacom channels such as Comedy Central and MTV are all absent from Hulu with Live TV, as are league-based sports channels such as NBA TV, MLB Network, NFL Network, and NFL Redzone.
The service does include 50 hours of DVR at no extra charge, but with some opaque rules and restrictions. Some live channels let you rewind to the start of a program even if you haven’t set up a recording, and then allow you to skip commercials. Others allow automatic rewinding, but not ad-skipping. Recordings are supported on all channels, but some won’t let you skip ads unless you pay an extra $15 per month for expanded DVR, which also increases storage to 200 hours.
Hulu’s cloud DVR lets you record individual episodes or entire series.
Subscribers can add up to six user profiles and are allowed up to two streams at a time, either inside or outside the home. That’s the same as DirecTV Now, and better than Sling TV Orange, but less than PlayStation Vue, Sling TV Blue, and YouTube TV. It also leads into another upsell: For $15 more (or $20 total combined with expanded DVR service), you can stream on unlimited devices at home and three devices on the road.
Currently, Hulu with Live TV runs on Apple TV, Xbox One, Chromecast, iOS, and Android. Live TV subscribers can still use Hulu’s on-demand service on a longer list of devices. The service also includes access to a handful of cable-authenticated apps, but the limited device support for live channels is one reason Hulu has applied a beta tag for now.
How Hulu Works
As for the experience of using Hulu with Live TV, it’s at once gorgeous, empowering, and utterly overwhelming.
Top-level navigation splits into three main sections: The “Home” section focuses on recommendations and quick access to recently-watched programming. The “My Stuff” section pulls in all the channels, shows, and movies that you’ve marked as favorites, including both on-demand and DVR content. The “Browse” section is a catch-all for everything else, including genres and a full channel list.
Logical as this layout may seem, the purpose of each section isn’t immediately self-evident. Each section also has numerous subsections, which in some cases share a name with subsections in other parts of the interface. For instance, there are four menus entitled “Sports,” three menus entitled “Movies,” another three entitled “TV” or “TV Shows,” and two ways to access your favorite channels. These redundantly named sections rarely behave in exactly the same way. Better labelling could be a short-term fix, but Hulu would really benefit from consolidating the interface into fewer branching pathways.
In the “My Stuff” section, the “TV Shows” menu provides a list of your favorite shows. But there’s a different menu by the same name under the “Browse” section.
At least the Hulu interface isn’t lacking ways to discover things to watch. During setup, Hulu asks users to pick some favorite channels and genres, which fuel the recommendations on the home screen. Intriguing subsections such as “Star Wars” and “Binge-worthy” pepper the home screen, and browsing the genre menus yields fun results such as “Workplace Shenanigans” and “Nostalgia TV.” You can also search for shows, channels, and genres, but not for actors or directors.
Other parts of the interface show promise, but need further development. Hulu’s centralized menu for favorite sports teams is brilliant, but did not come with any setup process on Apple TV. (A menu for setting up favorite teams did appear on the Xbox One app). Support for kid-friendly user profiles is also helpful in theory, though it lacks parental lock and misses the mark with age-based recommendations. No disrespect to the unashamedly bizarre Uncle Grandpa, but it’s not appropriate for a three-year-old.
Hulu lets you track all your favorite sports teams from one place.
Performance Hits and Misses
By calling itself a paid beta, Hulu with Live TV is trying to inoculate itself against early criticism for glitches and performance hiccups. And there have been a few.
For instance, I experienced a persistent issue on Apple TV where Hulu boots me out of a stream and back to its menu. Sometimes this would happen while attempting to fast forward, and a few times it’s occurred on its own. While I was always able to resume the channel or program in question, it happens frequently enough to be a nuisance.
The live channel guide—yes, this does exist; it’s accessible by taping or swiping up from any video—also has a design flaw that’s hopefully unintentional: The buttons to initiate a recording or view more information only apply to what’s playing in the background, not to whatever’s highlighted in the guide. This makes a chore out of recording or favoriting soon-to-air programs.
Yet in terms of reliability, Hulu with Live TV has performed well in my experience. Channel load times were initially a bit sluggish, but have improved over the past week, and I haven’t seen any show-stopping errors like the kind that afflicted DirecTV Now in its early days. Video resolution has been routinely crisp at 720p for live channels, 1080p for movies, and 4K for some originals.
Hulu managed to avoid any major buffering or freezing issues during our testing.
The only major problem concerns frame rate, which tops out at 30 frames per second for all channels and programs. That means you don’t get the smoothness of motion that’s typically found in live sports, news, talk shows, soap operas, and late-night programming. PlayStation Vue and DirecTV Now remain the best options for 60-frames-per-second viewing.
How does Hulu compare with other streaming bundles overall? To be honest, a strong opinion eludes me. The channel lineup is a fine cross-section of what cable TV has to offer, but with holes that may be disqualifying for some potential cord cutters. The interface deserves praise for its vision, but not so much for its execution. And the barrage of upsells—more DVR storage, no streaming limits, fewer ads—is grating even if the options are nice to have.
In the end, the right call on picking a streaming bundle is still to thoroughly examine all the options—their lineups, their features, their device support—and hope you find a match for your needs. In beta or otherwise, Hulu with Live TV just tilts the odds a little further in your favor.
Here’s the full channel list for the Hulu Live TV bundle:
