Back to Top

Tech, Web, Cloud & Cabling Services

Category: Internet Security

BigBeagle.com / Internet Security Category

Windows Server 2003 end of life guide

How to organize your migration from Windows Server 2003

 

Following on from end of support for Windows XP in April 2014, we are now rapidly approaching Windows Server 2003 end of life.

Despite Microsoft warning about end of life for Windows Server 2003 as early as April 2013, many organisations are yet to begin their migration away from the server platform. Worse still, many organisations and IT pros are unaware of the huge financial costs and security risks should they continue running Windows Server 2003 past the end of life date.

Reports from HP claim that more than 11 million systems are still running Windows Server 2003. With fewer than 240 days left until end of life, this a huge problem as the estimated time required to migrate a datacentre of 100 or more servers can range from a minimum of three months and upwards of 18 months.

If you own even one of those 11 million servers and you have yet to begin migration, you should be worried. Luck for you, the following guide will migrate you to a position of safety. We will cover the following:

• Windows Server 2003 End of Life date
• Understanding what end of support means for Windows Server 2003 and the associated impacts
• An outline of how to migrate Windows Server 2003
• Resources to aid migration

Windows Server 2003 End of Life date

According to the Microsoft Support Lifecyle section on 14 July 2015, Microsoft will end extended support on all versions of Windows Server 2003/R2.

Understanding what end of support means for Windows Server 2003

From then on, this means no more updates or patches from Microsoft, which can result a less secure and less stable infrastructure for your business. What this really means:

• Maintenance Costs – running legacy servers is expensive. Intrusion detection systems, advanced firewalls and network segmentation are required to protect a now vulnerable Windows Server 2003 platform. You will also have increasing cost from maintaining aging hardware. Current estimates in a TechNet post from Alex Fu place the cost of custom support post end of life at US$200,000 on average. In a Q&A with David Mayer, practice director of Microsoft Solutions for Insight Enterprises, he estimated a support cost of $1500 per server per year.

• No Updates – there will be no more updates to fix bugs, performance issues and security vulnerabilities. To put this into perspective, 2013 saw the release of 37 critical updates for Windows Server 2003/R2. Past the end of life date, these critical issues will remain unfixed leaving you open to cybersecurity dangers such as malicious attacks or electronic data loss.

• No Compliance – once support ends, your organisation will almost certainly fail to meet industry wide compliance standards. Regulations such as HIPAA, PCI, SOX & Dodd-Frank all require regulated industries to run on supported platforms. The impact is twofold: Non-compliance could result in the loss of business, while high transaction fees and penalties from non-compliance could dramatically increase the cost of doing business.

• Software and Hardware Compatibility Issues – new software and hardware devices will not be built to integrate with Windows Server 2003. Sticking with a legacy server means you will likely run into compatibility issues and may not be able to run new instances of software or communicate with the latest devices.

• No Safe Haven – without continued support from Microsoft, virtualized and physical instances of Windows Server 2003/R2 and Microsoft Small Business Server (SBS) 2003 will not pass a compliance audit.

How to migrate from Windows Server 2003

Do not underestimate the task that lies ahead. Migrating applications and server workloads is no easy task. Worryingly, a study by App Zero suggests that 62 per cent of organisations do not have a plan to upgrade or migrate, or even know that EOS is coming.

• Discover – first up is discovering and cataloguing all the software and workloads that are running on Windows Server 2003/R2 at present. Download the Microsoft Assessment and Planning toolkit as this will be a worthy support document.

• Assess – now you have a list it’s time to analyse and categorise all your applications and workloads based on type, criticality, complexity and risk. This helps you prioritise for migration as well as identify issues and opportunities.

• Target – in this step, you must choose a destination for each application and workload. This could be the perfect time to evolve your organisation to the next level and embrace the cloud. Microsoft offers a series of destinations for each application or workload which could include:

billionphotos-1008218 (1)

o Windows Server 2012 R2
o System Center 2012 R2 (Private Cloud)
o Microsoft Azure (Public Cloud)
o SQL Server 2014
o Office 365

• Migrate – now is the time choose a migration plan. Microsoft offers a fantastic Migration Planning Assistant which covers all four steps. Look for official Microsoft training courses to give you an in-depth understanding of the new platforms you are planning to migrate to.

Resources to aid migration

Due to the widespread requirement to migrate, there is a range of fantastic resources to aid migration. These include:

Microsoft Virtual Academy – arguably the largest and best collection of free self-study resources from Microsoft experts including videos, slide decks and self-assessments. Check out the section on migrating to Windows Server 2012, or the Microsoft zure JumpStart.

Windows Server 2003 Roles Migration Processdownload this document and turn it into an A3 poster, stick it on your wall and use it to visualise the whole process.

Microsoft Deployment Toolkitdownload this fantastic resource, which provides a collection of processes, tools and guidance for automating new desktop and server deployments.

Free Software Trials – Microsoft have a series of trials so you can check out the new software. Here they are:

Windows Server 2012 R2 trial
System Center 2012 R2 trial
Microsoft Azure one-month trial
Office 365 trial
SQL Server 2014 trial

Windows Server Migration Services – there are a series of organisations that offer assistance in migrating away from Windows Server 2003. Big players include:

• Dell
• RackSpace
• HP

Time is running out — start your migration away from Windows Server 2003 today. Fail to do so and you find yourself facing some organisation-crippling consequences

Have questions?

Our Business IT Server Migration Specialists in NJ, PA & DE are here to help.
Call us at: 856-745-9990 or visit: https://southjerseytechies.net/server-support/

South Jersey Techies, LLC is a full Managed Web and Technology Services Company providing IT Services, Website Design ServicesServer SupportNetwork ConsultingInternet PhonesCloud Solutions Provider and much more. Contact for More Information.

To read this article in its entirety click here.

Upgrade to Windows Server 2012

10 Compelling Reasons to Upgrade to Windows Server 2012

Takeaway: Windows Server 2012 is generating a significant buzz among IT pros. Deb Shinder highlights several notable enhancements and new capabilities.

We’ve had a chance to play around a bit with the release preview of Windows Server 2012. Some have been put off by the interface-formerly-known-as-Metro, but with more emphasis on Server Core and the Minimal Server Interface, the UI is unlikely to be a “make it or break it” issue for most of those who are deciding whether to upgrade. More important are the big changes and new capabilities that make Server 2012 better able to handle your network’s workloads and needs. That’s what has many IT pros excited.

Here are 10 reasons to give serious consideration to upgrading to Windows Server 2012 sooner rather than later.

1: Freedom of interface choice

A Server Core installation provides security and performance advantages, but in the past, you had to make a commitment: If you installed Server Core, you were stuck in the “dark place” with only the command line as your interface. Windows Server 2012 changes all that. Now we have choices.

The truth that Microsoft realized is that the command line is great for some tasks and the graphical interface is preferable for others. Server 2012 makes the graphic user interface a “feature” — one that can be turned on and off at will. You do it through the Remove Roles Or Features option in Server Manager.

2: Server Manager

Speaking of Server Manager (Figure A), even many of those who dislike the new tile-based interface overall have admitted that the design’s implementation in the new Server Manager is excellent.

One of the nicest things about the new Server Manager is the multi-server capabilities, which makes it easy to deploy roles and features remotely to physical and virtual servers. It’s easy to create a server group — a collection of servers that can be managed together. The remote administration improvements let you provision servers without having to make an RDP connection.

3: SMB 3.0

The Server Message Block (SMB) protocol has been significantly improved in Windows Server 2012 and Windows 8. The new version of SMB supports new file server features, such as SMB transparent failover , SMB Scale Out, SMB Multichannel, SMB Direct, SMB encryption, VSS for SMB file sharing, SMB directory leasing, and SMB PowerShell. That’s a lot of bang for the buck. It works beautifully with Hyper-V, so that VHD files and virtual machine configuration files can be hosted on SMB 3.0 shares. A SQL system database can be stored on an SMB share, as well, with improvements to performance. For more details about what’s new in SMB 3.0, see this blog post.

4: Dynamic Access Control (DAC)

Even though some say Microsoft has shifted the focus away from security in recent years, it would be more accurate to say it has shifted the focus from separate security products to a more “baked in” approach of integrating security into every part of the operating system.

Dynamic Access Control is one such example, helping IT pros create more centralized security models for access to network resources by tagging sensitive data both manually and automatically, based on factors such as the file content or the creator. Then claims based access controls can be applied. Read more about DAC in my “First Look” article over on Windowsecurity.com.

5: Storage Spaces

Storage is a hot — and complex — topic in the IT world these days. Despite the idea that we’re all going to be storing everything in the public cloud one day, that day is a long way off (and for many organizations concerned about security and reliability, it may never happen). There are myriad solutions for storing data on your network in a way that provides better utilization of storage resources, centralized management, and better scalability, along with security and reliability. Storage area networks (SANs) and network attached storage (NAS) do that, but they can be expensive and difficult to set up.

Storage Spaces is a new feature in Server 2012 that lets you use inexpensive hard drives to create a storage pool, which can then be divided into spaces that are used like physical disks. They can include hot standby drives and use redundancy methods such as 2- or 3-way mirroring or parity. You can add new disks any time, and a space can be larger than the physical capacity of the pool. When you add new drives, the space automatically uses the extra capacity. Read more about Storage Spaces in this MSDN blog post.

6: Hyper-V Replica

Virtualization is the name of the game in the server world these days, and Hyper-V is Microsoft’s answer to VMware. Although the latter had a big head start, Microsoft’s virtualization platform has been working hard at catching up, and many IT pros now believe it has surpassed its rival in many key areas. With each iteration, the Windows hypervisor gets a little better, and Hyper-V in Windows Server 2012 brings a number of new features to the table. One of the most interesting is Hyper-V Replica.

This is a replication mechanism that will be a disaster recovery godsend to SMBs that may not be able to deploy complex and costly replication solutions. It logs changes to the disks in a VM and uses compression to save on bandwidth, replicating from a primary server to a replica server. You can store multiple snapshots of a VM on the replica server and then select the one you want to use. It works with both standalone hosts and clusters in any combination (standalone to standalone, cluster to cluster, standalone to cluster or cluster to standalone). To find out more about Hyper-V replica, see this TechNet article.

7: Improvements to VDI

Windows Terminal Services has come a long way, baby, since I first met it in Windows NT TS Edition. Renamed Remote Desktop Services, it has expanded to encompass much more than the ability to RDP into the desktop of a remote machine. Microsoft offered a centralized Virtual Desktop Infrastructure (VDI) solution in Windows Server 2008 R2, but it was still a little rough around the edges. Significant improvements have been made in Server 2012.

You no longer need a dedicated GPU graphics card in the server to use RemoteFX, which vastly improves the quality of graphics over RDP. Instead, you can use a virtualized GPU on standard server hardware. USB over RDP is much better, and the Fair Share feature can manage how CPU, memory, disk space, and bandwidth are allocated among users to thwart bandwidth hogs. Read more about Server 2012 VDI and RDP improvements here.

8: DirectAccess without the hassle factor

DirectAccess was designed to be Microsoft’s “VPN replacement,” a way to create a secure connection from client to corporate network without the performance drain and with a more transparent user experience than a traditional VPN. Not only do users not have to deal with making the VPN work, but administrators get more control over the machines, with the ability to manage them even before users log in. You apply group policy using the same tools you use to manage computers physically located on the corporate network.

So why hasn’t everyone been using DirectAccess with Server 2008 R2 instead of VPNs? One big obstacle was the dependency on IPv6. Plus, it couldn’t be virtualized. Those obstacles are gone now. In Windows Server 2012, DirectAccess works with IPv4 without having to fool with conversion technologies, and the server running DirectAccess at the network edge can now be a Hyper-V virtual machine. The Server 2012 version of DA is also easier to configure, thanks to the new wizard.

9: ReFS

Despite the many advantages NTFS offers over early FAT file systems, it’s been around since 1993, and Windows aficionados have been longing for a new file system for quite some time. Way back in 2004, we were eagerly looking forward to WinFS, but Vista disappointed us by not including it. Likewise, there was speculation early on that a new file system would be introduced with Windows 7, but it didn’t happen.

Windows Server 2012 brings us our long-awaited new file system, ReFS or the Resilient File System. It supports many of the same features as NTFS, although it leaves behind some others, perhaps most notably file compression, EFS, and disk quotas. In return, ReFS gives us data verification and auto correction, and it’s designed to work with Storage Spaces to create shrinkable/expandable logical storage pools. The new file system is all about maximum scalability, supporting up to 16 exabytes in practice. (This is the theoretical maximum in the NTFS specifications, but in the real world, it’s limited to 16 terabytes.) ReFS supports a theoretical limit of 256 zetabytes (more than 270 billion terabytes). That allows for a lot of scaling.

10: Simplified Licensing

Anyone who has worked with server licenses might say the very term “simplified licensing” is an oxymoron. But Microsoft really has listened to customers who are confused and frustrated by the complexity involved in finding the right edition and figuring out what it’s really going to cost. Windows Server 2012 is offered in only four editions: Datacenter, Standard, Essentials, and Foundation. The first two are licensed per-processor plus CAL, and the latter two (for small businesses) are licensed per-server with limits on the number of user accounts (15 for Foundation and 25 for Essentials).

To View Full Article Click Here

Cyber Security Awareness

As school, socializing, and many aspects of life have moved online this year, it’s more important than ever that you protect your digital devices and steer clear of cybercriminals. Computer security threats are relentlessly inventive. Masters of disguise and manipulation, these threats constantly evolve to find new ways to annoy, steal and harm. Arm yourself with information and resources to safeguard against complex and growing computer security threats and stay safe online.

Examples of Online Cybersecurity Threats

Computer Viruses

Probably the most eminent computer security threat, a computer virus is a program written to alter the way a computer operates, without the permission or knowledge of the user. A virus replicates and executes itself, usually doing damage to your computer in the process.

What can you do to avoid computer viruses? Carefully evaluate free software, downloads from peer-to-peer file sharing sites, and emails from unknown senders. These things are critical to avoiding viruses. Most web browsers have security settings which can be configured for top defense against online threats. But, as we’ll say again and again, the single most-effective way of fending off viruses is up-to-date antivirus software and monitoring agent, like we include in our Managed Service Plans.

Spyware Threats

A serious computer security threat, spyware is any program that monitors your online activities or installs programs without your consent for profit or to capture personal information.

While many users won’t want to hear it, reading terms and conditions is a good way to build an understanding of how your activity is tracked online. As always, if a company you do not recognize is advertising for a deal that seems too good to be true, be sure you have an internet security solution in place and click with caution.

Hackers and Predators

People, not computers, create computer security threats and malware. Hackers and predators are programmers who victimize others for their own gain by breaking into computer systems to steal, change, or destroy information as a form of cyber-terrorism. These online predators can compromise credit card information, lock you out of your data, and steal your identity. As you may have guessed, online security tools with identity theft protection are one of the most effective ways to protect yourself from this brand of cybercriminal.

Phishing

Masquerading as a trustworthy person or business, phishers attempt to steal sensitive financial or personal information through fraudulent email or instant messages. Phishing attacks are some of the most successful methods for cybercriminals looking to pull off a data breach. Antivirus solutions with identity theft protection can be taught to recognize phishing threats in fractions of a second.

Cyber Safety Tips

  • Keep software systems up to date and use a good anti-virus program.
  • Examine the email address and URLs in all correspondence. Scammers often mimic a legitimate site or email address by using a slight variation in spelling.
  • If an unsolicited text message, email, or phone call asks you to update, check, or verify your account information, do not follow the link provided in the message itself or call the phone numbers provided in the message. Go to the company’s website to log into your account or call the phone number listed on the official website to see if something does in fact need your attention.
  • Do not open any attachments unless you are expecting the file, document, or invoice and have verified the sender’s email address.
  • Scrutinize all electronic requests for a payment or transfer of funds.
  • Be extra suspicious of any message that urges immediate action.
  • Confirm requests for wire transfers or payment in person or over the phone as part of a two-factor authentication process. Do not verify these requests using the phone number listed in the request for payment.

 

If you have any questions, please email us at support@sjtechies.com or call us at (856) 745-9990.

Is Your Organization Using SHA-1 SSL Certificates? If so here’s what you need to know and do:

ssl

 

Following a recommendation by the National Institute of Standards and Technology (NIST), Microsoft will block Windows from accepting SSL certificates encrypted with the Secure Hash Algorithm-1 (SHA-1) algorithm after 2016. Given the number of mission-critical SSL certificates that are allowed to expire from inattention, administrators have their work cut out for them. By knowing what will happen, why it’s happening, and what you need to do, you won’t be surprised by these important policy changes.

What’s Happening?

On November 12, 2013, Microsoft announced that it’s deprecating the use of the SHA-1 algorithm in SSL and code signing certificates. The Windows PKI blog post “SHA1 Deprecation Policy” states that Windows will stop accepting SHA-1 end-entity certificates by January 1, 2017, and will stop accepting SHA-1 code signing certificates without timestamps after January 1, 2016. This policy officially applies to Windows Vista and later, and Windows Server 2008 and later, but it will also affect Windows XP and Windows Server 2003.

SHA-1 is currently the most widely used digest algorithm. In total, more than 98 percent of all SSL certificates in use on the Web are still using the SHA-1 algorithm and more than 92 percent of the certificates issued in the past year were issued using SHA-1.

Website operators should be aware that Google Chrome has started warning end users when they connect to a secure website using SSL certificates encrypted with the SHA-1 algorithm. Beginning in November 2014 with Chrome 39, end users will see visual indicators in the HTTP Secure (HTTPS) address bar when the site to which they’re connecting doesn’t meet the SHA-2 requirement. Figure 1 shows those indicators.

 

Figure 1: Visual Indicators in the HTTPS Address Bar

 

Google is doing this to raise end users’ awareness and to help guide other members of the Internet community to replace their SHA-1 certificates with SHA-2 certificates.

Why Is Microsoft Deprecating SHA-1?

SHA-1 has been in use among Certificate Authorities (CAs) since the U.S. National Security Agency (NSA) and NIST first published the specification in 1995. In January 2011, NIST released Special Publication 800-131A, “Transitions: Recommendation for Transitioning the Use of Cryptographic Algorithms and Key Lengths.” This publication noted that SHA-1 shouldn’t be trusted past January 2016 because of the increasing practicality that a well-funded attacker or government could find a SHA-1 hash collision, allowing them to impersonate any SSL website.

Realizing that it’s highly unlikely that CAs and the industry at large will adopt more powerful encryption algorithms on their own, Microsoft is leading the charge by making Windows reject certificates using SHA-1 after January 1, 2017. Doing this will lead website operators to upgrade to stronger SHA-2 certificates for the betterment of all Windows users and the broader public key infrastructure (PKI) community. The Windows PKI blog post “SHA1 Deprecation Policy” noted that, “The quicker we can make such a transition, the fewer SHA-1 certificates there will be when collisions attacks occur and the sooner we can disable SHA1 certificates.”

In the end, the issue isn’t if SHA-1 encryption will be cracked but rather when it will be cracked.

What Do I Need to Do?

January 1, 2017, might seem like a long way away, but now is the time to understand the problem and how to mitigate it.

As per Microsoft’s SHA-1 deprecation policy, Windows users don’t need to do anything in response to this new technical requirement. XP Service Pack 3 (SP3) and later versions support SHA-2 SSL certificates. Server 2003 SP2 and later versions add SHA-2 functionality to SSL certificates by applying hotfixes (KB968730 and KB938397).

Web administrators must request new certificates to replace SHA-1 SSL and code-signing certificates that expire after January 1, 2017. As of this writing, that would probably affect only public SHA-1 certificates that were purchased with a long expiration date (three years or more) or long-duration certificates issued by internal SHA-1 CAs. Most third-party CAs will rekey their certificates for free, so you simply need to contact the CA to request a rekeyed certificate that uses the SHA-2 algorithm.

When ordering new SSL certificates, you should confirm with the CA that they’re being issued with the SHA-2 algorithm. New certificates with expiration dates after January 1, 2017, can only use SHA-2. Code-signing certificates with expiration dates after December 31, 2015, must also use SHA-2.

Note that the algorithm used in SHA-2 certificates is actually encoded to use SHA-256, SHA-384, or SHA-512. All of these are SHA-2 algorithms; the SHA number (e.g., 256) specifies the number of bits in the hash. The larger the hash, the more secure the certificate but possibly with less compatibility.

It’s important that the certificate chain be encrypted with SHA-2 certificates. (A certificate chain consists of all the certificates needed to certify the end certificate.) This means that any intermediate certificates must also use SHA-2 after January 1, 2017. Typically, your CA will provide the intermediate and root CA certificates when they provide the SHA-2 certificate. Sometimes they provide a link for you to download the certificate chain. It’s important that you update this chain with SHA-2 certificates. Otherwise, Windows might not trust your new SHA-2 certificate.

Root certificates are a different story. These can actually be SHA-1 certificates because Windows implicitly trusts these certificates since the OS trusts the root certificate public key directly. A root certificate is self-signed and isn’t signed by another entity that has been given authority.

For the same reason, any self-signed certificate can use the SHA-1 algorithm. For example, Microsoft Exchange Server generates self-signed SHA-1 certificates during installation. These certificates are exempt from the new SHA-2 policy since they aren’t chained to a CA. I expect, however, that future releases of Exchange will use SHA-2 in self-signed certificates.

What About My Enterprise CAs?

If your organization has its own internal CA PKI, you’ll want to ensure that it’s generating SHA-2 certificates. How this is done depends on whether the CA is running Windows Server 2008 R2 or later and if your CA has subordinate CAs.

If you have a Server 2008 R2 or later single-root CA without subordinates, you should update the CA to use SHA-2. Doing so will ensure that subsequent certificates generated will use the SHA-2 algorithm. To check which hash algorithm is being used, you can right-click the CA and go to the General tab. If SHA-1 is listed, you can run the following certutil command to configure the CA to use the SHA-256 algorithm:

certutil -setreg ca\csp\CNGHashAlgorithm SHA256

You must restart the CertSvc service to apply the change. Now when you view the CA properties, you’ll see that the hash algorithm is SHA-256. All future certificates issued by this CA will use SHA-256, but keep in mind that existing certificates will still be using SHA-1. You need to renew any SHA-1 certificates issued by this CA to upgrade them to SHA-2 certificates.

If your CA is older than Server 2008 R2, you can’t upgrade the CA to use SHA-2. You’ll need to rebuild it with a newer version.

If your organization’s internal CA is multi-tiered with one or more subordinate CAs, you’ll need to reconfigure them to use SHA-2. This is done using the same certutil command just given on each subordinate or issuing CA. Keep in mind that if you use subordinate CAs, you’re not required to update the root CA to SHA-2 since that certificate is at the top of the certificate chain, but it won’t cause any problems if you do. You still need to renew any SHA-1 certificates issued by the subordinate CAs to upgrade them to SHA-2 certificates.

Take Action Now

Administrators and website operators should identify all the SSL certificates used in their organizations and take action, as follows:

  • SHA-1 SSL certificates expiring before January 1, 2017, will need to be replaced with a SHA-2 equivalent certificate.
  • SHA-1 SSL certificates expiring after January 1, 2017, should be replaced with a SHA-2 certificate at the earliest convenience.
  • Any SHA-2 certificate chained to an SHA-1 intermediate certificate should be replaced with another one chained to an SHA-2 intermediate certificate.

The following tools and websites are useful for testing and for further information about SHA-1 remediation:

  • Microsoft Security Advisory 2880823. This website discusses the deprecation policy for the SHA-1 hashing algorithm for the Microsoft Root Certificate Program.
  • Migrating a Certification Authority Key from a Cryptographic Service Provider (CSP) to a Key Storage Provider (KSP). The section “How to migrate a CA from a CSP to a KSP and optionally, from SHA-1 to SHA-2” in this TechNet web page provides detailed instructions for upgrading a CA to use SHA-2.
  • Gradually sunsetting SHA-1.” This Google Online Security Blog post explains how the transition to SHA-2 affects Chrome and details Google’s rollout schedule.
  • SHA-256 Compatibility. This GlobalSign web page lists OS, browser, server, and signing support for SHA-256 certificates.
  • DigiCert SHA-1 Sunset Tool. This free web application tests public websites for SHA-1 certificates that expire after January 1, 2016.
  • DigiCert Certificate Inspector. This tool discovers and analyzes all certificates in an enterprise. It’s free, even if you don’t have a DigiCert account.
  • Qualys SSL Labs’ SSL Server Test. This free online service analyzes the configuration of any SSL web server on the public Internet.

Mozilla Joins Google and Facebook in Phasing Out Adobe Flash

Web browsers don’t like the security and stability problems that come with Flash.

Another popular web browser has had it with Adobe Flash.

Mozilla said this week that it plans to gradually wean its Firefox web browser from Adobe’s ADBE -1.07% multimedia player. In August, Firefox will no longer support “certain Flash content” that it deems “not essential to the user experience,” although Mozilla did not specify what type of Flash content it was referring to.

Mozilla will still support “legacy Flash content” for an unspecified time, but the company urged websites that use Flash or Microsoft MSFT -0.25% Silverlight, another multimedia web player similar to Flash, for their videos or online games to adopt newer “HTML technologies as soon as possible.”

In May, Google GOOG -0.59% detailed its plans to end support of Flash for its Chrome web browser, and it hopes to completely rid itself of Flash advertisements by the beginning of 2017.

Google, like Adobe, is urging website operators to switch to the HTML5 coding language to display multimedia like video on their sites.

Flash is notoriously buggy and prone to many security vulnerabilities. Firefox believes that by ending support for Flash, its users will see “enhanced security, improved battery life, faster page load, and better browser responsiveness.”

Still, Mozilla is not totally cutting ties with Adobe. Mozilla said it would “continue to work closely with Adobe to deliver the best possible Flash experience for our users” as it phases the multimedia player out, and said that an engineering partnership between the two companies has improved some performance and stability in Firefox when it displays Flash content.

Last summer, Facebook’s FB -0.27% chief security officer Alex Stamos urged Adobe via Twitter to disable Flash because of its security vulnerabilities.

In April, Adobe issued an emergency update to Flash after security researchers found a flaw that allowed hackers to distribute so-called ransomware to owners of Microsoft Windows personal computers. Ransomware is basically a form of malware that lets hackers block people from accessing their computer or related computer networks so that a hacker can demand payment in return for access.

In 2010, legendary Apple AAPL -1.32% CEO Steve Jobs wrote a 1,700 word essay on Flash and why Apple’s problems with the multimedia player, which he claimed hurt the “reliability and security of our iPhones, iPods and iPads.”

Have questions?

Get answers from Microsofts Cloud Solutions Partner!
Call us at: 856-745-9990 or visit: https://southjerseytechies.net/

South Jersey Techies, LL C is a full Managed Web and Technology Services Company providing IT Services, Website Design ServicesServer SupportNetwork ConsultingInternet PhonesCloud Solutions Provider and much more. Contact for More Information.

To read this article in its entirety click here.

Safari on iOS and Mac crashing, bug related to Safari Suggestions, here’s how to fix

A strange bug is affecting many Safari users today, causing crashes on iPhone, iPad and Mac. For many users, simply tapping in the URL bar will cause the browser app to crash completely.  The exact issue causing the crashing has not been locked down, but it appears to be related to Apple’s Safari Suggestions service. It’s a very annoying bug that is affecting a lot of people all of sudden today.

sjt-blog-safari-crash-ios

When you type a URL, Apple sends what you type to its servers, returning a response with autocomplete search queries, Top Sites and other info. There appears to be a bug in this server request that is causing Safari to randomly crash. Users are discovering some potential workarounds until Apple fixes the problem properly …

Disabling Safari Suggestions seems to be helping resolve the bug for many people on iOS. On your iPhone or iPad, go into Settings, tap Safari, and toggle off the ‘Safari Suggestions’ switch. This will fix the crashing, obviously its only a temporary fix until Apple sorts its servers out as it will disable the Safari Suggestions functionality.

Another option is to enter Private Browsing mode. In private browsing, by design Safari does not contact the suggestions server for intelligent completion options, so the server is never contacted and the crash never arises.

The bug is affecting users in many countries, but not all. It also depends on the state of your Safari, whether it has certain data cached already. The crash has been seen on iOS 8, iOS 9 and OS X 10.11. The bug could be even more widespread beyond these platforms however. It is pretty crazy flaw that is affecting so many people this morning, with many reports across European iOS customers.

We have contacted Apple about the issue for clarification, but it’s such a serious functional flaw that we expect a fix very shortly. Please note: this is an unrelated incident to the prank site CrashSafari.com.

Update: The Safari crash bug has now been fixed, according to Apple.

Have questions?

Get help from IT Experts/Microsofts Cloud Solutions Partner
Call us at: 856-745-9990 or visit: https://southjerseytechies.net/

South Jersey Techies, LL C is a full Managed Web and Technology Services Company providing IT Services, Website Design ServicesServer SupportNetwork ConsultingInternet PhonesCloud Solutions Provider and much more. Contact for More Information.

To read this article in its entirety click here.

Windows 10 & network share access denied – Solution

Network Share access denial is another issue that users are facing with Windows 10.

Recent upgrade to Windows 10 all of a sudden makes network share no longer accessible on Windows machines you may have in your environment.

Here is the tutorial that solves the issue.

Problem

This is what you see when you try to go to any \\something network share:

\\something is not accessible. You might not have permission to use this network resource. Contact the administrator of this server to find out if you have access permissions. The account is not authorized to log in from this station.

open folder

There’s some changes in the Windows 10 internals which results in the access denial. The new build does not allow anonymous (guest) access to shares by default, as a security measure.It can be resolved by creating a new registry key in the right hive and rebooting.

Solution

Fire up the registry editor (regedit). Navigate to:

Registry editor

Here, you will need to create a new parameter (32-bit DWORD). Right-click:

Parameter

Then, name it AllowInsecureGuestAuth and assign it a value of 1.

DWORD

The hive should look thusly:

Registry Editor

And you’re done. Reboot, and enjoy your network access.

Have questions?

Get answers from Microsofts Cloud Solutions Partner!
Call us at: 856-745-9990 or visit: https://southjerseytechies.net/

South Jersey Techies, LLC is a full Managed Web and Technology Services Company providing IT Services, Website Design ServicesServer SupportNetwork ConsultingInternet PhonesCloud Solutions Provider and much more. Contact for More Information.

To read this article in its entirety click here.

Windows 10’s features

The new Windows 10 notifications will follow you everywhere

Windows 10 has a new notifications center for your apps — even the ones from your Windows Phone.

When you’re poking around Windows 10, you’ll notice something new: A small taskbar button that, when clicked, reveals a sidebar full of app notifications.

Welcome to the new notifications center, which is basically the Windows 10 version of the Action center in Windows Phone 8.1. The notifications center is part of Microsoft’s dream of “Windows everywhere” — it’s a universal notifications center that will pop up your app notifications across multiple platforms. Because who doesn’t want to be alerted about new Twitter followers on their phone, tablet, and now PC?

The new notifications center consists of two parts: The notifications area at the top, and the “quick actions” bar at the bottom. In the notifications area you’ll see notifications from various apps, including Twitter, Facebook, and your email account, as well as notifications from phone apps (e.g. alarms) if applicable.


Mouse over notifications and click the ‘X’ to dismiss them.

You can dismiss notifications three different ways: You can mouse over the app name (e.g. Twitter) and click the ‘X’ next to it to dismiss all notifications from that app. You can also mouse over each individual notification and click the ‘X’ next to it to dismiss that specific notification. Or you can click Clear All in the upper right corner of the notifications center to dismiss all notifications from all apps. Because this is a “Windows everywhere” feature, notifications you dismiss in the notifications center will also be dismissed on your other Windows devices, such as your phone.

In the quick actions bar, you’ll see four quick-access buttons as well as an Expand link. Click Expand to see all quick actions. Actions include things like a Tablet Mode toggle button, a link to the Display settings, a link to all settings, and toggle buttons for Location and Wi-Fi. Tap a quick action button to toggle a setting (tablet mode, location, Wi-Fi) on or off, or to go directly to the settings menu so you can configure your display, connection, or VPN.

x4
Pick your quick access quick actions from the Settings menu.

To choose which quick actions appear above the break, go to Settings > Notifications & actions > Choose your quick actions. Here, you’ll see four small buttons that you can click on to swap out actions. If you’d prefer to have your Wi-Fi toggle on hand whenever you open the notifications bar, you can switch it for the Display button. Of course, you’ll always be able to see all of the quick actions by clicking Expand in the notifications bar.

x5
In the Settings menu, you can also choose which apps’ notifications to display.

Here, you can also pick and choose which app notifications you’ll see in the notifications bar. If you want to turn all notifications off, you can simply click the toggle next to Show App Notifications. You’ll no longer see pop-up banner notifications, nor will you see app notifications when you open the notifications center.

If you’d prefer to just turn off notifications for specific apps, you can do that, too — find the app in the list and click its toggle to Off. Next to each app in the list you’ll see a link to Advanced notifications settings for that app. Go into Advanced to turn off specific notifications for that app — either banner notifications (pop-ups in the lower right corner of your screen) or notifications in the notifications center.

Want to turn your clock off? You can do that, too.

In the Notifications & Actions section, you can also clean up your taskbar by clicking “Select which icons to appear in the taskbar” (you can turn on and off things like the Network icon and the Volume icon), or by clicking “Turn system icons on or off.” In “Turn system icons on or off,” you can turn off the clock, input indicator or action center — in other words, you can turn off all system tray icons and have a completely icon-less system tray, if you so choose.

Have questions?

Want to get Windows 10?

Contact Our Expert IT business team
Call us at: 856-745-9990 or Visit: https://southjerseytechies.net/

South Jersey Techies, LLC is a full Managed Web and Technology Services Company providing IT Services, Website Design ServicesServer SupportNetwork ConsultingInternet PhonesCloud Solutions Provider and much more. Contact for More Information.

To read this article in its entirety click here.

Scams that Target Small Businesses and How to Spot Them

Consumers are not the only ones vulnerable to scams.  If you own a small business or are part of a nonprofit organization, you could be open to several different types of cons without even realizing it.

The Federal Trade Commission (FTC) has put together a list of some of the more common scams and posted them on the website along with plenty of resources to help you spot con artists and keep them from taking advantage of you and your business.

“Your best protection? Learn the signs of scams that target businesses,” the FTC says. “Then tell your employees and colleagues what to look for so they can avoid scams.”

From the FTC website:

Fake Invoices

Scammers create phony invoices that look like they’re for products or services your business uses — maybe office or cleaning supplies or domain name registrations. Scammers hope the person who pays your bills will assume the invoices are for things the company actually ordered. Scammers know that when the invoice is for something critical, like keeping your website up and running, you may pay first and ask questions later. Except it’s all fake and if you pay, your money may be gone.

Unordered Office Supplies and Other Products

Someone calls to confirm an existing order of office supplies or other merchandise, verify an address, or offer a free catalog or sample. If you say yes, then comes the surprise — unordered merchandise arrives at your doorstep, followed by high-pressure demands to pay for it. If you don’t pay, the scammer may even play back a tape of the earlier call as “proof” that the order was placed. Keep in mind that if you receive merchandise you didn’t order, you have a legal right to keep it for free.

Directory Listing and Advertising Scams

Con artists try to fool you into paying for nonexistent advertising or a listing in a nonexistent directory. They often pretend to be from the Yellow Pages. They may ask you to provide contact information for a “free” listing or say the call is simply to confirm your information for an existing order. Later, you’ll get a big bill, and the scammers may use details or even a recording of the earlier call to pressure you to pay.

Utility Company Imposter Scams

Scammers pretend to call from a gas, electric, or water company saying your service is about to be interrupted. They want to scare you into believing a late bill must be paid immediately, often with a wire transfer or a reloadable card or gift card. Their timing is often carefully planned to create the greatest urgency — like just before the dinner rush in a restaurant.

Government Agency Imposter Scams

Scammers impersonate government agents, threatening to suspend business licenses, impose fines, or even take legal action if you don’t pay taxes, renew government licenses or registrations, or other fees. Some businesses have been scared into buying workplace compliance posters that are available for free from the U.S. Department of Labor. Others have been tricked into paying to receive nonexistent business grants from fake government programs. Businesses have received letters, often claiming to be from the U.S. Patent and Trademark Office, warning that they’ll lose their trademarks if they don’t pay a fee immediately, or saying that they owe money for additional registration services.

Tech Support Scams

Tech support scams start with a call or an alarming pop-up message pretending to be from a well-known company, telling you there is a problem with your computer security. Their goal is to get your money, access to your computer, or both. They may ask you to pay them to fix a problem you don’t really have, or enroll your business in a nonexistent or useless computer maintenance program. They may even access sensitive data like passwords, customer records, or credit card information.

Social Engineering, Phishing and Ransomware

Cyber scammers can trick employees into giving up confidential or sensitive information, such as passwords or bank information. It often starts with a phishing email, social media contact, or a call that seems to come from a trusted source, such as a supervisor or other senior employee, but creates urgency or fear. Scammers tell employees to wire money or provide access to sensitive company information. Other emails may look like routine password update requests or other automated messages but are actually attempts to steal your information. Scammers also can use malware to lock organizations’ files and hold them for ransom.

Business Promotion and Coaching Scams

Some scammers sell bogus business coaching and internet promotion services. Using fake testimonials, videos, seminar presentations, and telemarketing calls, the scammers falsely promise amazing results and exclusive market research for people who pay their fees. They also may lure you in with low initial costs, only to ask for thousands of dollars later. In reality, the scammers leave budding entrepreneurs without the help they sought and with thousands of dollars of debt.

Changing Online Reviews

Some scammers claim they can replace negative reviews of your product or service, or boost your scores on ratings sites. However, posting fake reviews is illegal. FTC guidelines say endorsements — including reviews — must reflect the honest opinions and experiences of the endorser.

Credit Card Processing and Equipment Leasing Scams

Scammers know that small businesses are looking for ways to reduce costs. Some deceptively promise lower rates for processing credit card transactions, or better deals on equipment leasing. These scammers resort to fine print, half-truths, and flat-out lies to get a business owner’s signature on a contract. Some unscrupulous sales agents ask business owners to sign documents that still have key terms left blank. Don’t do it. Others have been known to change terms after the fact. If a sales person refuses to give you copies of all documents right then and there — or tries to put you off with a promise to send them later — that could be a sign that you’re dealing with a scammer.

Fake Check Scams

Fake check scams happen when a scammer overpays with a check and asks you to wire the extra money to a third party. Scammers always have a good story to explain the overpayment — they’re stuck out of the country, they need you to cover taxes or fees, you’ll need to buy supplies, or something else. By the time the bank discovers you’ve deposited a bad check, the scammer already has the money you sent them, and you’re stuck repaying the bank. This can happen even after the funds are made available in your account and the bank has told you the check has “cleared.”

GoDaddy Hacked, Millions of Sites Down

GoDaddy.com, the largest domain name registrar on the Web, has been taken offline, and a self-proclaimed member of the Anonymous hacktivism collective is taking responsibility.

The administrators of GoDaddy confirmed on Monday that they were suffering from technical issues, which the website TechCrunch reports to be impacting a multitude of websites and their affiliated email accounts that are hosted through the service. Although the company has not discussed the specifics yet, a self-described member of Anonymous says that he or she is responsible, a claim that has not been verified yet.

On Twitter, user @AnonymousOwn3r writes, “the attack is not coming from Anonymous coletive [sic] , the attack it’s coming only from me” and that the the action is being carried out “to test how the cyber security is safe and for more reasons that i can not talk now.”

GoDaddy has tweeted, “We’re aware of the trouble people are having with our site. We’re working on it.”

On Friday, it was reported that the White House is preparing to roll out an cyber security Executive Order that will serve as a surrogate until Congress can come to agreement on a bipartisan legislation to protect America’s computer infrastructure.

Earlier this year, GoDaddy announced that they would be supporting the Stop Online Piracy Act, or SOPA, a controversial legislation that if approved would have greatly changed the US government’s ability to monitor the Internet. The company eventually reversed their stance, but not before a massive protest resulted in many of their clients switching to other domain registrars. The boycott reportedly ended with thousands of GoDaddy’s millions of customers, including Wikipedia, cancelling their accounts.

Founded in 1997, Arizona-based GoDaddy.com is used by millions of customers worldwide, including a large number of small businesses. At 4 p.m. EST, GoDaddy tweeted, “Update: Still working on it, but we’re making progress. Some service has already been restored. Stick with us.”

Other social media accounts affiliated with Anonymous have not confirmed the validity of the alleged culprit’s claim and have largely distanced themselves from the hack. GoDaddy’s 24-hour tech support telephone line has also been inaccessible during the duration of the outage.

CALL US NOW!