Bitlocker – what is it & should I do it?

Bitlocker – what is it & should I do it?

Bitlocker is Microsoft’s preferred hard disk encryption system. Which makes it as clear as mud…

Let’s start from the beginning. Your laptop (or PC or similar device) stores all your stuff on a “hard disk”. And your laptop gets lost/stolen. Apart from the annoyance & cost of replacing  your laptop, your personal data is now in the hands of some unknown third party

But you set a password to log in to Windows, so it’s all safe, right? No – very, very wrong! Because accessing all your stuff is trivially simple. All the bad guy has to do is physically remove the hard disk, drop it into his own PC and request access. His system will warn him that the files are password-protected – along with the helpful option to proceed anyway. And bingo – your personal data laid bare.

An encrypted hard drive (see the padlock?)

This is where hard disk encryption comes in. When you turn on this feature your laptop encodes all your data with a special key. When you want to read anything it decodes it with (a different) special key – which it remembers. So you go on using your laptop exactly as normal. If, however, the drive detects a significant change in the hardware (like being plugged into another computer) it will insist on you entering the decryption key. No key, no data. So your data is now pretty safe from prying eyes.

Is there a downside? Well, yes – as you’d expect. The technology has been around for ages. But in the past there’s been a considerable performance hit, what with all that encrypting and decrypting. Now, however, modern solid-state drives have the encryption capability baked-in: so the performance hit is minimal. Of more concern is storing your keys. If you make changes to your laptop (something breaks & is repaired) this may trigger the key request.

Bitlocker demanding a key

And, if you can’t find it, no data. If you are a Microsoft365 customer the system can backup your keys into your cloud account, where you can retrieve it by logging in from another computer. Or you can save it to, say, a USB stick (which you then store in a safe place – and we know how that goes!). So, in general, we’d recommend turning it on: just make sure you keep tabs on where the key is, so you can lay hands on if it all goes bad!

It still works – don’t panic!

 

 

One of our pet hates is pop-ups. They are intrusive, annoying and catastrophic to productivity. Not to mention that they are (nearly always) irrelevant. So here’s an annoying one you might need to circumvent.
For years the Microsoft Office apps (other office suites are available!) have had the ability to export their content direct to an Adobe Acrobat file (a PDF in the jargon).

Microsoft Excel exporting to PDF in the good old-fashioned way.

This is a very useful tool. Right back at the beginning, Adobe made the strategic decision to make the software required to read their PDF files freely available. The result (as is always the case when a technology is made free-to-use) it rapidly became the de-facto standard for exchanging documents. And everybody did well out of this, including Adobe – who have built an empire on the back of the universality of their file format.

Things change, which often entails the bean-counters getting into positions of management.

Let’s bamboozle our users.

At which point they starting making strategic decisions based on short-term & irrelevant cash considerations, ignoring the fundamental underpinnings of their business (looking at you Boeing!). And so. If you have the ‘free’ Acrobat Reader software installed on your PC, Adobe will now try to hijack the Office ‘export’ function to try to bamboozle you into signing up for their premium service.

What to do? There are three main options.

  1. You can click the second link down, and it’ll all work as before.
  2. You can uninstall your Acrobat Reader (there are perfectly decent alternatives, serves ’em right).
  3. You can disable the ‘COM Add-In‘ for Acrobat in your Office apps.
Meanwhile, make a cup of tea & enjoy the beauty of Autumn.

Patches and updates. What are they & why do we need them?

Updates. Why?

It sometimes seems these days that everything you touch needs to ‘update’ before it will do what you purchased it for. It is one of life’s endless irritations. So what is going on, why do we need them and are they important?

Modern software consists of thousands – maybe millions – of lines of computer code. The reputable suppliers take a huge amount of care to try to get this code as fault-free as possible. But to get the system 100% perfect would be (even assuming such a thing is possible) so time consuming that the product might never make it to the shelf. It’s generally accepted that there will be imperfections hidden in there somewhere.

We also have to accept that technology develops over time – and this might require changes to the software in you PC.

For these (And other) reasons software suppliers create & release ‘updates’ or ‘patches’.

We can therefore group the drivers for these updates as:

  • Fixing faults in the software code.
  • Desire to add features.
  • Updates to meet more recent standards
  • Remediate security flaws discovered by researchers (or scammers!)

How?

Responsible software companies will support their software for a specified time after release. During that time they will research problems & create solutions. These solutions will normally be in the form of ‘patches’ that are download from the Internet and applied in the relevant place. Hence you will hear the expression ‘fully patched’ to indicate that the software in question has been fully updated with these remedials.

Out of support.

Once the end of the specified support period is reached the company will cease these efforts. This is often called ‘end of life’. The expectation is that the user will UPGRADE to a new version of the software, which will have its own support period off into the future. The catch is, of course, that getting a new version often costs money. The risk of NOT doing so is that, should any flaws remain in the system at the end of the support period, you are vulnerable to whatever effects those flaws allow. Which, in the worst case, may be to allow miscreants to access and exploit your system.

Should I?

That depends on usage.

Businesses should not, as a rule, continue to run ‘end of life’ systems. Especially if your system holds sensitive data of any sort. It puts that data at preventable risk. It might well invalidate your ‘cyber insurance’. It will be looked on askance by regulatory bodies like The Law Society & The Financial Conduct Authority.

Private users are no less at risk, but are not driven by the same imperatives that business users are. Additionally they are less of a target. So running your system a couple of years beyond it’s end-of-life date is probably a risk they are willing to run.

Why tell us know?

The driver behind this article being written now is the imminent demise of Windows 10. Microsoft will end support in October 2025. From that point on they will only support Windows 11. They announced this is the summer giving users – particularly businesses – 18 months to migrate their fleets onto Windows 11.

As a professional support company we strongly recommend you look into this in a rigorous manner, the sooner the better. Please don’t leave it until the last minute when (a) it’ll be a terrible rush (b) your IT support staff will be on holiday (c) hardware will be in short supply as everybody rushes to replace their kit at the same time (d) prices will be inflated due to the scarcity (e) all your systems will be being replaced together, so productivity will plummet. You’ve got 12 months, migrate 10% of your systems every month & spread the pain!

So you have WiFi broadband? Probably not…

It’s a common misconception that we hear a lot. So what and why? To explain I need to go into some brief details on how you actually use ‘The Internet’.

‘The Internet’ (at least the bit you use) is best thought of as a long chain of separate links. They all have to work in harmony, or you won’t be able to use the system. Let’s look at a (very simplified) example: you want to look at the BBC website.

 

  1. You type ‘bbc.co.uk’ into your web browser.
  2. Your laptop processes this and works out you need an Internet connection.
  3. According to it’s rules the laptop passes the request onto your LAN (Local Area Network) connection.
  4. Your LAN connection contacts your router/hub and forwards the request.
  5. Your router/hub acts according to it’s rules and sends your request to its WAN (Wide Area Network) connection.
  6. The WAN connection sends this request down the cable(?) that connects your house to your provider’s exchange unit.
  7. The exchange unit takes your message (along with many other customers’ requests) and relays them along the (increasingly high capacity) web of transmission systems that is the backbone of The Internet.
  8. At the appropriate point your message exits the Internet backbone and passes up the local cable to the BBC’s server facility.
  9. In this facility it passes through the appropriate firewalls & routers until it arrives at the server hosting the BBC website.
  10. This web server looks at your request, chooses the appropriate content. And them sends this back – essentially reversing down the path I have just described above.

Now, in all of this, your ‘Broadband’ or ‘Internet connection’ is just Step 6 – the bit that connects the router in your house to the exchange of your ISP (Internet Service Provider. And, overwhelmingly, this is delivered via a cable: either copper or – increasingly – optical fibre. The only people who have “Wireless Broadband” are cu

stomers of specialist services, like AirBand or Elon Musk’s StarLink. Otherwise you don’t have ‘wireless broadband’!

There is other alternative. You can use the mobile phone data network (a.k.a. 4G or 5G) to provide the link between your

router and the Internet. This is also a form of ‘wireless broadband’. We use this quite often to provide backup Internet connections where the cabled connection is unreliable or undergoing maintenance.

So where does this misconception come from? The answer is straightforward. Most devices these days (smartphones, tablets, many laptops) make the connection to your router (Step 4) using WiFi. And so users use the shorthand ‘WiFi broadband’.

And another thing. Look at the list above (which is somewhat shortened for simplicity!). It’s a sequential chain, and it only moves as fast as the slowest link. So when a user says “my broadband is slow” it could be any one (or more) of these links – most of which neither they (nor us) have any influence over. King Canute had it right, and I bow to his wisdom!

Deco WiFi7 MESH units. Very nice. Very expensive.

Wi-Fi 7 is here

WiFi 7 is here. The latest & greatest standard, offering lots of wondefulness.

Should you upgrade? Probably not. If that sounds a bit killjoy, let me explain. For most people (at home or in the office) their perception of computer speed is governed primarily by the responsiveness of their PC when accessing the Internet. Websites, email, social media – it’s all delivered via ‘The Internet’. And the thing is that the delivery pipeline is a chain – and it’s only as fast as the slowest link. I know people are going to say ‘it’s not all about speed’. And they’re correct. Thing is though that – for 99% of the people 99% of the time – it IS all about speed. And here’s the inconvenient truth: it’s great that the new WiFi7 has a data-rate of 46Gbps (which it does) – but if your broadband feed is only 0.5Gbps. then 45.5Gbps of your WiFi capacity is going unused. In addition it’s unlikely that any of your current equipment (laptops / PCs) support WiFi7, so it’s a complete waste of time.

Or is it?

There are, of course, people for whom this upgrade does make sense. One of the most useful improvements is the increased performance when sharing the WiFi with many devices in the office. Generally the performance for everyone degrades rapidly when the bandwith cake starts getting sliced too thin. WiFi7 promises to be more generous here.

And there are a bunch of intereting & usefull – if somewhat technical – improvements here as well But (and it’s a big but) – it’s expensive. The 3-pack in the image is £1000. Yes, a grand. You have got to be really sure it’s going to enhance your life before splashing that much cash!

I’m not joking. OK, a little bit.

Logitech mouse

A Logitech mouse – just like mine!

I’m really not sure what to make of this. I’m keeping an eye on a seemingly preposterous story centred on Logitech. These are the people who make mice & keyboards (amongst other stuff generically known as ‘peripherals’). We like their mice & keyboards a lot – we use practically nothing else.

The story kicks off with the Logitech CEO being interviewed by a tech YouTuber. During which the idea of a “forever mouse” came up. After a bit of digging it transpired that the concept was that you’d never need to replace your mouse because it would be kept up-to-date with constant software updates. After a LOT more digging the CEO finally admitted to the idea being based on a subscription model – yes, that’s right! A monthly charge to use your mouse.

The mind boggles. Gamers might disagree, but a mouse is a mouse. I have never, ever, thought “oh, I wonder if there is a software update for my mouse?”. If I replace my mouse it’s because a button has broken, or the thing is so filthy I can’t stand it any longer. Not, ever, because it’s software is out-of-date! Even the improvements sought by gamers are likely to be mechanical (sensors & stuff) which isn’t remediated by a software update.

Oh great! More stuff to update – just want to send a quick email? Oh no, the mouse is updating. And we now have to pay for this inconvenience!

But now comes the frantic back-pedalling. Logitech now say that the ‘Forever Mouse’ was never a thing. Which is nice. So, what gives? No idea. Maybe we look no further than the old saw ‘all publicity is good publicity’.

An easy trap to fall into

No apologies for going back to the subject of mail compliance. And this time it’s an obvious and easy trap that you could fall into when configuring your SPF record.

The SPF record for Back Office It

The SPF record for Back Office It

By way of explanation, your SPF record is something you publish: it contains a list of the server(s) that you have authorised to send out your emails. When we send out an email from backofficeit.co.uk the recipient looks at the source server, checks it against our published SPF list, and gives it the go/no-go based on what it finds. In this way recipients are protected against ‘spoof’ emails (scammers pretending to be us). The trap comes when you use Microsoft365 (Office365) for your emails. Your SPF record is now spf.protection.outlook.com – which sounds fine. But every other Office365 user on the planet comes off the same server. So the SPF record check does NOT say “this is definitely from backofficeit.co.uk”. It simply says “this is from an Office365 user & Office365 is good for backofficeit.co.uk”. Which is not where you want to be at all!

The solution is to use an outbound mail relay. The one we have partnered with has many useful features. But, in this case, it has its own SPF identity. And, as part of their system, they monitor for exactly the scenario we are guarding against: therefore we use that instead of the Office365 one. And now the receiver can say with much higher confidence that this email is really from us.

 

 

Did they really think that they could get away with it?

On Jan. 12, 2023, Intel announced full details and availability for the new 13th Gen Intel Core i9-13900KS. A photo shows the ​​13th Gen Intel Core i9-13900KS Special Edition retail packaging. (Credit: Intel Corporation)

Apparently so. We’re talking about Intel and the fiasco over their latest chips. To cut a long story short, Intel launched its latest chips (13th & 14th Generation CPUs) to the usual fanfare & premium prices. Only for some users to find that these chips were, in some cases, slowly failing. What was happening is that the chip was not regulating its own electrical power properly, and bit by bit it was cooking itself. Intel quickly released a software patch that prevents this happening. But, crucially, if you have already experienced the problem then tough luck – the damage is permanent. And Intel announced that this was just on certain batches, your bad luck, so sorry, never mind. Which isn’t nice, as the i9 illustrated above is the wrong side of £600 – assuming you can get one.

Now, however, that have (in small part) backed down. You can read about it here.

Maybe the fact that Intel is laying off 15,000 staff might be connected in some way. Maybe not. But here is another product that clearly has not been rigorously tested before being flogged to the paying public.

And before you get too smug looking at your AMD chip, have a read here…