Welcome to InterconnectNow - Interconnected Technologies' blog about technology and other items of interest to small businesses and individuals.

The topics here will usually deal with productivity-enhancing technologies of interest to small businesses and individuals, but are often of broader interest.  Productivity is the goal of all of this technology that we use. Enabling productivity through refining or adding technology-based capabilities is what we're obsessed with at Interconnected Technologies, and so this blog is dedicated to discussions of all things related to that.

Enjoy!

Tuesday
Nov242015

Dell Security Exposure - Automatic Removal

Yesterday Dell announced a security vulnerability that it inadvertently introduced on its XPS, Precision and Inspiron computers. While they are releasing an automated patch today that is supposed to remove this exposure, they have documented instructions to remove it now.

This applies to machines purchased during or after August, 2015.

We've digested this down to a much simpler process than described elsewhere. Here's how you do this:

1. Go to http://www.interconnected.com/links.

2. Find the link to the Dell utility to remove this. It's called Dell eDellRoot Certificate Remover.

3. Click on that link. Allow the utility to be saved, and open the folder where the utility was downloaded. How you do this depends on which Internet browser you use (Internet Explorer, Google Chrome, Firefox). The program is currently called eDellRootCertFix.exe.

4. Right click on that utility and select Run as administrator. The utility will run and remove this issue, if it is present.

That's it! We have no reason to doubt that this was an inadvertent error on Dell's part, and that this utility will clear up the issue without further issues.

As always, please contact us if you have questions, need assistance, or want us to do this for you!

----------------------------

Addendum on 11/25/15:

Another certificate was uncovered and described as a security issue.

Laptop Magazine published steps for removal of both. We present an abridged text version of those instructions here:

  1. Right-click on the Taskbar, and select Task Manager or Start Task Manager. -
  2. Tap More Details in Windows 10.
  3. Select Services from the row of tabs
  4. Tap Open Services on the bottom of the window. (In Windows 7, the button is simply Services.)
  5. Select Dell Foundation Services.
  6. Select Stop the service on the left side of the window.
  7. Open File Explorer.
  8. Tap on the path field, type "c:\Program Files\Dell\Dell Foundation Services" and click Return.
  9. Right-click "Dell.Foundation.Agent.Plugins.eDell.dll"
  10. Select Delete.
  11. Click the Start button Type "certmgr.msc" into search field. 
  12. Tap on certmgr.msc from the top of the Start menu's search results.
  13. Select Trusted Root Certificate Authorities from the menu on the left side of the window.
  14. Tap on Certificates from the menu on the right side the window
  15. Right-click on DSDTestProvider if you see it on the right side of the window
  16. Select Delete.
  17. Tap Yes to confirm.
  18. Right-click on eDellRoot on the right side of the window.
  19. Select Delete.
  20. Tap Yes to confirm.
  21. Tap on the Start button.
  22. Select Power.
  23. Tap on Restart.
  24. Repeat steps 11–14 to view your Trusted Root Certificate files. The DSDTestProvider and eDellRoot certificates should now be gone. If they're not, repeat the steps above

(Laptop Magazine post - http://www.laptopmag.com/articles/remove-dells-sloppy-security-software)

Wednesday
Aug052015

Apple hardware and software vulnerable to attack

We have discussed with our Mac clients the fact that in spite of Apple's positioning, Macs are just as vulnerable to attacks as Windws machines. There are many examples. Here's one description of two unique threats:

http://thenextweb.com/apple/2015/08/04/macs-are-no-longer-immune-to-attacks-as-a-new-self-replicating-firmware-worm-demonstrates/

 

Tuesday
Jun092015

WIndows 10 is a coming!

Much has been said, and much will be said, about Windows 10. It will likely be a very positive thing in many ways.image

We will say more, but for now we’ll say this:

  1. It will be a free (in most cases) upgrade for most Windows machines.
  2. It will offer itself to you for free (in most cases), right there on your computer.
  3. We will be testing Windows 10 – how well it works; how well the upgrade process works, and so on.
  4. Unlike previous operating system upgrades, we will most likely recommend upgrading all current machines to this version.
  5. It would be best if you resisted the temptation to upgrade to Windows 10 yourself.
  6. It would be best if you resisted the temptation to upgrade to Windows 10 yourself.
  7. It would be best if you resisted the temptation to upgrade to Windows 10 yourself.

Those last three points are the most important ones. We’ll let you know more, including when we determine Windows 10 is ready.

Until then, remember us for all your small business I/T needs!

Friday
Feb202015

Lenovo and Superfish – when good companies make bad decisions

Word of Lenovo’s use of SuperFish is swirling around the internet and other media, so we thought we should address it. Superfish is an image-based search technology app. Turns out Lenovo pre-installed it on some of its lines of computers along with a security certificate to allow it to place advertisements on secure web pages. If this weren’t bad enough, they set it up so that once someone cracked the certificate’s private key (which, of course, someone already has), the setup could be used by third parties to do nefarious things on the computer.

Superfish is a real company (http://www.home.superfish.com/) and as most Interconnected Technologies clients know, Lenovo ThinkPads are one of our preferred brands of laptops (http://www.lenovo.com/thinkpad). The good news is that the ThinkPad line from Lenovo was not included in this ill-advised little venture, and while it is generally reported that the IdeaPad and a few other personal use lines from Lenovo were compromised by this, the consensus reporting is that only non-ThinkPads shipped in the 4th quarter of 2014 were affected.

If you have any product from Lenovo (or any computer, really) you might want to look a little further into this, or, better yet, have Interconnected Technologies do it for you! We have reviewed our client list and have been in touch with clients we think may be affected by this.

Lenovo released the following statement about this: http://support.lenovo.com/us/en/product_security/superfish

You can visit this site to determine whether or not you have an issue: https://filippo.io/Badfish/

or this one: https://lastpass.com/superfish/

Lenovo released instructions for removing the software and associated certificate here: http://support.lenovo.com/us/en/product_security/superfish_uninstall

Lest anyone think that only PCs and only Lenovo machines are vulnerable to this type of thing, be aware that there are reports of this going back several years across both PCs and Macs (https://discussions.apple.com/thread/3919644?tstart=0). From what we can tell, however, only Lenovo has been dumb enough to do this directly on their own machines right out of the box. Adware and malware are everywhere, and computer users of all types much remain vigilant.

Here are a couple of good references for the Superfish issue:

http://arstechnica.com/security/2015/02/lenovo-pcs-ship-with-man-in-the-middle-adware-that-breaks-https-connections/

and

http://www.forbes.com/sites/thomasbrewster/2015/02/19/superfish-need-to-know/

As always, we stand ready to help Interconnected Technologies clients (current and future!) with issues such as this.

Saturday
Nov152014

Rackspace Exchange Account setup

One of the best and most powerful capabilities of hosted Microsoft Exchange service is the ability to use it seamlessly on mobile device(s), computer(s), and via the web. image

Rackspace provides a handy reference site for setting up your account on a wide range of devices.

Go to the Rackspace Email Help facility here:

https://emailhelp.rackspace.com/

Enter your email address and password.

You will be shown which Exchange platform you are using, and then given links to show how to set up the account on various devices.

If you need additional assistance setting up your account on any particular device, let us know!