Robocalls: The 50-Ton Elephant

If you’ve reached the breaking point in robocalls, you’re not alone. We tracked ours for the last three months just to see how bad a problem it’s become. Since Jan. 29, tracking only our landline at home, we received 583 robocalls – an average of 6.5 calls per day, 24/7/365. And that’s with Nomorobo installed on our landline. Thirty of those calls were identified by a single phone number.

While you can debate the effectiveness of Nomorobo and a host of other apps that try to block telephone scammers, they’ve likely done as good a job as they can. The apps use databases of known robocallers or scammer call centers to identify a scam call and disconnect “known” scam calls. Another entry into the field, Jolly Roger Telephone, claims it can carry out our revenge fantasies by engaging scammers and tying up their valuable time.

Unfortunately, the databases also lead to a growing number of false positives. They rely on customer feedback to some extent, and that can have negative side effects. There’s no way to know how many legitimate phone numbers get into a database for any number of reasons. A legitimate call center, including an outgoing “800” number from a bank, airline or insurance company, may get blocked, delaying vital communication between a business and a customer.

Some of us have turned to apps from our phone carriers – mobile and landline – to block calls, but we face the same problem of false positives in their databases. We can unblock specific numbers, which we had to do to take care of many of non-profit clients. We only find out about the block after a client tells us we couldn’t be reached.

Scammers have adapted to protect their income sources, and it’s a no-holds-barred world. Would it surprise you if they’ve compromised the databases? They’ve also become better at spoofing local phone numbers so that you think someone in your community is calling. Sure, it’s possible to trace a phone call back to its origin in many cases, but it’s time-consuming just to get the process started. In the meantime, the scammers don’t need a large volume of victims to make money.

But most of us increasingly don’t answer the phone unless we know the number. We put up with the incessant ringing and hope that a legitimate caller will leave a voice mail, or we wind up blocking legitimate callers.

Unfortunately, there are no prospects for a quick resolution to the problem. In the absence of any kind of international laws with enforcement teeth, it will be up to private industry to find a solution. They’ll need financial incentives to develop and maintain centralized databases and technology that can detect and block scam calls faster and more effectively.

There’s even no incentive for us to get rid of landlines. Almost every bundle from a cable or satellite provider is a “triple play” of TV, internet and telephone.

We can help you set up Nomorobo. Their service is $1.99 per month for mobile phones and devices and free for landlines. Call us – 973-433-6676 – or email us if you have any questions about how call blocking works and how to set up an app to meet your needs.

In the meantime, if you pick up the phone and it seems suspicious, don’t give any vital information. Hang up immediately. You can always get additional information by going online to research appropriate contact info and initiating communication.

Kohls and Amazon Starting a Trend?

“If you can’t beat ‘em, join ‘em” is an old adage. It applies to today’s retail environment, in which we love ordering stuff online but hate the process to return the stuff we don’t love. Kohls and Amazon may solve our problem while they help themselves with a new program.

Beginning in July, the companies will roll out nationally a program that began two years ago at 100 selected stores in Los Angeles, Chicago and Milwaukee. It should be a win-win-win for consumers, Amazon and Kohls when the program goes operational in some 1,150 locations in 48 states.

We expect to be able to return merchandise that doesn’t work out or when we change our minds. It’s especially true when we buy online because we’re buying it sight-unseen or without having tried on or tried out the product. In a report in the publication Retail Dive, more shoppers than ever factor returns into their purchasing decisions. They cite a report from Stockholm-based payments company Klarna, which shows that 82% of shoppers consider returns a routine part of shopping, while 84% say they’re more likely to buy from a store offering free returns. Sixty-two percent say they wouldn’t purchase from a store that doesn’t offer free returns.

The numbers show online shoppers want a more seamless experience and will reward retailers who deliver it. Nearly half (44%) of respondents say slow returns are the most frustrating part of the returns process, as anyone will attest to. You have to put the product back in the box (a challenge of its own), seal it and bring it to a designated shipper. Still, 86% say they are more likely to return to a retailer that offers free returns.

Clearly, we demand mulligans, and that creates logistics issues for online retailers.

First, Amazon, which could handle 50% of online purchases by 2023, doesn’t have many retail outlets. Yes, you can pick up Amazon-ordered merchandise at Whole Foods, and the company is experimenting with cashless retail stores, which can be pick-up points. But those types of stores are not equipped to take back large volumes of clothing or household goods. The return program with Kohls gives Amazon customers a convenient place to bring back unwanted items, and Kohls must obviously have the logistics network capable of handling the returns.

Kohls can win by getting traffic into its stores. That’s a no-brainer. Just because you return something doesn’t always mean you don’t need the item. Who knows? You might find just what you need or want – in the right size or better style – while you walk through the store. And if you carried an item into a store, you can certainly carry it home.

The return policy covers “eligible” items, which may have something to do with size. You’ll be able to find out when you initiate the return process online, which is a requirement. You’ll need to take care of authorizations and paperwork through your Amazon account.

Our only advice: Make sure you maintain tight security for your network and account passwords. Any questions, call us – 973-433-6676 – or email us.

Intel’s Chip Shortage Impacts Computer Sales

If you’re wondering why it’s taking longer to deliver and install new computers, it’s because there’s a shortage of Intel chips. Intel has placed the blame on several factors, including a slower demand in China. According to reports, Intel can also cite sales to cloud customers, a weakening NAND flash market and weaker modem demand.

Some observers contend the shortage will worsen this spring, a traditionally high season for entry-level computers such as Chromebooks. Others say Intel simply didn’t anticipate the demand and didn’t put in enough manufacturing capacity to handle the volume. With priority going to data centers (the cloud), that means there are fewer chips available for PCs and laptops. PC processors are reportedly last on the company’s priority list.

As for us, we’ve seen a drastic increase in the lead time for new computers. We used to be able to get them in a day or two. In one instance, an order placed in January arrived at the end of March. One of the computer manufacturers affected by the shortage is Dell, one of our favorites for Windows-based units. Dell prefers Intel chips, and so do we. Dell said earlier this year it might look for other sources, but as it stands, we’re stuck for the moment. We don’t expect the situation to improve until the second half of 2019 – and nobody’s making sure-fire predictions.

Some industry sources predict the shortage will ease by the summer because the large data-center customers have made their required purchases. But with expected Chromebook sales still to be made, others are predicting the shortages will extend well into the summer and maybe beyond. The shortage may worsen before it gets better – because of the Chromebooks. We’ve seen reports that Intel will ramp up production facilities in Ireland and Israel, increasing capacity by 25 percent.

What can we do in the meantime to minimize the effects of the Intel shortage?

If you’re looking at new computers to improve business efficiencies, we can look at upgrading the efficiencies of other equipment, such as routers, servers and peripherals. Those are improvements you are likely to make down the road, anyway, so it could mean you’ll have a two-stage process. The computers will come later. We can also fine-tune your software and make sure that all your operating system and app software is up to date and in sync with your computers’ capabilities.

If you’re still using the Windows 7 operating system and planning to purchase new computers to work with Windows 10, we can place your orders now. Even though your new systems may be backlogged, they will be in the pipeline, and you should be able to plan your migration to your new systems before next February, when Microsoft ends its Windows 7 support.

We can also consider alternatives, such as computers with chips from other manufacturers. However, we urge you to consider the long-term effects of any alternative you select to solve a short-term problem.

If you are planning on buying new computers, let’s talk about your needs and explore possible solutions in light of the Intel chip shortage. Good planning can help you mitigate the effects of the current market conditions. Call us – 973-433-6676 – or email us to set up an appointment.

Rule Your Email

We recently had to help a client resolve a rules-based email hack. It seems that hackers were able to change the rules in the email system to forward email to their own site and respond – and they could activate or deactivate the rule at will.

The problem showed up when our client’s clients were flooded with messages about sharing files. The client normally does share files – and so do we; it was the volume that grabbed their attention. Fortunately for everyone in this email chain, we were one of those who got caught up in the problem, and that helped us understand what was going on.

The hackers changed the rules for handling emails. They were able to intercept emails and then send new messages to the original senders with a request to share files. The requests, of course, looked like they were coming from our client. Sharing those files gave the hackers access to the computer systems of anyone who responded to that request.

We were able to go in and fix the rules that affected our client’s system. It wasn’t particularly difficult to do once we identified the problem. But what can you do solve the problem and/or prevent it? The answers won’t surprise you.

  1. Everyone who uses email should make sure you have strong, secure passwords for your email – and for your network, too. We find that in most cases, our clients who get hacked have simple passwords that are easy for hackers to figure out. So, the best thing you can do before anything else is to change your email password and make sure it’s strong – upper and lower case letters, numbers and special characters.
  2. Make sure your anti-virus and malware software is up to date and running
  3. If you see something that looks just the slightest bit out of order – different writing or phrasing or spelling mistakes – don’t click on a link. Don’t reply to the email, either. If you have a question, pick up the phone. Alexander Graham Bell invented the telephone in 1876, and the cell phone was introduced April 3, 1973. Telephones in any technology are proven to connect – and with rare exceptions, they’re private connections
  4. Forward the suspicious email to your IT provider. Those of us in the business share a lot of knowledge, and we have a good chance of determining if the request to share is legitimate or where there could be problems
  5. Call us to look at your email setup and see what rules might have been placed on your account without you knowing it. Even if you’ve changed your password, hackers still have ways of planting malware. We can see if you have malware or a virus and help you get rid of it.

In the final analysis, it’s up to you to rule your email inbox. We can help. Call us – 973-433-6676 – or mail us if you have any questions or need help.

Apple TV+ – Delicious or Wormy?

Apple has announced it will launch its own TV streaming service this fall, Apple TV+. Apple will join Netflix, Amazon and others in providing content. We don’t what it will cost, and we don’t know if the experience will be delicious or full of worms. But we can count on Apple disrupting the market and changing the game. It’s how they play it.

Let’s start with the promises. Apple claims its new stream will be “the new home for the world’s most creative storytellers featuring exclusive original shows, movies and documentaries.” If you want a hint about if they’ll be able to keep that promise, they will debut with a sneak peek through a new Apple TV app that works across iPhone, iPad, Apple TV, Mac, smart TVs and streaming devices. You’ll be able to subscribe to Apple’s TV channels a la carte and watch them through the app.

You may want to look at Apple’s move as another reason to cut the cable cord, but we don’t see it that way. Even though increasing numbers of people are streaming programs through their TVs, in addition to computers and devices, cable companies are accommodating customers who want programming from “non-TV” providers. You can get Netflix, Amazon, Hulu and Apple – in addition to premium content providers such as HBO and Showtime – through your cable system. And why not? As gatekeepers, they’re happy to pick off a few dollars in subscriber fees from any and all content providers.

And it’s as a gatekeeper and content provider that Apple may be trying to maximize its hold on content viewing. Apple has a big market share of smartphones and an even bigger share of tablets – all in addition to a large base of Mac computers. But it’s way behind Roku and Amazon for connected TVs with only 15 percent of the market. Further, more than half of the nation’s TV streamers use Roku or Fire TV, and some 30 percent use smart TVs. Apple gets only 15 percent of the streamers. Clearly, Apple will need to partner with those who deliver content just as much as it will need to provide strong content to make this venture work.

We don’t know what Apple TV+ will cost, but various sources figure it will fall somewhere in the range of $10 to $15 per month. Apple could undercut the market with attractive intro deals. They have the resources to do it if they wish. With a push based on low prices and innovative programming, Apple could disrupt the industries that create and deliver content, especially in the short term. But history tells us that other industry giants will react to meet their own needs – and that some upstart will find a way to step on the giants’ toes.

Whatever happens, here are some things to keep in mind:

  • High-definition streaming requires a fast internet connection and a powerful Wi-Fi network. If you have multiple high-def TVs and a slew of devices, you’ll need lots of speed and capacity.
  • Many consumers get their internet from cable providers, and there are some things you need to balance when figuring out how much content to get from cable or the internet. Cable companies are willing to give you good internet speed if you’re a cable TV customer. If you are an internet-only customer, you may pay more for your connection, and you may face caps on how much data you can download. For the cable companies, it’s all about profitability.
  • How and where do you want to watch your content? Cable is good for big TVs for large groups, but you can take your devices anywhere. Consider the price of what you watch on. You can get a really good, fairly big TV for $500 or less, and you can pay twice that much for a mobile device.

We can help you make smart decisions about how and where you’ll watch programming by looking at the technology currently in your home and recommending what you’ll need to have a system that works for your preferences. Call us – 973-433-6676 – or email us for answers to your questions or to set up an appointment to discuss your needs.

Neglect – The Silent IT Killer

We saw all the signs of classic neglect when we started with a new client who had been dissatisfied with their previous service provider. The fact that updates were never installed was horrifying because the client was in a financial services field. We can’t say if there was willful or accidental neglect, but the lack of updates could have killed a business.

What we saw can happen in any office where a company owner or manager has lost trust with their IT service provider: They stumble onto an issue. In many cases, businesses trust their IT providers to the point that they don’t keep their passwords on-hand (much less up to date) and don’t learn how to check to make sure updates have been installed. For this client, it seems that automatic updates were turned on and then turned off.

We know that some IT providers and some users don’t like automatic updates because they want to be able to monitor how changes take effect or make sure all the bugs are out. We don’t agree with that practice, and this is an example why. When automatic updates are turned off, it’s too easy to miss a notification when one is available, and that can lead to all sorts of security risks. Bugs in updates are inevitable, and patches to fix them are issued pretty quickly.

In this case, the server hadn’t been updated for nearly two years (keep this time period in mind), but we didn’t learn that until the client forced the previous IT provider to send the passwords for the server and the firewall. Everyone should remember that you own your passwords – and remember that you should keep them stored in a safe but accessible place.

Once we got access, we learned that the physical server and firewall had not been updated for two years. The firewall had no security or operating system updates since 2012. We told the client they had to update everything immediately.

We also found that their Wi-Fi network was not properly segmented, and that allowed access to everything through their guest network. That was neglect on somebody’s part, and I’ll blame the previous provider. That’s something that should be taken care of without any excuses.

At that point, I took out my Dashlane password manager and immediately generated new passwords with random numbers, case-sensitive letters and special characters. I printed them out and reviewed them all with the client to make sure they knew all of them correctly.

You can avoid these problems by making sure you get automatic updates and by knowing all of your passwords. You can also make up for past neglect by checking yourself to see when the last updates were installed – as long as you have all of your passwords.

If you have a server, you can look at the date of your last update through your control panel. If you see a huge gap between the day you check and the last installation, that’s a bad sign. In the case of the new client, who had issues with a previous service provider, the last server update was nearly two years before we found the problem.

On a computer running Windows 10, you can simultaneously push Control, Alt and Delete to bring up Task Manager. Click on the Performance tab and highlight the CPU button on the left. You should see Uptime in the bottom center of the screen. The columns, looking left to right, measure days, hours, minutes and seconds. Uptime is calculated from the most recent restart. If your uptime is 30 days or more, it’s a sign that you likely are not getting updates or not rebooting to clear out trash from your system. In one case, we saw an uptime of 286 days.

You can set up automatic updates for Windows and many of your applications. If you see or believe that your updates are woefully out of date, call us – 973-433-6676 – or email us to set up an appointment to walk you through the update process free of charge. You can’t fall behind on security.

Security and On/Off Wi-Fi

We’re seeing more Ring doorbells. They offer you the ability to monitor your door from anywhere through the internet and your Wi-Fi network. But some clients have told us they don’t want their network on at all times because of radio frequency waves.

We don’t share some people’s concerns about damage from radio waves. We carry cell phones in our pockets and hold them up to our ears. We can reduce our exposure to radio waves by using a headset, but nearly everyone uses a Bluetooth device, which operates on…right.

Despite a majority of scientific studies that radio waves from cell phones pose no danger to most people, some like to avoid them wherever possible. And those avoidance steps include shutting off Wi-Fi systems – routers and boosters within a home – for periods of time.

Personally, we believe that defeats the purpose of having a security device, such as Ring, which can record and store images of anyone coming to your door, even if they don’t ring the bell. But your Wi-Fi has to be on, or else you can’t identify a threat to your home.

The issue of no internet or Wi-Fi was brought home to us this past summer with 10 days left on our vacation. We saw that Ring alerts had stopped – because our internet service was down. We were able to contact Verizon while in Europe, and they were able to restore our service as soon as we got home. But during the time it was out, we lost part of our security protection. (For the record, our service was knocked out by a squirrel.) That being said, we can help you set up a program to automatically control the operating times of your Wi-Fi network. Call us – 973-433-6676 – or email us to discuss all the pros, cons and options.

Password Problems Revisited

To take our discussion of vanishing passwords one step farther, some recent service calls for clients who’ve been hacked – some multiple times – have provided still more reasons to move on to newer technologies.

We are getting numerous calls from clients to help them set up Dashlane, including one client who has been hacked seven times. We tried to get them to use Dashlane or Password Keeper. Now, they’re ready to do it the right way. They’re ready to move beyond the annoyance of having to remember or look up passwords for security and type them into a website. For now, Dashlane or another password manager can resolve the issue for most people who are fearful of trading passwords for newer password-less technologies.

As we’ve noted, people set up passwords that are easy to remember or type. There’s generally enough repeatability that a code cracker can solve the puzzle you’ve tried to create. That happened with our client, whose bank account was hacked. As we were setting up Dashlane and downloading emails, we noticed the client had been getting alerts that the password had been changed. They had not made those changes. It took a phone call to resolve that issue, and it took Dashlane to ward off the hackers.

We should note here that there are a couple of important side lessons to learn from this experience. The first is on you: Call the company – and don’t necessarily use the phone number in the email; get one from their website. The second is on the companies: Make it easier to get a human on the phone when somebody has a security issue. We went through five layers of voice prompts before talking to a person.

Once the “alert” issue was resolved, we were able to fully install Dashlane. The process does take time. Installing any password manager requires you to pay attention to details and maybe some repetition. For financially sensitive accounts, you may want to generate another round of new random-pattern passwords as an extra layer of security. A password management program should allow you to print a copy of your database with all of your passwords – just in case there’s a mistake or if you decide to stop using the program. It should also work across all of your devices: computers, phones, tablets, etc. If you are one of the growing number of people who use an infotainment system in your car like a computer, you might want to change sensitive passwords frequently – as often as once a week.

Again, you only need to remember your master password for the password manager, and that can be a tremendous time saver, especially if you need to access a website from a mobile device.

But again, we believe you should use password-less technologies. They’re more secure, and they are easier to use than many perceive. For example, many Windows 10 computers have Windows Hello, and you can use that to add a fingerprint reader. The reader itself is about the size of a wireless mouse device and plugs into a USB port. Similarly, many mobile devices can use your fingerprint to verify you are the owner and user. If your computer or device has this capability, we strongly urge you to use it.

Many computers and devices also have built-in cameras that can be used for biometrics, and some advanced security measures use locations and usage patterns in place of passwords. As a backup, all of these measures have provisions for a PIN or a password if the biometric program can’t be used or if you don’t want to use it.

We can help you set up a password manager or – better still – go password-less. Call us – 973-433-6676 – or email us to get answers to your questions or to set up an appointment to manage your online security.

Generated Passwords Resolve Two Issues

During the recent holidays, I decided to get around to that one project I’d been meaning to do: change all my passwords. I have 241 unique passwords, and even though my password manager at the time gave them strong scores, I just wasn’t happy with the whole situation. So, I dived into a project for the generations.

As you should expect, I’ve read all the security alerts and everything I could find out about layers of security at the websites I visit for personal matters and those I use to serve clients. Each site is different, and that includes the two-factor authentication steps. It should give you comfort to know that using website passwords can be as complex as nuclear-launch codes – though it’s not comforting to think that any code can be cracked.

Randomly generated passwords that are frequently changed offer the best protection against cracking, which is why nuclear-launch codes always change – and why codes for keyless-entry systems for homes, cars and garages are essentially one-time codes designed to thwart anyone with a code scanner who sits near your car or home. Some password managers can change random passwords automatically when a website requires. No matter which one you use, you’ll need to have a master password – and that’s the only password you’ll need to remember.

Changing all of your passwords is not a task for the faint-of-heart. You’ll need to have a password manager program, such as Dashlane, LastPass or 1Password, and you’ll need to pay attention to details. I happen to like Dashlane for two of its features: random password generation and its integration with all browsers and operating systems. I consider those features to be critical.

When you use a password manager to generate random passwords, you need to pay attention to the requirements of each website. Some websites require the use of symbols, but many of them restrict you to certain symbols. Some require upper- and lower-case letters, and some require numerals. Many websites specify a certain number of characters in a password, such as 8 to 12 or 12 to 16. Just be mindful of all requirements when you set up the random password generator for each website.

One of the steps I took – and something highly recommended for financial websites – was to create a randomly generated password, log in to the site to make sure it worked, and then change it almost immediately. Each randomly generated password should be impossible to remember because it should lack any kind of pattern. For example, there doesn’t appear to be anything meaningful to me in FdXKCX9ZKsw. When a website requires you to change the password, you should have a password manager that does this automatically. Dashlane and LastPass do this, but they handle the process differently.

If you want to change your password manager, you can download all of your passwords so that you can re-enter them in your new password manager.

You should also know that your master password resides locally on your computer or mobile device. If you change computers, phones or tablets, you’ll need to re-enter your master password manually, not all your passwords – and it’s probably a good idea to do so to protect your data.

There are two keys to making a password manager and randomly generated passwords work. One is to make sure that the password manager itself is the latest version available and that you install all updates. Remember, as we’ve said so many times before, updates almost always include security patches and bug fixes.

The other key is to have a strong master password – really a passphrase. An effective passphrase should be something long – 20 to 30 characters – that you can remember and that doesn’t contain any information about you that’s available in public records. It should include upper- and lower-case letters, at least one number and at least one special character. Even if you change it every two or three months, it’s the only one you need to remember.

We can help you evaluate password managers and help you with the installation process. We think passwords have to become extinct as other security measures take hold, but for now, passwords are deeply ingrained in our online lives. Call us – 973-433-6676 – or email us for password manager help.

Inside the World of Updates

Facetime updates got a lot of face time recently with all the reports about how a 14-year-old discovered a bug that left a mic open even if a recipient didn’t answer a group Facetime call. It was shocking but not surprising, based on how updates are developed and implemented.

Apple, Microsoft, Google and other technology companies are huge corporations and, as such, are highly compartmentalized. When I visit trade shows and conferences and can find an engineer or software developer to discuss very specific issues related to hardware, firmware or software, the conversations very technical and very tightly focused. They are brilliant people, but they operate in silos.

So, when a problem like the Facetime issue surfaces, it’s likely to involve a piece of code that only one person or a small team worked on – based on instructions that may have come down through several layers of command. That person or team didn’t talk the public or get any feedback based on a personal interaction. Further, the amount of code needed to implement a feature such as a group Facetime session is massive. It’s written in sections and assembled in sections, and even though they are tested, errors can occur each time lines of code from various teams are put together. The people involved do a great job, and the percentage of errors to lines of code written is practically microscopic.

The bottom line is that bugs will show up in the real world, and they need to be found and fixed before any catastrophic consequences show up. But code is not the only factor in updating software for use on a computer or device. We see a lot of old computers and devices with old operating systems that simply cannot handle updates.

We were reminded of the technology gap that opens up when working with older systems. It involved a family business, and technical challenges arose as some family members wanted capabilities that were requested by others. The challenges came as we had to work with computers and devices with a wide range of ages and with differences between Windows 7 and Windows 10. We had to be mindful that Windows 7 is 12 years old and that we are six versions into Windows 10.

Our common thread in the solution had to be sealing up security breaks. We can’t emphasize enough that security patches are the biggest improvements in upgrades and updates, although we all get excited about new features and capabilities. And the problem is that an older system can only handle a limited number of security and feature updates.

At some point, it doesn’t pay for a software or hardware provider to support older systems. Their developers have to jump from one issue to another like playing Whac-A-Mole, and then there is a smaller universe of real-world users to provide feedback on the new code and then use it.

One of our missions is to make the most efficient use of your money. We’ll always do our best to avoid having you buy new equipment or software by trying to find a good workaround. But sometimes, buying new technology can give you a better return on your investment, and one of the reasons to do so is to take advantages of upgrades and updates that are used by a larger universe of people and businesses. That can be especially beneficial based on the how the update world lives.

We can help you install, configure and test updates, and we can advise you on whether to upgrade or keep your current technology. Call us – 973-433-6676 – or email us for a consultation.