Pittsburgh Tech Guy

I have a 12 year old who seems to be as swift on a computer as I am at times.  That being said, I find myself still needing to check on all that he is doing because, well, he's still  12.   Thanks to Megan Mulrain, from Allconnect.com for this great update to Keeping your child safe online.  It is a comprehensive guide on all the things you can do to ensure your children navigate the web safely.  Click here for the article.

Windows 7 is one of the best things Microsoft ever released. The much-adored operating system wooed back users who reviled the disappointing Windows Vista, and it remained a comfortable refuge during the even bleaker Windows 8 era.

Even today, with Windows 10 fixing Windows 8’s worst mistakes and standing as a superb desktop operating system of its own, a legion of vocal PC enthusiasts swears by Windows 7. Why? Because it stays out of your way, and it just works.

Until today. On January 14, 2020, Microsoft ends Windows 7’s extended support. Windows 7 is dead.

Your PC will keep operating, of course. Microsoft isn’t literally pulling the plug on your devices. But Windows 7 won’t receive any more updates or security patches, meaning your PC will also be very vulnerable to all those nasty malware programs garnering headlines seemingly every day. If you keep using Windows 7—and over a quarter of all computers run it, per NetMarketShare—you’re on your own, and the Internet can get nasty.

I can help you stay as safe as possible, though.

Don’t use Internet Explorer

A lot of malware gets delivered via browser vulnerabilities, and a lot of those will be aimed at Windows 7 now that it’s wide open to attack. Microsoft’s ending support for Internet Explorer too, and you definitely don’t want to run an unsecured browser on an unsecured operating system.

The other top browser vendors will continue to support Windows 7, however. Google’s Chrome is popular, but Opera beat it out in our best web browser comparison, and Firefox is great, too (remember to update Firefox to avoid a recently revealed vulnerability). Switch to one of those—any will do, honestly—and make sure to enable automatic updates to keep those hatches battened down. This should be a top priority.

Choose your software wisely

That segues to a key point: Make sure the software you’re using still supports Windows 7, so that any potential security holes still get patched.

After browser vulnerabilities, poisoned Office documents are another frequent attack vector. If you’re still using Office 2007, stop—its support ended years ago. Office 2010 will continue to receive security updates through October 13, so you have a little time there. Microsoft will actually continue to support Office 2010 for the next three years (until January, 2023) if you subscribe to Office 365. If that’s not in your budget, check out our list of the best free Microsoft Office alternatives for other no-cost options, such as LibreOffice and Google Docs.

Java, Flash, and Adobe Reader are commonly targeted as well, so make sure they’re up to date if you need them. You might not, though. I was able to live my online life surprisingly well without them seven long years ago, and it’s even easier today, though it’s hard to replace some of the meatier features in Reader. Kick Flash and Java to the curb and only install them if needed. They’re in their twilight years.

Audit all your installed software, including browser plug-ins. If you don’t use it, ditch it. Many standalone programs offer an option to update automatically to newer versions as they’re pushed out. Activate it.

Install antivirus software

The free antivirus that Microsoft offers for Windows users works great for most users, but it won’t receive updates now that Windows 7 is end-of-life. Yes, Windows Security Essentials is dead too. Now that your operating system won’t receive security patches it’s even more crucial to run protection on your PC. That expired version of McAfee that came with your computer isn’t going to cut it.

An activated version might, though there are better options. Most security suites will continue to support Windows 7 for a while, and our guide to the best antivirus suites for Windows can help you find your best option. While you can cobble together an arsenal of free security tools, we recommend buying a premium version if you’re still running Windows 7. Modern security suites do much more than antivirus alone, protecting you against phishing, malicious ads, browser and email attacks, and more. If you’re running an unsupported operating system, investing in a rounded-out security suite is money well spent.

Norton Security Premium is the best pick for most people right now, but you have options. Again, check out our guide to the best antivirus to see all the security product’s we’ve tested. Be sure to check your chosen program’s Windows 7 support cycle before you buy, though. (Norton still works with Windows XP, even!)

Batten down the hatches

Hackers can’t hack what they can’t touch. Follow this pro tip from our old Windows XP safety primer:

“Barring being purely disconnected, if there’s a single tip that could make any Windows PC more secure, it’s this: Stay away from administrator accounts. If you’re blasted by malware, it can only do as much damage as the account it infects. Admin accounts give baddies the keys to your computing kingdom.

Once [Windows 7] stops being patched, stick to using a Standard account for your day-to-day activities if at all possible. Use an admin account to create the locked-down login and stock it with the software you need—keeping our previous program advice in mind—and then don’t stray from Limited land unless you need to install or update software. (And even then, only stick in the admin account for as long as is absolutely necessary to get the installation done.)”

You can go even further though. If your Windows 7 computer doesn’t need to connect to the Internet, physically disconnect it from the Internet. Pull the ethernet plug right out, or disable Wi-Fi.

Alternatively, if you only need legacy Windows 7 support for a program or two, you can run Windows 7 in a virtual machine on a modern, supported operating system, be it Windows 10 or some flavor of Linux. (Again, moving off of Windows 7 as much as possible should be the goal.) If the virtual machine gets compromised, you can just wipe it and start over, with no harm to your main installation. Just make sure you’re backing up the Windows 7 data so you can replace whatever’s lost.

Even with all these precautions in place, your PC can get pwned if you tell malware to come in. Use safe browsing practices to avoid being fooled into downloading malware by phishing attempts, malicious emails, fake updates and error warnings, drive-by downloads or other tomfoolery.

It’s not specific to Windows 7 security, but make sure you’re backing up your data and using a password manager, too.

Microsoft announced today that, beginning in February 2020, Office365 Pro Plus installs and updates will include a Chrome extension that forcibly changes the default search engine to Microsoft's own search engine, Bing.

The change takes place beginning with Version 2002 of Office 365 Pro Plus, and it will affect both new installations and existing installations as they're automatically updated. If your default search engine is already Bing, Office365 will not install the extension. Users who don't enjoy the arbitrary unrequested change to their defaults can opt out by finding and changing a toggle which the extension also adds to the browser, or the extension itself can be removed, either manually or programmatically.

This new policy only takes places in specific geographic areas, as determined by a user's IP address. If you aren't in Australia, Canada, France, Germany, India, the UK, or the United States, you should be safe—for now, at least, and assuming you don't take your laptop on holiday or work-related travel to one of those countries during a time an Office update rolls out. Microsoft says it may add new locations over time but will notify administrators through the Microsoft 365 admin center if and when it does.

Predictably, the unruly denizens of Reddit's r/sysadmin—arguably, the closest thing the modern Internet has to the scary devil monastery—are unhappy. The change is seen as invasive and uncalled for, and most of the comments being made by professional system administrators fall into a few distinct categories: unprintable profanity aimed in Microsoft's general direction, speculation on how much the fines from the European Union will cost the company when it's sued, and instructions on various ways to prevent the unwanted installation from disrupting their organizations.

Why?

Microsoft's actual stated reasoning for the change is to automatically enable Microsoft Search within the user's browser. This adds Microsoft Search results to standard Internet search results when a user types a string into the browser's address bar—meaning the search results will be populated by hits from internal documents, emails, Teams conversations, and more. However, the Microsoft Search results won't actually populate unless the user has specifically signed into Bing with their Office 365 account. So it's questionable how "automatic" this will really be for users who'd been using Chrome or some other search engine in the first place.

Aside from the potential to enrage sysadmins and users alike, we question the wisdom of conditioning users to search for internal, likely confidential data in their Web browser's general-purpose search bar. We also question Microsoft's own language about the change. One section of the announcement opens with the statement "If you decide to deploy Microsoft Search in Bing in your organization, we recommend that you at least send an email to your users to explain..." This would be a reasonable thing to say about an opt-in change, but it seems facile when applied to a change that requires specific preparation on an organization's part to prevent from happening in the first place.

Command Prompt and PowerShell can be run with admin rights, and with normal user rights. It goes without saying that if you run either of these command lines with admin rights, you can execute higher-level commands. With normal user rights, the commands that you can execute in either Command Prompt or PowerShell are tame. In many cases, you might even be blocked from running scripts. If you often need to open either or both these apps with admin rights and would like to skip using the context menu to do it, you can have Command Prompt and PowerShell always run as admin.

Limitations

This trick will work for a specific shortcut to Command Prompt and PowerShell. You must always use that shortcut to open these apps. Any other shortcut that you use or any other method that you use to open them will not result in them opening with admin rights. While, in theory, you can change this behavior for any and all instances of Command Prompt and PowerShell, it isn’t a good idea to do so since it will involve taking ownership of the EXEs for both apps, and that may lead to additional problems down the line.

To keep it simple, either pin Command Prompt and/or PowerShell to the Start Menu or, pin them to the taskbar.

Run Command Prompt as Admin

If you’ve pinned Command Prompt to the Start menu, right-click the tile and go to More>Open File Location. Right-click the Command Prompt shortcut that opens in a new folder. If you have a simple desktop shortcut, you can just right-click it provided you will always be using that shortcut to open Command Prompt.

Go to the Shortcut tab, and click Advanced. Select the ‘Run as administrator’ option, and click OK. Now, the next time you use this shortcut or tile to open Command Prompt, it will open with admin rights. You will still see the UAC prompt.

If you have to share files remotely i.e., the person you want to share a file with isn’t on the same network as you, you will have to use an intermediary service. Often, users either email files, or upload them to cloud drives and then share a link to them. While these methods work and are great because they provide a ‘holding area’ for the file(s) until it has been downloaded, it may not suit everyone. If you prefer direct transfer between computers, you’re looking for P2P transfer. Generally speaking, this sort of transfer is possible but for end-users, it’s not the easiest to set up which is why we recommend using ToffeeShare.

ToffeeShare works in your browser; you upload files and share a link with whoever you want to send the files to. Your browser must remain open and you cannot refresh or close the tab the transfer is active in until it is complete. The file itself isn’t stored online.

Send files over P2P

Visit ToffeeShare, and add the files you want to share.

Once the file(s) are added, ToffeeShare gives you a link to share and a QR code that you can scan making it a pretty simple way to transfer files to a smartphone. On that note, ToffeeShare also works great on a mobile browser. You cannot close the tab that the transfer is active in but you can minimize the window, or navigate away from the tab to a different one. The web app works in all modern browsers.

As for how long it takes to complete the transfer, it depends on the file size. Remember that your file is still being sent via the internet and your own connection speed, as well the connection speed of your recipient will play a role in how fast the transfer is.

ToffeeShare sends files securely, in fact, it uses end-to-end encryption. There are no limits to how big a file you can share.

This isn’t the first app of its kind. In fact, we reviewed a few like it in the past but file sharing apps like this tend to have a brief life in most cases. They’re useful but don’t tend to hold out in terms of profitability and end up shutting down. Let’s hope this one holds out. The file-sharing space is crowded with lots of cloud storage services like Google Drive, OneDrive, and Dropbox but not enough P2P transfer services.

Wirelessly communicating with an iPhone (or an iPad) isn’t easy if you’re not using a Mac, or another Apple device. If you need to wirelessly send files to an iPhone from a non-Apple desktop system e.g., a Windows 10 PC, you might be looking at a long list of apps to buy to do the job. You don’t need to buy anything if you have VLC player installed on your iPhone. It’s a free app and you can use it to transfer any type of file from a Windows 10 PC to an iOS device. Here’s how.

Make sure the Windows 10 PC and the iPhone are both on the same WiFi network.

On the iOS device

This works for both iPhones and iPads but we’re going to demonstrate how it works for an iPhone. The process is the same for both types of devices. Install VLC player on your iPhone. Go to VLC player’s settings and under File Synchronization, enable ‘IPv6support for WiFi sharing’. Next, go to the Network tab, and enable ‘Sharing via WiFi’. Once you enable it, you’ll see an IP address below the switch. Note this down.

On Windows 10

Open any web browser of your choice and in the URL bar, enter the IP address that you noted from your iPhone. Tap Enter and you’ll see an interface for sharing files. Drag & drop the files you’d like to share on to it. Remember that you can share any type of file. You’re not limited to just sharing media files because you’re using VLC player. Wait for the transfer to complete. It will take time depending on the size of the file, and how many files you’re sending.