A reprint from the PC410 Security Newsletter:

The big “Creators Update” for Windows 10 is no longer optional. It’s showing up now, asking for an update to privacy settings, as shown above, and then offering to install it now, or install it later. Both answers mean “yes.” As usual, there is no “I don’t wanna!” option, but there is an option to remove the update later if you don’t like it, or it breaks the internet, or it’s just not working on your hardware.

Yes, it can break the internet, although not often. So far, I’ve seen it once, but that was on a 12-year-old notebook, and it was amazing that any version of Windows 10 ran at all on such old hardware. The option to remove Creators Update worked well there, and set that notebook back to last Summer’s Anniversary Update level of Windows 10, where it will stay until security patches end, which will generally be 1 year after the following feature update. So that’s 12 months from Spring of this year, probably May 2018.

According to Microsoft, “Each Windows 10 feature update will be serviced with quality updates for 18 months from the date of the feature update release.” That’s 6 months to the next feature update, and 1 year more, and then patches end. If your office is subject to legal restrictions for security, those old versions of Windows will have to be retired at that point in order to remain in compliance. As those end-of-service dates are confirmed by Microsoft, I will update them on the “Windows End of Support Calendar” at my PC410.com site:
http://www.pc410.com/calendar/

The other issue widely reported, but also rare, is that Bluetooth doesn’t work; that will mostly apply to wireless mice on notebooks that use the built-in bluetooth radio instead of a tiny USB adapter. Most application software seems to be OK with Creators Update. I’ve now seen a few minor networking issues, but the fixes have all been minor setting changes.

What to Expect While Installing Creators Update

Before Creators Update arrives on your Windows 10 computer, the message above will pop up. When you choose ‘Review settings’, another screen will appear, below. Setting those privacy settings will allow the upgrade to be completed in one step, in around 90 minutes. Without those settings, Creators Update will still install, but will ask the same questions on restart, and then continue the setup. Answer in advance, and save time. At the end of the process, the infamous series of lengthy “Hi!” messages will appear, and they’re for every user, unfortunately.

My general recommendations for these features are all to choose performance and privacy:

• Location: On for notebooks that travel. On is OK for office computers as well, and web sites will use this to provide local content, like suggesting the nearest branch of a grocery store.
• Speech recognition: Off if there is no microphone, On if you want to use Cortana (similar to Siri, Alexa, or ‘Hey, Google’).
• Diagnostics: Off. It does nothing but phone home, with no results.
• Tailored experiences…: Off. It does nothing but sell more Microsoft products.
• Relevant Ads: Off. It does nothing but track your web visits.

There are a lot of new features, but they’re mostly minor, or related to 3D graphics creation. There is a writeup of the new features in Creators Update here:
http://blogs.windows.com/windowsexperience/2017/04/11/whats-new-in-the-windows-10-creators-update/

Jerry Stern
Chief Technology Officer, PC410.com

A reprint from the PC410 Security Newsletter:

Don’t be somebody else’s guinea pig. There’s a reason that the latest and greatest widget is called the leading edge, or sometimes the bleeding edge of technology. If it still has rough corners, somebody’s gonna bleed. New technology isn’t particularly polished, compatible, or cheap. So configuration costs are high, and there can be a longer-than-normal list of “While we’re doing this, we really should upgrade that.” items.

The Amazon Echo and Google Home devices live in your home and can do things for you, like playing music, or ordering, well, dollhouses. A San Diego TV station said these magic words on television in a news report:”Alexa order me a dollhouse”, and multiple Amazon Echo boxes heard that broadcast and obeyed, by ordering a dollhouse.

And then there was the Google advertisement for Google Home during the Superbowl. Early adopters of the new Google gadget found that when the television said the “OK Google” trigger phrase, their Gooogle Home device woke up. Fortunately, it was not dollhouse-enabled, and didn’t place any dollhouse orders.

Any science-fiction reader knows that voice-controlled whole-house computers are on the way, that they will use voice recognition to only allow commands from a specific individual, and have a special command to say ‘Make it so’. In Robert Heinlein’s books, commands had to end with “I tell you three times.” Clearly, we haven’t reached the competence level of science fiction from 1980.

The Internet of (Stupid) Things

There are a lot of cheap security cameras and so-called ‘smart’ light bulbs available now. Theses devices ‘connect to your cell phone’ and let you control them. Warning flag there–they connect to the internet in order to trade information with a central server, and accept outside instructions to control them, relayed from your cell phone, and possibly any other system that knows the sometimes-obvious default password, which is generally ‘1234′.

In the past year, there have been incidents like these:

• The largest web site attacks ever seen were accomplished by taking over security camera video recorders (network DVRs), telling millions of them to attack a single site and take it down. As over 80 brands of security DVRs are made by just one company in China, and they share the same settings, and passwords like “123456”, they’re trivial to find online and then turn into attack ‘bots.
• Some purchasers of video baby monitors were surprised to find that their baby monitors showed someone else’s nursery. There were some basic security flaws that didn’t account for two monitors on one account, or monitors returned as unwanted needing to be reset to factory defaults.

For many of these products, there is no way to contact the purchasers with a fix, and no way for purchasers to contact the manufacturer; a no-name product means no updates, no notices of security issues, and no fixes.

Jerry Stern
Chief Technology Officer, PC410.com

A reprint from the PC410 Security Newsletter:

Lately, I’ve been asked why some old good stuff doesn’t work anymore. Usually, that’s for software, printers, and scanners. Basically, it’s because old tech doesn’t understand how to talk to new tech, and new tech has no drivers, or translators, for old tech.

While you can use any one device forever, in offline isolation, or as long as it lasts on its own, when you combine it with other technology, especially printers or the Internet, compatibility issues start showing up when it’s too different in age from the other systems in use. This works as long as nothing breaks. Replacing whatever died starts a mismatch of old and new, and the work to keep it all going surges badly.

My basic rule is to try to have all the technology in an office be of a similar age, preferably with a 4-year range. That’s generally reliable. Beyond that, the savings in not buying new hardware or software are gradually overwhelmed by additional configuration expenses.

But How Old is Old?

For computers, the rule used to be, according to Microsoft and Intel, that a computer is due for replacement after three years. As both those companies wanted to sell more products, their opinions include a lot of bias. What I’ve seen over the years is that desktop computers that are kept off the floor, had no basic defects, and have an annual internal de-dusting, become useless from a lack of compatibility with new software long before they actually stop working from hardware issues. Basic defects can make a big difference on some groups of computers, like the bad lead-free solder and leaky capacitors that killed off nearly every 2003 computer.

And better computers last longer, but not always because they’re better. Dell’s low-end home computers have exactly the number of internal connectors they need, plus one spare power connection. Need to add another drive? The power supply isn’t powerful enough for that. Need to add a USB 3 card? No, there isn’t a connector to power that, or an open slot to install it in. The same upgrades in their more-expensive business products are routine.

Notebooks add handling to the age question. The cheaper ultra-light notebooks are frequently all plastic, impossible to upgrade (obsolete sooner), and more fragile. Sturdier notebooks, like a Lenovo ThinkPad, have metal hinges and corner reinforcements, and can survive a drop or a bad thump that would crack a plastic hinge. And inside, solid-state drives can survive bumps where a spinning hard drive would bounce the read/write head off the spindle and lose alignment. Again, the better computer will last longer.

Mismatches:

QuickBooks only supports the last three annual versions of their product. If you need payroll tables inside the product, or links to an industry-specific company management product, plan to upgrade at least that often. If not, you can wait until your version of QuickBooks won’t install in your new version of Windows; new versions of Windows are mostly supported by only the most-recent annual edition of QuickBooks.

Some old laser printers just won’t die. But they need parallel printer cables, not USB connections. While I can add a printer port to anything, there is no printer driver software for a printer of that age in Windows 10, so some ‘emulation’ driver will have to be used, because every printer can make believe that it is something truly generic. That was an ‘IBM Pro Printer’ 20 years ago, and ‘PCL 5’ now. Emulations work, but advanced features of those old printers won’t.

Specialty software, mostly industry-specific, is mostly a case of letting your software vendor control your office. They will release updates, and you’re either ready or not. The better vendors will warn you about big changes one month in advance, mostly, but they aren’t willing to spend their programmer hours on any version of Windows that is over 5 years old. That’s Windows Vista and older now, and will be Windows 7 in April of 2020, when the security patches from Microsoft stop.
Replacement Cycles:

Some computer shops suggest replacing every computer on a staggered schedule every three years, and only buying computers with 3-year on-site warranties. This saves those shops from ever opening a computer or going on-site. While it’s a sure recipe for reducing down-time, here is a more cost-effective replacement cycle:

4 years for notebooks and small servers.
5 years for most information-worker computers.
3 years for power users (video editing, computer-assisted design/CAD).
7 seven years for non-critical desktop computers that aren’t in daily use.

Jerry Stern
Chief Technology Officer, PC410.com