02 May

May 2014 – Heartbleed – Nokia – Microsoft its all been happening…

Welcome to another installment of Boffin!

Well, yet again it’s been an action packed month in the IT world.

Not only did Windows XP become end of life and end of support, but so too did Office 2003 (not that our Hosted Exchange customers would have cared).  With the end of XP support from Microsoft we have already started to see the start of the vulnerabilities with Internet Explorer being the first of many victims.  And as we suspect, there are more to come.

If you are still in two-minds about whether or not you need to replace your old XP machines and they have Internet access, then it’s now just a matter of time before the exploits start to inject malware in to your system.

We don’t want to get all “Y2K” on you, but don’t say we didn’t warn you either.

EtherTech are currently running a special on the HP 400 Corei3 small form factor desktop PC’s running Windows 8.1 or Windows 7 Pro.  They include 4GB RAM and 500GB Hard Disc, on special for just $828.00inc GST. Stocks are VERY limited, so call us if you want one, as they are selling fast.

 

Microsoft finalised their $7.2 billion dollar purchase of Nokia’s handset business and is now in the process of re-naming it to Microsoft mobile, which to us signals a definite move by Microsoft into the enterprise telephony space and more importantly a direct ‘Lync’ to their telephony voice products including Skype.   More importantly, it aligns Microsoft in to the Services and Devices business model, copying the model Apple implemented almost a decade ago.

Whilst on the topic, EtherTech are looking to use Lync as a free add-on to its current cloud offerings, taking Internet voice and VOIP to a whole new and extremely affordable level.

Heartbleed, the Internet security vulnerability affecting more than 60% of the world’s Internet servers entered the spotlight this month.

The problem with this vulnerability is that ‘hackers’ can snoop on your encrypted communications – username and password boxes, credit card transactions etc., and their snooping leaves no trace behind for organisations to ascertain if they were compromised or not.  This is not just hacking into servers, but snooping from anywhere at any time, so the vulnerability is very serious.  Hackers can then use this information to obtain access to your accounts.  Some of the big players including Amazon Web Serivces, Google and Facebook have been hit amongst many others.

What can you do about it?

In reality, not much as it’s more a Web Application Hosters issue, but the problem actually lies in whether or not hackers exploited various systems and obtained usernames and passwords.  Given that we don’t know, we strongly encourage diversifying your password strategy.

I run a website.  How do I know if my server was vulnerable?

Good question, there is a simple Heartbleed website checking tool available here –

https://filippo.io/Heartbleed/

This tool allows you to check websites that you frequent, whether it is currently vulnerable or not.  Whether or not it was previously vulnerable is another matter however.

You can rest assured however that none of EtherTech’s servers were vulnerable at any stage as Microsoft Web Servers were not exposed to this issue.

Hopefully next month is less eventful!  Until then…