On-Site Computer Services

04/08/2026

In the News: Out of date TP-Link routers ("SOHO routers") targeted and compromised by Russian Federation GRU's "APT28" intelligence group.

While some OCS clients have TP-Link routers, they do not appear to have been targeted by APT28's attacks on American household and small business routers.

All OCS supported TP-Link routers are:
Newer than the models so targeted;
Have up-to-date firmware;
Do NOT have public facing administrative interfaces.

For non-OCS users of older TP-Link routers, the USA NSC obtained court approval to counter attack the GRU's operation(s) involved in this set of attacks and state that they caused compromised routers to update to the latest firmware in their counter operations.

Depending on how one interprets second-hand messaging from the NSC, the NSC served up a counter attack at unspecified GRU infrastructure. "Tap, tap, we saw that!!!"

Articles read by OCS do not indicate any theft of a traditional monetary type. The indication is that a general sweep attacking said older and unupdated routers, scanning for government intelligence, likely military IP, unstated but one might think high end business IP might have been of interest to them as well. That general sweep was followed by more granular targeting of "intelligence rich" routers creating a man-in-the-middle intelligence skimming operation.

Moral, keep your firmware up to date as much as possible.

- OCS

02/26/2026

RANT:

OCS ran into another update fiasco from a major software maker, who has been around for decades AND has made the same mistake previously but, obviously, did not learn from those previous experiences.

Late last week or over the weekend they rolled out an "update" which reconfigured systems to use a "New" mail client, as the default mail client while relegating a user's default "Classic" mail client both from being the "Default" application and replaced its icon from a prime location. Note that most icons placed on said prime location (and, in particular, mail client icons) are only placed there MANUALLY by the user or their selected techie.

In the process all the settings put in place, including credentials and other settings related to accessing the user's e-mail were NOT inherited by the "New" mail client (software).

We found this out after a new laptop was provided to a user last week, who tested everything just fine prior to going into the field over a thousand miles from their home office, cut off from their mail (luckily they at least had the same mail on their phone) and away from direct support.

We reverted the friendly "update" but found that doing so in the way performed wiped out the settings from the "Classic" mail client. Normally, not that big a deal but the hosting company has a convoluted system and that proved troublesome to start from scratch. Going to online Knowledge Base articles, we found that this has been an acknowledged problem, later, we found that this situation has been so for several months with individual systems experiencing varying degrees of this issue.

This blog entry is labeled a "RANT" because there is not much to do except make sure your documentation is updated, just in case. In our case, the original configuration inherited from others who had NOT documented the configuration or the process therefore. Plus, the hosting company's documented procedure had key errors!!! Working with their support, we found, adjusted and noted those errors and informing them what they needed to fix in their documentation.

Moral, one manifestation of stupidity is to NOT learn from one's mistakes and to repeatedly make said mistakes. This nameless software company, apparently, fits grandly as an example of this manifestation of stupidity/insanity.

02/03/2026

Ran into an odd problem today. New computer just configured and joined into the office's NT domain. Each logon screen had the customary button to log in as another user than the last. Last night, the machine was all up to date.

This morning, was notified that a new Microsoft update was available. Ran the update, which triggered a restart. When the computer was booted up to the logon, the button to select a different user was gone. Tried two recommendations from the Microsoft "Community" (at least one of them a Microsoft tech who supplied the "Solution" but neither worked.

Further diagnostics revealed that the computer had reverted to no longer be a member of the office's NT domain, only the local/workgroup domain.

In response, joined the computer back into the office's NT domain and the problem was truly solved. A little curious.

01/08/2026

Crowdstrike announces acquisition of SGNL.

At least mildly interesting and somewhat informative.

Business and digital security, while adjacent to political activity, the two or three should not be confused, in general. OCS, however, does consider how politics and totalitarian power affect security and the value of entities specializing in providing security.

Case in point, Kaspersky was a long time/stalwart in the security industry. However, with the advent of state sponsored/directed security actions/violations and the totalitarian government of Russia, where Kaspersky lives, suddenly, we felt that we had to drop Kaspersky (aka Kaspersky Lab) as a recommended anti-malware (AM) product provider. The concern being that they/he could be subject to the whims of their government dictator, who has oft demonstrated more than a tendency to strong-arm Russia based businesses (and a few EU entities) to impact the security and wellbeing of targeted external (and internal) entities, individuals and otherwise.

Therefore, Kaskpersky was dropped from the OCS list of recommended AM and other security products/offerings.

"Security" enterprises/entities that either dabble or wholeheartedly involve their businesses and activities thereof in political actions are also avoided in the recommendations provided by OCS.

Regardless of one's politics, Crowdstrike falls under the latter category, based on the observations of OCS, we have found that Crowdstrike has involved themselves in entering the field of political narrative, issuing consultative communications regarding data access and even been involved in data verification and disposal in ways that indicate a political motivation rather than a strictly agnostic technical and security based motivation.

It is for the latter reason(s) that OCS has not recommended Crowdstrike products nor placing any weight in Crowdstrike reports, recommendations or any other communications as reliable from a pure security perspective for our clients.

Further, whenever an entity/corporation acquires another otherwise recommended security concern, OCS feels that we must assume the worst for the function of such acquired concern's functions into the foreseeable future. Not only has this been a logic OCS has taken after much thought, we have found it to be sound logic via experience over decades.

Thus, OCS feels we must take the same stance for SGNL and their offerings. That is, we may support any existing installations currently supported by our clients and OCS, however, we would recommend against acquiring any additional offerings of products and would heavily question any documents, recommendations and other communications from that firm for the foreseeable future.

Of course, when Putin is no longer in power, we will reevaluate Kaspersky's situation and when Crowdstrike fails or otherwise is no longer in control of SGNL, we will reevaluate SGNL as well.

We would note one momentary exception to this logic. When Symantec acquired Norton, we pulled clients away from Norton AM products. While that did prove appropriate from experience, Norton's founder, Peter Norton "came back" to Norton (as a subdivision of Symantec) and we noted that, within months the product suddenly lost all the issues that it had acquired from Symantec (issues that Symantec's own products (such as Symantec AV) experienced prior to Symantec acquiring Norton and adopting it (dropping Symantec AV). Hence, when finding Norton installed on a client station, we no longer removed it as a first response to see "if that fixed the issue" (previously, that had proved VERY effective for both Symantec AV and later Norton after Peter Norton left the acquired Norton within Symantec).

We found that as long as Peter Norton remained with the company, his namesake products all performed efficiently and did not introduce oddball problems for hosts upon which they were installed.

Later, when he left Symantec again, we watched and the same issues creeped back into Norton products and we resumed our former practices of recommending against Symantec/Norton products and immediate removal, when allowed, when diagnosing any given issue on a problematic system (which proved to save us time and our clients money for diagnostics & fixes of said issues).

Conversely, one unnamed financial institution REQUIRES Norton on at least some of the stations over which they have "compliance" authority. Only in such a situation, do we support Norton products. In such situations, while it costs time and client money, we have mitigated the ill affects of said products through use of more powerful systems (to compensate for the induced lethargy) and additional efforts to strip out any unneeded products on those systems to "lighten the load" as much as feasible, allowing them to operate at a reasonable pace.

Regarding SGNL, going forward, OCS will endeavor to find alternative options when faced with supporting clients who/that use or are faced with using its products.

08/14/2025

We are seeing more End of Life (EoL or EOL) situations coming up this year...

Aside from Windows 10 editions (Win10) definitely EoL in October, other server services sold/issued to be hosted on Windows platforms are requiring newer Windows Server OSes. We were just notified of one requiring Windows Server 2012 (recommending 2019 or newer) when a number of aging but still functional Server 2008R systems are in the field!!!

Note: For simplicity, this post refers solely to Windows Server but some "server" situations may be hosted on a workstation OS. The logic and analogy still applies, though the "servers" are probably newer. Plus, once the migration(s) is completed, they might be redeployed. Also, such services that make Win10 EoL may simply be compatible with a simple upgrade to Win11 but may also need some "tweaking" or a clean install thereafter.

NOW, is a GOOD time to get the research regarding replacement hardware/software for those "long in the tooth" servers out there. You may find that more time to deal with the unforeseen will be well worth it. In fact, best to expect the unexpected in migrating key functions. It is not too uncommon to find that some services have been "helpfully installed" by product Support without IT's knowledge. Not uncommon for a well trained power user, with needed administrative privileges, to be snookered by product Support administrative level remote support to "adjust" or make a "fix" to address what seems breakdown of a product, that in fact, is a major upgrade adding a new server services. We come across this from time to time. Some industry verticals are worse than others at doing. Automotive industries and insurance industry related product Support seems to have a taste for these actions that come back much later to bite customers and their IT (internal and/or external).

So a little extra time to make the migration can allow a phased migration, at times with temporary regressions to allow addressing the unforeseen and undocumented issues.

- OCS

08/14/2025

Fact Point (https://www.facebook.com/TheFactPoint?__cft__[0]=AZV1aFbd3KMa5Zj-D0QoeuO7JplZyeA2Y-Asr6ZZMRNrFuwBr0ejQr0DvAlIMnE5rVJeypGiqyMpaLcCdbpmaPuP0Qz2Xs97mrOyhtAQYXfPwYIkDmoBZht9ZHQ_TI37JU7T3rKGPUUPZ-2k783cyyz4T2AG7bZRuSyugudp8vGUIkuopUHDH268-8siGobKLegL1KtmfgZ6ajO0rLHqbhuo&__tn__=-UC%2CP-R) posted on Facebook, "Meta CEO Mark Zuckerberg predicts AI smart glasses will soon replace traditional devices, offering real-time features like translation and object recognition. He warns those without them may face a cognitive disadvantage. Despite major financial losses in Meta’s Reality Labs, he remains committed to AI wearables as the future of computing."

Zuck may have a bit of a point, BUT, automation is NOT the end all. We suspect that while wearable AI can be a huge tool (in a good way), sometimes having a broader/bigger canvas to work with can have major advantages too. Think of how an old-school small notepad can be really handy but not always the best way to organize one's thoughts on broad topics and for design/planning/organizing work where multiple bits of information and/or thoughts may be better considered in a free-form method.

At least with the early releases, this really should be kept in mind.

Further down the road AI lenses could also perform more complex functions allowing a visual-only whiteboard system, likely including a sharing option.

But, we suspect the initial offerings will not have all that function at first.

The point being that automation at any level is often NOT the end all. Further, when it fails, one should always have an "old school" fall back method, especially for important and/or mission critical tasks, can include frequently recurring simple tasks.

07/17/2025

Windows 10 End of Life Coming, Upgrading to Windows 11

Per Microsoft www.Microsoft.com/en-us/windows/end-of-support?r=1 ...

"Support for Windows 10 will end in October 2025

After October 14, 2025, Microsoft will no longer provide free software updates from Windows Update, technical assistance, or security fixes for Windows 10. Your PC will still work, but we recommend moving to Windows 11. Windows 11 offers a modern and efficient experience designed to meet current demands for heightened security."

The above is often referred to as "End of Life" or EOL. Typically, Microsoft's anti-malware (AM) continues to function after EOL, at least for a while. Further, also in the past, Microsoft has issued SOME security patches to an EOL operating system for some of the most critical and most impactful security issues both to minimize bad press and when Fortune 500 and Fortune 100 businesses demand such a response while they are still upgrading tens of thousands of computers per business and hundreds of thousands as a group.

However, nobody should depend on such "kindnesses" from Microsoft, especially when they give more than ample notice of a coming EOL.

Further, in some industries there are requirements ("compliance" and others) that computers are upgraded prior to the EOL date. Similarly, some industry vendors that your company may interact with may have similar requirements. The latter may be true for your entire business or for specific functions in your business such as PCI Compliance (credit card readers and any automation related to credit card information).

Aside from any requirements, as EOL passes, fewer and fewer software developers will support the previous operating systems (less work for them, et cetera) and some of them will start to fail on your EOL systems, sometimes without notice.

So, "What to do?"

First, review that all your mission critical software and hardware is compatible with the new operating system (OS). Sometimes, one has to support BOTH EOL OSes and the new OS in order to support mission critical automation for their business. When this is found to be the case, it is best to maintain pressure with such a software and/or hardware product. It may also be a good time to look for a better provider.

Next, you need to review your hardware for compatibility. For Windows 11, Microsoft provides an application that diagnoses and reports what in a given system is compatible or not.

Plan for replacement computers for the current computers that were previously found incompatible with Windows 11 In the meantime, proceed with upgrades of the compatible computers so any software issues may be identified and addressed in the interim.

The upgrade of Windows 11 has thus far been free in terms of the product, not the labor. It is recommended that the upgrade is performed by your IT, internal or external (consultant). While the upgrade is normally easy and painless, things can come up and even minor changes are often more efficiently noted and addressed by IT personnel.

Note: Microsoft’s upgrade currently notes if the old Windows 10 version (such as Home or Professional) and upgrades to the equivalent Windows 11 version.

Next, you can start the roll-out of Windows 11.

It is highly recommended that business managers are involved interactively in the process. They must take and share ownership in the process. Some may be resistant but A) they have knowledge of their workflow that is critical to success and their sense of satisfaction; and B) their buy-in fosters buy-in of end users. Said managers are critical in identifying groups of users who functions are similar and use the same mission critical software.

From the latter identify a single user, per identified group and their station/computer for the first upgrade.

Considerations include:
• If the user is an IT savvy person, who can and will provide sufficient feedback;
• Consider their impact on production if something goes wrong and they are sidelined for a period;
• Maybe not select the most efficient user for the first upgrade.
For each identified group, upgrade one station/computer and monitor function for a day or two. Address any issues, taking notes. Then roll-out to the rest of the group.

Monitor in the ensuing days, weeks and months.

For one of our clients, we found one mission critical application that slowed after the upgrades but only on upgraded computers and maybe not all of them. For computers purchased with Windows 11 Professional, the speed of that product seemed fine.

The product support for that application acknowledged an issue for the areas that slowed but not that it was related to Windows 11. Regardless, they are working on addressing the issue.

Make a smooth transition to Windows 11 from your unsupported operating system with help from Microsoft. Enjoy the benefits of upgrading to a Windows 11 PC.

03/09/2025

"Phishing emails are sent from criminals in an attempt to fool you..."

A2, a hosting company (hosting websites, mail services, etc.) we work with posted a pretty decent memo on this topic. While they specifically wrote in relation to phishing attacks on their clients/customers, the information is applicable to phishing attempts/attacks against banking customers, software license owners (such as for/from Microsoft). These attacks are often "shots in the dark" using a database of common personal names and other account names using the domain name of whatever "target rich" company targeted in a given attack.

Their article may be found at https://www.a2hosting.com/blog/phishing-scam-protection-tips/

BTW, On-Site Computer Services is now in the hosting business our rates will be published at our website in the near future...

We are still providing our Consulting, Network Engineering, Diagnostics and Repair services as we have since 1992!

- OCS

What is phishing? We explain what it is, common phishing tactics, and practical tips to protect yourself from scams and keep sensitive information secure.

02/26/2025

A recent case of apparent AI (artificial intelligence) bias came to our attention. Note: AI is like almost any tool it works only as well or ill as it is made and then utilized.

The apparent bias came to light in the DuckDuckGo (DDG) Search engine. We did NOT research to determine when, but an AI component was added to the search engine (maybe more recently as we have not noticed anything as odd as the example illustrated below).

HOWEVER, the DDG Search AI can be disabled!

Example (empirical evidence) was a search using the string "Biden 46 Trump 47". The response started with "Agenda 47" but virtually nothing on those two administrations nor the elections bringing them into office. Instead, the results started with one full page plus, strictly regarding recent but previous elections and administrations. The Virtual qualifier is because there was an article noted about Biden 46 something.

HOWEVER, disabling the AI (using the DDG Search settings) and retrying the exact same search string resulted in the DDG Search presenting the elections for those two administrations and the administrations themselves, at least for the first page.

The author cannot determine the motive for the bias but it does seem very evident that at least this bias was coded into the AI.

Recommendation: Regardless of any users' political belief(s), this author posits that cleaner results, at least in the example case, more desired and less subjective results may be expected and desired with the DDG Search AI disabled until it may be determined to be unbiased.

One may wonder how open the AI coding may be and would be interested if anybody has attempted to inspect said code for bias, such as was apparent.

The author notes that the AI enabled engine has produced content slightly more applicable to the string but only barely.

How to disable the DDG Search AI:
1) Perform a search.
2) Click the settings gear logo under and to the right end of the search box (hovering will display "change search settings")
3) Find near the bottom of the pop-up "AI Features" and click the "Manage" link to its right.
4) At the top of the "Assist" section to the right pull down the menu and select "Never".
5) Click "Save and Exit".
6) Close the pop-up.

02/21/2025

"Outlook (New)"

Note: That, "Outlook (New)", is the app name as currently listed in installations of Windows 10 and 11 that have this app (now the default configuration of those operating systems).

The Outlook (New) product is an App that comes with new computers/Windows operating systems. ALSO, it can, apparently, be an unasked-for "update" from Microsoft to existing installations of Windows 10. Yes, it is FREE. Cool but...

The problems are, if you have or plan to install Microsoft Office with Outlook (the regular version), then Outlook (New) can interfere with expected function of your regular Outlook.

Issue(s): As long as Outlook (New) is installed, Windows default app/applications for some/all mail file types is set to Outlook (New) instead of Outlook (from Office) and it loads up then attempting to open said file types from Windows Explorer, browsers, and other applications/apps.

Side Note: The naming convention and icon are both unfortunately very much similar to Outlook (Office) with most users not made aware that Windows is taking them to another version of Outlook. Hence the said users get sucked further into a problem often wasting a fair amount of time before calling IT or their consultant(s), and often providing errant diagnostic information, such as, "For the last couple weeks, my Outlook suddenly hangs up and gets weird when I try to open/add a vCard or calendar item or..." Given that, they end up not only spinning their wheels but adding the cost of their IT/consultant, who also may initially spin their billable wheels. The nature of how this comes to be, especially when installed as an update to an existing computer, operates much like malware spoofing a common product. Indeed Microsoft apparently very much wants users to use this free product instead of a competing product or webmail implementations. But, the ex*****on leaves much to be desired.

For instance, when attempting to add a calendar item from a link in an e-mail, even if already using Outlook (regular from Office) Outlook (Office) may load a browser when initially clicked or to read a given message and some or likely all browsers, when a user clicks said link, reference the Windows defined default app/application for that file type and, yes, mistakenly open Outlook (New) which pretty uniformly fails as it is normally NOT configured to handle e-mail, at least not when someone is using Outlook (Office) as their main mail "client" (software). There are some cases otherwise, but pretty darn rare. Regardless, it either has no store file defined or, conceivably, a different mail store file for another purpose/use.

Other mail file types are also impacted in this or similar manners. We have not tested/documented a complete list of affected mail file types. It appears likely that all file types are affected whenever attempting to open them anywhere but within Outlook (Office).

The Fix(es):

The easiest fix is simply to uninstall Outlook (New) unless really using it for another mail service, such as GMail.
1 - Find Outlook (New) in the Apps section of your Windows Start menu (sometimes in your list of recent apps/applications).
2 - Right-click and select Uninstall.
3 - Complete the normal uninstall process.

The above has fixed every instance of this issue we have come across and utilized this fix.

A [Slightly] harder fix is to scan through file types changing all references to Outlook (New) and setting the default application to Outlook (Office), simply "Outlook". The specific steps are NOT detailed here because it is rarely needed. NOT recommended unless wishing to use the Outlook (New) "client" for a secondary e-mail account/server. This latter scenario has NOT been utilized by OCS as of this posting.

- OCS