Kategorie

Microsoft released 62 updates on Patch Tuesday this week, with three zero-days (CVE-2024-30051, CVE-2024-30046, and CVE-2024-30040) forcing a “patch now” deployment guidance for Windows desktops. Adobe is back with a “Patch Now” update, while Microsoft Office, Edge browsers and Microsoft’s development platform (Visual Studio and .NET) can be dealt with using standard release schedules. 

Unusually for Azure updates, the Readiness team recommends particular attention be paid to an Azure Agent update (CVE-2024-30060), as it can affect corporate VM’s (associated with testing or development platforms). The team has provided an infographic outlining the risks associated with each of the updates for this month’s cycle. 

Known issues 

Each month, Microsoft publishes a list of known issues related to the operating system and platforms included in each cycle; the following two reported minor issues:

• Windows devices using more than one monitor might experience issues with desktop icons moving unexpectedly between monitors or other icon alignment issues when attempting to use Copilot in Windows (in preview). Yes, Microsoft is still working on this one.
• There appears to be an issue with how Windows clients receive their updates after installing KB5034203. Instead of downloading from their peers or designated enterprise update endpoints, clients that use DHCP option 235 will download from the internet instead. Aside from the (serious) security concerns in getting your updates from outside your organization, some clients will see a significant increase in their internet traffic.

And for all you Windows 11 users, Microsoft has reported that after installing this update you might not be able to change your profile photo from the default. (For many, this is a good thing.)

Major revisions 

This month, Microsoft published the following major revisions to past security and feature updates:

• CVE-2024-30009: Windows Routing and Remote Access Service (RRAS) Remote Code Execution. The FAQs were updated for this Microsoft patch. This is an information change only.
• CVE-2024-30044: Microsoft SharePoint Server Remote Code Execution Vulnerability. Microsoft updated the documentation, added a FAQ, and updated the CVSS score for this critical update.
• CVE-2024-30046: Visual Studio Denial of Service Vulnerability. Microsoft has revised the Security Updates table to include .NET 7.0 and .NET 8.0 as these versions of .NET are now affected by this vulnerability. 

I’m not sure where to place this latest (and late) addition to the May patches. Microsoft released a major update (CVE-2024-30060) to the Azure agent (we use this Microsoft tool for our Azure-based application packaging, conversion and testing Virtual Machines). If you are using Azure-based VMs, this update will be important for all your builds. Unfortunately, this vulnerability has been publicly disclosed and adds to our tally of May Patch Tuesday zero days.

Mitigations and workarounds 

As of May 17, Microsoft has not published any mitigations or workarounds for this month’s patch cycle.

Testing guidance

Each month, the team at Readiness analyzes the latest updates and provides detailed, actionable testing guidance. This guidance is based on assessing a large application portfolio and a detailed analysis of the patches and their potential impact on the Windows platforms and application installations.

We have grouped the critical updates and required testing efforts into functional area including:

Microsoft Office

• A change to how OLE handles web content will require a test scenario for embedding and loading external web content (text, images and video).

Microsoft .NET and developer tools

• Microsoft SQL server updates will require a test of new connections with different versions of SQL Server. Line-of-business (LOB) applications that rely on SQL server connections will require a full UAT before releasing this month’s developer update.

Windows

The following core Microsoft features have been updated and might require attention:

• The updates to the Windows Common Error log feature (CLDFLT.SYS) will require testing of creating, reading, updating and deleting (CRUD) log files.
• DNS updates will require testing for non-existing domains registered in each managed zone.
• This month’s update to the Microsoft Crypto library will require tests of new creation and deletion.
• Microsoft’s Routing and Remote Access Servers (RRAS) servers will require light testing for valid connections.
• Smartcard access to Microsoft Windows desktops will require basic access testing.

Aside from updating several key features on the Windows desktop platform, Microsoft also updated the way the following APIs are handled:

• SetFileBandwidthReservation and GetFileBandwidthReservation;
• The MMC and Windows Shell (MPRAPI.DLL);
• Microsoft’s CNG crypto implementation (NCRYPT.DLL).

These are tough updates to test properly, as you need a detailed list of what applications depend upon (and actually use) these APIs. 

Automated testing will help (especially a testing platform that offers a “delta” or comparison between builds). However, for LOB apps, getting the application owner (doing UAT) to test and approve the results is absolutely essential. 

This month, Microsoft made a major (general) update to the Win32 and GDI subsystems with a recommendation to test out a significant portion of your application portfolio.

Windows lifecycle update 

This section will contain important changes to servicing (and most security updates) to Windows desktop and server platforms.

• Support for Windows 10 (21H2) ends this month. In fact, support ends before the next Patch Tuesday. This is serious now, people.
• Microsoft SQL Server (2014 SP3 CU4): the final stage of support (aka Security Support) ends in five weeks.
• Microsoft Visual Studio 2022 loses full support in less than two months.

Each month, we break down the update cycle into product families with the following basic groupings: 

• Browsers (Microsoft IE and Edge) 
• Microsoft Windows (both desktop and server) 
• Microsoft Office
• Microsoft SQL Server (not Exchange Server) 
• Microsoft Development platforms (ASP.NET Core, .NET Core and Chakra Core)
• Adobe (if you get this far) 

Browsers

Microsoft and the Chromium project have been releasing patches to both Chrome and Edge every three or four days since the latest major update in April. So far, there are now seven updates to Chrome (with the recent addition of CVE-2024-30056), all of which are rated important. These security vulnerabilities relate to memory handling and “use after free” issues but have not been reported as exploited or publicly disclosed. Add these updates to your standard release schedule.

Windows

Microsoft published 46 updates for the Windows desktop and server updates. For this (much smaller) release to the Windows desktop platform, the following functional areas have been updated:

• Windows Common Log File System Driver Windows Hyper-V;
• Windows Cryptographic Services;
• Windows DHCP Server;
• Windows NTFS;
• Windows Win32K – ICOMP;
• Windows RRAS and Remote Access Connection Manager.

Unfortunately, we have three zero-days (CVE-2024-30051, CVE-2024-30046, and CVE-2024-30040) that affect the Windows platform. The team at Readiness has already discovered several applications that are particularly vulnerable to the DWM vulnerability (CVE-2024-30051) which could lead to full SYSTEM (caps added by Microsoft) privileges on the compromised system. Add this update to your “Patch Now” schedule.

Microsoft Office 

Microsoft released just three updates for the Office platform. CVE-2024-30042 addresses a remote code execution vulnerability in Excel that is both challenging to exploit and non-wormable. The other updates relate to Microsoft SharePoint. All are rated important and should be added to your standard desktop release schedule. 

Microsoft SQL Server (not Exchange Server)

Microsoft has not released any patches for Exchange Server but did push out a single update (CVE-2024-30054) rated important for SQL Server. This update to SQL Server Power BI feature really belongs in the developer release cycle, as it updates Software Development Kit (SDK). Add this to your standard developer release schedule.

Microsoft development platforms 

Microsoft released four updates to the development platform, affecting Visual Studio and .NET for those deploying and managing desktop patches. Add these to your standard developer release schedule.

Adobe Reader (if you get this far) 

We are back! Adobe released an update to Adobe Reader (APSB24-29) covering 12 memory related and “use after free ” security vulnerabilities that have a serious rating of 8.8. This attracts a “Patch Now” rating from the Readiness team due to Adobe Reader’s tight integration with the Windows desktop ecosystem.

Microsoft, Security, Windows, Windows 10, Windows 11, Windows Security

Out of the box, my first reaction when taking hold of Apple’s all-new 11-in. M4-powered iPad Pro was how light it was, closely followed by some sense of wonder at how thin it has become. 

The model I’ve been using weighs just 0.98-pounds. (This is the version with both Wi-Fi and cellular capabilities; the equivalent 13-in. model weights 1.28 pounds.)

You got to carry that weight…

To put this into perspective, the previous generation 11-in. model weighed just a little more, 1.04-pounds — but that small, roughly 5% weight reduction is still quite tangible. 

I think it’s worth noting that Apple’s first ever cellular-equipped iPad weighed 1.6-pounds when introduced in 2010, meaning this iPad Pro is only 61% as heavy as that first-gen product, the one thousands of C-suite executives acquired.

At 5.3mm, it’s super-thin, too. (The 13-inch model is even thinner). Apple claims it is the thinnest product it has ever made; it’s even thinner than the iPod Nano I sentimentally keep on my desk.

You’d think that thinness would make it easy to bend the product. I’m not about to try that, but I have found the iPad is reinforced with an additional spine to make it more resilient. My take is that you’ll have to try pretty hard to bend this thing, or you could try sitting on it by mistake when taking a flight, as I recently did with another model. It’s probably best to be careful.

Apple Got to get yourself connected

The second set of reactions kicked in once I turned on the device. I’m always impressed at how Apple continues to improve the on-boarding process for its products. To get this machine working, I just had to bring my iPhone across, go through a very simple set up process, create a PIN code and wait for my apps and data to shift over from iCloud. That process takes longer the more data you need to transfer, but it’s painless.

If you’re setting up a managed device, it will be quite similar, though you’ll probably need to enter your Managed Apple ID before the iPad Pro is provisioned for you and your company. Apple’s on-boarding process is excellently executed.

Looks are sometimes everything

Once the iPad had stuffed itself with my data, I picked it up and began to use it.  That’s when my fourth big reaction kicked in: the image quality on the tandem OLED display is stupendous. 

I mentioned that ill-fated iPad-wrecking flight I took. While I was away, I took holiday photos, including a selection of beautiful, luscious, green landscapes. I like these images, but I have been truly impressed by the true-to-life detail and excellence in color rendering on this particular machine. The multitude of different greens you see in a forest really snap out at you, like being there. 

There’s a reason for this, of course. Both iPad Pro models feature what Apple calls an Ultra Retina XDR display and modestly describes as “the world’s most advanced display.” Those greens, deep true blacks, and all the other visual details are there because these displays use technology similar to what’s used in Apple’s XDR display for Macs. 

And those Mac displays deliver images just as good as the hugely expensive “reference displays” you find in movie studios. That’s great for iPhoto collections, of course, but also means that when you’re working on video footage or photos in the field, you get state-of-the-art color accuracy on a display that’s bright and beautiful. And packed inside a mobile device with a 10-hour battery life weighing less than a pound. That’s great for creatives.

A mobile creative powerhouse

In case you want the technical details, the display can reach a peak 1,600 nits brightness and a stable 1,000 nits most of the time. It also has a 2,000,000-to-1 contrast ratio, which is another reason colors really pop. And yes, if you need professional color, the device can display reference color for all the popular color standards. This display is a professional workhorse.

But iPad Pro isn’t only for creatives. And while Apple does tend to focus on the creative markets in its marketing materials, this system has something to offer any professional who needs a high-performance and highly portable system for any reason.

It might be over-specced for some enterprise uses of tablets (for which the iPad Air remains a more logical choice). But for use in some sectors (medical, education, and architecture, for example) the iPad Pro’s excellent display is most certainly part of the attraction.

Of course, some of the most challenging users really need to get the best possible performance, and you get that here thanks to the M4 chip inside. 

Possibly, the world’s best AI PC…

Apple suggests it needed to use this processor because it wanted to make the iPad Pro thin and to drive the amazing display. The move to M4 also means you get a huge leap in processor performance (1.5x faster than the last model) and graphics (rendering is four times faster).

But what may become more important is that the deployment of this chip means the iPad Pro with M4 will perhaps soon become the world’s ultimate AI-driven tablet, about which we’ll learn much more at WWDC. 

I’m willing to speculate that once Apple introduces generative AI in iPadOS, the iPad Pro will be seen as even more than a tablet; you’ll even be able to control it with voice and glance. Think about that and recognize that this means it will also become the ultimate mobile computing (with AI) experience. If Apple gets it right. 

If your computer interactions are no longer reliant on keyboard and mice, and your device can deliver the computational power (thanks to the M4 chip) you require, at what point does the PC become history? I think these iPads are part of that story.

But let’s not focus too much on what isn’t here yet, because what we actually have is quite something already. The iPad Pro can easily handle powerful apps such as Procreate, or large spreadsheets, or video apps, or whatever you need to run; all will run faster, perform better, and complete their tasks more swiftly than before. 

(It also gives developers of mobile apps an on-ramp for the addition of powerful new features in the future, and a glimpse at M4 Macs.)

What about the Magic Keyboard?

I’m using the iPad Pro with Apple’s new Magic Keyboard. I love it. 

Not only does it provide a 14-key function row, but it has been designed to include a comfortable aluminum palm rest and a much bigger, haptic trackpad. It makes working with iPad Pro much more Mac-like, especially as the keypad is backlit for use in darker places. The keyboard is comfortable to use and responsive — so much so, that I’m writing this review with it. 

The keyboard is a little heavy. At 1.27 pounds (according to my scales), the Magic Keyboard is actually heavier than the iPad Pro it holds, though the keyboard is a little lighter than the last version. Together, that’s a combined weight of 2.3 pounds — considerably lighter than a 3.4-pound 13-in. MacBook Pro .

Of course, these do different things, and your iPad Pro can deliver all its functionality in a lighter case, along with that precious, Made For AI M4 chip. 

Weight aside, if you intend on using your iPad Pro as a highly mobile productive device, the Magic Keyboard is a must.

Write me kindly, sir

Digital creatives have another must-have accessory, the Apple Pencil Pro. Actually, a tiny computer in a pencil, the real achievement here is that Apple has managed to cram so much into something that feels just like the original Apple Pencil.

This iteration lets you squeeze the side to bring up a tool palette; you get unlimited undo; double tap; and a new barrel roll capability which changes the orientation of shaped pen and brush tools. You also get haptic feedback, so when you do something, you’ll feel something, and support for existing pencil features like low latency and “hover.” (Hover lets you precisely place where you want to be, with on-screen objects jumping at you.) 

It’s the squeeze function I find most useful; it makes the pencil so much more intuitive to use, as I’ve always kind of struggled moving between modes. Now, it seems much more natural. There are six sets of commands you can set Squeeze to handle, but only one can be in use at any point. The only limitation at present is that apps must be updated to gain all these tools. 

More to think about

There are lots of elements I’ve not touched on. One of these is the iPad Pro probably won’t get too hot, as thermal performance has been improved by almost 20%. Another is the four speakers and four microphones inside the system, which support the new landscape front camera to make the device a great tool for video conferencing on Zoom, FaceTime, WebEx, even Teams (if you must). 

The primary camera has also been improved for better performance in low light, augmented by AI to secure better images. There’s a built-in document scanner function and a LiDAR camera.

Who pays the iMan?

What may be the world’s most advanced mobile device comes at a price. The model I tested has the nano-texture glass (what’s this?) and 1TB storage. It costs $1,899. 

Add the Apple Pencil Pro at a surprisingly low $129 and Magic Keyboard at $299 and the combined system I’ve been testing costs $2,327 — just $71 less than the top-of-the-range 14-in. MacBook Pro with an M3 Pro chip. 

Price isn’t the only consideration, of course. You don’t necessarily have to get nanotexture, unless robust color accuracy is something you need. You might not want 1TB of storage. You might not even need cellular, the pencil, or the Magic Keyboard. The entry-level configuration will set you back $999, and frankly from what I’ve seen, you’re still getting a lot at that price. (If you are price conscious, the also-new iPad Air might be precisely what you need. I can’t say, as I’ve not yet looked at that model since I broke my own iPad on that flight.)

Who is this for?

Apple’s varied range of iPads now has something for every price point. The iPad Pro is for aspirational Apple fans, high-end mobile creatives, critical workers in some industries, designers, movie makers, quite possibly data analysts, IT admins and (as ever) the C-suite executives who get everything.

It’s also an amazing, high-class product that I think checks the boxes for almost every task we once relied on computers to achieve. I can’t wait to see how Apple plans to exploit the computational capabilities of the device in the days ahead.

On its own account, the iPad Pro with M4 is a very desirable machine, and while most of us might choose an M2-based iPad Air, those who don’t can look forward to a great experience. And the rest of us can look forward to at least some of these improvements extending across Apple’s other tablets over time.

Please follow me on Mastodon, or join me in the AppleHolic’s bar & grill and Apple Discussions groups on MeWe.

Apple, iOS, iPad, Mobile

The cryptojacking group known as Kinsing has demonstrated its ability to continuously evolve and adapt, proving to be a persistent threat by swiftly integrating newly disclosed vulnerabilities to exploit arsenal and expand its botnet. The findings come from cloud security firm Aqua, which described the threat actor as actively orchestrating illicit cryptocurrency mining

The cryptojacking group known as Kinsing has demonstrated its ability to continuously evolve and adapt, proving to be a persistent threat by swiftly integrating newly disclosed vulnerabilities to exploit arsenal and expand its botnet. The findings come from cloud security firm Aqua, which described the threat actor as actively orchestrating illicit cryptocurrency mining Newsroomhttp://www.blogger.com/profile/[email protected]

The intersection of Linux and quantum computing has become increasingly apparent, emphasizing the importance of Linux-based operating systems in developing and deploying quantum computing technologies. As quantum computing technology advances, there is a growing need for operating systems that can support quantum computing frameworks. This interdisciplinary discussion should be particularly interesting to Linux admins, infosec professionals, internet security enthusiasts, and sysadmins as the impact on security and infrastructure is significant.

Cloud Software Group, the parent company of Citrix Systems, is considering selling its content-sharing platform ShareFile, according to sources cited by Bloomberg. This move is likely part of a broader strategy to streamline operations under its private equity ownership.

The company is reportedly working with a financial adviser to assess interest from potential buyers.

ShareFile, valued at an estimated $1.5 billion, offers document-sharing and collaboration software that integrates with popular apps like Microsoft Outlook.

Bloomberg sources, citing anonymity, suggest the platform might attract interest from private equity firms, though the discussions are in the early stages and may not translate into a sale.

The disinvestment of ShareFile is seen as a strategic move by Cloud Software Group to refocus on its core competencies.

“There are a couple of things which could drive this move,” Neil Shah, VP for research and partner at Counterpoint Research said. “First, the cloud-driven enterprise content management systems space has seen significant growth and competition from established players from Box, and Dropbox to Microsoft’s own SharePoint and OneDrive, as well as other strong contenders such as Egnyte, Kiteworks and Syncplicity.”

Second, the sector has undergone major transformations with each technological shift, impacting leadership, IPOs, exits, mergers, and acquisitions. The evolution from the first wave of on-premises client-server architecture to the second wave of real-time cloud sync, and now to an emerging third wave driven by AI and automation with real-time intelligent collaboration, has reshaped the landscape and increased competition, said Shah.

Microsoft has been rapidly expanding its enterprise offerings with cloud services (Azure), AI tools (CoPilot), productivity tools (Office 365), and file management solutions (OneDrive, SharePoint), enabling unprecedented real-time collaboration.

“So, companies like ShareFile that are heavily dependent on or integrated with partners such as Microsoft, face increasing competition,” Shah added. “ShareFile despite being one of the industry-leading solutions for more than a decade, the parent company is forced to evaluate ShareFile’s strategic future capabilities, positioning, and value vs a formidable competition, and now would be a good time to spinoff and profit from the business when it is at peak.”

Why sell ShareFile?

This reported spinoff move comes after Citrix was made private in a $13 billion deal by Elliott Investment Management and Vista Equity Partners in 2022. As part of the deal, Citrix and Tibco Software merged to form Cloud Software Group, the current parent company and inherited a wide range of products and services. Streamlining the portfolio could help Cloud Software Group optimize its operations and allocate its resources more efficiently.

However, the substantial debt burden from the leveraged buyout has demanded financial restructuring. Cloud Software Group has been actively managing its debt, recently pricing a $6.5 billion leveraged loan, the largest in the US this year, to refinance the expensive debt it incurred for the buyout.

The spinoff of ShareFile could be a step towards alleviating some of the financial pressures resulting from the expensive leveraged buyout, Shah reasoned.

Cloud Software Group, Vista Equity Partners, and Elliott Management have not yet responded to this report, Bloomberg said.

Citrix Systems, Collaboration Software

Google’s Gemini will soon be available to education institutions, the company said Thursday, with the generative AI (genAI) assistant able to help teachers draft lesson plans and create personalized learning materials. 

Gemini will come to Workspace for Education subscriptions on May 23 via two optional paid add-ons: Gemini Education, a “lower priced” offering with monthly usage limits, and Gemini Education Premium. 

Gemini Education provides access to genAI features in Workspace apps such as Docs, Sheets, Slides, and Gmail, alongside access to the Gemini chatbot. The premium version offers additional features in Google Meet, such as AI-powered note-taking and video conversation summaries.

“Gemini AI assistant brings genAI capabilities to the full suite of tools educators are using across the Workspace ecosystem,” said Matthew Leger, senior research manager on IDC’s Government Insights team. “This is important because, in education, I often see schools adopt a range of AI tools from different providers, leading to what I call ‘AI siloes’ that make AI governance, management, and cost control challenging.” 

Leger added that these different tools can vary widely in quality and effectiveness, “so it is nice to now have some of the most powerful genAI models on the market available across many of the tools educators use every day, through one provider.”

Google in a blog post said it sees a range of uses for Gemini in education settings. Teachers, for instance, can use the tools to create a lesson plan, syllabus, or class exercise, with the ability to tailor content to student interests and skill levels. Gemini can also be used to generate images that can help bring concepts to life for students, Google said. 

Google will also let teaching staff interact with learning tools via the Gemini conversational interface. Teachers can type “@OpenStax” in a prompt to receive responses based on the Rice University’s OpenStax textbooks, with in-line citations and links to relevant pages. A Data Commons extension — Google’s open source data repository  — will similarly provide access to data on complex topics such as climate change or economics. 

One of the key drawbacks of the large language models (LLMs) that power genAI tools such as Gemini is the tendency to hallucinate. With this in mind, the ability of the OpenStax and Data Commons extensions to pull information from trusted sources is an “important step” toward addressing user concerns, said Leger. The addition of a “double-check” feature also makes it easier to fact check outputs Gemini.

Outside of faculty staff, Gemini can help IT staff at an education institution create documentation, or assist a superintendent to create a newsletter or draft a job description. And students over the age of 18 can be given access to the Gemini chatbot for free when the AI assistant is enabled by an education institution’s IT admins.

Where generative AI tools are used effectively, there’s potential to significantly reduce the administrative burden on educators, he said. 

Leger also pointed to the introduction of LearnLM by Google this week, a language model grounded in education research built specifically for learning purposes.  

“This is critical because most language models in use today, while helpful for creating learning materials, aren’t necessarily trained in the same way educators are trained,” said Leger. “So, with a language model trained with educators in mind, the usefulness of these capabilities for educational purposes will only increase.”

Along with some of the potential benefits, educators that use genAI tools such as Gemini Education should be aware that while LLMs continue to improve, outputs can vary significantly, depending on how a question is asked. 

“It is really, really important to develop and refine prompt engineering skills to be able to use these tools effectively,” said Leger. “This is a skill we will always need to brush up on over time and get better at.”

Users should also be wary of potential biases and a lack of explainability around responses. To ensure safe and ethical use of the tools, customers should work with the provider to understand what goes into the model and any resulting limitations, said Leger.

Leger also advises that educators look beyond possible productivity gains as a marker of success when it comes to AI investment. 

“The real magic in AI is its ability to make education more human, not less, by giving educators time back in their day to spend interpersonal time with students,” he said. “If we make these AI investments without taking advantage of this, we will lose a big opportunity to improve student satisfaction and success.”

Education Industry, Generative AI, Google

Editor’s note: The UK parliament this week debated a proposal to exonerate those wrongfully convicted of fraud due to flaws in a Post Office computer system, while an independent public inquiry into a cover-up of the flaws heard evidence from former Post Office CIO Lesley Sewell. Here, Marcus Jerräng, editor in chief of Computerworld Sweden, gives an outsider’s perspective on a uniquely British affair.

Say the phrase “IT scandal” and many might think about the mess around Transportstyrelsen  (the Swedish Transport Agency) or Computer Sweden’s revelation of the 1177 data leak (affecting Sweden’s emergency service number). But they both pale in comparison to what has been described as the most widespread miscarriage of justice in Britain’s history: the Post Office sub-postmaster scandal.

The Post Office scandal goes back 25 years and can’t be easily summed up. But it began when the British postal service introduced a new IT system for 14,000 Post Office branches: Horizon, a cash register system from Fujitsu intended to automate accounting for sub-postmasters – the franchise owners that run local post offices. 

The system quickly showed missing funds for many sub-postmasters, who couldn’t explain the shortfalls and were unable to trace the errors as they could when accounting was done on paper. The result was that over 900 sub-postmasters were prosecuted over the ensuing 15 years for theft and false accounting. Hundreds were sent to prison, with many more handed other punishments, while countless numbers were driven into bankruptcy and became deeply indebted. 

But it turned out that the sub-postmasters had done nothing wrong. The problem lay in the Horizon system. And, to make things worse, the Post Office had attempted to hide it all by intimidating the sub-masters into silence over the IT problems with threats of legal action. 

The problems with Horizon were revealed as far back as 2009 by tech news site Computerweekly and the story has continued to run, with, among other things, a large class action lawsuit and an ongoing government enquiry. So far, around 90 convictions have been overturned. 

In January this year, the story suddenly exploded into the political debate when the TV channel ITV broadcast the drama series “Mr Bates vs The Post Office,” which portrayed the history of the sub-postmasters who had their lives ruined by the IT scandal. The TV series sparked huge media and public pressure, which led to debate and a parliamentary inquiry, with strong measures from politicians.

In March, a new law was passed with the aim of overturning all convictions. A huge program of compensation payments is planned, where convicted sub-postmasters are each offered £600,000 ($760,000), while others that were affected in other ways — such as those who paid out of their own pockets to cover the discrepancies reported by the IT system – will also be compensated. 

According to British politicians, there could be as much as £1 billion ($1.27 billion) paid out in total.

No one has been held personally accountable for the situation, either at the Post Office or service provider Fujitsu. The Japanese IT giant saw its share price drop by hundreds of millions of dollars after the TV series premiered, and Fujitsu’s global CEO, CFO, and head of European operations have all subsequently apologized publicly.

“We were involved from the very start. We did have bugs and errors in the system. And we did help the Post Pffice in their prosecutions of the sub-postmasters. For that we are truly sorry,” Paul Patterson, Fujitsu’s Europe chief, said during a parliamentary inquiry in January, where he also indicated that the IT service provider would contribute to compensation for those affected. 

Although the saga has continued for 25 years, it isn’t over yet. The commission appointed to review the situation continues its work and is expected to present its results in the fall.

The TV services “Mr Bates vs The Post Office” had its Swedish premier on March 27. It may be worth reflecting on the power IT has over people when watching the show, not least in a time when automation and AI is playing an increasing role in important decisions and processes for both government and business. 

Because, even if IT and digitization can do a huge amount of good, bad IT systems can – literally and demonstrably so – ruin people’s lives.

Technology Industry

A new report from XM Cyber has found – among other insights - a dramatic gap between where most organizations focus their security efforts, and where the most serious threats actually reside. The new report, Navigating the Paths of Risk: The State of Exposure Management in 2024, is based on hundreds of thousands of attack path assessments conducted by the XM Cyber

A new report from XM Cyber has found – among other insights - a dramatic gap between where most organizations focus their security efforts, and where the most serious threats actually reside. The new report, Navigating the Paths of Risk: The State of Exposure Management in 2024, is based on hundreds of thousands of attack path assessments conducted by the XM Cyber The Hacker Newshttp://www.blogger.com/profile/[email protected]

Cybersecurity researchers have shed more light on a remote access trojan (RAT) known as Deuterbear used by the China-linked BlackTech hacking group as part of a cyber espionage campaign targeting the Asia-Pacific region this year. "Deuterbear, while similar to Waterbear in many ways, shows advancements in capabilities such as including support for shellcode plugins, avoiding handshakes

Cybersecurity researchers have shed more light on a remote access trojan (RAT) known as Deuterbear used by the China-linked BlackTech hacking group as part of a cyber espionage campaign targeting the Asia-Pacific region this year. "Deuterbear, while similar to Waterbear in many ways, shows advancements in capabilities such as including support for shellcode plugins, avoiding handshakesNewsroomhttp://www.blogger.com/profile/[email protected]

Got extra smartphones sitting around your office? How about tablets? As we move multiple generations into mobile technology, more and more of us are building up collections of old, dated devices from both our work and our personal lives. And more often than not, those devices do little more than take up space and gather dust.

Here’s a little secret, though: Your abandoned Android gadgets are actually virtual gold mines. You just have to find the right way to tap into their potential and give them new life.

So grab the nearest DustBuster and get ready: Here are 25 ways to make your old phone or tablet useful again.

1. Use it as a wireless trackpad and controller for your computer

With the right software and a couple minutes of configuration, your old Android device can act as an on-demand controller for your Windows, Mac, or Linux computer.

An app called Unified Remote and a Wi-Fi or Bluetooth connection are all you need to make the magic happen. The free version of the app gives you basic mouse and keyboard control along with specialized remotes for media playback and power-related commands, while the full $5 version adds in program-specific remotes for presentation control along with other advanced features.

Unified Remote provides basic mouse and keyboard control along with a variety of specialized remotes.

JR Raphael / IDG

Grab whichever version you prefer and download the server-side software for your computer — then toss your old device into a desk drawer or computer bag and rest easy knowing it’ll be ready and waiting the next time you need to go wireless.

2. Turn it into a remote computer terminal

Want easy access to your home computer from the office — or vice-versa? Your old Android phone or tablet can be a splendid stationary screen for keeping a remote system at arm’s reach.

And it couldn’t be any easier to make that happen. All you need is Google’s free Chrome Remote Desktop program on both your computer and your old Android device, and your phone or tablet will effectively become a window to your desktop.

I’ve got a thorough guide to the Chrome Remote Desktop setup process, if you want step-by-step instructions — but the short version is that you’ll need to install the official Google Chrome Remote Desktop extension into Chrome on your computer, then open the Chrome Remote Desktop website and follow the prompts to set up remote access.

Snag the companion Remote Desktop Android app, get all signed in there, and that’s it: Your old Android device is now a full-fledged terminal and access point for any computer you want.

3. Make it a portable storage device

Cloud services may often be the simplest way to store and transport files nowadays, but there’s something to be said for good old-fashioned physical storage — both in terms of consistent availability regardless of connectivity and in terms of the added assurances having especially important files in your own pocket can provide.

While there’s certainly no shortage of high-quality portable thumb drives and external hard drives available, any old Android device is essentially the same thing — with the added advantage of also offering up an easy interface for interacting with anything on its local storage and optionally dropping such files into an email, a Slack chat, or any other cloud-connected spot should the need ever arise.

Just securely erase your Android device to give it a fresh start and free up as much space as possible, then plug it into your computer to transfer files from the computer to the phone or tablet.

You’ll have ample room for whatever you need to store, and you can easily carry it around or keep it somewhere safe — then connect it to another computer or rely on assorted Android business apps for managing the files, emailing them, sharing them in collaborative environments, or anything else that may come up.

4. Reposition it as an AI-powered chatbot interface

Generative AI systems are quickly becoming critical tools for company productivity, and an old Android device is the perfect vessel for creating a dedicated on-demand AI chatbot interaction station.

This one’s especially easy, too: Just install the ChatGPT Android app, the Gemini Android app, the Microsoft Copilot Android app, or any other AI tool you use — then keep it front and center on your old device’s home screen.

In the case of Gemini, you can also opt in to allowing Gemini to take over the role of your default system assistant and make it available via a Hey Google voice command.

And just like that, you’ve got a generative AI chatbot at your beck and call 24/7 without having to have it take over your current Android device and run down its battery.

5. Give yourself a separate work and personal phone

With more and more companies taking a bring-your-own-device approach for the workplace, the lines between our personal and professional lives are getting increasingly blurry.

And while Android does have some decent options for creating separate work and personal profiles — both natively, if your phone is part of an enterprise-managed arrangement, and with a little creative configuring in any other scenario — there’s an undeniable appeal in creating a formal barrier between your worlds and being able to leave your work completely behind when the opportunity arises.

So think about using your old Android device as a dedicated work or personal phone and setting it up explicitly for that purpose, then using your current Android phone exclusively for the other role. That’ll give you separate physical devices for your separate life roles — the kind of power most people only dream about seizing these days.

6. Use it as a universal smart remote

Even the junkiest old Android device has ample power to serve as a smart remote for your home or office. That can be a helpful way for you and anyone else around to control your various smart devices and multimedia components without needing any special access (or your own current personal phone in hand).

First, the easy part: Load up your old phone or tablet with all the relevant apps for your smart-device setup — things like Nest, Hue, and anything else appropriate for controlling your home or office tech.

Next, think about adding some tools that’ll let the device handle any audio and video systems in your area. There are a few ways you can make that work:

• Pair the phone or tablet with one of Google’s ultra-affordable Chromecast with Google TV dongles. You can then keep the old Android device on your desk or coffee table and use it as a hub for wirelessly casting content — everything from Netflix and YouTube to TED Talks, CNBC, and Google Slides — to your TV.
• Use your device as a dedicated remote for your home or office entertainment setup. If the device is running an Android version from 2012 or later, you can give yourself a ready-to-roll Google TV remote that’ll work with any compatible streaming products by installing and then signing into the official Google TV app. The Play Store also has a variety manufacturer-made apps for controlling specific components, including those by Comcast Xfinity, AT&T U-verse, and Roku.
• Set up a full-fledged media server using Plex, then use your old device as a dedicated remote to stream your own local content to a TV. (The Plex media server software is free; a premium subscription with added features runs $5 per month, $40 per year, or $120 for a lifetime license.)

7. Let it power scientific research

Here’s something: Your clunky old Android device could actually help scientists search for extraterrestrial life, detect earthquakes, or improve cancer treatments.

It’s all part of a series of programs that use your device’s computing power to conduct scientific research. Some of the more worthwhile options:

• Zooniverse connects your phone or tablet to a variety of research projects ranging from wild beluga whale identification to breast cancer tumor mapping.
• DreamLab is a project helmed by Vodafone that aims to uncover insight into how cancer relates to a patient’s DNA profile. That, in turn, could allow for the development of more specific and effective cancer-fighting drugs. More recently, the app has also been focused on COVID-related research as well as climate change.
• MyShake, from the UC Berkeley Seismological Laboratory, uses your device’s sensors to detect and analyze earthquakes. If you live in an area where earthquakes occur, leaving your device plugged in and on a stable surface will provide the scientists with valuable real-time data about any seismic activity.

All of the apps work in essentially the same way: After downloading and installing (and sometimes going through a brief setup or sign-in procedure), you simply plug your device in and turn its screen off. As long as it remains connected to an active Wi-Fi network, researchers will be able to put its processing power to use.

Apps like Zooniverse, left, and DreamLab, right, can turn your old Android tablet or phone into a scientific research machine.

JR Raphael / IDG

8. Transform it into a free-standing security camera

Who needs a fancy-schmancy connected camera when you’ve got an old Android phone sitting around? With the aid of a third-party app, the camera on your dated device can let you keep an eye on your home, office, or top-secret crime lair from anywhere — and even perform advanced functions like video recording and motion detection.

Just download the free IP Webcam app or get the fully featured $5 pro version and follow its instructions. Within moments, you’ll be able to peek through your device’s lens from any compatible web browser and cackle with glorious glee.

9. Repurpose it as a dedicated camera

Smartphone cameras just keep getting better, but we’re reaching a point where even cameras from a few years back are really quite good — and the differences between them and their more current siblings are relatively subtle.

With that in mind, an old Android device can be a perfect way to have a ready-to-roll camera at your disposal for times when you might not want your primary phone to be out and about on your adventures — whether you’re worried about it getting wet or damaged or maybe just trying to disconnect from the world of work-related dings and pings for a while.

The best part about this setup that is no special preparation is even required. Just grab the old phone and go, and rest easy knowing your “real” phone is safe and sound somewhere far away from whatever you’re photographing.

10. Reframe it as a full-time videoconferencing station

Set up your old Android device with the app for your video-chatting platform of choice — Zoom, Google Meet, Skype, or whatever the case may be — then drop it into a dock on your desk or conference room table. Say “hocus pocus” for good measure, and ta-da: You’ve just created a permanent access point for virtual face-to-face communications.

Just think: With enough old phones and tablets, you can create an entire house- or office-wide videoconferencing system. Sign each device into its own unique account, with the name of the room as its username, and seeing someone across the building will never be more than a couple quick taps away.

11. Turn it into a kitchen command center

Hard to believe, but my ancient 2011 Motorola Xoom tablet was one of the most used devices in my house until it finally kicked the bucket some six years into its life. That’s because I converted it into a multipurpose command center for our kitchen — a role my 2012 Nexus 10 tablet then took over for another couple years after that.

So how to make a kitchen command center of your own? Easy: First, use a custom Android launcher like Niagara Launcher or Nova Launcher to simplify your old tablet’s home screen and add in some easy-to-perform gestures — like double-tapping anywhere on the screen to launch Android’s voice search function for on-the-fly info-gathering and other hands-free commands.

Second, populate the home screen with the right apps for the purpose. Netflix and other video-streaming services will effectively turn your old tablet into a cooking-time television. Recipe apps can also be useful, as can Android note-taking apps — like Google Keep, Microsoft OneNote, and Notion — for quick viewing of personal recipes or editing of always-synced family-shared shopping lists.

If you really want to get wild, you can even set up a smart-display-like screensaver that’ll turn your device into a customizable intelligent info center whenever you aren’t actively using it — kind of like what Google has tried (but thus far mostly failed) to accomplish with its not-so-old Pixel Tablet product.

12. Make it a data-based extension of your current phone service

If you use Google Fi (formerly known as Project Fi) for your current phone’s wireless service, take advantage of a little-known bonus feature: the ability to get an extra SIM card that’s connected to your account and able to provide data on any other device — without any superfluous fees.

All you’ve gotta do is order the card from the Google Fi website, pop it into an old phone (or a tablet, if you happen to have one with a SIM slot) — and bam: That device is instantly online and connected. You’ll pay only for whatever mobile data the device uses in any given month, at the same flat rate associated with your regular Fi plan, so it’s essentially just an extension of your primary phone.

That opens up plenty of interesting possibilities: You could use your old device as a ready-to-go backup phone in case your regular one is ever missing, broken, or low on battery; you could use it as a dedicated hotspot to beam out mobile data access without draining your primary phone’s battery; or you could use it as an always-connected on-the-go slate for your kids (hello, airport video-streaming) without having to pay for an extra line of service.

13. Make it your live window into the world

Don’t have the greatest view from your desk? Let your old Android phone or tablet be your window to wild and exciting locales.

To get started, grab the EarthCam Webcams app from the Google Play Store. It’ll give you one-touch access to an impressive list of live streaming cameras around the world, from the hustle and bustle of New Orleans’ famous Bourbon Street to the swooshing serenity of Niagara Falls. Pull up any view you like, then tap the icon to go full-screen and gaze the day away. If you find yourself craving some variety, you can consider upgrading from the app’s free collection to a set of 175 live cameras for a one-time $5 fee.

EarthCam lets you gaze down Niagara Falls — or a slew of other webcams around the world — for a break from the mundane.

JR Raphael / IDG

You can find quite a few mobile-friendly live cameras on the web as well: Pull up your device’s browser and try out the San Diego Zoo’s assorted animal cams — including a penguin cam, koala cam, and tiger cam, among other exotic views — or the Monterey Bay Aquarium’s extensive underwater cams for even more “aww”-inducing options.

14. Convert it into a digital photo frame

Ah, memories. Snag an inexpensive stand, plug your device into its charger, and turn it into a cloud-connected photo frame for your home or office.

If you use Google Photos, just open up the app, tap on any photo in your main library or within a specific album, and then tap the three-dot menu icon in the upper-right corner of the screen. Scroll horizontally along the menu that appears and select “Slideshow.” The app will cycle through your photos and give you plenty of memories to reflect upon whilst relaxing or taking care of business.

If your old Android phone is a Pixel, you can also set it on one of Google’s official Pixel Stands to start an ever-evolving Photos-linked slideshow showing any specific albums or even specific people you want.

15. Use it as a dedicated e-reader

Want a distraction-free reading environment for your next business trip or public transit commute? Load up your old Android device with only the apps you need for reading — Google Play Books, Amazon Kindle, Nook, or whatever tickles your text-ingesting fancy.

You can even borrow books from your local library: Check with your nearest branch for information on how to do it or download the free OverDrive app, which is used by a variety of libraries, schools, and institutions.

Be sure to disable notifications from Gmail and other noisy apps — heck, even switch the device into airplane mode once you’ve downloaded the content you need — and you’ve got the equivalent of a dedicated e-reader without all the usual phone or tablet temptations.

16. Transform it into a dedicated desk calendar

Dock your old device on your desk and put it to work as your personal calendar. Google’s own Calendar app can get the job done with plenty of productivity-oriented elements, or the free DigiCal Calendar Agenda app will give you an even more graphical and customizable interface that’s perfectly suited for this purpose.

The DigiCal app looks especially sharp in its landscape (horizontal) orientation.

JR Raphael/IDG

DigiCal is free with an optional $5.50 upgrade for extra themes and customization options.

17. Treat yourself to a dedicated audio player

The idea of an iPod may seem amusingly antiquated at this point, but there’s something to the idea of having a dedicated device for the specific purpose of playing podcasts, music, or even just some manner of white noise.

By outsourcing that task to an old Android device, you can grant yourself the freedom to leave your current phone behind when you’re working out, doing something outside, or even just taking a break from business on the weekend — and eliminate the temptation to keep checking your inbox or looking at other work-related distractions.

You can also give yourself a great way to listen to audio while traveling without having to wear down your primary device battery during a long day of flights.

18. Make it a mounted command center for a non-connected car

Save yourself the hassle of futzing around with your current phone in your car by turning your old device into an always-available command center for a car that doesn’t have its own built-in equivalent.

Just find a decent car dock and mount the device somewhere safe. Be sure to plug it into your car’s power port and connect it to the stereo (via Bluetooth or a 3.5mm headphone jack). Then, either use your primary phone as a hotspot to keep it online or go the economical route and download any necessary music and directions before you hit the road, while you’re still connected to Wi-Fi.

All that’s left is to open up the Google Maps app and start a navigation — or say Hey Google, driving mode, if the device is recent enough to feature Google Assistant — and you’ll be moving full-speed ahead with a simplified interface and ready-to-roll voice commands.

19. Turn it into a kid-friendly learning tool

Your old tablet may seem tired to you, but it’s still top-notch tech by toddler standards — so why not turn it into a fun and educational gadget for your kid?

On most reasonably recent tablets, you can find a native Restricted Profile feature right within the operating system: Just head into the system settings, tap “Users” (or “Users & accounts” and then “Users,” depending on your OS version), and then “Add user or profile.”

Select the option to add a restricted profile. You’ll be prompted to enable or disable access to each app installed on the tablet, allowing you to control exactly what processes your progeny will and won’t be able to use.

If your old device has Android 7.0 or higher (or Android 5.0, on a limited number of models), Google’s Family Link program can give you even more robust controls — including the abilities to set screen-time limits and receive weekly activity reports. You can learn more and sign up at the Family Link website.

20. Let it serve as a high-tech e-clock

Time for something new? An old phone with a dock can make a snazzy customizable clock for your desk or nightstand. Google’s own Clock app is a great place to start, especially if you want to use the clock for alarms. Look for the “Screensaver” option in the Display section of your system settings to make it automatically activate anytime your device is plugged in.

21. Convert it into a gaming device for your downtime

Put down the briefcase and summon your inner Pac-Man: Silly as it may seem, your old Android device is a mini-arcade just waiting to be called into action. (Hey, we all need the occasional break from working, right?)

To complete your device’s Game-Boy-like transformation, just surf the Play Store for some games — you can even find emulators for console-level systems, if (ahem) you know where to look — and then level up by grabbing one of Moga’s universal Android game controllers, available for $56 and up.

22. Keep it handy for emergencies

Any cell phone can make emergency calls, even if it’s not connected to active service. Keep an old phone charged and in your car or travel bag; if something bad happens and your active phone is either dead or unavailable, you’ll still have a way to get through to 911.

23. Turn it into your personal testing ground

Android is a tinkerer’s dream. It typically doesn’t take too much sorcery to root, or gain system-level access to, an Android device — and once you’ve done that, you open up a whole new world of possibilities. You can install powerful root-only applications and even replace your device’s entire operating system with a custom ROM full of fresh features and advanced customization potential.

Anytime you start poking around under the hood, though, you risk screwing something up. And when the device in question is your primary phone or tablet, that can be a daunting gamble to take (especially since rooting a device usually violates its warranty).

That’s where an old phone or tablet can come into play. Put on your hacker’s hat and do a Google search for “root [your device name]” and then “[your device name] ROM.” There’s a huge community of Android enthusiasts out there, and you’ll almost certainly find some helpful user-generated guides to get yourself started.

24. Sell it

This one’s easy, right? After all, what’s old to you is new to someone else. You can go the regular route and list your device on Craigslist or eBay — or you can check in with a more niche service like Swappa or Gazelle to get an instant estimated price for your device. Amazon and Best Buy also both offer buyback programs that may be worth investigating.

Whatever you do, make sure you head into your device’s system settings and perform a full factory reset before passing anything along. You’ll probably also want to remove any memory cards you might have added, if your old phone or tablet has an external storage slot.

25. Donate it

Feeling philanthropic? Rest assured: There’s no shortage of organizations ready to put your old Android device in the hands of someone who could really use it.

A few possibilities worth considering:

• Medic Mobile: This nonprofit organization recycles old phones and tablets and then uses the proceeds to purchase new phones for health workers in Africa, Asia, and Latin America. The workers use those phones for things like tracking disease outbreaks and communicating in emergencies. You can print a prepaid shipping label on the Medic Mobile website.
• Cell Phones For Soldiers: This nonprofit sends old phones along with free international calling service to troops serving overseas from all branches of the U.S. military. You can donate a device by finding a local drop-off point or requesting a mailing label.
• Rainforest Connection: This nonprofit utilizes old phones to protect threatened rainforests in Indonesia, Africa, and the Amazon. How? The devices are fitted with solar panels for energy as well as specialized software that uses their microphones to monitor for the sound of illegal chainsawing and then alert nearby rangers to the activity (yes, really!). You can donate a device by mailing it to the organization’s California headquarters.

So there you have it: 25 intriguing options for giving new life to your old device. Figure out which one best suits you — and send those gadget-dwelling dust bunnies packing.

This story was originally published in August 2014 and most recently updated in May 2023.

Android, Mobile, Small and Medium Business, Smartphones, Tablets

The Kimsuky (aka Springtail) advanced persistent threat (APT) group, which is linked to North Korea's Reconnaissance General Bureau (RGB), has been observed deploying a Linux version of its GoBear backdoor as part of a campaign targeting South Korean organizations. The backdoor, codenamed Gomir, is "structurally almost identical to GoBear, with extensive sharing of code between

The Kimsuky (aka Springtail) advanced persistent threat (APT) group, which is linked to North Korea's Reconnaissance General Bureau (RGB), has been observed deploying a Linux version of its GoBear backdoor as part of a campaign targeting South Korean organizations. The backdoor, codenamed Gomir, is "structurally almost identical to GoBear, with extensive sharing of code between Newsroomhttp://www.blogger.com/profile/[email protected]

The U.S. Cybersecurity and Infrastructure Security Agency (CISA) on Thursday added two security flaws impacting D-Link routers to its Known Exploited Vulnerabilities (KEV) catalog, based on evidence of active exploitation. The list of vulnerabilities is as follows - CVE-2014-100005 - A cross-site request forgery (CSRF) vulnerability impacting D-Link DIR-600 routers that allows an

The U.S. Cybersecurity and Infrastructure Security Agency (CISA) on Thursday added two security flaws impacting D-Link routers to its Known Exploited Vulnerabilities (KEV) catalog, based on evidence of active exploitation. The list of vulnerabilities is as follows - CVE-2014-100005 - A cross-site request forgery (CSRF) vulnerability impacting D-Link DIR-600 routers that allows anNewsroomhttp://www.blogger.com/profile/[email protected]

Recent security updates for Ubuntu and Debian have been released to address vulnerabilities in Thunderbird, the popular open-source mail and newsgroup client. The identified vulnerabilities could result in denial of service attacks, unauthorized access to sensitive information, and the execution of arbitrary code. As Linux admins, infosec professionals, and security enthusiasts, it is crucial to understand the implications of these vulnerabilities and take necessary action to protect systems and data.

“Over recent years, the way employees work has undergone significant change, influenced by the adoption of new mobile technologies and the increase of hybrid working practices,” Adam Holtby, principal analyst with Omdia, said in a recent report that looked at the growing market for Apple device management in the enterprise.

What’s interesting about the report is that it draws new connections between the various elements that make up enterprise tech. It recognizes the need to bring security, device management, cloud services, and digital experience design together to create robust digital workspaces.

They are not different things, but part of one thing.

Joined up thinking for the future of work

That’s smart, because it is inevitable that in many cases workspaces will become decentralized, data-driven, augmented, multi-platform and highly distributed. For best results, these spaces will be focused on digital community as well as productivity, and workspace management will reflect lots of things.

Unsurprisingly, the report cites the biggest Apple-focused integrator, Jamf as the leader for organizations hoping to empower their workforce with Apple technology. I wanted to learn more about the changing workspace, so I spoke with Michael Covington, vice president for product strategy at Jamf.

“It’s not about security or endpoint management,” Covington explained. “It’s about what real life situations you’re trying to enable.”

In his view, enterprises should see workspace management as an enabling solution. “If you can deliver better outcomes to employees, hopefully those outcomes are about productivity, better customer service, improved collaboration,” he said. 

The importance of employee experience

There are challenges. Accepting the new workspace requires cultural change, investment, and research to get things right. Covid also taught many employers that classic hierarchical approaches to change management cannot work without good communication across cadres — and it’s essential that whatever technology is thrown at a problem is actually used by employees, rather than ignored.

“By utilizing digital workspace management platforms, especially ones that are built for modern technology, businesses can effectively address these challenges and support their employees in this new era of work,” Omdia said in its report.

Fundamentally, in the new workspace the employee experience is a digital employee experience (DEX), and it’s super-important. 

Consider this: When your employees can work anywhere, anytime, and from any place, then the DEX that your company delivers to them becomes the most tangible experience they have of working with you. Give them DEX they like, and they’ll achieve more and stick with you; give them solutions they hate, and they achieve less and leave.

The trend toward mobile business has all been good for Apple, of course. Enterprise deployments of its solutions are accelerating worldwide, reflecting employee choice and growing understanding that over the usable life of these devices, businesses can save hundreds of dollars in repair and tech support costs compared to other systems.

When it comes to TCO, Apple leads the industry.

The AI tidal wave is coming, are you ready?

There is risk. To maintain momentum, Apple will need to make good on growing expectations about what it can achieve with generative AI (genAI) at WWDC. Apple is expected to deliver at least some valuable features on the device itself as its primary USP.

Business users also need to navigate this new aspect of accelerating digital transformation. We know it happens already. Microsoft and LinkedIn recently claimed there’s tension between AI adoption and job security. While 75% of workers use AI tools, over half hesitate to admit it, and business leaders are now seeking employees equipped with these skills.

Covington confessed to being both curious and cautious when it comes to genAI. Jamf is already deploying the technology in some areas of its business — particularly to support admins. But he urged a slow and deliberate deployment pace. 

“I think we must be very mindful about these technologies and what they can achieve,” he said. That means working with genAI in carefully chosen areas to help build internal experience and identify potential pitfalls.

“I think these things are amazing technologies, but I think we need to embrace them quickly, but slowly,” he said.

Solving the brain drain

That may be true. But are there enough people with sufficient skill to help every business optimize itself for the new workspace?  After all, many of the hugely transformative digital forces impacting business (from BYOD to remote work to genAI) have happened too swiftly for a large cohort of experienced change management leaders to emerge. That makes for a brain drain in experience.

“I think it’s absolutely fair to say [that],” said Covington, who pointed out that the accelerating consolidation of the different tech elements of successful digital transformation makes the lack of available skills more complex to navigate. 

“Think about, again, not just device management, but application lifecycle management, security, patch management, connectivity, all those things kind of coming together to, I think, be orchestrated in a way that the outcomes are optimized. You need tools that bring these things together in an easier way so that you don’t have to bring a subject matter expert from each of those different kind of domain areas together just to turn the thing on. And then you also need tools that help an individual or a small team cope with the day-to-day management of oversight of a deployment.

“It’s not just about getting things deployed and people enabled as though it’s a one-time thing,” he said. “This is a never-ending thing that we need to focus on.”

That’s the crux of things. As every business becomes a data business and as DEX becomes as significant a consideration as any other element of the enterprise technology stack, business users are turning to Managed Service Providers to help them bolt all the elements into place.

Mobile is still growing

But even then there’s a big blind spot: mobile. When genAI runs on mobile devices, will PCs even matter any more? Can an AI-augmented iPad really replace the computer? We know Apple thinks in a growing number of cases it can.

It’s strange that even since the iPhone and the BYOD boom, and even since the pandemic during which so many businesses came to rely on mobile, when it comes to treating mobile devices as peer players in the business stack some enterprises fail to manage them correctly.

“We are absolutely seeing broad embrace of iPads and Apple mobile technologies across the board,” said Covington. Retail, healthcare, and field services clients are all using the devices. 

“I’ve seen so many amazing use cases for mobile technologies in the field from people that might be contracted to go and repair a certain appliance that they have no expertise in,” he adds. “They’re using that mobile device to not just get schematics, but to actually communicate with people that might have more expertise on the repair that’s needed and that they can actually get in and be very efficient with their time in the field to make repairs.”

Despite this use, lots of businesses haven’t quite connected the dots to recognize that all devices in their fleet need to be properly protected. Some still see Macs and PCs as the primary tools knowledge workers use, and neglect that mobile devices are also now part of the mix. They might understand the need to secure the computers, but not yet see the need to protect the companion devices.

“No one’s put the spotlight on that, but I think the mobile workers, hybrid workers, the frontline workers that use mobile exclusively as their compute device, these are the ones needing the most assistance to achieve better productivity outcomes than they’ve been given in the past,” he said. 

Please follow me on Mastodon, or join me in the AppleHolic’s bar & grill and Apple Discussions groups on MeWe.

Apple, Generative AI, iMac, iOS, Remote Work

Researchers have discovered a new security vulnerability stemming from a design flaw in the IEEE 802.11 Wi-Fi standard that tricks victims into connecting to a less secure wireless network and eavesdrop on their network traffic. The SSID Confusion attack, tracked as CVE-2023-52424, impacts all operating systems and Wi-Fi clients, including home and mesh networks that are based on