PATCH WATCH

By Susan Bradley • Comment about this article

This month’s updates include fewer vulnerabilities than normal. What is not normal is that some of the bugs have already been exploited.

I’m not changing my stance about it being wise to wait to see whether there are side effects, but I will review that decision should the need arise. For now, review this special alert.

There are six bugs under active attack.

For consumers:

For businesses:

This past Friday, I published an unusual alert — lowering the MS-DEFCON level to 3, but much earlier in the month than the level is usually lowered. This was due to the unexpected disclosure of a Windows TCP/IP Remote Code Execution Vulnerability (CVE-2024-38063). See MS-DEFCON 3: Blocking a potential wormable event (2024-08-16).

The gist of the alert is that the danger associated with this vulnerability is high and the August updates, including a fix for this bug, are benign. I consider updating now prudent.

Friday’s alert makes several suggestions, with details.

The MS-DEFCON 3 alert is available to anyone and is recommended reading. Note that the precise way you handle the update depends upon your specific situation.

Microsoft has several bugs this month that are best referred to as “fixing clicking on bad things.”

In the early days after Patch Tuesday, when I’m urging you to hold back while I review the updates, your best protection is yourself. Up your paranoia level. It’s very common at my office to receive alerts about potentially dangerous emails that include phishing links. But I get those alerts after a user has already received the email. The spam system kicks in and removes the malicious email from the system — but again, the user may have already seen the email. That’s why I’m so glad my users have adopted a certain degree of paranoia and do not click through blindly.

Even that does not take into account emails that try to make a user set up a malicious ACH transfer. My users are alert to those kinds of scams, too.

Naturally, the paranoia must be backed up by good antivirus solutions for consumers and good endpoint protection software for businesses.

Updates include a patch to fix a longstanding issue called “Mark of the Web” (CVE-2024-38213), whereby attackers could trick sites into not launching Microsoft SmartScreen. For those not familiar, SmartScreen is a “cloud-based anti-phishing and anti-malware component included in several Microsoft products,” including all versions of Windows back to 8, Edge, Microsoft 365, and Microsoft Bing. This is one of nine zero days — six being used in attacks — that is being patched.

Even though Windows 11 24H2 is not out yet, we are already seeing updates for fixing security issues unique to systems that have been shipped starting mid-June and that included 24H2 components. One such component is the “snapshot feature” called Microsoft Recall. Strangely, I haven’t heard much about Recall lately. Hopefully, Microsoft is hard at work to ensure that Security is included every step of the way. Better yet, maybe Redmond is starting over.

I still don’t have any good news for users of Office 2019 retail, some of whom are having problems getting their machines updated. I’ll be closely monitoring this issue and will provide workarounds if needed. So far, the only resolution Microsoft is pointing to is an uninstall or a repair install. Meanwhile, it’s still occurring with the August updates. Ugh! Stay tuned!

I do want you to ensure any browser you use is patched and up to date. In addition, if you are a fan of the uBlock Origin extension and use Chrome, you’ll need to plan ahead and move to a different tool. Chrome is blocking tools that use Manifest V2 in favor of Manifest V3. Note that if you use uBlock Origin on Firefox, you will not be impacted. Alternatively, you can move over to uBlock Origin Lite (the Mv3-compatible baby sibling), also available from the Chrome Web Store.

CVE-2024-38173 describes an Outlook vulnerability whereby the preview pane is an attack vector. But due to the fact that specific actions must be taken in order for this vulnerability to be triggered, and that the attacker must gain access to your login credentials in order to install a malicious form into your Outlook, I’m not concerned that we’re having issues getting these Office versions patched. This is a highly complex attack sequence and won’t be seen in a consumer setting.

Even with all these zero days, I’m still not ready to scream “Everyone patch now!” at the top of my lungs. Many of these zero days are targeted for businesses — not consumers — and with proper “click” hygiene procedures where you look, inspect, and click only when necessary on links, I feel confident with my advice at this time.

For those that have machines in a hosting situation, Windows TCP/IP Remote Code Execution Vulnerability (CVE-2024-38063) is one to keep an eye on. An attacker can send malicious packets on the IPv6 TCP/IP stack to trigger remote code execution. An unauthenticated attacker could repeatedly send IPv6 packets that include specially crafted packets to a Windows machine, which could enable remote code execution. Note that if you do not have or use IPv6, you are not at risk.

Do you have clients that use Remote Desktop Gateway (RDG) technologies to remote into their network? To ensure that last month’s known issue with RDG won’t impact your client base, review the settings below. It primarily impacts folks using older RDP technologies. Last month’s MS-DEFCON 3 alert contained a workaround that you can use to proactively ensure you won’t have issues. In my own network, where I have some connections set up with Remote Desktop Gateway over only port 443, not port 80, I did not use the workaround and had no issues after the July updates were installed.

Here’s the key piece of information from the alert:

For the latter, Microsoft issued the following warning in a Health release bulletin mailed to Microsoft 365 administrators:

Windows Servers which have installed Windows security updates released July 9, 2024 and later, might affect Remote Desktop Connectivity across an organization if legacy protocol (Remote Procedure Call over HTTP) is used in Remote Desktop Gateway. This can affect Remote Desktop (RD) Connectivity if the connection is going through an RD Gateway. Resulting from this, remote desktop connections might be interrupted. This issue might occur intermittently, such as repeating every 30 minutes. At this interval, logon sessions are lost and users will need to reconnect to the server. IT admins can track this as a termination of the TSGateway service which becomes unresponsive with exception code 0xc0000005.

Two options can be used to mitigate this issue ahead of a future Microsoft update.

The first is to disallow connections over pipe, and port \pipe\RpcProxy\3388 through the RD Gateway. This process will require the use of connection applications, such as firewall software. Consult the documentation for your connection as well as for firewall software for guidance on disallowing and porting connections.

The second is to edit the registry of client devices by removing a key.

This was posted to a Windows Health Dashboard on the Microsoft 365 Administrator site and has not been fixed with the August updates.

Resources

Contribute your thoughts in this article’s forum!

Susan Bradley is the publisher of the AskWoody newsletters.

FROM THE FORUMS

Will Fastie’s article last week, of the same name, drew quite a few readers to its forum. Contributors homed in on the manufacturing-quality problem with 13th- and 14th-generation Intel processors. In addition to the forum posts, Will received a fair number of emails on the topic.

As mentioned in the article, Intel has not been transparent about the chip problems, adjusting its story and response several times. It is thus important to follow this matter because these two generations of chips make up the bulk of current PC sales.

In addition to the reference sources in the article, you can follow Intel directly.

Two investor events are scheduled soon. Intel’s press release announcing those said this:

On Aug. 29 at 8 a.m. PDT, Pat Gelsinger, Intel CEO, will participate in a fireside chat on Intel’s business and corporate strategy at Deutsche Bank’s 2024 Technology Conference.

On Sept. 4 at 11:10 a.m. PDT, David Zinsner, executive vice president and chief financial officer, will participate in a fireside chat on Intel’s business and financial strategy at the Citi Global Technology Conference.

It is not clear whether these events will be webcasts. If so, they should become available at the Investor Relations site.

If you learn anything, come back to our forum and keep us all updated.

PUBLIC DEFENDER

By Brian Livingston • Comment about this article

I’ve been spending my time lately reading a new book that describes cryptocurrency nightmares. It was like sitting in a movie theater, watching a horror film that makes audience members scream at the lead actress, “Don’t open that door!”

The female star, of course, opens the door, no matter how loudly the audience yells. But instead of sitting in a darkened theater, you can read my favorite new book in a well-lighted room. You’ll still find yourself terrified by the scams and rip-offs that crypto promoters perpetrate on innocent altcoin buyers.

The book is titled Crypto Confidential: An Insider’s Account from the Frontlines of Fraud. The author is Jake Donoghue. In 2021, he was a co-founder and chief communications officer for a cryptocurrency marketing agency in the United Kingdom called Moonshot Advisors. (The name reflects the fact that promoters of new digital coins often say the value of their imaginary currencies will be “going to the moon.”)

Donoghue’s book goes on sale at Amazon UK on August 22, 2024 (link). I expect the title to also appear in the listings at Amazon US and other booksellers soon. But if you’re in a hurry, Amazon UK delivers to the US and elsewhere.

This book should not be confused with a similar title that first appeared on Amazon US in July 2024: Crypto Confidential: Winning and Losing Millions in the New Frontier of Finance (link) by Nathaniel Eliason, an American entrepreneur based in Austin, Texas. I haven’t read or reviewed this book, although it also appears to reveal many unseemly aspects of the crypto world. (I have no affiliate relationships with anyone, and I receive nothing if you buy any book or product.)

I quickly ascertained that “Jake Donoghue” is a pseudonym and that a company named “Moonshot Advisers” doesn’t exist in the UK. On the advice of legal counsel, the author decided he’d be less likely to be sued for defamation of character if he published his exposé under a nom de plume and changed the names of some of the lesser-known crypto companies and his firm.

Having been sued myself, I can relate. I believe the author’s attorney is probably right. I independently confirmed the writer’s true name and that of his company, but I’m not outing him here. (In yet another name collision, the “Moonshot Advisers” entity in the book is unrelated to Moonshot Advisers LLC, a noncrypto marketing firm established by Mikhail Cook in Costa Mesa, California, five months ago — presumably after Donoghue’s book was already past final editing.)

The idea of a digital store of value — money that can be transferred anywhere instantly, is worth the same amount every place in the world, and is not tied to the economy of a single country — is very appealing. But cryptocurrencies, based on nothing of tangible worth, such as timber or crude oil, rise and fall wildly. This hurts people who buy crypto coins during a wave of excitement. (See Figure 1.)

Figure 1. In 2020–21, bitcoin rose from its February 2020 low of $3,884 to a high point in March 2021 of $64,899, a 16X increase. That attracted a lot of speculative attention. But at its lows, the cryptocurrency has crashed 56% in 2021, 78% in 2022, and 34% so far in 2024. The year 2022 is a “crypto winter.” Source: Trading View BTCUSD chart

A coder who goes by the name of Satoshi Nakamoto first described the bitcoin concept in a 2008 white paper. Back then, bitcoins barely existed, trading for less than one US cent. But as the idea became more popular, the price gradually rose to around $4,000 per bitcoin by 2020.

Since then, some people have made a profit by trading bitcoin’s wild swings. But many others have lost their shirts. Without warning, bitcoin has socked its holders with a huge crash every year or two.

The sad truth is that the only people who reliably make big profits from cryptocurrencies are the founders. Inventors of new crypto fads — more than 15,000 varieties are currently being actively traded — typically reserve a large block of the coins for themselves. The following are a few examples of how many tokens well-known creators kept for themselves — and the value today:

If you think you can get rich by developing the next cryptocurrency, there isn’t much stopping you. Who knows, you might be the inventor of crypto #15,001.

One of the most pernicious aspects of cryptocurrency is its use of celebrities. A famous actor or musician — talking up a digital coin that may or may not be worth anything — can generate millions of dollars in sales for issuers of new crypto products.

Figure 2. Social-media influencer Kim Kardashian paid the SEC $1.26 million to settle charges of making crypto endorsements that did not disclose her compensation. Photo at the opening of “The Promise” in Hollywood, California, April 12, 2017, by Tinseltown/Shutterstock

According to Donoghue’s book, one group that arranges for celebrities to promote cryptocurrencies, Plug Promotions, set up the following arrangements:

One of the biggest companies in the influencer space, ByBit, had a marketing budget of more than $1 billion per year as of 2021, Donoghue says. By comparison, the Microsoft Corporation’s total advertising budget that year was $1.1 billion.

The US Securities & Exchange Commission (SEC) filed charges in 2023 against eight celebrities, including Lohan, for touting crypto tokens without disclosing their compensation. Six of the eight agreed to settle the suits, paying a total of $400,000 to do so. Kardashian had previously reached an agreement with the SEC in 2022, costing her a settlement of $1.26 million, according to New York Times reporting.

Figure 3. According to Jake Donoghue, some crypto “influencers” can be hired for a few thousand dollars. Others charge tens or hundreds of thousands, depending on the number of followers. Source: Jake Donoghue tweet

One of the easiest “menus” of celebrity crypto-promotion prices can be found on a website that Donoghue tracks. In a tweet on X he displays various influencers, their number of followers, and the cost of endorsements and other statements. (See Figure 3.)

Donoghue’s book doesn’t delve much into the originators of the first cryptocurrencies or how they’re currently spending all the loot they made from credulous buyers. But he delivers captivating stories about rank criminality among this decades’s promoters, who were entrusted with millions of ordinary people’s dollars and stole or wasted all of it.

The first two examples listed below are well-known tales by now. But the others didn’t receive nearly the publicity — I’d say notoriety — they should have generated in the mainstream press:

I could go on, but the stories are told much more vividly — and terrifyingly — in Donoghue’s 255-page tell-all book.

In June 2021, more than three years ago, I published a warning titled Buying crypto? Watch out for these 100 problems.

I subsequently wrote an analysis in December 2022 on Bankrupt technology: How FTX crushed $40 billion to bits. It describes how a code-based company with only 300 employees (working within more than 100 legal entities) had fraudulently managed to vaporize billions of dollars of customers’ money in short order.

Those columns still stand. I encourage you to go back and check them for cautions that remain good ideas even today.

But Donoghue has experienced an order of magnitude beyond any background I’ll ever have in crypto. He’s documented more than 100 problems with crypto, and he’s put them all together in a fast-paced book. Get it and learn from it.

Stay safe out there!

		Contribute your thoughts in this article’s forum!
		Do you know something we all should know? Send your story to Brian in confidence!

The PUBLIC DEFENDER column is Brian Livingston’s campaign to give you consumer protection from tech. If it’s irritating you, and it has an “on” switch, he’ll take the case! Brian is a successful dot-com entrepreneur, author or co-author of 11 Windows Secrets books, and author of the fintech book Muscular Portfolios.

MICROSOFT 365

By Peter Deegan • Comment about this article

ARM-based computers are about to move from a nerd niche to a mainstream product with the arrival of Copilot+ PCs and the increasing popularity of Mac computers.

What are the compatibility issues for running Windows apps, especially Microsoft Office, on this very different hardware?

Though Windows and Office look the same on both ARM and Intel computers, their CPUs are fundamentally different. Under the hood, there are big differences in the software layers between the hardware and what you see on the screen. It’s a bit like the difference between a petrol and an electric car — both look and are driven the same, but they have hugely different engines and mechanics.

ARM is gaining steam. The architecture was long used on Apple’s smaller devices and its use continues today, with the complete transformation of Mac to Apple’s own ARM-based M-series SoCs complete about a year ago. Some of Microsoft’s older Surface PCs used an ARM chip provided by Qualcomm, but now the Snapdragon X Elite is used in PCs from nearly every PC vendor.

A key factor in the adoption of ARM has been the ability of chip manufacturers to reduce power consumption. The result is laptops and other devices with much greater endurance than before.

Mac versions of Microsoft 365, Office 2021, and Office 2019 all run natively with Apple M-series computers. Earlier versions of Office might work but aren’t supported by Microsoft.

Most software makers now have versions of their apps that run natively on Apple silicon. Microsoft will install the M-compatible version of Office for Mac automatically. If you want to check an app on a Mac, go to it in Finder, right-click it, and then click Get Info. Any app labeled Application (Universal) will work on both Intel and M-series Macs. (See Figure 1.)

Figure 1. Application (Universal) means the app works on both types of Mac.

Office for Mac looks similar to Windows Office, but there are a lot of differences — none of which is due to the processor. As I mentioned last month, Microsoft has a vested interest in keeping Office for Mac crippled, compared to Office for Windows.

The macOS compatibility layer, Rosetta 2, is available to install. It allows older Intel-based apps to work on the M-series chips via emulation, but you’re much better off using native M-series software. If desperate, you could try running Office 2016 for Mac or older versions using Rosetta.

You can use Windows and Office on ARM computers such as Copilot+ machines without concern. ARM-based Windows isn’t new, as Mary Branscombe pointed out a few weeks ago. Microsoft has been working on ARM support for some years. And now the much-ballyhooed Copilot+ PCs have Windows on ARM, which means it has finally reached the mainstream.

Keep in mind that ARM chips are a separate thing from AI integration. Copilot+ PCs have a separate neural processing unit (NPU) to speed up AI tasks on the computer, as opposed to using cloud-based AI services. Localized AI will eventually come to the Intel architecture as soon as Intel and AMD get their NPU support integrated.

Windows on ARM is remarkably compatible with most Windows apps. I run 15-year-old Windows software on the new ARM platform with no trouble at all. There’s a built-in “Prism” compatibility layer which allows Intel-based apps to work, but it’s still better to use an ARM-compatible app if available.

Here are some things to keep in mind for Windows on ARM:

Microsoft’s self-serving recommendation for running Windows on a Mac is its Cloud PC service. That’s an option, as is accessing a Windows computer via remote access-software. For many people, the preferred solution is having Windows running within a macOS machine.

The ARM version of Windows on a Mac will run nicely as a virtual machine (VM) on an Apple Silicon machine with Microsoft Office (Figure 2). The VM software has a translation layer to let Windows ARM run on Apple’s version of ARM. There are a few virtual-machine options for macOS, but the best is Parallels; that’s what I’m using to write this article.

Figure 2. Windows on ARM running Office within an M1 MacBook Air

The only way to run Windows on a Mac M-series computer is with Windows on ARM. Intel-based Windows isn’t possible. Parallels makes it easy to download Windows on ARM directly from Microsoft and install (Figure 3). Note: You’ll have to buy a Windows license later.

Figure 3. Parallels will install Windows on ARM automatically.

There are some limitations with Windows on ARM when running on Apple M-series machines, mostly related to more-sophisticated virtualization options in Windows. The Windows subsystems for Linux and Android are not available (the Android subsystem is being dropped from all Windows releases starting in March 2025). Windows Sandbox isn’t available, nor is the Virtualization-based Security (VBS) option. Intel x64 and x86 apps will run, as will 64-bit Windows on ARM apps — but older 32-bit ARM apps won’t.

For Windows on ARM, Microsoft will install a 64-bit optimized version of Microsoft 365, Office 2021, or Office 2019 from the office.com website.

If you’re curious, go to Task Manager to see the running apps and their architecture. The Office apps are  shown as Arm64 (x64 compatible). See Figure 4.

Figure 4. Office on ARM apps in Windows Task Manager

The “x64 compatible” bit is important because it allows 64-bit add-ins to work on Windows on ARM.

Getting 32-bit Office for compatibility with older plugins is problematic. Online reports suggest that, even if you try to force an Office 32-bit install, you’ll get 64-bit apps anyway.

In short: You can use the ARM-based Windows and Office with confidence. There are minor and niche differences, but they should not trouble most people. In fact, most folks won’t realize they are running Windows on ARM at all.

Contribute your thoughts in this article’s forum!

Peter Deegan is the author of Windows 11 for Microsoft Office Users, Microsoft 365 for Windows: Straight Talk, Eye-Catching Signs with Word, Christmas Cheer with Office, and others. He has been the co-founder and editor in chief of the Office Watch site and newsletters since they started in 1996.

NETWORKING

By Ed Tittel • Comment about this article

It’s time to revisit home-networking tools and technologies, especially on the wireless side of things.

In this, the second of a two-part series about the basics of Windows networking at home, we progress into the boundary devices used to connect your local-area network to the provider’s network and on to the Internet. We’ll touch on device economics, mesh networks, and the enduring value and appeal of wired Ethernet in our ever-more-wireless world.

Part 1 addressed the kinds of access that Internet Service Providers (ISPs) offer these days and the basics involved in modern Wi-Fi networks, versions 5 through 7.

Equipment plays an important role in managing the boundary between the provider network and the local network that runs “on-premises,” meaning your home. The boundary itself requires specialized hardware that translates between the ISP-level network connection and the version of Wi-Fi (5, 6, or 7) or wired Ethernet.

The role of the boundary device is to act as the transit mechanism for incoming and outgoing communications. It also provides the basis for local wired and wireless networks. Thus, a normal boundary device will include a connection to the ISP over copper, fiber, or wireless, plus a router that provides Wi-Fi and some number of wired Ethernet ports. The boundary device acts as the Internet gateway to steer traffic onto the ISP network “outside,” but it also coordinates in-house networking to let PCs and other devices communicate with each other and with network-attached peripherals (printers, scanners, storage, and so forth).

Let’s use my home network at Chez Tittel as an example. I get my nominal GbE Ethernet Internet connection from Spectrum. (The company actually specifies it as 940 Mbps in the fine print.) Spectrum furnishes a Technicolor E31T2V1 DOCSIS 3.1 modem. It has a CATV port because the connection consists of coaxial (coax) cable and a single GbE port. That single Ethernet port connects to a provided Arris RAC2V1A Wi-Fi 6 router with 4 wired GbE ports.

From the router, I distribute connectivity by using three unmanaged NETGEAR 8-port GbE switches (two downstairs, one upstairs) connected via Ethernet cable and an ASUS AX6000 (Wi-Fi 6) router configured as a wireless access point (WAP) in my office. At any given time, Advanced IP Scanner recognizes as many as 25 local devices and up to 40 distinct IP addresses here, including cellphones, thermostats, an alarm system, smart TVs, PCs, and laptops. These devices (some with multiple IP addresses for both wired and Wi-Fi interfaces) appear in Figure 1.

Figure 1. Advanced IP Scanner shows over two dozen active devices and more than three dozen IPv4 addresses in local use.

Once upon a time, Internet subscribers had to pay monthly rental fees for boundary devices (along with cable boxes for CATV-based connections). These would typically cost between US$5 and $10 per month. On the other hand, some ISPs will allow customers to purchase and use their own boundary devices. These typically cost upwards of $350 or so. Simple math says that if you use the device for 35 to 70 months, depending on rental costs, the device pays for itself. After that, everything is gravy, right?

Actually, it’s not that simple. If you provide the boundary gear, you become responsible for setting it up and maintaining it. If the gear is provided, the ISP will service and support it, may replace it from time to time. Replacement may be available when the ISP is upgrading its own infrastructure, when your equipment has failed, or when you request a service not supported by the current hardware. Therefore, modest savings on rental costs don’t justify the time and effort involved in setting up, maintaining, troubleshooting, and (when necessary) replacing boundary devices. Simply put, it’s much more convenient to let the ISP handle things — and to watch for and obtain newer, faster, more capable devices from them as you upgrade service levels or as they upgrade the equipment they’re placing with customers in the field. In the past three years, for example, I’ve replaced both of my cable boxes with my Arris boundary device, all at no cost to the household.

A mesh network combines multiple Wi-Fi devices to extend the area of wireless coverage. A single Wi-Fi router or access point is usually good for 1,500 to 2,000 square feet. That coverage may be reduced by the materials used in the construction of the home, especially very dense material or metal. There may also be cases where electromagnetic interference (EMI) is at play. So when interference might be a problem or the house is larger, interconnecting Wi-Fi access points can help.

The general rule of thumb is one mesh device for each 1,500 to 2,000 square feet of space. But that’s a bit misleading because the reach of a WAP is based on a circle, so the important measure is the radius. With that in mind, assume that a WAP can handle a radius of 15 to 20 feet, which works out to 700 to 1,200 square feet. In turn, that suggests that the spacing between multiple WAPs be 20 to 30 feet apart. At Chez Tittel, that distance is about 21 feet (from the master bedroom closet to the front office, both downstairs).

Do the math based on your area of coverage. When in doubt, add a second device. You don’t need to buy a set of matched mesh devices, though. If you buy a Wi-Fi router that matches your ISP’s boundary device (such as my ASUS AX6000), you can configure it as a WAP to get the same benefits. If you have a larger area to cover, it may be useful to buy a two- or three-pack bundle of mesh devices to match. They’re usually easy to set up — these days most work with cellphone apps in addition to Web-based control panels.

You can see a typical two-node mesh layout mapped atop a house floor plan in Figure 2, where the 8-ball symbols show WAP/mesh device placement. In my case, one device is the ISP’s Arris Wi-Fi/router device and the other is an ASUS AX6000 router configured as a WAP to provide wireless access to/from the wired GbE LAN.

Figure 2. Blue circles show mesh device coverage, with 8-ball symbols denoting device placement (top is on a bookshelf, bottom atop a bathroom cabinet).

Mesh devices are best positioned to minimize overlap in order to provide maximum coverage. Overlap zones, as shown in Figure 2, are best positioned around walls, closets, hallways, or other low-traffic areas. As the diagram shows, the arrangement also provides some networking coverage in the garage (lower right of floor plan) and the driveway (beneath and connecting to the garage). That’s handy for cellphone use.

Most Wi-Fi routers include one or more USB 3.0 ports plus up to eight GbE ports. You can connect printers, scanners, and storage to such devices and share them with your household. At Chez Tittel, we use two wired GbE networked laser printers for printing and scanning. I also have a two-drive hard-disk caddy with 16 TB of networked storage available, used mostly for backup and archiving older stuff. It’s plugged into the USB 3.0 port on the ASUS AX-6000. We schedule backup for the wee hours of the morning to avoid network traffic jams — our network is heavily used from early morning until mid-to-late evening.

We use the Wi-Fi router from Spectrum for cellphones, an iPad, the alarm system, thermostats, and the smart TV. We use the ASUS router for 2.4 GHz and 5 GHz PC and laptop connections. This provides ongoing access to mobile and important devices, even if the LAN goes down. It also provides enough bandwidth for PCs and laptops to get things done during the day. (We have three PCs and seven laptops sharing the network right now, but with seldom more than three in active use at any given moment.)

You bet! All the actual PCs here network via wired GbE network ports. Laptops can go either way, thanks to some with both Wi-Fi (6 mostly) and RJ-45 GbE ports, and sometimes several more thanks to Lenovo proprietary or USB 3.0 GbE dongles. When I’m really serious about getting work done, I still prefer wired to wireless Ethernet. In some households, this may not be an option, so take heart from the increasing speed and reliability of newer Wi-Fi versions.

Most houses come wired with Cat 5e cable or better nowadays, with at least one or two RJ-45 ports per floor. Visiting model homes recently, we noticed that all are wired for Cat 7e. This works with up to 10GBASE-T (10 Gbps) devices for cable runs of up to 100 meters, which is well beyond the needs of most households. Good to know, though.

If you use your favorite search engine, you can identify who your local providers could be. I’d suggest a search like “ISPs near me” or “ISPs that service <home address>.” Because you’re probably on the Internet already, this gives you a chance to compare other offerings, pricing, and what’s included. It’s never a bad idea to go to your current ISP (or any candidate) and ask: “What’s the best price you can give me for <package>?” (use their own labels to identify what you want). This goes double when you see special offers on TV and you’re paying more than that. At a minimum, you should be able to get that price, too — if only for the same promotional period as new customers.

If you keep an eye on what’s available, you can keep costs under control, too. Have fun, and happy surfing!

Contribute your thoughts in this article’s forum!

Ed Tittel is a long-time computer industry writer and researcher. The author of over 100 computing books, Ed is also a Windows Insider MVP (2018–2023) who writes for numerous other websites and publications. For more info, visit edtittel.com.