ItsGeekToMe.co

Q: Microsoft says it will end support of Office 2010 on October 31. Because I have 2010 on 3 desktops and 2 laptops (all for personal use only) purchasing replacements would be quite expensive. The computers all have AVG Ultimate antivirus and Malwarebytes Premium (all up-to-date), is it safe to continue using Office 2010 past the non-support date?

 When traveling for extended periods and staying in hotels/motels, i need to contact financial organizations (e.g., credit cards). How can I safely connect using my laptop? Does the security symbol and “s” on the URL means the connection is encrypted and can’t be hacked even if I use the hotel’s Wi-Fi? Or, must I depend on a cell phone call?

– Doug B.
Niceville, Florida

A: You’ve asked two distinct questions, Doug, so I’ll need to handle them separately.

I know you’re a regular reader, so I presume you’ve seen the many columns in the last few months concerning Microsoft declaring end-of-life for certain products. What I’ve said in those columns applies to your issue also. At the time support ends, the only thing that changes is that Microsoft stops providing updates for the software. This includes both bug fixes and security patches. Your Office product will continue to operate as it always has, for as long as you care to use it, but any new security vulnerabilities that are identified will remain unpatched. That means over time, the software becomes less and less safe to operate. It’s always a good idea to run good antimalware tools, but they are not designed to protect against the types of vulnerabilities that typically require security updates. And they certainly don’t compensate for software bugs or other errors that would be patched if the software was still actively supported.  Conventional wisdom says you should always keep your system as up-to-date as possible, which means obtaining patches when new security vulnerabilities are discovered. That obviously can’t happen if the vendor stops releasing updates.

I don’t want to come off as an advocate for Microsoft, but it sounds like you’re not fully up on current pricing schemes for their software products. There has been a subtle push for quite a while to get people to switch to cloud-based versions of their products. Prices vary depending on your needs, but there are home-user options that include licenses for multiple computers for a single price that’s probably far less than you are anticipating for purchasing 5 new copies of Office. Check out your options at TinyURL.com/IGTM-0640. Keep in mind that these are annual subscription plans, so there is a recurring cost. However, under this model your software is always cutting edge, and shouldn’t ever reach end-of-life.

Your second question sounded awfully familiar, so I took a peek into my column archives, and sure enough, I answered a very similar question for you back in 2017 (Geek Note: I.G.T.M. #505 – March 26, 2017). I guess you missed my answer in that issue. Fortunately, all of the 640 issues (to-date) of It’s Geek To Me are available for free on my website, so go give it a read.

As far as the “s” in the URL, for the benefit of other readers, let me explain that you’re speaking of the URL starting with https instead of just http. These letters that appear before the destination indicate the type of protocol in use by the connection. HTTPS is a secure extension of standard HTTP. The secure version is not perfect, but it is far more secure than a standard HTTP connection. All data transmitted via HTTPS is indeed encrypted. Wonderful, but what does that actually mean in terms of security? You asked if it means that your connection “can’t be hacked.” Honestly, that’s a term that either has multiple meanings, or no meaning at all in this context. If you’re asking whether this will stop someone from accessing your computer via your Wi-Fi connection, then the answer is no. This is where using a VPN, or using good anti-malware tools comes into play to protect you. What it does mean is that – for the HTTPS website connection – anyone able to intercept data in transit between your computer and the remote website will receive only unreadable gibberish. It goes a long way toward protecting your data for that specific website session, but not for the computer’s connection to the Internet.