Month: July 2024

Handy Excel keyboard shortcuts for Windows and Mac

Excel’s Ribbon is great for finding everything you might ever want to do in a spreadsheet, particularly things you don’t do frequently, like managing and querying data connections or automatically grabbing geographic statistics from the internet and inserting them into cells.

But if you’re looking to do things fast, you’ll find keyboard shortcuts far more useful. Why bother to lift your hands from the keyboard if you want to open or close a file, apply formatting to cells, navigate through workbooks, undo and redo actions, calculate all worksheets in all open workbooks, and more? With keyboard shortcuts you won’t have to.

There are keyboard shortcuts to accomplish a vast array of tasks in the Excel desktop client, in both the Windows and Mac versions. (Fewer shortcuts are available for the Mac, but you can create your own custom keyboard shortcuts if you like.)

We’ve listed the shortcuts we’ve found the most useful below. Most work whether you’re using a subscription (Microsoft 365/Office 365) or non-subscription version of Excel. For even more shortcuts, see Microsoft’s Office site.

Useful Excel keyboard shortcuts

Note: On Macs, the ⌘ key is the same as the Command or Cmd key. Also note that with many Mac keyboards, you must press the Fn key in addition to a function key.

    General shortcuts
    ActionWindows key combinationMac key combination
    Create a new workbookCtrl-N⌘-N
    Open a workbookCtrl-O⌘-O
    Save a workbookCtrl-S⌘-S
    Close a workbookCtrl-W⌘-W
    Print a workbookCtrl-P⌘-P
    Insert a new worksheet (tab)Alt-Shift-F1Shift-Fn-F11
    Display the Find dialog boxCtrl-FControl-F
    Display the Go To dialog boxF5Fn-F5
    Undo the last actionCtrl-Z⌘-Z or Control-Z
    Redo the last actionCtrl-Y⌘-Y or Control-Y
    Insert or edit a cell commentShift-F2⌘-Shift-Fn-F2
    Select all cells that contain commentsCtrl-Shift-O 
    Spell-check the active worksheet or selected rangeF7Fn-F7
    Worksheet navigation
    ActionWindows key combinationMac key combination
    Move one screen up / downPgUp / PgDnPage Up / Page Down or
    Fn-up arrow / Fn-down arrow
    Move one screen to the left / rightAlt-PgUp / Alt-PgDnOption-Page Up /
    Option-Page Down or
    Fn-Option-up arrow /
    Fn-Option-down arrow
    Move one worksheet tab to the left / rightCtrl-PgUp / Ctrl-PgDnControl-Page Down /
    Control-Page Up or
    Option-right arrow
    / Option-Left arrow
    Move one cell up / downup arrow / down arrowup arrow / down arrow
    Move to the next cell to the rightTabright arrow
    Move to the cell to the leftShift-Tableft arrow
    Move to the beginning of a rowHomeHome or Fn-left arrow
    Move to the beginning of a worksheetCtrl-HomeControl-Home or
    Control-Fn-Left arrow
    Move to the last cell that has content in itCtrl-EndControl-End or
    Control-Fn-right arrow
    Move to the word to the left while in a cellCtrl-left arrow⌘-left arrow
    Move to the word to the right while in a cellCtrl-right arrow⌘-right arrow
    Display the Go To dialog boxCtrl-G or F5Ctrl-G or Fn-F5
    Switch between the worksheet, the Ribbon,
    the task pane, and Zoom controls
    F6Fn-F6
    If more than one worksheet is open,
    switch to the next one
    Ctrl-F6⌘-~
    Working with data
    ActionWindows key combinationMac key combination
    Select a rowShift-SpacebarShift-Spacebar
    Select a columnCtrl-SpacebarControl-Spacebar
    Select an entire worksheetCtrl-A or
    Ctrl-Shift-Spacebar
    ⌘-A
    Extend selection by a single cellShift-arrow keyShift-arrow key
    Extend selection down / up one screenShift-PgDn / Shift-PgUpShift-PgDn /
    Shift-PgUp or
    Shift-Fn-down arrow /
    Shift-Fn-up arrow
    Extend selection to the beginning of a rowShift-HomeShift-Home or
    Shift-Fn-left arrow
    Extend selection to the beginning of the
    worksheet
    Ctrl-Shift-HomeControl-Shift-Home or
    Control-Shift-Fn-left arrow
    Hide selected rowsCtrl-9⌘-9 or Control-9
    Unhide hidden rows in a selectionCtrl-Shift-(⌘-Shift-( or Control-Shift-(
    Hide selected columnsCtrl-0⌘-0 or Control-0
    Unhide hidden columns in a selectionCtrl-Shift-)⌘-Shift-) or Control-Shift-)
    Copy cell’s contents to the clipboardCtrl-C⌘-C or Control-C
    Copy and delete cell’s contentsCtrl-X⌘-X or Control-X
    Paste from the clipboard into a cellCtrl-V⌘-V or Control-V
    Display the Paste Special dialog boxCtrl-Alt-V⌘-Option-V or
    Control-Option-V
    Finish entering data in a cell and
    move to the next cell down / up
    Enter / Shift-EnterEnter / Shift-Enter
    Cancel your entry in a cellEscEsc
    Use Flash Fill to fill the current column based on adjacent columnsCtrl-EControl-E
    Insert the current dateCtrl-;Control-;
    Insert the current timeCtrl-Shift-;⌘-;
    Display the Create Table dialog boxCtrl-T or Ctrl-LControl-T
    When in the formula bar, move
    the cursor to the end of the text
    Ctrl-End⌘-End or
    ⌘-Fn-right arrow
    When in the formula bar, select all
    text from the cursor to the end
    Ctrl-Shift-End⌘-Shift-End or
    ⌘-Shift-Fn-right arrow
    Display Quick Analysis options
    for selected cells that contain data
    Ctrl-Q 
    Create, run, edit, or delete a macroAlt-F8Option-Fn-F8
    Formatting cells and data
    ActionWindows key combinationMac key combination
    Display the Format Cells dialog boxCtrl-1⌘-1 or Control-1
    Display the Style dialog box (Windows) /
    Modify Cell Style dialog box (Mac)
    Alt-‘Option-‘
    Apply a border to a cell or selectionCtrl-Shift-&⌘-Option-0
    Remove a border from a cell or selectionCtrl-Shift-_ (underscore)⌘-Option– (hyphen)
    Apply the Currency format with
    two decimal places
    Ctrl-Shift-$Control-Shift-$
    Apply the Number formatCtrl-Shift-~Control-Shift-~
    Apply the Percentage format with
    no decimal places
    Ctrl-Shift-%Control-Shift-%
    Apply the Date format using day,
    month, and year
    Ctrl-Shift-#Control-Shift-#
    Apply the Time format using the
    12-hour clock
    Ctrl-Shift-@Control-Shift-@
    Insert a hyperlinkCtrl-K⌘-K or Control-K
    Working with formulas and functions
    ActionWindows key combinationMac key combination
    Begin a formula==
    Insert a functionShift-F3Shift-Fn-F3
    Insert an AutoSum functionAlt-=⌘-Shift-T
    Accept / insert function with AutoCompleteTabTab-down arrow
    Cancel an entry in the cell or formula barEscEsc
    Edit active cell, put insertion point at endF2Control-U
    Toggle between displaying formulas
    and cell values
    Ctrl-`Control-`
    Cycle formula references among
    absolute, relative, and mixed
    F4⌘-T or Fn-F4
    Copy and paste the formula
    from the cell above into the
    current one
    Ctrl-‘Control-Shift-“
    Calculate the current worksheetShift-F9Shift-Fn-F9
    Calculate all worksheets in all
    workbooks that are open
    F9Fn-F9
    Expand or collapse the formula barCtrl-Shift-UControl-Shift-U
    Ribbon navigation

    Excel for Mac does not have keyboard shortcuts for the Ribbon.

    ActionWindows key combination
    Display Ribbon shortcutsAlt
    Go to the File tabAlt-F
    Go to the Home tabAlt-H
    Go to the Insert tabAlt-N
    Go to the Page Layout tabAlt-P
    Go to the Formulas tabAlt-M
    Go to the Data tabAlt-A
    Go to the Review tabAlt-R
    Go to the View tabAlt-W
    Put cursor in the Tell Me or Search boxAlt-Q
    Go to the Chart Design tab when cursor is on a chartAlt-JC
    Go to the Format tab when cursor is on a chartAlt-JA
    Go to the Table Design tab when cursor is on a tableAlt-JT
    Go to the Picture Format tab when cursor is on an imageAlt-JP
    Go to the Draw tab (if available)Alt-JI
    Go to the Power Pivot tab (if available)Alt-B
    Source: Microsoft

    Looking for more help with Excel for Windows? If you have an Office subscription, see “Excel for Office 365/Microsoft 365 cheat sheet.” If you have a non-subscription version of Office, see “Excel 2016 and 2019 cheat sheet.” We’ve also got cheat sheets for an array of other Microsoft products, including older versions of Office.

    Related:

    Microsoft employees must use Apple iPhones in China

    In a step that perhaps symbolizes the steady erosion of bridges between nations, Microsoft is ordering its staff in China to abandon Android phones to exclusively use iPhones. 

    The ban begins in September, when staff will be required to use iPhones for work — specifically for identity verification when logging into devices. Microsoft wants all its staff to use Microsoft Authenticator and Identity Pass. Microsoft is going to distribute iPhones to employees that currently use Android devices as part of the initiative, a report from investing.com claims.

    That’s what I call fragmentation

    What makes that decision problematic is that in China there is no Google Play store, which means Android app stores are fragmented, with local Chinese manufacturers offering their own app platforms. Chinese smartphone companies are also building their own operating systems, further fragmenting the mobile landscape there.

    This may become a bigger problem in the future as regulators force Apple to support sideloading: “Forced sideloading could open the door to risks like fake apps, malware, and social engineering attacks that have long plagued the Android ecosystem,” Hexnode CEO Apu Pavithran recently warned.

    Microsoft’s decision to coalesce around the iPhone echoes and reflects what’s allegedly taking place in China, where a growing number of government agencies and companies are asking staffers to avoid using foreign-owned devices. That’s yet another manifestation of the growing political tension between Washington and Beijing.

    Microsoft didn’t get mobile

    But beyond the story of political conflict lurks two additional realities. Not only does Microsoft’s decision illustrate the security hazards of a fragmented app store market, it also shows the extent to which the developer has failed to secure a strong foothold in the mobile device market.

    Cast your mind back — and it really isn’t so long ago — when the notion that Microsoft would recommend its employees use Apple iPhones would have been unthinkable. Things have changed, perhaps for the better, as the additional security benefits unlocked through multi-platform enterprise deployments is now widely understood.

    Political tensions remain

    Apple may have cause for concern about Microsoft’s decision, as it sheds light on the delicate dance it is engaged in. Apple has been doing its diplomatic best to maintain cordial relationships in both China and the US. 

    All parties benefit in the dance. Both the US and China enjoy the economic benefits the relationship delivers, particularly (at least at present) around employment across the iPhone factories in China and wider iOS ecosystems elsewhere. Apple in China creates lots of wealth that lands in the exchequers of both nations, even as the tech itself enhances productivity.

    Apple is, of course, not blind to the growing tension between the two nations. It’s rapidly increasing investments in India and manufacturing hubs elsewhere across the APAC region, evidence of that awareness. But even now the vast majority of its products are made in China. Building a replacement manufacturing ecosystem was always going to take vast amounts of money and time, and it wasn’t merely the pandemic that forced Apple’s operations staff to accelerate investment in manufacturing outside of China.

    It’s complicated

    One thing Apple doesn’t need is for trading conditions to worsen in what remains its biggest market outside the US. The slow move by China’s government to reject iPhone use at work is potentially as significant a problem to the company as the US government’s poorly considered anti-trust litigation against it. Both sets of decisions are likely to hit Apple’s bottom line, even as the gulf between the two nations continues to grow. 

    The race to AI is unlikely to improve things. The US has already taken steps in the form of sanctions to hamper China’s progress in AI development, though the impact seems limited. At the same time, Apple’s decision to introduce its own AI tools first only in the US, and to confirm that the EU will not gain access to them for some time yet, reflects a similar story of disunity as nations vie for tech prominence. 

    Please follow me on Mastodon, or join me in the AppleHolic’s bar & grill and Apple Discussions groups on MeWe.

    Microsoft employees must use Apple iPhones in China

    In a step that perhaps symbolizes the steady erosion of bridges between nations, Microsoft is ordering its staff in China to abandon Android phones to exclusively use iPhones. 

    The ban begins in September, when staff will be required to use iPhones for work — specifically for identity verification when logging into devices. Microsoft wants all its staff to use Microsoft Authenticator and Identity Pass. Microsoft is going to distribute iPhones to employees that currently use Android devices as part of the initiative, a report from investing.com claims.

    That’s what I call fragmentation

    What makes that decision problematic is that in China there is no Google Play store, which means Android app stores are fragmented, with local Chinese manufacturers offering their own app platforms. Chinese smartphone companies are also building their own operating systems, further fragmenting the mobile landscape there.

    This may become a bigger problem in the future as regulators force Apple to support sideloading: “Forced sideloading could open the door to risks like fake apps, malware, and social engineering attacks that have long plagued the Android ecosystem,” Hexnode CEO Apu Pavithran recently warned.

    Microsoft’s decision to coalesce around the iPhone echoes and reflects what’s allegedly taking place in China, where a growing number of government agencies and companies are asking staffers to avoid using foreign-owned devices. That’s yet another manifestation of the growing political tension between Washington and Beijing.

    Microsoft didn’t get mobile

    But beyond the story of political conflict lurks two additional realities. Not only does Microsoft’s decision illustrate the security hazards of a fragmented app store market, it also shows the extent to which the developer has failed to secure a strong foothold in the mobile device market.

    Cast your mind back — and it really isn’t so long ago — when the notion that Microsoft would recommend its employees use Apple iPhones would have been unthinkable. Things have changed, perhaps for the better, as the additional security benefits unlocked through multi-platform enterprise deployments is now widely understood.

    Political tensions remain

    Apple may have cause for concern about Microsoft’s decision, as it sheds light on the delicate dance it is engaged in. Apple has been doing its diplomatic best to maintain cordial relationships in both China and the US. 

    All parties benefit in the dance. Both the US and China enjoy the economic benefits the relationship delivers, particularly (at least at present) around employment across the iPhone factories in China and wider iOS ecosystems elsewhere. Apple in China creates lots of wealth that lands in the exchequers of both nations, even as the tech itself enhances productivity.

    Apple is, of course, not blind to the growing tension between the two nations. It’s rapidly increasing investments in India and manufacturing hubs elsewhere across the APAC region, evidence of that awareness. But even now the vast majority of its products are made in China. Building a replacement manufacturing ecosystem was always going to take vast amounts of money and time, and it wasn’t merely the pandemic that forced Apple’s operations staff to accelerate investment in manufacturing outside of China.

    It’s complicated

    One thing Apple doesn’t need is for trading conditions to worsen in what remains its biggest market outside the US. The slow move by China’s government to reject iPhone use at work is potentially as significant a problem to the company as the US government’s poorly considered anti-trust litigation against it. Both sets of decisions are likely to hit Apple’s bottom line, even as the gulf between the two nations continues to grow. 

    The race to AI is unlikely to improve things. The US has already taken steps in the form of sanctions to hamper China’s progress in AI development, though the impact seems limited. At the same time, Apple’s decision to introduce its own AI tools first only in the US, and to confirm that the EU will not gain access to them for some time yet, reflects a similar story of disunity as nations vie for tech prominence. 

    Please follow me on Mastodon, or join me in the AppleHolic’s bar & grill and Apple Discussions groups on MeWe.

    Desperate for power, AI hosts turn to nuclear industry

    As data centers grow to run larger artificial intelligence (AI) models to feed a breakneck adoption rate, the electricity needed to power vast numbers of GPU-filled servers is skyrocketing.

    The compute capacity needed to power AI large language models (LLMs) has grown four to five times per year since 2010, and that includes the biggest models released by OpenAI, Meta, and Google DeepMind, according to a study by Epoch AI, a research institute investigating key AI trends.

    graph showing ai training compute trend 2010 to 2024

    Epoch AI

    AI service providers such as Amazon Web Services, Microsoft, and Google have been on the hunt for power providers to meet the growing electricity demands of their data centers, and that has landed them squarely in front of nuclear power plants. The White House recently announced plans to support the development of new nuclear power plants as part of its initiative to increase carbon-free electricity or green power sources.

    AI as energy devourer

    The computational power required for sustaining AI’s rise is doubling roughly every 100 days, according to the World Economic Forum (WEF). At that rate, the organization said, it is urgent for the progression of AI to be balanced “with the imperatives of sustainability.”

    “The environmental footprint of these advancements often remains overlooked,” the Geneva-based, nongovernmental organization think tank stated. For example, to achieve a tenfold improvement in AI model efficiency, the computational power demand could surge by up to 10,000 times. The energy required to run AI tasks is already accelerating with an annual growth rate between 26% and 36%.

    “This means by 2028, AI could be using more power than the entire country of Iceland used in 2021,” the WEF said.

    Put simply, “AI is not very green,” said Jack Gold, principal analyst with tech industry research firm J. Gold Associates.

    Large language models (LLMs), the algorithmic foundation for AI, train themselves on vast amounts of data scoured from the internet and other sources. It is the process of training AI models (i.e., LLMs) and not the act of chatbots and other AI tools offering users answers based on that data — known as “inference” — that requires the overwhelming majority of compute and electrical power.

    And, while LLMs won’t be training themselves 100% of the time, the data centers in which they’re located require that peak power always be available. “If you turn on every light in your house, you don’t want them to dim. That’s the real issue here,” Gold said.

    “The bottom line is these things are taking a ton of power. Every time you plug in an Nvidia H100 module or anyone’s GPU for that matter, it’s a kilowatt of power being used. Think about 10,000 of those or 100,000 of those, like Elon Musk wants to deploy,” Gold said.

    The hunt for power heats up

    As opposed to adding new green energy to meet AI’s power demands, tech companies are seeking power from existing electricity resources. That could raise prices for other customers and hold back emission-cutting goals, according The Wall Street Journal and other sources. 

    According to sources cited by the WSJ, the owners of about one-third of US nuclear power plants are in talks with tech companies to provide electricity to new data centers needed to meet the demands of an artificial-intelligence boom.

    For example, Amazon Web Services is expected to close on a deal with Constellation Energy to directly supply the cloud giant with electricity from nuclear power plants. An Amazon subsidiary also purchased a nuclear-powered data center in Pennsylvania for $650 million, and it plans build 15 new data centers on its campus that will feed off that power, according to Pennsylvania-based The Citizen’s Voice.

    (AWS did not respond to a request for commend from Computerworld at the time of this article’s publication.)

    One glaring problem with bringing new power online is that nuclear power plants can take a decade or more to build, Gold said.

    “The power companies are having a real problem meeting the demands now,” Gold said. “To build new plants, you’ve got to go through all kinds of hoops. That’s why there’s a power plant shortage now in the country. When we get a really hot day in this country, you see brownouts.”

    The available energy could go to the highest bidder. Ironically, though, the bill for that power will be borne by AI users, not its creators and providers. “Yeah, [AWS] is paying a billion dollars a year in electrical bills, but their customers are paying them $2 billion a year. That’s how commerce works,” Gold said.

    “Interestingly enough, Bill Gates has an investment in a smallish nuclear power company that wants to build next-generation power plants. They want to build new plants, so it’s like a mini-Westinghouse,” Gold said. “He may be onto something, because if we keep building all these AI data centers, we’re going to need that power.”

    “What we really need to do is find green AI, and that’s going to be tough,” Gold added.

    AI as infrastructure planner

    The US Department of Energy (DOE) is researching potential problems that may result from growing data center energy demands and how they may pose risks to the security and resilience of the electric grid. The agency is also employing AI to analyze and help maintain power grid stability.

    The DOE’s recently released AI for Energy Report recognized that “AI itself may lead to significant load growth that adds burden to the grid.” At the same time, a DOE spokesperson said, “AI has the potential to reduce the cost to design, license, deploy, operate, and maintain energy infrastructure by hundreds of billions of dollars.”

    AI-powered tools can substantially reduce the time required to consolidate and organize the DOE’s disparate information sources and optimize their data structure for use with AI models.

    The DOE’s Argonne Lab has initiated a three-year pilot project with multiple work streams to assess using foundation models and other AI to improve siting, permitting, and environmental review processes, and help improve the consistency of reviews across agencies.

    “We’re using AI to help support efficient generation and grid planning, and we’re using AI to help understand permitting bottlenecks for energy infrastructure,” the spokesperson said.

    The future of AI is smaller, not bigger

    Even as LLMs run in massive and expanding data centers run by the likes of Amazon, IBM, Google, and others are requiring more power, there’s a shift taking place that will likely play a key role in reducing future power needs.

    Smaller, more industry- or business-focused algorithmic models can often provide better results tailored to business needs.

    Organizations plan to invest 10% to 15% more on AI initiatives over the next year and a half compared to calendar year 2022, according to an IDC survey of more than 2,000 IT and line-of-business decision makers. Sixty-six percent of enterprises worldwide said they would be investing in genAI over the next 18 months, according to IDC research. Among organizations indicating that genAI will see increased IT spending in 2024, internal infrastructure will account for 46% of the total spend. The problem: a key piece of hardware needed to build out that AI infrastructure — the processors — is in short supply.

    LLMs with hundreds of billions or even a trillion parameters are devouring compute cycles faster than the chips they require can be manufactured or upscaled; that can strain server capacity and lead to an unrealistically long time to train models for a particular business use.

    Nvidia, the leading GPU maker, has been supplying the lion’s share of the processors for the AI industry. Nvidia rivals such as Intel and AMD have announced plans produce new processors to meet AI demands.

    “Sooner or later, scaling of GPU chips will fail to keep up with increases in model size,” said Avivah Litan, a vice president distinguished analyst with Gartner Research. “So, continuing to make models bigger and bigger is not a viable option.”

    Additionally, the more amorphous data LLMs ingest, the greater the possibility of bad and inaccurate outputs. GenAI tools are basically next-word predictors, meaning flawed information fed into them can yield flawed results. (LLMs have already made some high-profile mistakes and can produce “hallucinations” where the next-word generation engines go off the rails and produce bizarre responses.)

    The solution is likely that LLMs will shrink down and use proprietary information from organizations that want to take advantage of AI’s ability to automate tasks and analyze big data sets to produce valuable insights.

    David Crane, undersecretary for infrastructure at the US Department of Energy’s Office of Clean Energy, said he’s “very bullish” on emerging designs for so-called small modular reactors, according to Bloomberg.

    “In the future, a lot more AI is going to run on edge devices anyways, because they’re all going to be inference based, and so within two to three years that’ll be 80% to 85% of the workloads,” Gold said. “So, that becomes a more manageable problem.”

    Boeing and the perils of outsourcing mission-critical work

    Around and around Starliner goes, and when it comes down, nobody knows. What we do know is that thanks to poor development and engineering, Boeing’s stock will come down soon.

    I remember a time when Boeing was one of the top American companies. Indeed, it was the very model of a modern technology enterprise. Then things changed. In 1997, after its merger with McDonnell Douglas, the company prioritized financial engineering over actual engineering and MBAs over aeronautic engineers.

    Thereafter, one questionable decision after another was made, and corners were cut. The result? A once-proud American manufacturer is now better known for fatal crashes of its 737 Max 8 planes in 2017 and 2018 and this year’s explosive midflight loss of a 737 Max 9 door plug. These are the results of bad engineering and lousy quality assurance.

    Now, as I write this, I see that Boeing’s Starliner spaceship remains parked at the International Space Station. When will it come down bearing its astronauts, Butch Wilmore and Suni Williams? I don’t know. They certainly don’t know. None of us know.

    Just don’t say they’re stranded. Boeing’s vice president for its Commercial Crew Program, Mark Nappi, insists, “We’re not stuck on the ISS.” Uh, folks, they’re stranded, and the astronauts are stuck.

    I doubt very much that they’ll be coming down on Starliner. Just getting to ISS, five of Starliner’s 28 thrusters stopped working due to helium leaks. NASA engineers got four thrusters to work again … and discovered four more leaks. That’s five known leaks to date.

    While the astronauts get more time in space than they ever planned, down here on Earth at NASA’s White Sands Test Facility in New Mexico, they’re testing an identical thruster to work out what’s going on and how to fix it.

    I wish them luck. Personally, you couldn’t get me back on Starliner for love or money. I worked at NASA’s Goddard Space Flight Center (GSFC) mission control during the Challenger disaster. That was more than bad enough.

    Instead, I suggest the astronauts hitch a ride with the SpaceX Dragon Crew-9, which is still docked at ISS.  

    This episode may be the straw that will break Boeing’s back.

    Lessons for tech leaders

    What does all this have to do with your business and technology? A lot.

    What your company does may not be a matter of life and death, but your customers still expect you to do your best for them, not your stockholders. For too long, businesses have labored under the delusion that shareholder wealth is more important than the creation of stakeholder value.

    The result is that companies prioritize their next quarter’s results over the overall health of their business. Specifically, Boeing didn’t just cut the fat from its teams; it also cut and outsourced its muscle. Financial engineering should never trump actual engineering. 

    For example, quality assurance went out the window. Instead of testing, testing, and then testing again, Boeing neglected this fundamental principle of both software and hardware engineering. Make sure you don’t.

    In particular, if something is mission-critical, treat it that way!

    Take, for example, the very fuselages of the 737s. In 2005, Boeing cut costs by selling its Witchica-based manufacturing site to Onex, a private equity firm that buys struggling businesses, slashes costs, and resells them. There went years of experience and a quality-first culture.

    That plant would re-emerge as Spirit AeroSystems, Boeing’s third-party manufacturing partner. Whether Boeing overseeing its quality assurance would have improved anything is an open question, but there can be no doubt that Spirit’s products were shoddy and second-rate under a cost-saving mandate.

    Never, ever outsource mission-critical work. What Boeing used to do best was engineering and manufacturing. I don’t know what your company does best, but neglecting your expertise to cut costs is a fool’s move.

    Now Boeing has repurchased Spirit for about $8.3 billion. The company finally has figured out it can’t fix its problems without fixing its fundamental manufacturing problems. Somehow, I think Boeing would have done better if it’d never spun out its major manufacturing side in the first place.

    The moral of the story? Never let MBAs driven by the bottom line take over an engineering company building airplanes and spaceships. The same’s true for your company. Yes, make profits for your owners, but never forget that long-term success comes from putting quality work for your customers first.

    What is Contact Key Verification and how is it used?

    Many business professionals require highly secure messaging solutions, particularly when they travel. Apple’s iMessage offers a secure identity verification system that enterprise professionals might find useful. It’s called Contact Key Verification.

    Apple announced the system in 2022. It went live across the Apple ecosystem in late 2023 with the release of iOS 17.2, iPadOS 17.2, watchOS 9.2, and macOS 14.2.

    What is Contact Key Verification?

    Contact Key Verification is an iMessage feature that helps users verify each other’s identity. It is “designed to detect sophisticated attacks against iMessage servers and allow users to verify that they’re messaging only with whom they intend,” Apple says.

    Who is it for?

    Apple says its system is for the same essential group of people it already protects with Lockdown Mode — that is, “users who face extraordinary digital threats, such as journalists, human rights activists, and members of government.”

    What problem does Contact Key Verification solve?

    While iMessage chats are end-to-end encrypted, that security relies on a third-party “Key Directory Server” to authorize devices. That makes the Key Directory Server a potential target for criminals and surveillance.

    The problem comes in the event a powerful entity manages to compromise the security protection of that server; once they have done so, it becomes possible to intercept or monitor messages, or even enter the conversation. (This could be a particular concern for people in politics, human rights activists, journalists, businesspeople and others.)

    Contact Key Verification helps secure the transaction.

    What does this mean for iMessage?

    What this means for a user is that Contact Key Verification lets you add a manual verification step inside an iMessage conversation to confirm the person you are speaking with is who their device claims they are.

    • The system requires you and the other party read a short verification code to each other, either in person or during a phone call.
    • Once you have both validated the conversation, your devices maintain a chain of trust.
    • That chain means no private encryption data is shared, including to Apple.
    • The idea here is that the system will spot if anything changes in the encryption keys, and you’ll be given a warning that something may have gone awry.
    • The feature also offers users the chance to compare a contact verification code in person, on FaceTime, or through another secure call.

    How does Contact Key Verification work?

    As we know, iMessage’s end-to-end encryption means only the sender and recipient of a message can read it. This is achieved because each device in a user’s iMessage account has its own set of encryption keys that are never used on anything else. When a person wants to share an iMessage, the system consults the key directory service to authorize the devices so they can communicate; that’s the vulnerability that might be exploited (as shown above).

    To resolve this, iMessage Contact Key Verification uses a mechanism called Key Transparency (KT). Apple explains this “uses a verifiable log-backed map data structure, which can provide cryptographic proofs of inclusion and be audited for consistency over time.”  That’s the function of the spoken code word exchanged between two trusted parties.

    Apple has a tech note describing the cryptographic tools used to enable this security protection available here.

    What happens if the system spots an anomaly?

    If a device in the chain detects a validation error, the person owning the device that spots the problem will be notified about the error directly in the Messages conversation transcript.

    How to turn on Contact Key Verification in iOS

    First, make sure your phone is running iOS 17.2 or later. You enable Contact Key Verification within Settings.

    1. In Settings, tap your name to access your Apple ID settings.
    2. Scroll down the subsequent page and toggle Contact Key Verification to On.
    3. A warning notice will appear. This tells you what the feature does and informs you, “In conversations with people who also have contact key verification turned on, you will see a message if contact key verification detects an issue or is turned off.”
    4. If you have other devices signed into your Apple ID, you’ll have to update them to a compatible software version, disable iMessage on those devices, or remove the devices from your Apple ID.

    Once you have set up the system, you will have your own personal verification code accessible from within Settings. This is unique to you and your device and will be required to secure any future iMessage communication with others.

    How to verify a contact in iOS

    Both you and the person you want to verify must have Contact Key Verification turned on. You’ll want to be in live contact with the other person via phone call, FaceTime, or in person.

    1. Launch the Messages app and open a conversation with the person you want to verify.
    2. Tap the person’s name at the top of the screen, scroll down on their information page, and tap Verify Contact.
    3. The other person should do the same thing on their phone at the same time.
    4. When you’ve both tapped Verify Contact, you should each see a contact verification code. Compare the two codes. If they match, tap Mark as Verified, then tap Update to save the code to their contact profile. If the codes don’t match, tap No Match and stop texting the person.

    Once you’ve verified a contact, you’ll see a checkmark next to their name in Messages.

    Does Contact Key Verification work with SMS?

    No. Contact Key Verification will not work with SMS messaging — so if you see a green bubble, you cannot assume the communication is secure.

    This article was originally published in November 2023 and updated in July 2024.

    Cloudflare offers simpler way to stop AI bots

    Content distribution network Cloudflare is making it simpler for customers who have had enough of badly behaved bots to block them from their website.

    It’s long been possible to prevent well-behaved bots from crawling your corporate website by adding a “robots.txt” file listing who’s welcome and who isn’t — and content distribution networks such as Cloudflare offer visual interfaces to simplify the creation of such files.

    But faced with the arrival of a new generation of badly behaved AI bots, scraping content to feed their large language models, Cloudflare has introduced an even quicker way to block all such bots with one click.

    “The popularity of generative AI has made the demand for content used to train models or run inference on skyrocket, and although some AI companies clearly identify their web scraping bots, not all AI companies are being transparent,” Cloudflare staff wrote in a blog post.

    According to authors of the post, “Google reportedly paid $60 million a year to license Reddit’s user generated content, Scarlett Johansson alleged OpenAI used her voice for their new personal assistant without her consent, and most recently, Perplexity has been accused of impersonating legitimate visitors in order to scrape content from websites. The value of original content in bulk has never been higher.”

    Last year, Cloudflare introduced a way for any of its customers, on any plan, to block specific categories of bots, including certain AI crawlers. These bots, said Cloudflare, observe requests in sites’ robots.txt files, and do not use unlicensed content to train their models, nor gather to feed for retrieval-augmented generation (RAG) applications.

    To do this it identifies bots by their “user-agent string” — a kind of calling card presented by browsers, bots and other tools requesting data from a web server.

    “Even though these AI bots follow the rules, Cloudflare customers overwhelmingly opt to block them. We hear clearly that customers do not want AI bots visiting their websites, and especially those that do so dishonestly,” the post said.

    The top four AI webcrawlers visiting sites protected by Cloudflare were Bytespider, Amazonbot, ClaudeBot and GPTBot, it said. Bytespider, the most frequent visitor, is operated by ByteDance, the Chinese company that owns TikTok. It visited 40.4% of protected websites, and is reportedly used to gather training data for its large language models (LLMs), including those that support its ChatGPT rival Doubao. Amazonbot is reportedly used to index content to help Amazon’s Alexa’s chatbot answer questions, while ClaudeBot gathers data for Anthropic’s AI assistant Claude.

    Blocking bad bots

    Blocking bots based on their user-agent string will only work if such bots tell the truth about their identity — but there are signs that not all do, or not all the time.

    In such cases, other measures will be necessary — and enterprises’ main recourse against unwanted web scraping is normally reactive: pursue legal action, according to Thomas Randall, director of AI market research at Info-Tech Research Group.

    “While some software applications exist for web scraping prevention (such as DataDome and Cloudflare), these can only go so far: if an AI bot is rarely scraping a site, the bot may still go undetected,” he said via email.

    To justify legal action against the operators of bad bots, enterprises will need to do more than claim that the bot didn’t leave when asked.

    The best course of action, Randall said, is for “enterprises to hide intellectual property or other important information behind a membership paywall. Any scraping done behind the paywall is liable for legal action, reinforced with a clear restrictive copyright license on the site. The organization must, therefore, be prepared to legally follow through. Any scraping done on the public site is accepted as part of the organization’s risk tolerance.”

    Randall noted that if organizations have the resources to go further, they could consider rate-limiting connections to their site, temporarily automatically blocking suspicious IP addresses, limiting information on why access has been blocked to a message such as “For help, contact support via helpdesk@company.com” in order to force a human interaction, and double-checking how much of their websites are available on their mobile site and apps.

    “Ultimately, scraping cannot be stopped, but hindered at best,” he said.

    How to make the most of Google’s Find My Device Android network

    Losing your phone is one of the most stressful predicaments of modern-day life. We’ve all been there: You pat your pocket, swiftly scan every surface in sight — then suddenly feel your heart drop at the realization that your Android device and all of its contents (including, potentially, all sorts of sensitive company-connected materials) are no longer in your control.

    There’s certainly no scenario in which losing your phone is a good thing. (Understatement of the century, I realize.) But with the advanced and just recently upgraded phone-finding system now built into Android at the operating system level, seeking out and then managing a missing device is more manageable than ever. And despite what some security suite services may try to convince you, you don’t need any third-party software to do it.

    Android’s native Find My Device system can precisely pinpoint any Android device — phone, tablet, watch, you name it. It also works with a new series of special AirTag-like trackers that can be attached to keys, briefcases, and other important items. And it’ll show you your device’s exact location on an interactive map and — when relevant — give you tools to remotely ring it, lock it, or wipe it entirely and send all of its data to the digital beyond.

    Best of all? You have to do shockingly little to get it up and running. It’s mostly just a matter of confirming that the system is active and then remembering how to tap into it if and when the need ever arises.

    So take a few minutes now to learn the ins and outs of how the new Find My Device network on Android works and what it takes for your devices to be discoverable. Then, if you ever have that heart-dropping moment, your phone will be 100% ready — and so will you.

    [Get Googley goodness in your inbox every Friday with my free Android Intelligence newsletter. Three new things to know and try each Friday!]

    Find My Device on Android, part I: Preparation

    Most reasonably recent Android phones should be actively enrolled in Google’s Find My Device Android network by default, but there are a few critical settings that are worth double-checking to confirm everything’s connected.

    First, head into the Location section of your Android device’s system settings and make sure the toggle at the top of the screen is turned on. If it isn’t, Android won’t be able to access your phone’s GPS and thus won’t be able to perform any Find My Device-related location functions.

    Find My Device Android: Location access
    The “Use location” toggle is a critical foundation for Google’s Find My Device Android network to function.

    JR Raphael, IDG

    Next, pull up the Google section of your phone’s system settings and scroll down to the line labeled “Find My Device.” Tap that, then make sure the “Use Find My Device” toggle on the screen that comes up next is activated. And last but not least, tap “Find your offline devices” and consider which of the available options seems most suitable for you and your future finding purposes.

    Find My Device Android: Options
    You’ve got all sorts of options for how your device can connect to Google’s new Find My Device Android network.

    JR Raphael, IDG

    All set? Good. Now, let’s break down what your options are when that dreaded moment becomes reality.

    Find My Device on Android, part II: Action

    The best part about Android’s Find My Device system is that, being a Google product, it’s easily accessible from almost anywhere. If you ever can’t find your phone, choose the most convenient option and go, go, go:

    1. Use the Find My Device Android app on another phone or tablet

    Got an Android tablet — or maybe a secondary phone for some specific purpose? Install the Find My Device Android app on it. In fact, go ahead and do that on all your active Android devices this minute so the app will be there and ready in case you ever need it. As long as you’re signed into the same Google account on the secondary device as you are on your primary phone, finding your phone will be as simple as opening the app, confirming your Google password, and then selecting your phone from the list on the app’s main screen.

    Find My Device Android app
    The official Find My Device Android app is an incredibly easy way to track down any device associated with your Google account.

    JR Raphael, IDG

    From there, you’ll see your phone’s last known location on a zoomable map. And you’ll be able to ring it — for a full five minutes at a time, even if it’s set to silent — and optionally lock it or erase it as needed.

    No secondary Android device? No problem: If you have a friend or family member with an Android phone or tablet nearby, kindly ask them to install the Find My Device app onto their device. Open it and find the option to sign in as a guest. Type in your Google account credentials, and then take a deep breath: Everything you need to find your phone will be right at your fingertips.

    (Side note: The Find My Device Android app is strictly about finding a missing device — nothing more. It doesn’t actually have to be on your device in order for the device itself to be discoverable.)

    2. Pull up Android’s Find My Device website in a browser

    If you don’t have another Android device handy, you can still get to Android’s Find My Device function from any web browser — on a laptop or desktop computer or even an iPhone or iPad.

    The main Android Find My Device site is at google.com/android/find. It’s basically identical to what you’ll get in the Find My Device Android app:

    Find My Device Android: Website
    Google’s Find My Device website puts all your device tracking data at your fingertips in any browser, on any type of device.

    JR Raphael, IDG

    You can also find an alternate version of the Android Find My Device function within Google’s My Account site. That site provides the same basic info but seems to go back further in your device history — so if you’re looking for a device you haven’t used in a while and that device doesn’t come up on the main Android Find My Device site, you might give it a whirl to see if it shows up there.

    And that, my friend, is all there is to it. Consider yourself protected — and you know what? Go get yourself a cookie. You’ve earned it.

    Want even more Googley knowledge? Come check out my free Android Intelligence newsletter to get three new things to know and try in your inbox every Friday.

    Japanese government says ‘sayonara’ to floppy disk

    The Japanese government is finally doing away with 3.5-inch floppy disks, almost two years after it announced its intention to scrap them.

    “We have won the war on floppy disks,” Taro Kono, Japan’s digital minister, told Reuters on Wednesday.

    Kono leads Japan’s Digital Agency, which was set up in 2021 when the roll-out of nationwide COVID testing and vaccination revealed that the government was over-reliant on paper filing and outdated technology, the Reuters article said.

    He promised in August 2022 to do away with floppy disks and CDs in communication with authorities, and in January this year introduced new legislation to promote regulatory reform, as Computerworld’s sister publication Computerwoche reported. Until recently there were about 1,900 regulatory procedures in Japan that required companies to submit additional data in the form of floppy disks or CD-ROMs, Computerwoche said.

    By the middle of last month the agency had “scrapped all 1,034 regulations governing their use, except for one environmental structure related to vehicle recycling,” Reuters reported, and now that too is gone.

    Dwindling market

    And not before time: It’s over 14 years since Sony, one of a handful of companies still selling floppy disks in Japan, said it would halt floppy disk sales in 2011 due to dwindling demand. In 2009, Sony had a 70% share of the Japanese domestic floppy disk market, which amounted to about 12 million disks in total — with a combined capacity of just 17 terabytes.

    But there is still a market for these archaic removable storage media, according to  Tom Persky, who proclaims himself as the “last man standing in the floppy disk business.”

    Persky is the founder of floppydisk.com, a US company that still sells formatted floppy disks and provides a floppy and zip disk transfer service as well as recycling services.

    His customers include hobbyists who want to resurrect old computer games, operators of old manufacturing equipment, and commercial owners of aircraft that are at least 25 years old.

    “If you are an airline and your passengers find out that you are using a floppy disk, that is not good PR,” he said. “But the issue is not whether it is attractive, the issue for me and my customers is, does it work? And does it work better and cheaper than anything else? And for my customers it works better and cheaper than anything else.”

    As for the move made by the Japanese government, Persky said “I am not going to tell them that they are wrong. I am not going to tell them that the floppy disk is the future. What I am going to tell them is, it is a very stable, very well known, very robust, very practical way to solve a problem.”

    Enterprises urged to think carefully about Windows 10 extended support options

    Independent experts have urged businesses to think carefully before relying on third party support for security patches once Windows 10 reaches its end of life in October 2025.

    Upgrading from Windows 10 may be challenging for some businesses because many older PCs may not meet the minimum system requirements for Windows 11. Some software or applications may not be compatible with Windows 11, forcing users to stick with Windows 10 or find alternatives.

    In addition, point-of-sale (POS) terminals running Windows 10 may be difficult to upgrade, presenting a particular challenge for IT professionals in the retail and hospitality sectors.

    As with the retirement of previous versions of Windows, Microsoft is offering enterprises extended support for Windows 10. For commercial customers and small businesses this comes in at $61 per device in the first year, doubling to $122 per Windows 10 device in year two and $244 per device for the third and final year.

    Organisations using cloud-based update management enjoy cost savings, with prices of $45 per user with up to five devices in the first year.

    There’s a big discount for educational institutions that can get extended support for a total of $7 over the maximum of three years.

    Microsoft’s Extended Security Updates offers monthly critical and important security updates to Windows 10 but without access to any new features and only for up to three years.

    Micro-patching alternative

    Acros, a Slovenian company specialising in security updates, announced Wednesday that it will offer enterprise users of Windows 10 extended support under its 0patch brand for up to five years at a lower cost than Microsoft.

    For medium and large organizations, 0patch Enterprise includes central management, multiple users and roles, and comes in at €34.95 (around $38) per device per year, excluding tax. A cut down version, pitched at small business and individuals, 0patch Pro, costs €24.95 plus tax per device per year.

    0patch uses a system of “micro-patches” to address critical vulnerabilities, an approach touted as faster and offering a lower potential for system instability. The vendor has previously offered extended support for Windows 7 and Windows 8.

    The company said it may offer fixes for vulnerabilities that Microsoft leaves unpatched while also providing patches for non-Microsoft products (such as Java runtime, Adobe Reader etc.), as explained in a blog post.

    Gauging risk to reward

    Rich Gibbons, head of market development at IT asset management specialist Synyega, noted that third-party support is an established part of the enterprise software market.

    “Businesses regularly bring in third parties to help patch and maintain their legacy Oracle, SAP and IBM estates, and while it’s not as common with Microsoft, it’s still a legitimate option, and one worth assessing,” Gibbons said.

    “Purchasing extended support packages from Microsoft is expensive and will only go up in price each year. It’s therefore little wonder that more cost-effective options like those offered by 0patch are beginning to gain traction,” Gibbons added

    He advised companies to conduct a full risk-reward analysis to understand if the cost savings are worth selecting alternatives like 0patch rather than purchasing extended support from Microsoft or biting the bullet and upgrading their systems.

    Leaving Microsoft’s ecosystem

    Javvad Malik, lead security awareness advocate at KnowBe4, also urged companies to be careful about opting for third-party support rather than facing the financial and operational burdens of a significant overhaul.

    “The viability of turning to a third party for extended support, as opposed to embarking on the arguably Herculean task of retooling apps and refreshing hardware to embrace Windows 11, is, on the surface, an attractive proposition,” Malik told Computerworld. “However, engaging with a third party for security patches introduces a layer of dependency beyond the control of Microsoft’s established ecosystem.”

    Malik warned that relying on extended support for an extended period might make it more difficult to upgrade in the future.

    “Upgrading from one version to the next is relatively simple when considering upgrading two or more versions up from the current version of any software. So, the cost of delaying an upgrade needs to be evaluated in totality, and not just as a comparison to an upgrade today,” Malik advised.

    In response to this criticism, 0patch co-founder Mitja Kolsek told Computerworld that deferring a costly Windows upgrade can be beneficial whilst admitting that enterprises have to move on eventually.

    “While an upgrade may eventually be inevitable for functional and compatibility reasons, we’re making sure that you’re not forced to upgrade because of security flaws that the vendor won’t fix anymore,” Kolsek explained. “At the same time, five years is a long time and a lot can happen — maybe you’ll be able to skip a version, or start using some other tool altogether.”