Skip to content

Update time

download    I’ve recently taken a new job with an IT service provider. So I’m in the process of getting set up on their systems (and probably soon on their clients’ systems).

I’ve got my first ever Outlook and Office 365 account. So I’m learning the Outlook web interface. It’s similar to GMail but there are always a few “where did they put that option” and “why in heck does it do that” surprises.

I installed Office 2016 to replace the Office 2007 I had inherited from a previous employer. Some learning there.

And to top it off I uninstalled Open Office, which hasn’t received any updates since 2016, and replaced it with LibreOffice.

And, if it ever succeeds, my iPhone is trying to install an iOS update.

I don’t know if I’m ready for the new role but at least my tech will be!

 

Advertisements

Are you ready for the next Hurricane, Flood or Sharknado?

flood

With today’s tech it’s easier than ever before to set your work life up so you can carry on in the face – or at least in the aftermath – of any natural disaster.

The key principle is to get serious about abandoning local storage and keeping everything that you need to function in the cloud. What does that entail?

Store all your files – documents, images, videos, etc. – on a cloud service you can access from any device. Google Drive, Microsoft 365, Dropbox and Box are common examples of such a service. You can set the cloud storage to synchronize to local copies on your primary computer so that once you’ve set up the cloud drive there’s no change to the way you work, you just need to switch from using the local Documents folder to a different folder that the service will create for you.

Be careful about proprietary or uncommon file formats. It won’t help you to have access to your files if you need a special program to use them and you don’t have that program for the new/temporary/borrowed device you’re on. When in doubt, get in the habit of saving finished documents as pdf to ensure you can access them from any platform.

Make sure your email stays in the cloud. If you use web-based email, such a Gmail, then you’re all set. If you prefer local email, such as Outlook, Mail on the Mac, or Thunderbird, then you need to make sure you’ve set the mail program to leave messages on the server (usually much easier to manage with IMAP than with the older POP standard). And you need to know how to access the messages when you don’t have your primary computer or mobile device available. Most mail providers now offer web access.

How will you know how to find everything when you sit down at a new device? You will need to memorize at least a couple of passwords. But the most imporant one is to your password manager or whatever home-grown variation you choose. Once you get the user name/password/url information back you will have access to everything you’ve put in the cloud. Remember you may have to provide that information for all the services for which you saved the passwords in your keychain or browser. (Increasingly you may not – with iCloud or Chrome you can usually rely on them being there once you’re logged in on a new system. But allow for the time that fails you.).

Finally, test regularly. Are your files really syncing to the cloud? Will your documents really open on another OS? In another program?

Once you’re confident in your ability to access your stuff from anywhere on any device you’ll have one less thing to worry about in case of a true disaster. You can also take advantage of the same capabilities in the normal course of events. Leave the laptop behind on short trips knowing you can sit down at any computer (a client’s machine, a hotel’s business center, etc.) and get your stuff. Instead of saying “I’ll get that to you as soon as I’m back at my desk,” you can say “Can I sit at your computer for a minute and grab it for you?”

One final security tip – be sure to NOT save your passwords on borrowed machines and to log out of any system you log into on a shared machine. On public computers it’s best to erase all history and cookies before closing the browser.

Questions or comments? Please leave a comment below or reach out via our contact page.

 

My Summer Vacation

Browns Lake, Burlington, WII just returned from a week’s trip to Wisconsin. It was a combination of helping an elderly relative complete the move out of her apartment into a nursing facility, visit with other family, and vacation. A few tales and observations:

We were supposed to fly, LGA to MKE on Southwest. But the flights were cancelled with no notice (i.e. we checked in the night before, got no update from Southwest, and showed up at the airport to find the flights cancelled). Since the lack of aircraft was blamed on storms the day before the late scratch was, at the least, poor customer service. And the lack of an email or text was egregious.

In any case, no alternate seats were available for three days so we decided to drive. Making that decision first thing in the morning before leaving for the airport would have saved us six hours or more. Leaving on a long car trip from LaGuardia airport on a Friday afternoon is not a good plan!

The first thing we learned from the trip was that I-80 is under construction pretty much from New Jersey through Indiana! We came back through the Southern Tier of New York along I-86. Not only was there very little construction delay but it’s a beautiful drive.

A second learning is that the days of stopping whenever you get tired and looking for a motel room are passed. Make reservations! We learned the hard way. And thank you to a very nice hotel night manager in Erie, PA, who made calls for us near midnight until he finally found an available room for us 40 miles away.

What else?

  • Even a single woman with no kids can accumulate a lot of stuff living in an apartment for over 40 years.
  • Everyone, but especially as we get older, make sure all your insurance, investments and income are well documented in a place others can find and understand it easily.
  • We spotted license plates from every one of the lower 48 states except New Mexico, as well as Ontario and Quebec.
  • Some great local beer in Wisconsin. Recommend New Glarus Totally Naked. New Glarus Totally Naked

TP-Link Archer C9 Wireless Router

As noted in a previous post I’ve started checking the security status and general well being of my home office gear and upgrading where needed.

I recently decided to replace my home office router. It was a Netgear WGR614v10. It still did the job but I was having trouble getting older devices to grab and hold a WiFi connection, had some strange hiccups on the laptops that could have been router related, and, most importantly, it was not clear that firmware to address the latest threats was being pushed out regularly. It also did not support newer high speed WiFi standards, had no provision for a guest network, and no way to share out a printer.

So I went looking for a replacement. I wanted to address the issues identified above but still stay in the home office price range. I found a few sources that recommended the TP-Link Archer C9. I found it for US$110 on Amazon so that seemed a safe choice.

Set up was straightforward although, as some of the reviews pointed out, you need to wait for a lot of reboots if you’re doing anything but the most basic setup.

So far so good. It didn’t help much with getting my original iPad Mini to hold a WiFi connection but everything else seems to have been checked off.

I upgraded it to the latest firmware (October 2016). The process of downloading the firmware from their website and then installing it was straightforward but it would be nice if you could just hit a “check for updates” button in the web console and not have to download it manually from a separate browser window.

Again, the takeaway is to pay attention to what you’re running – especially the stuff that “just runs” and so never gets looked at. It’s usually fairly cheap and painless to move something better and more current and avoid the risk of something failing or falling victim to a security breach (which always happens at the least convenient moment).

 

But it still runs

Suse

The recent spate of malware attacks caused me to check on the security status of the various machines on the home/home office network that sit quietly doing their business without regular attention being paid to them. One of those is a machine used primarily as a file server. It’s a Linux box running Samba which raised issues with the recent SMB attacks (security notice from samba.org ).

My Samba install was too old to patch, so I went to find an update, which meant updating the web browser, which finally got me to check the operating system and hardware and realize that the server had been doing it’s job just fine but was too long in the tooth to keep going in the malware age. It’s running SUSE Linux Enterprise Server 10 (only 11 years old) but on an AMD Athlon and 1GB of RAM. I could probably get a current lightweight Linux to install on that hardware but I think I should throw in the towel and replace the server with something more current.

The point of this post is not to highlight my tendency to hold onto stuff, but to comment on a new reality. There was a time when working and filling a need was justification for keeping a machine in use. In the current reality security concerns change the equation.

When I was coming up in the IT world it was common to share stories about servers that had been walled in and forgotten and found years later but still running and in production the whole time. My server is not quite in that category but it was purchased in 2007, a then year-old OS was installed and it was put into use and that was pretty much it. There’s disk space left, it’s fast enough for what it does and I have a central place for my files. But in the modern world it’s a security disaster waiting to happen. Even with good patching practices, operating systems lose support and there is often no way to upgrade on old hardware.

Maybe if I can just find that old NetWare box inside a wall that will solve my problems…

Four Lessons from the recent ransomware attack

What can computer users and small businesses learn from the recent widespread ransomware attack?

One: Back up everything regularly! This is the most important lesson. Ransomware and most computer attacks destroy the information on your computer. If you have a good current backup of everything the worst you will lose is a little time as you reinitialize your computer and restore your data.

Most recent computers come with a CD, USB device or boot option to reset the machine back to the way it was when you first bought it. From there just run the restore option for your backup system. For Windows users doing manual backups you may have to first install any software you had installed, then restore your files.

Two: Patch your operating system. Every operating system, whether Microsoft Windows, Macintosh OSX or any distribution of Linux, receives regular security and bug-fix updates from the publisher. Check to be sure that your system is set to receive those updates automatically and that the feature is actually working (check your update history). In this latest attack Microsoft had already released a fix for the flaw being exploited, so the only machines affected where those that didn’t have the patch applied.

Some people like to wait to apply patches. They may fear that the automatic updates may introduce unintended problems or just like to feel in control. That was a legitimate concern at one time, and it’s reasonable for large organizations with big IT staffs to test and distribute updates. But for the rest of us the risk has become too great. You need the operating system updates, at least the security updates, as soon as they’re available.

Three: Don’t run unsupported operating systems unless you really need to. In practice that means update or replace any computer running Windows XP, Windows Vista or Windows 8. Unsupported means they don’t receive updates and you generally can’t get any support from the publisher. But it doesn’t mean they’re immune from newly discovered or newly exploited security flaws.

The only reason to run these older systems is if you have older software or hardware that won’t run with newer systems. If that’s the case you should at least be aware of the risks. Take extra precautions and don’t use the older machines for general-purpose computing. Only use them for the needed functionality.

Four: Use antivirus and antimalware software. Some products are better than others but the best system is one that is recently updated and running. For most users the free software included with Windows, such as Windows Defender, is adequate for virus protection. You can supplement your protection with a malware product such as Malwarebytes. Again the key is to make sure it’s up to date and used. Pay attention to the status icon(s) for your security software. If it gets turned off without your knowledge you may have a problem, or it may just be a one-time glitch, but you need to turn it back on and run a scan ASAP.

The bottom line: It pays to take precautions but eventually we all get stung by an attack, a scam, or simple hardware failure. Planning for recovery in advance makes it much less stressful, and potentially much less costly, when things eventually go wrong.

(In)Security in the Air

File_000 (1)I recently did a round trip on Delta – short domestic flights on Airbus A320. Both flights had WiFi from gogoinflight. You can use the WiFi for free for in-flight entertainment and flight information, or pay for Internet access.

I was somewhat surprised to see that even connected just for the free services a scan from my iPad (Fing) appeared to reveal the manufacturer and MAC address of  every connected device on the plane. For some devices it also revealed the owner’s name. All manner of hacking was, at least theoretically, available to anyone so inclined. I tried it on both legs of the trip, same results.

I also tested in my hotel, to confirm this was not expected behavior. A scan there, on the hotel’s free WiFi, revealed only my own device and the router.

Just thought folks might want to be aware of this potential exposure.