Backup your cloudy things

How awesome is it to have a full copy of your “stuff” somewhere out on the internet? Most of your data is already being synchronized (sometimes without your knowledge) to some online service automagically . This is great if you lose or damage your phone or computer, but are these services leaving you vulnerable? If access to everything you own sits behind a single user name and password – then yes. Take the recent story of how Gizmodo got hacked and a much scarier story unfolds: Mat Honan was hacked, hard.  In a matter of minutes someone remotely wiped his iPad, iPhone and Macbook Air – along with it all of his data. To make matters worse the hacker also deleted his google account – and with it his google voice phone number and all other things associated with it. As much as I love “the cloud” I can’t bring myself to rely on those that give a hacker (or malicious employee) the ability to completely demolish my digital life. So I put together a few tips for those who would like to know what we (as digital citizens) can do about it.

  • Stay away from cloud based router management tools. Imagine this: a hacker configures your router so that he can intercept your communications? Not cool. You don’t need to manage your routers using the internet so opt out of this whenever possible.
  • Anything that opens up your LAN to the outside world is risky business – if you need to open up ports for a survaillance system why not segregate that traffic from your actual LAN?
  • Purchase a little NAS with redundant drives to keep your data backed up at home or in your office. Don’t open any ports to it.
  • You should secure all of your devices to the best of your ability. Password locked with full disk encryption, auto lock due to inactivity, firewalled and antivirused.
  • Setup a VPN if you need remote access to your machines – no need to trust some random company with remote access to your computers.
  • Keep at least one device with remote wipe disabled – enable full disk encryption if you need to protect your data Note: the iPhone does not offer full disk encryption but rather a data protection system enabled in the settings which comes with an API for developers. That does not require developers to use this so some of your data may be unencrypted.
  • Keep your cloud backed up. This is a tough one to give instructions for because we have so many different services, options, preferences and interfaces.
  • At a minimum you should use a spare PC/Nas (see: a little NAS above) to backup your gmail or other email service.
  • Apple has a very lengthy article on how to backup iCloud data. Unfortunately they don’t seem to provide an automated method, furthermore the instructions are for OSX only! I’m not surprised.
  • So far AllwaySync is the best tools I’ve found to deep dive into synchronizing your data between services. AllwaySync can backup/synchronize S3, Azure, Google Docs, WebDAV, ActiveSync, Dropbox, Amazon Cloud Drive, Skydrive, as well as SSH/SFTP/FTP.
  • Consider switching to a paid email solution like a $4 / month single user exchange account directly from microsoft. If anything happens to your account you have 24/7 live 24/7 IT-level phone support. That’s worth the 4 bucks right there.
  • Whenever possible setup synchronization / backups to occur automatically. If you have to plug something in you’re going to forget:
If you don’t know how to do any of this but would still like it setup – ask a buddy or hire an IT Guy! Your data is begging you.

Leave questions or thoughts in the comments, thanks.

The Ugly: Fake Tech Support Calls

You’re quite savvy when it comes to computer security, right? You keep your antivirus & other software updated, only surf using HTTPS and never install anything even remotely fishy on your computer.

Maybe that’s why our close enemies the scammers are using another method of leeching off money from unwitting computer users: the good old telephone. It seems they’ve found unwitting marks in people who grew up answering phones instead of tweets, most of whom are not up to speed on technology as the rest of us.

Microsoft did some digging into this:

The Trustworthy Computing Team conducted a survey of 7,000 people, and found that more than 1,000 people had received calls.  Of those 1,000 people, 22 percent of people fell for the scam (234 people total), and 184 of those lost money – on average, more than $800.

Ouch. Let me give you a brief rundown on how they do their dirty work:

  1. They call you up and tell you that your computer is sending error messages and that they have come to fix that for you. They’ll also say they’re from a trusted institution like Microsoft or a local phone company. 
  2. The scammer will walk you through installing remote control software like LogMeIn to be able to take full control of your computer. Your spider sense should be tingling already at this point.
  3. Once he’s behind the wheel, he’ll take you for a ride by installing nasty malware like keyloggers and fake antivirus software.
  4. He’ll then proceed to “clean” this up for you, charging you both for the installation as well as the “service”, a double whammy.
  5. Now that they have your credit card number, they can wreck all sort of havoc. And to add insult to injury, with the remote software that they’ve installed in your computers, they can now also steal other important data from you later on.

Suffice it to say that this entire thing leaves a really bitter taste in my mouth and so I wanted to write about it to help spread the word.

Remember: you will never receive a legitimate call from Microsoft or their partners to charge you for computer fixes.

If someone you don’t know calls you over the phone and asks you to install software, share personal info or pay for something: DON’T! Hang up immediately.

To help put a stop to this completely report them to SANS through this form as well. And please do share this article to your friends, parents, neighbors and grandpas, the more people who know, the better!

 

Patching Made Easy Using Ninite Pro w/ Labtech

I love Ninite as much as the next guy but when I tried to integrate it with our RMM tool it just wasn’t working with the provided scripts.

I really wanted this to work – third party software patching is a real pain – and so we created our own script to run Ninite which has been working without a glitch for us.

Today I’d like to share the script with you guys, hopefully it will save you some trouble in getting the two tools to play well together.

To get the script to work you need to:

  1. Place the Ninite Pro App in the downloads directory of your labtech server: “C:\inetpub\wwwroot\LabTech\CC\Downloads\”
  2. Change the Message Email Address in Both Then and Else. (Line 7)
  3. Change Download Path in Both Then and Else. (Line 4)
  4. Make sure you have your network admin passwords stored and set for clients with Domains.
  5. Change the Apps if you like. (Line 18)

The script is attached here: http://min.us/mx22ojukL

Alternate link: http://dl.dropbox.com/u/6740267/ninite.zip

Please note that due to Labtech’s marketplace / licensing update the script data is encrypted.

Also please note this has not been tested against Labtech 2012 which was just released today. Update: This script has been tested on all versions of Labtech up to 2013 as well as the hosted version of Labtech without issues.

P.s. this script is mostly the work of one of our techs.

The Post Post PC era

The term “Post PC” get thrown around a lot lately and it irks me because it implies that today’s best selling gadgets are not in fact personal computers.

By definition a PC is any general-purpose computer whose size, capabilities, and original sales price make it useful for individuals.

I don’t care about whether your PC runs Mac, Linux or Windows – forget that for a minute: Any personal device capable of installing and running client software is a personal computer (PC).

The post PC era as they call it (PPE) may be rooted to the end of the WinTel era but this isn’t new. I’ve been buying AMD chips for years now and running Linux on top of it to boot. Is an Ubuntu box running an AMD cpu is still considered a PC? I think so.

The truth is that the PPE seems to be nothing more than a clever term made up to classify certain gadgets into their own category.

Take the iPad for example – certainly not the first tablet on the market. The iPad however enjoys a large percentage of the tablet market share.

So why are mobile OS’s still so crippled?

The functionality of mobile operating systems is shameful when put against even the most affordable of desktop PC’s. You just can’t do certain things with a smartphone, period.

Wouldn’t it be nice to just dock your phone when you need a full UI? Just hookup to a full sized monitor and keyboard and you’re presented with your desktop. Boom.

That’s where I think this is going and the PPE is just a passing phase, a fad, a necessary evil to drive the hardware and software to where it needs to be so we can enjoy a more feature rich experience.

The Post PC era is nothing but a deviation in the path that the PC must take to better adapt to human mobility.

The PC isn’t dead – its just getting smaller.

IT Pros – What you need to know about Office 365

Things to know about Office 365 for IT Pros and Partners:

 

  • Office 365 is basically the next version of BPOS but with a much better interface and execution.
  • There are five available versions instead of just one with BPOS.
  • It runs on the 2010 versions of all underlying servers (Exchange, Sharepoint, Lync) instead of 2007.
  • It comes in small business and enterprise versions.
  • It has licensing for “deskless” workers in the enterprise version
  • It is not compatible with office 2003, works ok with 2007, works great with 2010.
  • Inboxes are 25GB and message size limits are 25MB.
  • Offers single sign-on if you sync with AD via Active Directory Federation Services 2.0.
  • Includes Office Professional Plus 2010 in the midlevel and higher tiers of Office 365 subscriptions
  • Includes Office WebApps and the compatibility with MS Office on the desktop is unmatched.

 

 

 

Links for IT Pros and Partners:

 

 

 

Random Tid Bits:
It has been rumored that we are not allowed to virtualize/re-image using an Office Profession Plus USL license.
The most bang for the buck seems to be the E3 version which includes a license to Office Profession Plus.
E3 also includes archiving, unlimited storage and hosted voicemails
Office 365 does not support self-signed certificates.
Office 365 does not support catch-all accounts

 

 

Overall I think Microsoft is doing a beatiful job bringing their solution to the cloud while allowing current IT setups to co-exist with their offering.

Cleaning up temp files – batch script

A lot of cleanup tools like ccleaner fall short when it comes to cleaning up temp files when there are multiple user profiles on the computer.

Considering how long it can take just to launch a Disk Cleanup, an alternative is to run a quick batch script from an admin account to clean up all user’s temp files.

The script below is for IE on windows XP. To support other browsers / operating systems you would have to set up additional path variables and append the lines to actually delete the files at those paths. 

 

If you don’t know what a batch file is you can read more about it.

 

@echo offSET SRC1=C:Documents and SettingsSET SRC2=Local SettingsTemporary Internet FilesContent.IE5SET SRC3=Local SettingsHistorySET SRC4=Local SettingsTempSET SRC5=Cookiesecho cleaning temporary internet filesFOR /D %%X IN ("%SRC1%*") DO FOR /D %%Y IN ("%%X%SRC2%*.*") DO RMDIR /S /Q "%%Y"echo cleaning historyFOR /D %%X IN ("%SRC1%*") DO FOR /D %%Y IN ("%%X%SRC3%*.*") DO RMDIR /S /Q "%%Y"echo cleaning windows temp filesFOR /D %%X IN ("%SRC1%*") DO FOR /D %%Y IN ("%%X%SRC4%*.*") DO RMDIR  /S /Q "%%Y"FOR /D %%X IN ("%SRC1%*") DO FOR  %%Y IN ("%%X%SRC3%*.*") DO DEL /F /S /Q "%%Y"FOR /D %%X IN ("%SRC1%*") DO FOR  %%Y IN ("%%X%SRC4%*.*") DO DEL /F /S /Q "%%Y"echo cleaning CookiesFOR /D %%X IN ("%SRC1%*") DO FOR  %%Y IN ("%%X%SRC5%*.*") DO DEL /F /S /Q "%%Y"del /f /s /q "%windir%temp"FOR /D %%X IN ("%windir%temp*") DO RMDIR  /S /Q "%%X"echo done.Pause

 

 

I miss the old Google

I’m not sure about you but I miss the old google.com. It loaded quickly on any computer, provided results in a split second and generally stayed out of my way when unneeded.
Recently though Google has been adding features left and right and I’m starting to feel a bit claustrophobic.

 

Here are a few features on google.com that I could live without:

1) Hijacking directional arrows – Google search results now hijack your directional arrow functionality so that you can scroll through the results using the Up and Down arrow. Seriously? Maybe if I was browsing with a media center remote or google tv then this functionality would be great, but on my desktop? Give me back my down arrow so I can scroll the page normally. My keyboard came with a tab key which already serves this very purpose.

2) Google instant – For starters it’s slow. Ok Ok it’s not that slow but it is slower. When there are computations / fetching occurring on every single key stroke things will inevitably take longer. The main issue is when you need to perform a second query based on your original results.

3) Site previews - There should be a way to prevent this with a popup blocker because that’s exactly what it is! I just want to read the search results so I can choose the right site, please get out of my way with your pop ups.

4) Geolocation - One day when vendors all have live local inventory data available to google products this will be an awesome feature. Even then I only want this feature on Google Products or Google Maps where it really matters. When I search google.com I’m just trying to search the internet for information. I have no problem typing “los angeles” to the end of my query to get localized results.

What am I doing about it?

Although these features can be disabled one way or another I set out to get my old google back once and for all.

Turns out that you can disable a lot of advanced features on google.com by simply browsing with Internet Explorer 6 *gasp*.

IE6 is an old browser with shotty support for the underlying technology google uses for these new features (namely HTML5) so if you’re on IE6 google disables those features for you automatically. Ok hang on. I’m not suggesting you should switch to IE6 as your browser, by all means I think IE6 should die. For some IE6 is already dead.

The trick is modifying your browser’s user agent string back to IE6. This basically tricks google (and other sites) into thinking you’re using IE6, which in turn disables features that would be incompatible with IE6. Here’s google’s official statement on phasing out support for IE6, which is why this trick works.

Below I’ve outlined the steps required to change your user agent, as well as how to change it back if you don’t like it. Let me know if you have any questions!

How to change the user agent string to IE6 in Firefox:

1) Enter about:config into the address bar and hit enter

2) In the filer type in general.useragent.extra.firefox and hit enter

3) Double click on the result with preference name of: general.useragent.extra.firefox

4) Replace the content of the popup box with MSIE 6.0 and click OK

All set. If you want to go back to normal simply follow steps 1 and 2 then right click on general.useragent.extra.firefoxand choose Reset.

 

How to change the user agent string to IE6 in Google Chrome (tested on windows only): 

1) Drag a shortcut for Google Chrome to your desktop if you don’t already have one

2) Right Click on the shortcut and go to Properties
 3) In the text field named Target place the following text after the information already in place:  –user-agent=”MSIE 6.0″
4) Make sure you have a space between chrome.exe and the –user-agent flag and click OK.

 

To go back to normal just delete the shortcut you created or don’t use it – your other shortcuts should still have the default user agent string.

 

 

*********************************************************************************************************************************************************************
A tip to the Google team:

 

Why not just offer a trailing character that disables advanced features automatically?

 

For example if I need to search for “john wayne quotes” but don’t want any advanced features I could type “/john wayne quotes” instead.

 

In this case the “/” character would tell google.com to disable those features so that my results are cleaner and faster. The “/” character is ignored by google either way so it would put it to good use :)

Android Tip: Handling vCards in Froyo (android 2.2)

So you received a vcard (vcf file type) via gmail and the app gives you no option to save/download the attachment.

The option to preview the file fails.

Here’s a 5 step workaround for grabbing the attachment and importing it to your contacts:

1) Open gmail from the browser and find the message containing the attachment. Here you have an option to download the file to the SD card.

2) Open up the contacts app, hit the menu key and click import/export

2a) if you have multiple accounts, it will ask which account to import to. Choose one.

3) The contacts app will scrub your SD card for vCards. Be patient: The more data on the SD card the longer it will take.

4) If the contact app finds more than 1 vCard it will ask you if you want to import one or multiple. Pick one. If you pick 1, then it will give you a list of vCards to pick from, pick one.

5) All set, the contact app will import the contact you’ll just have to do a search to find it.

Hope this helps. If you know of a easier way to handle vcards in Android I’m open to suggestions!

Error: Cannot start Microsoft Office Outlook. Cannot open the Outlook window.

This problem occurs when file that maintains the Navigation Pane settings in Outlook 2007 becomes corrupt.

It’s a quick and easy fix:

Start —> run..    then type the following in the run command (sans quotes):     “Outlook.exe /resetnavpane”

Note: If you are using Windows Vista or Windows 7 “Run…” is no longer in the start menu. It can be found in Start > All Programs > Accessories.