• VMUG Conference

    I used to go to a lot more of the Kansas City VMUG meetings back before I became a consultant (and had more control over my own schedule) but when I saw there would be a full day event (and that the headline speaker would be Steve Woznaik) I made sure to block the day off on my calendar.

    The conference was really well put together, kudos to the KC board members and everyone else involved with pulling it off. The atmosphere was described as “VMworld-like” and I’d have to agree.

    In addition to Mr. Woznaik, there was a nice sprinkling of rock stars from the VMware community. @scott_lowe was there giving a presentation on how to be more organized (should have taken notes), @andreleibovici gave some interesting insights into the future of virtual end user computing, and Mr. Irish Spring (who goes by @irishyespring on Twitter but doesn’t tweet much) was there.

    Irish Spring kind of sold me on VMware. Mid-2000s when I was just getting settled into my first real system administration job, I went to a presentation by Irish on (among other things) virtual desktop infrastructure. At the time, my position involved building desktop images for the university, and providing a big chunk of tier 3 support to our help desk and desktop support people. We’d just started to get our feet wet in virtualization the summer before, and prior to Irish’s presentation I’d never even considered virtualizing desktops. I came away from that meeting really jazzed up about VMware. I knew the issues our team was struggling with as well as the issues our faculty and staff struggled with when it came to computer labs. I went home and spent the rest of the evening essentially architecting and putting together the proposal to my boss that would eventually be Rockhurst University’s VDI project. This is the project that led to all the accolades and awards for me and the university. But that’s another story.

    Irish, his energy and enthusiasm, rubbed off and made me go out and do some really great things. It was ironic that the center of his speech at the crowd was getting your head out of IT and into the business processes to see how you can use your knowledge to advance the business. (Before the business processes feel they need to come help synergize IT.) He spoke a lot about using the “big brains” we have to do more than just patch servers. IT people get to see the underbelly of the beast, and can do more than just be gatekeepers by helping to see things from the viewpoints of different stakeholders.

    I couldn’t agree more.

    Thursday December 13, 2012
  • Steve Jobs

    One hundred years from now, people will talk about Steve Jobs the same way we do of Alexander Graham Bell, Thomas Edison, Henry Ford and the Wright brothers. Perhaps, as my friend Chris helped pointed out, he was a mix of Edison and John Lennon. Maybe he was a bit like Walt Disney, or Jim Hensen, a man who was personally tied to the brand he created.

    Regardless, he was an an inventor, a visionary, a man full of ideas. He was more than just any businessman, CEO to Apple, he personally held patents for many of the technologies used in their products. He was the perfect mix of creative genius and salesman. In the tech world, Steve Jobs was elevated to near deity-like status, but as cancer proved, he was still just a man.

    Every CEO of every company on the planet should pay attention to this right now and ask themselves, “why won’t this happen when I die?” (@jayfanelli)

    I tried to sit down and put together my thoughts on his passing last night, but couldn’t. I was too overcome with the emotions pouring out from people across the world on Twitter. I shared some of my own but it was interesting to watch the wake for a man happen in real time from people all across the world. People who loved and hated him all had emotions to share.

    Even President Obama had something to say:

    The world has lost a visionary. And there may be no greater tribute to Steve’s success than the fact that much of the world learned of his passing on a device he invented. Michelle and I send our thoughts and prayers to Steve’s wife Laurene, his family, and all those who loved him.

    But I’m not sure those outside of the technology community could really feel the impact the way we all did. My wife didn’t understand last night why I was grieving for a man I’d never met, the founder of a company that now rivals ExxonMobil as the world’s largest. Without meeting him, Steve Jobs had a profound impact on my life. I credit him (and Bill Gates) for sparking my interest in technology… for making me what I am today.

    The first computer I ever used was an Apple II when I was in kindergarden. Later, I learned how to do amazing things on some of the first Macintosh systems. I used to skip recess to go down to the elementary school library so that I could learn on devices that he helped create. And while my family can attest to later holding Apple and their products in contempt through much of the mid-90s, while pounding the drum of Microsoft, I later came back to the “distortion field” as Steve brought real innovation back to the industry.

    The Apple II, the Macintosh, Pixar (who doesn’t love Toy Story), iPod, iPhone, iPad, iTunes. Disruptions to the status-quo. Disruptions that are all because of the leadership and creative mind of Steve Jobs. I don’t remember much about what computers were like before the Apple II or the Mac, but I know what movies were like before Pixar. I know what buying music was like before iTunes and the iPod. I know what phones were like before the iPhone, and I love my iPad. I wouldn’t want to go back to a world before the things Steve created, existed. Even if you’re a hardened Android fan, you have to remember what smartphones were like before the iPhone and thank Apple and Steve Jobs for setting a new trend. Even if you’re a Microsoft fanatic, you have to thank him for keeping Bill on his toes for all those years, and forcing each other to continue to innovate.

    In my article last week, prior to the announcement of the iPhone 4S, I said this:

    I still maintain that Steve Jobs will be present at the announcement, even after his recent retirement as Apple CEO. I think he will be there to hand it off to Tim Cook in some way, or perhaps participate in some FaceTime chat to highlight a new iOS 5 feature. At the very least, his presence will be felt.

    There was an empty chair, in the front row of the hall, with a cloth wrapped around it marked Reserved. That was no doubt a chair for Steve, one he wouldn’t be in because of what we all now know. I think Apple knew this was coming soon, and probably played the announcement a bit low-key as to not attempt to overshadow what could have probably happened any day. That said, I have no doubt that Steve wanted to see one last keynote, one last product launch, before he passed on. His presence was felt. His presence will continue to be felt with every future Apple product.

    At 56, Steve Jobs did more than most people do in 90 years. He was the original Apple genius, a master showman, and the original tech virtuoso. He will be missed.

    Wednesday October 5, 2011
  • AT&T Fun

    I’ve had AT&T’s U-verse service since October 2009, the day we moved into our house. At it’s heart, it’s really a fantastic service offering… IPTV, whole home DVR, advanced DSL, all wrapped up into a nice package. But for the last 6 months I’ve been struggling with a lot of different issues ranging from broken DVRs, freezing TV signal to Internet connections that go away at random. While the issues have not been persistent enough to track down an exact cause, they’ve been frustrating.

    The other day, after watching Face Off on HBO (for the first time, I know) and getting right to the climax of the movie, the whole TV signal froze and wouldn’t come back. It was 1AM and my wife was already sleeping, so I muted by frustration and went to be deciding to look into alternatives the next day.

    Monday, I called up the two traditional cable providers in the area looking for pricing. Then, I hit Twitter with my plan:

    Thinking of dumping AT&T U-verse for Surewest, anyone in KC area have any experience with them?

    I actually didn’t get any responses from Surewest customers. What I did get was a little more surprising.

    1. A reply from Ron, a Surewest social media manager saying hi. Fairly standard stuff. (see here)
    2. A reply from an AT&T social media manager, asking for my phone number. This was a little more interesting. (see here)

    I decided to DM my number to the AT&T manager, figuring what could it hurt? A little while later I get a call from a Jessica. She asks me what my issues are, and then vows to take care of them if I can wait a couple days while she follows up on them. I said sure, halfway thinking nothing was going to come from it.

    Today I get a call from Diane in the “office of the President” of AT&T. Diane has obviously been talking to Jessica, knows what my issues are, and asks if I’ll stay on the line while they get one of their engineers on the line. Right before Diane hands me off to him (I neglected to write down his name) she gives me her direct phone number to contact her to follow up, and then the engineer runs some tests to see whats going on with my service. He schedules a tech to come up the same day and tonight that tech comes out and tests every line and piece of their equipment in my house.

    Rick the technician ends up re-terminating some connections, and replacing my “Residential Gateway” (modem/router) with a model that within seconds proves it’s light years ahead of the previous version. We have a nice chat about networking, technology, etc. He leaves.

    Where is this all going?

    I’m consistently amazed with the level of customer service that a monolithic company like AT&T manages to provide for U-verse. Truth be told, this is not my first positive experience with them. Every time I’ve called their technical support for any type of issue, either with my setup or family who has the service, the people have always been friendly and helpful. They’re well trained, and for the most part seem to know what they’re talking about. Granted, they could invest in some better equipment, but I have yet to have an experience with one of their employees that put a bad taste in my mouth.

    The fact that one of America’s largest corporations is monitoring their Twitter feed and pro-actively trying to correct issues that customers have, is really pretty awesome.

    Customer service in America, on the whole, has gone to crap in the last 10 years. Ironically, it’s companies like AT&T with their advanced networks that can put an army of poorly trained and poorly paid people in call centers all around the world, that corporate America have used to reduce their bottom line. But thankfully AT&T themselves don’t seem to be following the trend they’ve helped create.

    I need to call Diane back tomorrow and thank her. Now, hopefully the service will be stable enough that I don’ t need to even call for support again. If not, I know who to talk to.

    Tuesday April 26, 2011
  • Phone Stress

    The boys who cried wolf (AKA The Wall Street Journal, et al) are all indicating that Tuesday will be the announcement of the long awaited iPhone 4 on Verizon. I hope they’re finally right.

    Not because I’m going to switch, no, I’m actually pretty satisfied with my AT&T service, having been a customer for a long while before the launch of the first iPhone. I’ll just be glad when the noise makers and complainers can have another option. I hope that Verizon’s network works better for them than AT&T (although I kinda also hope it’s just as bad) so that they’ll shut up. I also look forward to another network getting some of the load so that my service will be even more reliable than it already is.

    I can’t be alone in this thinking, if AT&T’s network is so god damn horrible across the entire country as the people in San Fransisco and New York make it out to be, no one would use it. Fact is, myself and millions of other subscribers made the choice to use it long before the iPhone. I even used to live down the street from the world headquarters of Sprint, and still used AT&T because I got better service.

    I’m not discounting that there are people with horrible AT&T service. I’ve been places where that is the case, I know people who have this problem on a regular basis. It sucks, but chances are no has one forced you to use an iPhone this whole time.

    I’ll also be glad when this golden phone finally does arrive, so we can stop obsessing about it. The phone will come out, AT&T’s subscriber numbers will slightly decrease, Verizon will see an increase, Apple’s profits will go up. The sun will still rise in the east and set in the west. Choice is good, but the tech world needs to stop treating this like we’re awaiting the second coming of Christ, and treat this like what it is, like what happens all around the world with the iPhone on multiple carriers. The same phone, on another network.

    Saturday January 8, 2011
  • Last Passed

    If the recent Gawker password breach (re)taught us anything, it’s the old and valued lesson of “don’t use the same password everywhere” — but as often as I repeat that phrase and cringe a little bit when I find out someone else did it, I’ve been just as guilty of this cardinal sin of network security myself… from time to time. It’s hard not to.

    When you’re as active on the Internet as I am, it’s impossible to resist the urge to duplicate passwords, especially if you’re against writing them down. So you’re left to memorize them all, hope you don’t forget, and hope that you can later rely on the splendid password reset via email later on.

    All of the Gawker fun also taught (or should have taught) website administrators like myself to take better care of their users. Gawker fouled up in a huge way (beyond simply exposing user data) by not taking proper steps to secure the information in their database once it was exposed. Gawker used an easily crackable cipher system (DES) which was depreciated by a new industry standard (AES) long ago.

    Since the launch of this site, we’ve relied on third parties to act as the gatekeepers for user interaction. (First using JS-Kit/Echo and now Disqus) For you it has the benefit of not having to remember yet another password or create another account just to comment here. On the back end it allows us to focus on delivering content and less on keeping a database of user information secured. We’re relying on people with bigger and better security resources (Disqus, Open ID, Twitter or Facebook) to secure your presence on our site.

    But what about every other site (or even the four mentioned above) … where you have to register a username, create a password, and keep it safe and secure. Remembering unique passwords for every site is impossible, using the same one is a no-no, writing them down and keeping them in your desk drawer isn’t practical or secure. What do you do with those passwords?

    Password Management

    4ac55-0wjxujndhlgbmzg1y

    Who hasn’t seen the Internet Explorer password prompt at least 10,000 times in their lives? Or the similar prompts from Firefox, Safari, Chrome, Opera, etc. Almost every browser created in this decade has included some sort of password manager, and almost anyone who has used them will tell you they’re all crap.

    For one thing, they only work with one browser. For another, they’re almost as secure as the previously mentioned notebook of passwords. Last, they’re not really designed to keep you secure, they’re designed to be a convenient way to re-access commonly used websites.

    Most of the time, I turned the feature off. The idea of using a password manager, until recently, seemed less secure than trying to just remember them all myself. That all changed recently.

    LastPass

    After previously being quite inefficient about password management for the past… well, ever… I decided it was time to get serious about securing my online life and in turn taking the burden of remembering all of the passwords myself. I started using LastPass a few months ago (before the Gawker breakdown) and had slowly begun the process of migrating my passwords into it. Originally I wanted to give it a chance to earn my trust before jumping feet first into the pool of letting someone else get all my passwords.

    I selected LastPass after evaluating many alternatives. KeePass, 1Password, Roboform were among some of the ones I looked at. All great options, but not the one I went with in the end. Here’s why:

    1. LastPass runs on anything, everything, and it syncs all of the resources together. Windows, Mac, Linux, Internet Explorer, Firefox, Safari, Chrome, iPhone, Android, Blackberry, Windows Mobile, Windows Phone (just announced), even Symbian. Basically anything I could touch, had to give me the ability to access my passwords. LastPass has their competition beat there. Noticeably absent is Opera from the supported list. I don’t use Opera myself, but my guess is now that they have true plugin support the LastPass crew will probably add them to the list shortly.
    2. No password manager is perfect, but LastPass is close. It’s excellent about knowing what to fill in, what to save, what not to save, and when to step in and help.
    3. It’s free, for 95% of the service. However, as I usually do, I suggest shelling out the ridiculous $12 a year to get the premium version. Why? Because you get my next two important points…
    4. Mobile access. LastPass will work in any browser for free, but if you want to run it on your iPhone, Android, etc, you’re going to need the premium account. The app itself though, is free.
    5. Multifactor authentication through YubiKey. The free version will allow you to build your own key for multifactor, but if you really want to get serious about security you’re going to want to do it through a YubiKey. (Of course that key will also set you back $25)

    Browser Integration

    Having tested LastPass in both Google Chrome (10) and Mozilla Firefox (4), I can say that the Firefox version is superior, but not by much. When I initially tested LastPass, I did so through Google Chrome. The installer rounded up all of the passwords stored in the default password managers of Internet Explorer, Firefox and Google Chrome that were installed on my system and put them into LastPass. This made the initial learning curve very easy as I didn’t have to go through and train it for every single one I was already allowing the browsers to remember.

    After my desktop, when I setup LastPass on my laptop it also sucked up the local cache and avoided duplicates of already integrated passwords.

    There are a few key benefits that LastPass does that none of the integrated password managers will do, to save you time.

    1. When I create new accounts, LastPass will automatically detect it and offer to generate a random password for me based on my complexity requirements. It automatically fills in the data and saves it for future use. This works 99% of the time and normally requires little input or assistance from me.
    2. When ever I change my password on a website, LastPass will not only know my old password, offer a new password, it automatically saves the change in it’s cache.
    3. It syncs all the data across multiple browsers. It’s no longer a massive headache to test new browsers. Moving from Chrome to Firefox to IE and back again is painless (well, except for using Internet Explorer itself) — changes made in one browser migrate to all the other browsers.

    Security

    But putting all this data into the cloud must be insecure! And if may be… if you were using another provider.

    LastPass, despite syncing all this information into the cloud, actually stores the password database itself on your local system. What LastPass has on its servers are one-way salted hashes, with all your real data stored locally in an AES-256 encrypted database. Your passwords are encrypted and decrypted on your local machine, not on their servers. What all this means is if someone were to hack LastPass and get your salted hashes, they’d be about as useful as a pile of salted meat. Without computing horsepower beyond what the top government security agencies of the world have, and a limitless amount of free time, it’s all worthless without your master password.

    Which by the way, LastPass doesn’t have any idea what your master password is because they never have it. If you change it on your account, LastPass has to re-encrypt all the data and resend the hashes to their servers.

    They also use SSL to further encrypt all of the already AES encrypted traffic between your system and their servers. However, the amount of data being sent back and forth is so small that there is little if any performance loss in your browser and your system hardly notices what’s going on.

    Once the salted hashes of your password reaches their servers, when they go to back it up (which they do daily to Amazon’s S3 service) and store it offsite they further encrypt that data using GPG.

    So make your master password strong, but something you can remember. A great website for coming up with new passwords is howsecureismypassword.net — it will literally tell you how long it would take someone with a desktop computer to brute force your master password. This is all assuming they gain access to your local database, etc. Want to know my master password? Too bad. I will tell you though, it would take you 564 billion years to crack it.

    But, computing horsepower gets more powerful all the time. Brilliant programmers, hackers, and engineers come up with new ways to make them faster, string them together and take that 564 billion year number down a notch. Even with all this advanced encryption an enterprising hacker could still manage to get a key logger on your system and record your master password.

    So what is a paranoid person like myself going to do to even the odds? Multifactor authentication.

    YubiKey

    Something you know, and something you have.

    There are a lot of multifactor authentication methods out there. I won’t get into all of them, because in this case, LastPass really works best with only one. The YubiKey by Yubico.

    The YubiKey is a small USB token about the size of a door key. It comes in any color you want as long as it’s black, or white, and there is just a one time cost of $25 for Yubico to send you the token. It’s tough, and easy to use. It’s crush proof and water proof, has no battery or moving parts. Just plug it into any USB slot on your computer and it’ll be recognized as a USB Input Device. Because of this there are no drivers required and it works on Windows, Mac or Linux automatically.

    Once you receive your YubiKey the process of associating it with your LastPass account is straight forward and simple. When you load your browser, after entering your master password you get the prompt for your YubiKey. Touch the green button and away you go. It only adds a second to the authentication process and infinitely decreases your chances of having your account compromised.

    But what about key loggers? Since this is just a fancy keyboard with only one key, can’t they log that? Sure. Here’s the problem.

    YubiKey generates a random 44 character one time passcode that changes every time you generate it.

    Each generated passcode is actually a AES-128 bit block containing an obfuscated unique secret ID for your YubiKey, a session counter, time stamp, session token, random values and a CRC-16 checksum. To sum it all up, a bunch of random stuff further encrypted into more random stuff.

    What it amounts to, is that without both your master password and your YubiKey, no one is getting access to your accounts.

    Strong Passwords per Site

    But all this work is futile if you continue to use the same passwords as before, or allow the same passwords to be used on multiple websites or systems. Thankfully, LastPass provides an interesting tool called the Security Challenge that will locally decrypt and analyze your passwords, look for weak passwords and let you know what duplicates exist. I was shocked the first time I ran the analyzer, but now I work to squeak out every last bit to raise my score each week.

    ae76b-0iqka0bssu5vmjlc5

    At this point I’m regularly generating 12–16 character random and complex passwords for every site I have accounts on. According to the latest score I’m among the top 1000 users of the tool ranking 942nd overall. Look out 941, I’m R*HaVn87V@aefzw@-ing for you.

    The point is that I don’t know what any of my site passwords are, but each is unique and almost impossible to brute force in a reasonable amount of time (3 quadrillion years for the one mentioned above) — while it doesn’t make the chances of my Facebook account being compromised impossible, it significantly reduces the risk of such an event taking place. By the time someone tried it only a few times, Facebook would (should) lock them out and the chances they’ll guess correctly on the first try even knowing all the exact complexity requirements used is almost infinitesimal.

    Conclusion

    Is your LastPass master password truly the last password you’ll ever need? No. Your system password is still important to have and keep strong, I encourage people to encrypt their local disks (especially laptops) and use a unique and long passcode/PIN for decryption along with a TPM or USB key using something like BitLocker (which I’ll be covering in a future article) — this way to even get to your database the number of steps required are so many and complex I’d venture to say it’s bulletproof.

    But if I can use LastPass to narrow down the number of passwords I’m required to recall on a daily basis down from the hundreds to around 5, and make the ones I don’t even want to remember anymore so complex that I couldn’t even if I tried, then I think it’s more than worth it.

    Further Reading & Downloading

    After Thought

    Last night I stumbled on a deal where you can get a Yubikey and one year of LastPass for only $30, this normally would be $37. Nice little chunk of change. The even better deal is you can get two Yubikey and one year of LastPass for only $45. This is a $62 value. You can associate multiple Yubikeys with your account and then in the event your primary one is lost or stolen, you can dig your reserve key out of a safe location and remove the lost key, and then later replace the key.

    Frank also pointed out to me last night something I neglected to mention. You can also deactivate the Yubikey requirement from a trusted computer such as your primary system that is in a secure location. A trusted system would obviously be one you’ve configured to bypass all of the security checks for your account. Right now I don’t have any systems where I bypass all of the checks, so I forgot to talk about it.

    Something else I forgot to say, was that you can also disable the Yubikey through an email verification, but if your email password is protected by LastPass that may be harder to do. My LastPass account is on my iPhone as well so I could go that route to gain access to my passwords in the event of a failure. Again I forgot to mention it in the article but since you obviously can’t hook a LastPass USB token into an iPhone, you can setup pre-authenticated mobile devices to only require a passcode to unlock. Combined with a security lock on the phone, the phone itself becomes a sort of “token” you have to have to get in.

    There are also other ways to perform multifactor against LastPass that don’t involve a YubiKey, including your own preconfigured key like what I mentioned, as well as a paper card you create that is unique to your account. I just think the YubiKey is the easiest and more secure way to go.

    Tuesday December 28, 2010
  • Evernote Mostly

    I’m a huge fan of Evernote. It ranks right up there with Gmail in terms of applications I live my life in. When people sit down with it for a while and begin to use it, or have someone explain all the interesting ways it can enhance their productivity, it doesn’t surprise me that they become as hooked to it as I am.

    I first became exposed to it when I got an iPhone 3G in 2008. It had existed as a platform a couple years before that and was popular with the Windows Mobile & Tablet PC crowd, but wasn’t really on my radar. At the time, I dismissed it as nothing more than a note taking app for the iPhone. The only reason I started using it was because I wanted something that would sync the notes on my iPhone to another system, since iTunes didn’t do it at the time. Not really something I’d adjust my workflow around.

    Sure I’d used it off and on, but it hasn’t been until the last few months that I’ve come to realize all the ways it can be used. It’s more than just a simple mobile app, it exists on nearly every platform and helps sync your documents, notes, images and throughts between computers and between mobile devices. Their cloud keeps all your clients linked together and helps put the data and knowledge you keep in their service ready for use at any time.

    I’ve decided to share some of the exciting ways I use (or have seen it used) to make myself more organized, more productive and less scatter brained.

    Evernote has begun to replace my normal Windows file system for keeping track of data. Now obviously, when I say everything I don’t mean put your iTunes library in Evernote, or your Adobe Lightroom catalog. No, I’m talking about all your text files, PDFs and screenshots. The stuff that the normal system administrator has scattered all around their hard drives, but would greatly benefit from a centralize repository.

    Get the Premium Version

    First off, I’m not being paid to say this, but… to really make the most of this program you’re going to want to shell out a little cash. It’s going to set you back $45 a year (or $5 per month.) The free version is excellent, and until you get really into it it’s probably best to wait so you don’t waste your money if you don’t like it. But be aware, you’re going to want to get the enhanced features:

    • 500MB of uploads a month (free users get 40MB) means I don’t have to worry how many screenshots or PDF files I pump into their cloud.
    • Premium users also gain the ability to put things like Word, Excel and PowerPoint files into their client. Actually you can put any file, where as free users are limited to images, audio, ink files, and PDFs.
    • Automatic PDF indexing, an absolute must. I’ll tell you why in a little bit.
    • Offline access on mobile devices.
    • SSL encryption of notes. Honestly, I wish this was standard but right now you have to pay. For those of us who are going to store anything beyond a grocery list, encrypting that data in transit is a must.
    • Priority image recognition. I’ll tell you why this feature is awesome below, but paying for this gets you higher up in the queue.

    Put Everything You Read or Write In Evernote

    Up until a few months ago, when I needed to take a quick note of something I’d probably just fire up Notepad. The end result was a bunch of .txt files all over my hard drive. If I needed to refer to it an hour later it wasn’t a problem. A couple days later, it wasn’t so bad. A week later… it got harder and harder to find. Even with Windows 7 and its great indexing, it’s not always very easy to find what you want.

    Evernote is only as useful as the content you index with it. If you read it, write it, and want to ever access it again… put it Evernote.

    Perhaps the easiest, and yet the hardest, thing to get use to is changing your ‘workflow’ to incorporate it into your daily life. Once you do, you’ll begin to wonder what you did without it.

    Put All Your Product Documentation In Evernote

    I’ve begun downloading the PDF files for product that I own, from various manufactures, and putting them into Evernote. Everything from motherboards manuals to server documentation. It’s much easier to go looking for help with a product if you’ve already downloaded and indexed the manual than it is to go digging through a vendors website, sometimes months or years after they’ve stopped selling the product.

    Make Evernote Your Default Screenshot Program

    How many times have you been working on something and got an error message you wanted to refer back to later? You take a screen capture of that message, save it, go along your way trying to troubleshoot. Want to refer back to that screenshot or send it to a co-worker? Hope you didn’t close the program, or else you better remember what you saved the file as, and where.

    If you’d put that screenshot into Evernote you’d be able to search of a string of text inside the screenshot and pull the image from it’s archive. No file names or locations to remember.

    2ee25-0u-z4qgqzhnkqyopg

    In this example just searching for a word in the image resulted in what I was looking for. Notice the word ‘protection’ highlighted in the screenshot. This feature is available to both free and premium users, but it’s one example of where paying a little extra helps out. When you sync your data up into the Evernote cloud, their servers instantly begin indexing the content and in this case use OCR technology to turn the text in the image into searchable content.

    Install the Web Clipping Tools

    Evernote makes plugins for most browsers, to make it easy to take data out of a website and put it directly into their system.

    If you’re using Internet Explorer, the clipper automatically installs when you install the Windows client. If you’re using Safari on a Mac, the clipper automatically installs when you install the Mac client.

    If you’re using Google Chrome or Mozilla Firefox, there are plugins avaliable for download from the addon pages for each browser.

    1182f-0gheiti8vbmwpvget

    If you’re using Opera or some other less popular browser that Evernote hasn’t got around to creating a plugin for, you can also use their Bookmarklet. While not quite as elegant as the plugin options, it’s better than nothing.

    Also, because you can index the content of a screenshot, if you want to remember the web page exactly as it was when you viewed it, just take a screenshot and then go search for it later!

    One feature exclusive to Google Chrome users who have the plugin installed is the ability to search within your Evernote archive for files when you’re on Google.com. Why go looking for something all over again that you may have already found and clipped into Evernote?

    7fbc0-0hik-bkkzgqqdvugm

    Use Automatic Folder Import To Your Advantage

    You can easily configure Evernote to index the files in a folder. I use this in combination with a PDF printer like Adobe PDF Distiller, CutePDF or saving as a PDF with Office to “Print to Evernote” from within applications like Microsoft Word, where directly importing the Word document into Evernote doesn’t create as nice of an indexable note.

    3088a-0acfi_snjxwuhjb_2

    dd44d-0iwcxy7feidoyu-wz

    In this case, Evernote is configured to delete the file as soon as it’s imported. This way you don’t have duplicate files sitting around and you know when it’s gone, it’s in Evernote.

    Without the premium version, indexing and searching the contents of a PDF isn’t possible. That’s just one reason why the premium version is so helpful.

    Install Evernote on Everything

    Sure, there is a nice web interface for Evernote, but what I consider of the beautiful aspects of the product is that it’s a cloud product with awesome desktop applications.

    My tower at home has Evernote, my laptop has Evernote. The two are constantly keeping things accessible between both systems. But as mentioned before, I discovered Evernote through my iPhone, so I have it there as well. It’s also on my work Blackberry and when I finally break down and buy an iPad (or other tablet) it’ll be there too. There are also mobile clients for Android, Windows Mobile and WebOS. About the only thing you can’t out a client on is sadly, Linux.

    (Evernote, please change this.)

    The more places you can easily access your data, the less you have to remember, and the more productive you can be with it.

    With a premium account, you gain the ability to sync offline content to mobile devices. While this isn’t a huge advantage with something like an iPhone where you usually have a 3G connection (AT&T willing) to download notes on the go, with an iPad or Android tablet it’s handy for taking it places where you’re not connected all the time.

    Make Your Scanner Evernote Friendly

    There are many ways to do this, but I accomplished it by using the scanner’s Windows helper application to set my Evernote import folder as the default location for PDF scan jobs. Documents on the scan bed are turned into PDF files and dumped into Evernote. Now it’s easy to take important papers and make them digitally accessible, quickly.

    Some scanners are even more Evernote friendly. If you’re in the market for a new scanner look at the Fujitsu, Canon or Lexmark models that support Scan to Evernote built-in.

    Use It, Share Your Thoughts

    I would encourage you to start using the product and share your thoughts in the comments on ways you can be more efficient with it.

    Tuesday December 7, 2010
  • Gates Job

    If you’re an Apple fanboy you already think Microsoft just rips off Apple’s ideas. However, David Milman at ComputerWorld has asked if it’s time for Bill Gates to pull a Steve Jobs and make a return to Microsoft?

    Now granted, the departure of these two tech giants from their creations were under very different circumstances. Jobs was all but thrown out on the streets of Cupertino left to wander the scorched Earth through NeXT and Pixar. Meanwhile Gates stepped down from power at Microsoft leaving Steve Ballmer as CEO and later Ray Ozzie as CSA. Gates now spends his time unleashing mosquitoes on the unsuspecting public and convincing other super billionaires like Warren Buffett to give away their money.

    And like when Jobs was removed from Apple, Microsoft has been on a decline since the departure of Gates. It’s stock has declined, it’s products have lost some of their edge (although a lot of that has changed with Windows 7 and Windows Phone 7) and their focus.

    Some would argue that Ballmer should have lost his job after the failure of Windows Vista. I’m inclined to fall into that camp. But is Gates the best person for that job, again? Does Microsoft need fresh blood or does it just need its old blood back? We want to hear your thoughts.

    Sunday October 31, 2010
  • Commitment Issues

    I’ve never been one to have commitment issues. But my decision to move from the iPhone 4 to the Nexus One just couldn’t stick. Last month I wrote about what I saw as the flaws of the iOS platform and specifically the issues I had with the iPhone 4. I also wrote a glowing review of the Nexus One and I stand by (most) of that analysis. But yesterday I sold my Nexus One and will soon be buying an iPhone 4.

    When I announced this “news” on Twitter and Facebook last night I think I stunned just about everyone of my friends and followers. I got a lot of questions like “What did Android do wrong?” but did get a few statements like “I knew you’d be back” … when I left last month, I didn’t intend to come back. But there were a few lingering issues that I just couldn’t get past.

    Subsidies

    The Nexus One I purchased cost me $529 direct from Google. So I take that phone and attach it to my AT&T account and then pay AT&T the same amount of money for my voice, data and TXT messages as I would if I were on a 2-year agreement. AT&T spends nothing upfront and makes a larger profit from me than it does for someone who spends $199 for a iPhone 4. The obvious benefit for me is that I can take my phone and go to another carrier, or cancel my account anytime I want. But here’s the kicker… my only real choice is AT&T.

    Beyond the logistical issues of having every friend and family member I know being on AT&T (free mobile to mobile) and the fact that they have one of the better networks in the Kansas City area… Google for some reason designed two different Nexus Ones. One radio optimized for T-Mobile and one for AT&T. So if I decided I was fed up and wanted to move to T-Mobile, I’d basically cripple my phone by relegating it to EDGE network data speeds. And since obviously Verizon and Sprint are on different technologies, they’re not even something to be considered. Google would have been wise to use a radio that would work on both types of GSM networks, if that were possible. Realistically, I’m locked into AT&T, regardless of if I have a 2-year contract or not.

    So the real question for me was, in order to make the value of owning the Nexus One “worth it” … was my experience with it more than 2.5x better than the iPhone 4?

    Basically. No.

    Quirks

    Here’s the thing about reading reviews done by people who purchased the product with their own money… we tend to want to make ourselves feel good about the purchase, so things that might annoy an totally objective person are sometimes overlooked (or not mentioned.)

    There were a few things about the Nexus One that annoyed me from the start, but were not enough to make me dislike it completely. If it was going head to head on price with the iPhone 4, I wouldn’t give them much of a second thought and would probably still consider elements on the device and the OS to be superior. But here are a few:

    1. Nothing beats iTunes for syncing music. I tried a variety of solutions for Android and was really quite impressed with a program called Double Twist. But the Windows interface was worse than using iTunes on Windows, and the process of syncing tended to take a really long time.
    2. The row of home, back and search buttons on my Nexus One were very picky. You have to touch them just above where the actual indicator button is for them to work properly. It’s something you get used to, but when you hand the phone to someone else, they tend to have a hard time getting it to work.
    3. Battery life was less than stellar. The more I used the device, the more I saw where I was coming very close to not being able to go through the day without a recharge. Since I’m not much of a night owl (I’m usually at home or even in bed by 10PM on a Saturday) it didn’t hit me too bad. I did initially purchase a second battery for the device, but I never used it.
    4. I found the ear hole for the speaker to be in an old location, at least compared to the iPhone. I had to hold the edge of the phone up to my ear to hear other people clearly. It was something I had to get used to, but found to be somewhat bothersome.
    5. The on-screen keyboard was just not as accurate as the iPhone version. In fact I found the touch screen to be somewhat laggy compared to the iPhone. By this I mean, the iPhone screen seems what I would describe as “spring loaded” — snappy and ready to flip from around with ease. On the Nexus One it was common to try and flip two or even three times before the screen reacted.

    Applications

    Despite what I initially said, the Android Marketplace has a long way to go before it catches up with the App Store. While there were a sizable collection of applications that had been ported, many of them did not function anywhere as smoothly as the iPhone version. The Facebook for Android application was painful to use at times, forcing me to manually refresh pages to see updates or get notifications. This was common for most of the applications that I used, things that seemed to just happen naturally on the iPhone either required multiple menus or buttons to access, or the features were missing.

    There is also something to be said for the investment in Apps that I’d made over the last two years as an owner of the iPhone 3G. I have hundreds of Apps in my iTunes library, and I’d paid for a sizable chunk of them. Many of them I could just not find a replacement for in Android. Really, the App Store is one of the smartest things Apple did to insure people stay with the platform.

    Photography

    Nowhere was this lack of Apps more obvious than in the world of photography, which is my main hobby. Apps like Photoshop Mobile, Best Camera and Camera+ were ones that I’d come to use often on my iPhone, and despite my fruitless searches, I could not find anything similar in the Android Marketplace. They were also Apps that I already owned, and couldn’t use.

    There is also something to be said for the iPhone 4 camera, versus … well, anything in a phone… or even most point and shoots.

    While not really photography, something else I found ridiculous about Android compared to the iPhone was how impossible it was to easily take a screenshot on the Nexus One without doing a USB tether to the Android SDK, or rooting the phone to install custom applications. It’s a simple process of clicking two buttons on the iPhone. Not that I often need to take screenshots, but I do it enough where it was bothersome.

    Death Grip

    I griped (a lot) about the iPhone 4 and the death grip. Why? Because it really teed me off. However, and I really hate to admit this, the Nexus One had a very similar issue.

    While I could never get the signal to drop to the point where I would disconnect calls (which I can do on the iPhone 4) there was a noticeable decrease in signal strength when holding the phone, and the tighter the hold, the fewer the bars. It was not uncommon to watch my signal go from four bars (full) to one bar. Granted, the problem wasn’t simply touching a specific area of the phone like Apple seems to have engineered their device for… but the issue is there.

    Another related issue, was I could never get my phone to remember to automatically reconnect to my home wireless. It had no issues at work, but for some reason when I came home I’d always have to enter the wireless settings and reconnect. It managed to save my SSID and WPA2 keys, so it only took a few seconds… but for some reason it would never stick. Same goes for leaving the phone on standby and then waking it up. It would connect to 3G but never Wifi without a little extra encouragement.

    Discontinued

    It never makes you feel good when you buy something and then two weeks later learn they’re not going to sell the product anymore. On the other hand, it made it a lot easier to find a buyer on eBay.

    It’s Not All Bad

    Even with my complaints about Android and the Nexus One. It’s not all bad. I still stand by my analysis of the intricacies of the operating systems from my previous review. Things like the notification system and the integration with Google services are really top notch and the notification system in iOS is something Apple really needs to address.

    Synopsis

    Will I miss my Nexus One? Yes.

    Would I buy it again? Yes (subsidized) Would I encourage others to buy it? Yes.

    Would I encourage others to look at Android? Yes

    But in the end, I just couldn’t make it stick. Weighing all the factors, the iPhone, with it’s assorted Apps and features was the better choice for me.

    Forgive me Father Jobs, for I have strayed from the light. Please accept me back to the comfort of the Reality Distortion Field once again. I promise I’ll (probably) buy an iPad!

    Wednesday July 28, 2010
  • After iOS

    As I explained in a previous entry on Tuesday, I’ve made the decision to leave the world of Apple mobile devices for the land of Google Android. To briefly bring you up to speed:

    Ever since the iPhone supported Exchange, I’ve been a huge supporter. I’ve spent two good years on the iOS with my iPhone 3G. … When the iPhone 4 was announced, I followed the WWDC keynote with great anticipation. I ooh’d and aah’d at all the advances in design and software. … (after getting it) Taking it home that night, I started to notice something was a little off with my phone. … (antenna issues) I dropped a few calls that weekend, including one to my father who seem’d to have lost my mother, but I could make due. … The view from most of the people within the Apple world was that it was firmware related, and would be quickly fixed. Then Steve Jobs opened his mouth. … I found myself deeply disappointed in the device and the operating system. Enough so that I’ve made the switch to Android.

    There, now that we’re all up-to-date, I’m happy to say that my Nexus One is activated and I’ve had the last couple days to play with it. Having had experience with many different mobile device styles and platforms, including Windows Mobile, Palm OS (the original, not the WebOS) and iPhone, I can honestly say that the Nexus One and Android OS is the best mobile experience I’ve ever had.

    I say play, but really, I use my phone as a tool. It’s a tool for me to communicate with friends, family and co-workers. Not just through phone calls, but SMS, email, Facebook, Twitter and IM. I need that tool to work reliably all the time, because if its not, I’m going to miss out on the important events of my life. This shouldn’t come as a shock to anyone with a smartphone. It’s pretty standard stuff.

    I put a lot of thought into what device to make a switch to, so why did I choose the Nexus One? It’s been out since January, and can’t be considered a new device. In two weeks Motorola will release the Droid X and you can already get the HTC EVO 4G from Sprint, today.

    • I needed a solid phone, now. Not on July 15, so that made the Droid X a non-starter.
    • 2x I needed a solid phone now. Since the HTC Incredible is on backorder until the return of Jesus, it’s not an option, and thus Verizon was out since those were the only two phones I was interested in.
    • Sprint’s network in Kansas City can be considered third world, in some areas. Having experienced this while living less than 2 miles from the Sprint world headquarters in Overland Park, while using a Treo 700wx, didn’t even allow me to consider the HTC EVO 4G.
    • Everyone I know in this area is on AT&T, because unlike what you may see in San Fransisco or New York, they have the superior network in Kansas City. As a result, my entire family and a large chunk of my local friends are all on AT&T. Seeing as these are the people I communicate with most often, the free mobile-to-mobile made them an attractive network to be on. It’s also the same network I was with on my business account for the iPhone. This made transferring my number to a personal account a lot easier.
    • I was attracted to purchasing an unlocked phone and keeping myself out of a contract. Since the Nexus One came direct from Google, and not tied to the provider, I can use it on any GSM network. I realize it would limit me to only two in the US, and if I used T-Mobile on it I’d only get EDGE speeds for data, but the ability is attractive and also the ability to travel outside the US and swap SIMs without any fuss was one I added into consideration.

    Ordering & Delivery

    The process of ordering the phone from Google was almost flawless.

    I placed an order for the out-of-contract AT&T version on June 29, for $529, at around 9AM. The web store was very straight forward and easy to use. My only complaint is that the confirmation screen can be confusing for those who don’t know which bands the AT&T phone uses vs the T-Mobile, and it doesn’t clearly say on the receipt and invoice. However, this was my only complaint. Google gave me the option to engrave a custom message on the back of the phone, for free, but said it would delay the device by up to 72 hours in shipping. Since I needed the phone by next Friday, I opted not to. If I’d known how fast things would ship, I would have reconsidered. Overnight shipping via FedEx was free. I opted to purchase an extra battery for $25.

    By lunchtime Tuesday, my phone had left the Googleplex and was on it’s way to my office. By 8AM on Wednesday, it was in our campus mailroom ready to use. Less than 24 hours after I’d placed the order. Already, I’m impressed at their speed.

    Build Quality

    Out of the box, the build quality of the Nexus One is obvious. In your hand, it feels lighter than an iPhone 4, about the same as the 3G/3GS. Size wise, it’s slightly longer and thicker than the iPhone 4, but looks smaller than the 3G/3GS. The face is glass, wrapped in an aluminum band which crosses over the back and bottom of the face. The slightly darker plastic feels very nice to the touch, and is much easier to keep a grip on compared to the all glass back of the iPhone 4, or even the slick plastic back of the 3G/3GS. The curves are attractive, and feel very natural in your hand, compared to the squared off and ridged feel of the iPhone 4.

    Other than the glass front, there are no places on the Nexus One where I feel like normal use will damage or scratch the device. The back of my iPhone 3G over the course of 2 years had normal wear and tear, but the iPhone 4 I used for a week, after three days of use, had a large scratch in the glass on the back, right where my wedding ring sits. This scratch was easily visible and easy to FEEL. My tungsten band had cut into the glass after only a short term of casual use. Two days later, another scratch appeared.

    I have no indication that the Nexus One will have any of those issues.

    Hardware

    Apple doesn’t like to talk about the internals of their devices, unless they actually have a technical advantage over their competition, except to say that their “magical” or “amazing” — that said, others constantly tear down and analyze their equipment, so we end up knowing a good deal about them. In contrast, HTC (who makes the Nexus One) and Google (who designed it) are pretty open about the hardware specifications. Reason being, the Nexus One was designed to push mobile devices (and Android) forward, something it has been pretty successful at doing. When the Nexus One came out, the only thing to compare it to in the Apple world was the iPhone 3GS, which in a hardware tear down, the Nexus One was superior in nearly every way. Now that the iPhone 4 is out, we have something else to compare it to… and in a side by side comparison they stack up pretty well against each other.

    Processor

    The iPhone 4 features a “custom” ARM chip called the A4, the same chip that is in the iPad. This chip is able to run at 1GHz but the current understanding is that it’s purposefully under-clocked by Apple to reduce battery consumption and the amount of heat that it gives off in such a small body.

    In comparison, the Nexus One features a 1GHz Snapdragon processor. The chip is not underclocked and can actually be over-clocked using non-stock kernels. While Apple sets their chips down a notch to keep them from heating up, I always had issues with iPhone’s being warm in my hands after long periods of use. With the Nexus One, I’ve never had that problem.

    Memory

    Both the Nexus One and iPhone 4 feature 512MB of RAM. The previous 3GS only had 256MB, as does the iPad.

    In terms of internal storage, the iPhone has the advantage of a built in 16GB/32GB of storage. On the flip side, it is non-expandable. The Nexus One only has 512MB of internal storage for the operating system and applications, however, with Android 2.2 applications can now be installed on the external micro-SD card, which is capable of going to 32GB. Bundled with the phone, is a 4GB card.

    This is a double edged sword of sorts. Trying to find 16GB microSD cards is no problem, and a great SanDisk card can be found on Newegg or Amazon for as little as $30 plus shipping. However, the jump to the 32GB cards more than quadruples the price in some cases. To be honest, I wish Google would have included a larger card as 4GB is tiny when you start adding pictures, music and video to the device. For the $529 I paid, they could have easily ponied up for a little more memory. Add-in installed applications, and it fills up quick.

    The best path I’ve seen is what Motorola is planning for the upcoming Droid X. 8GB of internal storage PLUS a microSD slot able to go to 32GB WITH a 16GB included at purchase. This equals 24GB of storage for the same price (with contract) as a iPhone 4 16GB. If you’re willing to go a little farther you could surpass the max storage of the iPhone platform at 40GB. (8GB internal + 32GB expanded) — it’s my hope that this is the model that every Android phone takes in the future.

    Screen

    Nothing beats the “Retina Display” of the iPhone 4. Nothing. It’s superior DPI, resolution and color clarity is unparalleled. It looks good in all lighting conditions even at low brightness. It’s the one thing about the iPhone that anyone can look at and compare the previous versions and instantly see massive improvements.

    However, the Nexus One screen is still very nice. A lot has been said about the PenTile display and the color clarity, and while it’s not as nice as the iPhone 4, I find it to be superior to the 3G/3GS screen, and a lot better than most other devices. It’s also slightly larger than the iPhone 4 (3.7″ vs 3.5″) which isn’t a horrible thing. I will say that it takes a little adjustment, and for someone who has smaller than average fingers, any bigger and I’d be afraid it’d be too hard to hold. This is one thing where I worry about devices like the Droid X and EVO (4.2″+), that for most users it’ll be too large to comfortably hold and type on. Some people like the large screen, I feel that the Nexus One is about the biggest I could comfortably use.

    I’ve found that in low/no light, the AMOLED screen on the Nexus One is superior for long term reading compared to the iPhone 4. I like to sit in bed after my wife has gone to sleep, catch Jon Stewart or Letterman on TV and use my phone to read the news, Twitter, etc, and with the iPhone 4 my eyes would get tired and irritated quickly. With the Nexus One screen, it was much easier to use for long periods of time.

    Camera

    The camera on the iPhone is hard to beat. However, the Nexus One is pretty comparable. Both feature a 5MP sensor with an LED flash. However, the iPhone sensor has a lot more power behind it and as a result the color quality and speed at which the camera fires is superior. Although, the Nexus One seems to have a lot deeper depth of field and a slightly wider angle of view, resulting in images where more of it is in focus.

    It’s a trade off, as an proamature photographer, the thought of having a great camera with me at all times is very appealing, and with my iPhone 3G it was my daily shooter for almost anything. There were times I’d find myself taking pictures of things where my Canon point and shoot or even my Nikon D200 DSLR would have been the far superior choice. However, as Chase Jarvis says (and wrote a book and iPhone app about) “the best camera is the one you have with you.”

    When you look at color quality vs image sharpness/focus, it’s a tie. However, the speed at which the iPhone 4 is able to perform takes the cake, and when you add in 720p video out of the box (the Nexus One will do it with third party software) it’s impossible to do anything but hand it to Apple on this.

    My ONE caveat in saying that, is that iOS 4 currently has a bug that adds a “green ghost” to the center of images taken under florescent lighting. However, I’m confident Apple will correct this and as pointed out to me, HTC has had issues like this in the past, and even the big dogs of Nikon and Canon who do nothing but make cameras have similar issues with their high end DSLRs that frequently require firmware updates to correct.

    Android vs iOS

    I could spend the next three days comparing these two operating systems, their features, multitasking abilities (or inabilities) and their quirks. But, there are already many reviews out there doing exactly that. However, I will point out a few key points that I find beneficial on each platform.

    Integration

    The Nexus One is probably the only fair comparison to the iPhone when it comes to the integration of hardware and software. It’s the only device that Google has had total control (along with their partner HTC) in building the device and designing the Android OS around it. Obviously this is Apple’s primary business model in all of their hardware products, and little explanation of the benefits they see from it are needed.

    That said, Android is very well integrated with the Nexus One, and the entire process of using the device is nearly perfect end-to-end in terms of tie in with other Google powered services such as the Maps, Gmail, Contacts, Calendar, Google Talk, Google Voice and of course Search. The fact that every text box or search field can be powered by voice commands that are highly accurate (as long as you speak clearly) is a huge plus. In contrast, Apple has to rely on a lot of third party technologies that are integrated with the iPhone like… Google Maps and Search. Even Apple’s implementation of MobileMe as an “all in one” provider of email, calendar and contacts is somewhat flawed. My wife uses MobileMe for her primary email after purchasing a 3GS and we’re just waiting for it to expire and switch her to Gmail or Live Mail after their ActiveSync service comes online. She complains constantly about MobileMe not pushing email and about calendar events disappearing. Problems I didn’t even have with iOS tied to Microsoft Exchange 2003/2007, which always seemed to work flawlessly.

    The Nexus One is pure Google, end to end. For some people who worry about what Mountain View and their datacenters are up to, that’s scary, but the device is very well integrated into all their services. It’s a total Google package, or as they put it “the Google experience.”

    Notifications

    The funny thing about the iPhone notifications system, is that it didn’t used to bother me, until I used the Android system and saw how far superior it is. No more hunting for desktop icons with indicators, spread across multiple screens, with Android every system or program notification is displayed in a single drop down menu at the top of the status bar. They can all be cleared with the push of one button, or opened and flipped back to the app that needs your attention. No app can overtake another app you’re viewing with random status windows, they all cleanly take their place and await your attention in the top corner.

    In this area, the Android OS is superior to the iOS in every way. Maybe for iOS 5, Apple can finally implement a real notification system.

    Applications

    One of the things I was really worried about after making the switch, was that the applications I’d grown to love on the iPhone, wouldn’t be there on the Nexus One. I was wrong.

    While the Android Market features a fraction of what the iTunes App Store has, it’s only been around a fraction of the time. The built in Twitter and Facebook applications for Android are top notch, and beautifully integrate into the Contact list on the phone, as well as flow with the rest of the Android interface. While the Twitter application lacks some of the advanced features of the official iPhone Twitter App (aka Tweetie 2) it’s still a great application. The upcoming social networking platforms like Foursquare all have their official applications, as well as many others. To my great surprise, I’ve yet to be unable to find the app I was looking for in the Market. In many cases, the application developers have ported their programs to Android and in other cases, a nearly identical program exists. I don’t do a lot of gaming on my phone, so I can’t speak to the Market vs App Store in that respect, but there are plenty of other resources that can if you know where to look.

    One thing the Market has that Steve Jobs would rather die before he allows is a open submission process. There are apps in the Market that require your phone to be “rooted” to function. (For you iPhone users, root = jailbreak+) — And beyond that, with the click of check box, non-market approved applications can be installed from any source.

    Updates

    Because the Nexus One is the Google flagship phone, it’s been updated pretty frequently since it’s launch. Other Android phones have not been so lucky and official 2.2/Froyo updates for devices like the Droid and EVO have yet to be released, and some devices such as the Hero and Moment may never get official updates. My Nexus One came with Android 2.1 installed, and since then has been updated twice. Once as a full upgrade to Android 2.2 soon after unboxing, and again last night with a security patch. While the frequency of updates for all devices leaves something to be desired (and Apple has Google beat in this department) the method in which updates come really shakes Apple’s tree.

    The over the air update process for Android is something Apple should be looking into right now, if they’re not already. I have known too many iPhone owners who’ve never even plugged their phone into a computer, let alone sync’d and updated with iTunes. As a result, people on the iPhone 3G can still be running 2.0 firmware when there is 3.1.3 or 4.0 for their consumption.

    The manual update process for Android is fast, and fairly simple. On the Nexus One it’s simply a matter of copying the updated firmware to the SD card, rebooting the phone while holding down a magic button combo, and selecting the firmware update. The upgrade from 2.1 to 2.2 took around 5 minutes, and the patch last night was about 2 minutes. This includes copying the file to the card and booting the device into the update mode. Most times it takes iTunes/iPhone this long to even begin the process syncing to tell you there is an upgrade for the phone. Then there is a process of writing the entire upgraded firmware to the phone (300MB) instead of just what needs updating (900KB) — in my view, Android wins. For anyone technical enough to read this website, the manual update process should be a cakewalk.

    For the average non-technical user who actually does sync, and stays up to date, the iTunes method is probably superior to the manual update method… but nothing beats over the air updates.

    Final

    In conclusion, I have found the Nexus One to be superior for my needs as a power user. If you’re the type of person who buys an iPhone just to jailbreak it soon after, or finds themselves restricted by Apple’s methods, then Android is the obvious choice to switch to. The Nexus One, while not fully superior hardware wise to the iPhone 4, can hold it’s own in processing power, and when combined with Google’s fully integrated and yet open platform, is a win-win.

    I’ve been very happy thus far with my choice to switch, even from the latest and greatest that Apple has to offer.

    Thursday July 1, 2010
  • Switch Hitter

    Ever since the iPhone supported Exchange, I’ve been a huge supporter. I’ve spent two good years on the iOS with my iPhone 3G. My job bought it for me back in 2008 and I got it shortly after launch. It was a solid phone with a lot of good things to say about it. I evangelized to everyone I knew about how they should get an iPhone, how it’s the best smartphone around. I got a 3GS for my wife, I’ve told countless other family members to get one. In most ways, when it was introduced, it was the best thing around. But things have changed.

    When the iPhone 4 was announced, I followed the WWDC keynote with great anticipation. I ooh’d and aah’d at all the advances in design and software. When pre-orders started, our company bought 11 to start, and we waited until last week when they finally arrived (early) from AT&T. I rushed across campus to rip open the box and activate my new toy (err) tool. There it was, the iPhone 4, before most anyone else on the planet had their hands on one. I took pictures, I tweeted about how amazing it looked, how the screen was fantastic (it is) and how fast it was compared to my 3G.

    Taking it home that night, I started to notice something was a little off with my phone. In Kansas City, AT&T really is the top carrier, and with my 3G, reception was never an issue. I can think of only one place in the city where coverage is any type of issue, and it’s not an area I frequent. So with the iPhone 4, the fact that I was only holding 4 bars at maximum, and typically 3, seemed a bit odd.

    Later, I realized I was on EDGE service with hardly a bar to see, for most of my time before I jumped on my home wireless. As I started reading the news on various gadget blogs, I quickly realized I was suffering from the antenna problems that were plaguing almost ever other early adopter.

    I dropped a few calls that weekend, including one to my father who seem’d to have lost my mother, but I could make due. The view from most of the people within the Apple world was that it was firmware related, and would be quickly fixed. Then Steve Jobs opened his mouth.

    “You’re holding it wrong.” … or something to that affect.

    Excuse me?

    Beyond that, one of my co-workers (our telecom manager, of all people) got an iPhone with a totally non-functional home button. The only way she could close apps, is to reboot the phone. Since the Apple stores and AT&T were slammed that week, and the SIM cards are a totally different size, she was stuck with a broken phone until today when she was able to get a new one. I’ve also seen issues with the new camera, taking pictures of solid color backgrounds (especially in florescent lighting), where a green ghost appears in the middle of the image. Many I’ve talked to online (although non of my co-workers) cannot sync their iOS 4 devices to Exchange. My bosses phone started making a horrible clicking noise (what inside this thing moves?) yesterday although it seemed to be a one time event. I could go on and on, but just read Engadget, Gizmodo, or any other gadget blog for the daily iPhone/iOS bug.

    Not to mention, simply holding the device in my hands for a couple days already allowed my wedding ring to put a scratch in the back glass so deep you can feel it with your finger.

    My point is. Any one of these single events, may be something small and not worth getting upset about. Combine them together, and you have a product that is far from 4th generation and an operating system that already is flawed. Now, I’ve been around IT long enough to know major software releases have bugs, and that major hardware refreshes require driver and firmware updates to correct issues. But maybe I’d come to expect more from Apple, with their integrated platform, to expect something that would be near flawless by version 4.

    While I don’t expect perfection in anything man-made, I found myself deeply disappointed in the device and the operating system.

    Enough so that I’ve made the switch to Android. Yesterday I announced on Twitter and Facebook that I’d be leaving the job I’ve been at for over 4 years now. As a result, I’m turning in my iPhone 4 and going rouge. My new weapon of choice?

    Nexus One

    Ordered it from Google this morning, unlocked and out of contract, for AT&T bands. It has shipped, and arrives tomorrow. While I know there are other more interesting phones out there, and some like the Droid X soon to come, I will reserve my explanation for choosing the Nexus One for my next update … after I’ve made the switch and fully integrated later this week.

    But this decision has some ramifications. Up until last week, I was all set to pull the trigger on the purchase of a Apple computer, something I’d never done before. I had a bright and shiny new iMac all picked out, and was waiting for some news on the job front to come through before giving Apple my credit card info for my own iPhone 4 and that iMac. But now, given my recent burn by Mr. Jobs, I believe I will be rethinking that decision.

    Maybe one of those new AMD 6-core processors or a Intel i7, running something other than Mac OS X, is in my future as a home desktop replacement?

    Monday June 28, 2010
  • Lazy Explorers

    The number of businesses still using Internet Explorer 6 is painful to see. Coupled with the fact that all of them are on Windows XP or Windows 2000, it turns from pain into terror, especially when it comes to security.

    For a lot of system administrators, the reasons to stay outweigh the reasons to upgrade. Websites that break, plugins that won’t load, old software that isn’t updated anymore. Trust me, I’ve been there. However, a lot of it boils down to lazy and poor practices of system administration.

    Yes, you’re lazy and you’re bad at your job. Internet Explorer 6 was released in 2001. Yes, 2001, most of us don’t even drive cars that old, let alone unleash people on the “information superhighway” with a browser that old. It was designed at a time when security was not the issue it is today. It was designed to work on operating systems like Windows 98 and Windows ME. Would you let people use Windows ME on your network? No! So why are you letting them use a browser that was built for it?!

    “But it’s not our fault, we don’t write the bad software, or the non-compliant websites.”

    You’re right, you don’t. But you have the responsibility and the power to keep your network, and the rest of the Internet safe.

    The replacement for IE6 has been out now for just under 4 years. Actually, the replacement for it’s replacement has been out almost a year. Meaning all you lazy administrators had two chances to migrate your systems over to an updated browser. Yes, you’re lazy. If you have applications that “require” Internet Explorer 6, the decision should have been made to dump them or upgrade them long ago. A line in the sand should have been drawn that said you were not willing to support such an old and insecure piece of software.

    Why is this such a big deal? Because security threats targeting users of Internet Explorer 6 continue to threaten the security of the Internet, and of your own network. Just this week, Microsoft admitted that IE6 was one of the vectors used to attack companies like Google. Why is Google still using Internet Explorer 6? Or I guess a better question is, why is Google even using Internet Explorer at all, when they develop Chrome? Either way, it’s disappointing to see that a company like Google, who tends to be on the bleeding edge of updates, is doing something stupid like running a almost decade old browser.

    The most recent threat, has no effect on users of Internet Explorer 7 or 8, even on Windows XP. Actually, Jonathan Ness over at MSRC Engineering put together a nice little chart explaining what browsers and operating systems are at risk with the latest attack vector.

    9443d-0dqceb2lbw4ikpm1r

    The short of it, if you’re still running Windows 2000 on workstations, you should be fired. If you’re running Windows XP and Internet Explorer 6, you should march into your CIO’s office on Monday and demand that you at least figure out how to migrate to Internet Explorer 7 ASAP, meanwhile worry that your network isn’t the next one to be attacked by these unpatched exploits. If you’re running Internet Explorer 7, you should turn DEP on to prevent future threats, or see if migrating to Internet Explorer 8 is possible.

    But really, for the small group who has already migrated to Windows Vista or Windows 7, enjoy your weekend.

    To all my fellow sysadmins out there: Stop being lazy, and start securing your networks.

    Friday January 15, 2010
  • Local Admin

    A recent email discussion over a education security listserv got me thinking about the topic of giving users administrator rights to their local machines. This is a common discussion that comes up about once every month or so, when ever someone new joins the group. The discussion usually starts by asking for methods of removing administrator access in environments where rights have already been given, and then nosedives into a long discussion about the ethical and practical reasoning behind it.

    There seems to be two schools of throught about all of this.

    1. Lock the user out of everything that would prevent malware from being installed or the user installing software they’re not suppose to, at the expense of user frustration and IT time spent approving and installing software requested by users.
       Basically, the users are stupid and cannot be trusted. IT will have to monitor them.
    2. Give the user access to everything and let them install whatever they want, at the expense of user frustration and IT time spent removing software they’re not suppose to have and malware that have been installed as a result.
       Basically, trust the users and clean up after their messes when they don’t understand what they’re doing.

    In an educational setting, specifically in higher education, you have a lot of competing interests. You’re a business, selling a product (education) and have to compete with other businesses (schools) to gain more customers (students) — therefore, security like what you’d have at any enterprise is necessary. However, you have a group of highly educated and often times very ego-centric individuals called faculty that feel they have a right to gain access to anything and everything in order for them to independently do their job without interruption from IT, or having to ask them for assistance. I would imagine it’s something like working with engineers, but in this case 95% of the people have no idea how to use a computer. Last but not least, the university is an ISP, providing Internet access to students and employees on their personal machines. But that’s a topic for a future entry.

    The idea that users need administrative access to their computer or that they somehow have a right to it is wrong in my opinion. When I go into my office, I have services provided to me by other departments on campus that I do not have full control over. If I need a light bulb replaced in my office, do I have a key to go do it myself or do I just call Physical Plant and have them come over? Sure it’d be faster and probably easier for plant to just go take care of it myself. Just because you can give someone full access to a machine, and they’re used to it at home, doesn’t mean they should have that access at work.

    I have full access to the thermostat at home (well, I take that back… my wife does… I’m just a user there too) but I can’t just go adjusting the HVAC system at work how I want.

    We make as much software as possible that we’ve pre approved user-installable through Group Policy Software Deployment and soon though System Center once we have that up and running. Our staff maintains a repository of approved software installs that require us to do it, so when the user cannot do it themselves it only takes us a few minutes. If a user walks up to our support center, we can usually get the software installed on their laptop right away. We’ve given our Help Desk very easy to use remote access software and can usually get stuff installed for them within 24 hours, if not as soon as they call in or email.

    Does malware still get installed on systems where users lack administrative access? Yes. Which brings me to another point.

    You also need to look at the amount of damage that can be done in the time period where a user with administrative access disables anti-virus to install something, or even where the AV client doesn’t detect it and the user isn’t aware enough to see what has happened. A few years ago, the malware was about annoying the user or deleting files, but as it has changed to becoming a security breach where data can be stolen often without the user even seeing they’ve been infected.

    My wife works for a multinational accounting services firm, where she and her co-workers have access to information that would probably make any hacker wet their pants with excitement. Yet, they have administrative access to their company issued laptops, since they spend most of their time outside of the corporate office. In one case, she told me where one of her co-workers went weeks with a system she knew was infected with porn-popups, yet was “too busy” to do anything about it, like take it into the office and let IT look at the system. Did she know better? Despite required company IT education and training, probably not. Did my wife? You betcha.

    That infection may have been harmless, or just designed to generate traffic to your friendly neighborhood porn site, but would the next one be so lucky? Sure, you may put good AV on systems and monitor them daily, but they can’t catch everything. It seems like we should be fighting to do everything in our power to prevent this from happening, even if it means it’s more difficult for the user and IT. The risk of not doing so outweighs the easy of use.

    Do your users have administrative rights? Why or why not?

    Monday December 7, 2009
  • Snow Lacking

    Noted Apple security analyst Charlie Miller, author of The Mac Hackers Handbook and two-time winner of the Pwn2Own hacking contest has said, in an interview with TechWorld, that the latest version of Apple OS X (10.6 AKA Snow Leopard) lacks full and proper implementation of memory address space layout randomization (ASLR).

    ALSR is a technology, present in Windows Vista and Windows 7, that randomly assigns data to memory to make it difficult for attackers to determine the address of critical operating system functions being stored in memory, and therefore making it harder for them to create exploits.

    “It’s the exact same ASLR as in Leopard, which means it’s not very good,” Miller said, “Apple didn’t change anything. I don’t understand why they didn’t. But Apple missed an opportunity with Snow Leopard.”

    When OS X 10.5 (Leopard) was released, Miller and others were critical of Apple not fully implementing ASLR. While there is ASLR present in both Leopard and Snow Leopard, they fail to the heap, the stack and the dynamic linker, the parts of the operating system that are most open to attack. Linux also has what many consider a weak implementation of ASLR since kernel version 2.6.12, although some distributions include better ASLR then the stock kernel based on third party code.

    Miller did say that there are elements of Snow Leopard that show Apple did do some things to improve security, most notably the inclusion of data execution prevention or DEP, which utilizes both processor-hardware and software based security programming to help prevent buffer overflow attacks by blocking code from running in memory spaces that’s supposed to contain only data.

    However, Apple may be late to the game with implementation of DEP, as it has been present in Windows operating systems since Windows XP Service Pack 2, with further refinements made in Windows Vista and Windows 7.

    By incorporating both technologies, Miller says it becomes extremely difficult to craft memory attack exploits. “If you don’t have either, or just one of the two (ASLR or DEP) you can still exploit bugs, but with both, it’s much, much harder. Snow Leopard’s more secure than Leopard, but it’s not as secure as Vista or Windows 7.”

    Wednesday September 16, 2009