Red Nova Tech Tips and Tricks

Passwords leaked - LinkedIn, eHarmony, Last.fm

Sun, 17 Jun 2012 02:15:44 -0700

Recently many password databases have been compromised and released publicly. LinkedIn, Last.fm, and eHarmony. If you are a user of any of these services your password may have been one of those leaked.

How do I tell if my account was compromised?

Lastpass, a service I recommend for password and account security, has put together a page for each of the breaches wherein you can submit your password and it will tell you if your password is in the publicly available lists. This is done in a secure manner, Lastpass never gets your unencrypted password, but rather compares your hashed input to the hashes publicly available. For those of you who don’t know what a hash is, just think encrypted.

Was My LinkedIn Password Hacked?
Was My eHarmony Password Hacked?
Was My Last.fm Password Hacked?

What now?

Even if the above pages say you are not compromised, now would be a good time to make sure you are using unique, secure and new passwords on those sites. I also suggest that you take this chance to start using a password vault, Lastpass and KeePass are good ones I’ve used in the past.

How do I keep this from affecting me in the future?

Always use different passwords for different sites. This limits the damage that can be done when any particular service is compromised. Imagine that you used the same login for your email account as your LinkedIn account and that information got out. Not only would you lose your LinkedIn account but potentially your email as well. Also remember that most accounts have a “forgot your password?” link that just email you password reset instructions. An attacker using those links can have access to any account you have ever had.

You can read more password recommendations in previous posts, specifically Password Best Practices Part 1 and Password Best Practices Part 2.

How to properly clean your monitor or HD TV

Tue, 29 Nov 2011 10:00:12 -0800

LCD screens are the standard now for both computer monitors and TVs. They look great, come in large sizes, are expensive, and fragile. The days of grabbing a bottle of windex and cleaning your 100 pound screen with anything you had handy are gone. If you try this with todays screens you will be left with a yellowed, foggy, and probably scratched monitor.

How do I safely clean my LCD?

The only safe way recommended by manufacturers is with a soft, lint-free cloth and distilled water. Do not use any chemicals or anything made of paper. Mist the cloth with the water and buff the screen as softly as you can. Pressure can and will scratch or crack the screen.

What can I get away with?

Pure water is great advice, but sometimes you need a deeper cleaning. Water doesn’t dissolve oils such as fingerprints, smoke, and many other contaminants. To stay within the manufacturer guidelines the answer is to just deal with it, though for many of us that isn’t a solution.

I can offer up suggestions based on my personal experience but this comes with a warning: Your mileage may vary.

There are many commercial products made for cleaning LCD screens, some are good, some not so much. They can be expensive and caveat emptor (Let the buyer beware). Make sure that you read reviews before buying such a solution and avoid anything containing ammonia like the plague. One product that has good reviews by people I trust is Klear screen products.

I have had great success with a solution of mostly distilled water, isopropyl alcohol, and some white vinegar. I’m still working on the best ratios for this cleaner to maximize the cleaning power, reduce streaking, and minimize the risk of damage to the screen.

As for cloths, a lens cleaning cloth from a camera shop is what I use.

Spray your cleaning solution directly onto the cloth and lightly buff the screen. Gentle pressure is the key. Do not spray onto the screen as the solution can run down the screen and into the bezel, shorting out the computer or monitor.

That’s it?

That’s all there is to it. You can use this same technique with the outer surfaces of most electronics as well. Your laptop, computer case, keyboard, or mouse. Just remember to shut everything down before you clean and you will be fine.

Password Best Practices (part 2)

Mon, 14 Nov 2011 12:42:05 -0800

Problems to be solved regarding passwords

Passwords provide authentication, an answer to the question “Who are you?” We’ve covered selecting a password that is hard to crack, but there is a different problem to be solved today; passwords being used across multiple websites.

A single security breach often gives an attacker all of your passwords

When a site you have an account with has a security breach and their database is stolen, the attacker has a list of username and password combinations and often email addresses. This allows them to access different sites and try those combinations. Most people use the same credentials everywhere, giving the attacker virtually all their accounts with one security breach.

The solution to this problem is to use a different password for each site.

The challenge then becomes: remembering and keeping straight all of the different passwords required. My favorite solution is a service called LastPass.

LastPass is a password vault with many features that make it both secure and available anywhere. You use LastPass so you don’t have to remember or type your password for any site ever again. This allows you to use very secure passwords that are unique to each site, without the hardship that would otherwise entail.

I use LastPass exclusively to store my passwords (over 200 at last count). This allows me to keep them unique and hard to crack.

Let me show you how I use LastPass to make life easier.

Plugins, plugins everywhere

LastPass is available as browser plugins for all major browsers across all major platforms. It is available for Mac, Windows, or Linux. Open any major browser on virtually any computer, login to LastPass and you will have all your passwords at your fingertips.

I use more computers than most people, due to my job and addiction to technology. I use my iMac, iPad, iPhone, MacBook Air, my wife’s Windows 7 computer, and a couple of test Android devices almost daily and never have to scramble for login credentials when I need to get something accomplished.

Password generation

Coming up with unique, hard-to-crack passwords for each site is tedious, to say the least. LastPass plugins provide a password generation tool. This allows you to generate secure passwords that are long, random, and unique.

I use it’s generator for all the passwords I use. Since LastPass frees me from remembering or typing passwords, it’s a perfect solution.

Two-factor authentication

If you keep all your passwords in LastPass, a thief who accesses your account will have ‘all the keys to the castle’. To further secure your account, LastPass supports many different forms of two-factor authentication. Two-factor authentication is a method that ensures you are who you say you are by not only requiring a password (something you know), but requiring a code from a device or piece of paper (something you have), greatly increasing security. LastPass supports the YubiKey, the Google Authenticator, paper-based Grid Multifactor Authentication, Sesame: Multifactor Authentication with a USB Thumb Drive, Fingerprint Authentication, or Smart Card Authentication. Don’t worry if you don’t know what each of those are, just notice that you have many different options to increase the security of your LastPass account.

I personally use a YubiKey to secure my account against theft.

One-time passwords

You may need to log into your account from an untrusted computer, such as a public computer or someone else’s machine. This is dangerous since you do not know if the computer has a key logger installed. To mitigate this risk, LastPass supports the use of one-time passwords.

One-time passwords are also useful to bypass your two-factor authentication in the off chance that you’ve lost or misplaced your two-factor authentication device or paper.

I always keep a sheet of 10 one-time passwords in a safe place.

Security check

LastPass provides what they call a security check feature. It searches your saved credentials and gives you a score based on the difficulty of your passwords and password reuse. It identifies sites that you use the same password on so you can change them to something unique or more difficult.

I make it a habit to go through this process every 3-4 months, since I have a tendency to be lazy. I think of it as a security tuneup.

Form filling

LastPass can also fill forms for you. Never again will you have to fill in complicated shipping address or registration forms. It uses the same secure storage and synchronization routines to keep this data safe, so you can trust it with credit card numbers.

Phishing protection

LastPass knows all the URL rules that are hard for a human to know and recognize. A human cannot distinguish http://pаypаl.com and http://paypal.com. The former is actually a different site, as the ‘a’ characters are cyrillic (Russian glyphs), though visually identical in almost all fonts. LastPass can tell the difference and will only enter in credentials for the real PayPal site.

Much more

Secure Notes
Offline Backup
Import and Export
Favorites
Sharing
Identities
History
Virtual Keyboard
Bookmarklets

You can find details about all I’ve discussed here and more in LastPass’s User Manual.

Care and Maintenance of Batteries

Fri, 04 Nov 2011 14:56:00 -0700

Our modern lifestyle depends on batteries. They are in our phones, laptops, tablets, music players, and more technology coming in the future. Right now, the most common kind of battery is Lithium-ion, which often costs 10-50% of the price of the device it powers.

I’ve killed my fair share of Lithium-ion batteries over the years, done some research, tested anecdotally, and come up with some specific advice to maximize the life of your batteries.

Rules of thumb

Keep the electrons flowing

When a battery is kept at 100% charge for long periods of time it tends to age prematurely.

Keep the temperature down

Heat is the real enemy of Lithium-ion batteries. High heat stresses them, damaging the cells inside and reducing their ability to keep a charge.

Specific advice

Make sure there is a full charge cycle every month

If you usually use your device while it’s plugged in, run it until the device shuts off and then immediately charge it until full. I do this monthly. This accomplishes two things; it calibrates the software as to the actual battery charge, and more importantly, keeps the electrons flowing.

Store a battery at 40% charge

If a battery is to be stored, be sure to bring the charge down to 40% of it’s full charge. This minimizes the aging of the chemicals inside. Batteries will slowly fail from the moment they are manufactured.

Take the battery out when you plan to run your laptop from the power adapter for long periods of time

Two things occur when you have your laptop plugged in with a full battery, both of which will shorten its life. When a laptop is plugged in, it’s battery is kept at 100% charge and stored underneath a hot device. These two things combine into a perfect storm to age the battery. Many sites claim that a Lithium-ion battery kept charged and under a hot laptop will last a maximum of two years. This is over-optimistic, in my experience.

Sane Password Policies for Businesses

Fri, 28 Oct 2011 14:45:00 -0700

Most companies have password policies. It is a requirement in today’s world. They want to keep their systems and data safe and secure, and authentication through passwords brings accountability to their systems.

In reality, password policies in most businesses encourage behavior, such as sharing passwords or using unsafe passwords, that undermine what the policies were created to accomplish. Without knowing that only Joe can log in as “joe”, there is no accountability or security.

I have created a set of policies that are sane and encourage good behavior. In short, policies that are effective.

Many of these policies run counter to common-knowledge best practices. If you are in a regulated field such as government or healthcare, you may not be able to implement these policies due to current laws or requirements of credit card companies. I encourage you to think critically about your policies and implement my suggestions where appropriate.

Password policies for users

Do not require frequent password changes

Frequent password changes encourage bad behavior; for example, writing passwords down somewhere unsafe. A post-it note is the most common example.

Do not enforce password reuse policies

If an administrator has to change someone’s password in order to log in as them, the user will not be able to change it back. This leads to the same bad behavior as if he required the user to change their password too frequently.

Do not require multiple passwords

This minimizes the risk that users will resort to post-its or insecure passwords. Use Single Sign-On technologies to keep the number of log-ins to a minimum. The purpose of passwords is user authentication, and users are already authenticated with the network when they log into their workstation.

Do forbid sharing of passwords or accounts

Accountability requires a one-to-one relationship between people and accounts.

Do require complex and long passwords

For passwords to be useful, they need to be secure and hard to crack. Long passwords make a bigger difference than complexity in cracking difficulty. This is even more important when you do not require your users to change passwords frequently.

Do provide help in selecting a strong, yet easy to remember password

Users are not equipped to think about passwords in a way that is effective. They need guidelines in how to select one that will not be a hardship when the policy is “16 characters and complex”. For this purpose, see my Password Best Practices post. You can download a PDF copy to distribute with a license that restricts alteration and requires attribution.

Password policies for administrators/help desk personnel

The same as above with the addition of:

Do not ever ask a user for their password

IT should set an example for users. If password sharing is forbidden, then asking users to violate that policy whenever it is convenient for IT teaches the wrong lesson. Use remote access tools to help your users. If you must log in as them and the user is unavailable, change the password rather than asking for it. With a sane password policy, it is rather trivial for users to change their passwords back.

Do use “user must change password on next login” flags

Most users will never change their password from “password.” Forcing them to change their passwords on next login will fix this vulnerability.

Do not use default passwords

Make sure that you authenticate users before giving them passwords; a default password will soon be known to everyone in the company. Authenticating users without passwords due to lost passwords, security lockouts, or IT password changes is just as important. I will cover this in a later post.

Password policies for service accounts/shared accounts

Try and minimize the use of shared accounts. Shared accounts limit accountability. If you think you need one, carefully think though the problem that needs to be solved. Sharing accounts indicates that there is an architectural problem.

Do require frequent password changes

Shared accounts and service accounts need frequent password changes, since every company has personnel turnover. A password change resets the number of people with knowledge of the current password. Any required change shorter than 90 days doesn’t make sense, six months to a year is more sane.

Do require different accounts for different purposes

The list of people who need access to a particular account will change over time in unpredictable ways. Separating accounts to particular uses ensures only the people who need access will have access.

Password best practices (part 1)

Sat, 22 Oct 2011 19:33:00 -0700

Why is this important?

With more and more of our personal information going into the “cloud” and one of the most common crimes being identity theft, account security is of the utmost importance. I’ll cover many different aspects of maintaining a secure presence online, but today am focusing on passwords.

Why is password security hard?

The human brain is not well equipped to handle good password security like it is with physical security. That which makes passwords hard to crack also make them hard to remember. For example, a good password following traditional advice is: TR9rIMwT^JXkns^&$XU&v9!x. Do we really have the capability to remember such a password? This is a problem almost everyone faces when dealing with password security.

What’s the solution?

The solution comes in two parts. This post will cover selecting a secure password that is both hard to crack and easy to remember. It is called “Password Haystacks” and comes courtesy of Steve Gibson of GRC.com.

Lifted from his site:

Which of the following two passwords is stronger, more secure, and more difficult to crack?

D0g…………………
PrXyc.N(n4k77#L!eVdAfp9

You probably know this is a trick question, but the answer is: Despite the fact that the first password is HUGELY easier to use and more memorable, it is also the stronger of the two!

If you want a semi-technical explanation, go to GRC’s Haystacks page. If not, keep reading for my layman’s explanation below.

Steve did some number crunching and realized that when it comes to cracking a password, length almost always trumps complexity. If you have a minimum of complexity (at least one character from the uppercase, lowercase, numbers and symbols groups), then anything you do to make it longer is almost as good as the same length of hard to remember gibberish. Like the password examples above, just one more character in length, even though it looks simple, more than doubles the time needed to crack a password.

Lets give some more examples:

3,People,Walk,Into,a,Bar

According to GRC’s calculator, it should take “9.38 hundred billion trillion centuries” to crack under the best circumstances. I’m sure you can remember that.

TR9rIM^w

According to GRC’s calculator, it should take “1.12 minutes” to crack. A very bad example.

You can even use something like your name:

1234567890DJ.is.the.greatest
76.43 million trillion trillion centuries

Maybe something even simpler:

God I love Hershey bars!
65.10 billion trillion centuries

Or add a number or two:

God I love Hershey bars!56
8.47 thousand trillion trillion centuries

Even better.

If you don’t like sentences, one of the most common password is “monkey”:

*M0nkeySeeM0nkeyD0*
1.21 hundred trillion centuries

Or pad the password, as Steve suggests:

1234<>?monkey1234<>?
19.31 trillion centuries

Or, even this:

1!monkeymonkeymonkey1!
91.92 thousand trillion centuries

As you can see, there are many ways to create length without sacrificing rememberability.

To sum up: length, length, length. Having a longer password is drastically better than having a complicated password. Make your password long, easy to remember and type out. It’s one of the easiest ways to protect yourself online.

Do you want to see how your favorite password stacks up? Head over to GRC’s Haystacks page and see how long it takes to crack.

Coming next time

For a part two hint, head over to Lastpass’s site. We’ll be discovering how easy it is to have different passwords for each site in a secure, easy manner.

Podcasts for beginners

Sat, 08 Oct 2011 15:43:00 -0700

I would like to apologize for not posting much lately. I’ve been very busy with a redesign and branding of Red Nova Technologies.

Being so busy, one thing has been a lifesaver (or at least a sanity saver).

Many people keep music playing throughout their houses, cars, and offices to entertain them when they are doing something monotonous. What do you do when you think everything on the radio is not worth your time and you are tired of listening to All You Need is Love for the 500-millionth time? I turn to podcasts.

What are they?

Podcasts are sound and/or video files delivered regularly to your computer or device. I’ll leave out the technical details as that isn’t really important. Think of them like old time radio shows in the 40s and 50s, but rather than gathering around the radio at seven, you can listen to them at your leisure.

There are podcasts covering every subject matter you can imagine, from news to special purpose podcasts to teach you about a subject. I’ll share a few of my personal favorites at the end of this post.

Most podcasts are free, though there are a few that are for-pay only or that give more episodes to a paying member.

I’m interested, now what?

Probably the easiest podcatcher (a program that downloads podcasts for you) to use is iTunes. That’s the method I will outline here as a basic tutorial.

First you will need iTunes installed. If you are on a Mac it will already be installed. If you are a Windows user, you will need to download and install it from apple.

To find podcasts to download (or subscribe)

Open iTunes.
Click the sidebar item labelled iTunes Store.

Click the link at the top of the store labelled Podcasts.

Browse or search via the search box in the upper right corner of the window to a podcast that you like.

Click the Subscribe Free button on the podcast page. This should download the latest episode of this podcast.

If you have a podcast that you want that you cannot find in the store; copy the rss url to the clipboard, open iTunes, open the Advanced menu, click Subscribe to Podcast…, and pasted the url here.

To play your downloaded podcasts

Open iTunes
Click the sidebar item labelled Podcasts. (Note: the number to the left of the word indicates how many unplayed episodes you have yet to listen to.)
Double click on the podcast you wish to play and then double click on the episode you wish to play.
Use the controls in the iTunes window to control playback.

Some of my favorite podcasts

Most of my podcasts are unlikely to be of interest to non-geeks, though the following are very general purpose and a great introduction to podcasts for anyone.

Escape Pod - Science fiction short stories.
PodCastle - Fantasy short stories.
Pseudopod - Horror short stories.
This American Life - Non-fiction stories with a focus on real people and their stories.
Quick and dirty tips network - A plethora of podcasts on life. Like grammar, productivity, public speaking, etc. Most episodes are 5-10 minutes in length and feature one real tip per week.
Journey Into… - Remember how I said that podcasts were like old radio shows? This one really is. Recorded somewhere in Oregon, some episodes are fiction, many are actual rebroadcasts of classic radio shows.

Hacker Rattles Internet Security Circles - NYTimes.com

Mon, 12 Sep 2011 01:09:00 -0700

Hacker Rattles Internet Security Circles - NYTimes.com:

These kinds of articles come out all the time and most of us ignore them. Often it’s because there isn’t much we can do in order to protect ourselves from things like this, or we don’t really know how.

Today, I’ll break down what the average computer user really needs to know about this hack, what it can do, and what they need to do about it.

For those who don’t like to read long posts, the short of it:

Update your OS and update your browser to the latest. All major browsers and OSes have been updated to fix this hack. I’ll be posting instructions later on how to do this with all versions of Windows that I support as well as OS X.

For the person wondering what this is all about:

What exactly is SSL/TOS?

It’s simple really, you use SSL whenever you go to a Web site with https: in the url. You usually see a padlock in your browser and you get feel all warm inside knowing that you are safe.

How does SSL work?

There are these things called Root Certificate Authorities. We trust them and they vouch that the Web site you are visiting is who they say they are. There is a lot of math and cryptography behind it all but that’s the brass tacks if you will.

What happened here?

A hacker (or hackers) broke into a Root Certificate Authority named Diginotar, a Dutch company, and made them vouch that anyone is, for example, google.com. There were hundreds of certificates issued (the way we know that a Root Certificate Authority has vouched for a site, one per site).

How was this fixed?

All browsers and OSes have revoked trusting Diginotar. So we won’t trust anything they’ve vouched for anymore. You’ll get a broken padlock or an error page if you visited a site using these bad certificates.

How could this have been used against me?

This particular hack required someone in the position we call Man-in-the-Middle. Which means at your ISP or maybe a state firewall (Great FireWall of China, or Iran). There was pretty little to worry about in the United States if you trust your ISP isn’t hacking.

Doesn’t that mean that the SSL model is flawed?

Yes, if those at the top of this particular pyramid is compromised then we have no real recourse. This is a grim picture, but there are good people looking out at these situations and also trying to come up with a better solution. These hacks are rare and as long as we keep our software up to date we should’t have to worry.

This was an overly simplified explanation of SSL and this hack in particular. I have tried to be correct in the overall if not in the particulars as that would make it harder to understand. Just remember to update your software regularly and you’ll be fine. If you need help with any software updates, I’m always a phone call away.

Change Your DNS Settings on iPhone, iPod Touch, and iPad | Techinch

Fri, 09 Sep 2011 14:22:00 -0700

Change Your DNS Settings on iPhone, iPod Touch, and iPad | Techinch:

It is a good idea to use OpenDNS on your mobile device as it should filter out known malware domains. Remember your phone or tablet is a computer also and as such vulnerable to attack just as your PC is. This link describes how to do it on an iPad or iPhone.

Adding Find my iPhone to your iPhone

Tue, 06 Sep 2011 22:42:00 -0700

iPhone users should certainly take advantage of the free Find my iPhone feature that apple provides for the latest generation devices (iPhone 4, any iPad, and the latest gen iPod Touch). Following is the lesson I put together for a client to help their end users set this up on their iPhones. I have the iPad version and one on how to use the service. If anyone needs those lessons, please, don’t be shy and ask in the comments.

The Lesson

The following steps will take you through the procedure to both setup the service to find this iPhone as well as use this iPhone to find another device

Open the Settings app

From the home screen, locate and tap the Settings app

Open Mail, Contacts, Calendars

Scroll down and tap the row labelled Mail, Contacts, Calendars

Add an account

Tap the row labelled Add Account…

Choose MobileMe

Tap on the button labelled: mobileme

Enter credentials

Enter in your iTunes account information and tap the Next button

Accept the location dialog box

Tap the OK button

Save your work

Tap the Save button to save the new account.

On to the next step

Once you see the Account Added screen and are dropped back to the menu, press the Home button

Open the App Store

Tap on the App Store icon

Bring up the Search tab

Once the App Store has launched, tap on the Search tab on the bottom of the screen

Search for the app

Type in Find My iPhone and tap the Search button

Select the Find my iPhone app

Tap on the Find My iPhone app from the list

Install the app

Tap on the FREE button and then tap again on the INSTALL button in the same place

Enter your password

Type in your iTunes password and tap OK

All done

The app should download and install

Got this tonight. It’s a scam. If you get a phone call,...

Thu, 01 Sep 2011 21:19:00 -0700

Got this tonight. It’s a scam. If you get a phone call, text message, or any communication claiming to be from your bank…call your local branch and ask about it. Do not give any information or call back any suspect phone numbers.

It’s unfortunate that we have to be so diligent, but alas, ‘tis the new world we live in. We wouldn’t give out information to someone in a back alley who we didn’t know, we shouldn’t do the same online or over the phone without verification.

Backup, Backup, Backup

Mon, 22 Aug 2011 22:29:00 -0700

If you’ve ever lost one priceless picture of your kids, had to recreate your entire family tree from scratch, or had to rewrite a term paper just before it’s due, then you already know the importance of what I’m talking about; backups. There are two kinds of people, those who’ve lost important data before, and those who will.

The most difficult part of this job is having to tell people that their data is gone. Most people don’t opt for professional data recovery, which is both expensive, and not guaranteed to work. Usually they just grieve for what was lost and move on. This can, however, be avoided with some very basic and easy backup techniques, the most important of which is to keep to a schedule.

There are two mail things to protect agains: mechanical failure of a hard drive, and disasters such as theft, fire, flood, etc. Each technique protects against particular threats. Ideally we’ll approach this with multiple techniques so as to protect against each.

Local

Mechanical failure is the most likely thing to cause lost data, and also the easiest to protect against. All you need to do is have at least two copies of your data on at least two different mediums

This can be accomplished in a few different ways:

We can laboriously copy all our data to CDs or DVDs. This is certainly the cheapest option in terms of money, though it requires quite a bit of labor. So often I hear that someone has relied upon this method but never gets around to actually making new backups as to make this method virtually worthless.
We can manually copy all our data to an external hard drive. This has all the disadvantages of number 1 without the cheap cost.
We can use software to copy all our data to an external drive on a schedule. This is surprisingly inexpensive depending on the program chosen and available, if a little difficult to setup. It provides the most reliable local backup as you cannot just “forget to run it”. The only problems with this method is when you have a portable computer as it’s easy to forget to plug the device in.

Remote

In a disaster that takes out your computer and it’s peripherals, a local backup is useless. The techniques to protect our data against these kinds of failures is similar to local backups, with the added twist of having your data stored elsewhere such as:

Do local backups as above times two and just drop one copy off somewhere else, a safety deposit box, maybe a relative’s house. This is the cheapest option, but like burning your data to CDs, likely to be forgotten.
An online service that stores your backup “in the cloud” so to speak. These incur a monthly charge, but is a “set it and forget it” solution. The only problem with these services are the cost, and–depending on the solution there can be privacy concerns.

Solution

The solution I use is a combination of many of the options I’ve described here. I use a service called “CrashPlan”. Note: At the time of this writing I do not resell or advertise for CrashPlan, though as you’ll see, I’d love to. This recommendation is coming from a happy customer not a salesman.

What CrashPlan provides is essentially software as well as a service. If you do not subscribe to the service, you still get the software for free. Lets talk about the things that CrashPlan does for me and I’ll make sure to mention when I get to the paid part…

Automates backups to my other computers. Free.
Automates backups to an external hard drive. Free
Allows me to send some encrypted backups to a friend, they just donate space to hold my backups, and I can do the same to them. Note, we cannot just open each other’s files, they are encrypted blobs to us, but useful backups to the owner. Free.
Allows me to backup over the Internet from anywhere in a secure manner to those locations I have designated (A friend or my other computers). Free
Gives me emails describing my backups, from where, how big, and how long it’s been since you’ve backed up. Free
Gives me space on their servers to backup to. This one is paid.

Again let me mention that you can do the first five without paying them a dime. The only thing that requires money is when they give you space. I love this service and highly suggest it for my customers.

If you have the confidence to do this on your own, go give it a try, you’ll thank me when your hard drive dies. If you do not, just give me a call and I’ll be glad to set it up for you. If you have another solution, please comment and let me know, I’m always looking for ways to streamline this for both my customers and I.

Lion upgrade woes

Thu, 21 Jul 2011 13:21:00 -0700

I just did the lion upgrade on my iMac, making sure to do a good backup before taking the plunge as I figured I’d have to downgrade right away since I did absolutely no preparation work.

Overall the upgrade went well. I had to update LogMeIn Hamachi as it caused a kernel panic upon the first reboot. Seems fine after the update. The only real problem involved Address Book. First some background information about my setup. I keep everything in Google’s universe, Mail, Calendar, Contacts, even some documents. I’ve found that it’s the most seamless way to work on multiple devices. It’s been working well for years. Until the Lion upgrade that is …

After the upgrade to my horror I was contactless. which was then synced to Google and from there to all my other computers and devices. Not good Apple. After a short freak-out, Google search came to the rescue. Google contacts (through the Gmail interface only I found out) has this great feature—restore contacts to an earlier time. Just a quick click on More actions … Restore contacts … to yesterday and I was back in business. Now back to testing.

Google instructions: http://mail.google.com/support/bin/answer.py?hl=en&answer=1069522