Category: Tech

Anything and everything I write that has something to do with tech. Maybe it’s a post about the time I blew up that server in 2003 because I didn’t know what bridged networking really meant. Sorry Roger!

Time to make the backups. It’s always time.

Photo of Ransomware on an Android Tablet

 

I ran through a quick pen & paper exercise and I came up with no fewer than 14 ways my data (aka my digital life… yours too) is constantly threatened. There are some protections available of course, number one strategy there is to always keep offsite and offline backup copies of everything important. Rotate the backups on a reasonable basis. Moving away from HDDs backup DVDs are also sensitive to heat, so don’t leave them in your car. And it turns out Solid State Drives lose their contents if not plugged into a computer every so often.

Even with the backup strategy in mind, I recognized that there are really two classifications of threats to a digital life.

A. Data Loss – An event without a malicious human initiator

B. Data Breach – Direct or indirect action taken by a human often with malicious intent

 

In what is likely not an exhaustive list, I decided there are only three of the fourteen items that actually fall in category A.

  1. House Fire
  2. Natural Disaster
  3. Mistakes

The issues in category A can be remedied by a good backup strategy, and of course actually executing that strategy. Saying you will backup isn’t the same as actually doing it.

Breaches on the other hand are myriad and growing. And the truth about the increased threat landscape has been taking a significant amount of time in my brain lately. I like most IT folks routinely spend more time talking about security than implementing new ideas and making change. I am worried that this list is only going to continue to grow.

  1. Botnet – Also just about any random run of the mill malware that will be picked up from being negligent.
  2. Pissed off hacker(s) – What they call “Advanced Persistent Threat (APT) in the biz. This can be either an individual, a group, even a government that wants to dox you or maybe steal or decimate your data.
  3. Random 3rd Party Service – This is generally what happens when an APT takes on a service or entity that also has your data. Last year over 5.6 million fingerprints were stolen from the OPM. Experian just got hacked. If you live or have visited the US, someone you have data stored with has been hacked. And therefore your data is compromised.
  4. Script kiddies – People like to stuff all sorts of garbage into Zip files and other archives. This is pretty close to the Botnet entry, but I think the initiator isn’t good enough to be an APT but likely some kid that is trying to break into your WiFi.
  5. Your employer – Similar to #3 but this hits much closer to home than if your Facebook account was hacked. Your employer knows everything about you. Even if your employer isn’t hacked, there’s always the mysterious “insider threat!” Be nice to everyone at your work.
  6. Petty theft – Sometimes people just steal stuff. I lost a brand new laptop and $1000 worth of tech when someone broke into a locked car. I made the original “mistake” as outlined above by leaving it outside of my control. But…. sometimes people just steal stuff anyway. If you are worried about people stealing your stuff, remember you need an OFFSITE backup. It’s pretty often that people leave their backup drives sitting on the desk plugged into their computer.  Do you have a passcode on your phone?
  7. Corruption – Drives have a Mean Time Between Failure. This is not particularly intentional, but I vote malicious simply because there are a lot of really crappy hard driveson the market. I have been burned by several drive manufacturers for drives that last less than a year.
  8. Piracy – What good is downloading the latest episode of whatever if that all lands you in court! If you are like every other person on the Internet, then you have pirated something somewhere on your computer. And that makes your whole drive something to be confiscated should you get to torrent happy.
  9. Family and friends – What? What do they have to do with this? Aside from their capacity to make mistakes, they are also compelling reasons to be paranoid about your data’s security. If your friends have pwned laptops and connect to your network and you’re not wearing your tin foil hat… so it’s not malicious on your friend’s part, but there’s definitely a person in the loop.
  10. Blanket Surveillance – It’s nothing personal, and if you have nothing to hide then you have nothing to be afraid of. The truth is all of us are connecting to the Internet for one reason or another, and those reasons are being monitored, tracked, analyzed, reported on, and many times sold. This may not be the same as my hard drive being compromised, but it is still a breach of the old digital self.

 

I welcome feedback. I’m sure there are other better ways to categorize this, and I’m not coming up with anything radically new here. But this may be good for just one of my friends or family members to know. Not everyone in my life is really tech savvy, but everyone is concerned about his or her computer and the data that makes up their digital lives.

Comic from Stickycomics.com (thx!) - Creative Commons LIcense 2.0

25 year legacy of Windows, spend the next 25 on something better

Comic from Stickycomics.com (thx!) - used without modification under Creative Commons 2.0 License
Comic from Stickycomics.com (thx!)

Since the first time I’ve heard of Linux way back in the mid-nineties, I’ve always had a passing familiarity, but never really spent the same time getting to understand it the way I did with Microsoft Windows. It wasn’t that I was shy from a command line, to this day I use powershell or sometimes the standard command line to do much of my work. It was just that every business I ever worked for was already invested in the Microsoft universe.

I have always been drawn towards the Linux kernel, fascinated with both its technical simplicity that “everything is a file” and it’s very simple and transparent purpose to be a free stable product for the world. Linux has always been for people. There isn’t a large corporation that owns Linux. There’s no single entity that solely profits from its use, we all do. I believe that ironically it is the profit motive that may be the very thing that will see Linux adopted in greater numbers over the next decade.

Linux Mint - Easy switch from Windows
Linux Mint – Easy switch from Windows

But it’s not the profit of a single company that will drive this, it’s all of our profits. Microsoft has moved Windows into the Software as a Service (Saas) paradigm. We have all received our free Windows 10 update if we wanted it, and we are set to pay for the next update that Microsoft puts down to our desktops. What will be the cost for the latest update? Maybe it’s only $5, or maybe it will be priced competitively to Mac OSX at $20. No matter the cost that’s money out of MY pocket.

And that’s money out of my mom’s pocket. And my sisters. And the pockets of my customers or employers. Microsoft has heralded the end of paying for a brand new and radically redesigned operating systems every few years. Their call is loud but not too clear.

Microsoft wants you to run Microsoft Windows 10 on every single desktop, laptop, tablet, or phone you own for the rest of your life.

The faint echo of this call for the end of new desktop operating systems should just now beginning to be heard in the back of technologists minds. I have been in IT for 15 years and have at least another 25 years before retirement if I’m lucky. I’m a Systems Engineer for a living. If Microsoft charges my customer, employer, or family $5 per computer every year to update to the not-new Windows 10.whatever, someine is paying $125 for that machine.

This is assuming I don’t have to replace the hardware to run it. With the proliferation of long-life Solid-State Drives, my computers lifespan may be closer to 5 years now. And like most people I’m not doing sophisticated design work, and my modest i7 with 8GB of memory will likely see me through web browsing and looking at pictures.  If my hardware isn’t dead… do I really need a new computer or a new OS?

So why do I need to pay to update? Especially when I think about all the systems I’m going to maintain over the next 25 years. If I support over 3000 now… that’s $15000 in update costs over the next 25 years. Maybe that’s a small price to pay… but what if it’s closer to $20 per year, or you are an organization with 30,000 PCs?  That’s a lot of money over that period of time. And it’s not my money, I’m not a business owner… updates are taking away someone’s profits.

If I were a business owner and wanted my company to survive over the next 25 years then I would recognize the company will continue to need computers in some form for that time. Now a long-term investment in technology makes sense. If my computers hardware won’t be obsolete for 5-10 years, and most software runs in the web, why do I need to pay for an OS update? Outside of security fixes, applying OS updates doesn’t make sense. To introduce change in my practices just because my vendor wants me to is not what business friendly.

Wouldn’t that be great to have a business where the technology just gets out of the way of what the business does, instead of continuing the last 25 years of forced upgrades, retraining, and undesired changes?

Switching to Linux in an entrenched Windows environment was never and will never be easy. But now that Microsoft has signaled the newest change in our constantly-changing desktop environments, the long-term benefit of the switch to Linux really makes practical sense. The need for access to general-purpose machines in many businesses is not going to go away. The form factor and mobility of the devices may change, but there will still be a need for flexible multi-purpose devices in many businesses. It makes sense to really take a hard look at long-term supportability.

Microsoft is keen to the burnout businesses have with keeping up with technology. To their credit they allow a slower burn-rate by offering two tiers of Update Paces. One is aimed at stability, the other the newest shiny thing they can put out. The slower burn rate which makes sense for most businesses, is just the last step before they lose customers to free software.

But even if businesses decide they can’t break the dependence on their Windows investments, do you know who will? The IT staff that runs them will start to feel pinched by too much Microsoft if they haven’t already. If a geek is obligated in any way to support their friends and family, then the smart ones will recognize that which is easiest and least expensive to maintain will be their friend. Especially if they’ve spent the last decade updating those same friends through XP to 7 to 8, then 8.1 and now to 10.

When was the last time the latest OS was so sexy that grandma wanted an upgrade? With Windows success rate it’s about every seven years from XP to 7 to 10. Grandma doesn’t care about the latest bauble in the OS… any feature she wants is likely an app or website. She doesn’t want the software to change, the teller at the bank doesn’t care. People don’t care what’s so awesome about the new version of this or that, they want it to do exactly what it did yesterday.

If you’re a Windows Admin, do yourself a favor and pick up some Linux skills now. It may not be obvious today, but 25 years from now we’re going to look back and recognize how much time and money we all saved by not tethering ourselves to Windows for the rest of our lives.