It shouldn't happen to an IT consultant
Spend your time doing business, not IT.
Wednesday 24 September 2008, 11:45 PM
XP without the CDs
I have just returned from an architects practice who ordered on my advice, a Dell Vostro 200 Desktop with XP Pro pre-installed. (I'll go into why Vostros make the best sense in a future post). Microsoft hates XP these days and wants it to go away. Shame the users feel differently. Like other manufacturers, Dell use a loophole in the Vista License to continue offering XP as a 'downgrade'. They charge a premium for this, though, and you'll get a copy of Vista Business as well - but you can't have everything. Unfortunately, in this case I discovered that although XP comes installed, Dell has stopped shipping the XP installation CD - and, even worse, you don't get an XP license key sticker.
After being told by Dell sales and tech support staff that the sales person who took the telephone order must have “made a mistake”, the next person I reached claimed it didn't matter “because support can re-install XP remotely” (they can't) and finally it is because “Microsoft make us do it”. After a lot of bovine excreta I finally got through to a supervisor in support who knows.“It's a big problem, and we are working on it, should be sorted out soon”. I could the hear the pain in the poor chaps voice.
The missing License key shouldn't matter he pointed out, and that should be true, because Dell XP CDs install on any Dell without asking for a key. But should Windows 'Genuine Advantage' (an advantage only for Microsoft) get things wrong and out of the blue suspect you have a pirated copy, you won't have a key to feed it. Its happened before, and even though Redmond's anti-piracy tool has since improved I wouldn't like to bet on its frequent updates never getting things wrong again.
In the meantime, the supervisor said. if you ask support for the missing media they'll post the CD. So now you know: call before you need it.
After being told by Dell sales and tech support staff that the sales person who took the telephone order must have “made a mistake”, the next person I reached claimed it didn't matter “because support can re-install XP remotely” (they can't) and finally it is because “Microsoft make us do it”. After a lot of bovine excreta I finally got through to a supervisor in support who knows.“It's a big problem, and we are working on it, should be sorted out soon”. I could the hear the pain in the poor chaps voice.
The missing License key shouldn't matter he pointed out, and that should be true, because Dell XP CDs install on any Dell without asking for a key. But should Windows 'Genuine Advantage' (an advantage only for Microsoft) get things wrong and out of the blue suspect you have a pirated copy, you won't have a key to feed it. Its happened before, and even though Redmond's anti-piracy tool has since improved I wouldn't like to bet on its frequent updates never getting things wrong again.
In the meantime, the supervisor said. if you ask support for the missing media they'll post the CD. So now you know: call before you need it.
Monday 22 September 2008, 11:42 PM
Patching things up
I am perpetually imploring my clients to keep their software up to date. The majority of web-based exploits now target common applications (a trend away from targeting Windows itself), so it's vital to keep everything updated. Time after time I hear the same reason why a user ignored every 'an update is available' dialog. They do not know, and cannot tell, if they are genuine.
Who can blame them? The message has got through that unexpected malware is pushing web pop-ups, many of which appear to be genuine dialog boxes, that should never be clicked on. Things seem to be working, so it appears a logical choice to play safe and ignore the messages. Logical, but wrong.
User are faced with a mass of different updates messages, that typically include; Windows, Office, Java, Flash, Acrobat Reader and frequently Real Player, QuickTime, iTunes, a CD/DVD writer and player plus browser toolbars.... I could go on.
Things aren't made easier by an almost total lack of consistency. For example, Flash Player presents a message that looks rather like a pop-up advert after boot-up, Java and Windows a yellow balloon from the icon dock, and Acrobat Reader a dialog within the application. There's some help to be had via applets that upgrade several applications in one place such as the Install Shield and Google updaters'. But yet another way of doing things is hardly a solution.
Some auto-update by default. Many others don't. Microsoft update (and Vista's equivalent) must be manually enabled to ensure Office is updated along with Windows. Java, Flash, Install Shield and Google Updater, on the other hand, ask the user to agree to each update.
There's always a risk that an upgrade will cause problems, but that risk is far lower than running software with known security flaws. Many large organisations sensibly delay updates until they have been thoroughly tested in-house. Corporate machines though are locked down far tighter, users have less freedom to control their PC and reduced access to the web (often to the detriment of productivity). As a result the risk posed by un-patched software is much smaller. Testing isn't practical within smaller companies while users more commonly need, and certainly demand, full control over their machine with access to all of the Internet.
It could be argued that waiting 24 hours, then Googling each update to check for serious problems strikes a balance between malware risk and a bad patch, but nobody's done the research to find out. In any case, in the real world I doubt many would bother, faced with other work demands. It seems to be a law of nature that the upgrade requests pop up just when you really need to use the software for an urgent task - so saying no removes the chance of a long and potentially disruptive delay.
Users should be told why it's so important to click OK - or at least, encouraged to ask someone who knows when the request pops up. And this is another reason to run as much of the software that your users run, so you can be prepared to answer - or even put out an email letting people know what to expect, and what to do.
In the longer term I dream of the day when developers, ensure all applications, by default, auto-update via a daily patch check, or at the very least ask how they are to behave during installation. Perhaps I should eat more strong cheese before bedtime.
Who can blame them? The message has got through that unexpected malware is pushing web pop-ups, many of which appear to be genuine dialog boxes, that should never be clicked on. Things seem to be working, so it appears a logical choice to play safe and ignore the messages. Logical, but wrong.
User are faced with a mass of different updates messages, that typically include; Windows, Office, Java, Flash, Acrobat Reader and frequently Real Player, QuickTime, iTunes, a CD/DVD writer and player plus browser toolbars.... I could go on.
Things aren't made easier by an almost total lack of consistency. For example, Flash Player presents a message that looks rather like a pop-up advert after boot-up, Java and Windows a yellow balloon from the icon dock, and Acrobat Reader a dialog within the application. There's some help to be had via applets that upgrade several applications in one place such as the Install Shield and Google updaters'. But yet another way of doing things is hardly a solution.
Some auto-update by default. Many others don't. Microsoft update (and Vista's equivalent) must be manually enabled to ensure Office is updated along with Windows. Java, Flash, Install Shield and Google Updater, on the other hand, ask the user to agree to each update.
There's always a risk that an upgrade will cause problems, but that risk is far lower than running software with known security flaws. Many large organisations sensibly delay updates until they have been thoroughly tested in-house. Corporate machines though are locked down far tighter, users have less freedom to control their PC and reduced access to the web (often to the detriment of productivity). As a result the risk posed by un-patched software is much smaller. Testing isn't practical within smaller companies while users more commonly need, and certainly demand, full control over their machine with access to all of the Internet.
It could be argued that waiting 24 hours, then Googling each update to check for serious problems strikes a balance between malware risk and a bad patch, but nobody's done the research to find out. In any case, in the real world I doubt many would bother, faced with other work demands. It seems to be a law of nature that the upgrade requests pop up just when you really need to use the software for an urgent task - so saying no removes the chance of a long and potentially disruptive delay.
Users should be told why it's so important to click OK - or at least, encouraged to ask someone who knows when the request pops up. And this is another reason to run as much of the software that your users run, so you can be prepared to answer - or even put out an email letting people know what to expect, and what to do.
In the longer term I dream of the day when developers, ensure all applications, by default, auto-update via a daily patch check, or at the very least ask how they are to behave during installation. Perhaps I should eat more strong cheese before bedtime.
Friday 19 September 2008, 9:51 PM
Is it really yours?
Would you pick a builder who insists that they retains ownership of anything they build? Though they will let you live there, if you want to change it in any way only they are allowed to do the work.
This is common in the world of bespoke software. I'm currently sorting out the IT issues faced by a client in the specialist distribution business (no, really, it is not at all shady, however that sounds). Some years ago they commissioned a bespoke order management system. An upgrade is overdue, the business has expanded and taken on work not planned for when it was written.
Their contract with their original software developer says the makers retain copyright, it does not even give them right to see the source, let alone modify it. They are very lucky the original developers are still in business and still, I suspect, pretty good at their job but I don't rate my clients chances of negotiating a good price.
The moral's obvious, when it comes to bespoke software, even if it means paying a premium, make sure you really own what you think you are buying.
This is common in the world of bespoke software. I'm currently sorting out the IT issues faced by a client in the specialist distribution business (no, really, it is not at all shady, however that sounds). Some years ago they commissioned a bespoke order management system. An upgrade is overdue, the business has expanded and taken on work not planned for when it was written.
Their contract with their original software developer says the makers retain copyright, it does not even give them right to see the source, let alone modify it. They are very lucky the original developers are still in business and still, I suspect, pretty good at their job but I don't rate my clients chances of negotiating a good price.
The moral's obvious, when it comes to bespoke software, even if it means paying a premium, make sure you really own what you think you are buying.
Sunday 14 September 2008, 6:10 PM
Should you be working right now?
An actor client called me this week with an odd request, could I disable WiFi on his laptop and not tell him how I’d done it? “The web‘s too much of a distraction you see” he said. It’s not often I get asked to stop things working but it’s not the first time. For the same reason ZDNet’s venerable editor Rupert Goodwins at one point resorted to writing on a Mac so old it wouldn’t even run a web browser. I’ve heard of others using cron to set their firewall to ‘block all' to the same end. Many routers have the function built in, but it can be easily reversed.
It appears there’s a market for an anti-distraction app. Tell it how long you need to work for and everything except your office suite is thoroughly disabled, no web, no games, just work, with no easy way to reverse the result until time’s up. An ideal gift for the tyrant boss in your life and perhaps a saviour for parental home-work enforcers too?
It appears there’s a market for an anti-distraction app. Tell it how long you need to work for and everything except your office suite is thoroughly disabled, no web, no games, just work, with no easy way to reverse the result until time’s up. An ideal gift for the tyrant boss in your life and perhaps a saviour for parental home-work enforcers too?
Sunday 14 September 2008, 2:23 AM
Take note
A lot of minor issues become major problems, purely because a little bit of information has been lost. When something goes wrong and you've lost the password to the miscreant device, that's a lot of hassle you'll have to go through before you can even start to fix the original problem.
You may consider advice to document your IT systems dull and obvious but I earn good money my clients could have saved, calling their ISP to recover DSL logins , tracing cables, factory-resetting devices and the like.
If you have to type it in, write it down. A pain, but you'll thank me one day. But don't forget that this information has a lot of potential for abuse, so keep it safe. If you keep it in a Word document, password it: Word 2002's or later password protection is secure if you follow this advice. And keep a print-out somewhere only you know and nobody will stumble over.
Here's a checklist I use to record important data:
Internet / LAN
Your ISP and email and web hosting companies' tech
support numbers.
Any password or account numbers they'll ask you for.
Your IT consultants phone number.
Your routers login name, password and local IP address,
the same for Power line boxes plus their encryption key.
Your DSL user name and password.
Any fixed IP addresses.
Any other non-default router settings,
including open firewall ports and the addresses they forward to.
Your WiFi Keys, the type of encryption and the network's SSID
If your domain, web and email hosting aren't managed by one company make a note of the web and mail servers addresses, plus the phone numbers, account numbers, passwords and web logins of the companies concerned.
If your network's anything anything than other than straightforward make a network diagram, even if it is just a scrawled sketch.
Record your IP addressing scheme, what's the DHCP range?
Note devices with the static IP adresses.
Email
Note usernames, passwords and server names, plus any non default server settings and your webmail service's URL.
Microsoft Small Business Server
All passwords and usernames, most importantly the admin login.
User and groups settings
Server name and IP the adress on the network
Services that should be disabled and those that must be on.
PCs
Network shares, the share's address required by the client and assigned drive letter as well as the actual directories location on the host.
Plus what's kept there / the users and PCs that make use of it.
Shared printer addresses and any non default settings.
Your Windows workgroup or domain.
Windows PC names.
Windows usernames' and their passwords.
BIOS password(s).
Remote access passwords and host names.
Mobile devices
Mobile device Unlock PIN codes / passwords.
Public WiFi login details, and their support number.
3G dongle account details, including a number to reach support that can be dialed from a landline.
Software
The license codes of any software you've purchased online
and where the setup files are kept.
Data
The password for any protected data; documents, databases, backups etc.
Logins
Any other passwords and logins, including web sites?
You may consider advice to document your IT systems dull and obvious but I earn good money my clients could have saved, calling their ISP to recover DSL logins , tracing cables, factory-resetting devices and the like.
If you have to type it in, write it down. A pain, but you'll thank me one day. But don't forget that this information has a lot of potential for abuse, so keep it safe. If you keep it in a Word document, password it: Word 2002's or later password protection is secure if you follow this advice. And keep a print-out somewhere only you know and nobody will stumble over.
Here's a checklist I use to record important data:
Internet / LAN
Your ISP and email and web hosting companies' tech
support numbers.
Any password or account numbers they'll ask you for.
Your IT consultants phone number.
Your routers login name, password and local IP address,
the same for Power line boxes plus their encryption key.
Your DSL user name and password.
Any fixed IP addresses.
Any other non-default router settings,
including open firewall ports and the addresses they forward to.
Your WiFi Keys, the type of encryption and the network's SSID
If your domain, web and email hosting aren't managed by one company make a note of the web and mail servers addresses, plus the phone numbers, account numbers, passwords and web logins of the companies concerned.
If your network's anything anything than other than straightforward make a network diagram, even if it is just a scrawled sketch.
Record your IP addressing scheme, what's the DHCP range?
Note devices with the static IP adresses.
Note usernames, passwords and server names, plus any non default server settings and your webmail service's URL.
Microsoft Small Business Server
All passwords and usernames, most importantly the admin login.
User and groups settings
Server name and IP the adress on the network
Services that should be disabled and those that must be on.
PCs
Network shares, the share's address required by the client and assigned drive letter as well as the actual directories location on the host.
Plus what's kept there / the users and PCs that make use of it.
Shared printer addresses and any non default settings.
Your Windows workgroup or domain.
Windows PC names.
Windows usernames' and their passwords.
BIOS password(s).
Remote access passwords and host names.
Mobile devices
Mobile device Unlock PIN codes / passwords.
Public WiFi login details, and their support number.
3G dongle account details, including a number to reach support that can be dialed from a landline.
Software
The license codes of any software you've purchased online
and where the setup files are kept.
Data
The password for any protected data; documents, databases, backups etc.
Logins
Any other passwords and logins, including web sites?
Previous
