While the people here at TCG are great conversationalists, sometimes a problem with technology just can’t be handled over the phone. When that happens, it’s best for one of our techs to go “hands on” with the afflicted system. In the past this involved a trip onsite to visit a client, or having the client bring things to us.

Back 15 years ago, I would spend 30 minuets driving to and from a location to preform a 5 minute “fix” for a problem. To overcome this discrepancy of billable time my employers of the past would often institute bizarre fees such as “Service call charge”, “one way travel bill”, or bill at a high rate for work done on site. When I started TCG I wanted to eliminated this confusion, and not penalize a client just because I was clever enough to fix their issue in 5 minutes. This is one of the reasons we never bill for things that take less than 10 minutes to fix.

However, time is the most valuable of all resources, for both our clients and our techs. As much I enjoy my clients company, sometimes the best use of everyones time is for me to go “hands on” with technology without the need for scheduling an onsite visit and travel time. This is were the gem of IT Consulting comes in, Remote Access. Remote Access gives the ability for a tech to take “remote control” over a system, and use it as if he or she was siting at the desk.

This is not new, in fact remote access features have been a core part of the Windows Operating system for almost 10 years. Even here at TCG we have a collection of remote access methods, mainly centering about the use of Windows RDP, Open Source VNC, and Mac Screen Sharing. The problem is however that there is not a unified and simple way for any of these methods to transit the complex world of Internet security and firewalls. The end result is that even with our own remote access methods we spend more time maintaing the access paths (port forwarding, routing, etc) than we ever do proving support.

Starting late last year, I started a research project to find the “best” method to create a system that would allow us at TCG to best serve our clients via remote access. The fruits of that research have lead a company called LogMeIn.

There are several commercial and free remote access software packages, such PC Anywhere, RealVNC, Windows Remote Desktop, and MAc Screen Share. The problem with a software package is that it requires that we here at TCG maintain a “path” into whatever system needs to be remotely accessed. This gets even more complicated when realized that most computer no longer connect directly to the internet, but rather are behind NAT routers and firewalls. Several computers within a single office all share a common “gateway” to the internet, and transitioning this gateway to access a single system within that network is a non-trivial task. Also, there was no real uniformity between Macs and PCs. Both had native remote access system, but of course they are not compatible. VNC does work on both, but it’s not a totally secure method. Because of all of this, we ruled out using a “software only” solution.

The other possible solution was a “hosted” remote access system. The advantage of a hosted system is that it is much easier for client and tech to link up. Both sides report to a common third party computer that handles the messy technical details of the connection. This means that accessing any number of computers behind an office NAT router is no longer a problem. There are several high profile companies that offer this hosted remote access service, they include Webex, GoToMyPc, and LogMeIn. The down side of these hosted remote access services is the cost and the dependancy on a third party companies which may or may not be around in the future.

Of all the services I looked at, I liked LogMeIn. I felt like they offered the best overall package of features for the price. But what really tipped the scales was they apparent embrace of new technologies. They no only offer remote support for Mac and PC, but also Windows Mobile, Blackberry, and Symbin Phones. They also have an iPhone app that will allow me to take a quick look at a clients machine directly from my iphone.

The correct software for LogMeIn can be downloaded from the software section and instructions for installation and use can be obtained by contacting us at TCG.   

I have just completed my first full week after moving from Windows Vista to Windows XP.

Before I get to long into this, perhaps I should give some back-story. I’ve always been on the cutting edge technology, in fact I stood in line to by a copy of Windows 95 at midnight after it went on sale back in the fall of 1995, and I have been an early adopter of new software ever since.

Because I am a technology elitist, I understand that “early adopters” often have “issues”. In my time I have had issues, though not as many as I think have been hyped in the media (both new media and old media). Each time I upgrade I just expect there to be some small issues with the software, but more importantly I also expect there needs to be some time for personal retraining. I found that often people will blame the software for faults which are more appropriately cased by their own lack of knowledge. So, with each new upgrade I always give myself time to get past any personal prejedust or ignorance so as to pass a more informed judgment of the software or hardware.

I ran Windows Vista on my Primary Desktop for over a year. When I first installed it I, like most, was amazed by the visual effects of the user interface (Aero). I had read enough about Vista before hand to know that I needed a higher end video card, and additional ram, to make the first impression a good one. Having been through the last two major upgrades of the user interface in Windows, 3.11 to 95, and 2000 to XP, I had come to expect great things from the UI, and Vista did not disappoint. While I never used the “rolodex” task switching feature (that was 100% hype in my opinion), I was pleased by the format of the UI, the new start menu and the overall layout of the tool bars.

However, I have to admit that the honeymoon with Vista was short. While the UI was pleasant, I found nothing about it which I could justify the cost of the additional Video Card power to my clients. Vista of course had a non-Aero UI which worked pretty much the same, and so the “eye-candy” of Aero was simply unneeded. Aside from Aero elements, there also seemed to me to be a great deal of Video mode issues. In the first few months with Vista I would get these bizarre “Windows has lowered your Video Mode” messages. I traced most of these issues back to older versions of the Java runtime environment, but I would still get those messages from time to time right up until I stop using Vista. The UI was nice, but much like a gilded Victorian house, it may look incredible, but it is most uncomfortable to live in.

I can say that I did not have any single “deal killer” issue with Vista. It was more like a being killed by 1,000 little cuts, each not of great concern but combined proved both painful and lethal. Somewhat like a marriage that has reached its end, there were many things that caused the devoice, but here is what I put into the papers.

1. Unreconsilabale Differences. Vista and I could not see eye-to-eye on how to handle Files. In Vista there is an infinite number of ways to “view” the contents of a folder. Filename, Size, Dates, Descriptions, etc, etc, are all columns which can be added to a Folder View, and ordered, arranged, and sorted however you would like. BUT Vista and I could never seem to agree on a Folder View. As a developer I like to pile all the files I have for a project into a single folder for each client. Words Docs with meeting notes, Excel Docs with budgets, Bits of code in text files of different extensions, HTML, and anything else I might need for a project. This is how I work. I would set up a folder, start dropping files into it and the moment I dropped in a file of a specific type, Vista would change the Folder View on me the next time I opened it. Vista seemed to give NO weight to the number of files of any time. So I would have a folder full of 200+ PHP files, but drop in a single JPEG and now my folder view has changed, giving me things like “date taken” and “Rating” as columns rather than my “date modified” which is what I use most.

   I am sure that there is some logic in how Vista selects for me the file views. I am equally sure that someone from Microsoft could explain it to me. But I’m not sure that I wouldn’t slap them at the end of the explanation.

2. Adultery. Yes there was another Woman, my MacBook and OS 10.5. No, I’m not going to compare and contrast OS X and Windows Anything. I will admit that while I was having problems with Vista, I ran to the arms of my MacBook for comfort. I won’t say it was a deciding factor in going back to XP, after all I went back to XP and not a Mac Desktop. XP also seemed to play better over the network with my MacBook than Vista. Perhaps Vista is just a jealous lover. She seems modern in her outward appearance, but still is still very traditional and monogamous on the inside. I still have my MacBook now that I’m back with XP, I love them both, and neither is jealous of the other. They know my heart. (btw my MacBook’s is quite the little freak, she bats for both teams thanks to Parrells.)
3. Mental Suffering an Abuse, Battery. I’m a right clicker. My first instinct when I’m not sure what to do is to right click on it. I’ve tried this in my normal life, but pecking on things with the middle finger of my right hand does not seem to have much effect. I’m also a network user. At TCG we have over 5 TB (Tetra Bytes) of storage scattered around the empire. Some of these files are big ones 100+ GB. When I would go to a file on the network in Vista and right client on that file (out of habit mostly), all hell would break lose. I’m not sure of the technical reason, but it would seem that Vista needs to ether go through a files completely or “copy” that file locally before it will pass judgment on what I can do with a right click.

   The end result would be that when I would absent mindedly right click on a file, Explorer would go into partial lockdown waiting for whatever it needs to do. Of course on a small file over the network this was ok, but with a 20GB backup file on a slow link VPN link it is murder. I basically have to restart the machine if I want it to stop. Worse than the “absent minded click” was the deliberate right-click. On those big network files, Vista would be doing it thing, but because Vista remembers your mouse clicks, after right clicking on a file I could do NOTHING else until the context menu shows up. This is because if I had clicked elsewhere on the screen, then the moment the menu shows up, it goes away, and Vista does not cache such data, so if I right click again, I’m forced to wait the additional time all over.

   Copying the large files over my network also suffered under Vista. I have no data to support this except my “Coffee” test. I have to copy 2 or 3 Gig files on a normal bases from my desktop to a server. There is a 802.11g wifi link in this chain so the maximum bandwidth in which I could copy these file is 56MBits less the WPA overhead. In XP I could start the transfer, and it be done when I come back from refilling my coffee cup, in Vista the same transfer has a little while left after I get back with my fresh cup. I’ve believe this to be not just a fixed additional time, but a sliding scale. Larger Files seems slower, the bigger the file, the slower the transfer.

For all of these reasons and more (I got never get Kimboot to work on Vista), on Friday of last week I switched back to XP. I felt, and still feel, like somewhat of a failure. I gave Vista a year of my life, I tried to work it out, but the frustrations just kept rising. There had been a lot of hype about people “Upgrading to XP”, and I did not want to fall into the trap of being either a “fan boy” or a “hater”.

I had hoped that Vista SP1 would address some of these things, but while it did speed up the network issues, it didn’t do it fast enough to complete with XP.

So how has the week been? I think that a good test of any Software is to see what you miss. After a week with XP, the jury is still out. I miss the Start Menu Search Bar. I found myself using it to find programs rather than digging through the menus. The Start Menu itself was also very handily laid out. I think I miss that, but not enough to put up with the rest.

Once reason the jury is still out is the issues of “need to reinstall a program”. Of course after you’ve been using an OS for a year, you have everything you need installed on it. After switching OSes, you always have to reinstall software. I find that it is easier to reinstall software as I need it rather than just pile on software right from the start. So while I feel a minor a nuisance, I know that it is always that way.

In the end I’m going to give is “side-grade” a month. If I do not feel overtly completed to switch back to Vista, I’m going to just keep on using XP. I will write again on the topic after I have had some time to process it.

Understanding Malwared-Ware, Spy-Ware, and Viruses

By: McKinley H. Tabor, August 5, 2005

Fully 70% of my practice now involves problem with, or stemming from, Ad-ware, Spy-ware, and Viruses, (collectively called Mal-ware, for “Malicious Software”). However, with a few simple steps you can make sure your computer is free of these modern technology scourges.

The Culprits:

To understand how to avoid mal-ware, some back ground on what mal-ware is might be helpful.

Ad-ware, is a program installed on your computer that an advertising company will use to send you advertising. Most often this is done via the dreaded “Popup” window. The most aggressive forms of Ad-ware even monitors your keystrokes and web searches so as to custom tailor it’s ads to you. For example you may go to Google and search on the work “travel”, and an ad for a travel company will pop up. Normally ad-ware is just an annoyance rather than a destructive force. (it would be counter productive for an advertising company to disable your computer). But a large infestation of ad-ware on a system will cause it to crash simply because of the load that the program puts on the system. Furthermore, some types of ad-ware programs are not compatible with each other, as a result they will crash the system when run simultaneously, jut like any two other legitimate but incompatible program will.

Spy-ware comes in two flavors. While the term “spy” my conger up images of dark forces collecting secret information about you, this is only one flavor of spy-ware, and is actually very, very rare. Most spy-ware is actually just sisitiscsal gathering programs, used to track the computing habits of many hundreds of thousands of people. Unlike ad-ware, these programs can do real harm, not to your computer, but you personally. Some types of spy-ware are used in conjunction with “Phishing” scams, and try to collect data from you such as passwords, credit card numbers, and personal identification information like driver’s license data and social security numbers.

Viruses are and old threat with a new twist. Back in the mid 1980s the first computer virus was found “in the wild” (meaning not in a lab or a test center). Oddly, it was the old world Macintosh which first fell victim to viruses because of it superb multitasking operating system. Back then viruses had to be spread on floppy disks. Now in the Internet age, the most common way for a virus to spread is by e-mail. One of the most annoying types of virus (at least from a system administrators stand point) is the “worm”. This is a type of virus which moves form computer to computer infecting a system, then reaching out to other system to try and infect them. This movement from computer to computer almost always comes about from a flaw in the software which that computer runs and the method of movement can be either from a direct connection, or through an email set out to everyone in the computers address book. An infected computer is at the whim of whatever the virus wants to do. Sometimes virus do little more then spread themselves, with little or no negative effect on the computer they are on. Some viruses are used by malicious computer experts to co-op an infected system to help the malicious expert attack an internet site, or spread “Spam” (unwanted advertising e-mail). Some viruses are used to get ad-ware and spy-ware on a system.

How Mal-ware gets on a computer.

Ironically 99% of all mal-ware is put on at the user’s request. This is because Mal-ware writers and distributors are very cunning in how they move their “product”.

Also 99% of all mal-ware installs take advantage of security holes in the popular web browser “Internet Explorer”. These security holes in IE often will allow software to be install from the internet with little or no warning to the user, and can be start be just one click. Sadly, Microsoft is reluctant to fix these holes because it is the same security holes when used properly by reputable companies that allow for online updates to legitimate software, certain types of online databases, and some online banking programs.

Nothing is “Free”.

A lot of mal-ware is installed when a user installs a bit of “free” software from the internet. Most of these “free” software programs are paid for by adverting, is the form of ad-ware. Popular programs for things like, weather, e-mail customization, desktop enhancement, similes, emoticons, chatting, search toolbars, and music downloading (the worst) all support themselves by ad-ware.

“You’re a winner”

Most, if not all of the flashing “winner” banners are way to lure people into installing mal-ware. Furthermore some of these “winner” banners or “do this, and win a prize” games are used to collect personal information which can be used in Identity theft.

Bait and Click

Some popup windows come right out and asks if you want to install something “yes” or “no”…. but if you click “no” it will install anyway. (remember, the IE hole can install software with only one click, doesn’t mater what you clicked on in the window) ALSO, many more popup are putting images that look like real Windows XP objects, such as the close X, and Notification Windows. Thus a user can be “tricked” into clicking on a part of the IE window which looks like part of Windows XP, and hens install software.

E-mail attachments

The most common virus/worm movement is through e-mail attachments. You may get an e-mail form someone you know, but it’s really from a virus, so if your not expecting the message, don’t open it. Also some new e-mails don’t have attachments, but have Web hyper links in them, which satisfies the “one click” to install flaw.

Guerrilla warfare

The term “Guerrilla” warfare has come to represent a covert war fought in irregular ways. The term “Guerrilla” originally comes from the Spanish, and means “Little War”. Having said that, there is open warfare between the writers of mal-ware software, and the writers of anti-mal-ware software, and the add to the confusion there are even confects between the various mal-ware writers.

There are (at the time of writing this) about 30 to 50 thousand different and specific type of ad-ware and spy-ware. These however come from only about 1,000 different “firms” which write and spread these programs. (There are of course many, many little independent shops that do this as well) Anti-mal-ware programs try to detect and remove mal-ware based on what and where it is installed. Naturally, mal-ware writers are always changing that they do and how they do it to stay ahead of the anti-mal-ware people.

But mal-ware writers also know that if there are too many bits of mal-ware on a given system, the user of that system will be more inclined to spend money to remove ALL the mal-ware. But if there is just a few mal-ware programs, most users will tolerate the ads, not knowing any better to remove them, or not pestered enough to pay for software or services to remove a small announce. Hens, most of the major mal-ware writers are also in the business of removing the mal-ware of there competitors. This is where you get the “you have ad-ware/spy-ware on your computer, would you like us to remove it for free?” popup. This most often is a mal-ware writer trying to remove all but their own mal-ware.

Mal-ware writers will so make their products friendly with each other. Meaning that once you have a bit of mal-ware on your system, that mal-ware could allow other bits of mal-ware from the same company onto your system, even going to far as to seek out and download other program totally outside of the users awareness.

This constant adding and removing of programs, especially those programs which operate “under the radar”, can case havoc with a system, leaving little bits of partially removed and partially installed programs all over the hard drive. Again, just like the damage you would do if you decided to install, uninstall, and then reinstall any program several dozen times.

How to dispose of Mal-ware and how to protect yourself in the future

The bad news is that there is no fool proof way to remove a bad mal-ware infestation. A system that is covered with mal-ware could take hours and hours to clean off, and you can never be 100% sure you got everything. Sometimes when approaching an infestation the easiest way to clean it off is to wipe the computer and start from scratch. Backup all of your data files, format the hard drive and reinstall Windows, your drivers, and your programs. It may take a couple of hours, but it’s better that twice that long trying in vain to remove something which will never come out all the way.

Once on a system mal-ware can be very tricky to deal with. For example, a bit of mal-ware may have two programs running at once. If you succeed in defeating program 1 (by stopping the program while running and deleting it from your hard drive) program 2 will simply restore program 1 while you are tying to defeat program 2. The same works in reverse.

Mal-ware will also hide in the shutdown scripts of the computer. So, just as soon as you remove the program, it will reinstall itself as you are shutting down. Mal-ware once on will also seek to cripple those programs which hunt it (more Guerrilla warfare). If the mal-ware program starts before the anti-mal-ware program starts, then the mal-ware can hide itself from the anti-mal-ware or worse the mal-ware and disable the anti-mal-ware all together, and the user is completely unaware of their lack of protection.

The best way to avoid mal-ware is to install anti-mal-ware software right from the start. Most of the blocking software packages also have a cleaning element which can be used to clean off small (and try to clean off large) amounts of mal-ware.

This however no one “Magic Bullet” software that clean and protects all types of mal-ware. Most people will use a “cocktail” of software to protect their system. They come mainly is three “styles” of software.

Firewalls, which watches your internet connection and keeps bad stuff from flowing in/out or malicious computer experts from getting into your system

Anti-Viruses, which scan computers looking for Virus and their virus components

Anti-Ad-ware/Anti-spy-ware, which looks for ad-ware and spy-ware, but also stop popup not caused by ad-ware, and stop legitimate programs from starting at boot time (which can slow down your computer), and stop legitimate programs from tweaking your system setting (again, not ad-ware, but very, very annoying)

Here are some of the software packages out there and what they do:

Norton Intern Security: This is the closest thing to a Magic Bullet out there, but it’s actually a collection of existing Symantec products. It has a firewall, anti-virus, but it’s a little weak on the anti-ad-ware side. Norton also has a history of being very invasive on a system, it takes also of system resources to do what it does, and bombards the user with windows tell him or her very detail of what’s going on (while this can be interesting and helpful for the first couple of days, after a few weeks the Norton popup are more of a hassle than the ad-ware popups). Norton also uses a “subscription” model for it’s software. You pay yearly for the software to work. If you stop paying the software loses most of its effectiveness.

Macafee: MacAfee has a history as good anti-virus and their firewall is also it has a subscription model as well, but is less invasive and uses less system over head. Like Norton, a long time player in the anti-virus realm, they too are weak in their anti-ad-ware department.

Microsoft: Mother Microsoft has two products, both for XP. First, XP service pack 2 contains its own firewall, thus rendering any other firewall as redundant. Second Microsoft has their own Anti-Ad-ware product, Windows Defender. On the up side, both products are free to XP users (which most of the world is). The firewall is integrated into the TCP/IP stack of the computer, which in a perfect world would mean that the firewall would be bullet proof. Because Microsoft also makes IE (the primary case of mal-ware) one would figure that its anti-mal-ware scanner/blocker would take full advantage of their own knowledge of the proprietary code of both IE and Windows.

Microsoft also releases updates to windows, IE, office, and all if their products on a fairly regular bases, just as other software vendors do. You should download these updates daily to help protect your system.

AVG: Avg anti-virus is arguably the best “free” anti-virus around today. AVG dies has a pay version they sell to larger customers, but their free product is not crippled in any way. AVG also has just as many updates to their software as Norton and MacAfee (remember an anti-virus not updated regularly is soon useless), but AVG is NOT subscription based. Like most other anti-virus programs it scans your e-mail (to remove viruses and worms not spam), and does a full system scan late at night (if you leave your computer on.)

Mozilla Firefox: This is the golden arrow of computer safety. As stated 99% of all mal-ware comes in because of security holes in IE, well if you stop using IE, your 99% safe. Firefox does just about everything IE will do in term as day-to-day surfing. Firefox will not connect to Microsoft to download updates and there are some online things which need IE to work, but you can keep IE just for that takes, and use Firefox for your general surfing. Firefox has build in non-mal-ware popup blocking and an integrated search toolbar for Google, Yahoo and other search engines. Is Firefox completely safe? No, nothing is, but it is far and away a better browser than IE. If fact, studies of the surfing habits of normal Internet users show that just with Firefox alone, you are better protected than using IE and the best anti-virus, anti-mal-ware, and firewall systems money can buy. Firefox is of course a free download.

Ad-aware: Ad-ware with the first widespread anti-adware systems available, and still one of the best. The free ad-aware product scans and removes ad-ware and spy-ware, and is updated regularly. If you want “real time” protection you have to buy the full product, but it’s not subscription based.

Spybot Search and Destroy: Another early pioreer in the anti-mal-ware group, this it of software is funded by donations, free to download, and works great for older system. It was a real-time protection system which blocks EVERYTHING even overzealous legitimate software

Hijack-this!: This is very technical program which defeats mal-ware by removing its ability to start. Once a mal-ware program fails to start, removing it with anti-mal-ware products becomes much easier. Hijack-this also give the user a read on all processes that start on the computer, giving the more knowable computer user the ability to better control his or her system.