Scott Hanselman

Ten Things To Do to Secure an Important Person's Computer (or even Ashton's or a Kardashian's)

January 3, '12 Comments [25] Posted in Blogging | Musings
Sponsored By

I have a some friends and friendly acquaintances who are of some bit of note. Not Internet-famous, or even blog-famous like me, I mean actual famous. Like us, celebrities still have phones, Twitter accounts, Facebooks, laptops, hard drives, family photos and lots more that need to be managed. Maybe you're fancy also? Maybe you think you're fancy or just want to be?

Sometimes I spend time on Skype with my friends going through a list of things they need to do to cover their butts when it comes to their personal media and gadgetry. I thought I'd make up a list that I could send to them as it's become repetitive, then I realized that this stuff is important to all of us, not just folks on TMZ.

Apparently Famous People have Other People that tell them what to do, but it's unclear if the Other People actually know more than the Famous People. I know, Kim, you have no password on your Macbook and no encryption on your phone. Let's talk.

1. Find Your Phone - Make your cell phone "findable"

Find my phone!It flat sucks to lose your phone.

  • If you have a Windows Phone, you can go to http://windowsphone.com/my to locate, ring, lock or even torch your phone. It just works and it's on when you setup your phone for the first time.
  • If you have an iPhone (or any iDevice, in fact) you can go to http://icloud.com, sign in and locate, run, lock or wipe your phone as well. For offline phones, you can have it email you when the phone is found (turned on). You'll want to update your iPhone to iOS 5 and run through the initial wizard in order to confirm this is working for you.
  • There's a dozen or more choices for Android phones, but I suggest you check out either Plan B or Where's My Droid. A third good option that you could use on all your devices is Prey. Each of these will do what they need to. Find your phone.

Test your chosen Find My Phone technique before you go off losing it! Make sure all your stuff is backed up occasionally so you won't feel bad at all about a Remote Wipe (erasing your phone so the bad guys don't get it).

Add a Pin Number and Lock Your Phone

Next, DO Add at a Pin Number or password to your Phone. Having a phone that's unlocked already is just asking for trouble. You can always pick a simple 4 digit pin but pick SOMETHING.

Make an "If Found" Wallpaper

However, if you do use a password or pin and lock your phone by default, be sure to update your wallpaper to include contact info. I highly recommend the application If Found+ for the iPhone. It'll take your existing WallPaper and stamp a "If found, call..." or "Reward if found, email..." on your phone. Sometimes $50 and a phone number will get you your phone back quickly.

2. Don't be Trackable - Turn of Location Settings for specific apps on your Phone, Twitter and Facebook

You want to be able to find your phone, but you shouldn't give away your location when you talk online. Ever heard of http://pleaserobme.com? They'll look at your Twitter account and see if you're giving away your location via FourSquare checkins and the like. The bad guys would love to break into your house when they can be sure you're not there. Broadcasting your location is a great way to make it easy for them.

There are many ways you can accidentally give away your location. First, in your Twitter profile. Early iPhone Twitter clients would update this field automatically with your exact latitude and longitude.

For example, here's a parody account that indicates it's not a real person. However, I can still tell where they are in the world...down to 6 decimal points.

image

Another way is to tweet and include your location, either on purpose or accidentally. Most Twitter clients have a "geotag" button now, but you may just want to turn that feature off completely by denying the twitter application access to your Location Services.

Also, don't be the mayor of your house. Foursquare recently started "blurring" the locations of what it believes are residences, but you can still give your location in general terms when you check into a home or residence.

3. Lock your Laptop - Secure your computer (desktop OR laptop)

I amazed at how few people even bother to put a password on their laptops. Yes, there's always a way to break a password or get information off a hard drive, but why make it easy for them? The main concern is that if you allow anyone to boot up your computer and run a web browser, chances are that you've clicked "Save Password" on your Facebook or Twitter or, even worse, your email. At that point you're dead.

Consider installing PreyProject on your machine. It can make it possible to track your laptop or desktop if it's stolen. There's been a number of times where folks have been able to track a thief in real-time and secure their belongings - while live-tweeting the whole event!

4. Encrypt it ALL - Secure your personal files and external hard drives

Here's an experiment that will scare the crap out of you. Use your computer's search function (upper-right corner on a Mac and lower-left on a PC) and type in your Social Security number. Go ahead, it's not going to the internet. See if you find some PDFs from your accountant or an old Excel file. Freaked out now? Now either delete it or put it somewhere secure.

If you have files with information you don't want falling into the wrong hands, consider using a tool like TrueCrypt to make an "encrypted volume." This is a single file that you can access as if it were a disk itself. You can make a "personal.dat" file of any size and keep your personal information inside that "disk inside a file." You can then keep that file in DropBox or another cloud storage system. With a strong password, these TrueCrypt files are VERY VERY secure.

If you have a technical friend with you, you can even encrypt your entire disk with TrueCrypt. Or, if you have Windows 7 Ultimate, you can "bitlocker" it, as I do all my drives. This way, even if a bad guy gets your laptop, they can't do anything with your drives. They are bricks without passwords and pins.

5. Don't Carry Your Life in Your Pocket - Encrypt USB Keys and "Jump Drives"

Some folks will take precautions with laptops and computers but then copy their whole life to a portable USB stick and put in their pocket.

Encrypt your portable drives

If you can, encrypt your files on your portable drive - again, with TrueCrypt or BitLocker.

6. Use Better Passwords - Make it harder, or use Pass Phrases

Using the name of your last movie or the street that you grew up on may seem like a clever password but it's not. A lot has been said online about password strength, so I won't belabor the point.

If you can, use a passphrase that's longer than a password, but easier for you to remember.

password_strength

7. Super Secure your Email - Turn on 2-factor auth in Gmail

After you have a great password, if you've got a Gmail account for example that you REALLY can't have compromised, consider turning on "two factor authentication."

Hang in there, Kim. Sounds scary, but isn't. Two factor means, two things that you have or remember. A password is just one thing you have to remember. It's one factor. But two factors means a password plus something else. The second thing will be something you have.

You always have your phone, right? So why not make it so your Gmail account requires a password (that you know) and your phone (that you have).

  • To set this up in Gmail you go to using 2-step verification.
    • You can turn it on and give it your cell phone number. You can then install a small application that will give you a code that you'll use as your second factor when you log in.  "But, wait, that sucks! I don't want to do that every time I log in!" Don't worry, darling. You don't have to. You can tell Gmail to only require this code every 30 days.
    • If you have other services, apps, or maybe your phone's email that use your Gmail password these will suddenly think the password has changed because they don't understand two-factor auth. For these applications, you'll just give them their own custom password.
      • You go to manage application-specific passwords and get a password or two for your phone's mail or other apps that need Gmail access. The nice thing is that each app gets its own password so you can revoke them at anytime!

You can also tighten up your Facebook security by turning on Login Approvals. This is effectively two factor authentication as well. Facebook can SMS (text) you when you log in and then you type in the number they send you to confirm that not only do you know your password, you also have your phone.

8. Hide Where You Live - Make sure None of your Domains have your Home Address visible

Make sure if you own a domain that you've turned on Privacy or use DomainsByProxy or some other "WhoIs Privacy Protection." You don't want a fan showing up for dinner.

The WhoIs Record for TomCruise.com

9. Secure Your Login - Turn on SSL/HTTPS for Twitter, Gmail and Facebook

If you find yourself in a Starbucks or on location a lot using strange Wi-Fi, you should probably make sure that your Twitter and Facebook accounts are using https (the S is for more Secure) by default. That's the same kind of encryption your bank uses. Just check your Twitter and Facebook accounts. You only need to do it once.

Here's Twitter:

image

And Facebook:

image

You can also Google more securely at https://encrypted.google.com or https://duckduckgo.com.

10. If it starts with HTTP, it's probably public - BTW, TwitPics are Public

If you use a tool like TwitPic or any online photo sharing, or  - let's just be straight here - anything online...it's likely public. If it has a URL, someone can get to it. Assume everything you do online is public.

I've personally watched a number of celebrities have conversations between each other on Twitter as if Twitter were a private chat. Just last month Charlie Sheen tweeted his phone number to Justin Bieber. So, he got a new phone. http://3109547277.com

Also, just an FYI. Don't take a picture of your pee-pee. There's just no reason for that.

Conclusion

This may sound like a lot, but it's simpler than you may think and it can be setup so that it's not invasive in your life.

The main points are these:

  • Make it so you can find your stuff, but others can't find you.
  • Use pins or passwords on your devices when you can.
  • Encrypt sensitive data in TrueCrypt files or Bitlockered drives.
  • Use "two factor" authorization for crucial services like email.

Feel free to suggest other tops I may have missed in the comments! And, perhaps pass this on to your Famous Friend.

About Scott

Scott Hanselman is a former professor, former Chief Architect in finance, now speaker, consultant, father, diabetic, and Microsoft employee. He is a failed stand-up comic, a cornrower, and a book author.

facebook twitter subscribe
About   Newsletter
Sponsored By
Hosting By
Dedicated Windows Server Hosting by SherWeb

2011 Greatest Hits

December 29, '11 Comments [5] Posted in Musings
Sponsored By

I did a "Greatest Hits" blog post in 2008, and since this year is winding down I though it was time for another. Here's what I think were my best blog posts this year.

Personal

Punditry

Technology

Tutorials and Lessons

Tools

Speaking

See you next year!

About Scott

Scott Hanselman is a former professor, former Chief Architect in finance, now speaker, consultant, father, diabetic, and Microsoft employee. He is a failed stand-up comic, a cornrower, and a book author.

facebook twitter subscribe
About   Newsletter
Sponsored By
Hosting By
Dedicated Windows Server Hosting by SherWeb

Living a Microsoft lifestyle using Apple iOS products - Lync, OneNote, Xbox for iPhone and iPad and more, oh my

December 22, '11 Comments [31] Posted in Apple | Mobile | Tools
Sponsored By

My iOS Home ScreenSure, I work for The Man in my day job, but I have an iPhone, a few iPod Touches, and two iPads in my personal mobile life. I have great respect for the Windows Phone 7 UX and I have a Samsung Focus that runs Mango that I swap my SIM into every few months to check out, but I'm invested in the iOS app store enough now that switching doesn't make sense for me. I'm teased by some co-workers and community folks who think I should blindly use only Microsoft products. That's fine. I use what works for me and I encourage you to do the same.

I am, however, a Microsoft Office fan and use OneNote (I switched from Evernote recently when Cloud sync via Skydrive for OneNote become available. I also use Lync (formerly Office Communicator) extensively at work as I'm remote.

Recently Microsoft released Lync for iPhone and iPad (as well as Google Android and Microsoft’s Windows Phone). The addition of Lync to my iPhone and iPad was effectively the last link in the chain for me as far as making sure my iPhone was connected to work.

I thought I'd take stock of the Microsoft apps that I'm using on my iOS devices, how they work and how I use them.

Microsoft Lync for iOS

I love Lync. Truly. It's corporate instant messaging, sure, but it's also VOIP, presence information, a company directory and it's integrated nicely with Office 365 and Outlook.

I've got a work phone number in the 425 area code that will simultaneously ring at my 503 mobile phone. Lync on the iPhone will also let me make calls from my 425 number by starting the call from Redmond then calling me immediately. Lync gives me iPhone-style access to my Voice Mail. It's a lot like the Google Voice app, except for Corporate VOIP.

The Microsoft Lync iPhone Application - Voice Mailsphoto 4

It supports notifications as well and I've sorted it to the top in my iOS5 notification center. It'll keep you signed in for 36 hours and send you notifications as long as you've enabled push notify. If not, it'll run in the background for an hour. There's no reason not to turn on notifications on iOS5 as far as I can see, so 36 hours is fine as I'll be launching it more often than that and keep it alive. Even better, it'll notify you to sign in (relaunch) if you don't go back in within 36 hours. Because the notifications are server-side, there's no battery hit.

The Microsoft Lync iPhone Application - ChatsThe Microsoft Lync iPhone Application - My Profile

There's a complete matrix of what mobile platforms support what in Lync over on TechNet.

Bing for iPhone

It's funny, I mostly Google for Web Pages but after my "give Bing a month" challenge, I use Bing for Movies, Weather, Travel and stuff that isn't web page searching. In fact, right now my home page is actually three tabs: DuckDuckGo, Bing and Google. Then I use the one that will give me the best results.

On the iPhone, Bing is a great app with a lot of depth. On the iPad it's AMAZING. If you have an iPad, no joke, check out the Bing App. You'll be impressed, especially when you realize how long ago it was released. It's innovative UI on the iPad predates the Twitter iPad release.

Bing has a great image search, but it's also got three nice features that use the iPhone camera. It'll search tags and QR Codes, it'll search books and CDs using just cover art, and it'll look at text and auto-OCR (Optical Character Recognition) the text then let you search on it.

Bing iOS Application - Home ScreenBing iOS Application - Movies

Frankly, the real crime here is that Microsoft does tell enough people about these features. Rather than trying to uncomfortably fit "let me Bing that" into popular TV shows, why not just have a main character USE the application for a real world problem and not make it so in your face? The Bing iOS app shines when you just use it.

Bing iOS Application - Image Search with CameraBing iOS Application - Camera and OCR

Here I've pointed it at a book cover and it's found the book then linked me to shopping. In the other screenshot I've pointed it at some text, it recognized it, then I can click the words I want to use to search with. Nice for translating signs or searching for ingredients on menus.

Microsoft OneNote for iPhone and iPad

I recently switched away from Evernote in favor of OneNote because I find OneNote's "freeform" notes more flexible over EverNote's more constrained "bullets and lists." OneNote also integrates nicely with Outlook and Office.

OneNote

When OneNote added cloud syncing with Windows Live SkyDrive, that was nice as I could use OneNote on multiple machines. Then OneNote for iPhone and iPad came out and I was sold.

Microsoft OneNote on IOS - NoteMicrosoft OneNote on IOS - List of Notes

OneNote supports up to 500 notes for free and then they charge. I use it a LOT and I'm still only at 180 notes.

Microsoft OneNote on IOS - SectionMicrosoft OneNote on IOS - Searching

They could still stand to improve it on the iPad with ink support but generally, having OneNote and Lync together on my iPhone or iPad along with my mail makes me a pretty good little corporate tool when I'm hanging at the Holiday Inn Omaha.

Xbox for iOS

There's even an Xbox app for iPhone. Madness. You can keep track of Achievements, answer messages, set beacons, but also watch videos and game trailers.

Xbox Achievements on iPhoneXbox Avatar editing on iPhone

You can even change your avatar's look. Jazz hands!

Xbox Videos on iPhoneHalo Waypoint for iPhone

By the way, there's even a Halo Waypoint app for iPhone.

Lots of Microsoft apps in the Apple MarketplaceOther Microsoft apps on iPhone

There's a bunch of other apps from Microsoft on iOS, including:

  • Microsoft SkyDrive for iPhone - Exactly that. It's a drive in the Sky. They give you 25 gigs for free. I keep my OneNote files up there for syncing but you can put anything there like photos, documents, etc.
  • Kintectimals - A nice tie-in with the actual Xbox game for kids with Kinect. It's really cute on the iPad and actually lets you unlock 5 new cubs from the iOS device that your kids can then use on their Xbox directly.
  • Photosynth - This app has been downloaded 4.4 MILLION teams on the iPhone. You kinda have to see it to believe it, but it's kind of a 360 degree panorama on steroids.
  • Windows Live Messenger - If this is your IM of choice, they've got that also.

I'm pretty stoked about Microsoft's (apparently) new focus on services being available everywhere, rather than sweating whether someone is using those services on a Microsoft piece of hardware.

About Scott

Scott Hanselman is a former professor, former Chief Architect in finance, now speaker, consultant, father, diabetic, and Microsoft employee. He is a failed stand-up comic, a cornrower, and a book author.

facebook twitter subscribe
About   Newsletter
Sponsored By
Hosting By
Dedicated Windows Server Hosting by SherWeb

Give Grandpa and Grandma the gift of an off-site backup of your photos

December 19, '11 Comments [7] Posted in Musings | Tools
Sponsored By

My buddy Jeff Handley tweeted this nugget of brilliance recently.

Exactly. I've talked about backup strategies before. You just can't have too many backups. I have a NAS (Network Attached Storage...a fancy name for a black box in the closet we back up to) but I also have two external drives that are labeled A and B that I rotate between the safe at the bank.

My rules of thumb are:

  • Use an imaging tool like Acronis True Image to create images of the machines you REALLY care about.
    • You can also use the System Image tool built into Windows, but I prefer the additional options from Acronis.
  • Encrypt your external drives.
  • Backup files (and disk images) to two external drives
  • Keep one external drive off-site
  • Test your backups by practicing a restore. The rule of thumb is that backups ALWAYS succeed. It's restores that fail!

Jeff's idea is brilliant. Burn the extended family a nice DVD, perhaps with Picasa or Windows Live Photo Gallery and wrap it up as a gift!

Related Links

About Scott

Scott Hanselman is a former professor, former Chief Architect in finance, now speaker, consultant, father, diabetic, and Microsoft employee. He is a failed stand-up comic, a cornrower, and a book author.

facebook twitter subscribe
About   Newsletter
Sponsored By
Hosting By
Dedicated Windows Server Hosting by SherWeb

Your New Year's Resolution - Put an end to spinning rust and buy yourself a SSD

December 19, '11 Comments [30] Posted in Hardware
Sponsored By

I'm still using the Ultimate Developer PC 2.0 that I built last year. THE most important aspect of that build was not the super-fast processor or the fancy video cards. It was, and continues to be, the SSD. There is no other single thing that you can do to your computer that will make it feel faster than getting an SSD. If you need terabytes of storage, get an external drive, or a SAN like I did. But if you want to waste less time compiling, get an SSD. I know you want a terabyte, but get 160gigs or 256gigs if you can afford it.

Here's some compilation results from last year where I put the Ultimate Developer PC up against a now 4 year old laptop with an SSD.

In this case I'm building NHibernate 3.0 from the command line. The older laptop is the far level and the new PC is the far right. Yes, the new PC is twice as fast, but if you look at the number of seconds spent building, the laptop does OK and that's directly due to the SSD upgrade.

Times are in seconds Lenovo W500 w/ SSD Ultimate PC 1.0 Ultimate PC 2.0
MSBuild /t:rebuild 36.05 35.52 16.12
MSBuild /t:rebuild /m 24.98 25.57 12.53
MSBuild 6.17 6.99 3.11
MSBuild /m 5.91 6.66 2.72

I love my SSDs so much that I haven't done any upgrades to my machines other than SSDs. The argument is usually "SSDs cost too much." That WAS true. You can get a REALLY nice middle of the road Intel SSD for under $200 now. I've got two Crucial RealSSD C300's that are 256 gigs in two different machines and they are now under $400. They are so worth it, more than any other upgrade.

UPDATE: I'm told by Damian Guard that the newer Crucial M4's are even better, both Crucial M4 128gig and Crucial M4 256gig.

When I upgraded my laptop's HD to an SSD it went from about 68 megs a second read to 110 megs a second. At that point I was limited by the SATA bus on that older laptop.

On a desktop machine with a newer SATA bus I get 230 megs a second (that's megabytes not megabits) and that's not even what the max on the drive can get. If I put it on a 6Gb/s SATA bus it's not impossible to see 300 megs a second or more. Of course, it all depends on what kinds of writes you're doing, sequential vs. random, plus block sizes, but since I'm not Anand, I'll leave that detail to him.

 SSDs are FAST. That is not a lie.

Point is this. Do yourself a favor and breathe new life into your computer with an SSD. You deserve it.

Here's the way to think of it. A $400 SSD will cost you just over a dollar a day if it lasts a single year. It will likely last at least 3 to 5 years, but still, if it lasts a YEAR. That's a dollar a day for hours of daily unmitigated joy. What other upgrade in your life could you do for $400 that would totally change your computer life AND give you time back? Well, a few, but I hope you see the point.

Drink one less coffee a day and get an SSD instead and you'll be as productive as two cups of coffee! ;)

There's only one downside to SSDs in my experience. When they do die, and all things do, there is no warning. SSDs don't make noise, or cough or make head sounds. SSDs don't give you warning, they just die. Instantly. So, always have complete image backups of your systems. If a drive dies, you should be able to get back up in a few hours.

Do it. It's the holidays.


Sponsor: This week's ComputerZen feed was kindly sponsored by DevExpress. Do check out their new stuff like DXv2 and perhaps check out a free trial of their complete suite of Developer Tools. I've personally been a huge CodeRush fan for years.

About Scott

Scott Hanselman is a former professor, former Chief Architect in finance, now speaker, consultant, father, diabetic, and Microsoft employee. He is a failed stand-up comic, a cornrower, and a book author.

facebook twitter subscribe
About   Newsletter
Sponsored By
Hosting By
Dedicated Windows Server Hosting by SherWeb

Disclaimer: The opinions expressed herein are my own personal opinions and do not represent my employer's view in any way.