Destroying Old Hard Drives

If you’re anything like most people we know, you probably have been holding on to some old hard drives or computers not sure what to do with them before you get rid of them. Here’s what we recommend:

1. First, erase the drive. You can do this on any 10.7 or 10.8 Mac easily by booting into Recovery Mode (Hold Command-R at boot) and then use Disk Utility.
2. If you’re really concerned about sensitive information, you can use the secure erasure option, but be prepared to give it some time to run. This can take hours.
3. Once you’re done, extract the hard drive. Depending on the model, this can be difficult, but it’s worth it for peace of mind. Check iFixit.com for a take apart guide if you need to, but since this machine won’t work again, don’t worry about keeping track of the screws.
4. Once you have the HD out, grab a good hammer (I prefer a 5lb sledge, but any claw or ball-peen hammer will work) and just beat the ever-loving crap out of it.
5. Your goal should be to hit the spindle in the center, which will often get you radial fractures in the magnetic platters, which is a death sentence for any residual data.

Then, take the whole thing to your neighborhood ecycler. Most communities these days have free options for ecycling old electronics. Check with your neighborhood waste disposal group for options.

Other methods of destruction that will work include:

1. Drill Press
2. Firearm (if legal in your state, please be responsible.)
3. The PD-4 Hard Drive Destroyer (a steal at $5,000)
4. Disassembly

But really: just don’t burn it. Too many toxic chemicals that you don’t want to breath. That includes microwaving it, folks.

Twitter’s Mass Email

This afternoon I, and many others, received an alarming email from Twitter.

It said, in short, we’ve been compromised at least in part, and we’ve reset your password as a security measure.

The details of the hack are on Twitter’s blog and basically seem to say that Twitter lost a bunch of credentialing information.

What’s that mean?

Twitter may have given up a bunch of information related to your account.

I have a twitter account (@tbridge) that has an email address attached, a password attached, and some server-side security stuff like session tokens attached. This information, it seems, was compromised at Twitter.

This doesn’t mean that my plaintext password was compromised, because they don’t store my plaintext password anywhere. My password is mathematically altered by a “salt” which then results in a value that they store. Think of this like a secondary security measure that means if they DO get this information, it’s only useful insofar as they have an email they can target for a password reset (that’s what got Mat Honan), and it’s a way to link users to accounts.

So. What should you do now.

Well, if you got an email from Twitter - or someone claiming to be them - I would read it carefully, and then don’t click on anything in it. It’s not a good plan to be alarmist, but this is also a good time now for spearphishing. Instead, go to twitter.com, and use their site to reset your password.

Picking good passwords is simple if you do one of two things. Option 1 is my preference, and that’s using a password generator/rememberer like 1Password which stores secure information securely. Option 2 is to use techniques like correct horse battery staple from XKCD.

Either are good.

The recommendation this week from people who know is that 16 characters is a good place to start passwords, and 20-24 characters is a good place to be. If you need to write these down do just that but then store those like you’d store your passport, a stack of cash, or those pictures you told your high school sweetheart that you destroyed: in a box with metal walls and a lock on the front.

This whole thing has me wanting better technology than passwords, but I’m not sure that’s ready yet.

The Java Problem, and what you should do

Hello everyone,

This is a security update concerning your Macs and PCs, and you should stop and read the following and take action if necessary.

This week, security researchers have identified a Zero Day Exploit (meaning, a security flaw that was released into the wild without notification) that affects Java. This security problem is severe and should be treated with the utmost caution. Apple has taken the precaution of blacklisting Java Applets within Safari for those running Mac OS X 10.7 and 10.8, but those running 10.6.8 or earlier should take some precautions to ensure their safety for the time being. These steps are also necessary for those running 10.7 and 10.8 and using Firefox or Chrome as your web browser:

Chrome

• Click on the Chrome menu, and then select Settings.
• At the bottom of Settings window, click Show advanced settings
• Scroll down to the Privacy section and click on Content Settings.
• In the Content Settings panel, scroll down to the Plug-ins section.
• Under the Plug-ins section, click Disable individual plug-ins.
• In the Plugins panel, scroll to the Java section. Click Disable to disable the Java Plug-in.
• Close and restart the browser to enable the changes.

Note: Alternatively, you can access the Plug-ins settings by typing about:plugins in the browser address bar.

Firefox

• Click on the Tools menu and then select Add-ons
• In the Add-ons Manager window, select Plugins
• Click Java (TM) Platform plugin to select it
• Click Disable (if the button displays Enable then Java is already disabled)

Safari

• Choose Safari Preferences
• Choose the Security option
• Deselect Enable Java
• Close Safari Preferences window

There is a planned update to Java to fix this issue, but it is not currently available. We will provide a second update once it’s available.

Please share this information widely.

Note, if you do have a critical application that requires the Java plugin in your web browser to be functional, contact us for details on how you can use Java with reduced risk.

Storm’s comin’.

Dear Clients & Friends,

If you haven’t heard, a confluence of 2 major storms (A Nor’easter and Hurricane/Tropical Storm Sandy) is expected to hit our area possibly as early as Sunday.  They’ve even given it a catchy name, Frankenstorm.  Washington Post coverage is here http://tinyurl.com/8n7y99s

We hope it fizzles out and we just get a little wind and rain.  However, now is a good time to think about what you will do in the event of loss of power, loss of internet and phone services (including cellular) and possible flooding or physical damage to your facilities. It’s possible your business operations could be affected for several days.

In the event of a data, power, or telephony outage, we’re available on call throughout the storm to assist.

We’ll be tracking the storm and will issue additional updates as warranted. Please don’t hesitate to get in touch if you have any questions.

iOS 6 is here!

Today, Apple released iOS 6 for the public. Generally speaking, while we think it works pretty well, we recommend that you hold off on updating for a few days to let the crush subside, and any showstopper bugs that made it through extensive testing in Cupertino get squashed. Apple has a good “What’s New?” page, but don’t take their word for it, here’s a few of the highlights of iOS 6:

Turn by Turn Directions

One of the most glaring faults in the native iOS Maps app had been its lack of good turn-by-turn directions. While there was a vibrant third party market, nothing ever quite felt right to me in terms of the UI.  The new Maps app in iOS 6 is a huge leap forward.  The new Map tiles are quite attractive, and that’s all well and good, but really what I am excited about is the pervasiveness of the turn by turn directions, and the extensibility of maps.  

Maps in iOS 6 can be extended for different routing instructions, for transit directions, for course running, for cycling, and we should see a fair number of expansion packs in the App Store. 

Do Not Disturb

The only thing that’s ever made me miss a Blackberry was the lack of a good Do Not Disturb mode on the iPhone, and thankfully that’s been fixed in software.

Do Not Disturb mode in iOS 6 shuts out all warnings, reminders, and sounds. It can be set on a timer, so that your phone doesn’t bother you at night, or at lunch, or during your workout. Like a good assistant, though, you can tell it when it’s okay to bother you. You can specify a group of contacts in your address book that can make it through, or set it so that if you get two calls from the same number in less than three minutes, it can make it through.

Reminders from other apps

The Reminders app that debuted with iOS 5 has gotten a big boost from Apple in iOS 6, in that other apps on your phone can now add reminders to your lists.  That means that third party apps will be able to set Reminders in the future, including geofencing and timing of reminders. Pretty slick.

Siri on your iPad

Yes, those of you with the most recent iPads will also have Siri starting in iOS 6. Siri has new features, also, allowing you to get directions to anyone in your Find My Friends app, as well as access to sports scores, Open Table restaurant reservations, and more.

iMessage on your iPad now gets your iMessages to your phone number

This has been one of those things so long in the process that I could’ve sworn it had happened by now, but starting with iOS 6, iMessages sent to your iPhone number can also be read at your iPad.

A Better Phone App

Not taking calls? Send someone a text message back, “Hey, I’m on the phone right now, call you in a few” or “what’s up?” or other custom messages of your choosing.  You can also set a reminder from their call screen to call them back after you’re off the phone, which is pretty great.

VIP Inbox

Email isn’t all equal. Those forwards from your second cousin, and the latest sale warning from that shop you went to once on vacation in 2007 just don’t rate the same attention as your spouse, significant other, or favorite coworkers.  Now, you can setup contacts as deserving of VIP status and they get their own inbox on your phone. Messages here can be read and responded to without wading into the fray of the rest of your email. Think of this like a priority inbox, but for your phone.

Panorama camera

If you have an iPhone 4S or an iPhone 5, the camera application got a sweet new feature to create a Panorama. Start the Panorama, then just move your camera smoothly to the right. Follow the on-screen arrow, and it will generate a panorama photo right from within the app. Impressive.

Photo Streams upgrade

For those of you with iCloud accounts, you can now share parts of your Photo Stream with other users on the fly and automatically. Take a photo, add it to a shared stream, and it just arrives on the other person’s devices like magic.

Some Questions and Answers

When’s it out?

It’s out now!

What’s it cost?

It’s free. Yes, really.

How can I install it?

We’re still sussing out if it will be an over-the-air update (I don’t think it will be) or if it will be done through iTunes, but it’s a safe bet that iTunes is the easiest way.  That means you’ll plugin your device, open iTunes, and handle it through iTunes.  We really, really recommend doing it this way instead of over the air.  If you want a very detailed guide, our friends at Macworld have written a beauty on how to do it.

Anything I should do before I install it?

Backup your phone or iPad before you do. If you use iCloud backup for your device, plug it into power, and then go to Settings > iCloud > Storage & Backup > Back Up Now.  If you sync with your computer for backup, make sure that you sync before you upgrade.

How long will it take to do the upgrade?

Leave at least an hour to do the upgrade, including the time to backup your phone or iPad before starting.  Once complete, you must sync with your phone to have all the data re-transferred back to your iPad, so if you have a large iTunes database on your iPad, it may take longer to transfer.

Which devices can run iOS 6?

iPhone 3GS, iPhone 4, iPhone 4S and iPhone 5 on the handheld side, as well as the iPod touch 4th generation, and then iPad 2 and iPad 3 devices. Not all features will be available on iPhone 3GS and iPhone 4 handhelds.

Google Accounts, Privacy, and Our Clients

If you maintain any Google accounts (Google Apps, Gmail, YouTube, Google+, etc). Google will be changing their privacy policy to allow them to consolidate or share your web search history among their products.

We thought our clients and friends should be made aware of the possible impacts of this change.

From the Electronic Frontier Foundation:

On March 1st, Google will implement its new, unified privacy policy, which will affect data Google has collected on you prior to March 1st as well as data it collects on you in the future. Until now, your Google Web History (your Google searches and sites visited) was cordoned off from Google’s other products. This protection was especially important because search data can reveal particularly sensitive information about you, including facts about your location, interests, age, sexual orientation, religion, health concerns, and more. If you want to keep Google from combining your Web History with the data they have gathered about you in their other products, such as YouTube or Google Plus, you may want to remove all items from your Web History and stop your Web History from being recorded in the future.

Visit the link below to find out how to remove your existing web search history. We recommend that if you want to delete your web history, that you do it without delay.

https://www.eff.org/deeplinks/2012/02/how-remove-your-google-search-history-googles-new-privacy-policy-takes-effect

Please get in touch if you have any questions or concerns that we can address.

Regards,

Mark & Tom at Technolutionary

iCloud, iOS 5 and Mac OS X 10.7.2

By now you’ve likely heard, Apple has released iOS 5 for mobile devices, OS X 10.7.2 for Macs, and iCloud. With the release of OS X 10.7.2, Lion appears to be ready for prime time. We have been testing iOS 5 and OS X 10.7.2 since its early beta release and we’re ready to pronounce them both “ready for primetime,” with some notable exceptions*.  While download and activation servers were under high load initially, they have settled down and you should not experience undue delays.

The upgrade to iOS 5 is free for all users of iOS, and works on the iPhone 3GS and iPhone 4. The iPhone 4S that is released on Friday will come with iOS 5.

The biggest feature we’ve been asked about is iCloud. iCloud is the successor to Apple’s MobileMe service.
iCloud works as a web between your iOS and Mac OS devices, to sync documents and photos, and if you’re not already using an ActiveSync account for Calendars and Contacts (like so many of our clients do with their Kerio accounts), it can work with those, as well.  In addition, it provides you with a secure backup service “in the cloud” at Apple, which means should your iPhone be stolen, provisioning a new iPhone is as simple as logging in with your Apple ID when you get your new phone.  Backups occur over WiFi only, and happen only when the iPhone or iPad is plugged in.

iCloud requires OS X 10.7.2 to work on your Mac, but works on your iOS 5 device without requiring OS X 10.7.2.
If you care currently using MobileMe to sync data from your Mac to iPhone and your Mac is still running MacOS 10.6 (aka Snow Leopard) you will want to hold off upgrading your iPhone to iOS 5 until after you upgrade your Mac to MacOS 10.7.2.
If you upgrade your iPhone to iOS 5 or purchase an iPhone 4S and sign into iCloud for syncing your MobileMe account is converted to an iCloud account.  If your Mac is not running MacOS 10.7.2 you will lose the ability to sync with your Mac (you will still be syncing to iCloud)

Apple has released some documentation about what that might mean for those still running OS X 10.6:

 http://support.apple.com/kb/HT4929

The highlights: Without OS X 10.7.2, you will not be able to access any Calendars or Contacts associated with your iCloud ID on your 10.6.8 Mac. This won’t affect many of our clients who are already using Calendar & Contact syncing with Kerio accounts or Google accounts.

 The upgrade to Mac OS X 10.7 is a paid upgrade for those using OS X 10.6 and above, and volume licensing is available for Apple beginning at 20 users. We would be happy to help devise a migration path for your office or personal computers. 
* Current caveats include delegation of calendars for Kerio users (being fixed in Connect 7.3.0, a free maintenance release due in November) and any users of software that requires Rosetta under Snow Leopard (Office 2004, some versions of Adobe CS products, and other programs. Check http://www.roaringapps.com for any applications that are fairly old.)

tj asked: Preserving battery life: you can turn off cellular data entirely. Also, IIIRC turning off Wi-Fi's "Ask to Join Networks" will help preserve battery life. Same with Settings » Sounds » Vibrate [turn off]. (Also note: Turning off location services will help, but it will also mean that you can't use Google Maps to find your location or use "Find My iPhone".)

TJ’s got a few extra tips for you in the run up to the storm.  You *can* turn off cellular data, but dialing it back to EDGE will give you maximum utility. A text is cheaper on the battery than a phone call.  

iPhone Battery Preservation Tips for the Hurricane

Hurricane Irene is set to arrive in the DC area tomorrow afternoon, and with it possible power outages throughout the Metro DC region. Here are a few tips to keep your iPhone lasting as long as possible:

• Turn off Push Notifications. You really don’t need a message from Facebook that Janie’s dog did the cutest thing.  Settings > Notifications > Off
• Turn off Bluetooth. You’re not driving in a hurricane. Turn off Bluetooth to save a bit of extra juice. Settings > General > Bluetooth > Off
• Turn off 3G. The goal here isn’t updating Twitter or keeping up on work email, it’s preservation of the phone so you can call Pepco or BG&E when the power goes down. Moving to EDGE data will help. Settings > General > Network > 3G Off
• Turn off Location Service. If you’re hunkered down, you know where you are. You can always turn this on for a bit to see where the nearest pizza place is: Settings > General > Location Services > Off
• Turn off Push email & calendaring. Again, this is a hurricane, so you don’t need that calendar invite from your cousin right away. Same for the email from your mother in law. If they need you, they’ll call, which is what we’re saving battery for. Settings > Mail, Contacts & Calendars > Fetch New Data > Push: Off
• Turn off auto-check of email. If you’re important enough to need this, you’re important enough to be somewhere with a gen-set, a massive flywheel UPS, and redundant bandwidth. Turn it off. Settings > Mail, Contacts & Calendars > Fetch New Data > Manually
• Turn down your screen brightness. Given how dark these storms are, you can lower your brightness from blinding to dim. Settings > Brightness
• Shorten your auto-lock period. See previous statement about hunkering down. This is more to save battery than be convenient. I’ll forgive you for turning off your passcode (if you can) for this weekend, if you want. Turn it back on Monday. Settings > Auto-Lock > 1 Minute.
• Make sure to kill graphics-heavy apps like Angry Birds. From the home screen, double-press the Home Button, then press and hold on the app icon, then hit the red minus at the top of the icon in the switcher tray.
• If coverage goes out, switch to Airplane Mode. In the event of cell coverage going out, or worse, getting spotty, switch to Airplane Mode for a while. Searching for signal is very battery intensive.

Alright, that ought to do it for now. Good luck & good hunting.