January 2006


Details here and here, in case you haven’t already seen it.

According to F-Secure, they were the ones who found this and informed Symantec about it last year… and they claim it’s “not nearly as bad” as the Sony issue.

Interesting comment, coming from a competitor.

I disagree with this excerpt, though. They claim it’s not as bad because:

“The main difference between the Symantec rootkit and Sony rootkit is not technical. It’s ideological. Symantec’s rootkit is part of a documented, useful feature; it could be turned on or off and it could easily be uninstalled by the user. Unlike Sony’s rootkit.”

Regardless of whether Symantec had better “intentions” than Sony, was there ever an expectation that the average user would truly understand how this “documented, useful feature” worked, or how it exposed them to potential exploits? Do you think the average Symantec user truly understands what the risks are of leaving the feature enabled? Both companies implemented a technology that they thought would be useful, and they did it in a way that exposed the user. In fact, you could make the claim that the Symantec rootkit is even worse, since users were given a false sense of security about their systems because they software installed that was supposed to protect them from exactly this kind of exposure. And as a security company, they should have known better than implement it the way they did.
From a security perspective, the Symantec issue is just as bad as the Sony issue, since both expose the user in the same way, regardless of what the ultimate intention was. Whether you believe that Sony’s rootkit is ideologically worse probably depends on your opinion on DRM: personally, I don’t like it, and I fall on Cory Doctorow’s side of that debate. But if you’re in favor of DRM, then both companies did the exact same thing: they tried to implement functionality, and they unfortunately did so in a way that was profoundly broken.

…and in many cases, things I don’t currently have. Info based on the 14 months I’ve been working from home so far.

Some of these are very specific to working from home long-term, not just the occasional day here and there, but they are points to consider anyway.

  • A comfortable chair: get an Aeron, you’ll be sitting down a lot more when you work from home than when you’re at the office. If for no other reason, you don’t have to stand up and walk over to a conference room, since you’ll be on a phone conference. Plus, the coffee machine is closer to my desk at home than it is at work, so I’m back sitting down faster. STATUS: got one of these, probably the cheapest Aeron model, but it’s well worth the money. I’ve tried several different other models from Office Max and the like, but by the time you find one you like and doesn’t cut off circulation to your legs over the long run, you’ll have spent the equivalent of the Aero anyway. And by the way: buying Aero’s for $100 on eBay from failed dot-com liquidators? May have happened in 2001. It doesn’t any more.
  • A good desk, with plenty of space. This one is obvious and is true for the office as well, but since you’ll have more personal stuff (mail, magazines) hanging around at home, you’ll need an extra corner. Don’t get the IKEA cheapies, get something solid that won’t drop the sliding keyboard tray into your lap every third time you open in.
  • An espresso maker. If you’re a coffee drinker, you don’t want to have to get into your car every time to get to the local shop. I’m not a coffee snob, I don’t want to spend $800 for the latest Gaggia, I’m not that good at telling the difference. I use a Starbucks Barista, and it works for me. If you want regular coffee, get one of those and make Americanos instead: they taste better. STATUS: I got the Barista as a gift from someone who bought it and never used it. Score! If you can get a burr grinder, you’ll get better/fresher results by buying whole beans, but that will cost you $150 for a good grinder. Go to your local coffee shop and get espresso-ground, store it in an air-sealable container. Remember, I’m not a coffee snob, so there are probably coffee connoisseurs out there fainting away as they read this, but it tastes fine as long as you use it within 5 days or so.
  • As a counter to the previous item: a local coffee shop with free Wi-Fi. You’ll need to change your environment every so often to avoid going crazy, especially if you live in a very cold climate where you can’t leave the house for months at a time. In Minnesota, this means Dunn Bros, since Starbucks and Caribou both charge for WiFi (a business principle equivalent to charging separately for sugar these days), or–even better–your real, locally-owned coffeeshop (e.g. the Riverview). STATUS: got this, although I don’t make it out there that much these days since it’s too cold to bike. Yes, I’m a wimp.
  • A real speaker phone. I have an AT&T model phone that has a simple speaker phone in it (this one), but it’s not really suited for all-day use. I didn’t think I’d need one, but home phones do not work well for long conference calls, even with an earpiece.  STATUS: don’t have one, want one if someone else will pay for the $600+ that the decent Polycom models seem to require.
  • A bluetooth/wireless earpiece that can connect to a landline. The Jabra Bluetooth 6210 seems to fit this bill, but I don’t know what the battery life is like. STATUS: don’t have one, want one, not willing to pay $150 for one.
  • Separate systems for home and office use. Don’t mix the two, EVER! The temptation will be strong to put your software, your documents or your digital pictures on the office machine, especially if it’s the faster system or the bigger hard drive, but don’t do it. Seriously. There are so many reasons why mixing the two is a bad, bad idea.  STATUS: well, I have about 7 systems at home, and the office computer is the least powerful of them all, so this isn’t a big problem for me.
  • File/data sync software: use this to regularly copy the remote office files you need to your local system, otherwise you’ll be frustrated every time you open that 20MB Word doc across your cable modem, and you’ll kick yourself when your cable modem or the VPN are down. I use Groove, Outlook (in cached mode) and FileSync from FileWare, amongst other things. I don’t recommend the Microsoft SyncToy across a VPN connection: it’s awfully slow. To be honest I hesitate a little in recommending FileSync, since I’ve never heard back from them on 5 attempts to recover my registration info: I’m not sure they’re even still in business. But it’s a great app. I do love FolderShare (free!), and I use them for personal docs, just not on the office system.
  • Corollary #1: the copy on your home computer should NEVER be the only copy of a document. If it is, you are standing on a hill in a thunderstorm wearing chainmail and waving a golf club in the air, asking the Gods of Computer Catastrophe to pay more attention to you instead of trying to find more words that mean the opposite of “serendipity”.
  • Local backup. Just copy all the files you need to back up to the office computers, you say? Not such a good idea. If your office computer system (that one with the VPN software loaded) fails, how do you access them? I do regular backups of the docs on all my systems to DVD, so when (not if!) one of them fails I can access the docs from another one. Of course, the office DVDs need to be protected in some way: they may contain company confidential information, so it’s not sufficient to just copy all the files over: they must be encrypted and/or physically protected. STATUS: got a DVD burner on each machine. They’re cheap these days: I got Sony models for $39 after rebates. Just don’t buy too much media at once: the price on DVD+/-R media drops faster than you’ll use that 100-pack that looked like such a good deal at $80 last month.
  • Random collaboration tools: whatever you need. NetMeeting, some form of IM, video conferencing if your company supports it. You’ll need to do something to make up for the loss in face time, and in my case that means constantly reminding people of my presence via email, IM, internal blog postings… it’ll be different depending on what you do and what tools your company uses. STATUS: Outlook, Exchange IM, AIM, Trillian, iChat/AV with iSight, Polycom ViaVideo, WebEx… even PC remote control tools. I use ’em all, because I want to be available to anyone who wants to connect. Remote control tools are especially important because sometimes you just need to see what someone else is clicking on that gives that weird error, or they need to see your desktop so you can walk them through something.
  • Scanner and printer. You usually don’t need a fax machine if you have a scanner, and I forward scanned copies of bills and invoices to our Finance department using the scanner and email. They actually like it more than faxes, which are just an analog copy of something that started out in digital and will go back to being digital in the end after about seven conversions. STATUS: have’em. Got three scanners, in fact: one just for slides, but that’s for personal use.
  • A decent knowledge of computers. You’re remote: from the Help Desk’s perspective you might as well be on another planet. Learning how to troubleshoot basic computer problems will save you hours of frustration and waiting while the Help Desk tries to get their remote support tools to work over the VPN (which they were never designed or architected to do in the first place). STATUS: computers are my life. I’m OK.
  • A door. You need to be able to separate work and home life, and that means sometimes being able to shut the door. If for nothing else, to avoid your recently toilet-trained son from running in and proudly shouting what he just did in the potty… right as you start a video conference with the SVP of IT. STATUS: yes, that did actually happen to me. I’m not very good at keeping the door closed, since it starts to feel a little claustrophobic, but my family is very good at understanding that when I’m in the office, I’m at work.

I’m not including the standard software you’ll need as part of maintaining a healthy and usable PC/Mac (antivirus, anti-spyware, email, productivity suites) since that will be dependent on what your company uses, and is not specific to telecommuting. But you do need this stuff on your personal computers too: that’ll be another post.

This is probably the best-written review and preview of the functionality in Office 12 I’ve seen so far. Lots of screenshots.  Like the ribbons, but that’s going to be a major interface change for users: how many will go right in and click the “view old-style menus” on first launch?

I went to the local SharePoint user group meeting yesterday and was pretty impressed with the integration with the next version of SharePoint (which is not fully addressed here), but the workflow and wiki/blog/RSS capabilities for SP that integrate right into Office are very nice. I’m not in love with the current version of SP as a blog tool: the permissions alone to allow comments without allowing full posting rights are a nightmare that no one has been able to implement correctly (without it being a maintenance nightmare), and you can’t really blog from Outlook or any other app in Office in any way that has meaning for the average user. That doesn’t stop people trying to use it for blogging: give someone a hammer, all problems start to look like nails.  But the next version… ahhhh, the next version.

Isn’t that always the case?

Strangely enough, the presentation mentioned that it was only supposed to be shown under NDA, but no one there signed anything.  I know I didn’t.  So how much can I talk about it?  Can I mention the Deleted Items folder?  The one we’ve been asking for since, oh, the Mesozoic era?

…and a warm welcome to 2006! Not for any particular reason, 2005 was a perfectly good year. But new starts are always appreciated.

Speaking of new starts, I’ll join everyone else in the world in recommending Merlin Mann’s 43 Folders blog. His “email DMZ” post is brilliant, and a variation on what I do every so often: grab all of the emails in the Inbox that are older than X (I use 2-3 weeks) and DO SOMETHING ABOUT THEM. Delete them as a last resort, but follow up on them, create a task, create a calendar item to set aside some time to work on them, but do something. Get them out of the bottom of the pile and deal with them… I always surprised about how many emails are sitting down there at the bottom, that I couldn’t answer at the time but I can now, or that have become irrelevant in the meantime.

It takes care of a lot of emails in one fell swoop, which makes you feel better about yourself (as long as you were honest and didn’t just delete the whole lot), and gives you some extra incentive to get other work done once you’re in the groove and feeling like you’ve accomplished something today.

And of course, the biggest question so far has been… “But will it run Windows? Or Linux”

No reason they won’t apparently, in spite of the original protection that kept the beta versions from running on non-Mac hardware..

(Warning: annoying Javascript-based interface)

Link

“Phil Schiller, Apple’s senior vice president of worldwide product marketing, said in an interview Tuesday that the company will not sell or support Windows itself, but it also has not done anything to preclude people from loading Windows onto the machines themselves.

“That’s fine with us. We don’t mind,” Schiller said. “If there are people who love our hardware but are forced to put up with a Windows world, then that’s OK.”

So how about a dual-booting MacBook running OS X and RedHat with OpenOffice?   Or triple-booting running the Vista beta and Office 12?  Joy!
Now, there’s no reason to believe that something won’t change in the future to change this (similar to how Apple has limited certain functionality of iTunes with each update), but at least it’s not forbidden out of the gate.  I assume that the similar underlying hardware architecture will mean that virtualization of Windows apps under OS X should run faster, but there are probably caveats to that, and running Virtual PC under Rosetta is going to be painful for the time being (multiple layers of virtualization, translating from Intel to PowerPC back to Intel again).

So far we do know that the MacBook won’t have FireWire 800 (only 400), and there is still no word on the battery life anywhere.  That’s troubling, and would be a large compromise to that 4-5x speed increase (on Spec numbers that Apple has long derided as irrelevant) if you can only get an hour’s worth of power on the plane.  That speed increase applies to the computer, but it doesn’t mean I can get my work done 4-5x faster in order to finish before the battery dies.