What’s New Pussycat?

As I sit in the MCT Summit this week I am blown away by what’s coming down the pipe.  These are the things that I will be focusing on in the next little while:

Virtualization

Of course I have been talking about Hyper-V for over a year now… and System Center Virtual Machine Manager is the cat’s meow.  Hyper-V version 2 is now in beta, and a lot of the improvements are going to blow you away.  More on that soon.

Windows Server 2008 R2

I was not a fan of Windows NT 4 Server, but have really liked each release of Server since.  The improvement curve will continue upwards in Server 2008 R2… PowerShell is getting better, but the Active Directory Recycle Bin is going to be a real life saver for a lot of people… I’ve never actually erased an entire Organizational Unit by accident, but I know people who have… this is going to be nice!

Windows 7

I have been using Windows Vista since before it was called Vista.  I am one of those people who loves it, and have never looked back.  I know there are a lot of people out there who disagree with me, and for those of you who are waiting with bated breath for the new version, the wait will not be long now.  Stay tuned!

More and Better

I wish I could tell you right now about everything we are discussing this week, but the reality is I am trying to listen to Joey Snow right now as I type… pretty tough to do both.  Besides, there’s no NDA for this week so we’re not actually learning anything NEW and unreleased.  That’s going to wait until next month… but believe me, there’s a lot coming out from Microsoft this year that will make us all happier… let’s talk more about that soon!

A Violinist in the Metro

I came across this piece in the 180 Systems Blog (www.180systemsblog.com) this evening and found it fascinating.  Please feel free to visit them for more insightful pieces.  -M

A man sat at a subway station in Washington DC and started to play the violin; it was a cold January morning. He played six Bach pieces for about 45 minutes. During that time, since it was rush hour, it was calculated that thousands of people went through the station, most of them on their way to work.

Three minutes went by and a middle-aged man noticed there was a musician playing. He slowed his pace and stopped for a few seconds and then hurried up to meet his schedule.

A minute later, the violinist received his first dollar tip: a woman threw the money in the till and, without stopping, continued to walk.

A few minutes later, someone leaned against the wall to listen to him, but the man looked at his watch and started to walk again. Clearly he was late for work.

The one who paid the most attention was a 3-year-old boy. His mother tagged him along, hurried, but the kid stopped to look at the violinist. Finally the mother pushed hard and the child continued to walk, turning his head all the time. This action was repeated by several other children. All the parents, without exception, forced their kids to move on.

In the 45 minutes the musician played, only 6 people stopped and stayed for a while. About 20 gave him money but continued to walk their normal pace. He collected $32. When he finished playing and silence took over, no one noticed it. No one applauded, nor was there any recognition.

No one knew this, but the violinist was Joshua Bell, one of the most renowned musicians in the world. He played one of the most intricate pieces ever written, with a violin worth 3.5 million dollars. Two days before his playing in the subway, Joshua Bell sold out at a theatre in Boston where the seats average $100.

This is a real story. Joshua Bell playing incognito in the Metro station was organized by the Washington Post as part of a social experiment about perception, taste and priorities of people. The outlines were: in a commonplace environment at an inappropriate hour, do we perceive beauty? Do we stop to appreciate it? Do we recognize talent in an unexpected context?

One of the possible conclusions from this experiment could be: If we do not have a moment to stop and listen to one of the best musicians in the world playing the best music ever written, how many other things are we missing?

Your Certification Journey Starts With a Single Step

Sunday morning I woke up to find a foot of snow in my driveway; time to break out the shovel!  I dressed up warm (the thermometer read -9°C / 19°F), grabbed my shovel, and opened the garage door… and was flummoxed.  Where should I start?  There was a wall of snow all along both sides of the garage that was equally deep right to the foot of the driveway, some thirty-five feet away.  I stood there for a minute and weighed my options, and then I put the shovel to the snow and scooped up my first shovelful.

Thirty minutes later I had cleared off the top third of one side of the driveway… I honestly never thought I would get that far!  Although the end was not quite near, I could certainly see how far I had come.

I drew a parallel between that progress and my IT certifications; I thought back to the first time I really looked into it, and realized that it was not as simple as saying I would take a few courses and pass a few tests, I had to plan out a course of action, and the starting point was oftentimes as complicated as the material I had to learn; which course should I take first?  What study materials and methods should I use?  When would I be ready to pass my first exams?  It was so nerve-wracking I occasionally thought about giving up… and it was nearly eighteen months before I would pass my first exam.

Sure, certifications are complex… it would likely be simpler if it was a linear path from start to finish, but that is simply not the way it works.  You have to really know what you are doing before you set out, and frankly that can be a daunting challenge, one that I am sure has prevented many people from setting out.

What should you do first?  You have to decide what it is you want your certifications for; if you want to be a developer or an IT Pro… and a dozen other decisions.  My advice?  put your shovel to the snow and scoop up your first shovelful; If you are not simply thinking of changing careers but have been working in IT for a while then chances are you know what you are comfortable with; look to see what certifications are available.  You might be comfortable with the desktop operating system, so a logical ‘first shovel’ may be one of the desktop OS exams – TS: Configuring Windows Vista (70-620), or even the Microsoft Certified Desktop Support Technician (MCDST) exams (70-271 & 70-272).  They may or may not have much to do with what you want to eventually do, but they are a good way of learning what certifications are about.

The public newsgroups are replete with certification advice, and you can have your questions answered by passionate people who are either where you are or were once.  If you want to invest in classroom learning then most training centres will have sales consultants who can answer a lot of your questions as well.  If you are leaning towards e-learning then many of the IT vendors (Microsoft, Cisco, Novell, etc…) will offer some sort of e-learning options that are worth exploring. 

The point is that after a while you will discover what is right for you, what works and what doesn’t, and when you wake up one day you will realize that you may not yet be a Microsoft Certified Master, but you do have a couple of exams under your belt!

My driveway is clean today, but it is going to snow again this week and I am going to have to pick up my shovel again; just like that, certifications is something that is ongoing rather than a journey to an end.  The first certifications I achieved are now obsolete, but that doesn’t matter because I have replaced them with more relevant ones now.  However if I had not started when I did… when would I have?

When will you?

Get All the Facts

 IMG_0003On Sunday I was shoveling my driveway, and quite enjoying myself.  I had decided ahead of time to only do one side of it that day, and  finish it Monday or Tuesday.

As I stood at the base of the driveway admiring my work someone came up to me and said ‘It looks like you didn’t plan that out very well!’  I asked what he meant, and he pointed out that I had shoveled the right side of the driveway, but (as displayed) my car was parked in the garage on the left side.

I looked… and from where he was standing I could understand his criticism.  I reached into my pocket and clicked the remote control which opened the right side garage door, exposing our main family vehicle.  The gentleman was a bit embarrassed, and apologized for the remark, complimented the job, and continued on his way.

The encounter made me think of so many discussions I have had in the past; some people are quick to criticize accomplishments without having all the facts.  It is important to remember that we may see what is in front of us, but not necessarily all of the relevant facts. 

A client called me frantically several months ago following a conversation that she had with a colleague.  She wanted to know why it was that I had not implemented a backup solution for their desktop PCs and Outlook PST files; her colleague had criticized me for my short-sightedness and recommended that she speak with ‘her IT guy’ who would do a much better job for her.  Of course because that colleague did not know that I had implemented a complete backup solution on the server and redirected all desktop folders to Network Shares she could not know that backing up the actual workstations would be redundant.  She did not have all of the facts, and that is an easy way to come to the wrong conclusions.

Someone once said that the more someone talks the less they know; I do not know if that is true, but it is certainly easier to learn by listening than by talking… the more facts you have the better informed you will be when you do speak.

January in Ontario… My shovel runneth over

It happened again… over a three day period nearly a foot of fresh snow fell on Oakville.  As I usually do I ignored it for a bit until it got too bad for my car to drive through, but this morning I decided to get out there and clear it.  I actually discovered in December how much I actually enjoy this task… one that I had never really had before this year.

You may have read my article ‘I’m an IT Pro and Welcome to Winter’ (Posted Sunday, December 21, 2008) which included videos of me doing my thing.  It was the first intense exercise I have done in some time, and I got a feeling of satisfaction that you cannot get from watching someone else do it for you.

IMG_0007So Sunday morning I bundled up nice and warm (It was gorgeous and sunny… and -9°C / 15°F outside) and grabbed my shovel.  I actually have several implements that I could have chosen, including a very efficient push-scoop that can move a lot more snow with a lot less effort, but I opted for the same red plastic shovel that features in the videos from December.  I started at the top of the driveway, and decided to only do half of it (we have a two car garage so a two car driveway, but are currently only using the single car).

There is a man who lives in our circle who gets by on doing ‘menial labour’ for the neighbourhood.  Last year we paid him every time there was a snow storm to shovel the driveway.  After I had been shovelling for about ten minutes he came by and asked if I wanted him to take over, and would only charge me fifteen dollars for the entire job.  I thanked him, but told him that I was doing fine on my own, and wished him well.  He’s a nice guy and we chatted for a few minutes, and then I put my earphones back on and continued.

Several minutes later one of my neighbours came by and asked if I wanted to borrow his snow blower to save time.  He had seen the videos on my blog, and figured I could save a lot of time and effort by ‘automating the task.’  I declined, and then as we were chatting he noticed in my garage a contraption parked between the cars.  ‘Is that what I think it is?’  He was referring to my snow blower, which I recently paid to make sure it was well tuned.  He was perplexed, but it is very simple.

I mentioned that I discovered that I enjoyed shovelling the driveway.  Part of that is because it needs to be done, and is part of taking care of one’s home.  This is my first year as a homeowner, and it is fulfilling to put your back into maintaining it.  However there is much more to it than that.

Of course it is great exercise… I used to be in great shape, and am upset that I have allowed that to falter.  Walking the dogs is great, but shovelling really gives you a much more complete workout… Even now I feel my shoulder and arm muscles, in addition to my legs!

I find shovelling very relaxing.  It allows me to be alone with my task… and my music.  It also allows me to get a lot of fresh air; the task took no less than ninety minutes, and all along I was out in the sun, getting exercise, and of course enjoying the solitude of my music.  It is therapeutic.

Perhaps the best part of the task is finishing… at 1:15 I came into the house and Theresa heated up a bowl of her mulligatawny… there is nothing better on a cold day than a hot bowl of soup, but you cannot really appreciate it in quite the same way if you didn’t spend the time outside earning it!  If I wasn’t on a diet I would say that a cup of hot chocolate or even a big bowl of creamy clam chowder was what the doctor called for, but Theresa made the soup from scratch, and it was as satisfying as it was warming.

I will spend Monday at home working… but sometime during the day I will take the time to shovel the other half of the driveway.  It is completely unnecessary of course – we are happy as a single-car family; but the feeling of accomplishment coupled with the exercise make the left side of the driveway too tempting to resist!

A Quick Guide to Phinding Phishing

The following message appeared in my Junk Mail box today. (These are only the first few lines… it looked complete and quite official)

From: paypal.support@520838.com

Security Center Advisory!

PayPal is constantly working to ensure security by screening accounts daily in our system. We recently reviewed your account, and we need you to verify information to help us provide you with secure service. Until we can collect this information, your access to sensitive account features will be limited or terminated. We would like to restore your access as soon as possible, and we apologize for the inconvenience.

Why is my account access limited?
Your account access has been limited for the following reason(s):

· February 27, 2008: We have reason to believe that your account was accessed by a third party. Because protecting the security of your account is our primary concern, we have placed limited access to sensitive PayPal account features. We understand that this may be an inconvenience but please understand that this temporary limitation is for your protection.

Click Here to Remove Account Limitations (http://62.57.72.20/blocks/19483.paypal.com/webscr_cmd_login-run.php?%3c-*-%3ez%5b3,$0%20dAN%5b=iz%5b3|As0,d%3c-*-%3e)

It went on to include warnings about security, never sharing your password, protecting your account, and so on.  It looks, on the surface, to have come from PayPal.  Of course it also includes a convenient link to change you password, and will remind you again that for security reasons, you must enter your account name and existing password to proceed.  Gotcha!

This is a relatively common scheme called phishing.  A play on the word fishing, phishing schemes send out millions of e-mails that in almost every way look like they came from eBay, Paypal, or your financial institution.  They show up in your e-mail with a warning that you need to stay safe, starting with changing your password immediately.  Of course they include a convenient click-here link which takes you to the login page.  You enter your credentials and you are done… literally.  What you have done is given a bogus site your real credentials to the real financial institution, which they will use to take your money and ruin your good name.

Microsoft has gone to great lengths over the years to protect its users from these schemes, but because they are inexpensive and simple to operate they keep coming.  Users who use the latest and greatest operating system and e-mail client from Microsoft and keep them properly patched are less at-risk than those who do not… as stated in the first line this e-mail showed up in my Junk Mail folder, and in order to even see the graphics (let alone click on a link) I had to proactively move the message to a safe location, and mark it as safe.  That is because different components of my network – starting with my mail server but including Windows Vista (with Internet Explorer 8.0 and Microsoft Office Outlook 2007) are regularly patched with phishing definitions.  These definitions do their best to keep up with the various cutting-edge methods of treachery used in these scams.  However a user on an older, un-patched OS using an older mail client will not have the same security… and will usually not know it.

When you are unsure of an e-mail, the first rule is DO NOT click on anything.  Do not even download the graphics if your mail client allows for that option.  If you are absolutely convinced that your account has been compromised then rather than clicking within the message, open an Internet Explorer browser and type in the URL of your site manually.  That is the surest way to know that you are where you belong.

Here are a couple of tips you can look for to be 100% sure that someone is trying to scam you:

  1. E-mail from any institution that you regularly do business with will end with their domain name, so PayPal will be from @paypal.com… never paypal@<anything else>.com
  2. Legitimate URLs (Universal Resource Locators) – or web addresses – follow simple rules; it is only what follows the domain name that can look like gibberish.  The click-through link included in this message is designed to look like it comes from 19483.paypal.com… it is right there in bold; of course, this is hidden from you within the Link itself – you are meant to simply click on the words Remove Account Limitations which will open the Internet browser.  So in the address bar of that Internet browser look at the address… the site name is what is found between the http:// and the first forward slash (/).  So in the address above the site is located at 62.57.72.20… an IP address.  No legitimate business in the world – certainly no reputable one – uses IP addresses in their sites in place of domain names.

Of course all of that is interesting technically, but from a social engineering point of view there are several telltale signs within the message that prove its illegitimacy:

  1. Neither my name nor my account is in the e-mail anywhere.  Legitimate e-mail from proper sites will generally be addressed to me: Dear Mr. Garvis, and so on;
  2. In much the same way, legitimate e-mail will usually be signed by a person.
  3. According to the e-mail my account was compromised on February 27, 2008.  If it was a legitimate threat it would not come ten months late.
  4. Financial sites do not limit access… they block it until you change your password.

In November I got a call from my bank informing me that my bank card might have been compromised, and asked me to go into the nearest bank at my convenience to have the card replaced.  They cancelled the card on the spot of course, and they called me (slightly early on a Saturday morning if I recall) apologizing for the inconvenience.  I found this a bit inconvenient, but quite secure.  Had they sent me an e-mail I would have been immediately suspicious, and would have called anyways.  Notice that this e-mail does not have a phone number to call.

Phishing is scary because of its prevalence and anonymity.  Although it is a simple crime to avoid (imagine muggers asking you to click here before they stole your wallet!) it is also astoundingly easy to get caught… simply lower your guard for a minute and they have you.  If you suspect that you have been targeted, you should contact the legitimate institution immediately; if you fall victim to a scheme then your first step is to contact your local law enforcement agency who will guide you… although because of the international nature of these crimes it might be years before you ever see progress – if ever.

Microsoft Dog Food (NOT what you think)

I just got an e-mail from the Microsoft Company Store confirming they were shipping my recent order… which I read as this:

‘We wanted to inform you that your most recent order of DOG TREATS is en route.’

This week’s ‘Gingit’ toll:

  • 1 pair leather shoes (mine…)
  • 1 Xbox 360 wireless controller
  • 1 Wireless Notebook Presenter Mouse (for those keeping score her THIRD)
  • The latest Macleans magazine
  • A chequebook (the last one I had)
  • 1 Lego helicopter (not mine)
  • 1 EA Sports game (Aaron’s)

Sigh…

Day Job versus Independent Consultant: Which is right for you?

I was looking for an e-mail from years ago when I came across this letter I wrote to the Senior Editor (Careers) for TechRepublic.com nearly six years ago.  Although the circumstances hardly apply to me anymore it may be interesting for IT Professionals just starting out, weighing the pros and cons of leaving their cozy and safe day jobs for the wild world of independence… or combining both!

It should be noted that I wrote this letter six weeks before leaving my day job; I did not have any certifications yet (I would get my first within two months).  The economic climate was probably much safer then than now, so that was not a concern at the time.  As well in Canada I was safe if I got sick – socialized Medicare and such.

I have spent the past three years as the M.I.S. Director of a local security company.  Along the way I made a lot of good contacts, and people started (as they will) seeking free advice.  From time to time 'they' would ask for help with a problem, and if I could accommodate them without interfering with my day job, I would.  The occasional jobs started to supplement my income nicely, and I was exposed to a lot of systems and software that I had either forgotten or would not otherwise have been exposed to.

Well one of these clients was so pleased with my work that they mentioned me to a colleague of theirs, who happened to be a long-lost friend from high school.  Ron and I had grown into computers together, and now he ran a computer consulting firm.  We met up again at a party, and he asked me if I would be interested in doing some sub-contracting.  We discussed it the next week and he gave me the name of a client whose company ran a small local area network.  Before I could even meet the client, she called and asked if I could do a favour by visiting a client of theirs whose computerized cash registers were down. 

I fixed up the client's client's problem by eliminating the virus from their system, and all of a sudden what had once been an occasional after-work job had turned into an every-lunch and every-evening job.  I had established a steady client base of small businesses who were frustrated by a long string of consultants and technicians who charged big bucks but were either unqualified, unreliable, hard-to-reach, or dishonest.  After listening to what each had to say, I examined who I was: I was certainly qualified and definitely honest.  So by making sure I was reliable and easy to get in touch with I could probably make some good extra spending money.

Though I still have my day job, I am billing on average fifteen hours per week.  My clients are extremely happy, and I am earning more money consulting than I do at my day job.  I know that many of my clients would be very happy to see me quit my day job to be more available, and that is in the long term plan.  I am also studying for a number of certifications, which will open even more doors to companies who may be sitting on the fence about hiring someone like myself.

My two greatest concerns about going at it as an independent were that clients would not want to pay for my services, or worse that the clients would not be knocking on my door.  However most business owners and managers that I have come across are not afraid to pay the hefty hourly rates that I charge, if that is what it takes to know that their systems will be working, and if they go down that I will be straight with them about what it will take to get them up again.  As long as I maintain my reputation and good name by offering those four points – qualified, reliable, accessible, and honest – I would be in good shape.

In a day and age when anyone can print up business cards and call themselves a computer consultant, businesspeople have to be able to separate the wheat from the chaff.  I tell my clients that there are consultants who charge twenty dollars per hour – and are worth every penny of it, and there are consultants who charge one hundred and twenty dollars per hour – and are worth every penny of it.  When your business relies on its computers to work right this time and every time, which do you think is your best bet to get you there?

Oh What a Night!

IMG_0057 New Years Eve… December 31st, 2008.  We left our hotel at 1pm and did not stop having an incredible time for over twelve hours!  I started to blog when we came home last night, but it was a lost cause.  It is now New Years Day, and I have a lot to remember from last night.

We had tickets to see Jersey Boys, which was by far the best of the shows that we have seen this trip.  The star of the show – Dominic Scaglione Jr. – had an incredible voice, and was a really nice guy… he and his entourage happened to walk into the bar where Theresa and I were sitting after the show, and spent a few minutes talking to us.  We had already gotten a picture of him with Theresa, but took this opportunity to get an autograph.

Drinks were at the bar in Gallagher's, across the street on 52nd Street West.  Max was pouring the drinks, and he did not seem to be measuring his pours.  Around 6:00 I asked for a table, and we had an excellent steak dinner… not Berns’ or Moishe’s, but definitely a great steak!

 IMG_0071We walked along 8th Avenue to 42nd Street where we had concert tickets… what a madhouse!  Theresa and I made sure to stick together, and with a little effort we got to the 42nd Street Checkpoint in one piece.  We showed our tickets to no fewer than three NYPD cops, and then got to B.B. King’s.  We were all bundled up because we figured we would have to wait in line outside, but as luck would have it they were letting people wait in the bar, where we met a really nice couple from Tennessee.  Tom and Charlene were the nicest people, on their first vacation in several years and loving New York City.

IMG_0129 When they started letting people into the lounge we were near the front of the line, and got a great  table… and the drinks kept coming.  All I can say is it is a good thing that we were not driving!

Chuck Berry was incredible… at his age (he has to be seventy years old!) he isn’t duck-walking anymore, but he sure has the voice, and can play the guitar like nobody’s business!  He played all of our favourite songs, and then some… Maybelline, Oh Carol, My Ding-a-Ling (an interesting audience participation sing-a-long!), and Sweet Sixteen.  Leading into midnight he brought a couple of girls from the audience on stage, and broke into Johnny B. Goode… WOW!  He really knows how to make people move!

Somehow for the last couple of songs Charlene ended up on stage with Chuck and the band… and she did not disappoint the drunken entourage that she left behind!  Just look at her in this picture, dancing with the man himself.  Theresa stayed behind, and Tom and I were just taking as many pictures as we could, while dancing along. 

IMG_0151Sadly the show had to come to an end, as all good things must.  As we made our way to the door Theresa opined that it was definitely her greatest New Years Eve ever… and I spent a minute trying to think of a better one.  I have spent them with friends, I have spent them with family… I spent two in the army.  None that I can think of can hold a candle to what we did last night (sorry Brad… at least you got your award!).  Great shows, great food, great people, and the woman I love.  What more could a man ask for?  I hope you all had a great time too… and wish you and yours the best for an incredible 2009!