Blog of a Long Distance Worker Tech

The blog about mobile tech

Monthly Archives: March 2009

Skype Starting to Dominate the International Long-distance pie

Skype has emerged as the largest provider of cross-border voice communications in the world.’

Skype Starting to Dominate the International Long-distance pie.

Certainly as a small business undertaking much of my service on customer sites in multiple countries, Skype has become a huge part of my mobile communications infrastructure, providing low cost international roaming phone services. Now with fring and the upcoming iPhone Skype application, we are moving to an ideal world of communications for those who operate away from home base.

Unfortunately for Skype, the large business world has not been listening to this conversion, and Skype needs to make huge inroads into the enterprise market to become truly ubiquitous – something that it is pushing forward with Skype SIP.

We will have to see how it goes.

Travel Assistance

tripit As I have just begun a heavy round of travelling, I started to look around for help with the tracking of all my travel and hotel layovers. As I will be travelling every week for a long period, I really needed something that will both help in the practical forward planning of trips and also in the retrospective tracking of when I was in one country over another.

My initial thoughts turned to using calendar events in my Outlook Calendar but that was a little unwieldy and fairly manual to setup, so I started to think about online services that can assist. I did not look far as I noticed that a service called Tripit.com was integrated into my Linkedin account, noticed because I could see travel notifications coming up for a variety of my contacts, particularly those that are heavy travellers. So I activated it directly from within my Linkedin account, which took me through the Opensocial app configuration and onwards to the Tripit service itself.

Tripit offers two direct ways of registering travel/hotel events – the straightforward (and not very clever one) is to go on and create manual events through direct entry. The better option however is to simply send each email that you receive from the travel services you are using to the plan@tripit.com email address. The service will then simply sieve the email for pertinent information about the flight or hotel booking such as start date/time, end date/time, location from/to and final destination etc, and to then populate your itinerary for the trip automatically. The service sends you back an email once it has processed the information. This service works because in the basic registration, your email is registered by the service and it also allows you to specify a total of four separate email addresses from which you send in travel arrangement emails.

My initial use of the system has been favourable and it seems to do an excellent job of processing the emailed information and certainly setting up the locations and times for all parts of the journey. It does less well at other information such as costs, but that is a minor detail as I use other mechanisms of recording expenses and costs. The service also emails me the summary of my forthcoming trip a few days beforehand – very useful in the preparation for the journey.

As I am using it via the Linkedin account, by default my travel plans are posted to my profile for my contacts to see where I am going and when which has a level of usefulness, particularly when it matches where I am with my contacts. However this may not be liked by all, and the system offers privacy features to reduce the amount of information shared all the way down to none if you wish. The main tripit.com service also offers other services including direct subscription with other contacts, which I have used sparingly at this point but will be continuing to evaluate its usefulness. Additionally the service offers RSS and iCal feeds back out of it which can be integrated into your Calendar to give a clear view of your travel plans alongside your appointments, however I have yet to fully validate how these can be used or how they work.

All in all a useful service for the long distance worker, particularly for those who fly out of the country and have to keep track of where they have been for tax or operational reasons. I have not looked into other services however but for now this works well for me.

Whole Disk Encryption Update

lock It has been a whole week since I moved my main machine over to using whole disk encryption through Truecrypt. I though it was timely just to give a short update on experiences.

Firstly, it has not crashed :-) .

Everything is working fine exactly the same as my experience immediately after the installation.

Secondly, the performance also has continued to match what I reported – about a 10-15% slowdown on disk access. The worst impact is on standard boot or restart from hibernation, but I have slightly altered my behaviour to account for this. The change is that I am using suspend a whole lot more, and I am lucky that the MSI Wind U100 clone I have has an interesting feature that is almost like a neat feature I have in my Vista machines – the move to hibernation after a period of time in suspend. Let me explain further, if I suspend my laptop on mains then it will stay suspended until I press the magic power button and almost immediately go into the Windows logon screen. If I am suspended on battery however, after a period of time the machine will enter hibernation mode to save battery life. This means I use suspend as the first option (getting around the slow restart from hibernation) always.

Thirdly, have I noticed any other long term effects? Well I have noted that the auto defrag tool of choice does not auto defrag as often as it used to. I believe this is a tuning matter, a property of how I have been using the machine which I will watch over time to see if I can confirm what is going on. Secondly (and related to why I noticed the defrag), the encryption of the HD is (as expected to be honest) is playing funny buggers with the level of fragmentation – the machine does seem to be tending towards getting a higher level of fragmentation.

So all in all, this has been a successful implementation with some areas to watch. I will give an update on a longer term basis of course, so watch out for that in the future. Also are you using disk encryption? What are your experiences?

Getting Things Done

Not all the things that a Long Distance Worker has to look at is pure technology. One major aspect is making yourself more productive as you tend to be amongst the busiest people in any company. Getting Things Done is a phrase you may have picked up on the Internet and it has become an importent methodology or set of tools that you can use to help navigate the modern business world with email, phones, voicemails, Skype, Twitter, Friendfeed etc desiring your attention. Have a look at this video from Workfast TV that is an interview with the originator – David Allen and he is not the Whiskey sipping Irish Comedian of the same name :-) – once you have done that, just google the phrase and you will find so many sources of information to keep you fed for a while as you take on board a lot of its very useful advice.

Whole Disk Encryption – The Holy Grail

You have your nice laptop for running around the world with, you are on a business trip to Warsaw and then suddenly after getting off the plane and on your way to your meeting you find that you do not have it. Doh! you remember that you put it in the little pocket of the seat in front of you just before you landed but you forgot to get it out. You frantically get in touch with the airline who tell you that nothing has been handed in, and then you start to worry about the commercial secrets that you have on the disk and that copy of the spreadsheet that contains all your banking details. It is lost and available to whoever has the machine. Oh, but you say that you have the OS logon to protect you… wrong, that is easy to bypass when you have physical access, just remove the disk. Oh yes, the Bios password – same issue and anyway you can normally get past that with some secret key presses found in many places on the Internet. What about the 40 bit encryption put in place by Excel on the spreadsheet? – nope that will be gone too with a couple of utilities, and anyway that data is spread all over the disk in temp and page files for the half skilled hacker to get.

So you are screwed. What now?

Well there is something that you could of done that is really easy to have implemented and that would have protected you from all but the most serious of attackers – whole disk encryption. Historically tricky outside of certain quarters, it certainly has been available but only in the last 12 months has it really become simple to implement and use. You could use Bitlocker from Microsoft of course, if you have Vista. Then again you are almost certainly not running Vista and anyway Bitlocker is a little tricky to implement and only available on some versions of Vista – definitely not the one you probably have. So what are the alternatives? Well I will not go into the whole bunch, but I will focus on one which is freely available and simple to implement – Truecrypt, in particular version 6.1 which has largely resolved some critical problems for operation with laptops that earlier versions suffered from. The problems that it used to have was that it would not let you suspend or hibernate, but that is now resolved.

truecryptSo how do we get it? Just go to Truecrypt’s website and download it, make sure that you have read the installation guidance off their website, backed up your important data (because it could go wrong!) and just run the installer and set your passphrase well. In my instance I found a big problem during the installation – I was installing on a netbook without an optical drive and the installation routing REQUIRES that you create a recovery boot cd. It is irritating that a bypass mechanism is not available for this, but this is sort of for your own protection. Anyway, out came the USB CD/DVD writer and a boot CD was dutifully created and installation completed. The installation is pretty simple and includes a test boot but the most interesting fact is that at the end of installation, your disk is still not encrypted. It actually does this as a first step after install completion, and it allows you to continue to run the machine as normal as it churns through all the disk encryption, and allows you to pause the process and/or shut down the machine at any time, for it to continue when you startup again. This is a very nice touch.

The encryption process takes a nice length of time dependent upon disk size but at the end, you have a high level of disk encryption that just happens all the time without you doing anything more. In operation you do not notice a difference at all apart from some performance loss. Now on my Atom based 1.6GHz processor, I reckon that the performance hit in normal operation is about 10-15% where disk access is required (I have not measured it) but there is a much greater effect on the hibernation process – both going into and coming out. Certainly a doubling of the time to do the process and I can only guess that during that phase the disk writing/reading capability is hamstrung in some way but the overall impact is acceptable considering that if I lost the laptop, all my corporate secrets are still secret – as long as I picked a suitably strong pass phrase and logon passwords. Note that for suspend operation, the encryption boot block does not come into operation so your logon password is all that protects you there.

Truecrypt does offer other facilities as well, as it offers multi-layers of encryption and data hiding but for the standard business use a single disk encrypt is almost certainly enough. Truecrypt also offers the more mundane folder encryption particularly for external drives but I will go through that in another post.

All in all then, this is a must both to protect your data and your clients data, and a simple addition to your portable business armoury. If you or your company wants further advice about deployment of software like Truecrypt and security principles that are advisable, then please feel free to contact Blackarrow Consulting via our website for that service.

Corporate USB Flash Drives – The new era in Mobile Data Security?

pic1

With equipment loss and theft at increasingly high levels, according to a recent survey commissioned by Dell, “up to 12,000 Laptop Computers were lost weekly and up to 600,000 lost annually in U.S. Airports with 53 percent of mobile professionals carrying confidential company information”, the decision of where to store data is a common one, especially for the mobile worker.

Whilst independent self employed people and smaller business are choosing to store data either within Cloud Applications such as Google Docs, or online file storage services such as Mozy, users in larger organizations traditionally store their data either on their laptop or a USB Flash Drive.

USB Flash Drives have had a bad press, and one can find any number of stories in the press of storage devices being lost or left in public places with vital data on, however, that landscape has now changed with the introduction of the Sandisk Cruzer Enterprise USB Flash Drive.

The device is a self-contained security powerhouse, incorporating independent 256Bit AES encryption, mandatory access control, complex password requirements and a lockdown mode preventing the device from being used after a set number of incorrect passwords.

The real power, however comes when you couple the USB Flash Drive with the Sandisk CMC Management Software. This software integrates with Active Directory, requires no client software, and provides central backup and restore of data on each device once connected to an authorised computer within the corporate network.

Remote termination technology allows an administrator to remotely deactivate and erase a lost device when connected to a computer with internet connectivity. Once the user associated with the lost device is issued with a new flash drive, the new device automatically restores all data from the previous device stored on a server within the organization.  The software can also generate audit logs showing all files copied onto or off of a device for regulatory compliance purposes.