Geeked out

I’ve been silent this past week (at least on the blog) because I’ve been immersed in a new computer.   As you might guess, in my line of work I spend a lot of time punching the keys of my laptop.   It’s the most important business tool I have, and every four or five years — just after I’ve gotten the current computer completely tweaked the way I want it — I buy a new one.

The latest new computer has been overdue.   I have been running Airstream Life on a Mac Powerbook that I bought in 2004, and although it has been a durable and trusty machine, lately I’ve been feeling the pinch of obsolescence in little ways.   Like my daughter’s clothes as she grows, the sleeves of the old Powerbook were beginning to look a little short

The new MacBook Pro that I bought to replace it will ease a few technological stresses.   For example, my collection of photos (now over 100 gigabytes) had long ago outgrown the computer’s hard drive and was spread out over three external drives.   The new computer can easily handle the entire catalog on its internal drive.   iPhoto, the Apple “consumer” software I had been using to manage the catalog, is now replaced by the much more capable professional software called Aperture. Now I can manage my entire photo collection and get it organized the way I always wanted it to be.

The keyboard on the old Powerbook has been replaced once already, as my constant typing seems to erode the key caps to unreadability.   I am hoping the new computer’s keys are more durable, but I’m not very optimistic.   The last three computers I have owned have gone to their graves with worn-out keys.   Someday perhaps computer designers will come up with a more durable plastic.

The old Powerbook has a dent near the power connector (a souvenir of a drop in Tampa’s airport) that makes the connection a little flakey.   It is missing one of its four feet, so it wobbles a little in use.   Two or three of the case’s screws have worked out and disappeared forever.   The computer shows all the signs of a machine that has been in full-time service for years, but it still ticks along just fine, so I’ve dragged my feet on replacing it until last weekend.

The new MacBook Pro is a beautiful thing, if you’re the sort that gets misty over computer hardware.   I must admit that I am.   I’d rather have a slick new laptop than a shiny new car.   I spend a lot more time with my laptop than I spend in the car.   Actually, I spend more time with my laptop than I do my wife.   She’s gone to bed, but me and my digital mistress are still up spending quality time together.   So having a computer I can respect in the morning is really important to me, and perhaps that explains why — once every four or five years — I’ll spring for the big bucks required to buy a top-of-the-line Apple Mac.

One of the justifications for the upgrade is security.   I’ve always been very aware that the loss of my computer could be devastating, so I have long had a program of backups, and secondary backups, in case that should happen.   I keep an external hard drive with me when we travel in the Airstream and back up the critical data at least weekly.   A secondary backup sits in a fireproof safe in an off-site location.   But my old computer was so maxed out on disk space that it was a real challenge keeping all my sensitive data together, and secure.   And with the airline travel I’ve been doing lately, I’ve been reminded that there are many ways that I could have a data security problem.

Let’s run through a typical scenario, and you’ll see what I mean.   I take the laptop on a business trip, and while waiting for my flight, use the free wifi network provided at Tucson International Airport. Anyone can join that wireless network, and with easily obtained software, they can “sniff” the signals my computer is sending across the network.   By doing so, they can steal my secret passwords, account numbers, and other information.   A hacker can also observe the email messages I send and receive while I’m on that network.

Did you know that if you enter the US with a laptop or any other electronic device, the Customs and Border Patrol folks can take it without any justification, examine it, copy the data, and keep it indefinitely?   It doesn’t happen often, but I can’t imagine anyone who would be happy about it.

Another common situation: What if my computer is lost or stolen while I’m traveling?   It is loaded with all kinds of information that I really don’t want other people to have: customer data, financial data, passwords, medical records, personal bills, business plans, etc., plus that wonderful 100-gigabyte photo database.

So I’ve been thinking about data security, and reading articles online.   It turns out that securing your data is much more complex than it looks.   You’ve got to find ways to lock down the data when you’re away from the computer, and when you are transmitting data via the Internet, while keeping the computer usable.   There are dozens of ways your data can be compromised, and most people aren’t aware of even the most rudimentary means to protect it.

What can be done, and the myriad solutions, could fill a book.   I won’t try to explain it all here, but I will mention a few steps I’ve taken (some of these are Mac-specific).

First, I’ve encrypted my hard drive.   On the Mac, a program called FileVault does the job.   If my computer is lost, the data is unreadable without the encryption password.   That’s probably the single most important change I’ve been able to make as a result of getting the new computer.

Second, I’ve started to use encrypted email services.   This is available through Google’s Gmail, Apple’s Mobile Me, and various other services.   Encrypted email is protected between my laptop and the mail server, so if anyone is sniffing a wireless network while I’m sending or receiving mail, they won’t be able to make sense of it.

But encrypted email services don’t protect mail once it is sent through the Internet, so I’ve also taken the extra-geeky step of obtaining a “personal security certificate” (free through Thawte and others).   This allows me to encrypt my email so that only the recipient can decrypt it.   The catch here is that I can only send encrypted email to people who also have personal security certificates.   I only know one other person in that category, my longtime business associate Brett, but in the future I’m going to require that all employees and contractors who handle sensitive business data, obtain and use a security certificate.

Fourth, I’ve fixed my computer so that a login password is always required, even to wake the computer from “sleep” or “screen saver” state.     If I walk away from the computer for a few minutes (say, to get a second muffin at Panera Bread), I can easily lock things up and unlock them when I get back, without restarting the computer.   I don’t want to have to worry when I’m fetching a cranberry muffin.

Fifth, I’ve made my backups more robust.   Instead of just copying critical files, I’m using Silverkeeper to make complete “clones” of the computer’s internal hard drive, on external drives.   Those clones are complete copies of the hard drive, down to the last bit.   If my computer is lost, I can plug the clone drive into any other Macintosh and boot it up just like my original.   I’m back in business in seconds.

Sixth, I’ve begun using IMAP instead of POP3 for my email.   This probably doesn’t mean much to most people, but suffice to say that using IMAP means I can access my email from various devices, send, and trash messages, from almost any device or computer in the world, and when I get back to my laptop everything I’ve done will be perfectly synchronized.   This helps if I lose my computer.   Before I can get my backup drive hooked up, I can continue to manage messages without dropping a byte.

After tweaking everything for a week, I’ve got the computer set up and locked down.   It’s not perfect, but it’s light-years ahead of where I was a week ago.   I’d still be devastated if the MacBook Pro were stolen or lost, but at least now I won’t be up all night wondering who is looking at my data.   I’ll just be wondering what I’m going to do for a new digital mistress.

Comments

  1. Bill D. says

    Congratulations on your selection of a new digital mistress, the new MacBook Pro:

    http://www.apple.com/macbookpro/features-15inch.html

    Undoubtedly, you have already experienced, what Apple calls, the typing bliss of her new light touch keyboard. (No need to pound on this babe.) My one year old MacBook Pro has the older keyboard which requires a firmer touch on certain keys. So I use and enjoy Apple’s wireless keyboard, which is similar to your new keyboard:

    http://www.apple.com/keyboard/

    BTW, I’m curious why you are using Silverkeeper to make complete “clones” of the computer’s hard drive. Time Machine (which I use and comes with your operating system) makes up-to-date, automatic back-ups of everything on the Mac:

    http://www.apple.com/macosx/features/timemachine.html

  2. says

    Hi Bill

    I tried Time Machine for a week but had several complaints about it.

    (1) It keeps hourly backups which consume massive amounts of disk space. I have never wanted to “roll back” my system to a prior version and so the hourly backup is a nuisance to me. I found third party software that allowed me to reduce it to 1x/day, but still my 320gb backup hard drive was filled within a few days. Since I travel and use USB-powered hard drives exclusively, getting a much larger drive just to placate Time Machine was not appealing.

    (2) Time Machine doesn’t work well with Filevault. Once the “home” folder is encrypted, Time Machine refuses to back it up — until you log out. This takes 10-30 minutes on my computer, during which time no other work can be done. Since we are often on the road boondocking, leaving the computer on solely to accommodate a dysfunctional backup methodology didn’t work for me.

    (3) Silverkeeper can make a fully bootable clone. Time Machine can’t. So if you have total hard drive failure, your only option with Time Machine is to repair or replace the computer, then reload all your files. That’s slow and means delays.

    With a clone, I can plug into any Mac (such as Eleanor’s) and begin work immediately with a separate user account. No file copying is required, and I can do this without disturbing the setup of the spare computer’s owner). This gets me back to work faster and gives me more options in a disaster.

    Thanks for the congrats. I do like the new keyboard!

  3. David says

    Sounds familiar. I’m using a PowerBook G4, but lusting for something newer. The MacBook Air didn’t entice you?

  4. says

    Hi David

    Yeah, the MacBook Air didn’t do it for me. The lower weight didn’t justify the compromises in performance and features, in my opinion. The max disk is 120gb, which is what I had in my previous computer. The screen is much smaller and has lower resolution, the processor is much slower, it only has one USB port and no Firewire, less memory, no Ethernet, etc. Also, I use the CD/DVD drive almost daily, so having it as a separate component (as it is on the Air) didn’t appeal to me.

    I also like a fairly large screen. I considered the 17″ laptop quite a long time, but eventually settled on the 15″ as a good compromise of weight and size.

  5. Zach Woods says

    Hello Mac Folks –

    One other issue with the Air – maybe this has been fixed in newer production versions, I don’t know – over-heating.

    Have two friends who have been very dissatisfied with how frequently / easily their MacBook Air’s will overheat on them. Aside from general worries about what this has or could do to the hardware, this definitely would put them in a position where software would stop functioning at in-opportune moments.

    Zach

  6. says

    Congrats! I recently bit the bullet and got myself a new laptop too. It is pure heaven. My old Toshiba seems like a dinosaur when I look at it now. I know… GASP! I am not a Mac user. I hope I won’t be shunned for it here! I have been beaten nearly blind by certain friends who act as though I have vowed an alligence with the devil himself by buying yet another PC! Anyway… PC or Mac… a new laptop is a thing of beauty! Happy surfing!