Geeked out

I’ve been silent this past week (at least on the blog) because I’ve been immersed in a new computer.   As you might guess, in my line of work I spend a lot of time punching the keys of my laptop.   It’s the most important business tool I have, and every four or five years — just after I’ve gotten the current computer completely tweaked the way I want it — I buy a new one.

The latest new computer has been overdue.   I have been running Airstream Life on a Mac Powerbook that I bought in 2004, and although it has been a durable and trusty machine, lately I’ve been feeling the pinch of obsolescence in little ways.   Like my daughter’s clothes as she grows, the sleeves of the old Powerbook were beginning to look a little short

The new MacBook Pro that I bought to replace it will ease a few technological stresses.   For example, my collection of photos (now over 100 gigabytes) had long ago outgrown the computer’s hard drive and was spread out over three external drives.   The new computer can easily handle the entire catalog on its internal drive.   iPhoto, the Apple “consumer” software I had been using to manage the catalog, is now replaced by the much more capable professional software called Aperture. Now I can manage my entire photo collection and get it organized the way I always wanted it to be.

The keyboard on the old Powerbook has been replaced once already, as my constant typing seems to erode the key caps to unreadability.   I am hoping the new computer’s keys are more durable, but I’m not very optimistic.   The last three computers I have owned have gone to their graves with worn-out keys.   Someday perhaps computer designers will come up with a more durable plastic.

The old Powerbook has a dent near the power connector (a souvenir of a drop in Tampa’s airport) that makes the connection a little flakey.   It is missing one of its four feet, so it wobbles a little in use.   Two or three of the case’s screws have worked out and disappeared forever.   The computer shows all the signs of a machine that has been in full-time service for years, but it still ticks along just fine, so I’ve dragged my feet on replacing it until last weekend.

The new MacBook Pro is a beautiful thing, if you’re the sort that gets misty over computer hardware.   I must admit that I am.   I’d rather have a slick new laptop than a shiny new car.   I spend a lot more time with my laptop than I spend in the car.   Actually, I spend more time with my laptop than I do my wife.   She’s gone to bed, but me and my digital mistress are still up spending quality time together.   So having a computer I can respect in the morning is really important to me, and perhaps that explains why — once every four or five years — I’ll spring for the big bucks required to buy a top-of-the-line Apple Mac.

One of the justifications for the upgrade is security.   I’ve always been very aware that the loss of my computer could be devastating, so I have long had a program of backups, and secondary backups, in case that should happen.   I keep an external hard drive with me when we travel in the Airstream and back up the critical data at least weekly.   A secondary backup sits in a fireproof safe in an off-site location.   But my old computer was so maxed out on disk space that it was a real challenge keeping all my sensitive data together, and secure.   And with the airline travel I’ve been doing lately, I’ve been reminded that there are many ways that I could have a data security problem.

Let’s run through a typical scenario, and you’ll see what I mean.   I take the laptop on a business trip, and while waiting for my flight, use the free wifi network provided at Tucson International Airport. Anyone can join that wireless network, and with easily obtained software, they can “sniff” the signals my computer is sending across the network.   By doing so, they can steal my secret passwords, account numbers, and other information.   A hacker can also observe the email messages I send and receive while I’m on that network.

Did you know that if you enter the US with a laptop or any other electronic device, the Customs and Border Patrol folks can take it without any justification, examine it, copy the data, and keep it indefinitely?   It doesn’t happen often, but I can’t imagine anyone who would be happy about it.

Another common situation: What if my computer is lost or stolen while I’m traveling?   It is loaded with all kinds of information that I really don’t want other people to have: customer data, financial data, passwords, medical records, personal bills, business plans, etc., plus that wonderful 100-gigabyte photo database.

So I’ve been thinking about data security, and reading articles online.   It turns out that securing your data is much more complex than it looks.   You’ve got to find ways to lock down the data when you’re away from the computer, and when you are transmitting data via the Internet, while keeping the computer usable.   There are dozens of ways your data can be compromised, and most people aren’t aware of even the most rudimentary means to protect it.

What can be done, and the myriad solutions, could fill a book.   I won’t try to explain it all here, but I will mention a few steps I’ve taken (some of these are Mac-specific).

First, I’ve encrypted my hard drive.   On the Mac, a program called FileVault does the job.   If my computer is lost, the data is unreadable without the encryption password.   That’s probably the single most important change I’ve been able to make as a result of getting the new computer.

Second, I’ve started to use encrypted email services.   This is available through Google’s Gmail, Apple’s Mobile Me, and various other services.   Encrypted email is protected between my laptop and the mail server, so if anyone is sniffing a wireless network while I’m sending or receiving mail, they won’t be able to make sense of it.

But encrypted email services don’t protect mail once it is sent through the Internet, so I’ve also taken the extra-geeky step of obtaining a “personal security certificate” (free through Thawte and others).   This allows me to encrypt my email so that only the recipient can decrypt it.   The catch here is that I can only send encrypted email to people who also have personal security certificates.   I only know one other person in that category, my longtime business associate Brett, but in the future I’m going to require that all employees and contractors who handle sensitive business data, obtain and use a security certificate.

Fourth, I’ve fixed my computer so that a login password is always required, even to wake the computer from “sleep” or “screen saver” state.     If I walk away from the computer for a few minutes (say, to get a second muffin at Panera Bread), I can easily lock things up and unlock them when I get back, without restarting the computer.   I don’t want to have to worry when I’m fetching a cranberry muffin.

Fifth, I’ve made my backups more robust.   Instead of just copying critical files, I’m using Silverkeeper to make complete “clones” of the computer’s internal hard drive, on external drives.   Those clones are complete copies of the hard drive, down to the last bit.   If my computer is lost, I can plug the clone drive into any other Macintosh and boot it up just like my original.   I’m back in business in seconds.

Sixth, I’ve begun using IMAP instead of POP3 for my email.   This probably doesn’t mean much to most people, but suffice to say that using IMAP means I can access my email from various devices, send, and trash messages, from almost any device or computer in the world, and when I get back to my laptop everything I’ve done will be perfectly synchronized.   This helps if I lose my computer.   Before I can get my backup drive hooked up, I can continue to manage messages without dropping a byte.

After tweaking everything for a week, I’ve got the computer set up and locked down.   It’s not perfect, but it’s light-years ahead of where I was a week ago.   I’d still be devastated if the MacBook Pro were stolen or lost, but at least now I won’t be up all night wondering who is looking at my data.   I’ll just be wondering what I’m going to do for a new digital mistress.