Friday, December 20, 2013

Read Only Friday - Windows XP, Windows Update, a fatal combination?

Working Slower?

For those using Windows XP, and attempting to follow earlier guidance and best practices by running Windows Update - life has been moving veeerrryyy slooowwwwwly since September.

Patch updates from Microsoft have caused certain machines running IE 6, 7 and 8 to become slow and unresponsive. Microsoft has acknowledged the problem and has tried twice to resolve it in subsequent Patch Tuesday releases. The Windows Update system consumes a high percentage of CPU in the SVCHOST process (which slows down everything else on the computer).

Windows XP will be retired in April, after it's lifetime was extended due to a Microsoft customer revolt against Windows Vista.

Microsoft is trying again to resolve the issue, according to this article in Windows IT Pro.

As a supporter of non-profit Windows users, this is an unfortunate turn of events. The computers behave so badly that I have reformatted one entirely (in an attempt to clear out any potential Malware) but the only resolution is to turn off Windows Update for the time being.

What can be done?

Normally I am a proponent of patch updates. But if you have to turn off updates just to use your machine... This may be a good use case for application whitelisting. Solutions like Faronics DeepFreeze can be helpful (DeepFreeze will wipe away any changes to a system, including Malware). Be aware that preserving older software in a working state also preserves vulnerabilities that have since been patched. This could turn your computing experience into a game of whack a mole...

Recent research indicates that Malware authors tend to hit older vulnerabilities more frequently than newer ones, so I will still be trying to patch these systems once a month from the web.

See an earlier article on patch management issues here:

Update (2/3/2014)

Since December I have been exploring how to run these systems in a stable way. I found that for video playback, SUSE Linux does a great job of playing video files and streaming video. Though I did have to add additional optional codec support, and install Google Chrome to play back Flash videos.

iTunes 11 was slowing down the machines unacceptably, so on the second laptop I installed iTunes 10, and restored an earlier library. I found that iTunes saves a copy of the library file at each upgrade.
Unfortunately iTunes is not available on Linux and Linux based audio players do not seem useful. Though I have not yet experimented with Google's Cloud Payer.

Thursday, November 7, 2013

Read Only Friday - Patch Management - our Silent "Achilles Heel"

Patch Management is held to be a key part of operational security

The drill is "keep everything up to date to handle known vulnerabilities in commonly used software". Sometimes it seems the software vendor does not have the needs of IT at heart. Why is that?

The software vendor:
  1. Responds to market conditions and targets the consumer more often than not
  2. Is constrained by marketing, budgeting and massaging the quarterly earnings reports when responding to reported vulnerabilities
  3. Companies' primary responsibility is to their shareholders, and not to the security of the user

Eliminate Admin rights for users

The other commonly spoken mantra is to eliminate admin rights for users (and administrators as well.)
This way any Malware executeables delivered via email, and some of them delivered via a browser will fail to install. UAC will prompt the user even if they do have admin rights.

Eliminating Admin rights is working well

Eliminating Admin rights is working great in my environment, but it is not a universal solution.
Some software, notably Java, can easily compromise a machine even when the user has no admin rights. Java needs to be constantly upgraded. But embedded systems and back end software often rely on specific Java versions. That means that the vulnerable version of Java can't easily be upgraded, or resides on a machine that the vendor views as an appliance (which should not be upgraded.)

Some users actually use Java, for example to look up information on many State and local Government websites. For the most part I can just uninstall it, but not everywhere.

Software companies respond to user concerns about security

There are differences in how software companies respond to user concerns about security. User concerns affect the shareholder value in a company very directly. Microsoft, to its credit, has provided an entire infrastructure to maintain patches on our MS based systems. Adobe and Oracle have provided update mechanisms in their products - but these update mechanisms are directed at users with admin rights.

Most users don't know what to do when presented with an 'update now' prompt that fails due to the lack of admin rights.

There's a Gap for smaller companies who need to patch Acrobat, Flash and Java

For businesses, the patching process for these products is complicated by the consumer driven 'update' mechanism. We simply want the products to continue working. We don't want the user to have to reconfigure the product, accept a new EULA, and be presented with options to purchase additional services simply to apply a patch.

The answer to these questions is either to manually install every patch, which is either expensive or impossible; or alternatively to repackage the executable using tools that the manufacturers provide.
Repackaging allows you to pre-select the EULA, configure any options that are available and remove weird features that confuse the user - or cause expense to the company. One of those features to remove is the prompt to update the product - because the end user can't complete the task!

In a smaller company - repackaging is out of reach due to the required technical expertise, and the constant interruptions to provide desktop support. End users can't install or update their software. And so the 'security' update feature of products like Acrobat and Java actually causes more trouble.

Chrome does everything wrong. It installs in the user context, and doesn't respect the user's lack of admin rights. But... It updates itself every time it is used, and updated Flash is baked in. Chrome is IT's problem child, Chrome is IT's "Love/Hate" relationship.

What can be done?

There should be a place where we can get tweaked versions of Acrobat Reader and Java, packaged with all the right options. As my mom would have said "For the sake of Pete!" Why should we all have to do this work independently? For open source products this might not be an issue, but for proprietary products - even 'free' software - why is there no repository of tested corporate ready packaged applications?

Sites such as IT Ninja, and Spiceworks do provide tips on how to do the packaging, and installation options for patches. Application virtualization is another way to maintain the current versions of applications.

Licensing issues are the main reason that this has not happened. Also, the software vendors may want to 'offer services' to the end user that we want hidden, Adobe might want to preserve the ability to up-sell the user. IT wants to prevent the user from buying an online PDF conversion service - when the user should just ask us for the full version of Acrobat. And then there is the 'not invented here' factor. Acrobat's packaging methods are different than Oracle's, etc. An important consideration is whether the 'golden' version of the product could be infected in the repository. Companies might not trust a user community to maintain safe patched installers for software.

A Software Repository

Here's what I want to see. Software makers and patch management vendors, for example Lumension, should work together to take a best guess at packaging corporate versions of these applications. These would be silent installs with no user intervention, that have the options set so that users can simply go about their work with no interruptions. Smaller companies can then use a patch management system to maintain the patch level of these applications without hiring someone to repackage the apps.

Patch Management - our Silent "Achilles Heel"

Patch management is a lot like running backups. Patches fail to apply, backups fail for seemingly no reason.
Unless you go digging, the failure is pretty much silent. 

As the flurry of vulnerabilities has grown exponentially it is widely acknowledged that AV is no longer keeping up, patching has to be in place as another foot of the stool. Patching is essential and it needs to occur at an increasing frequency.

Wednesday, October 16, 2013

419 Scam Gets Past Spam Filter?

419 Scam is Fraud, but is it Spam?

Nigerian 419 spam/scam gets past the spam filter? Well not so often, but.. Take a look at this one!
From: Mr.Paul Fletch. []
Sent: Wednesday, October 16, 2013 7:33 AM
Subject: صديقي العزيز ، صديقي العزيز ، هو في الواقع دواعي سروري أن أكتب لك هذه الرسالة ، والذي أعتقد أنه سيكون مفاجأة لكم ونحن لم يلتقيا ابدا من قبل، و أشعر بأسف بالغ إذا كان لدي بأي طريقة بالانزعاج خصوصيتك . أنا السيد بول فليتشر من Harlsden ، شمال غرب لندن ، هنا في إنجلترا . أنا أعمل مع سانتاندر بنك بي إل سي لندن . مع الاحترام والاعتبار الواجبين ، وأنا أكتب لكم من مكتبي من شأنها أن تكون ذات فائدة كبيرة لكلا منا . في إدارتي ، كونها خاصة مدير المصرفية (المكتب الإقليمي لندن الكبرى ) . أنا محاسب الشخصية إلى التأخر في Mr.Ron BRAMLAGE رجل أعمال ، وهو مواطن أمريكي الذي خسر حياته للأسف ، قتل زوجته و أطفالهما الأربعة عندما تحطمت طائرتهم الصغيرة في منطقة مستنقعات في وسط فلوريدا يوم 7 يونيو 2012 . السيد رون BRAMLAGE ، وهو رجل أعمال بارز الذين يملكون المشاريع على الطريق LLC و أيضا وسيط عقاري ، كانت تخطط ل تأتي استثمار في العقارات وغيرها من المشاريع التجارية المربحة هنا في إنجلترا الذي لديه يودع مبلغ مجموعه 13700000 £ GBP ( ثلاثة عشر مليون سبعة £ 100،000 ) في حساب في بنك هنا لدينا والتي أعتقد لا أحد يعرف عن ذلك .
Not really obvious what this is. Why would anyone send us an Arabic message? Of course the spam filter doesn't find any likely spammy phrases in Arabic... Fortunately Google translate will auto-detect the language (don't tell my Spanish teacher please!)

Interesting... I'll bet that opening phrase gets a few hits in Google:

Dear friend, Is indeed a pleasure to write you this letter , which I think it will surprise you and we have never met before, and I am deeply sorry if I have in any way disturbed your privacy
I see hits going back to 2006... The rest of the story changes. There must be a 'fraud template' out there!

Saturday, October 12, 2013

Earth to Chrome...

dangerous marketing?

Chrome is now everywhere. Why?
Because Chrome is lightweight, and seems agnostic to the user's choice of brand.


Chrome prompts me to log in?

Is it time to dump Chrome?

Friday, October 11, 2013

Read Only Friday - debugging Volume Shadow Copy without rebooting a server

One of the most difficult challenges for us is to debug Backup Exec 2010 R3 failures. It seems like they are very frequent and it could be a full time job just keeping backups running! And you know it's Friday - we can't break anything before the weekend, so we have to be ultra careful with the 'god switch'. But, Backups are important to fix, even if they're hard - right?

Microsoft VSS is a technology that powers the 'previous versions' option on Windows file servers. It's pretty much a snapshot service like what you might have seen in another product (NetApp Filers for example), but its baked into Windows. So it doesn't take a lot of work to set a server up to create a backup copy occasionally. By default these snapshots happen at 7am and 12:00pm every day. But you can add or change the schedule to fit your needs.

VSS copies files even if they are currently open. So it also is used when making backups. Because that way the file does not need to be locked, released, or entirely skipped during a backup. Backup Exec has the ability to use the Microsoft VSS driver, but there is also an optional Symantec one available.

When backing up a system it is very helpful to have the Backup Exec Remote agent installed. Otherwise the backup just accesses the file through the usual file sharing methods. Backups with the agent can use VSS, and run much faster.

Troubleshooting backups that fail is very time consuming. Troubleshooting those that fail due to VSS has been pretty challenging! Here is a great blog post on the /misc/tech/musings blog that is really sweet!

Using this information allowed me to get VSS working on a profile server without restarting the machine. Good news on a Friday before a long weekend! (With thanks to Will for pointing me to VSS yesterday!)

Thursday, October 10, 2013

Revelations about Microsoft Security Essentials, What do they Mean for Windows In-Tune?

The Echo Chamber Speaks

Microsoft Security Essentials - It's bad! No, wait, no it's good enough!
For a few years now, security professionals such as myself have recommended to home users to run Microsoft Security Essentials as a good, basic, free anti-virus program. 

The internet echo chamber has made much of a recent interview with Holly Stewart, senior program manager of the Microsoft Malware Protection Center. She indicated that the company is no longer focusing on making MSE the 'best' testing anti-virus program but rather they are focusing on providing information to the community of anti-virus and anti-malware software makers. (A rising tide lifts all boats...)

Thus putting out a nuanced message completely misunderstood in the wild. It seems like every tech journalist is jumping on the "dump MSE" craze. But I have to say that is just a bit too quick. 

For the home user that needs something basic that doesn't break when the subscription needs to be renewed, MSE is still a good solution. (With windows firewall, Secunia PSI and Malwarebytes...)

What others should learn from MSE

One thing that some other providers should learn from Microsoft is that you CAN make an antivirus product that doesn't get in your face all the time and demand attention. For example Avast's free antivirus is just bloody needy, and AVG free which I used to recommend hides the download link behind a ton of advertising (for the fee based version) - and it has a habit of forcing you to upgrade (and find that hidden link) every so often.

The time-limited trials that come on OEM equipment are also a bad idea. I would like to know what percentage of these free trials are never updated after the trial period expires? I have seen a lot of home machines that have expired 'trial' antivirus. And worse, sometimes it is a poorly rated product to begin with! 

Both of these issues lead to computers that have out of date or not functional antivirus... MSE is better than that, as a baseline.

And then in today's news...

Hear Ye! Hear Ye! "It's Good Enough"

We are proud of the protection capabilities we provide for well over 150 million computers worldwide with our real-time antimalware products. We believe in Microsoft antimalware products and strongly recommend them to our customers, to our friends, and to our families.

Here are the competing messages as reported on
No No No
Maybe Maybe Maybe

To quote my old friend Robert W. Warden, "Feh!"

Greater Concern - Windows InTune

I don't have a concern about home users running MSE - if Windows Firewall is running - and patches are updated. In fact I set up systems with MSE and Secunia's wonderful PSI which helps me to keep everything patched and up to date. MalwareBytes free can tighten up the anti-malware side. Geeks out there can take a look at Microsoft's EMET for other options.

But for businesses that use Windows In-Tune the question is how does the lack of sharpness around MSE's detection and mitigation capability affect the anti-virus offering in Windows In-Tune?
We already know that we can't use another provider's anti-malware product with Windows In-Tune.

Is MSE the same as EndPoint Protection?
It seems that Endpoint Protection includes additional tools for deployment and management. That's not helping improve detection....

And this from the big brother product "System Center Endpoint Protection."
Industry-leading Malware Detection
System Center 2012 Endpoint Protection uses the same industry-leading antimalware engine as Microsoft Security Essentials to protect your employees against the latest malware and rootkits. The engine protects against both known and unknown threats with a combination of highly accurate signatures and behavioral detection techniques. It has been highly ranked in independent third-party tests, such as those by AV-Comparatives and VirusBulletin, with special distinction for its low false positive rate.
Industry leading, until we tell you it isn't... Ooops.

So, until we hear otherwise we have to assume that Windows In-Tune only provides basic protection.
Oh - and forget beefing it up with an after-market product.

On a strategy note - I think that Windows In-Tune would benefit from integration of different anti-malware products with something like an App Store strategy. Windows In-Tune is a great idea (one that could put me into retirement!) that needs a little more secure underpinnings...

Monday, September 30, 2013

Generalists and generational shifts.

It's always interesting to consider what makes us successful in our IT careers.

Rob Whiteley (formerly of Forrester) gives his impressions about specialization in the industry. He argues that we need to become more generalists than specialists, perhaps reversing a trend towards specialization in IT that has been going on for decades.
But what does that mean for compensation?

If highly specialized jobs are being off-shored, outsourced and replaced by cloud based applications; then should we anticipate that salaries will decline for these new 'generalist' IT staffers? The story sounds a lot like going from being an electrician to manning the electrical supplies aisle at Home Depot.

In 2003 Nicholas Carr argued that "IT Doesn't Matter", and is essentially becoming a commodity. Others refute that idea, preferring to tout the 'business advantage' of IT. (Which for us IT people means we need to step up to the plate and become full partners in bringing change to our businesses. Oh and educating mahogany row...)

Another side of consumerization - over time it is certainly true that our younger generation needs less basic training to work with systems. But anyone who runs a help desk will tell you that today's VPs are not yet wizards with their computers, and need a lot of help. 

In the 80's and 90's we pushed the corner office to use their equipment to do their own typing and correspondence. It was a hard transition for many who did not have basic keyboarding skills. I can recall one sales guy for example... Well, he was a sweetheart but had a tough time with submitting reports via email!

As an IT generalist, I don't believe that expanding our knowledge (becoming broad in knowledge) will reduce our compensation - because the level of confusion around strategy is greater than ever. And it takes a generalist to see the forest for the trees.

So, here's to generalists and generational shifts!

Wednesday, September 11, 2013

BYOD, MDM, I'll pass...

BYOD... is it 'cracked up to be?'

As a long term Blackberry manager, it was with some concern that I considered transitioning off of the Blackberry platform. The beauty of Blackberry was the security of the messaging platform, the ability to publish applications OTA (wirelessly) and the ability to remotely brick the phone should it be lost.

However, we needed to separately manage our cell phone network to keep the contacts up to date.
And our provider was going through significant challenges transitioning to a new manufacturer and revamping its wireless network. At some point we took a look at a different provider - and the results have been quite revealing.

MDM applications are positioned as an after-market solution to the lack of security and management features on Android and Apple. We considered the option of integrating personal devices, but instead we decided to go with a cheaper contract - and own the equipment. Some basic MDM functionality is provided through Microsoft ActiveSync (the ability to wipe the phone, contact sync with Exchange).

Here were our requirements

  • Synchronize contacts on the phones
  • Calendar integration has to work 100%
  • Provide more smart phones, or allow users to bring theirs in
  • Keep bad things from happening
  • No significant regulatory requirements (not financial services, or defense, no intellectual property)
  • No increase in cost
  • Push to talk feature, possibly avoid replacing ~30 walkie talkies (the FCC changed the channel allocation in January)
  • Reduce management complexity

At the end of the day our decisions were this

  • Stick with providing the phones, but upgrade all users to smartphones
  • Renegotiate the contract to get a significant non-profit discount
  • Utilize the minimal MDM features provided in ActiveSync
  • Outsource Exchange to a hosting provider
  • Allow staff to access Exchange accounts from our phones or their personal devices


  • Our cost has stayed the same but we were able to replace all cell phones with basic smart phones
  • All devices support ActiveSync
  • Calendar integration on Samsung phones has been challenging, but Touchdown is the solution for users with complicated scheduling needs
  • Contact sync to the Outlook contacts folder works well, but there is no automated way to synchronize everyone's work phone list (in those Exchange accounts)
  • Access to email from the internet has been a big plus for everyone, most people do not use OWA but a significant percentage use Activesync devices
  • After market app for PTT - which has not lived up to expectations, but the bottom line is that PTT stinks since the end of the Nextel iDEN network
  • We bit the bullet and replaced our Walkie Talkies, this turned out to be necessary from a safety perspective
  • Vastly easier to manage than BES, but somewhat less consistent results

Bottom line

The transition was way more work than I expected even with the carrier on site here. But 'nothing bad has happened'. There are flakey things with the phones - and there always were before too.
I think with no overreaching regulatory concerns, an MDM is serious overkill. Also in our opinion, going with a BYOD program (such as an employee rebate) is a drag on productivity.


A couple of interesting posts on the CITEworld conference website that seem to add fuel to the fire:

Thursday, August 15, 2013

Read Only Friday - Getting ready for vacation

Today I am getting ready for a vacation. Aside from avoiding major changes to the network environment as I do on Fridays - there are some additional tasks that I like to work through before going on vacation. Some of these are longer term efforts to get ready, some of them are things to do today.

Check Backups to be sure that they are running smoothly...
Train your coverage staff on items they will need such as:
- A refresher on the servers, and how to access them
- Any required passwords (or a password database)
- A list of vendor contacts for specific systems and areas
- Any specific procedures, such as how to on-board a new staff member, how to set up email, how to administer the spam filter
Check any systems such as patch management for errors, and resolve them before your last day.
Check your vendor contracts to be sure none require renewal while you are out, some vendors are very hard to deal with if you miss the renewal date (Citrix)

Make plans for how or if you will be reachable during your vacation.
I advocate disconnecting as much as possible, but if you are going to be in touch consider the network costs if you are traveling. You can use Skype, Google Hangouts, or Facetime to stay in touch if you have a Wifi connection at your destination. Your peeps at home can peep! You can share video if they have a computer and a camera.

Be careful with outrageous international coverage rates and even worse data roaming charges if you plan to leave the country. If you are leaving the country it is probably best to shut down your cellular network and only use Wifi. If you are traveling out of the country for a long period, and you want to be reachable it may be easiest to get a SIM card or a temporary phone when you arrive. One good recent feature in gmail, google voice and also in Outlook is SMS to email conversion. You could be able to text people from your email, without the cost of SMS messaging.

-- Update --
So now I am back from Europe, and a quick comment on travel network access. First, weird fact, in France and Spain Wifi is pronounced "Wiffy". I found that Skype was great, but even more so I set up my T-Mobile cellphone on Wifi calling. Text messages and telephone calls went out over the network for free, as I had disabled the cellular network. Text to my Google voice number translated into my email, and that was also helpful. But there were definitely times I could have used a local cell phone. Pretty good overall.

Friday, August 9, 2013

Read Only Friday - What's next?

For System Administrators and IT geeks - "Read Only Friday" is a great time to take care of cleaning the office, organizing and making minor changes to things that do not affect anything meaningful. Last post I wrote about cleaning up your email box as one example. Of course you have to take help desk calls, and put out fires. But keep the fingers away from anything dangerous lest you spend the weekend in a box!

Some interesting ideas for your Read Only Friday...

  1. When is "Friday" Thursday?
    1. Don't break an RSS Feed on Thursday, Don't apply patches willy nilly Thursday night (or run Windows update on a Friday)
  2. Do internet "research" - and I don't mean FaceBook - look into those product upgrades that you don't have time for the rest of the week. If you don't have money look into open source software that could solve a problem in your office. (Example - PDFCreator)
  3. Review the log files, you know, in your policy it says you review the security logs for this firewall and the backup logs from that server... Give it a once over and find out what you're missing that might bite you later.
  4. Submit your PCI SAQ (or insert other compliance document). Oh yeah, that's what I should be doing right now!
  5. Write up documentation, and make WINK videos training users on basic stuff.
  6. Wipe out old PC hard drives. You choose: DBAN or Sledgehammer!!!
  7. Set up old PC's to donate to a charity or staff.
  8. Catch up on back help desk entries...
  9. Do something for your partner (work, home, business - whatever!)
  10. Check the Tech News - this Friday: Obama Reportedly Holding Press Conference On Security Transparency Today At 3PM ET

Thanks to the Spiceworks watercooler for some ideas...

Friday, July 26, 2013

Friday is Empty Inbox Day!

Making "Read Only Friday" into "Day of Action Monday"

My boss came up with the idea that we should not get into any trouble on Fridays - lest we spend the weekend working on solving things we broke on Friday. A recruiter recently shared that some of her clients call it "Read-only Friday". And that about says it.

In this post I'd like to offer some thoughts on what to do on "Read-only Fridays" - namely how to wrangle your inbox into shape before you leave for the weekend. (O.K. I realize that many of us in IT don't have a weekend to speak of, but there it is...)

So, first - why would you want to wrestle with your inbox to begin with?

Have you ever experienced this? You come into the office fresh from the weekend, and everything is looking rosy until you open your email. And then you get this sinking feeling seeing all the messages you did not clear up the day, the week, or the month before? Most of the messages are vendor spewage, or outright spam. And how different really are the subject lines "Rich - Can we schedule ameeting for 1/2 Hour on Tuesday?" and "V I A G R A  C H E A P !"? 

But you have left those messages to age in your inbox like stinky European cheese and by now fully half of the messages that are not spam are questions that are no longer active or actionable. Over time this leads to a feeling of helplessness, and a sense of being overwhelmed. If only you could see at a glance which messages in that steaming pile - that "hot mess" are actually important?

So if Friday is "Read Only Friday", then let's make Monday our "Day of Action!" when we hit the ground running! Here is how...

Strategize the folders in your Inbox

Use a small number of folders, that are organized according to how "actionable" a message is. Are you going to respond immediately? Are you going to cycle back later when more information is available? Do you just need to file the message where you can find it later?

Why not have hundreds of specially organized folders? The main thing is that we need our messages to be findable. Can you take in all those folder names in a glance? Can you be disciplined enough to maintain the folders over time. Instead of creating lots of folders, create only as many as you need to organize your messages by how you will respond to them. Then learn and use the search feature of your email system to find specific messages in those few folders. Unless you have a personal assistant to organize your email for you - a complicated folder structure is not recommended.


Rules are made to be broken - I get hundreds of emails a day from automated systems - and these emails I need to have on hand and keep on file for a specific time period. I use rules to file them automatically into a few folders so they don't clutter up the inbox. And yes that adds to the number of folders in my view, but even so I only have six folders under my inbox!

The most important folders are: Inbox, Archive, ToDo, and Vendors.

Tasks or putting the Action in action...

I would argue against setting up a ToDo folder - because the premise there is that you will review the items in it later, like a task list. In my experience that never happens, so forget about that one. Instead just flag the message with a due date so that you get a reminder later on - or put it into your task list for later.

Converting your email messages into a task list is a discipline that you need to apply when you go through your work email. It's hard to get started, but it simplifies things a lot when you follow through. Why is that? It's because we don't have the capacity to hold more than one thought in our minds at a time. So - if you are trying to remind yourself about tasks that are not due today, or that you cannot act on today, your attention is divided from the tasks that are close at hand. And as we know only too well, attention divided leads to train wrecks.

OK so now we have folders and maybe even rules. And I'm going assume that you have already set up a SPAM filter, oh and don't forget that most commercial email and email lists you receive will allow you to unsubscribe from the marketing list using a link at the bottom. (Spend a half hour there unsubscribing and you will be surprised at the lightness of being you experience in the future.)


Tricks of clearing out the inbox

At the start you may have an inbox with several years of email. The goal is to reach nirvana, which is "Inbox Zero" - a term coined by Merlin Mann. You can find plenty of postings on this topic around the net. And even a discussion of the idea of declaring "email bankruptcy" where you just dump it all and give up. Perhaps impractical.

Email bankruptcy reminds me of an email server crash that occurred just before Christmas one year with no backups to be had.  Our VP was devastated because, as we learned, he stored all his contact information in email messages; but - our head of HR was ecstatic. "You mean I can ignore all those things that he told me to do before the holiday!!!"

Most of us do not have this luxury! Short of declaring bankruptcy, we need to learn how to manage our email. One of my favorite articles on managing email can be found on, and in the book "Upgrade your Life" by blogger Gina Trapani.

Approach the "hot mess" with a stick

So the thing is how do you approach several years or just a "hot mess" of email?
There are two arguments: "just start in and hack your way through", and "do a little each day."
It really depends on your temperament. I knew that I would not be able to get through my inbox doing a little each day, so I started by putting aside an afternoon with my email machete.

Rate emails by importance

Do you remember a childhood when you wrote away for an offer on the back of a cereal box? Boy it made you feel important when a letter or a box addressed to you came to the mailbox! In the early days of commercial email our systems were not connected, and every message was likely to have some importance. Then as we entered the era of internet email, unsolicited commercial email - or spam - began to flood our inboxes. And with email marketing today, even more of our email constitutes commercial marketing pitches. So even with a spam filter, at least 60% of our email is a marketing pitch of some kind. Needless to say we do not approach this rain of advertising with the anticipation of a little kid! Left uncontrolled it seems positively oppressive!

So what is the importance of each message? Why is that important? We're working to clear our plate of emails so that we can get down to business. But so often we are afraid to delete old messages.
We have to become connoisseurs of our email messages, and turn up our noses at any message that is not actionable. (Eeew, stinky spam! Yeeech, Nigerian scammer wants money! ) Any marketing message can be safely deleted - think about it - you're just going to get another in a few days from the same people!

Flip the column sort

My first trick is to use a rule to assign a category to every email from a coworker. Then I sort on the category and move all coworker's emails into my archive folder.

Now its time to sort on the From column. In this view all the marketing messages from a particular sender, or mailing list will be sorted in order. That makes it quick work to delete all the junk mail from the same sender with a quick mouse click. Also because you are now in the From sorted view
you can quickly apprehend particular correspondents. These are easily able to be deleted or moved into another folder. Delete, delete, delete! At this point you should be down to real email from correspondents outside your company.

The quick sort method

Flip the column sort back to "Date" or "Sent" view. Now we can get down to moving any items that are meaningful and actionable into our folder structure.  Along the way apply these rules:
  1. If you can respond immediately to a request - without further interaction - go ahead
    1. Don't stop to take on any projects!
  2. If you need to get back to somebody or work on something later do two things
    1. Let the person know that you will deal with it, and when
    2. Apply a "flag" to the message (a reminder to complete it on time), or put it in your task list
    3. Now relax a little bit each time because you don't have to worry that it will fall off your mental "list"!
  3. If the item you want to save is merely informational, put it in your Archive folder
    1. For me it is most important to track monthly online purchases, and for this I put all receipts into the Vendors folder. This is essential for filling out my monthly expense reports! It works so well I do this at my day job and at home for my home business!

The home stretch

At this point you should be able to wrassle the inbox itself down to zero. But of course we did cheat a little bit saving those emails in other folders, right?

If you use an email client like Outlook, or Apple Mail your emails are downloaded to your computer from a server. You may need to keep certain emails for a set length of time. Others you may want to keep longer. What I find is that I really don't often need email older than three years. Remember those automated messages I spoke about? They contain log files from various equipment... And those I am required to keep for a period of one year. And there are a lot of them! So periodically I run the archiving assistant in Microsoft Outlook.

The Outlook archive assistant can back up (archive) messages out of your inbox to a PST file, or it can delete the old messages.

What I do is keep only the last 6 months of information in most folders, and keep the emailed log data for a period of one year. Outlook allows you to set each folder with its own archive period - but you need to carefully start the archiving process to take advantage of this.



So I keep a minimum of email data in the email client program itself. However I use an archiving service that stores many more years of data in the cloud. That information is much more easily searched from a web page than an Outlook client bursting with messages!

If you are a home user, you could for example store most of your email in a Gmail account.
Gmail has its own concept of an archive. Old email messages are easily searched (Whether that is by you or the government is another discussion!)

The latest version of Gmail in beta as of July 2013 has tabs that correspond to categories similar to the folders I suggest above. It even filters marketing email into one folder automatically. And you can set up your own categories.

Alright - now you know what I will be doing with the last hour of my day today, Read Only Friday!

Friday, January 4, 2013

Windows DEFENDAH Offline

Is Windows Defendah a Contedah?

Helping one of my co-workers clean up his GF's PC. And have scanned it with Malwarebytes, Trend Micro Housecall... Installed my friend, Windows Security Essentials and removed all the Comcast junkware (which wasn't helping her much)... I thought the PC was clean but security essentials found something and suggested the offline scanner.

Through the rabbit hole I go...

First of all the 'infected' PC wants to burn a disc for the scanner.
Of course that fails. But then I find an MS blog regarding the tool:

So download and burn on a clean PC...

And this is great. But there are different downloadable EXEs and so... If you are trying to uninfect an X64 machine - you want to create an X64 DVD (download the X64 executeable).

To make a long story short, I found it much much clearer to download the ISO. Then I could burn the appropriate ISO (32 or 64) for the machine in question. The 32 bit CD will not run on an X64 system.
And if your clean pc is a 32 bit wonder, will it burn a 64bit CD?

You would think that 'offline' is not a positive marketing term - but this capability (if it works) makes Microsoft a contendah!