I read Tony Dye’s post on Wireless Safety: The VPN Question and wanted to share a comment. It turned into a post of its own, so I’ve moved it into one :-) Read his post first so this makes sense.

If a laptop user establishes a VPN connection to your corporate VPN server, and doesn’t use split tunneling (in other words, from the time they’re connected, all traffic goes through the VPN as its default gateway no matter what), assuming that you’re using a VPN client that verifies the identity of the server (rather than blindly trusting DNS, which is easily spoofable on a wireless network), the user moves from the realm of insecurity into a much more secure environment, similar to being plugged into your wired network at the office. Of course, then your office WAN connection has to support everything they do, including web browsing!

However, using a free or paid “VPN” service from a company that just turns your wireless connection into a VPN-enabled “wired” connection is only going to help thwart unencrypted wifi sniffing and other such attacks. Unless you also use SSL and other encryption technologies, those services are just giving you a wired internet connection just like your home connection rather than the easier-to-sniff unencrypted wireless. It’s better than nothing, but it’s not like an encrypted pipe into your own network.

Don’t discount unencrypted wireless attacks. It’s never happened to me, but if you hop over and read some of Security Monkey’s case files at you’ll discover that there’s a lot of bad stuff going on in the world on computers :-) Those case files are slightly modified true stories from this guy’s career! His old 2005-2007 podcast episodes are worth listening to for some cool security tips and tools as well, to digress for a moment!

I don’t have a good answer; VPN connections to the office make internet run very slowly unless you have the WAN bandwidth to support fast throughput to and from all your remote users including web browsing! But that’s a much more secure way to operate. The number of ways wireless can be hijacked, sniffed, spoofed, and hacked, especially if it’s unencrypted to begin with, is downright scary! At the very least use SSL with verified certificates for anything you do of any importance (or if passwords are transmitted) on an encrypted wireless connection. As an IT guy, I can tell you (or myself) whether a particular session (POP3, IMAP, RPC over HTTP, HTTPS, etc.) is happening over an encrypted connection or not and can be careful. However, the average user is, obviously, not going to know or even care necessarily if Outlook is using POP3 unencrypted or via SSL, or using RPC over HTTPS securely. And if they log into Gmail, they’re not likely to know that although their password is always encrypted on login, their email is transmitted in the clear unless they initiate the session using SSL from the start (using https://mail.google.com rather than http://mail.google.com). Even if their email contains passwords and confirmations for other accounts!

Stuart mentioned WiTopia on his comment to Tony’s original post. I’d never heard of them before, but I’ve seen similar services to their personalVPN product. That service appears to be, like I mentioned above, just a way to get a “wired quality” connection to the internet over unsecured wireless. An admirable service and a worthy goal even with its limitations, but what caught my eye even more was their SecureMyWifi service. It’s still a wireless service but it has to do with your own on-campus wireless access. It lets you move away from using WPA with a Pre-Shared Key (PSK), also known as WPA-Personal, and use their RADIUS services to authenticate users individually to your encrypted wireless access points. It seems a bit pricey (to me–it’s currently a $99 setup fee, $99/year for one access point, and $14.95/year for each additional access point), but we have the same thing set up using Microsoft’s free (built-in on Windows Server 2003) IAS RADIUS server in-house. If you aren’t familiar with how to set it all up, the WiTopia service could be quite beneficial! They charge per access point, but at Lakeview we have a centrally-managed access points system with one controller that takes care of authentication. I assume that the WiTopia service is based on unique RADIUS keys for each access point client; since the central controller (currently running 12 access points) acts as a single client, it should look like “one” access point to the service. Whether or not this is allowed with their terms of service I have no idea; we are not likely going to use the service since I already do this in-house for free, but I would recommend reading the terms and/or contacting them if you plan on doing something similar to remain in the spirit of their offering.

I hope everyone had a great holiday weekend! In case you haven’t noticed, I’ve not posted much recently. Chalk it up to being busy at work and at home. Actually, part of it is that using and reading Twitter and the #citrt chat channel on IRC has sapped a lot of what I’ve had to say, and I haven’t used any extra time for writing. I’ve been moving from one thing to the next, keeping busy and thinking “oh yeah, I should blog about this,” only to forget that completely and move on to the next thing! But enough about that…don’t you hate it when people ramble on about why they haven’t been blogging? :-) (Twitter’s limit of 140 characters does help to tweak writing efficiency!) Here’s some random stuff:

I’m trying to get a 90-day trial of Microsoft System Center Essentials 2007 (SCE) installed. The non-profit charity pricing is under $400, so if I like it I’m hoping to buy it this Fall. Right now, I’d be happy to get it installed! After attempting to install the software (at Service Pack 1) on a virtual Server 2008 machine and failing (you have to install SQL Server Express 2005 with SP2 manually first, which I did, but it kept complaining that I needed to run the Configuration for SQL Reporting Server…which I did! The best I could, at least, but it kept complaining I hadn’t!), I finally switched to a Server 2003 virtual server. 3/4ths of the way through the install it failed saying it couldn’t contact the SQL server (that it installed) so it rolled everything back (the install and the rollback both took an hour!). I’m spending the time installing all the Windows Updates that are available for Server 2003 before trying again, which are a lot! Was trying to try it out quickly and update later, but obviously that’s not going to work! The concept of SCE is very cool but if it’s this hard to install, it better be a whole lot easier to use!

I’m probably the last person to post this, but the Fall 2008 Church IT Roundtable has an official website now! Visit (and subscribe to!) citrt2008.com for updates, details, and links to other update methods like Twitter! It’s being held at Seacoast Church in Mount Pleasant, SC on October 8-10. Be there or be…there streaming online or in the chat or something :-)

I’m getting ready to switch over to Small Business Server (SBS) 2003 Premium from a non-SBS, non-Exchange network at the Assemblies of God Indiana District Office where I work one day per week. It’s been in the works for a long time, but the official switchover is scheduled to happen June 6th and 7th (Friday and Saturday) with the 8th available if spare time is needed and some on-site support on Monday morning the 9th to work through any kinks. I’m confident in things going smoothly, but that could just be a lack of knowledge on my part (see the Dunning-Kruger effect :-) My plan is to get Postini installed in front of Exchange at the same time or shortly thereafter. I may get around to broadcasting some of the switch via webcam, but there will be some internet downtime while ISA 2004 is brought up and configured so we’ll see how that works.

In still other news, I’m going to be trialing FeedBlitz for sending out email newsletters for our Worship and Creative Ministries team in the next few weeks. I’m curious to see how that goes; I know Constant Contact is the well-known name in that space and we’re open to going with them as well. Pricing is the same for our subscriber levels, but FeedBlitz seems to have the corner on social features including publishing email from an RSS feed and now sending out messages via Twitter as well so we’re going to try it first I think.

It gets harder to blog stuff the longer I go without doing so. I seem to pressure myself to “write long, big post with a ton of juicy technical information” as the first post back from an absence. I also seem to subconciously want to post only big, important stuff to avoid wasting time with any smaller things. This contributes to not posting at all! Thus, I will attempt to be less picky about what I’m posting or the length of posts in order to keep going, while still providing some good, solid information! I may also kick up the number of shorter posts with links to other content, or republish the occasional funny comic, but will try to keep the “noise” down. Feel free to leave feedback in the comments about what you’d like to see, one way or another!

One more thing: I have Woopra set up for statistics tracking on this blog now. I don’t run the client often right now, but when I do it allows me to chat with visitors in real time! So if you’re reading this on the website and not via RSS, I can actually initate a chat with you! It’s unlikely, but keep it in mind! If you want to start a chat with me, you can do so via the Google Talk Chatback badge, currently in the sidebar menus on the site. No registration is required. If I’m not at my computer, you won’t get a response, sorry! I try to keep my availability status updated but I don’t always succeed. Try the #citrt channel on IRC or just send me an email (use the Contact Me page) if it’s that important! Blog comments are preferred if it’s a public topic or question, though!

The two videos that Tony Dye posted about the Juggling FMer are quite possibly my two favorite videos of all time (although my wife would prefer I put our wedding video at the top I think :-) Although related to Facilities Management, they apply equally well in most cases to Information Technology, and are thus quite hilarious to anyone in either field! Must-watch! We were treated to these videos by Clif Guy at last Fall’s Church IT Roundtable, and I’ve been anxiously awaiting their further availability as I have several people, including Lakeview’s own Facilities Manager (“FMer”), who I want to show them to! Thanks to Dick Cooper, the juggler himself, as well as to Clif Guy and Tony Dye for sharing and putting these things online!

What is Facilities Management?

(View Video 1 directly on YouTube – makes full-screen option available)

Metaphors using sharp objects, plus “The Howling FMer”

(View Video 2 directly on YouTube – makes full-screen option available)

Well, it’s Mothers Day again. It didn’t used to be quite as big a deal as it is now. There are two reasons for that. One is that growing up, my Dad always made sure my brother and I had something nice for our Mom for Mother’s Day, and did something nice for her. Go Dad! That was a cool way for him to help support his wife, by making sure their kids remembered and observed Mothers Day!

The second reason the day is a bigger deal for me is that in the past few years, I’ve made a dramatic jump in Mothers from one to three! First, I got married back in 2005, obtaining in the process stepmother Viv, bringing my Mom Total suddenly to two, which was twice as many as I’d ever had before! Then, fourteen really, really short, very short months later (did I mention they were short?), this awesome woman I married (some people call her Ruth, I usually call her Sweetie) added Mom to her title! (It’s arguable she became a mom about 0.75 months prior depending on how you count. Let’s just say I’ve been told I share some of the blame for her new title :-) Just because she’s not my Mom doesn’t mean she’s any less important than the others!

For now, she’s actually the most important on Mothers Day, because our son pretty much thinks every day is Mothers Day. As in, he should have the full attention of his mother every day, all day, whenever he wants it. Not as in, making or buying cool stuff and doing cool things for “Ma Ma” on a particular Sunday in May! Fortunately, he’s started to have fun coloring in the last couple of weeks and when my mom was watching him last Thursday she had him color a nice Mother’s Day card! I guess my mom’s still helping me out by getting something together for my son to give his mom :-) I’ll have to do a bit more work next year to fill my dad’s shoes and help my son figure out something as cool!

I say all this to say three things:

1. That moms are cool, the natural ones, the in-laws, and the one you get to personally select for your kids.
2. The older you get, the more moms you have, as a general rule.
3. Moms deserve more than we kids and dads give them.

Thanks for reading my random thoughts about awesome Moms, on the appropriate day of the year. Of course, that day really comes every day. But at least express it well on the one everyone talks about! I’ve got all three of the moms I’m talking about here with me all this afternoon…it’s great to hang out with them all. Even if we’re alternating between hanging out, games, and taking naps!

Given that I’ve never been interviewed before, I’m probably taking the risk of sounding incredibly dumb in public (well, I took that risk already but now I’m doing more damage by telling you about it!) by mentioning that I was interviewed for the JesusGeek Podcast. John Wilkerson, aka Jesus Geek, was interested in how we have used WordPress as Lakeview Church’s web content mangement system so he asked me to fill him and his listeners in on the details. I’ll be listening to the podcast episode tomorrow (I’ve been catching up on some of his past episodes recently and have picked up some good tips!), so you can listen right along with me on your own commute :-)

If you don’t use a podcatcher such as iTunes to subscribe to podcasts, you can subscribe in Google Reader and stream episodes from your web browser, in addition to just downloading the MP3 file from the JesusGeek post directly.

The interview was complicated by a few connection losses while recording, so if the audio sounds awesome John gets the credit for making it work anyway, and if it has any issues, blame me! I also lost my notes about which WordPress plugins I was going to talk about in my XP-to-Vista conversion on my laptop and didn’t realize it until we were recording, so that was a bit more off-the-cuff than I had intended. Live and learn!

This past Friday I attended my first Indy Christian Geeks lunch, where I was invited a couple of weeks ago by Dr. Thomas Ho from IUPUI’s Computer Information Department (where I’m currently a half-time student). I hear the group is bigger, but there were six plus me last week, and we ate at the food court of an ethnic grocery store where food was available from three countries (we all ate Korean), and I had the Fried Rice with Chicken, which was very good. The Geeks lunch is always on the last Friday of the month, so it’s easy to remember.

The basic idea I gather is that the group is a way for Christian geeks to fellowship and share, similar to the Church IT Roundtable concept only smaller and not focused specifically on “church IT” and more on a shared love of Christ and electronic gadgets. I didn’t take my laptop, but without it I felt in the minority, although I think it might have been split 50/50! My Nokia N800 was charging or I would have taken that at least!

I’m sure I’m leaving someone or something out, and it was great meeting everyone, but I met a few people at lunch that were particularly relevant to my present activities. One was Neil Cox, aka IndyChristian. Neil is a local Indianapolis blogger who has been using social media extensively to help his life and with Christian outreach. I have been accumulating del.icio.us bookmarks for a while and have over 1,700 links saved, but Neil has several times that! I like Web 2.0 technology and social networking and it’s nice to meet someone else in town who shares a similar interest! Of course, Dr. Ho is also quite into social media, but is currently using Twitter the most (granted, I have been too!).

Eldon Kibbey was the first person I saw when I showed up for lunch. He was at a table by himself, but as he had a laptop open I figured it was a safe bet to head over and introduce myself. The bet was as safe as I thought! Eldon’s the Director of the Christian BusinessMen’s Connection (CBMC) Indiana and is also the Transform Indiana Moderator.

I also met Tom Buckley, who works for Exacq, a company I was only vaguely familiar with before that I’m taking a much stronger interest in now! They make security camera software that I can’t wait to get my hands on and try, both because it’s cool and because we’ve been having some security camera issues that I may get around to blogging about. (Exacq is pronounced just like the word “exact” without the “t” at the end, by the way.) Because they run a demo system in their offices that records 24/7, Exacq managed to get some footage from their office cameras of the recent earthquake in Illinois that they put on their blog and it was picked up by several news stations. Ironically, the company that installed our current security system was Vigilcorp, whose offices are in the same building as Exacq and who now sells primarily Exacq systems, which was not the case when they put ours in. We really like the guys at Vigilcorp and I really like Tom at Exacq, which is a good combination!

Alex Connor, an IUPUI student and programmer/web developer who also maintains the IndyChristianGeeks.com website, was also at the meeting banging away on some code, along with a woman who stopped in a little bit later whose name I have unfortunately temporarily forgotten.

This seems to be a great group to get to know, and an excellent way to get into the local Christian IT community and not just the online one, not that there’s anything wrong with either. But I think this may help (even though most of the Geeks aren’t necessarily “church IT” geeks in the same sense that I am, or many of the CITRT folks are) with my eventual goal of bringing together a Central Indiana Church IT Roundtable as a regional extension of the national CITRT. I’m already making contacts in that direction, but I don’t have any firm plans. If you do IT at a local church here in or around Indy, in a paid or volunteer capacity, why not get in touch with me and start a relationship? We can work towards a Roundtable, which I think would be beneficial to everyone. I’m not the most outgoing person I’ll be the first to admit (which makes meeting new people and sometimes even working with people I don’t know very well a challenge outside of my comfort zone), but if you get me started talking tech you’ll have a friend you may not be able to shut up once in a while! I’m definitely planning to be at next month’s Indy Christian Geeks lunch barring last-minute schedule conflicts!

When I moved from Office 2003 to Office 2007, personally, I had a learning curve like everyone else when I had to figure out where all the commands I knew had gone! I adjusted rather quickly and I think the new “Ribbon” in Office 2007 organizes commands in a much more logical fashion than previous versions. I’ve adjusted, but even now sometimes there’s a command I’m just not sure where to find, or what it’s called. That’s where this great little add-in, still in pre-release, comes in. It’s called Search Commands from Microsoft Labs, and it just adds another item to the Ribbon in Office Word, Excel, and PowerPoint 2007 that resembles the live search box in Vista or Windows Desktop Search in XP but instead helps you locate the menu option you’re looking for! I’ve tried it briefly in Word and it seems very helpful. I’m probably going to give it a better workout soon, but I really, really like the Start Menu search-to-launch system in Vista, which does bias me towards this other “search to help” tool…it’s well done!

Don’t forget, it’s pre-release code right now and it requires Vista or XP 32-bit editions only right now, and of course Office 2007 (works with Word, Excel, and PowerPoint only). That said, check it out if you can!

The most popular post, nay, page on this site is my post on the Outlook 2007 PDF Previewer add-on that has since been pulled from circulation due to Adobe Reader building the feature into version 8.1. Additionally, Tim Heuer wrote a similar PDF preview utility utilizing the Foxit PDF engine, which is much faster than Adobe Reader in my experience. I just finished updating my post again to link to the Foxit versions of the utility as well, since that post overshadows even hits to my homepage by a wide margin it’s still so popular! Apparently searching Google for how to preview PDFs in Outlook 2007 is quite a popular pastime. If you want links to all that stuff, this is a reminder you can head over to my original post to find them all! This is just a reminder and a note that I’ve updated the post yet again to keep it useful for everyone.

OK so this is a little nitpicky, but it’s got me slightly annoyed with Scholarpedia because they don’t appear to publish any contact information. Here’s how I got there in the first place (why do I tell you? To confuse you, of course!): Through a chain I won’t make you follow (and probably couldn’t recall), I ended up at Mark Jaquith’s Twitter page (he’s a core developer for WordPress if you were unaware). I ended up clicking on the link in his then-newest update to his own blog’s contact info (he was linking there for a guy named Jeffro (Jeff Eaton) (I made a mistake in my original post and thought this was Jeffro2pt0, but I was incorrect; apologies!). “Hey, why not check out Mark’s blog while I’m 95% of the way there?” methinks. Latest post is titled How I visualize the months of the year and I click through to see the comment by Austin Matzko (aka filosofo) (Most of these are guys who develop WordPress or Plugins for WordPress).

Austin, in his comment, links to an article in Scholoarpedia on Synesthesia which I begin to read and find rather interesting. However, as I get down to the “Top down and contextual effects” portion of the article, I notice that there’s a sentence with a typo in it, specifically “The second experiment (6) used an ambiguous grapheme (‘A’ or ‘H’) embedded either in between ‘T’ and ‘E’ (as in ‘THE’) or between ‘C’ and ‘A’ (‘CAT’).” If you notice, at the end there, the ambiguous grapheme as an ‘A’ really is between ‘C’ and ‘T’, not between ‘C’ and ‘A’ as the sentence states (this makes more sense looking at the image provided in the article to illustrate).

Now, I was feeling generous and figured, hey, why not mention this to someone at the site so they can fix it? Actually, my first thought, being linked into the middle of the article, was “I already have a Wikipedia account, I’ll just fix this for them real quick.” Of course, they use the same MediaWiki software and default theme (hence the confusion, especially when linked to an anchor within an article), but Scholarpedia is not actually Wikipedia, as I quickly infer (and I haven’t had a scientific paper with a model named after me published with over 250 hits in Google–yet, if ever–so I can’t create an account). No problem, I’m sure there’s a contact form around. Nope. I can’t find one, anywhere on the site. Well, I just noticed the only email address I’ve run across on the site, suggestions @ scholarpedia.org, hidden away on the detailed requirements for authors page. No useful information on the About page, or the Help page. Oh wait, on the Instructions for authors page, it does have a random other email address, for a specific person. But they seem pretty much of the opinion that if you aren’t a famous scientist, you have no need to contact them about anything. Ironically, their Copyright page even says to “Contact Scholarpedia for copyright details.” Without mentioning a way to do so.

Oh well, maybe I’ll grab those two random email addresses I found and send them a quick note. If I get around to it; they can certainly find it here if they bother to look. I guess sometimes it takes is someone who graduated high school after being homeschooled to find the errors the super-genius scientists miss… ;-)

Thus ends this rant. Thanks, I feel better now. School 100% complete for the semester as of a very short time ago, so I’m quite happy to work the hot-air typing muscles for a few before getting to bed later than I should, again (but the exam got completed and submitted!).

A server was stolen from a debt-collection agency in Indianapolis last month, which meant 700,000 names, addresses, phone numbers, and of course, social security numbers are out there. It’s supposedly the largest computer security breach in Indiana history. Given the fact that it’s a debt-collection agency that lost the records (which were supposedly “protected by two passwords, but was not encrypted…[and] had been stored behind three locked doors.”), if you live in Indiana but never had late bills go to collections, you shouldn’t be directly affected, although there’s a hotline you can call to verify. Original details and report are available at the Indy Star, at least for the time being (they tend to lock up articles after a certain amount of time and make you pay for them).

This is just one more step in the growth of identify theft, which is becoming more and more of a problem (I won’t bore you with the details of other theft cases, if you’re in the IT field I you probably know about them already!). I hope they figure out a better way to protect this stuff before it gets as common as spam as gotten. But I know the technical sophistication required by every single business to make that a reality, and I don’t think the problem is going away any time soon.

On the personal front, I’m in Ohio this weekend for my brother-in-law’s wedding, and I only have one week of schoolwork left for this semester before being freed to spend some more time blogging; I’m looking forward to getting back into the swing of things! I have managed to stick around the #citrt Freenode IRC channel on a consistent basis, and I’ve stayed reasonably active on Twitter since MinistryTECH and the Roundtable, which I’m still catching up from at work (but getting close to the normal level of “behind” :-)