Routine maintenance is routine.


While Macs are much less cumbersome when it comes to updating, fixing and fiddling, they are not without those needs entirely. On a regular basis, you do need to go through some tasks to keep your OS X computer running smoothly and safely.

Once a week, I go through a maintenance procedure on my iMac and MacBook just to keep everything going the way I want it to go. The process is simple, and gets the job done without wasting a lot of time. The whole shebang should take less than 30 minutes a week unless there are a large number of updates, so find some time and get it done.

Here’s my weekly procedures, your mileage may vary, but feel free to copy my methods =)

1 – Software Update. Apple generally posts updates for OS X about once per month, but if there’s an emergency (like the recent Flashback malware) they can release updates much more often. Once a week is a good trade-off between being a time-consuming drudge and keeping everything updated and safe.

To run Software Update, click the Apple menu and choose “Software Update…” and follow the instructions that come up on screen. If there are no updates, the process takes about a minute. With updates the time varies, but even massive updates seem to finish within 30 minutes or so.

2 – App Store. If you have any software from the Mac App Store, then go to Apple Menu, “App Store…” and click on the Updates tab at the top. Download any updates to installed applications.

With no updates, the process is also less than a minute. If you have updates, the time varies, but is generally less than 15 minutes start to finish even if a lot of programs need updates.

3 – Check for other app updates. I use MacUpdate Desktop and rave about it quite a lot. One of the reasons is that it can find updates for just about every app I use on my Macs, and deliver the updates to me with a few clicks.

If you don’t want to use MacUpdate, you can always open each of your apps and look under the name of the app in the menu bar, or sometimes the help menu, and check for updates. This is much more time consuming, but will still get you updated.

4 – Run maintenance tasks. There is a great freeware tool called Onyx that will help you perform routine maintenance tasks on your Mac in a very user-friendly way. The tool can perform all the tasks I do each week, including:

– Cleaning up caches, trashes and miscellaneous data that hangs around after it’s no longer welcome

– Running the OS X monthly, weekly, and daily maintenance tasks

– Performing a Repair Permissions run on the OS X system volume

These steps improve performance, correct minor issues and head off problems that may be brewing in the background. The whole process takes about 15 minutes, and the Onyx user interface makes it very easy to perform.

Take half an hour, once a week, and keep everything in running order. You’ll be safer (by getting and installing updates that plug security holes), faster (by removing old cache files and patching permissions errors), and better (by getting the latest versions of your apps with their bug fixes).

Photo Credit: JanneM

It’s about communication


As with any form of transferring information, social media can become mired in the idea of broadcasting information out, instead of being true communication.

Take Twitter, for example. Many folks use this networking tool as a broadcast medium. They send out dozens of tweets, but never interact with anyone else. Others do nothing but retweet and repost, but do not listen for feedback. This is a one-way broadcast, not a true communication or collaboration.

Facebook, G+ and Pinterest can be the same way, with people blasting out update after update and pin after pin, but not listening to what other folks are saying in comments or in their own independent posts.

Falling into the trap of broadcasting only can be a killer for any Information Worker. We’re planning to use social media to communicate with customers, potential clients and others; but in reality we’re just screaming into the wilderness. That means the message will quickly get lost.

It’s relatively easy to communicate instead of broadcast, but it does take a little effort. Here’s a few simple ideas to keep in mind:

– Follow other people. So many folks on Twitter just send out information, but follow so few people back that they cannot possibly be listening to what’s out there. This isn’t to say that you should automatically follow everyone, or that you should randomly follow folks. See who interacts with you, and pick some people who you want to interact with. Then follow those people to foster a two-way communication stream.

– Reply and answer back. In addition to posting, read the timelines of those you follow and those who comment on your posts. Reply to them to say thanks, or to ask questions or make comments to foster more dialog. This doesn’t have to be an all-consuming time-sink, just a few minutes here and there in your day is enough for most people.

– Do share links and retweet/repost, but don’t flood your timeline. Forwarding on things you find that are part of your message is a great idea, but a constant stream of links and RT’s can put people off. Instead, use a service like Buffer to spread out your links and other posts so that you reach more people in more places. This gives you the ability to start a dialog with more people in more places, too.

– Talk about other things. Yes, we – as info professionals – mostly talk about what we’re doing/selling/creating. That’s normal and expected, but shouldn’t be the only thing in your timeline. Talk about what’s going on around you – such as local cultural and sporting events happening near you. This allows people to see that you’re not a one-trick-pony, but rather a real person who is willing to talk, not just broadcast. This shouldn’t be forced, however. Pick things you’re interested in to talk about. Got a hobby, play certain games or have an interesting side-job? Talk about those things, so you can show that you’re interested in more than just the corporate message.

Remember, social networking is networking. Multiple people sharing information and talking to each other. Don’t fall into the trap of making your social media streams become a loudspeaker that tunes out anyone else online.

Photo Credit: Wayne Large

What is multi-tenancy?


For virtual solutions, the idea of having multiple customers leveraging the same infrastructure is nothing new. The whole theory of operations is that instances of applications and entire OS’s can run simultaneously on one piece of physical hardware. However, with the advent of Public Cloud systems, the challenge is to let that happen when not all the users of a particular system get along or like to share.

The issue isn’t that multiple users leverage the same systems, but rather that multiple users who cannot or do not want to share data and resources are acting on the same systems at the same time. Think of Amazon Web Services: customers who do not want their data shared with each other (like Netflix and Amazon’s own streaming product line) can and do co-exist on the same data systems. AWS has to keep the platform shared, but the data and operations separated.

In addition to data segregation, administration must also remain separate. Customers A and B need to be able to monitor and maintain their instances, but cannot see or touch each others instances of apps and servers.

Finally, billing is dependent on the amount of users and/or data/storage/transmission bandwidth that each organization uses. So the service provider needs to be able to bill each customer independently, even though they’re all using the same infrastructure.

And so, multi-tenancy, according to Wikipedia:

refers to a principle in software architecture where a single instance of the software runs on a server, serving multiple client organizations (tenants).

Simply stated, multi-tenancy is what lets unique infrastructure components (like VM hosts and apps) be shared safely and effectively by multiple users and groups.

Photo Credit: Steve-h or Outlook 2011?


Recently, I had a conversation on Twitter with a friend who was considering what tools his end-users should be using to access Exchange-based email on their OS X clients. Apparently many of the employees of his firm are on – or are switching to – Macs at home, and wanted to know what to use to access the corporate mail systems.

After going back and forth with him, I decided to do a blog post here about what the two bigger tools, and Outlook 2011, could offer in terms of strengths and weaknesses.

Only recently, with the advent of Exchange 2007 in the mainstream, the native email app for OS X started being able to connect to Exchange using native protocols (ActiveSync/Outlook Anywhere). That doesn’t mean it doesn’t work with earlier versions, but it did so over IMAP and POP protocols, which many organizations do not allow outside the corporate network. Now, however, it’s a real competitor to Outlook on the OS X platform, and so a lot of users are looking at it for corporate mail.


– Native to OS X, so no need to install additional software or acquire additional end-user licensing (you still need CAL’s for Exchange, though)

– Familiar interface to users who mainly use Macs

– Single email client for home and office mail (both a pro and a con)


– Requires three apps (Mail, Calendar, Address Book/Contacts) to accomplish the common business tasks that Exchange is used for

– Mixes all email accounts, signatures, etc. in one mail client (both a pro and a con)

– Less corporate control over end-user data. Organizations can still disconnect accounts, but many Outlook-only data control measures and archiving systems won’t work (It should be noted that many archiving tools don’t work in Outlook 2011 either, but some do)

Outlook 2011

The de-facto standard for Exchange Email, Outlook has always been the preferred client for corporate users on Windows. Until Office 2011, the only option on Mac was Entourage, which has not be a well-loved piece of software. In 2011, Microsoft released the latest version of Office for Mac, which included a full-feature version of Outlook specifically designed for the OS X world.


– Comes as part of Office 2011, which is probably already installed due to wanting to work with native MSFT apps for Word Documents, Excel Spreadsheets, etc. (Yes, I know that Apple has apps for those too, but for Windows-based companies, using the Office Suite is likely)

– Allows for segregation of user personal email from work email

– Has mail, calendar and contact functions in one application


– Requires licensing for Office 2011 for each end-user

– Requires Exchange 2007 and up (for native Exchange protocols)

– Looks/feels/acts differently than most Mac apps (uses the MSFT Ribbon and doesn’t sync to the Address Book/Contacts app by default, for example)

What both do:

– IMAP, POP and ActiveSync/Outlook Anywhere protocols with or without a VPN

– Can sync contacts, calendar events and email

So who wins?

This is a tough call. For those who refuse to have Office 2011 on their machines, then is the preferred choice. For those who don’t mind a few MSFT apps on their OS X boxes, there are a lot of benefits to going with Outlook – especially if you keep both personal and corporate mail on your Mac.

For me, I went with Outlook for my corporate mail. I use for my personal accounts, and didn’t want to have to worry about accidentally sending personal mail to corporate contacts or vice versa. I also have Office 2011 installed for some interop reasons in the work I do, and therefore already had Outlook installed on my Macs.

Take a look at the pros and cons, but for an off-the-cuff opinion, I recommend Outlook 2011 for Exchange Server, for everything else.

Photo Credit: Tim Morgan

HP Jumps in the Cloud Game

HPChipEarlier this week, HP announced it is getting into the game on cloud. In and of itself, the announcement isn’t a shock, as many hardware makers are re-tooling for the reality of hosted applications and servers in cloud configurations. However, I was impressed by the depth of what they’ve been working on at HP.

In addition to a public cloud offering – which will be the first piece of the tech they beta in May – HP is ramping up a few other services to compliment it:

CloudMap systems which create ready-to-go images and applications to encourage roll-out into cloud resources. This isn’t new, as Amazon has had pre-built images from nearly the get-go, but very nice to see.

Virtual Private Clouds for enterprises that want flexibility but don’t need or want the general public to access their cloud plant. Again, not new, but a good sign that HP realizes that just saying they have a cloud solution isn’t enough for most organizations to get on board.

Services offerings wrapped around all of this to allow an enterprise to just define what they want to put in the cloud, and have HP figure out how to get it done.

Brining both the platform and the services in-house is a welcome sign that big manufacturers have begun to truly embrace distributed resources. Just saying “We do cloud” is nice, but doesn’t help anyone get there. HP’s decision to offer hand-holding to firms that don’t have the internal resources to build out these things will make adoption in larger firms easier.

Of course, that leads to bigger contracts for HP, but everything has a trade-off.

Photo Credit: Luigi Rosa

So what the heck *IS* Flashback?

TrojanHorseA lot of noise has flooded into the net over the last few days surrounding a piece of malware called “Flashback.” Here’s what you need to know:

1 – What is it?

– First things first, it is NOT a virus. Computer viruses are malicious programs capable of copying themselves across networks. The user doesn’t have to do anything to get infected.

– It is, however, a trojan. Trojans (named after the famous horse in Homer’s writings) get on your computer by pretending to be, or hiding themselves in, some software you want to install. You get tricked into running some software, such as an update to Flash Player as in this case, and the malware gets installed instead.

– This particular trojan installs a back-door into your Mac, that allows malware writers to check in with websites and download other software you don’t want onto your machine over time. It does this by forcing your web browsers to load pages any time they are opened up (and silently); and it forces the browsers to open up just in case you weren’t planning on doing that yourself.

– More insidiously, the malware disables the native, limited, virus protection system in OS X, and therefore this program can render your machine vulnerable to older, known threats.

– Both Snow Leopard and Lion are vulnerable if you installed Java. Since many applications use Java, the Java runtimes are most likely already installed on your Mac.

2 – How do I get it?

Flashback is downloaded from websites where you see alerts that you need to update Adobe Flash Player (which is where it gets its name). Since the malware has been carefully built to look like an Adobe Flash installer, many users think they’re just getting updated software and authorize the installer with their Administrator Password.

That’s all it takes, as once the trojan has your admin password, it has free rein to do whatever it wants.

3 – How do I know if I have it?

Finding Flashback is a little tricky. There are some apps that seem to be able to detect it, but that means downloading and installing another app, which may not be the best method. Instead, look in the Utilities folder in your Applications folder and look for the Terminal app.

Then, in Terminal, copy and paste the following three commands, hitting the Enter key after each one:

defaults read ~/.MacOSX/environment DYLD_INSERT_LIBRARIES

defaults read /Applications/ LSEnvironment

defaults read /Applications/ LSEnvironment

After you run each command, you should see a message that ends in “… does not exist” If you have any other response except one that ends with that phrase (does not exist) then you have most likely got a Flashback infection. Thanks to for the instructions

4 – How do I get rid of it?

Removal of Flashback is not easy or automated. There will be a removal app from Apple in the near future, but you should not wait. F-Secure has a set of instructions for manual removal that you can perform today, but they’re not a set of simple point-and-click things. You’ll have to use Terminal, and keep a notepad handy to keep track of information.

Reach out to an expert if you need assistance, as you definitely don’t want this hanging out on your Mac until Apple finally releases the automated Flashback Remover app.

5 – OK, my Mac is clean (or I cleaned it up), now what?

First, make sure you update your Mac with the latest OS X software. Click the Apple menu and choose “Software Updates…” to check for new software and tools from Apple. The latest updates for Snow Leopard and Lion have security updates to Java that block Flashback from being able to install. I do this once a week, though it’s very rare that Apple releases more than one set of updates per month.

Next, install anti-malware software. We all know that Macs are not immune from malware, and you need to protect yourself. Sophos, Intego and others make great anti-malware software for Macs. Sophos Anti-Virus for Mac (which I’m currently using) is even free for home use.

Also, get a two-way firewall package if you can afford it. For example, Little-Snitch is a great tool that is very user-friendly and lets you know when things on your Mac are trying to talk to the outside world. You can choose to allow the connection once, forever, or block it if you think it shouldn’t be phoning home.

Little-Snitch is so good at its job that the makers of Flashback wrote a special routine into the software to look for it, and give up trying to install if L-S is installed. It’s not free (it’s about US$30) but definitely worth it if you have the funds available.

Finally, always remember to only accept application updates from one of three sources:

1 – You used the “Check for Updates” system inside the application itself.

2 – The update is delivered via the “Software Updates…” system in OS X

3 – You went to the vendor’s site manually (not via a link or in an email) and download the update directly from them

Any other time software wants to update, or install for that matter, cancel out and seek that software from one of the three sources above.

Stay clam, stay safe, and remember that every OS can be hit with malware. This isn’t the first time it’s happened on a Mac, and it certainly won’t be the last.

Photo Credit: Tama Leaver

What We Can Learn from the Instagram Buyout…

Money1It’s not news to anyone that Facebook bought out Instagram for One Billion US Dollars.

For me this was a bit of a kick in the gut, as I had just recently left Facebook over concerns about how they use personal data (see last blog post on this site).

So what did I learn from seeing an app I love being scooped up by a site I would rather not be part of?

– Be wary of anything free.

Free software that is not ad-supported should be a gigantic warning sign whenever you see it. If an app has no revenue stream, then it has no purpose but to get itself acquired by some larger company that actually makes money. Hat-Tip to several folks I follow on twitter (@miketalonnyc) who have already posted quite a lot of info on this phenomenon.

– Never assume your data is going to stay put.

When FB integrates Instagram, you can be sure that all the photos you have taken on the indie app will end up on Facebook. Whenever you post something online, just take it for granted that it will eventually become public. No matter if because a site changes its policies, or gets bought by a company with different policies, any data that you don’t hold on your local machine will eventually be seen by everyone.

– Always know how to remove (and how to keep) your stuff.

Instagram has a page where you can delete your account – so you can indeed remove all the data they have from you. That doesn’t help much if you actually want to keep all your photos and move them elsewhere. Sites like can give you a backup of your photos before you delete them, and even move them over to another site if you want. Note that this site is also a free app, but at least they take donations so they have *some* kind of revenue stream going.

– Know where to go next.

There are generally many apps that can do something you want to do. Finding the right one is tough, though, as many of those apps are bad ripoffs of the one you need to get rid of. Sites like AppAdvice can help sort through the crap to find the good tools.

As for my personal feelings on Instagram:

It was a great tool that did some nifty things with photos. That was about it. I loved using it, and would have liked to keep using it, but I very much dislike Facebook and don’t want the apps I’m using to be owned by them.

I’m very happy for the creators of the app who just hit a major payday, and I don’t fault them for taking the money when it was offered.

Finally, I did not “rage quit” Instagram. I took a day, thought it over and really asked myself if the app was good enough to keep using it in spite of who bought it out. The answer – in my case – was “no.” So I calmly found a site to help me get my data downloaded to my desktop, deleted my account, and then the app. No one should get so attached to an app that major changes like this cause them emotional turmoil.

So what did I switch to? Hipstamatic. It lets me take fun photos with filters and effects, and it’s not a free app, so it’s less likely they’ll get bought out and make me go through the process all over again in the near future.

Photo Credit: Amagill

Single-Vendor or All of Them?

Work togetherThere’s quite a few virtualization platforms out there. From VMware to Microsoft to XEN to KVM and beyond, the choices abound.

Do you want to stick to one vendor for all virtual technologies, or work with many of them at once? That’s a valid question, and one more companies are looking at every day.

Standardizing on one virtual platform has benefits. The company in question makes management tools that control their software, and having one platform means having to learn fewer tools. Also, since most vendors make entire suites of tools, you can probably find Server, Desktop and Application virtualization platforms from one vendor alone.

Spreading out also has benefits. Some platforms only make one type of virtual platform (such as hyper-visor for only server virtualization). Sticking with just one vendor would limit the tools available to you.

Cost always comes into play, as the more advanced platforms can often come with higher price-tags. So using only one vendor for all your needs might inflate your budgets dramatically – and in some cases unnecessarily as other vendors make tools that are less expensive and work great. Don’t forget training costs either, as multiple tools from multiple vendors means training your staff on multiple systems.

Which will you do? Most of the organizations I talk to started out on a single-vendor methodology. As folks like Quest Software roll out multi-vendor management solutions, they are beginning to explore having multiple vendors work in the same datacenter. This gives them flexibility to choose the best vendor for each tool they need, without losing control of the environment or having to learn a large number of tools just to keep things running.

Cross-Platform management is not 100% yet, but it is getting there, so we could easily see a day in the near future where the decision is a moot point. Until then, what’s your company doing? Sound off in the discussion section!

Photo Credit: lumaxart

What is iCloud?

ICloudScreeniCloud has been out for a while now, but many folks are still confused as to what it does. There’s not a lot of mystery, when you dig beneath the surface to have a look.

iCloud is Apple’s data-online service. Much like DropBox or, but with a twist – as iCloud is specifically build around Apple’s OS X and iOS systems.

First, the basics:

– The iCloud platform is free for up to 5GB of space. It then costs US$20 for up to 10GB, and there are plans for more money that go up to 100GB of storage.

– Your iTunes-purchased books, Movies, TV Shows and Music, as well as your Photo Stream don’t count against your storage space numbers, so you only pay for extra space if you go beyond 5GB of non-iTunes data.

– You can store your mail, all photos, as well as personal Music, Movies, TV Shows and documents in iCloud – these count toward your storage space use.

– iTunes Match (see below) also doesn’t count against your storage space numbers, but does have an additional cost.

There are several components to iCloud, but here’s what you’ll use most:

– iTunes Match: This component of iCloud is designed to allow you to keep your music, video and books in the iCloud platform. It costs about US$25/year above your iCloud storage costs, but currently only works for music files. Apple has stated that it will eventually also support TV Shows and Movies. You allow iTunes to scan your music collection and upload any songs not purchased from iTunes to the iCloud platform. From there, you can download those songs (plus any you bought from iTunes directly) to any Mac, PC or iDevice.

NOTE: Songs, TV Shows and Movies you bought through iTunes are available for download on any device that supports iTunes with or without an iTunes Match subscription – this service only handles non-Apple-purchased media. To find previously purchased media, go to iTunes, click on iTunes Store and look for the Purchased link.

– iCloud document storage allows you to put any data into your iCloud storage, but remember that if you go above 5GB it starts to cost money. There are similar sections for mail, calendars and contacts.

– Find my iPhone actually works for any iDevice, and will show you the location of any registered iDevice on a map. Handy if you lose your iDevice or if it gets stolen. The service only works if the iDevice is turned on, and if Push Email is enabled.

– iCloud Backup lets you backup your data and settings from your iDevice, allowing for easy restoration if you accidentally mess up your devices.

– Find my Friends allows you to track other people (with their permission, of course). Handy for parents who want to keep tabs on their kids and friends who want to know where they are in relation to each other.

– App integration allows apps to leverage iCloud for storage and syncing. Few apps take advantage of this yet, but the rumor is that more are on the way.

And that’s about it. iCloud simply enables more features in iTunes and iOS, as well as giving you some cloud-based data storage. Using more than the free 5GB is not a great idea, though, as many other services offer more space for less money, but getting features like Find My iPhone and iCloud backup are definitely worth signing up for the free version.

One last note, most of these services were also in MobileMe – Apple’s previous cloud-based service. However, Mobile Me will be no more as of this summer, so shifting over to iCloud is not only a good move, but will soon be a requirement if you want these tools.

Photo Credit: CLF

Don’t Panic Over Requests to See your SocMed

AlarmSilenceAlright, we’ve all seen the headlines.

Employers are demanding to see your Social Media profiles, and even – in some cases – demanding usernames and passwords to sites.

Before you panic, keep a few things in mind:

– Asking for your profile information before you are hired (NOT username/password) is something you should not fight against. There are two reasons for this. First, that information will only let them see what’s already available to the public at large, and so it’s stuff they could find on their own anyway. Giving them your screen names will at least let you know they’re looking. Secondly, knowing that they’re looking can come in handy, as you can ensure that there’s nothing you don’t want them to see before you hand over the info.

– Asking for private information before you are hired is NOT OK. Asking you for your login information is a severe violation of privacy, and should not be permissible for any employer. They cannot ask for your bank account information, they cannot – in most states – ask if you’ve been arrested (though, interestingly enough, they CAN ask if you’ve been convicted of a crime) – why should they be permitted to ask for private online information access?

– Asking for private information after you are hired is another story. If you signed an employment contract that gives them the right to ask, then you have to give up that info or risk termination. This is why you need to read your pre-employment and post-employment documents very carefully.

What I’m saying here is that many employees are raising the same level of alarm to the question “What is your FaceBook name?” as they are to the question “What is your FaceBook username and password?” These questions are not the same, and should not be handled the same.

The first question is perfectly reasonable. They want to see what you let any other person in the world see already, they’re just lazy and don’t want to Google search for your profile. The second question is a privacy violation.

We – as a community – need to differentiate between the two and only scream about the true violations, otherwise we risk having the general employer community accuse us of crying wolf over the issue.

That being said, what should you do if asked either type of question?

If they just want to know your online name, give it to them. Prior to beginning the interview process you should have made attempts to sanitize your profiles anyway.

If the interviewer demands your login information, politely refuse. Also inform them that you will note that the question was asked, and take your refusal into account if you are denied employment. In short, put them on notice that you’re still happy to work for them, but that you will not be pushed around.

Read ALL documents carefully to ensure you’re not giving away rights to your personal accounts. This is critical, as you may need to turn down a job offer if the company demands that all employees give up their logins. You may be able to negotiate a rider to your contract that explicitly states they don’t have rights to your Social Media accounts, but usually it’s either “do this” or “don’t work for us.”

If your employment paperwork does not explicitly state that you are required to give that information as a condition of employment, and you are still asked for it; refuse. Also note that you are not required to do so by your contract, and be very clear that you feel that logins are Personal Information and not subject to company disclosure. Let them know that they are very much welcome to view your public information, however; so that it doesn’t appear like you’re trying to hide anything.

In short, treat your FaceBook, Twitter, Pinterest and any other Social Media site login info the same as your bank account info, your medical info, etc. Unless you specifically agree – in writing – to give up that information as part of your employment, don’t give it up.

What if you get fired over this? I’m not a lawyer and you shouldn’t take any legal advice from me, so I won’t give you any. If you are terminated for not giving an employer your login information, seek legal help immediately. If you are denied a job for not giving your login information during an interview, seek legal help immediately. Many free advocacy groups exist, so hunt around and get help!

Secondly, if the employer in question is going to be that strict about your personal life, do you really want to work for them? If you have no choice (it is still a bad job market, after all) then you have to make a very tough decision, but if not, walk away. The employer may realize their mistake and ask you back, sans the request for your passwords.

To sum up: If the company only wants to see public information, or if you willingly agree to give them the logins in your contract, then give it to them. If they fire you unduly, or refuse to hire you because you won’t give them personal info, get legal help. But don’t raise the alarm over public data or data you agreed to give up, save that for the real bullying and privacy violations.

Photo Credit: Flattop341