January 17, 2016

Windows 10 - 1 down, more to go

I downloaded and installed Windows 10 back in August. Since it was on my test laptop, I didn't really get a chance to fiddle with it much. But now I see my family is noticing the Upgrade to Win 10 nag screen on their computers. They're now starting to ask...

So I went back to the test laptop to check it out. I am so not happy about moving to Win 10 - but that's just because of the way I use my computers. However, I do see that it is inevitable and I'd rather upgrade now free than later and have to pay.

Like a good geek, I updated everything before I started poking around. You have to make sure that your Norton is updated before you upgrade. Since my laptop had been offline for a while, I tried to update... Failed. Norton tells you to install a patch. Failed. What I ended up having to do is uninstall and reinstall Norton to get it to work properly. Not a tremendous deal - but it's something you may want to keep an eye on.

Then I tried to look at some of the "new" apps that Win 10 has added. This is where it went sideways again. It asked me to log into one of my Microsoft accounts - and when I did, it changed my start up logon to be that Windows mail account instead of my local account. Grrr. Not nice. I was able to go into my account pages and set it back to the local account, but again - something to watch out for... How many users are going to realize what just happened and know to use the mail account/password instead of the password they have been using for years? They will think they just got locked out of their computer.

So once I had a reasonable handle on using this, it was time to start upgrading. I started with my mom. I took my test laptop to her house and had her use it for a little while. She seemed to have no problems with interacting with the new OS. She even watched a video on "Onenote" while I upgraded her machine. [Go mom!] I think Win 10 will be good for her and fit in with the way she uses her computer. All of the things I don't want - she could use. So I upgraded her laptop...

Just an FYI - the upgrade speed will depend on a number of factors. Do not try to do this when you're pressed for time. The upgrade on my laptop with my Internet connection took less than 90 min. The upgrade on my mom's laptop with her Internet connection took almost 4 hours. The RAM and CPU on that machine were chugging along as fast as possible, but it still took quite some time. So plan for the worst and hope for the best.

Mom uses Microsoft Live Mail for her mail accounts. Those transferred perfectly - no issues. It took a little juggling, but I managed to put the tile on her start menu for her. Note : the "Mail" tile is not configurable. What I ended up doing was - delete the mail tile and right click Windows Live Mail on the Start menu and select "pin to start" to get the tile to show up.

The "news" application is a bit annoying to me (but Mom is okay with it). You cannot configure the news sources or feeds. You can only configure the categories of content. The "Weather" tile is nice - and you can go in and configure your location. However, when you go back to the start menu to check it ...wait for it... yeah, there it is. It takes a while to show up once you change the location.

Cortana is not easy to get rid of... But you will probably want to go into those settings and fiddle with it a bit. Once it finally realizes you don't want Cortana but DO want the search bar - it shows up. But you have to fiddle with it a bit to get it to stay that way.

The Edge browser really really sucks. There is a difference between the "Start" page and your "Home" page. And it's really hard to get your settings for the browser to persist - unless the browser realizes that you've completed your configuration and that's really really the way you want it. Ugh. Change it. Check it. Close the browser and check it. Reboot and check it. And eventually it will give in.

Here's what I don't like about Win 10:
Much of the configuration is taken out of your hands. There are a lot of "automatic" things that you can't change or configure. I'm used to customizing things so that the computer adapts to the way I work, not me adapting to the computer. For instance : if you're going to give me a news reader - I would like to be able to adjust not only the categories, but also the sources. I would like to use my own feeds, not yours. If you're going to have a Technology category - I'd like to be able to put "real" geek sources in that - not your Washington Post Technology section. And...I don't need you to update my computer on me automatically. I have been doing that very well and diligently for over a decade. I also don't like the way it tries to invade your home and the other devices around you. That used to be a _feature_ that distinguished PC from Mac. Now you're just like Mac with its snooping and trying to connect with everything from the toaster to the tv. And someone somewhere probably got a bonus/pat on the back for the new start button menu. Everything is alphabetized - with a big LETTER between items. I don't like that - it looks ugly. Only your Internet Explorer bookmarks will migrate to Edge. If you have Firefox and want to switch to Edge, I suggest you export and import your bookmarks from FF to IE before you upgrade. Then import them into Edge.

What I like about Win 10:
The tiles don't take over the computer like Win 8. Windows Live Mail migrated without a hitch. If you know the application you want, you can use the search bar to get to it faster than the start button. You can tile your frequently used apps to make them more accessible.

I think Win 10 will be good for my family members. For the most part, they use their computers to read email and surf the web. Mom uses Facebook. I was able to upgrade and set up her start menu so she has easy access to all the things she uses. There was even a free Facebook app in the Microsoft store - which I put as a tile in her start menu. As for myself ( and those who enjoy customization), I think I'm going to start looking at the registry to see if the things I want to customize can be configured. I may wait a while before I upgrade my other devices...


Posted by BlueWolf on January 17, 2016

January 09, 2016

CCIE Security Written Attempt

Yes, I know it's been a long time between blog posts here. When I do get a chance to blog, it's normally on the CCIE Study Notes blog. If you look in the Cert Battle Status - the certs I am currently aiming towards are the CCIE (R/S and Security). The battle has not been going well, but is still ongoing and has recently renewed vigor.

The toughest part of any of this is doing it while employed. Sometimes projects at work take over your "extra" time or wear you down and you're too drained to study after work. Not that I'm looking to be unemployed - but I've heard from multiple people that the only way they got the CCIE was to take time off work (months) and immerse themselves in it. I hope to not use that technique because then you have a tighter limit on your financial resources - which can also hamper your studies. [Rack rentals are expensive and so are tests.] The contract I am on will end at some time in the near future (we still don't know when) - so I have planned for that possibility. I am interviewing, but since I still have a job at this time - I'm a bit more picky than if I were unemployed. And if the music stops at some point before I find my next position, I will immersion study while looking.

For those who don't see me on a regular basis - my emphasis has moved from the R/S track to the Security track. I will be pursuing both, but if I get the R/S CCIE first - I am concerned that I will be pressured back into a Networking position and I would rather be in Security. R/S is a means to strengthen my Security skills rather than an end to itself - for me. So the recent focus has been on studying for the CCIE Security Written.

And yesterday I sat for the exam. Notice it doesn't say "passed" and have multiple exclamation marks. I did not pass. There goes $400... Yes, the exam is $400 now (up from $350) and unless you pass, no workplace I know will reimburse you for the attempt.

The test has changed - drastically- and it appears I studied for the prior test. I've been through the first half of IP Expert's Video on Demand class. I went through the INE Advanced Technologies videos. I went through the All-in-One Study Guide. And I know the material. However I know it in the incorrect format. All the previous CCIE Written Exams I have taken (and I have taken and passed 3 times) have all been the same. This is different. It's like they went from multiple choice to answering in Jeopardy style (form of a question).

Previous format of the exam was mostly multiple choice. There were multiple choice with "best" answer and multiple choice where you have to select "all that apply" (which are harder). Then you had your 5 or so questions that used exhibits. They would have snippets of code and you would have to answer questions based on the code or configuration displayed. Or you would be given a diagram of an environment (with or without a small part of a configuration) and you had to select from the various potential configurations to complete some task. And then there were always the drag and drop questions to match terms and their definitions or order the steps of some process. But there were only a few of those and you could take your time on them because the single answer multiple choice can be answered so quickly. Granted, the "weight" of each question is a mystery and you always knew that you _had to_ get those exhibits correct or you would not pass. Maybe you could screw up one but if you nailed the others, you had it. That was the old exam.

Granted, I know that Cisco is striving for tough tests. They want you to know that passing the test MEANS SOMETHING because it's not easy. Back in the 90s they tried "toughening" the test with a lot of "trick" questions. Then later they "toughened" the test by not giving you enough time to thoroughly read and analyze the question. Then they turned to "configlets" and chopped the question into multiple parts with a scrolling screen and multiple areas to view scenarios and answer questions. It turned the "100" questions into really 120 or so with the little sub-areas of question X, but it was an attempt to raise the bar. Now their newest little trick is : more exhibits.

As I sat for the exam yesterday, one phrase kept creeping into my head: Death by Drag-and-Drop. This is the newest iteration I've seen for strengthening the exam. And I really think it stinks. That's not how we do our jobs. We don't put things in tables or order the steps of a technology. Most of those steps are involved WITHIN the technology itself and are transparent. Now I can see ordering the steps of the Security Agreement (SA) establishment. THAT has value. If you can figure out which step of the process is failing, you can more quickly troubleshoot the issue. But to memorize the steps of the things I saw on that exam - well...let's just say that some of them are arbitrary and just the way someone organized it in their head. Or the matching questions - it seemed like it was just a way to ask multiple questions within the same question number. It seemed like the drag and drop was put in there for the sake of dragging and dropping so it would be "harder" in some way.

And the content ticked me off too. There was a HEAVY emphasis on IPv6. Now, we knew this was coming... eventually. And there was a certain level of IPv6 familiarity that I already had down pat. After all, this content is also in the R/S exam that I passed three times - and the IPv6 questions were never a problem. One of the things about IPv6 is that it's only something that you use for the test. It will be a very long time before I work in an IPv6 environment. But I know that this is a _global_ test and those that work globally must deal with IPv6 in their jobs. So that realization became a point in their favor that I begrudgingly gave them and accepted. But I didn't see anywhere (blogs, trade articles) that this emphasis had arrived. I will be ready for it on the next shot.

IPv6 was not the only content that surprised/irked me. There are multiple tables of content that apparently they require you to know/memorize. And with the test I saw, it gave me the "flavor" of what could possibly be on the next test they put in front of me. Granted, some of the questions will be the same but there will be some different ones (or could be depending on the questions drawn from the pool).

Like I said, I studied for this exam. I believed I was prepared. Had I taken a prior version of the exam - I certainly would have passed. But this is different. None of the materials I used (IP Expert VoD, INE Advanced Technologies and All-In-One Guide) will prepare you for this current iteration of the exam. They are great prep for the prior exams - this is new. And there is nothing out there that will prepare you. I've been here before. For some reason the Security track often goes through periods where the source materials are either dated or non-existent. I dealt with this on my way to CCSP. I had to read the Raw Cuts version of the ASA book online before it was published to sit for my exam. And likewise - I will now have to create my own study guide from the source materials and the Exam Blueprint. Hopefully my next post will discuss how I passed.

Posted by BlueWolf on January 09, 2016

August 02, 2015

Win 10 Install

This is not a "how to" on the install. Seriously, if you need that either let your kids do it for you or shut your eyes, cross your fingers and click. It's a really easy install from the user perspective. Microsoft has this set up as a "Windows Update" in just about every way (looks like the way I upgraded my mac....) [Note: the entire upgrade process took over an hour - but less than 90 min. Your upgrade time may vary.]

So what I did for my install was that I turned off all the networking components on the laptop except for Microsoft Client and IPv4. I disabled my wireless card. Then I plugged my ISP provider's router into a switch - which then connected to the laptop being upgraded. I spanned the port to a connection on another laptop where I was running Wireshark to capture the packets being sent and received by the upgraded device. For the most part, this should capture traffic to and from the device as it is installing and upgrading. Note that the actual download of the software occurred "in the background" when I "reserved" my copy of free Windows 10.

Now look at what we think is going on... You think that you've already downloaded the operating system and all it has to do is install it. So why would it need an internet connection to complete? There were quite a few packets in the capture and it's going to take a while to go through them. But this will tell me what servers it connected to during the update. There were multiple public IPs in the capture. It will be interesting to find out if they all lead back to Microsoft or not.

One of the things I did not do during the upgrade was check the wireless traffic. I do have an AirPcap adapter so I could do that at a later date. I would like to see if the upgrade turns on your wireless card to see what other devices are on your network or in your vicinity. And I should probably check for any attempts to reach out to my Bluetooth devices. But that will be at a later date. And...regardless of install - I would think that if it wants to know about all your devices, it would poll at regular intervals after the install.

So if you read my previous post about the Agreement you signed for this... you will know that Microsoft wants you to agree to send them certain information. So Microsoft wants to know -where- you are using this software. What device in what location? Realize that you are sending that information and that is what you agreed to get this software for free. Oh - and that's just the start. If you think that the agreement will be different when you pay for it...no, it won't. Same agreement - more money out of your pocket.

Now, I'm not saying don't upgrade. And I'm not saying that Microsoft is doing anything malicious. What I'm saying is that you should be aware that you are giving out this information - and giving Microsoft more control over your computer than you may realize.

Let's say you're an upstanding citizen of the US. And you only use your desktop/laptop to surf the web at home. You watch movies, you send email to your friends and you sometimes use the computer for games when you're bored. Hell, yeah - save yourself some money and get your free upgrade. Let them look, you're doing nothing wrong and you put most of everything you do on Facebook anyway...

1) Know that if Microsoft (assuming well-intentioned) can see this data - so can a malicious person.

2) What if you're an upstanding citizen with a sensitive job?

More to follow once the trace file is analyzed.

Posted by BlueWolf on August 02, 2015

July 31, 2015

Free Windows 10

Long time no blog... but this new Windows 10 deserves a post.

Like many people, I got the notification that I could upgrade to Windows 10 FREE (for a limited time). Well, even though I signed up for it - I'm not going to just plop it on my main laptop. So I'm going to put it on one of my little mini laptops and see what it's like first.

Is anyone else surprised that Microsoft is giving away W10 for free? So I did a little search on it. Seems that the story is that Microsoft is doing this so that it can boost sales in other areas. Great. Let's all run out and buy a Hololens so we can live in a virtual world. I'm not believing it. Perhaps they need a large install base to keep their footing in the corporate space. Who knows? But for one year we all have the opportunity to upgrade our most current systems to W10 for free.

At this time (at the start of the rollout) expect it to take a while to kick in. My Windows7 mini took hours from the time I clicked to reserve and the time it was confirmed. In order to do this, I had to give Microsoft my email address. Then it took a few more hours for the upgrade installer to download. To be fair, this is new (released on 29 July), so I'm sure the servers are swamped. Depending on when you upgrade, it may take much less time.

So now I'm looking at the End User License Agreement... Who reads those? I do. Here are the pertinent items that I found while reading it:

1) You agree and consent "to the transmission of certain information during activation and during your use of the software as per the privacy statement described in Section 3."
Okay, so I can understand them wanting to verify that you are upgrading a valid copy of Windows... but during the entire use of the software? I guess it depends on what certain information that they are gathering. But it does give me pause. I will dive into this more fully before putting it on my main system.

2) If you don't like the software and you want to "return" it... "might require you to return the software with the entire device on which the software is installed for a refund or credit, if any." What? If I don't want Win 10 anymore, I might have to send them my laptop to "return" it? Are you kidding me?

3) The agreement "also applies to Windows apps developed by Microsoft that provide functionality such as contacts, music, photos and news that are included with and area part of Windows." (See #2 above...)

4) There are some strange remote access restrictions. "No more than once every 90 days, you may designate a single user who physically uses the licensed device as the licensed user. The licensed user may access the licensed device from another device using remote access technologies." Okay...so this sounds strange. I'm not sure what they're getting at here, but it looks like it relates to remote access - which most home users are not going to use. However, it can look like it is talking about user accounts - which wouldn't make sense. But then again, with the home user in mind - most just boot up under one account and everyone uses it.

5) "During activation (or reactivation that may be triggered by changes to your device's components), the software may determine that the installed instance of the software is counterfeit, improperly licensed or includes unauthorized changes. If activation fails the software will attempt to repair itself by replacing any tampered Microsoft software with genuine Microsoft software." Isn't this what malware does?

6) Updates - the EULA makes you agree to update your... no you agree to let Microsoft update your system when they want. "By accepting this agreement, you agree to receive these types of automatic updates without any additional notice."

7) And if you want to downgrade (go back to what you had before the W10 upgrade), it's basically on you to obtain that earlier version of software to use. "Neither the manufacturer or installer, nor Microsoft, is obligated to supply earlier versions to you. You must obtain the earlier version separately, for which you may be charged a fee."

8) Long section about disputes and legal proceedings. Note that you agree that you can't be a part of a class action lawsuit against Microsoft...

9) "The software will turn on malware protection if other protection is not installed or has expired. To do so, other antimalware software will be disabled or may have to be removed." Really? Again, doesn't malware itself do this?

10) "You may not use such versions of the software for commercial, non-profit, or revenue-generating activities." Do people know this? How does this impact BYOD? What if you're writing a book? Or using your laptop to create a report for a customer? Do non-profits know they need to buy the business version of the software rather than use their home desktops/laptops?

Granted - this is a licensing agreement (and is legal-ese by its very nature). But it looks more and more like you don't own the device you buy. Well, you own the hardware that you bought, but you're "licensing" the software.

From my experience with Microsoft, they have been reasonably fair. I've been able to get activation keys fixed - granted, they were replacing valid copies of Windows that needed to be reinstalled (which is the whole point). And I think that perhaps the auto-updates and malware removal stuff may be a reaction to consumer demand. Users are notorious for not installing updates and then wondering why their computer is so slow. Or go to "popular" or "free whatever" sites and getting malware (without buying or maintaining any kind of antivirus). So that may be reactionary on Microsoft's part.

Once I set up so that I can capture packets, I'm going to click the agreement and upgrade. Then I'm going to compare the "before upgrade" packet capture to the "during upgrade" and "after upgrade" captures. This might get interesting...

Posted by BlueWolf on July 31, 2015

April 04, 2014

The Accidental Certification

I really never meant to get the C|EH. It was somewhat interesting, but not compelling. But I do realize that many employers and managers respect the certification. And...I could always use the CPEs. So I signed up for the WSC's 14 week C|EH class/workshop.

The classes and workshops were very interesting - they are a great bunch of women. And each class had a hands-on component. For the most part, I knew the material inside and out, so for me it was more of a review. This series of classes focused on the v7 version of the exam and used the Official Study Guide endorsed by the EC Council. I happened to actually have that book and the Sybex Study Guide (Graves). Any time I look at something I always use _at least_ two books on the subject. I've never found a book yet that completely covers any topic. The Graves book had some things that the Official guide left out. And the Official guide had some things that the Graves book didn't cover. I read both.

Once you take a class or self-study, you have to apply to take the test. Expect that this application is going to take some time. From what I understand - if you take the official course through EC Council, you can directly take the test. But if you don't take their course - you have to fill out a form, pay $100 (non-refundable) and submit your request for approval. They will write to your references/verifiers who need to write back verifying that you have the required experience. I suggest you use people as verifiers that are willing to do that work. Many people will give you a good reference, but how many of them will fill out a form on your behalf? Pick them. And if you don't hear back after a few weeks, write to the EC Council. They will check for you and see what status your application has - and if you need to prod your verifiers or not. Sometimes that email might prod them...

Once all that is done, you will get an email with your approval. Then you buy the test on their site and have them match that up with your approval. You will get a voucher number and an authorization code. You use the voucher number provided to schedule your test and you take the authorization code with you to the exam. There are two different exams - one from Vue and the other from Prometric. They are supposed to be the same exact test, but you have to pick one and that voucher only works with that testing facility. The facility I test at locally works with both Vue and Prometric (and a few others). Some other facilities work with one or the other. You can go to the Vue and Prometric sites to find out in advance where the closest testing center is for your area. Do this before you buy the test on the EC Council site.

As you can see, this is a process and it takes time. Do not schedule the exam until you are completely ready. I have found that my testing center can accommodate a Monday morning test that was scheduled on Sunday night. Your testing center may not be able to do that - or all the available seats may be full. But don't schedule it a few weeks in advance in anticipation that you will be ready by then. Things sometimes happen and you can end up with unnecessary pressure on you as the date draws near. That's not the way to do it and it will make it harder to learn with test pressure on your mind. Remember - you want to actually learn the material and know it (that's the goal) not just memorize enough to pass a test.

The other thing that helped me (again) was having a Safari Online account. Once I was ready and got my approval, the version 7 exam was no longer available. I had no choice but to take the version 8 exam. The material was not that drastically different from what I studied. However, just to be sure - I was able to pull up the version 8 book in Safari and "flip" through it to be sure that I had covered every topic. From what I saw, the v7 to v8 update was more of an update of their course rather than a drastic change in the exam. [It was not the same as the NT4.0 to Windows 2000 changes by any means. Now that was a drastic change.]

I found the test itself to be rather straight-forward. If you know the material and understand the topics completely, you should be able to pass the exam. Note that the exam I took had the questions chopped up in little sections - each with their own time limit. So you don't get all the questions and all the time all at once... That may become important if you have a small number of questions in the section and a short amount of time and you need to go to the bathroom. Just sayin' - go to the bathroom before you start. There was no indication if you needed to pass each section independently in order to pass the exam. And the sections weren't labeled - so the grouping confused me a bit. But if you look in the corner of the screen, you'll see which question you're on, how many are left in that section, and how much time is left for that section. At the end, you will get your results on the screen and a printout of your results from the proctor. And now that you've read this you know exactly what to do and you will pass!

There is supposed to be a "welcome" kit mailed to you (certificate, etc) in a few weeks. It has only been 2 weeks since I passed, so I'm still waiting on the kit. [The Wireshark kit was really nice and came with stickers.]

Good luck on your journey!

Posted by BlueWolf on April 04, 2014