Paranoia, for the win…

Paranoia1

Today, my team got an email from a local tech. The associate director for his site came to the IT department, saying he was concerned that one of his “tech friends” told him of a rootkit that was supposedly installed on all machines from $WeMakeComputers. And since his site (as well as almost all the other sites my team supports) was almost exclusively using computers from this company, he was worried that $WeMakeComputers could use this rootkit to hack into the facility and take over their computers.

I replied back, explaining to the associate director (by proxy) that, having done several IT equipment refreshes for several sites with contractors from $WeMakeComputers, there was almost no chance whatsoever that the contractors could have installed any such rootkit on the computers they installed while working with our teams in IT. For starters, none of the contractors were given accounts with anything remotely resembling administrative rights, meaning they couldn’t install a mouse on a computer, let alone a rootkit. Also, the software we used to push images to the computers did low-level formats of the hard drives prior to deploying the image onto each computer, which would destroy all traces of pre-installed software. Thirdly, the AV software we used, as well as the network scans, port security, and about two dozen other layers of security, meant that if such a rootkit was installed, it would’ve dealt with it rather quickly. Not to mention the fact that a number of employees and executives at $WeMakeComputers would have faced criminal charges and civil fines for putting such software on computers purchased by a federal government facility. Then there was the matter of the contract, which, among other things, forbade such software from being installed on the systems, meaning if such software was to be found, criminal charges aside, $WeMakeComputers would’ve been in violation of the contract, forcing them to refund us the entire value of the contract, a sizeable amount of their annual income, as well as the potential loss of income if such a story was ever made public, since I doubt many people would take kindly on a major corporation trying to spy on the government.

I also went on to say that I didn’t put much stock in people who heard things from their “tech friends”, because it invariably involved someone’s niece/nephew, grandchild, friend of a friend of a friend, random person they met somewhere in public or at a party, etc., whose credentials and experience in IT support were dubious at best. The irony is, trying to convince these people that the advice from their “tech friends” is wrong far more often than it’s right, or is nowhere near the problem it’s made out to be, is much easier said than done. All too often, such things they hear are based on solely on rumor, supposition, smear campaigns, and flat out lying, and there are no shortage of people out there who’ll believe anything they read on the Internet, and assume that anything written on the Internet MUST be true, because it’s on the Web.

I spent most of the time shaking my head and feeling bad for the local IT guy who emailed us because I’ve been in this local IT guy’s position more times than I could count, trying to correct someone who was a non-tech that heard something from their “tech friend” and assumed it HAD to be true, when this “tech friend” had little to no knowledge or actual experience in IT. It’s one of the more aggravating aspects of being an IT tech. It’s like trying to disprove Judy Patch, when there’s no concensus on whether dear Judy is even real…

ASUS RT-AC88U Router Review

P_setting_fff_1_90_end_500

Today, I felt like a kid on Christmas, because my ASUS RT-AC88U router finally came in. To say this thing is an absolute beast, is an understatement in more ways than one. It’s quite literally 2-3 times the size of a normal router. To put it in perspective, those antennas you see in the image, they’re all six inches long. So yeah, it’s big.

One other major thing I noticed right off the bat was that this monster has twice the number of gigabit LAN ports that any standard router has, at 8 ports. Setting this thing up was a breeze, and all you have to do once you plug everything in, is go to router.asus.com, and it will literally walk you through everything. And when I say literally, I mean it, so be prepared to dedicate about 45 minutes to this. This is not a bad thing either, since it walks you through setting up things you didn’t even know were possible on a router.

Among these are a USB2.0 and USB3.0 port. You can plug in an external hard drive, and turn the router into a NAS device, even going so far as to setting up users and folders on the drive, so that everyone in the house can access their files from whichever device they’re on. In addition, you can do a network aggregation on the first two LAN ports, meaning you have a logical 2Gbps connection to any device connected to it, including and especially to a dedicated NAS device you already have. In my case, I did a test of the tried and true Thecus device I had, and copied an HD episode of CSI from it, and it copied over at almost 50MBps, more than twice the 24MBps on my old router.

Speaking of throughput and bandwidth, I noticed a difference in other aspects. I did a speed test once I got connected to the Internet (again, a VERY easy process with this router), I noticed that there was about a 15% increase in my ISP’s bandwidth, both up and downstream, and it remained consistent through several tests spaced over several hours. I also did a speed test over the wireless, and that was where I saw the greatest difference.

You see, my previous routers were all Wireless-N routers, so getting a wireless-AC router was like going from a bicycle to a Lamborghini. I got the full connection speed on all my wireless-AC capable devices, even from the other side of my house. And when they advertised that the antennas on this sucker can cover several thousand square feet of living space, they weren’t exaggerating one bit, since the router is on one end of the house, and even in the backyard, I still got a strong signal. The fact that this router’s wireless AC has a theoretical maximum of 3.1Gbps is a big improvement over the 54Mbps I had become so accustomed to.

And before you go on about how such a strong signal makes it easier for people to get in, the router has firewalls, antivirus and other security protocols programmed into it already, as well as WPA2 encryption for both the 2.4 and 5GHz bands. And all these things are endlessly customizable. Plus, you can set up a Guest wireless signal as well. As the name suggests, it’s for guests that come into your house. It locks out all parts of your LAN, including the USB devices you plug into the router and other computers, so that the Guest wireless only accessed the Internet, and you can even block certain people’s devices from accessing it if you feel they’re taking up too much bandwidth.

With the prevalence of progressively higher-speed ISP connections, including Google Fiber, and Comcast’s 2Gbps connection, this router stands apart in that you can also link aggregate the WAN connection with a LAN port for a 2Gbps WAN connection, meaning that once these connections come to your area, this router will be ready.

Also, the interface as a whole is very clean and intuitive. Even non-techs will have a fairly easy time navigating through it. It has tools so that you can tell which devices are using bandwidth, how much bandwidth they’ve used over a certain amount of time, and even tell you if there were intrusion attempts. You can also modify whatever you had initially set up, and also check, at a glance, which devices are connected, what their IP addresses and MAC addresses are, as well as their throughput.

You can also program adaptive QoS (Quality of Service), so that if bandwidth is at a premium for you, you can prioritize connections, such as for gaming, VoIP such as Vonage, or for streaming Netflix, when there’s five other people trying to use the connection at the same time within the house. And speaking of which, you can set up parental controls for the little ones, so they don’t… “accidentally” find their way to websites or other dark places on the Internet they’re not supposed to.

Overall, this is a router that is on top of the mountain in terms of speed, performance, features, and a lot of other things that make it one that would satisfy even the most demanding user.

Here’s more spec’s:

  • 1.4GHz dual core processor
  • 1x gigabit WAN port and 8x gigabit LAN ports with the capability of link aggregation for increased throughput
  • NitroQAMTM technology for a theoretical max of 3167Mbps wireless throughput
  • 4×4 MIMO antennas for multiple wireless signals simultaneously and over 5,000 square feet of coverage
  • 4k Streaming capability
  • AiProtection (firewall, antivirus and other protection systems to counter hacking and intrusions)
  • WPA2 wireless encryption
  • USB3.0 and USB2.0 ports
  • Media server capability for sharing files among multiple users simultaneously
  • Setting up folders for individuals or groups.

Little late to the party

late

Today, my team got forwarded a ticket from a local site that almost made us do a double-take.

The ticket concerned a doctor whose account had been terminated a month ago. All of a sudden, he wanted to have the account reactivated so he could work immediately. There were several problems we discussed…

  1. How could the doctor do his job in the last month, since a terminated account would preclude him from logging in, let alone writing progress notes, or doing anything related to seeing patients?
  2. Why didn’t the doctor call a month ago to have his account reactivated?
  3. The notes on the doctor’s account said that his account was terminated because he failed to complete mandatory training, training which by the way, could get his license suspended for failing to complete.

My coworker, who got the call, contacted the doctor, but had to leave a voicemail, and after 2 hours, lowered the ticket to a low priority and kicked it back to the local site to do the work on Monday, reasoning that it must not have been so “critical to patient care” that the doctor get his account reinstated or to do the required training, if he couldn’t bother to pick up the call of a person actually trying to help him, or call them back within two hours.

How is this work-related?

stupid-facebook_o_271668

Today, I got a ticket forwarded to my team from a local site, and I didn’t know whether to laugh, or just close the ticket on general principle.

A user was claiming that she was unable to do her job because (drumroll please) she was unable to copy and paste some text into Facebook. The lady also insisted this issue be escalated to a high priority. I immediately kicked the ticket back to the local site from whence it came, with an email to the local CIO stating in no uncertain terms that my team doesn’t handle such things, and also wondered how this prevented her from doing her work, as well as wondering what preventing the user from the old tried and true method of oh, I dunno… typing in what she needed?

Asus ROG G751 Gaming Laptop Review

814oWeYJ2cL._SL1500_

I’ve had this laptop for 8 months now, and to say I was very please with it, is an understatement of epic proportions. This laptop is an absolute monster when it comes to sheer processing power, drive space, screen size, and the list goes on. There are several flavors of it, with different processors, hard drives and memory capacity to fit just about everyone, but being an IT guy and avid gamer, I insisted on getting the highest-end model, because I always insist on nothing but the best. Here’s the stat line of the model I got:

  • 2.4GHz Intel Core i7 4860HQ Processor
  • 32GB DDR3 RAM
  • 17.3″ Screen with 1920×1080 resolution and anti-glare coating
  • NVIDIA GTX 980m graphics with 4GB dedicated video GDDR5 RAM
  • 512GB SSD (Samsung M.2)
  • 1TB Hard drive, 7200RPM
  • 802.11AC Wireless (1,300Mbps theoretical maximum)
  • Gigabit ethernet
  • 4x USB 3.0 ports
  • HDMI Port
  • DisplayPort
  • Thunderbolt Port
  • SD Card Slot
  • BluRay Writer Optical Drive
  • Built-in Bluetooth
  • Windows 8.1 Installed (with free upgrade to Windows 10)

All the games I’ve thrown at it, including World of Wacraft, Fallout 4, ARK: Evolution, Call of Duty, Final Fantasy XIII, and many others, it has shredded its way through without missing a beat, with all of them at their highest graphics settings. And because it’s ASUS we’re talking about here, the laptop can dynamically overclock the GPU by 5% to squeeze that extra bit of performance, and to gain those few extra frames per second games so desperately crave. And the bootup time of the laptop is crazy fast. Within two seconds of booting the laptop up, I’m already prompted for my Windows password. The fact that the keyboard has a good backlight also helps for those who prefer not to have every light in the office turned on just to be able to type on the keyboard. Programs also launch near instantaneously, thanks to the Samsing M.2 SSD that serves as the main OS drive. The fact that it comes at a whopping 512 GB doesn’t hurt either, meaning you can load a ton of programs and games on it before you even begin to fill it up.

Upgrading the laptop is also a breeze. Even though the model I got already had the max amount of RAM, upgrading the other flavors of the laptop’s RAM is a breeze, and the RAM slots are accessible by removing a single panel. The same goes for the internal drives, since both are accessible with the removal of another panel. If I had my choice, I’d buy a 1TB SSD drive to use as my main OS, and have a 2TB Samsung SSD as the data drive… that is, until Samsung decides to release a higher capacity SSD, in which case, I’d be all over that like white on rise in a glass of milk on a paper plate in a blizzard. Plus, there is a slot for you to insert your digital camera’s SD card, so you can immediately view your day’s pictures, and have a ton of space to store them on. Plus, with the USB 3.0 ports, you can buy the latest external USB hard drive, and transfer all your music, videos, pictures, etc., to and from the external drive and blazing fast speeds.

The screen itself is crisp and clear, and in no way is it difficult to read, given the combination of the 17.3″ screen and the full-HD 1920×1080 resolution. One thing that also works in the laptop’s benefit is that you can connect it directly to an HDTV or a 5.1 surround receiver, and with a Bluetooth keyboard & mouse, use your living room to play games until the cows come home in full surround sound. In addition, the 802.11AC wireless that’s built in has a very strong antenna, meaning it can pick up signals from across the house, and is fully backwards compatible with previous 802.11A/B/G/N wireless routers, so there’s no need to upgrade your wireless router… that is unless you WANT to be able to wirelessly connect up at a mind-numbingly fast 1,300Mbps.

Overall, I couldn’t be happier with this laptop. And while this laptop isn’t cheap, you definitely get what you paid for, and I fully expect this laptop to last me for many years to come.

What is this “logic” you speak of?

logic-Vader

Today, a member of my team got a rather amusing call from the Tier 1 Desk Monkeys. The Desk Monkeys noticed that there was an outage for a system, and a minor one at that, at one of our local sites, and wanted to know when we would be putting in the outage notification for it.

To put things in perspective, the last few weeks, the Tier 1 Desk Monkeys have been dumping more and more of their work onto us, in an effort to offload a massive amount of criticism that they (justifiably) got for their horrendous, dare I say hilarious, inability to do many things right, and basically trying to set us up to fail, in a vain effort to prove that it wasn’t just them who were royally screwing things up. This includes the outage notifications they were once in charge of. These notifications were only supposed to go out for things such as maintenance on major IT systems, such as network maintenance for a whole site, the EHR database servers, or for when there was a major outage, such as when a major system crashed, or there was a legitimate outage that needed to be fixed as soon as possible. But the Tier 1 Desk Monkeys were issuing these outage notifications for such menial things as 2 or 3 people being unable to print, a single person having trouble connecting to the network, and even one such notification where someone complained that they couldn’t get onto Facebook, and claimed it was critical to patient care that she be able to do so immediately. And when these notifications went out, up until recently at least, the Tier 1 Desk Monkeys were required to convene a conference call, one in which they demanded that my team, the local site’s IT technicians, upper management and others high up the food chain join, often with little or no notice, and sometimes in the middle of the night, with little or no knowledge of what was going on, or even how we were involved. It was then decided that these conference calls were basically a colossal joke and a waste of time, and no longer required, especially after the avalanche of criticism levied against the Desk Monkeys.

But back to today’s events. The Tier 1 Desk Monkeys called us, and gave us the ticket number for the outage. A cursory lookup of the ticket revealed the local site had already fixed the issue and closed the ticked three hours before the Desk Monkeys called us. The Desk Monkeys didn’t even bother to read the ticket, since it would have been pointless to issue an outage notification, and blast it out on email to everyone and their brother, three hours AFTER the issue was already fixed. When one of my coworkers brought it up to the Desk Monkey who called him and asked him to actually read the ticket, the Desk Monkey’s only response was to cite the new policy to call us for all these issues and insist on an outage report being filed by us. My coworker retorted that it would make no sense to issue an outage report AFTER the issue was already fixed, and for them to insist that a team of people who had nothing to do with the issue in the ticket (let alone a team that didn’t even fix it) issue such a report made even less sense, and if anything, the site itself should have issued the report while the issue was being worked on. Since they didn’t, my coworker reasoned (correctly) that it must not have risen to the level of even needing an outage report in the first place. The Desk Monkey had no response to that and just hung up.

I got a similar call earlier in the day. I was notified that several users across a couple sites were experiencing “slowness” on their computers, but couldn’t be more specific than that. I made the obligatory calls, and got nowhere fast, since no one was picking up their phones. While I was doing this, my coworker was getting IM’d constantly by another Tier 1 Desk Monkey, demanding to know why I hadn’t bothered to put an outage report in yet. My coworker asked me about it, and I told her I simply didn’t have the time yet, because I was trying to actually get a hold of a live human being to get more details on the issue, but the Tier 1 Desk Monkey she was talking to didn’t accept that as an answer, and instead of allowing me to actually work on getting some decent information on the issue that the Desk Monkeys failed to get, demanded the Outage Report Number as soon as possible.

If only to shut up the Desk Monkey and get her off my coworker’s back, I finally did the outage report, and sent it along, and got an email string going, where the issue was quickly discovered to be a slow SAN cluster. A reboot of the cluster caused the “slowness” to disappear and all was well. I closed the ticket and the outage report, but apparently, the Tier 1 Desk Monkeys weren’t done with me yet. I got an IM from the same Desk Monkey pestering my coworker earlier that day, demanding to know why I closed the ticket and the Outage notification out. Rather perplexed, I asked why she needed to know this, and told her to look at the ticket and outage notification, since I had updated both with notes prior to closing them, indicating that the problem was fixed. Her only response was, “Oh… nevermind.”

And the sad thing is, this is fairly typical of the Tier 1 Desk Monkeys. Not only do they not even bother to read the very tickets they create, they cause more work than they do, and even then, they insist on having other people do their work for them, either to try and get them into trouble, or to prevent themselves from getting into trouble…

iPad Pro review

ipad_pro_review_video_1200

Along with the new Droid Turbo 2 I got last Wednesday, I ordered the new iPad Pro, with 128GB of storage space on it.

I was immediately impressed with the size of it, and the 12.9″ screen was a sizeable difference from previous iPads, in more ways than one. It has a 2732×2048 resolution, which is significantly higher than HD, and nearing the 4K range, which is only a good thing. When I launched Netflix on it and popped on CSI: Miami, I could easily see just how vivid the colors were, moreso in several ways than on my television. The sound coming out if it left little to be desired. Previous versions of the iPad only seemed to have basic speakers, but the iPad had four built-in speakers that would automatically detect whether the device was in portrait or landscape mode, and I had no trouble hearing the dialogue, music, etc.

As far as overall speed, the speed of the new iPad pro was a vast improvement over previous models, with the A9x chip, a 64-bit dual-core chip clocking in a 2.26GHz, and with a dedicated motion coprocessor, and 3GB of RAM. It had no trouble throwing everything I could at it, including downloading TV shows while downloading and installing new apps, all of which it handled with complete ease. And speaking of which, given the 128GB of space I have on it, I was easily able to fit my entire music playlist, all of my books and apps, and still had enough storage left over for almost two complete seasons of CSI, which comes out to nearly 50 episodes at ~1.75GB per episode piece, which is plenty, given my desire to have something to pass the time when it gets a little slow at work.

Oh yes, one other feather in the cap of this new iPad are several apps pre-installed. They’re basically the iPad equivalent of MS Office, namely Numbers (Excel), Pages (Word), and Keynote (Powerpoint), as well as GarageBand, which allows you to record and master musical tracks, and iMovie, which as the name suggests, allows you to record videos, and edit them into a movie in full 4k HD glory. With that, and the usual assortment of other apps, it’s definitely a well-rounded machine, and with the attachable keyboard and Apple Pen (both of which coming out soon from what I’m told), it can almost serve as a replacement for a laptop.

I must have it, for it is shiny!

shiny-object

At a couple sites I worked at over the years, I was in charge of laptops, cell phones, and mobile data cards. This was its own level of hell, because more often than not, the users viewed these things as little more than status symbols, and only wanted them for that reason, or so they wouldn’t have to pay for their own stuff, because they figured “Hey, it’s the government, they got lots of money.”

Whenever I’d get a ticket requesting one of these items, it was standard procedure to have them fill out paperwork justifying why they needed the device in question, as well as having it signed by their boss, their department chief and the Director’s Office. About half the time, they completed this paperwork with such speed, it would give me whiplash. The other half of the time, despite four emails, two weeks, and no responses back, they’d come up to my office screaming at me and demanding to know why their request was denied when I never got their paperwork. And of course, these people would claim ignorance and say they didn’t know they needed to fill out any paperwork… that or they were above filling it out and needed the equipment immediately for their jobs.

In the case of laptops especially, most cases involved people only using the laptop once, perhaps twice, and then squirreling the laptop away for months on end, seeing the laptop as a status symbol. When they fired the laptop back up after entombing it for so long, they were surprised to discover the encryption I was required to install on it had locked the laptop up for lack of use. Reason being, the laptop had a 90-day timer, and the timer would reset every time the laptop would log into the network, which was a little tough if they kept it turned off and in a drawer somewhere. Then, in a panic, they’d come up to me and demand I override the lockout, claiming they needed it for their jobs. Pretty quickly, I got wise to this, and the first thing I always did when I heard their sob story was to go into the event logs of the laptop. Sure enough, there were gaps on the logs that often extended for months at a stretch. My personal record was a 19-month gap, and the user was adamant they used the laptop every single day, when the event log registered everything, even something as menial as turning it on. And considering the perpetual shortage of laptops we had, I frequently brought this up to my boss whenever users claimed that they used it every day, and my boss would back my play on it & refuse to give them the laptop back. Trouble is, the user would invariably go over my boss’ head to our CIO or to the director, who was only too happy to side with the users, ordering me to give it back to them after updating it, only for the user to (again) squirrel the laptop away for months on end.

The opposite was also true. I had posted an earlier story about this, but other people tried to use the laptops as their own personal machines, and in several cases, the users would beg me to allow them to have full administrative rights to the laptop, or to load unauthorized software on them, claiming it was critical to their job performance, which made me laugh because in one case, I wondered how a children’s program to teach a 5-year old how to spell was critical to a doctor’s job. I would always refuse, and even the CIO had a hard time justifying such a thing, since if it was discovered that he authorized someone who wasn’t in IT to do as they pleased to a secured and encrypted device, it was going to be their ass on the chopping block.

In both cases, I had to sit there and explain to them, even showing them, that the paperwork they, their boss, and the Director’s Office signed for them to have the laptop stated in black and white that they were required to bring the laptop in at lease once every 90 days for check-in and updates, and that they were only allowed to use the equipment for official purposes related to their jobs. They claimed ignorance, saying they didn’t know they had to do this, when my guess is, they were in such a rush to get their new shiny toy they simply didn’t read that part, even after I had told them they needed to bring it in every 90 days.

And as bad as laptops were, cell phones and Blackberries were even worse. Again, users viewed these things as status symbols, trying to get them, even if their jobs didn’t require one at all. One particularly memorable case involved the lead telephone operator. She had requested and was approved for a Blackberry, and then went on a 90-day disability. The problem was, even before she went on disability, she was using he phone at all hours of the day and night, calling and texting people that had no affiliation at all with work, and racking up huge charges as a result, on account of the plans we ordered not having texting and only 500 minutes a month. This only increased when she went on disability, to such a degree that her monthly bills routinely exceeded $1500 a month. When she returned from disability, I had sent her several emails explaining her usage, with copies of the bills for her line, and asking to show me which phone numbers and texts were work related. I never got a response back, so finally, I called the carrier, and ordered her phone number be suspended immediately. Sure enough, within 15 minutes of doing that, she came up to our office, demanding to know why her Blackberry suddenly couldn’t make calls any more. I explained to her, with my boss in the office, that I wanted an explanation as to why her cell phone bill was so massive, and why she was making calls and texting people outside of her working hours. She claimed she was talking to coworkers, but I had already checked, and only a small fraction of the calls were to her fellow operators. My boss then said that until she paid the cell phone balance, in full, she wouldn’t have her Blackberry reactivated. All of a sudden, her mood changed, and now that she was forced with either paying a $7,500 cell phone bill before being able to use it again, she changed her tune, gave up the Blackberry on the spot, and said she would buy a personal cell phone of her own.

A similar issue occurred with another employee, who was part of the community outreach program at our site. My coworker, who also worked on laptops and cell phones, discovered that this guy’s cell phone bills routinely exceeded $2,500 a month, and like with the lead operator, the calls and texts came in at all hours of the night. My coworker emailed him, asking him for a reason his cell phone bill was so high, and got no response… The second month, same thing. Finally after a third month and a third email with no word from him, we called the carrier and cut off his cell phone. Like clockwork, he stormed up to our office within 15 minutes of the cutoff, demanding to know why his cell phone was cut off. We told him we had been trying for three months to get a hold of him with no success, so per policy, we cut off his cell phone access for suspected abuse of the service. He got belligerent, claiming he was in outreach, and of course his cell phone was in use constantly, he was always out in the community, to which my coworker had countered that we knew of schedule for such outreach, since it was in the email blasts that he himself had sent out, but the dates and times of the barrage of calls and texts he was getting didn’t even come close to matching up, as well as bringing out the paperwork he signed, agreeing to only use the cell phone for official work purposes. At that point, he physically threatened my coworker, stating that if he didn’t reactivate the Blackberry immediately, he was going to beat us senseless. My boss just happened to be down the hall, hearing the commotion, and telling the guy to leave the office immediately, and because he made a threat of assault, this was going to become an official investigation. He had the in-house police escort him out, and was ordered to not come back up to our department, lest it be escorted by at least two police officers. In addition, my boss called the Inspector General’s office, letting them know what happened, forwarding all my emails I had sent to the guy, along with the monthly cell phone bills, which we had requested be broken down to include numbers, times, call lengths, the works.

After the IG completed their investigation, they ordered the guy to be demoted, dropped down a full pay grade, put into another position, and ordered him to pay back the last six months of the cell phone service he used, which totaled over $17,000, or else face criminal charges including committing fraud, waste and abuse against the federal government, threatening assault on a government employee, among other charges.