Brendan’s Blog

I wanted an email address I could keep for life, and I wanted the flexibility to change what email service I used.  The best solution for me was to register my own Internet domain name (bmhome.com) which I use for personal email and web pages.

My Internet registrar (currently GoDaddy) provides domain name services (DNS) as a part of the annual domain registration fee.  I can determine which email and web hosting services are used by adjusting the DNS configuration at GoDaddy.  Today I host my personal email with GoogleApps and my personal web site at GoDaddy.

GoogleApps combines the features of Google Mail and Google Calendar with your personal (or business) domain name.  All of the data is stored on Google’s servers.  My email address doesn’t have Google’s name in it, and I can move it one day if I choose to.  In addition to my mailbox, my wife also has one, and eventually I’m sure my daughters will too.    GoogleApps comes in two flavors, free and premium.  My email mailbox exceeds 10GB so I pay Google’s annual fee for premium service.

My favorite feature of Google Apps is the large mailbox.  Every email I have sent and received for over ten years is at my fingertips.  I use Google’s web-based Gmail interface to read and send my personal mail every day.  I even have rules configured at Google to forward some email to my Blackberry, which helps with potentially time sensitive notes.  Like Gmail, GoogleApps supports POP and IMAP in addition to their native web email interface, so you can use MS Outlook or other traditional email client software.

Google does a really good job removing unwanted spam, though I can go see what it filters anytime I want.  In the past two years, I’ve never had a false positive, and very little spam gets to my inbox.  Google also has a Blackberry application that allows me to read/compose/and search personal mail from my Blackberry without utilizing my employer’s Exchange mailbox.

I just read a great blog post here that speaks to a transition I recently made myself.

I have been an Exchange/Outlook user since 1996, before Outlook was even a product.  During those years I developed systems of email folder heirarchies that I used to “file” my email.  These heirarchies changed year-to-year as I changed projects or jobs.  This filing helped me find relevant email on any number of topics when required.

I also have a no-delete policy for email.  I don’t delete anything.  My theory is that storage will continue to get cheaper, and search functionality will continue to improve.  Once my mailbox size became large, I started creating an annual “PST” archive file so that my primary mailbox would stay manageable.  Over the past twelve years I’ve amassed many gigabytes of email.

Last year I began using Google Mail’s web interface as my primary personal email client.  Around the same time I saw an “Inbox Zero” presentation by Merlin Mann which was very thought provoking.  After a short time my habits changed dramatically from being an email filer, to an email finder.  I highly recommend it to anyone who spends time moving emails from your inbox to other folders in an attempt to organize your email.

When using Google Mail, I immediately archive any message that doesn’t require me to perform a follow-up action.  Those that require follow up stay in my inbox until I’ve completed the task.

When using Outlook I flag messages requiring follow-up.  Messages from high-volume email distribution lists are automatically moved to Inbox subfolders via the Rules feature.  Others emails simply stay in my Inbox or their distribution list folder until Outlook AutoArchive moves them to a PST file.

The advantage to “finding” is that you don’t spend time filing on a daily basis.  I don’t even label much as I can almost always think of keywords, senders, or recipients that narrow my search sufficiently.  The only filing and labeling I do is automated with filters.  Email from active distribution lists gets automatically tagged and/or filed appropriately.

Are you a finder or a filer?

Once upon a time I frequently reused passwords. So if you knew my dogs name, or what kind of car I drove, you could easily have pretended to be me with just a little extra work. This is obviously a very bad idea, but I’m sure many people struggle with managing passwords for web sites and computer systems you access on a regular basis.

Passwords are keys to your identity.  If a malicious person were to figure out your email password, what harm could they cause?  Could they quickly gather the names and contact information for your friends and family?  Could they figure out where you bank?  Could they reset your bank password by telling your bank that your password was forgotten?

A researcher who examined 10,000 Hotmail, MSN and Live.com passwords that were recently exposed online has published an analysis of the list and found that “123456″ was the most commonly used password, appearing 64 times.
- Wired Magazine

Here are my tips for choosing the best passwords:

• Use different passwords for every site/application.  Do not reuse them.
• Change passwords frequently.  The more you use a password, the more you should change it.
• Keep your passwords secret.  Guard them as if they were keys to your identity — they usually are.
• Consider using a random password generator.
• Consider using passphrases (e.g. Myhouseismadeofwoodandhasyellowsiding!)
• Consider using acronyms (e.g. Mhimowahys!)
• Do not use words, birthdays, family and pet names, addresses, or any other personal information in your passwords.
• Do not use repeat characters such as 111 or sequences like abc, qwerty, or 123 in any part of your password.

I strongly recommend using a password managment tool for three important reasons.

1. Tools remember many passwords so you don’t have to.
2. Tools can type passwords for you.  This makes strong passwords easy to use.
3. Tools can create strong passwords which are complex, unique, and random.

A while back I wrote a post about PasswordSafe, which I used to manage my usernames and passwords.  I later switched to a different tool named KeePass.  KeePass is also free and open source, but I think it is also easier to use.  I now also use LastPass which is a different on-line based password manager.

KeePass is a free open source password manager, which helps you to manage your passwords in a secure way. You can put all your passwords in one database, which is locked with one master key or a key file. So you only have to remember one single master password or select the key file to unlock the whole database. The databases are encrypted using the best and most secure encryption algorithms currently known (AES and Twofish). For more information, see the features page.

The ability to auto-type usernames and passwords is infinately flexible with KeePass.  Auto-type is a very important feature, although I can understand why you may not initially think so.  Think about the strongest types of passwords.  They are long, complex, unique, and full of many different character types.  Do you want to type those in manually each time?  Once I switched to KeePass, my normal password length increased to 20 or more randomized characters wherever possible.  Since I don’t have to remember or type them, I prefer the really long/complex ones.

To manage my password database across several computers, I use FolderShare to synchronize it between systems.  This keeps my database of (as of writing 317) passwords the same across all my systems.  Occasionally I also copy the password database file to a USB flash drive so I can access accounts when I’m not using one of my own computers.

KeePass has many other great features.  The listing of features below links to their website.

Some websites with more complicated authentication schemes will require customization of the auto-type string.  The software “help” references provides details on how to do this.

There are many options and technologies to consider when planning a wireless network at your home. Products available today are much easier to use, and even less expensive, than in the past. I’ll describe a few factors that I consider to be the most important, and what I happen to use along with them. I will start with an overview of what is needed for a wireless network. A network consists of an Access Point and one or more wireless clients (e.g. Desktop and/or Laptop PC.) In the diagram below, the Access Point is physically connected to a router and modem for Internet connectivity. Frequently router and access point functionality is combined within one device. The modem (cable, DSL, or Satellite) is what connects your network to the rest of the world.

Wireless Compatibility

An international standards organization (IEEE) defines the 802.11 standards that most wireless vendors comply with. You must ensure each of your devices supports the same standards or they will not work together.

The wireless standards most commonly used in the US consumer market are as follows:

The newer protocols offer higher speed and range, but at increased cost. Some products use proprietary enhancements to the standard protocols which are only helpful if all of your equipment is from the same manufacturer. I use a “G” based network, though I may consider upgrading to “N” once I have computers that support it.

Security

Security mechanisms within the wireless network standards are used to both keep data private encryption, and keep unauthorized clients from connecting to your network. Three standards are common, with the newest standard (WPA2) offering the best protection. The WEP standard is very weak, as a malicious user can compromise a network protected only with WEP very quickly.

To provide the greatest protection you should implement the newest standard that all of your devices support. In addition to the access point, all of your wireless clients must support the encryption standard you use. If you have some older devices they may not all support the latest standards.

Home networks generally rely on a pre-shared key (PSK) to control access to an encrypted network. So in addition to specifying the use of WPA or WPA2, you will need to define a “key.” Anyone with this “key” will be able to access your network, and its data. The best keys are long, and not something a neighbor or acquaintance may be able to guess. I recommend one of two options here.

1. A long pass-phrase. A long passphrase is made up of several easy to remember words and/or numbers that would not be easy to guess. For example: “thethreelittlepigsbuilt3houses” Pick something long and unique to you.
2. A long random string. There are several password generation programs and web sites. You can try this one (at GRC) to generate a key such as “7BF9A06F64C3722F70E9173F1CC400C5E2B7″. Since this is more complicated, you will generally save the key electronically, and simply cut/paste it to type it in when needed.

MAC Filtering

Most access points support a feature called MAC filtering. Wireless network interfaces on client PCs are pre-programmed with a unique MAC address. With MAC filtering you tell your access point to ignore traffic from other wireless clients. This may seem like a security setting, but it is possible to bypass this protection by listening for traffic from your home and manually setting another network client to use the same MAC address. MAC filtering isn’t a bad thing, but it should only be used in concert with encryption.

Service Set Identifier (SSID)

When you configure an access point, you are prompted to enter an SSID. The SSID is your “station identifier” or name. This is not a password or a secret. Your access point typically broadcasts this value to advertise the presence of your wireless network. I recommend changing the default value to something else — you can decide if you want a name that lets your neighbors know whose network it is, or if you want to use a word/value that only you find meaningful.

My Network

I use a Linksys WRT54G as my router/firewall. The Linksys firewall is running 3rd party software called DD-WRT to provide enhanced features such as Quality of Service (QOS). I disabled the wireless features of the Linksys, and use a Netgear WPN824 as my wireless access point. I chose the Netgear because the MIMO feature greatly increased the range of my wireless network. Using only the Linksys, the wireless network reliably worked in only two rooms of my house. With the Netgear I can use my network anywhere in my house — I have even used ittwo houses away.

I have worked from my home office for around four years. As a result I spend many hours on the telephone. This post captures a few tips that I have learned from experience. Some are obvious, some may not be.

1. Don’t use VOIP. Home Internet connections are never 100% reliable. I use a standard copper phone line from Verizon for my home office use. Why? Because it works when my cable internet and/or power is out. The sound quality is also superior to anything else I have tried. It may cost more, but quality/reliable phone service is a requirement for telecommuting.
2. Use a high-quality phone. Don’t skimp on the handset you use. I’ve found the best wired handsets typically cost $50-$75. This would typically include two-line support, full-duplex speakerphone, caller id display, and a few speed dial buttons. I use an older version of this one from AT&T.
3. Get a high-quality headset. Long conference calls are a regular occurence for me, and the headset is much easier on the ears and neck than holding a regular phone. I use this one from Plantronics. It is wireless, but the transmission is digital. Wireless features allow me to make trips to the kitchen or to simply stretch my legs when on a call. The sound quality is high, and I never hear static. If I go to far away from the base station (e.g. when getting mail from the mailbox) the sound simply goes out until I am back in range.
4. Don’t use a speakerphone if you are talking. I have yet to hear a speakerphone that doesn’t also pick up your papers shuffling, keyboard typing, mouse clicking, dogs barking, and UPS ringing your doorbell. Speakerphones are great for listening, but don’t subject your peers to a two-way conversation over speakerphone.
5. Use Mute when you can. Whether on speakerphone, headset, or standard handset, be familiar with how to enable the mute function. If you get an unexpected knock on the door, call on the cellphone, or simply need to sneeze, don’t let the others on your call hear it.
6. No Answer / Busy Transfer. I use a Verizon service called “No answer / busy transfer.” This feature forwards inbound calls to my cell phone when my regular line is busy or I don’t answer after a few rings. This feature is not widely used, but you can likely ask for it if you call customer service. This has three important benefits:
   1. I only have to give out one number. All inbound calls go to my home office line.
   2. If I leave my office for lunch, a run to the post office, or for a trip somewhere, I can still answer my calls.
   3. All of my voice mails are in one place — my cell phone.
7. Set your cell phone ringer to vibrate first, then ring. I like this feature so that others in the room or on the phone with me don’t have to know I’m screening another call. If I can’t answer, I hit “end” to let the call go to voice mail. This is great during meetings or if I am in an important conversation. If I want to take the call, I can answer it before it even rings. Of course your cell phone may be in the other room so ringing after a vibrate alerts you then too.
8. Use a Conference Call bridge service. My current and previous employer provide these to remote workers. Essentially you get a toll-free conference number. Call participants typically dial a passcode to enter your meeting. This allows other participants to come/go when it is convenient for them. This makes life much easier than fiddling with three-way calling on your standard phone.