My new Lacie D2 Network drive is Time Machine compatible. That means it’s really easy to setup with Time Machine – no hacks required, it just gets detected.

LaCie D2 Network – Time Machine

Then, you get blamed for running a .exe from a share on it. That exe was the MS Office installer. Why was that a problem? EXEs are not compatible with the drive’s operating system !

It was related to running the .exe file on the drive.  The file is proprietary to an OS such as XP, Vista, or Mac OS X.  Running the file on a non-conforming OS is going to create severe havoc and other issues.  I am glad the reset resolved the issue.

Lacie Tech Support doesn’t know what a share is

And then, you ask them about firmware updates to fix some small issues here and there, and this is what they tell you, barely over a year after you bought it:

Since this type of unit is no longer made, it’s unlikely there will be any further firmware updates for

So am I surprised that my piece of junk Lacie D2 NAS does not support the latest AFP protocol required for Time Machine?

Of course I’m not. But who cares, it’s not like I trusted the thing as my main backup anyways.

Cause: The LaCie NAS OS does not support Time Machine with Mac OS X Lion.
Solution: Use Mac OS X 10.6.x or earlier when using Time Machine to back up your Mac to a LaCie network hard drive.

But I’m sorry. The solution is actually to buy hardware from a company that at least pretends to give a damn. Apple should be ashamed of allowing this junk in an Apple store. I don’t care how cool your USB sticks look or how fast your Thunderbolt drives are, LaCie, I’d rather use old Sony 1.44inch floppies. Oh, and I called my D2 “Lassie”, cause it runs like a dog.

You’re trying to delete an icon/shortcut from the sidebar in Finder, under Mac OS X Lion/10.7.

Right clicking doesn’t work, because that folder does not exist, or maybe it points to a share using an old version of AFP or SMB that you can’t connect to, because some company that almost has the same name as a famous dog if you pronounce it in french is a bad company that doesn’t update the firmware on any hardware old enough to have a lot of important data on it.

What you need to do is hold command and drag it to Trash instead of doing a right click.

Thank you for taking an interest regarding the CRTC’s decision on user-based billing for internet services. Thank you for taking the time to raise this important issue with me.

I believe in an open internet that promotes fair competition and access for all. For that reason, I have taken a strong position in support of net neutrality and wholesale access, and remain opposed to any rulings or regulations that would limit either of these objectives in the sphere of internet services. In this case, the CRTC’s decision clearly limits competition and choice for consumers.

Echoing the concerns raised by my colleagues, I believe that the high prices Canadian consumers pay for internet services are an impediment to competitiveness. As such, it is my belief that concrete proposals must be advanced to lower prices for internet services for Canadians. One of those proposals relates to the implementation of regulations for wholesale internet services, which encourage investment in internet infrastructure and helps keep the prices incurred by consumers to a fair level.Models from countries such as the United Kingdom and Australia can provide suitable inspiration, as these models have been successful in fulfilling the prescribed objectives.
Additionally, as of February 1st, the Liberal Party has officially announced that it will stand up for Canadian consumers by opposing the CRTC’s decision. My party and I will bring the fight for an open and innovative internet environment to Parliament, and will lobby the Minister of Industry, Hon. Tony Clement, to reverse the CRTC’s decision. If you are interested in taking action in opposition to the usage-based billing decision, or simply wish to stay updated on the Liberal Party’s efforts to have it overturned, please visit http://lpc.ca/ubb.

Once again, I wish to thank you for writing to me on this important issue.

So Australia, which has low caps and censorship, is a model to the liberals. And the NPD wants us to pay tons of money on storage to compensate artists.

If you “jailbreak” your AppleTV, you can then install their Airplay module on it. To activate it (license), you connect to it using the Remote HD App on your iOS device.

I’m not sure how long it will be until Apple finds a way to block it from theApp Store. It is pretty expensive now but it is a useful app, and sure is cheaper than an AppleTV 2.

Instructions quoted below can be found at http://www.remotehd.com/AppleTV/Download

If you are not using the latest Apple TV Software (version 3.0.2), update the Apple TV software from Settings > General > Update Software.
Unlock your Apple TV using opensource atvusb-creator.
Step by step instructions can be found here and here.

Connect to your AppleTV using your preferred SSH client:
Host: appletv.local
Username: frontrow
Password: frontrow

Recommended SSH clients are:
OS X: Use the buit-in SSH command line client using Terminal.app
Windows: Putty Download putty.exe from here

Here’s an example of how to connect to the Apple TV using Terminal.app on OS X:

ssh frontrow@appletv.local
Password: frontrow
Once connected, run these commands one by one.
These commands will download, uncompress, install/upgrade Remote HD plugin and restart the Apple TV interface.

scp ssh.remotehd.com:RemoteHelper.tar RemoteHelper.tar
tar xvf RemoteHelper.tar
./install-RemoteHelper

“frontrow” without the quotes is the default password.
If prompted with a security prompt to confirm connecting, type in yes.

Thats it, you’re done! Now grab your device and have Remote HD scan for available connections. Your Apple TV should show up in the list of available WiFi-connections – just tap to connect!
The default password is empty.

I wish to acknowledge receipt of your e-mail urging me to look into the recent CRTC decision, which clearly fails to understand how important these services are, and how vital it is that we have the benefits of competitive service providers. Thank you for taking the time to write to me.

Under the current Conservative government, compared to other developed countries, Canada’s quality of service and accessibility to high-speed internet declined. Canada also has some of the highest-cost internet access compared to other developed nations. May I remind you that in 2002 Canada ranked 2nd out of 30 OECD countries in number of broadband users per 100 inhabitants. In 2007 we dropped to 10th. This is unacceptable.

I agree with you that we need more competition and better service for Canadian consumers. We need to lower the price and improve internet service for Canadians. My party, the Liberal Party, pledges to take steps to increase competition and look at how we can change Canadian law and programs to get more investment into internet infrastructure, to lower prices and improve internet service for all Canadians. The economy of the future will be very dependent on digital technology and it is imperative we invest in broadband infrastructure today.

Once again I wish to thank you for taking the time to bring this important matter to my attention.

Please accept my kindest regards,

Alexandra Mendes, M.P.

Brossard-La Prairie

I’ve spent some time in the last weeks testing Cyber-Ark’s Enterprise Password Vault. First of all, let me say that I am in no way associated with them, and that this post reflects only my opinion of the software, and not that of any of my clients. This is not a review of the tool, but a bit of information on it and on why everyone should think about using such a solution to secure credentials and become compliant with various laws, guidelines, best practices and policies.

What’s Cyber-Ark Enterprise Password Vault?

Cyber-Ark’s password management environment is made out of multiple separate, secure pieces. At the core of the solution is the Cyber-Ark Vault itself. This server runs on a secured Windows server OS, with no standard services running, and with multiple security layers added. This machine can be considered as an “appliance”, as it is very different from a stock Windows environment. This is what will store files, which in the case of the Enterprise password vault, represent passwords. The vault can be highly available, in a cluster, and replicated as well.

In order to use those files, an interface is needed. The best way to do this is using the Password Vault Web Access, which resides on a web server and communicates with the Vault using proprietary protocols. This allows all systems administrators, operators, developers, etc, to access the vault without needing particular client software.

The third important block is the CPM (Central Password Manager), which will act as the enforcer of policies and as a bridge between the vault containing the accounts and the machines where they are used, when necessary.

Why should it be used?

A solution such as this one should be used at least to store “generic” accounts, while providing separation of duty, auditing, and ease of management. A good example would be the built-in Administrator account of an Active Directory domain. In many cases, the enterprise will want to keep this password somewhere, in case it is ever needed. However, if anyone knows it, there can be no traceability proof if something is done using it.

Companies often design complex pen and paper based systems to store these accounts, often in separate parts, in different safes, in different locations. This is all well until there are just too many generic accounts to keep track of. By using a good password vault product, you should be able to separate duties between password owners and users. Allow management to approve requests for viewing the passwords, allow sysadmins to reset some passwords but not others, and most importantly, log every access to those passwords.

Once someone has seen the password, it is important that it be changed. This is where the CPM comes handy. It is able to change passwords for multiple platforms. Coupled with the ability to delegate only “connect” access (basically, establishing a direct RDP or SSH session with the credentials without showing the password), it can be used to manage a list of passwords that should never be known by anyone until they need to be used. This can also be used to share accounts on systems that do not support multiple users. By changing the password every time it is used, and logging everything, even an appliance that only has a “root” user now has some traceability.

Another great improvement to security that can be made is proper management of service accounts. Many service accounts in environments are set to not expire, as they are to be managed manually.. this means that a lot of manual labor will be done managing them, or in many cases, that they will simply not be managed. Now, with a product such as this one, you can discover what service accounts are being used for what service on what server, as well as enable central management. Yes, this means that it can connect back to Windows servers (among others) and change the passwords used to start up services so that they match. This effectively means that service accounts could be set up with a temporary password during installation, and once managed by the tool, never seen or known again.

Do yourself a favor, and start studying those solutions. Start by storing “generic” and built-in administrative credentials, and work your way up to shared accounts and service accounts. Once they are all in the vault, you can start experimenting with automated management features. It is better to start now and have something ready to use than to wait until something bad happens and then do it in a hurry..

http://support.apple.com/kb/HT4245

If the Wi-Fi network router that you are connected to uses a firewall or security software to restrict Internet access, contact the network administrator and reference this technical article. To use FaceTime on a restricted Wi-Fi network, port forwarding must be enabled for ports 443 (TCP), 3478–3497 (UDP), 16384–16386 (UDP), and 16393–16402 (UDP).

Make sure those UDP port ranges have a good priority in your QoS configuration and you should be good to go. It is worth noting that DNS and HTTP must be open to the outside as well, but they are probably used only to establish the call (same for HTTPS/443) so the QoS config should not matter.