Feedwire Security Axioms


Feedwire Security Axioms

  1. Security and convenience are on a continuum.
  2. People say that they want security but act like they want convenience.
  3. Security is something you must do, not something you can buy.

Thanks to Joshua Belsky for number three.


OS X El Capitan Upgrade Warnings


OS X El Capitan Upgrade Warnings

Apple generates a lot of buzz and excitement for new operating system releases, but adopting early can have negative side-effects. In general, we recommend people wait a few weeks to upgrade any software so that we can let other people have and solve problems for us. We do not earn points for putting out fires that we set ourselves.

Most software vendors have prepared their software for compatibility with the new operating system, but not all. So far, we have seen incompatibilities between the OS X El Capitan and the following software, and these are just the known knowns:

Microsoft Outlook 2011

After upgrading to OS X El Capitan, many users are unable to retrieve new email via Microsoft Outlook 2011. Outlook freezes and stops responding. Microsoft has released a patch to address this issue. The Microsoft patch is available here. Feedwire recommends updating Office 2011 before upgrading to OS X El Capitan.

Microsoft Office 2016

After upgrading to OS X El Capitan, many Microsoft Office 2016 users are experiencing frequent and seemingly random crashes in all Office 2016 applications. This issue has been acknowledged by both Microsoft and Apple, and fixed as of 10.11.1.

Dell SonicWall NetExtender VPN 

After upgrading to OS X El Capitan, NetExtender users are unable to connect to remote networks. Neither Dell nor Apple have acknowledged the issue or recommended a remediation. Feedwire recommends that Dell SonicWall NetExtender users refrain from upgrading to OS X El Capitan until further notice.Feel free to email us with any questions about upgrading.

Printer Drivers

Some Canon printer drivers will not install on OS X El Capitan. Canon has not yet published a list of compatible or incompatible printers and has not yet published updated drivers.

Printer drivers in general are problematic. Check with your printer manufacturer and with Apple for availability before upgrading. Apple publishes a printer driver list, available here, but it has not been updated since the launch of OS X El Capitan

Don't Panic

If you have already upgraded to OS X El Capitan and you are experiencing problems with these or any other software, we are here to help. Feel free get in touch via our help page or to email support@feedwire.com.

We will keep this article up to date as news comes in. Hopefully, all of these issues will be resolved within a few weeks of OS X El Capitan's launch.


Email Phishing and Social Engineering


Email Phishing and Social Engineering

You are executive@youremail.com. You receive an email from president@youremall.com asking you to please transfer $1.83MM to bank account 9900000005 routing 321174851 and to code it to "Operating Materials and Supplies Held for Use" for the Contoso project. This makes you suspicious, so you reply, and ask, "Are you sure you need this today?" The response comes quickly, "Yes, we need this to transfer today." You head down to accounting and have them make the transfer post haste, because you want the president to see how efficient you can be and how useful you are in a pinch.

Be Aware of the Problem

Sorry bub, you and your company are now victims of fraud and you are the heel. This fraud happened without any email accounts being compromised or passwords stolen. What happened? In this case, it turns out that youremail.com and youremall.com are not the same domain. The president has his name and picture on the company website, so do you. A little googling for "@youremail.com" reveals the standard format for email addresses. A little more googling reveals that your company is engaged in a big project with Contoso. "Operating Materials and Supplies Held for Use" is a reasonable general ledger code. All of this together constitutes a social engineering attack. This may sound far-fetched, but the FBI  tabulated more than 2,000 instances of this type of crime with losses totaling more than $200MM in 2014.

Wire transfer requests are not the only payloads for this type of compromise. An impersonated executive might ask her assistant for a "forgotten" password. An impersonated husband might ask his wife for the kids' social security numbers. The impersonated head of the social media team might ask for all of the social media account credentials. The impersonated head of casting might ask for copies of background checks. An impersonated clinical researcher might ask his boss for a patient's medical information. The possibilities are endless and hackers are patient.

What can we do about this? We have to be aware of the problem, understand a little bit about email, and act like we want to protect ourselves from these attacks.

A Little Bit About Email

Email is about as secure as paper mail:

  • It can be read in transit.
  • It can be forged.
  • It can be intercepted.
  • It can be stolen before delivery.
  • It can be stolen after delivery.
  • It can be copied without your knowledge.
  • It can be intentionally destroyed.
  • It can be unintentionally destroyed. 
  • It can be mis-delivered.
  • It can be misaddressed.
  • Its authenticity is not easy to verify.

People treat email as if none of those things are true. People ignore the realities of email security because of ignorance. People also ignore the realities of email security because email is incredibly convenient, and because security is inherently inconvenient.

Act Like we Want to Protect Ourselves

Giving up convenience is hard, but we do not have to be extreme about it. We do not want to become impossible to defraud, we just want to be harder to defraud than most other people and companies. We do not have to outrun the bear. We can ease the inconvenience burden by spreading it across multiple domains, political, cultural, and technological.

In our example case, you would have been saved if you had taken the time and inconvenience to call your president to verify the transfer. You would have gone from heel to hero. Unfortunately, if your company is like most, taking the time to voice-verify the request had the request been legitimate would have been met with impatience or anger. The politics of the office have to change to permit security. The change must be company-wide and be top-down, a choice to mitigate some risk by sacrificing some convenience.

Culturally, we want to foster security and awareness. We can use the same types of tools that we use for safety. Written procedures and occasional drills can improve security policy compliance and weed out bottlenecks. Regular security newsletters and meetings can help staff keep security at the front of their minds, or at least near the front. The hackers who succeed are asking us to do things that we already do or things that are not very unlike what we already do, and so seem innocuous. A small change in procedure, habit, or vigilance can shift this balance in our favor.

Yes, there are ways technology can help. People make the mistake of turning to technology first, mostly because it is something that can be bought, not something that one must do. Without people being aware of the problem and accepting a political and cultural change, new or enhanced technology will not help improve security. People can and will bypass security technologies to avoid inconvenience. Consider a propped-open back door. The same sorts of things happen to security technologies if people do not buy into and understand the justification behind the inconvenience that the security technology creates.

What is Next

Call us. Duh.

Feedwire can help improve your personal or corporate security posture and help you protect yourself from this and other attacks and exploits. We can help with culture, policy, and technology.



Cable Management

Eliav abhors messy cables, so he spent his Saturday cleaning up a new client's rack.

Tidy cables decrease troubleshooting times and patch-related errors. If your cables are a rat's nest, let us send Eliav in to help.


Do Not Pay WebsiteBackup Inovices


Do Not Pay WebsiteBackup Inovices

Today we started getting reports of a new fraudulent invoice scam. These invoices come from a company called "WebsiteBackup" and look legitimate. They are not valid invoices and you should not pay them. This image is a sample.


The scammers seem to be targeting domain owners. Unlike other scams with similar targets, this does not seem to threaten your ownership of the domain. If you've already sent a check or attempted to pay, please contact your bank.

If you ever have doubts about the legitimacy of an invoice or email having to do with technology, please do not hesitate to run it by us. I would rather answer fifty emails about an invoice than go through one stolen domain recovery.



The $500 Computer

There is a strong correlation between a new computer's initial cost and its performance characteristics. This performance is mostly or completely fixed over the life of a computer. Some components are upgradeable, but laptop processors are soldered to the motherboard. Some manufacturers (Apple) now sell laptops with fixed RAM and storage as well.

The minimum performance characteristics that software developers, engineers, and programmers (the world) expect computers to have increases over time. When you get a new computer, there is usually some margin between its performance characteristics and what the world expects. As time goes on, this margin closes and your computer seems slow. Eventually, the world's minimum expectation exceeds your computer's capabilities and your computer becomes garbage. The technique employed by computer manufacturers to drop the price of a laptop to the $500 point is to use components with less capable performance characteristics. These computers ship with a slim margin between their maximum capabilities and the world's minimums. They are slow to start and quickly become garbage.

Ballpark figures

$1500-$2500 computer will not be garbage for about 4 - 5 years
$1000 computer is good for about 3 years
$500 computer is practically garbage when you buy it

The $1000 computer seems to have the lowest cost per year of useful life  

The $1000 computer seems to have the lowest cost per year of useful life


Digging Deeper

Computers also have replacement barriers. It takes time / money / attention / effort (let's use money for our units) to move all of your data from an old computer to a new computer. Let's call that about $300. Over 15 years, if you're buying $2,500 computers and getting 5 years out of them, you go through 3 computers and spend a total of $8,400 on hardware and overcoming replacement barriers. The total cost of the $1,500 computers that last 3 years is $9,000. The $500 laptops that you want to throw out a window every year (because they are garbage) cost $12,000 over 15 years.

So "splurge" on a new computer because it's really saving!


Looking for A Few Good Nerds

Feedwire is growing. We are increasing our capacity to provide kick-ass IT support to you. In order to do so, we need more real live genuine Nerds on our staff. Finding qualified staff has been a challenge for us, and we could really use your help. Zach and Chris are a tough act to follow, but we have total confidence that with your assistance, we can succeed.

We’re looking for the fourth Beatle, the geek d’Artagnan, a master of all trades nerdy. Do you know anyone who might be a good match for our team? Can you refer them to us? Here’s a job description for you to share with your favorite future Feedwire Nerd. You can also click here to forward this very note to them.

Feedwire is a Los Angeles based IT consulting firm. We work to fill the three roles of IT in business today: Data protection and risk mitigation, enhancement and optimization of employee efficiency, and the support of business goals through intelligent technology choices and implementations. We fill these roles while maintaining the belief that technology can be magical, that Nerds don’t have to be nerdy, and that human skills are just as important as computer skills.

Our customers vary in size from residences and sole proprietorships to hundred-million-dollar companies. Their industries span entertainment, law, finance, retail, manufacturing, and more. We even work for some guys who wear mustaches and carry guns. They run mostly on MacOS and iOS with a smattering of Windows, Linux, Android, and Blackberry.

We are looking for a few good Nerds. In a single day, our staff members may be asked to wear many hats: CTO, Accountant, Suicide Hotline Operator, IT Manager, Tier 3 Tech Support, Network Engineer, DBA, Webmaster, and friend. Each role needs to be handled expertly. We find joy in solving problems and take pride in our attention to detail, all the while saving money, time, and grief for our customers.

Are you an IT Nerd rockstar? Are you amazing with Mac OS and terrific with Windows? Do you have a passion for technology? Are you the scientifically improbable love child of Doc Brown, MacGyver, Dr Who, Doogie Howser, and Chuck Norris? Join us! Fill out our application and take the test here: http://www.feedwire.com/hatchery

If you refer a candidate that we hire, the entire Feedwire staff will take you out on the town for dinner and drinks, and if you’re lucky, dancing and karaoke. If you prefer, we can provide a few hours of IT support to you, on the house.

Henry Ford

If you need a machine and don’t buy it, then you will ultimately find that you have paid for it, but don’t have it.

It’s good advice. Perform a basic cost-benefit analysis: consider how much time is worth, and multiply it by the amount of time the machine will help you save over its lifespan. Is that number greater than or less than than the cost of the machine?

Ask a Nerd in Vegas

It’s been a busy month for this nerd. Feedwire traveled along with Profiles Television on their Escape Routes project. We designed and implemented a portable managed network to ensure their video streaming traffic priority over all other traffic on the production network. Malibu, New York, Atlanta, Miami, San Francisco, and finally, Las Vegas. The project was a win-win—it was both fun and successful. Now our portable managed network is available for rent, so if you’ve got a production office to set up and need some rock-solid managed network gear, get in touch with us.

I’m on my way back to LA, but I’ll be taking questions all day. Hit this nerd up via comments and receive answers to your questions. Any realm of knowledge is fair game. Nothing is off limits. Ask away!

Ask a Nerd in the City

Los Angeles is a fine city, but today I’m writing from THE City. New York City, where they know nothing about the taste of picante sauce, but plenty about the taste of pizza. I’m here providing IT support for Escape Routes, but that’s not all I’m up to. I’m also here to answer your questions.

Come one, come all. Submit your questions and behold the answers. Ask any question from any realm of knowledge. No subject is taboo, no question is sacred. I will beam your answers through the clouds.

Post questions to comments.

Mobile Me: The End is Nigh

Apple is killing Mobile Me. If you’re currently using Mobile Me to sync contacts and calendars with your iPhone or between computers, to collaborate with others, or to publish content, you have only a few weeks left (June 30) to transition to another service. Do not dilly-dally.

Alternative services are out there. iCloud is the most obvious candidate, but depending on how you use Mobile Me we can investigate Google, Google Apps, or Exchange as possible replacements. Your frinedly neighborhood Feedwire has successfully transitioned individuals and businesses from Mobile Me to each of those replacements.

This is a pain in the ass, but in spite of Rorschach’s fear, it’s not the end of the world. We’re here to make this change as easy as possible for you, your family, and your coworkers. Drop us a line and let’s get your data swiched before Apple pulls the plug.

We're Ready to Answer You

Are you troubled by strange questions in the middle of the night? Do you experience feelings of confusion while thinking about things you wish you knew? Have you or any member of your family ever let a question go unanswered? If the answer is, “Yes,” then don’t wait another minute. Post your question to the comments and ask the professionals. Feedwire! Our courteous and efficient staff is on call for 24 hours today to serve all your curiosity satisfaction needs. We’re ready to answer you!

No realm of knowledge is off-limits. All questions will be answered. Ask away!

Ask a Nerd about an Acronym

Today is a glorious day! Today, Ask A Nerd Day and No Acronym Thursday are coincident. In honor of this, I’d like to see questions regarding acronyms. We will decompress any and all acronyms. No realm of knowledge is safe from our understanding. Post any questions, but especially questions about acronyms, backronyms, initialisms, and abbreviations to the comments and you will get an answer from one of our Nerds. Asking? Ask on!

Ask a Nerd de los Muertos

We nerds are not afraid of the dead. In fact, we welcome any questions the dead might have for us today. Living participants are welcome too. Ask any question about anything in (or under) the world, and we will answer. Post questions to comments. Get asking!

Ask a Nerd at a Wedding

Feedwire friends John and Lindsay are getting hitched today. Congratulations to them! What better day than today to have your questions answered? All realms of knowledge are fair game - post questions to comments.

Introducing the Feedwire IT Budget Calculator

We have created a new tool for our friends to use, strangers too. We’ve consolidated our experience and expertise into a sophisticated automaton that asks you a few questions about your business and replies with a detailed breakdown of how you should plan your yearly IT budget. Neat, eh? Check it out here: http://www.feedwire.com/budget-calculator/ Would you like to know more? Read on!

Ten Grand!

We started using Zendesk to manage our tasks and trouble tickets in 2008. We started with ticket #1. We are now above nine thousand, on our way to 10k. To celebrate our progress, and because we like numbers, we’ve got a prize lined up for whomever is lucky enough to submit ticket 10,000. It’s both a surprise and a prize. A prize surprise. Keep sending us your problems and we’ll keep solving them.

Another Day, Ask Another Nerd

Today is your chance to learn the answers to your questions. Technology is our forté, but all questions are within bounds. We’re even prepared to answer the question of life, the universe, and everything if you’re prepared to formulate it!

Example questions, to get you started:


  • Why is he climbing the mountain?
  • Who set us up the bomb?
  • What’s that blue thing doing here?
  • Who took my frog? Who found my frog?
  • How do magnets work?
  • What’s the difference between a nautical mile and a statute mile?


Whatever your question’s topic: natural philosophy, sports, mathematics, art history, design, astrology, economics, literature, linguistics, alchemy, or general trivia - we are ready, willing, and excited to answer.

Post questions from any realm of knowledge to comments.


This day, the first of the month, bring you a new opportunity to have the answers to your questions revealed. All you must do? Pose them. Ask any question from any realm of knowledge and our nerds will answer. From cartography to caligraphy, from theology to philology, our nerds have everything marked, everything ‘membered! You wait, you’ll see.

Post your questions to the comments.

Be a Lion Tamer

Today, July 20, 2011, Apple released a new major revision of Mac OS: 10.7 Lion. If you’ve got even a few drops of Nerd blood in your veins, this is an exciting event. I’m sure you’re eager to buy and install this upgrade, but I urge you to take a deep breath and verify a few things before you take the plunge. Putting your head into an unknown Lion’s mouth isn’t usually a good idea.

Minimum Requirements

First you’ll want to ensure that your computer meets the minimum requirements for Lion:

  • Mac computer with an Intel Core 2 Duo, Core i3, Core i5, Core i7, or Xeon processor
  • 2GB of memory or more
  • OS X v10.6.6 or later (v10.6.8 recommended)
  • 7GB of available space

You can check all of this by first selecting “About this Mac” from the Apple menu, which will tell you your current Operating System version. Clicking the “More Info” button in the same window will launch the System Profiler application, which defaults to a Hardware Overview screen. Processor and RAM are listed in that screen. If your computer is less than three years old, you’re almost certain to meet the minimum requirements.

If your processor isn’t on the list you are probably better off buying a new computer. Fortunately for you, new computers will include the new operating system, so you won’t have to bother with the rest of this guide. If you’re short on RAM, it’s possible to upgrade. Other World Computing is our favorite source for Mac RAM upgrades. If you’re running os 10.6, but not 10.6.8, you can run “Software Update” from the Apple menu and apply the queued updates. If you’re on 10.5.x or lower, you must first upgrade to Snow Leopard before upgrading to Lion. It’s available from the source itself.

If you’re light on disk space, you should think about upgrading your hard drive or getting a new computer. Trying to install with only the minimum required space available will put you into an extremely low disk space situation, a recipe for a crash.


Once you’ve qualified your hardware and operating system for the upgrade, it’s time to tackle your software. Start by listing all of the software you use. For me, that list would include Microsoft Office, 1Password, Firefox, MarsEdit, VPN Tracker, and others. Make an actual list, because you’re going to need to check items off.

Armed with your list, open each piece of software, and use the “About” item from the application menu to find your version number. Do this for each item on your software list.

For each item on your list, visit the software developer’s website to check for Lion compatibility. They may require a free update, or you may have to pay for an upgrade, or you may find in the worst case that your software is no longer supported and you have to choose between continuing to use that software under 10.6 or switching to a new software and upgrading to 10.7. Notable software packages that will NOT run under 10.7 are Now Up-To-Date, Quicken, and old versions of EP and Movie Magic Budgeting.

You may have trouble locating Lion compatibility info on your software vendor’s website. Fortunately the internet is full of altruistic nerds. A few Aussie nerds banded together to create a database of Lion compatibility experiences, available for free to the world: http://roaringapps.com

If you’re using any kind of special hardware - RAID cards, video controllers or processors, PCI expansion bays - you should know better than to attempt an upgrade right away. Your computer is a workhorse, not a toy. Leave it in its current stable state for at least a few months longer.


Now that your hardware and software are in order, it’s NEARLY time to upgrade. First, double-check your backup. If you’re running time machine, verify that your backup has run recently. If you have a spare drive around, use Carbon Copy Cloner or SuperDuper! to make a bootable clone of your hard drive. Operating system upgrades are major software operations. Things can go wrong. We want to be sure that your data is safe and that you can get back up and running quickly in the event of an error, bug, or crash.


The install process itself is painless. Launch the App Store from the dock, click on the giant Lion, then click the “buy” button. Once the download finishes, you can run the “Install Mac OS X” application in your applications folder. The install will take about 45 minutes, so enjoy a coffee or an icy beverage.

Shameless Plug

If this process exceeds your capabilities, your interest, or your desire, we are here to help. We can handle the entire process for you, or help you through the sticky parts. Call (+1-310-984-6946), write, or send a pigeon.