Category Archives: Uncategorized

Milestones

This morning I stepped onto the scale and got an unexpected surprise… I was, for the first time (since I started losing weight last August) under a certain multiple of ten (I am still not telling you what I weigh, so you can try to guess but you will be wrong).  It was a very nice feeling, but I also knew it was likely to be a short-lived euphoria, as tomorrow morning I will likely be above that number again.

Don’t get me wrong… I am not planning on binging today – that is not what I do. ‘Hey I am under a certain weight so I can inhale a large bucket of Buffalo wings! :) …’ That is not the way I do it.  Yes I do binge, but not based on things like that.  I just know that weight loss – especially when you weigh yourself every morning – is not going to be a consistent linear drop.  As you can see, even when there is a downward trend, there are days when it goes up… when it does so two days in a row it sucks but over the course of the week if you are down then you are doing something right.

clip_image002

I have decided that at each ten pound milestone I am going to introduce something new into my regimen. This morning I introduced morning exercises (something we should all do). I am sure you know the difference between aerobic and anaerobic (strength) exercises, and if you don’t then you will have to wait for a future article for me to explain the differences.  I decided that every morning I would be doing a few minutes of anaerobic exercises – I have a set of dumbbells which I will use, but I will also do push-ups and sit-ups. 

A few years ago (around the time when I bought the nearly pristine and unused dumbbells) I bought a yoga mat.  No, I am not going to be doing any yoga… I bought it to do stretches at home.  When I moved out of the house I took these, in the hope that I would start using them.

By the way please remember, if it sounds like I just discovered the need to exercise, that I teach Taekwondo five days per week, and yes I do work out, I just don’t do it in the morning.  I am also not going to be changing that I work out in the evenings – that is when Taekwondo is.  However I said that at the milestones I will be introducing something new, not changing something.  So in addition to the TKD, I will do my dumbbell curls, push-ups, and sit-ups in the morning as well.

I also do not know if I will be adding something drastic every time… I will be trying to work up my levels.  At this weight I am doing a minimum of ten push-ups, twenty sit-ups, and three sets of dumbbell curls.  At the next milestone I might double the push-ups… who knows.  I might even add a morning jog, if I can figure out the timing.  We’ll see. 

In the meantime this morning is a bit of a high… partly because of the new low, and partly because exercise just feels good – even if we have to force ourselves to start.

Dropbox: The saga continues

Dropbox was not hacked.  At least, that is according to them.  And in truth it wasn’t… at least, not in the strict definition of the word hacked.  With that being said, it was compromised.  It could in fact be that another service was hacked, but the hackers then cross-referenced those passwords to Dropbox and found hundreds (if not thousands) of them worked.

The bottom line is you have to change your passwords – all of them – often.  I don’t have a recommendation of how often, but more often than twice a year for sure.  Also here’s a good rule: if you join a site and they e-mail your password to you, assume that the password you used is not secure.  If you enter a password on a site they should be able to send you a link to reset it, but they should not actually know what it is.

For more information, see the following article from my archives: http://garvis.ca/2012/11/21/pass-the-word/

Are you embarrassed?

Originally posted on The World According to Mitch:

We have all done things that we are ashamed of, embarrassed by, or simply regret.  If anyone tells me that they have not then I will say they are probably lying.  The thing is, the world has changed over the past few years, and there are two factors that we all have to be concerned by:

  • Everyone has a camera (and video camera) in their pocket; and
  • The Internet is forever.

When I say we have all done things that are embarrassing I do not mean simply tripping over an untied shoelace while all eyes are on you.  That sort of thing happens to everyone.  As my friend Bill Sparks used to say ‘just say ‘Tadaah!’ as if that was what you meant to do.  I am talking about the sort of thing that ten years down the road can come back to bite you.

Over the last twenty years…

View original 1,967 more words

Bypassing IT: A REALLY bad idea.

Wow. I just read an e-mail that made me lose a lot of respect for one of the most respected publications in the world of journalism: The Wall Street Journal (www.wsj.com).

The article, Ten Things Your IT Department Won’t Tell You, outlines several (would you believe 10) issues that employees encounter with corporate systems, and how to get around them.  I encourage you to read the article, but here is the list:

  1. How to send giant files
  2. How to use software that your company won’t let you download
  3. How to visit the web sites your company blocks
  4. How to clear your tracks on your work laptop
  5. How to search for your work documents from home
  6. How to store work files online
  7. How to keep your privacy when using web email
  8. How to access your work email remotely when your company won’t spring for a Blackberry
  9. How to access your personal email on your Blackberry
  10. How to look like you’re working

This article was shared by one of my LinkedIn contacts recently, and if you are looking for proof that the article is outdated, all you have to do is look at the items that list Blackberry and not mobile devices – since very few companies are still on the BB platform.  As a System Administrator and self-proclaimed IT Fascist (there are two ways to do IT – my way, and the wrong way) I nearly fell off my chair when I read the list, as well as the mitigations and risks that are outlined therein.

Let me be honest… as an IT Pro I don’t care if you ‘look like you are working’ when you are not. While there may be consequences for the company, they do not generally affect my bailiwick.  I also don’t care if you try to cover your tracks on your work laptop.  Frankly I think it is a good idea to keep your system as clean as possible, and anything that I need to track should be tracked at the server (cloud) level, which the end user is not able to touch.

Now that I have cleared two of the listed items, let me say this clearly and for everyone: When you came to work for the company, or sometime thereafter (when I or an equivalent me came to implement policies and procedures for the company) you signed a document that is called IT Usage Policies, or something else with the equivalent meaning. It is a document that your HR department has on file somewhere, and it is a legally binding document with your signature on it.

I don’t know what your company’s policies are… they can be as vague or as detailed as your company’s legal department felt necessary, often based on various certifications (ISO, FISP, Sarbanes Oxley, etc…) that your company tries to comply with. It might say something as vague as ‘All systems provided to you by the company are the property of the company, and are only to be used in accordance with the company’s IT policies,’ or it may be as complex as a twenty page document written in legalese with bullet points and sub points and sub-sub points.  Whichever it is, there is a very good chance that anywhere from five to eight of these points are fireable offenses… and at least a couple of them could actually be criminal offenses that could land you in jail.

Yes, that sounds pretty severe… but if you send confidential corporate documents outside of the firewall so that you can access them remotely there is a case to be made (and it’s not a stretch) that you are involved in corporate espionage. If your company does not want you to access your e-mail (or any other corporate information source) remotely it is often not because they are too cheap to spring for a mobile device, but because they want to ensure that any sensitive corporate information does not leave the relative security of the corporate systems.

As a Systems Administrator I have designed the company’s infrastructure to be as secure as the company is willing to make it. Sure, there are some websites that I do not want you to visit because the content is inappropriate, but there are others that inject Trojans and other malware into your system that infect my systems, and can destroy the integrity of our systems.  In most companies the systems are like an egg… we have hardened the outer wall with firewalls and intrusion detection systems, but because you have asked us to make them as useable and friendly as possible the inside is more like the insides… soft, and vulnerable.  So if a particular website is blocked by my systems don’t try to bypass my systems!

Unless we have a specific policy guideline for it (and you have a valid reason for it) there is no reason you should bring your own personal device in, and if we have a policy that you can only use sanctioned and licensed software we have a reason for that too… one of those reasons is that if you bring unsanctioned software in we are responsible for the license (and therefore the license violation).  We would also be responsible for keeping it properly patched, which we cannot do if we don’t know it is there.  We don’t let you install software on your own not because we don’t trust that you know how to press <NEXT> <NEXT><NEXT><FINISH>… we don’t let you do it because there is more to installing software to that.

If you have a giant file to send, ask me for help. There is a good chance that I have implemented a sanctioned way to do it.  Any other way… remember that corporate espionage thing?  Same thing… in or out, I need to be able to see what is going out and coming in.  Out, because you may inadvertently use a system that is not secure and compromised, In because if you want to bring a file into the company I need to make sure it is not compromised, not a virus or malware or anything else.  I don’t want to take your word for it, I want to scan it.  Don’t take it personal, it is not that I don’t trust you… it is that I do not trust anyone, and for that reason I don’t bypass the systems that I don’t want you to bypass because I don’t trust myself either.

When you joined the company (or sometime thereafter) we may have issued you a mobile device. If we did not, and if we did not give you a talk about BYOD (Bring Your Own Device) then there is a very good chance that you do not need to access your data or e-mail during off-hours.  Because of that do not try to check your e-mail on your own device.

I don’t know what your job is. You may work in HR or Sales or Marketing or in Widget Production, I don’t know.  It is not that I don’t respect what you do – I really do.  However I need for you to respect what I do too.  My job is not only to provide you with the IT tools you need to do your job – that is certainly part of it.  However the other part is protecting the company from hackers, data loss, and all sorts of other things that you probably don’t need to consider… but please know that I cannot do my job properly if you go out of your way to circumvent my systems, and I grant you that there are workarounds for a lot of my procedures.

You might get away with it… you might even do it safely. However if I do discover that you are doing this expect to be called into your manager’s office for a good talking to… and depending on several factors know that you may be joined by a security guard who will be tasked with taking your credentials away and escorting you from the building.

zone-perfect-chocolate-mint-1024x764

The Evils of Offices…

I have really been enjoying working at Yakidoo.  The people are really nice, I am enjoying the work, it’s all good.  However they are out to get me, the lot of them…

As I have mentioned in the recent past I have been losing weight.  It is, as anyone who has gone before me knows, not an easy journey.  So when the culture of an office is ‘Hey, I want to be nice to everyone, and since I am going to Tim Hortons anyways I might as well pick up a box of doughnuts for the gang.’ the need to maintain discipline is more important than usual.

chocolate_chip_cookieYou see, at home I have been good.  I don’t keep the fattening foods that I love in the house, so if I am in the mood for something it is more than just ‘go to the fridge and get some.’  I actually have to get up, go out, and either walk or drive to the store.

Last week I was very proud of myself for ignoring the doughnuts.  Today I was not as good when Lorena (she looks so sweet and innocent, but I am about to prove she has her diabolical side) came in from lunch with a box of chocolate chip cookies.  I had just gone downstairs to pour myself a cup of coffee and there they were… I decided that since I had been so good yesterday (aside from burning over 2000 calories walking, I also didn’t come close to hitting my calorie limit for the day) I was going to indulge.  I opened the box and grabbed a couple.

The first bite was already in my mouth when I realized that even when indulging (or especially when…) I have to track what I eat.  I pulled out my iPhone, opened the MyFitnessPal app, and scanned the barcode on the box.  I learned two things… the cookies were from Whole Foods, and they are more calories than I wanted to waste on a cookie… or at least on two of them.  I would have put the second cookie back in the box, but since I have been coughing all week I played it safe and threw it out.  The one cookie (at 160 calories) was very good, and complimented my coffee well.

Truth be told, it was a good cookie to be sure, but not much better than the nutrition bars I keep in my desk for mid-morning and mid-afternoon snacks… the whole bar (1.76 oz of minty chocolate) has 210 calories (60 from fat), but it also has 14g of protein, nearly zero cholesterol (the cookie has 30g).  The carbohydrates are the same, but aside from that the cookie has no nutritional value.

In the end the single nutrition bar is more satisfying than a single cookie (although two would have been tough)… I’ll stick to them.

And as for the Diabolical Lorena… I’ll get you! :)