Teleworking 2009 - Mac OS X Server

Transcription

Teleworking 2009 - Mac OS X Server
Teleworking 2009:
Mobility for the rest of us
PowerTools Session PJ
Dr. Bill Wiecking
wiecking@mac.com
Latest version: http://public.me.com/wiecking
Introductions: Who are we? What do we need to cover here?
6 modules:
1. Who are we? Case studies
2. Remote presence and access
3. Infrastructure: connectivity and security
4. Workflow and integration
5. Tools applications and gadgets
6. Whatʼs next?
---Questions
Q&A - Users Conference
We are using Google Moderator to take questions for
this session.
1.
2.
3.
4.
5.
Go to http://tinyurl.com/5t55h2
Pick the topic that matches this session PowerTools
Sign in using a Google Account
User Name: macworldexpo09
Password: macworld09
Submit the questions you want to ask
!"#$%"&%"#'$()*%+,$)#-"&)%.",%/0&#%0&)/$($1
session PJ
• Introductions: Who are we? What do we need to cover here?
• Road Warriors
• Teleworkers/Telecommuters
• SOHO users (local or remote)
• Supporting Road Warriors/Teleworkers
• Administrator of organization with teleworkers (education, medical, etc.)
• Crucial issues/needs
• Liability issues (e.g. HIPAA)
• Benefits/Drawbacks of teleworking
• Travel is more and more expensive
• Live where you wish, work where you must
• Who is doing this and why?
• Corporate folks (reduced office expenses, increased availability)
• SOHO folks (working with remote clients, consultants, partners)
• Education folks (teachers working on grades/reports from home)
• Module 1: Case Studies
• Who are we?
• How we work, why and where
• Nature of data/workflow preview
• Best practices
• Who are we?
• SOHO users
• Teleworkers
• Telecommuters
• Road Warriors
• Educators working at home
• Distance independent businesses/consultants
• Long distance collaborators (architects, engineers, designers)
• Support staff:
• System administrators
• SOHO office tech persons
• District tech folks
• Business departments: “where is all of this money going?”
• How we work, where and why
• SOHO
• By definition, small office/home office
• Trusted connections
• Local resources
• May have to collaborate with others not local
• Usually small staff, limited support, limited resources
• Teleworkers
• Often workers bringing home work after hours
• VPN to company office desirable
• Limited local resources, but secure connection to remote resources a must, usually wired CM/DSL
• Telecommuters
• Focus is on working at the office from home, during work hours
• Collaboration is key: VTC, whiteboards, wikis
• Secure, fast connection is a must, multiple or failover CM or DSL
• Trusted local resources, some more robust than SOHO or teleworkers
• Road Warriors
• Usually working in a hostile, non trusted environment with limited resources
• Very dependent on host facilities (system administrators, local servers etc.)
• Phone is more critical, usually cellular/3G
• “leggere” lightweight and fast
• Nature of data
• SOHO users
• Local data
• May be large (shape files, dwg files) and need to be hosted and stored
• Security an issue, but with local storage and backup
• Remote access to data needed at times, some data sharing
• Teleworker
• Data may be on laptop/drive or remote server
• Remote control is very useful: data stays on server (Wen Ho Lee: Los Alamos)
• Often after hours, hard to distinguish traffic from off-hours hackers
• Telecommuter
• Collaboration/conferencing is crucial: face to face work during office hours
• Remote control helpful, but only if there is a host machine/system (e.g citrix)
• Data usually hosted at worksite, remote access must be secure and fast
• Road Warrior
• All of the above may apply
• Usually hostile/not trusted environment with limited resources/security
• VPN crucial for all traffic
• Wireless security is crucial
• Best practices
• SOHO users
• Backups off site
• Remote cloud hosting of data
• Redundant email/web accounts (e.g. MobileMe)
• Backup power, properly installed
• VoIP software with softphone for travelers (e.g. Vonage/X-Ten)
• Secure wireless network, if you host wireless visitors use a “sandbox”
• Teleworkers
• Remote control (Timbuktu, VNC, ARD) preferably through VPN
• Develop security practices to ensure data integrity
• Secure wireless network
• Telecommuters
• Fast, redundant connections with VPN for security
• Find fast, ubiquitous VTC solutions, and develop VTC etiquette (no yoda jammies)
• Remote control off-loads local responsibilities, ensures security
• Road warriors
• Carry backup data, bootable disks, repair disks (hybrids)
• Use cloud for critical data (e.g. MobileMe, Google Docs, SugarSync)
• iPhone utilities can make your life much easier
• Wireless security issues hit you first
• DEMO: DATA ACCESS
• SubEthaEdit
• Google Docs
• Module 2: Remote presence/access
• Control
• Presence
• Collaboration
• Data Access
• Issues
• Control
• Timbuktu
• Uses port 407
• Mac and PC versions available (Vista is dodgy at best)
• Secure connections
• Can copy to/from desktop, file transfers are fast
• Great for help desk apps
• One to one
• Can be remotely installed (this can get creepy)
• Admin caveat: use “ask for permission” if user is online
• Apple Remote Desktop
• Excellent for group admin
• Summary screens and upload/update scripts are excellent tools
• Can be used for group sharing/collaboration when used over IP (share screen)
• VNC
• Free
• Controls one on one, no transfers usually
• iPhone apps
• LogMeIn
• Web based commercial service
• Others
• Citrix
• Expensive
• Usually corporate
• Support staff needed to implement properly
• DEMO: CONTROL
• Timbuktu
• Apple Remote Desktop
• VNC
• Presence
• Skype
• Ubiquitous
• Free
• Video and/or audio
• Cross platform
• Skype tips
• iChat AV (including jabber and vpn access)
• Included with Mac OSX
• Can be tunneled using jabber and VPN
• Very clean
• Many add-ons possible (recording, whiteboards, camera boost, etc.)
• VTC tips
• VTC etiquette (face touching, looking up, bed head, jammies)
• Always have paper and marker on hand for comm issues
• DEMO: PRESENCE
• Skype
• iChat AV (inclucing jabber and vpn access)
• Collaboration (local and cloud based)
• Google docs
• Google apps
• SubEthaEdit
• Wikis
• Mac OSX Leopard Server wiki
• Wetpaint
• Mediawiki
• Whiteboards
• Hyperoffice
• Ignyte
• See video on YouTube: A portal to media literacy, Michael Wesch
• DEMO: COLLABORATION (LOCAL AND CLOUD BASED)
• Google docs
• Google apps
• SubEthaEdit
• Wikis:
• Wetpaint
• Mac OSX Leopard Server wiki
• Mediawiki
• Data Access
• iDisk (part of MobileMe)
• pdf servers
• Apple TimeCapsule
• Apple AirPort Extreme 2 USB external data storage
• Apple OSX server
• Sugar Sync
• AirSharing (iPhone app)
• DEMO: DATA ACCESS
• iDisk
• pdf servers
• TimeCapsule
• Airport Extreme 2 USB
• OSX server
• Sugar Sync
• AirSharing
• Issues
• Cloud based vs. local
• Connection speed
• Security
• Best practices: store remotely, control locally
• Module 3: Infrastructure
• Overview
• Goals
• Issues/solutions
• Connection types
• Wired
• Wireless
• 3G
• EDGE
• Others
• Overview
• You as client
• You as roaming client
• You as host
• SOHO host
• Host to guests (“sandbox”)
• sysadmin world
• Connection types
• Wired
• Wireless
• 3G
• EDGE
• Others
• Wired
• Characteristics
• Advantages/disadvantages
• Issues
• Speed
• Reliability
• Wireless
• Characteristics
• Advantages/disadvantages
• Issues
• Speed
• Reliability
• 3G
• Characteristics
• Advantages/disadvantages
• Issues
• Speed
• Reliability
• EDGE
• Characteristics
• Advantages/disadvantages
• Issues
• Speed
• Reliability
• Others
• WiMax
• EV-DO
• HSPA
• DEMOS
• http://speedtest.dslreports.com
• IPNetMonitor
• Net utility
• terminal app
• iNetwork test (iPhone app)
• Focus: Wireless
• Ubiquitous
• Many devices supported now (laptops, desktops, iPhone)
• Recent developments have improved range (MIMO) and security (WPA2)
• Main connectivity technology for most users/devices
• Very often misconfigured, ergo serious security issue with liability in some cases
• Like Plutonium, useful if used correctly, dangerous otherwise
• User configuration issues/solutions (central DHCP, roaming, security)
• 802.11 varieties
• 802.11a (54 mb/s, ~5 gHz)
• 802.11b (11 mb/s, 2.4 gHz)
• 802.11g (54 mb/s, 2.4 gHz))
• 802.11n (MIMO, ~72 mb/s, 2.4 and 5 gHz)
• 802.11i (security suite)
• 802.11s (mesh networking)
• Legacy stuff:
• 802.11 (1-2 mb/s, 900 mHz = 0.9 gHz)
• Access Point options
• AirPort family
• Graphite (v.3 Karlnet sw, bridge)
• Snow (v.4, PPP added)
• Extreme (v.5, 802.11g added)
• Express (v.6, audio out)
• Extreme II (v.7, 802.11n/USB storage added)
• AirPort family strengths/weaknesses
• Routing limited
• No multiple routers on same network block
• Limited antenna/amplifier options
• Netgear
• Solid gear, good support/updates
• Easy to extend with antennas/amps
• Linksys
• Bought out by Cisco (price margins)
• D-Link
• Cheaper
• Some hacking possible
• Interference
• Main cause of poor wireless performance/connectivity
• May be easy to fix, if diagnosed properly
• Two types of interference:
• Logical (channelized, access points, tunnels, ad hoc networks)
• Physical (non-channelized, select or broad spectrum)
• Logical
• Channelized
• Channel overlap (stomping)
• Access points
• Ad Hoc networks
• Tunnels (point to point)
• DEMOS
• iStumbler
• Coconut WiFi
• ctrl-click AP window
• war walking
• Physical
• Cordless phones (use ISM bands)
• Microwave ovens
• Radar detectors
• Any ISM device (video, audio repeaters)
• CF bulbs (the older ones)
• Non-channelized, so does not show up on stumblers
• Only indicator is high noise, low speed (see SNR)
• May be specific spectra or broad spectrum
• “How many times in the past have they stood between me and my dreams of
glory? How many times have they foiled my plans with their bungling
interference?”
-Fearless Leader, The Adventures of Rocky and Bullwinkle
• DEMOS
• Eakiu/WiSpy
• kismac
• war walking
• Hosting issues
• Channel allocation
• Always use both an active stumbler (iStumbler) and a passive scanner
(Kismac)
• Poaching
• Endemic issue, HW ACL or WPA2 are good stop-gap measures
• Roaming
• Bridge APs, set DHCP server on LAN segment, name all networks
same
• Client issues
• WPA2
• Good security, password based, some client config needed. Controls
access to network, not data integrity
• Can be broken, but not as easily as WEP (minutes)
• VPN
• Controls content on the network, not access. Makes a secure encrypted
tunnel between your client and the server on the other end.
• Should be used at all times when working remotely to safeguard office
assets as well as your own.
• Solutions
• Roaming setup for multiple APs
• PPP server using AE
• Client setups as download files
• Access control methods (HW ACL and RADIUS, see below)
• DEMOS
• iStumbler
• coconut wireless
• eakiu/wispy
• kismac
• ctrl-click AP window
• war walking
• Security
• Who is the threat?
• From how far away?
• How will I know?
• Various scenarios
• Home
• SOHO
• Campus K-12
• Campus higher ed
• Enterprise
• Levels of threat
• Passive users
• Usually after access to resources (e.g. connection)
• Determined users
• May be after access to resources (e.g. connection)
• Usually after access to data
• In some cases, to access and alter your data (data replacement)
• Intruder profiles
• Opportunistic
• Your neighbor, the black volvo parked near my house
• Script kiddies
• Opportunistic, “morally flexible”
• Industrial
• Well funded, covert, sometimes talented, legal ramifications if caught
• Military/governmental/organized crime
• Extremely well funded, team efforts, international, very talented
• Methods
• Packet sniffing/data collection (Interarchy, IP Net Monitor, TCP dump)
• Network access required
• Data often in clear text
• Great VPN demo for your team
• Kismac wireless capture
• No need to gain access to network (“promiscuous mode”)
• Data in clear text, saved as PCAP files
• Encrypted data can be saved for later decrypting
• DEMOS
• Interarchy
• IPNet Monitor
• TCP Dump
• KisMac
• Solutions
• Access control
• Data Security
• Access control
• Hardware Access Control Lists (HW ACL)
• WPA2 (CCK and TKIP)
• HW ACL
• Benefits/drawbacks
• No users intervention
• Relatively passive
• Problem: can be spoofed
• Problem #2: legacy accounts-clean house regularly
• “Timed access” on Apple Airport Extreme configuration utility
• RADIUS
• Elektron vs. Leopard Server
• Central management for many users
• DEMOS
• Elektron
• Airport Extreme HW ACL list configuration
• Leopard Server RADIUS configuration
• WPA2
• Benefits/drawbacks
• Some user intervention
• If passphrase changed, must update all users
• WPA (1) cracked, 11.6.2008
• WPA2 personal (local) vs. enterprise (server)
• Others, now defunct:
• WEP
• DEMOS
• WPA2 setup on client
• WPA2 setup on Apple Airport Extreme (personal and enterprise)
• Data security
• 802.11i
• See also Apple OSX Leopard Server
• VPN
• Fast, easy, transparent
• Included in Tiger, Leopard servers
• Included in iPhone
• Vendor solutions:
• Juniper
• Cisco
• 802.11i
• Access control bits
• Content integrity bits
• Can be managed by Leopard Server
• VPN
• Encrypted data
• Secure tunnels into organization
• Can be used to share content filtering (e.g. schools)
• Config scripts can be emailed or hosted on web pages
• When used from remote users, can become remote help desk
• DEMOS
• VPN setup on Tiger and Leopard Server
• VPN setup on client
• VPN packet sniffing example
• Cool tricks
• Reverse VPN for remote help calls
• Instant iChatAV through firewalls (jabber)
• Secure data transfer
• Content filtering via host list
• Saving vpn config file for http download
• Special issues
• Rogue access points
• Detection using WiSpy remote (soon to be on the iPhone as well)
• Detection using RADIUS on wired LAN
• Log analysis, syslogd
• CyberGauge SNMP monitoring
• DEMOS
• TCPDUMP with wireless sharing enabled, iPhone sniffing
• Interarchy (v. 8.5.4) Net mode
• RADIUS
• Elektron
• Leopard Server
• Day one: Summary
• User Profiles: SOHO/Teleworker/Telecommuter/RoadWarrior
• Support issues, best practices, solutions
• Remote access: data/remote presence
• Remote control: Timbuktu, ARD, VNC
• Presence: iChatAV, Skype (add-ons)
• Collaboration: google docs, subethaedit, web 3.0 apps
• Data Access: local, cloud, MobileMe
• Connectivity/Infrastructure
• Connection tools: IP Net monitor, speedtest.dslreports.com
• Interference: logical and physical
• Tools:
• iStumbler-active
• Kismac-passive
• WiSpy-physical
• Security: WPA2, VPN and HW ACL
• WPA2 strengths/drawbacks
• VPN setups, tricks
• HW ACL admin via Elektron
• Tools: syslogd, cybergauge
• Day one: Tools/Resources/References
• Kismac: http://trac.kismac-ng.org/wiki/Downloads
• IP Net Monitor: www.sustworks.com
• QuickerTek antennas: www.quickertek.com
• WiSpy physical scanner: www.metageek.net
• Antennas, cables, amps: www.rflinx.com (Joe Janning)
• Timbuktu remote: www.netopia.com
• Elektron RADIUS server: http://www.periodiklabs.com/elektron
• VTC/iPhone add-ons: http://www.ecamm.com/
• VNC client chicken of the VNC: http://sourceforge.net/projects/cotvnc/
• Active stumbler iStumbler: http://www.istumbler.net/
• Coconut WiFi: http://www.coconut-flavour.com/coconutwifi/index.html
• Subethaedit: http://www.codingmonkeys.de/subethaedit/
• YouTube video on web 3.0: http://umanitoba.ca/ist/production/streaming/
podcast_wesch.html
• VersionTracker: www.versiontracker.com
• Day one: things I think we may have missed...
• Google moderator
• Direct link: http://moderator.appspot.com/#15/e=dd49&t=baa3
• iChat Add-on demos
• iGlasses http://www.ecamm.com/
• Conference recorder http://www.ecamm.com/
• Showmacster http://www.pleasantsoftware.com/ShowMacster/
• Screencaster screen sharing: http://www.softpedia.com/get/Others/Home-Education/
ScreenCaster.shtml
• CoPilot from Fog creek: remote control https://www.copilot.com/
Demonstrations:
• Wiki demo on Mac OSX leopard server
• WPA2/VPN demo with packet sniffing (IPNet monitor)
• Elektron demo (setup with local access point)
• TCP sharing to iPhone demo
• VPN on iPhone
• Wiki on Mac OSX Leopard Server
• Go to http://akau.hpa.edu/groups/
• Click on Energy
• Find “whatʼs hot” on the right
• Note:
• Tags identify threads, not chronological like blogs (e.g. blojsom)
• No concurrent editing allowed in Leopard wiki
• WPA2 and VPN demo with packet sniffing
• Try this:
• Join an open access point
• Change the security on the access point to add WPA2 personal
• Try to join the same access point from the laptop
• Enter the new key, retry
• If possible, have another laptop monitor this process with Kismac in passive mode
• What do you notice about the nature of the wireless network and the information
gathered about the client?
• Open IP Net Monitor on a client machine authenticated to the wireless network
above.
• Using TCP dump, monitor packets on the other machine while it browses the web
• Now activate the vpn on the client and watch what happens to the nature of the
dump data
• You now have two solid measures for controlling (1) access and (2) content in
transit
• Elektron demo with local AP
• Try this:
• Download and install the demo version of Elektron:
• http://www.periodiklabs.com/elektron
• Setup access point as “captured” client
• Configure Access Point to look to elektron server as RADIUS server
• Try first with simple HW ACL authentication
• If you are interested, try also with WPA2 Enterprise authentication
• Strengths of Elektron over Mac OSX Leopard server:
• Cheaper
• Expandable to HW ACL, WPA2, 802.1x, others
• Runs on older machines, quick ROI
• Strengths of Mac OSX leopard:
• If used for comprehensive user login, one account handles all (server access,
wireless access, etc.)
• Very fast
• Almost invisible configuration with WPA2 enterprise
• TCP sharing to iPhone
• Try this:
• Under System preferences, Sharing, enable internet sharing over wireless
• On your iPhone, select this network to join
• On the non-iPhone machine, open IP Net Monitor, and run the TCP dump tool with
the option “all of my TCP data”
• Browse the web on the iPhone, all web traffic will show up on TCP dump
• VPN test on iPhone
• Try this:
• Repeat the above step, but instead use the VPN connection on the iPhone
• Watch the contents of the TCP dump window, and compare to what you saw with
the first trial
• New segment: Letʼs solve your toughest problem
• Got a problem specific to your situation, or one you envision in the near future?
Hereʼs your chance to ask specific questions of the group, and take advantage of the
genius in the room
• Got a great iPhone app? Weʼd like to see it. Open iChatAV and seek out my name
on rendezvous. Iʼll show my screen on the projector so we can all watch you demo
your favorite apps
• From the Keynote:
• iWork.com
• geotagging in iPhoto
• iPhone app: Keynote remote
• Module 4: Workflow/Integration: iPhone, laptop, desktop
• iPhone
• Nature of data
• Connection
• Laptop
• Desktop
• iPhone
• Most mobile, reads/generates data (calls, emails, manual entry)
• Connects via GPRS/EDGE/WiFi/USB
• Sync data:
• USB to laptop/desktop (future bluetooth?)
• Over wifi/edge/gprs (gigabit wireless soon?)
• Nature of data:
• Phone calls
• Addresses/photos of contacts
• Calendar (read, input, edit)
• Mail (see data detectors)
• Data detectors on laptop side, populates address book, contacts lists
• SMS conversations
• Bookmarks
• Photos (captured, stored, played, emailed)
• Music, playlists
• Maps/GPS tagged info
• Data from office (sync: me.com, iDisk, sugar sync)
• Apps (from app store, from master computer)
• Laptop
• Wireless access is assumed
• Camera is assumed
• Nature of data:
• Email
• Messages
• Contacts
• Contacts (from email, address book)
• Bookmarks
• iCal events
• Desktop
• Network access assumed
• Camera possible
• May be Mac or PC
• Nature of data:
• Email
• Messages
• Contacts
• Contacts (from email, address book)
• Bookmarks
• iCal events
• May be linked to server (see below)
• iPhone apps
• Apps store: 2 way setup (to/from phone)
• Organizing the apps (like the bookmarks window on safari)
• Standalone apps
• Hybrid Apps
• SugarSync
• OmniFocus
• DEMO: NINE ESSENTIAL APPS
• Note2self
• SpeakEasy
• Voice dialer
• Jott
• Sugarsync
• VNC
• Mobile news
• Dial Zero
• Air sharing
• Streaming media
• KQED online news
• Pandora
• Mobile news
• Ambience
• MPR
• DEMOS
• MPR
• Access
• Voice dialer
• Note2self
• Voice record
• Jott
• Sugar Sync
• DEMOS
• Note2self
• GPS enabled
• Distance
• Tape measure
• G spot
• Remote control/presence
• Remote
• Jaadu VNC
• Touch term
• INCO
• DEMOS
• Jaadu VNC
• INCO
• Data collection
• Signal scope
• Sound meter
• G force
• Tools
• Flashlight
• Starmap
• iConvert
• Molecules
• myCard (open door networks)
• Network
• iNetwork test
• Pingamajig
• TCPinger
• Telnet
• Easy wifi
• TouchTerm
• DEMOS
• iNetwork test
• Pingamajig
• Easy wifi
• Phone helpers
• Dial zero
• CSV search
• MacWorld iPhone apps list
2/2009
• FileMagnet
• Things
• Zenbe Lists
• Time Logger
• Cooliris
• Pcalc
• Units
• iTalk Recorder
• Mocha VNC Lite
• Twitterrific
• Twinkle
• AIM
• Facebook
• NetNewsWire
• Instapaper Pro
• Bloomberg
• Wunderradio
• Pandora radio
• Sportstap
• Simplify media
• TV forecast
• Showtimes
• i.TV
• Remote
• Koi Pond
• Sketches
• Beatmaker
• CameraBag
• Setup at the office/home
• Connection
• Settings
• Connection: iPhone to desktop/laptop: cradle/cable
• USB cables to get/carry
• MobileMe as a virtual drive/translator
• Computer settings
• iTunes settings
• Sync settings
• Sync options: mobileMe or local
• Benefits/drawbacks
• Syncing apps-options
• No way to test apps except on phone, so computer becomes
repository for all apps, purchased or just downloaded
• iPhoto sync (slow)
• Setup on the road
• Getting connected
• EDGE issues
• WiFi issues
• Getting connected
• EDGE issues
• WiFi issues
• Other options
• EDGE issues
• From the field
• For the office end
• Sysadmin issues
• Email issues
• VPN solutions
• WiFi issues
• Security
• Sniffing iPhone WiFi traffic using your laptop in shared mode
• Using open access points
• Whatʼs secure, whatʼs not
• Extending coverage for roaming users
• RADIUS and HW ACL control issues
• DEMOS
• Sniffing iPhone traffic using TCPdump and Airport Sharing
• Other options
• SugarSync
• PhoneView
• iPhone configuration utility
• Other servers
• Sugar Sync (iPhone app, computer app, phantom mirror)
• Downloading from the cloud
• Sending from the iPhone
• Sending from your computer
• Web access/sharing of documents from computer or phone
• PhoneView
• Call log/history view and export
• Notes
• SMS conversations view/export
• Use iPhone as a jump drive
• iPhone Configuration Utility/Web utility
• XML files
• Create, maintain sign config profiles
• VPN configurations (“payloads”)
• WiFi configurations (“payloads”)
• Cisco config payloads
• Track and install provisioning profiles and authorized apps
• Capture device information, including console logs
• Excellent for diagnosing devices on your wLAN, problems with the
phone
• See the Enterprise Deployment Guide from Apple
• Web utility does many more things via a web browser port 3000
• DEMO: SUGAR SYNC, PHONEVIEW AND IPHONE CONFIGURATION UTILITY
• SugarSync
• PhoneView
• iPhone configuration utility
• Other servers
• MacOSX server
• PDF repository
• VPN connectivity
• INCO monitoring
• VNC and Timbuktu
• LDAP contacts repository
• iCal server
• Central iPhone config repository
• apps
• contacts
• user logs
• What you can do with this setup, and how to do it
• Mail workflow
• iCal workflow
• Safari workflow
• Data workflow
• GPS enabled camera workflow
• Mail workflow
• Computer to iPhone
• Data detectors
• What mail harvests, how to check it
• Push/pull whatʼs the difference?
• iPhone to computer
• Duplicate data
• Hints
• Using MobileMe to sync mail accounts
• Best practices
• Clean data is good data
• iCal workflow
• Computer to iPhone
• Which calendars to sync
• Using MobilMe to sync data
• iPhone to computer
• Modified events go where?
• Hints
• Keep a discrete calendar for iPhone
• Best practices
• Keeping it clean
• Safari workflow
• Computer to iPhone
• Show all bookmarks, clean with folders
• iPhone to computer
• Back-migrating bookmarks
• Hints
• Bookmarks as app windows
• Best practices
• Keeping it clean
• Data workflow
• Computer to iPhone
• pdf documents
• Sugar sync
• iDisk
• iPhone to computer
• Usually as a reader
• Email attachments
• Hints
• Keep mobile docs small, easy to read
• Best practices
• Screen inversion
• Bookmarked data as app windows
• GPS enabled camera workflow
• Using Jet Photo, GPS tagged photos can create google maps, others
• May be imbedded into iPhoto eventually (technically reasonable)
• iPhone/iPod Touch/inactivated 2.5G iPhones
• iPhone config utility
• PhoneView
• Best practices
• Two kinds of users: those who have lost data, those who are about to
• Backup to laptop/desktop, then to time machine (backs up iPhone data)
• Sync (push/pull)
• DEMO: GPS ENABLED CAMERA WORKFLOW
• JetPhoto GPS to photo integration
• Where can we go from here?
• MobileMe as document sync
• Connectivity upgrades
• GPRS/EDGE faster, more ubiquitous
• Gigabit wifi
• USB to bluetooth
• Physically installed
• Just needs to be activated
• Security issues
• iWork as web 2.0 mobile documents
• Create/edit from the iPhone
• Using cloud (.Me account) these could be in constant state of refresh
(see Sugar sync)
• Module 5: Tools/apps and gadgets
• Power
• Headsets
• Cameras
• Bus adapters
• Data
• Road Warrior toolkit
• Power
• Laptop batteries
• Coconut battery app
• Extended batteries
• iPhone batteries
• Clip-on
• External
• Solar
• Power on the road
• Car/boat
• Air
• Solar
• DEMOS
• Coconut Battery
• Headsets
• Bluetooth
• Plantronics
• USB
• Plantronics
• Cameras
• Built-in Apple camera
• iGlasses add-on
• USB cameras
• Logitech
• Firewire cameras
• Apple legacy iSight camera
• DEMOS
• iGlasses for VTC
• Bus adapters
• CardBus
• Photo card reader
• Gigabit ethernet extender
• PCMCIA
• Wireless adapters
• Ethernet adapters
• USB
• SD Readers
• Wireless scanners (use with Kismac)
• Wireless physical scanners (use with WiSpy)
• Data
• USB flash/jump drives
• USB HD
• Powered
• iPhone
• Firewire HD
• 400
• 800
• Gen 1 iPods
• Connectivity
• USB powered amplifiers/antennas (QuickerTek)
• DEMO: CONNECTIVITY
• USB powered amplifiers/antennas
• RoadWarrior toolkit
• Presentation tools
• Hotel/road tools
• Demos
• Presentation tools
• Remotes
• Storage
• Power
• Hotel/road tools
• Antennas/amps
• Power strip
• Headphones
• Earbuds
• NC headphones
• Repair on the road
• Single user mode
• start with apple-s key
• fsck -yf
• run until clean then type
exit
• Diskwarrior
• Best: run from the portable drive you carry with you (NOT time
machine backup, a bootable copy, e.g. super duper copy)
• Run Diskwarrior from the external drive (firewire 800 is fastest, USB
ok with Intel macs, firewire 400 is ok)
• TechTool ProToGo
• Works with external jump drive/card reader-this is nice because you
can carry several different boot versions as small photo SD cards
• Very fast, much faster than a DVD
• Boot DVD (watch out for unibody macbooks/macbooks pro: they need
at least 10.5.5, which is only currently on Drive Genius and the DVD
that came with the units)
• AppleJack 1.5
• single user mode stuff automated
• DEMOS:
• Keyspan remote
• single user mode
• TechTool Protogo
• Module 6: Whatʼs next in 2009
• Connectivity
• Bluetooth integration
• Storage
• Web apps
• Netbooks
• AV integration
• Connectivity
• 4G
• 802.11x (gigabit wireless?)
• 802.11n in iPhone (including MIMO)
• WiMax?
• Bluetooth integration
• Cable free operation, iTunes, iPhoto, sync
• BT GPS communication with laptops
• Storage
• NAS networks (home, office, cloud storage)
• WebApps
• iWork suite as a web app?
CORRECT
• Itʼs called iwork.com and it uses iwork09, which you can get as a demo
from the apple site (I have a copy locally as well)
• Itʼs not yet an iPhone app, but that is probably next
• I also guessed that geotagging would be part of iLife09, which is great,
and done even better than Iʼd imagined. See the Nikon Coolpix 6000 on
tiger direct ($499), looks really nice
• Netbooks
• Theirs, ours?
• AV integration
• AppleTV v.2?
• Apple brand flat panel TV?
• Weʼd heard that TimeMachine might be given SWupdate capacity, this is
not yet enabled.
• To enable this, you can run several commands from the cli
• Command line goodies
SW update
defaults write /Library/Preferences/com.apple.SoftwareUpdate CatalogURL http://10.2.250.2:8088/
sudo defaults write /private/var/root/Library/Preferences/com.apple.SoftwareUpdate CatalogURL http://10.2.250.2:8088/
sudo softwareupdate -i -a
set passwd
passwd admin
<new password goes here>
copy network prefs
cp /Volumes/nomad/Library/Preferences/SystemConfiguration/*.* /Volumes/emac/Library/Preferences/SystemConfiguration/
LDAP to master
sudo dsconfigldap -u diradmin -p 'paddle22' -s -f -a 192.168.3.9 -c master -n "master"
dscl -q localhost -create /Search SearchPolicy dsAttrTypeStandard:CSPSearchPath
sudo dscl -q localhost -merge /Search CSPSearchPath /LDAPv3/192.168.3.9
sudo killall DirectoryService
set boot to nomad
bless -mount "/Volumes/nomad" -setBoot
rename disk to nomad
diskutil rename disk0s5 emac
clean student desktop
rm -frd /Users/Student/Desktop *.*
• RESOURCES
• wireless.kamuela.org
• Dr. Bill Wiecking: wiecking@mac.com
• Online texts: Take Control Books
• Non-volatile storage media:
• Peachpit Press
• Pogue Press
• OʼReilly Press (the ones with the cute animals on the cover)
• APPLICATIONS
• Subethaedit
• Firefox
• Safari
• iPhone configuration application
• Skype
• iChat AV
• Timbuktu
• Apple Remote Desktop
• Chicken of the VNC
• Wi-Spy
• PhoneView
• IP Net Monitor
• Terminal
• iStumbler
• Kismac
• Elektron
• Interarchy (old version)
• Coconut wireless
• SugarSync
• iGlasses
• IPHONE APPS
• Easy Wi-Fi
• iNetwork test
• INCO
• Air Sharing
• Direct Line
• Dial Zero
• iTalk recorder
• Note2Self
• Jaadu VNC
• PingAMajig
• Ping
• Whatʼs goin down
• TCPinger
• Telnet
• SugarSync
• Speech Cloud Voice Dialer
• Jott for iPhone
• Fring
• Flight Tracker
E,8-",/*#D%((',-#?$%(%-)/)',-(
0))12334/+1$%(567(0,8-%)(7-%)
!""#$%&'()%$%*#+,-.%$%-+%#/))%-*%%(#+/-#&,#),#
0))12334/+1$%(567(0,8-%)(7-%)#),#/++%((#)0%#
1$%(%-)/)',-(#.,$#(%((',-(#)0%9#8/-)#),#*,8-",/*7#
:/+0#+,-.%$%-+%#1$,&$/4#8'""#0/;%#/#.,"*%$<#8')0#)0%#
+,$$%(1,-*'-&#1$%(%-)/)',-(#'-+"=*%*#)0/)#(1%/>%$(#
0/;%#1,()%*7#?"%/(%#$%.%$#),#)0%#('&-#,=)('*%#)0%#
+,-.%$%-+%#$,,4#'.#9,=#-%%*#'-.,$4/)',-#/@,=)#)0%#
A,-.%$%-+%#B/4%#C#D%((',-#B=4@%$7
Fin
Reference: Leopard Wireless client setup
Notice:
Open networks show
as names
Closed networks must
be added
If secure, this is
where you add the
options
More on security in a
bit
Reference: Wireless Access point setup
Basic access
screen, let’s
start here
Go to manual
setup
Basic Wireless Access point setup
Access Point
identification
information
A good idea is
to take a
screen shot
(apple-shift-4)
for later
reference
Basic Wireless Access point setup
Change the
name and
always change
the password
If you forget it,
you can always
reset it with a
pencil in the
back
Basic Wireless Access point setup
Network name
may be unique,
or for roaming,
make it the
same as the
others
Note no
security here
Basic Wireless Access point setup
Security
options
WEP is old
school, not
secure
WPA2 is best
Personal is
between the
client and the
AP
Enterprise uses
a separate
RADIUS server
Basic Wireless Access point setup
Alternate
security screen,
based on MAC
address of
client radio
Note default is
all clients, all
on
Basic Wireless Access point setup
Central admin
through a
RADIUS server
Much more
elegant, and
easier to
manage multiple
APs
Basic Wireless Access point setup
Internet
Connection info
Most common is
share
Bridge is fine,
always connect
the outside to
the circular
icon, even if
you plan on
bridging local
devices (e.g.
printers)
Access Point testing: how good is my connection?
Goal: Learn how to evaluate the signal and noise from an Access point
using a client based application
Tools: AP Grapher
Basic Wireless Access point setup
Access point
list
Note all stats
at once for
comparison
Basic Wireless Access point setup
Access point
graph
note speed and
other stats
Basic Wireless Access point monitoring: take two
Pretty graphs
show client
signals from
the Access
point
perspective
Very useful for
AP placement
Notes:
• Intermapper for remote network admin, works for monitoring teleworkers as well
What's missing? bluetooth sync, bluetooth GPS to laptop, geolocation on iphoto, 802.11n (not just throughput, but MIMO). Maybe already physically installed, just need to be activated (all of
these are possible now with current HW).
option-click airport menu to get more info
Method 0: Plain SMS -- You can send SMS from a phone. 500 SMS messages are included "free" with the standard AT&T data plan for the original (EDGE) iPhone. For the new
iPhone 3G, the base data plan doesn't include any SMS messages. You can pay $5 per month for 200 messages, $15 for 1,500 messages, or $20 for an unlimited number of
messages. Or, if you don't plan on sending and receiving more than 25 SMS messages in a month, you can pay $0.20 per message by not signing up for any plan.
Astronomically expensive!
Method 1: AIM-to-SMS Gateway -- For computer users, Jeff's method is fine - AOL's AIM-to-SMS gateway works consistently. My issues were with the iPhone AIM client. On
the Mac, iChat and AOL's Mac client are reliable, and another iPhone client using AOL's IM service would presumably have been fine. This morning, in a quick search for "AIM"
in the iPhone App Store, I found 5 chat clients that claim AIM compatibility. But I barely use instant messaging since I started using Twitter, so determining if they work more
reliably than the iPhone AIM client is left as an exercise to the reader.
Method 2: Email-to-SMS Gateways -- My favorite way to send SMS messages to iPhone-using friends is via email from either my Mac or my iPhone to their 10-digit cellular
number @txt.att.net. txt.att.net is AT&T's email-to-SMS gateway; it generates an SMS message that looks something like an email message, with minimal 'FRM' & 'SUBJ'
headers adapted from the original message, and forwards that as an SMS message to the specified 10-digit cell phone number. Longer email messages are broken into
multiple SMS messages. Now that I realize my iPhone 3G-using recipients pay for incoming SMS messages (including gatewayed spam!), I'll probably use this approach less,
and avoid long messages which would be fragmented and thus charged as multiple SMS messages.
Email-generated SMS messages are easy to recognize - they come from strange-looking phone numbers, like "1 (010) 100-010" for the 10th message I received from the
gateway.
Unfortunately, these gateways are generally specific to individual carriers - AT&T's gateway works only for AT&T subscribers. Teleflip used to offer such a multi-carrier
service, but the company has gone bankrupt. Notepage offers a long list of gateways. If you're not sure which gateway to use, try sending an SMS message from your phone
to your email address (which will likely entail an SMS charge on the cellular bill) - the email should show a valid return address at the appropriate SMS gateway. Some SMS
programs allow this, while others accept only phone numbers as recipients.
Method 3: SMS Web Pages -- Many cellular carriers, including Verizon Wireless and Sprint, offer public Web pages for sending SMS messages to their subscribers. In
contrast, AT&T's page is available only to logged-in AT&T customers, although hopefully that means it can reach any SMS number. I am not aware of a Web page which
enables non-AT&T subscribers to send text messages to AT&T subscribers.
Method 4: SMS Applications & Widgets -- There are a variety of applications and Dashboard widgets that you can use on a full-fledged computer to send SMS messages.
Many of these charge the sender, although they appear to operate across cellular carriers. I suspect they use commercial gateways which have the same access to cellular
providers as other providers, but nobody except AOL appears to do this for free.
Method 5: Mobile Phone Under External Control -- Additionally, several Mac programs exist that can instruct a mobile phone to send SMS messages, generally via
Bluetooth or USB. The VersionTracker link immediately above lists a few. Obviously, there's no difference in price when using this method, but it may be easier to type out a
message on a real computer keyboard.
MMS: Multimedia Messaging Service -- In addition to SMS for short text messages, MMS enables mobile phone users to send one another pictures and short videos. The
iPhone lacks MMS support, although Mail is perfectly suitable for sending attachments to an MMS gateway, if you'd like to reach a non-iPhone cell phone that does support
MMS. Messages sent to iPhone cellular numbers via @mms.att.net are silently dropped.
SMS messaging may not be used in the United States to the extent it is elsewhere, but I hope these resources make it a bit easier - and cheaper - to stay in touch with friends
and family.