12 steps to safe OS upgrades

By Steve Hardwick, CISSP

I am always surprised how little it is understood that a good upgrade regimen can prevent a lot of disasters. Plus in a lot of instances, it can also expose some bad practices. By taking a few simple precautions, some of which you should already be doing, you can minimize the risks of operating system upgrade. The following steps will provide a good guide to safe operating system upgrade experience.

  1. Do I really need to upgrade?

In many cases the first version of a piece of software will be released with a variety of bugs. There is always a risk that after the OS had been upgraded the particular bug in the software will be the one that affects your configuration. Over time these will get fixed, so it may be worth waiting a while. Some good reasons for upgrading are;

  • There are no more security patches available for my current OS
  • There is an application that I need that is not supported by my current configuration
  • There are significant performance improvements with the new OS
  • If you can delay upgrading the OS then you are following an age old mantra “if it ain’t broke don’t fix it”
  1. Will my current hardware support the new OS?

The first thought is that the OS will check to see if I have the necessary hardware. Most times not. So it is good idea to review the amount of processing power, RAM memory and disk space that the OS needs. Check other system components such as

  • – Network card
  • – Graphics card and Monitor
  • – Printer/Scanner/camera
  • – SCSI controllers
  1. Make sure all your current software is up to date

It is always a good idea to keep your software up to date. Not only does this reduce the probability of viruses, it also makes sure your software operates at its peak performance. Moving from one operating system to another may cause the way that the application is launched to behave differently.

  1. Make sure you have a back-up. There are two approaches to this.

First, backup all of the user data. If you are not already running a regular backup for your data this may be a great time to set one up. Even if you are running a regular backup for your data, chances are you have never tested it. This is a good time to test it. Move a few files from your hard drive onto a USB flash drive, or cloud storage. Delete the files and empty the trash. Try and retrieve the files from your backup copy. If this works, your backup is in good shape. If not, it is time to research your backup options. This is also a good time to make sure your backup application is supported by the new operating system.

Second, for the more advanced users, is a disk image backup. This will take a complete snapshot of the hard drive. This can be very useful if everything catastrophically fails during the upgrade process. Which, based on personal experience, can occasionally happen. Recovering from an image will replace the operating system, applications and user data. There are many applications out there that will do this, both commercial and open source. A quick search of “disk Imaging software” will give you a lot of options. A word of caution, if you are doing this for the first time, you may want to practice.

  1. Make sure the new operating system will support all of your critical applications

Perform an inventory of your current applications. Then a quick trip to the software vendor site should let you know if your application is supported. You may be surprised to find that either your application is not supported, you have to buy an upgrade or that you need a different version of the program. In my case I had to use the desktop version of Skype instead of the embedded windows applications. I made sure I loaded that before I upgraded.

  1. Review the installations options

Often there may be options available to you during the upgrade process. In some cases it is easier to set these during the installation process than going back and doing them all manually.

  1. Run a full anti-malware scan

Just to be safe, make sure that you have no malware on your system before you upgrade. Not only is this a good practice in any case, but there may be things in the malware that cause the upgrade to malfunction. Either the upgrade has an issue converting the application to run with the new OS, or the malware was designed to wreak havoc on the new OS. In any case it is better to start with as clean a system as you can before you upgrade.

  1. Review best practices for configuring the new operating system.

Another quick visit to the Internet will allow you to conduct some research on what you can do once you have loaded the new OS. This will include the following

  • Configuring the new OS to run at its optimal performance. This may include new options that did not existing in the previous OS
  • New features that can help improve usability.
  • New short cut and menu capabilities
  • Customizing the OS to your requirements

Finally after completing the previous 8 steps we are ready to download and perform the upgrade. Once the upgrade is complete there are still a few steps to get your system back into good working order.

9) In the case of Windows at least, run a full anti-malware scan

You may need to upgrade your anti-malware application, or at least the virus definitions, before performing this scan. You may ask “I just did this before I upgraded, why do I need to do this again?” A virus will attack software vulnerabilities. Since there is a new OS and probably new application code as well, there will be a whole new set of vulnerabilities that the software exposes. The anti-malware application will start looking for a new set of vulnerabilities that are aligned with the new software on the machine.

10) Check that your applications still work

Try out all of your most commonly used applications, especially opening and closing existing files. In some cases it may be worth verifying that the current version of the application is the one you should be using with that OS. In additional to testing things like documents, it is also a good idea to check multimedia files (picture, movies, music etc). In some cases the codecs need to decode the multimedia may have to be reloaded before the application can access them. Hopefully you did all of your homework in step 5 and you will have no difficulty tweaking any of your applications.

11) Make sure your backup application is working

Repeat step 4 with a couple of files to make sure you can recover them. It is also a good idea to make sure your backup schedule is still set the way you a want it. Also verify you have the latest version of the backup software that is compatible with your new OS.

12) Run a Software Update

Once you have everything back up and running then make sure the Software Update is set to run correctly. Plus, after you have verified the settings, kick off a manual update to make sure that you have your OS and applications at their current versions

13) Check the Hard Drive and hardware statistics

Do a quick health check on the hard drive, especially defragmentation check, to make sure that everything is ready to give you the best performance. This will make sure that there are no fragments left after the upgrade. It is also worthwhile monitoring the CPU and memory usage for a couple of days to make sure there are no issues that are consuming CPU time or eating up memory

With careful preparation, an operating system upgrade should not be a disaster. Plus it is also a good time to test a few things to make sure they are working well. In essence it almost a pseudo disaster recovery test by making sure you can recover your data should things go wrong. It is always better to go in eyes wide open after completing the pre-upgrade steps than having that terrible feeling when nothing works and all of your family photos are gone.

Making a Mac faster: Do that disk thing

My brother in law sent me an email a few days ago. He wants to make his iMac respond like it once did, without the annoying beach-ball waiting icon. He’d hoped there was a magic wand to wave over his system and help it move like it was new.

My Mac Computer is running slow and seems to be buffering (spinning multicolored disc) a lot lately.  I’ve never purchased a cleaning program like “cleanmymac” so I’m way overdue   What is your recommendation?

This is a tempting research project, but the truth is a harder solution to locate. There are several companies that will sell you software make your Mac faster. The effectiveness of the software is in doubt, however. Some of the clean-up programs spend time deleting cache files on the Mac, an event that can get in the way of regular operations.

Stellar is a company that has some tools that are useful.


You can also go with Washing Machine, from Intego


Many times, a memory upgrade can do the job even better. And if the Mac’s drive is full, that’s going to slow down the Mac, too.

The most significant change is to do a de-fragment of the drive. With the Mac, it’s all about memory and disk drive health. These speedup programs are available, but they are more of the domain of Windows. The difference is that the Mac is based upon Unix. Windows is Windows, and it collects “scrut” more easily, because it’s installed everywhere.

It’s Unix under the shell of the Mac, after all. Don’t be shocked.

By Steve Hardwick, CISSP

Not so many weeks ago, there was a ShellShock rippling through your world. For those that were unaware of this malware, it was designed to attack Linux operating systems. According to a survey by w3techs, more than 35 percent of web servers use Linux. But why would this be of concern to OS X users?

Well, many Mac users are unaware that the origins of their operating system can be traced back to its Unix roots. Portions of the original system were constructed using FreeBSD, a form of Unix. And Linux was born out of the seeds of Unix. ShellShock attacked a fundamental part of these operating systems called Bash  — a program that runs in a Terminal window. Bash can be used to load programs, create users, change passwords and more.

Needless to say, having someone other than the valid user running this command is not something that should ever happen.

There has been even more worrying news. Recently a Swedish white-hat hacker Emil Kvarnhammar has discovered a method, Rootpipe, of allowing a hacker to gain root access to a compromised machine. The exploit compromises the fundamental portions of the operating system. It is similar to ShellShock in that it is attacking the Unix portion of OS X. By using this method, a user can escalate their user level to “root” access. This gives them complete control of the machine.

From a root account, an unauthorized user can download and install other programs or change user account information such as a password. Further, they can load key-loggers that can collect password and other personal information.

Is this a serious threat to OS X users? I can give the usual security answer: it all depends. From a home user perspective, there is likely not much to worry about. For these attacks to work, the hacker would need physical or remote access to the machine. It could be an issue if the machine was stolen. Continue reading It’s Unix under the shell of the Mac, after all. Don’t be shocked.

Making Music Move With Fidelity

Audioengine's B1 receiver, $169

Making sound move without wires can be a useful tool for anyone, running a business or not. We rely on Bluetooth for a lot of remote work by now, and it’s built-in on most of Apple’s mobile devices. (Only the oldest of laptops has no Bluetooth, or an antique iPod Touch or iPhone.) Bluetooth can do more than move conversations, though. It’s becoming a leading way to push music, or podcasts, out to devices such as speakers. That’s where Audioengine comes in, selling a fine product that works with any sort of speaker and receiver set.

The product is the B1, the company’s affordable ($169) Bluetooth receiver for use with what we old-timers used to call stereo systems. The device works with anything that has a RCA or stereo input, so those reliable cables running from your sound system connect it with iMacs, laptops and even iPads and iPhones.

The B1 pairs with any of these devices with no configuration at all. Like everything else you’ve got that has Bluetooth powers, the B1 just shows up once the compact unit is powered up. (It plugs into the wall for its own power, using a modest size of cord). Once you’ve got it powered up, the B1 has a light on its front that blinks, after you press it, to pair up with your device.

That’s it. From there on out, your mobile device can push audio to any full-bore sound unit. We used it to propel Planet Money podcasts from our iPad mini out to a speaker system set up in a conference room. We also streamed, via the built-in networking of Apple’s iTunes, other sound files. This makes the low-profile Mini a great way to control a playlist while in front of a meeting, for example.

The thing that sets the B1 apart from other products is its fidelity, the pure calibre of its sound. We had Bluetooth speakers grabbing the output of these devices, and the quality of the recordings was markedly better using the B1. While it might not make that much difference on your average TED Talk or podcast, you will really appreciate the upgrade if you’re listening to a meditation routine while launching a company retreat, for example.

Audioengine has been in this business a long time. The company’s got a genuine devotion to high fidelity, judging by the way the product sounds and their product value proposition. It there’s a better solution that connects to the best of audiovisual equipment, I haven’t heard of it.

Who needs anti-virus, anyway?

The answer is a small group of Mac users. Just bigger than “nobody.”

Want to read a nightmare story? Better than living through one. See the tale below of the anti-virus that would not die — which relegated a user to repeated stabs at the OS X Terminal (It’s like the Windows Command Line, but with the saucy prospect of killing the entire machine, since it’s Unix underneath Mac OS.)

The user in the sordid tale below eventually solves his problem: a pop-up AV box taking over his Mac. The solution surfaced after communal help from Apple Support, as well as instructions from Sophos to install and de-install the software. I’m just glad I’m not using this one. Some companies have deep Windows benches. Others know Mac OS, or Unix. It’s not a great vote of confidence for the Sophos folks that they have a free “we’ll find viruses” program for Windows, but none for the Mac.

Here’s the link on the Free Sophos Home version nightmare:


Now, just so I don’t dismiss the whole subject, I went to my favorite Mac website, the 23-year-old TidBITS. Under the department Safe Computing, Rich Mogull wrote, “Do you need Mac antivirus software in 2013?” He’s not smug, and he cites a lot of testing, and says that even accounting for the Flashback infections during 2012, there’s not enough reason to use an A/V unless you engage in risky behavior. (See below).

But perhaps before you do, read the Detection report from Thomas Reed, who tested plenty of A/V including ClamXav. And Sophos. Regardless of the fact that even the latter could only find 90 percent of the viruses on a system, Reed echoes the “take over the machine” horror commonplace to the worst A/V solutions. Reed notes that A/V programs can cause significant problems.


“Detection rate is important, but so are other factors. Many anti-virus programs are capable of causing significant problems, and it’s important to understand that examination and comparison of performance and stability were outside the scope of this test. Some of the programs in this test are known troublemakers, regardless of how they perform at detecting malware.

“That said, detection rate is certainly not something to be ignored. When choosing anti-virus software, it should do the job that it is made for as well as possible. There is very little reason to use anti-virus software that has a poor detection rate, especially when Mac OS X already includes a number of basic protections against malware. (See How does Mac OS X protect me?) “

The only A/V I have on my system — not yet engaged — is MacKeeper. Reed says this about that:

In the case of MacKeeper, many believe it to be malware itself. Although it is not strictly malware, it does have issues which I have outlined in the past, in Beware MacKeeper. In my brief testing, it alerted me to a “critical” problem with my computer, consisting of nearly 2,000 “junk files” that it claimed needed to be deleted. Keep in mind that this was a base OS X 10.8.2 system, right after the restore from backup made necessary by Norton. All those “junk files” were normal parts of the system, and removing them would probably have had negative effects. Although I was not able to actually test the effects of removing them, as MacKeeper would not do so without purchasing it, many people have reported that doing so causes problems that require reinstallation of the system.

Reed also debunks the “no viruses on Macs” tale in this post;


Finally, Reed gives his opinion on why A/V is only necessary on the Mac is these cases


However, there are some cases where AV software may be needed right now. For example:

  • If you need to keep Java turned on in your web browser, AV software may be a good idea to avoid malware that takes advantage of Java vulnerabilities.
  • If you are using a Mac in an environment where AV software is required
  • If you frequently trade files with Windows users and don’t want to be accused of passing on a virus
  • If you want the peace of mind and don’t mind installing software that may be obtrusive
  • If you can’t be bothered to give any thought to what you download, though this is a very dangerous attitude on today’s internet
  • If you are not at all tech savvy and have trouble accurately determining what is trustworthy and what is not

Then he drops back to recommending Sophos, and so you can go full circle to the start of this “report on the reports.” Software that cannot be removed without a visit to the Terminal is not something that is worth 90 percent protection. To me, anyway. When Flashback blew through our Macs last year, we had a free option to rub it out, and it did no damage. The limited economic payback on infecting Macs is something that provides one layer of protection. Apple provides another, but there are many times when you’ll just want to go around the Gatekeeper nanny protection — like when purchasing software directly from the vendor, or even downloading an update from the vendor.

In my personal use on the Mac, A/V software is the fussy nanny who won’t let you lick the popsicle down to the stick, because you don’t know where that stick has been. So you toss the popsicle into the trash half-eaten, and the ants appear.

I’ve never had something eliminated from my Mac that caused any damage by an A/V program. In the Stone Ages there was a program called Virex. Which got purchased by EMC and fell victim to an unfortunate accident after that.

The majority of opinions are saying that A/V doesn’t do you much good on the Mac — not that there are no Mac viruses.

Lantronix makes iOS printing as simple as a plug of a cord

There could be nothing simpler than using the Home version of the Lantronix xPrintServer for small-office printing. Instead of shopping for AirPlay-capable printers, an office manager can simply order a handful of these clever devices, plug each one into an existing printer, then run a network cable from the xPrintServer to the office hub or router.

So long as that hub or router is linked to your WiFi network, that’s about all of the configuration you need to put a printer into your iOS document choices. Some apps are smart enough to specify a page range, we learned while testing the xPrintServer. But Lantronix will embrace whatever controls you can get out of any app for iPad or iPhones.

Printing might be on the decline, but there are times when sharing a document face to face simply works better with paper. If you’re doing research on the iPad, printing can seem a natural extension of the task.

We noticed that changing the xPrintServer from a network to a subnetwork seemed to confuse things. Even when we switched it back to our working main network, it couldn’t spot the xPrintServer. So we unplugged it, waited a little while, and plugged it back in. Problem solved. Perhaps the moral is don’t switch to a subnetwork that’s not configured for it.

But honestly, there’s very little we’ve tested here that went faster and smoother than the xPrintServer. Considering how little it costs $99 and the ease of use, it’s the best product we’ve seen for connecting an iPad or iPhone with any printer that has a USB port. Lantronix provides the rest, including some great design.

Macworld becomes iWorld, on the vendor floor

Truly, the Macworld that we know from the past is long gone. What is left, by the looks of what’s in the Moscone Center West this weekend, is the remnants of a once-unique empire of desktop computing software.

I’m not even bemoaning the loss of Apple, long-departed even before Steve Jobs died. What is striking is how much mobile dominates the booths on the expo floor, as well as the talks offered upstairs. The largest, liveliest section of this year’s show is Appalooza, where three out of every four kiosks — you can’t call ’em big enough to be booths — hawk and explain iOS apps. I’d like to be able to say that iOS is a unique enough environment to justify a user conference full of its technology. But many of the vendors here also sell Android versions of their apps.

This was not the case in the olden days when Apple wasn’t a mobile computing company with a desktop legacy. A Mac application was built sleek and easy and beloved by a wee minority of the computing world. Now an “app” is available to more than a third of the world, and more than half of the planet’s tablet users.

For quite a few years the expo floor has been crowded with companies that want to sell a wrapper for your mobile Apple device. They have now been joined by a device insurance company, a booth where you can sample non-dairy cheese product (tasty!) and a glut of accessories to push power into your mobile devices in a dizzy array of designs. One company was selling a $229 device which, with the help of $4 disposable pucks, takes water and turns it into enough power to charge an iPhone about one and a half times.

Yes, there are still companies selling things like a replacement for the ill-conceive iWeb, or the impressive array of microphones for any Apple device from Blue, or a weather program which has both desktop and iPad releases, each distinct.

But to spend to Macworld without a dedicated interest in an iPhone or an iPad would be like attending the Super Bowl to see the halftime show. At least this year’s event dropped the booth girls (svelte models) that stirred up sentiments at the 2012 conference.

Apple reports records, while analysts dish out baloney

With a torrent of analyst Q&A grilling ended yesterday afternoon — after the record sales of $54.5 billion in 90 days’ time, profits of $13.81 a share, and iPhone/Pad sales of 70.9 million devices — Apple’s stock sank $63 a share today. At a casual calculation, the company saw more than $60 billion in market capitalization drain away.

With sales and earnings and growth tossed to the winds of worry, there seems to be no number that will generate a story other than “Apple is weakening.” Not an increase in profits to a record level, or a jump in revenues to the same. iPad sales, at 22.9 million, were just 100,000 tablets short of the analyst estimates. This is called a “miss,” even while the sales outstripped every other tablet 2:1.

The coverage is being couched in terms of analyst estimates, and they need to protect their “phoney-baloney jobs,” as Mel Blanc’s Governor said in Blazing Saddles. Today’s fallout from the wiseguys’ reports were great news for the analyst clients who want to climb on board the stock at $450, I suppose. There’s been too much hype to withstand the “knock-em-down” counterpunch that always follows a brilliant run-up of anything.

TechCrunch said the numbers of sales and profits for “its fiscal Q1 2013 financials, are a sight to behold.” The markets beheld a reason to follow the smell of baloney. Apple beat estimates for profits —  the element that affects the future R&D for users of its products — by 26 cents per share. That’s nearly a quarter-billion dollars extra in earnings that the analysts didn’t expect. Still a stock to sell, apparently. It traded at twice its usual daily volume today.

One hidden issue is the lack of new iMac shipments, but that doesn’t seem to have hurt those top-line numbers. Operating margin decline is an concern, too, a measure of the cost in the future to create those rising profits. The estimate of the cash reserve on hand at Apple is more than $100 billion. And the latest quarter delivered $13 billion in profits. These numbers are so outrageous that it reminds me of the quote from Citizen Kane. Kane’s been told he’s losing $1 million a year on publishing the Enquirer. “You’re right. I lost a million this year. I expect to lose a million next year. At that rate I’ll have to close the Enquirer – in about 60 years.”

Apple could deliver record, quarterly earnings for almost two years just on the strength of its cash on hand — and sell nothing at all. But you can expect the machine to outpace itself by another 7 percent this quarter, by Apple’s now-cautious estimates.

So there’s not much wrong with a company still making the best product in the market and raking in billions in profits for shareholders. Contrast it with HP — trading at $17, with analysts forecasting a breakup and terminating dividends. Likely for the former, sketchy on the latter. But that’s a 13-cent a share dividend. And Apple’s paying more than $2 a share, right?

Question for the crowd: How can Apple rake in 50-70 percent of the world’s smartphone profits and still be branded a weakened mobile company? Extra slices of the analyst baloney, perhaps? Continue reading Apple reports records, while analysts dish out baloney

A big day for Apple’s business, bristling with jackleg guesses

Later today Apple will release its quarterly results for the period that ended on Dec. 31. The part of the business press that wets its finger and sticks it into the finance winds to forecast has their guesses out there already. But they’re only as good as the amount of airtime, column inches (print, gad!) or webpages devoted to the details.

The problem with studying stock behavior as a marker for a company’s prospects is that it reads only every other word of the message. As an example, Hewlett-Packard struggled to stay above the $12 per share mark during the same Apple quarter we’ll hear about today. This week the stock is up to $17. That’s nearly a 50 percent increase, lifted on the waters of nothing technical or business-like at all. Investors stopped hearing bad news, and HP looked like a great value at $12.

The every-other-word that technology reporters on TV overlook is the mechanics of trading stock. Why is Apple trading at around $500 a share, when four months ago it was flirting with $700? One reasonable explanation lies in how big investors trade Apple shares. Over at Daring Fireball, Apple watcher John Gruber pointed to a report at Seeking Alpha that large institutional investors who’d sold options on Apple’s stock back in the summer stood to profit by billions if AAPL closed at $500 or under on Friday.

Yep, the stock closed precisely at $500. And it had nothing to do with how well the iPhone 5 is selling, or the cost to manufacture the phone, or the rise in popularity that might be concocted out of the tea leaves of Android sales reports. Just a few quarters ago, one of the Android tablet makers had to admit they were counting shipments (unsold but transported units) as sales. A public correction flowed from the company’s Korean headquarters.

As a customer of business solutions from Apple, you should care how well the company is doing on the stock market. And there’s no doubt that individual retirement funds have taken a hit since the summer if they hold AAPL. But it’s irresponsible and lazy journalism to ignore how stock buying works, just because you only have less than three minutes to say something interesting about the most profitable company in the smartphone industry. By Gruber’s research, Apple earns 75 percent of all the phone profits in the world.

It’s probably not doing that with a phone that’s “more expensive to make” and “might not be selling as well as the last iPhone.” Be patient enough to wait for Apple’s government-controlled reports on iPhone 5s, later today, before you decide if the company’s product balloon has already hit its cloud ceiling.

There’s a bigger story in the offing today, about a smaller part of the Apple product empire. Building its latest iMacs has become an unfixed problem that’s hurting sales of its desktop business. Continue reading A big day for Apple’s business, bristling with jackleg guesses

A word on Otterbox cases to protect pads, phones


That’s the most concise word to apply to the Otterbox line of protective cases for Apple’s tablets and phones. The market’s iPad mini cases are now making their debut, and 180 of them are on display for sale at the Dr. Bott website. But Otterbox is a cut above all that. They sport near-indestructible materials, tight and skilled fit around the iPad 2 and the iPhone 4S we use here at Bites HQ. We don’t understand how a mobile business pro could carry a tablet or phone through a workday without some protection. Otterbox now has mini iPad cases ($69.99) that mimic the consummate cousins already offered for smaller and larger iOS devices.

That’s consummate as in “showing a high degree of skill and flair; complete or perfect.” We were given a Commuter grade iPhone case for our 4S early this year, and it’s scarcely come off of the phone in that time. Only a few headphone-related jacks made me tug off its top, and the case was easily reset afterward. Essential.

Their iPad cases came in two flavors, from the commuter-class Reflex with its ride-along stand and rubberized gasket protection, to the Defender case that has claimed its place on the iPad 2 since March. It’s got a front-glass protection shield that is lightweight and snaps off and on with ease. Unlike an iPhone, the iPad seems to demand more serious plastic outerwear for trips from office to client site.

Otterbox didn’t rush out its full line of cases for the iPad mini, and that’s not a surprise. This is a company with attention to detail, patience to get a design right, and product durability that will demand a higher-grade manufacturer to meet those standards. Consummate.