Lately, I have encountered several Windows 10 computers that I support, which have failed to install the KB5023696 Windows update. Despite repeated attempts, Windows continues to fail to install the update, even after restarting the computer. The installation process appears to complete, with progress shown on the screen reaching 99%, but ultimately fails, resulting in Windows rolling back the changes.

After trying a number of the usual fixes, sfc /scannow and Dism.exe /online /Cleanup-Image /StartComponentCleanup, among others, I finally stumbled on the a solution that worked. I didn’t try to repair or reset the WMI repository. I went straight to the third option in that article - rebuilding it.

After doing this and restarting the computer, the update installed with no issues.

I’ve told many people over time that working in IT can make you an excellent internet searcher.

I came across this article today from the Free Press newsletter, and I could not believe it.

The Elizabeth Ann Clune Montessori School of Ithaca, set amid a pastoral idyll of rolling fields, a pond, and dandelion-stippled meadows, is just a few minutes’ ride from Ithaca College and Cornell University. Serving more than 220 students from preschool through eighth grade, the school features classrooms bathed in natural light, populated with the offspring of professors, doctors, and lawyers. And since the fall of 2020 through today, those children must be masked during class and on the playground, and have been barred from speaking during lunch.

I’m at a loss for words. The only kind of science these school administrators are following is junk science. Masks do not stop the spread of respiratory viruses. Period.

If ever there was an example where a school’s kids’ parents should band together and demand change, this is it. The fact that they haven’t is mind-blowing.

As Microsoft’s Office 365 becomes more and more popular, it’s natural that hackers will target it more. This article talks about the growing number of sophisticated hacking operations that are increasingly targeting companies’ cloud data, Office 365 in particular.

One of the first steps of any organization using Office 365, or Google’s G Suite for that matter, should be to enable multi-factor authentication. In this day and age, MFA should be enabled whenever and wherever possible. Any time a web service I use starts offering MFA, I immediately enable it on my account.

Services like Office 365 and G Suite provide the tools necessary for robust security deployments and monitoring. It’s just up to the organization to use them.

I came across this support article from Apple today. This is the first I’ve heard of the T2 security chip on the newer Macs ever becoming unresponsive. According to Apple, it is a very rare problem.

After reading this document, I believe I may have seen this problem a time or two at my last job. There was one MacBook in particular, a 2018 15” model, on which I could not reinstall MacOS to save my life. Nothing I tried worked. Now, I’m almost positive the T2 chip was the culprit.

Rare or not, I’m glad I came across this support document. It’s a nice bit of information to have in the ‘ol arsenal of knowledge.

It looks like Microsoft has released the final version of the Windows 10 and Windows Server security configuration baseline settings. As stated, these settings are included as part of the Microsoft Security Compliance Toolkit.

One of the changes announced was the removal of the account password expiration policy. From what I have observed in my work experience, this is a good move. Forcing employees to change their passwords all the time does not result in improved security. When users are forced to change their passwords frequently, most users resort to doing something as simple as increasing the number or letter they have on the end of their passwords. Removing the expiration, or at the very least making expiration much less frequent, results in stronger user passwords.

These documents and Group Policy administrative templates are invaluable tools in hardening one’s Windows infastructure.

A couple of years ago, I replaced my Netgear “gaming” wireless router at home with a Ubiquiti Unifi setup. Although the Netgear router worked fairly well, it didn’t provide me the level of customization I wanted in my networking setup. The impetus was installing quite a few smart home devices and my desire to isolate these IoT devices from the user network.

I purchased a Unifi Secure Gateway, two Unifi managed switches, and a Unifi wireless access point. Coming from a work background that has included a lot of enterprise networking, setting up the Unifi devices was really straightforward. I would venture to say that anyone who is fairly technical but with only a rudimentary background in networking could still set up a Ubiquiti network fairly easily.

I set up two VLANs, one for user devices such as computers, iPhones, and iPads, and a second VLAN for the smart home devices. I then configured a firewall rule that allows the IoT VLAN to communicate with the internet but not the user VLAN. Due to the nature of IoT devices and their infrequent updates, this gives me some peace of mind about my user devices, since if an IoT device were to be hacked, the user devices on the other VLAN could not be reached.

Last weekend, I finally got around to do something I’ve been meaning to do for quite a while - set up a syslog server on my home Windows server. I installed the free version of Kiwi Syslog Server. Since the free version allows for five input sources, and I only have four network devices, this version is all I need. After configuring Kiwi and then setting the IP address of the server in the Unifi configuration, I could immediately see syslog messages appearing in Kiwi.

I also set up Kiwi to send me emails if the number of email messages in an hour reaches a certain threshold. I’ve received a few of these emails of the past week, but as you can see here, there aren’t any critical errors I need to worry about.

Was having a syslog server for my home network really necessary? No, not at all. However, as a technology enthusiast with a substantial home network setup, I like the insight such an implementation provides me.

April 30 was my last day of employment with a company for which I had worked for just over 26 years. The world’s response to COVID-19 is wreaking havoc on peoples’ lives. I cannot wait until we move past this pandemic.

And we will get past it.

Apple and IBM’s announcement yesterday of an enterprise partnership is great news. While I have no idea if the enterprise applications they jointly develop will be any good, the bigger news to me is the extended and on-site support that IBM services will provide to businesses.

Microsoft is making great strides in services, while Apple is beginning to penetrate the corporate computing world more and more. It’s a new world.

So, if this is going to be the first post of a brand new blog, I might as well make it a good one. To kick things off here, I thought I would talk about my switch to the Mac as my primary computing platform. As a life-long Windows user, it’s something that I never thought would happen. Ever.

On October 22, 2013 Apple released OS X Mavericks as a free operating system upgrade. As a long time iPhone and iPad user at the time, I was peripherally aware of Mac events and news, so I read a little on some of the new features Mavericks offered. I was also trying to become more informed regarding Mac computing due to the fact that our CEO and COO, my boss, both now had Macs. I already had to set up our printers on their Macs, and finding my way around OS X was quite challenging.

Not long after Mavericks was released, I downloaded a VMware Workstation image of Mavericks that someone had hacked together. I proceeded to get this virtual machine up and running on my laptop at the time, a Dell Latitude E6530 running Windows 8. That laptop had 16 GB of RAM and a 256 GB SSD, so it was no slouch. As such, I was able to give the Mavericks VM plenty of memory to run smoothly. And then I discovered Alfred.

I downloaded and installed the free utility and started seeing all the cool stuff you could do with it. There was nothing like this on Windows, at least that I knew. I even paid for the Alfred PowerPack so that I could mess around with Alfred Workflows. All of this tinkering with Alfred led me to discover other automation apps. This is how I discovered the wonderful, vibrant community of independent Mac developers.

I have had an iPhone and an iPad for a few years. Even so, I never saw myself or even considered switching to a Mac. I had two main reasons for feeling like that. One, I really didn’t care for the look of the operating system. Second, they just cost so much money. After playing around with the virtual machine I had gotten working, I was able to get past the first reason. I like a lot of OS X’s visual aesthetics now, and I am able to look past what I don’t like. When an opportunity at work arose to get me past the financial reason, I jumped.

A new developer had been hired, and his manager requested a laptop with the exact specs as the laptop that I was using at the time: the Dell E6530 mentioned above. Instead of ordering a new one for him, I asked my boss about getting a MacBook Pro for myself and giving the Dell to the new developer. Being a recent Mac convert himself, he said “Go for it.” A couple of hours later, I was back from Best Buy with a 13” Retina MacBook Pro.

The transition was not easy, but I was willing to put in the extra time so I could get the most out of this awesome piece of hardware. I still have and use a Windows desktop at work and at home (for gaming), but I love this MacBook Pro. To me, the killer hardware feature is the SSD implementation. The Dell laptop I used before I got the Mac had an SSD, but it was nowhere near as fast as the one in the Mac. I have yet to use a Windows laptop that even approaches the SSD performance of the Mac. There might be some out there, but I haven’t seen them.

Even though I am definitely a convert, I am not one of those people that hates Windows and Microsoft. There are quite a few things that are simply better on Windows, gaming being the primary example. Neither do I like the bad rap Windows 8 has gotten, because I happen to think it’s a fine operating system. People’s general dislike of change should not keep software companies from moving forward, and I’m glad Microsoft hasn’t backtracked too far with Windows 8.1.

I am happy to have made the switch to a Mac. I still have a lot to learn, but at least now when my boss has a problem on his Mac, I am no longer lost.