#callmeifyouneedme — Public Fediverse posts

Your Microsoft account password should never be the same as your email password. This is a Microsoft vulnerability that has been around for years.

BACKGROUND
This morning I received an email from a past client with a link to a document. We ended my last project on good terms, but they haven’t contacted me for a couple of years, so I was cautious (but not cautious enough, as you’re about to see). I looked up the contact’s email in my own Contacts and sent a new email to ask if the email with the link was legitimate. A minute later I received a reply, from the contact’s email address, saying “Yes, that was me, and it’s legitimate.”

WHAT HAPPENED NEXT
With that assurance, I opened the original email and clicked on the link. It directed me to a page that looked like it was from Microsoft, and prompted me to enter my email address. I did. Then, in what looked like a real Microsoft account dialogue box, it prompted me for my Microsoft account password. I entered it. It told me the password was incorrect, and everything stopped. The hyperlink to “try another way” was non-responsive.

I opened a new tab in Edge and logged into my Microsoft account, proving to myself that I did in fact have the correct password.

I sent a new email to the contact: “It won’t let me in.” No response.

I called my contact and left a voicemail. He called back and said, “It wasn’t me, sorry, the same thing happened to me yesterday and it sent out emails from my account.”

I logged into my Microsoft account, checked the login session history (it was clean), and changed my account password.

THE LESSON
Do you see the problem now? My contact’s email is through his company’s Microsoft account. His Microsoft account password and his email password are one and the same. That’s why the cybercriminal was able to send emails to all his contacts. There was probably also a little social engineering involved, in order to bypass his Microsoft MFA, but reusing the same password for MS email and the MS account is a long-standing Microsoft vulnerability.

If you know a way to separate the MS email and account passwords, please let me know, because I have a lot of clients that I’d like to make more secure by fixing this.

#CallMeIfYouNeedMe #FIFONetworks

Cybersecurity - Networks - Wireless – Telecom – VoIP

Now is a really good time to think about what information your company should have connected to the Internet.

Yesterday was a better time. Last year was better still. But, now is a really good time.

#CallMeIfYouNeedMe #FIFONetworks

#DataClassification #InformationPolicy #PrivateNetworks #AI

Cybersecurity - Networks - Wireless – Telecom – VoIP

Now is a really good time to think about what information your company should have connected to the Internet.

Yesterday was a better time. Last year was better still. But, now is a really good time.

#CallMeIfYouNeedMe #FIFONetworks

#DataClassification #InformationPolicy #PrivateNetworks #AI

Cybersecurity - Networks - Wireless – Telecom – VoIP

Now is a really good time to think about what information your company should have connected to the Internet.

Yesterday was a better time. Last year was better still. But, now is a really good time.

#CallMeIfYouNeedMe #FIFONetworks

#DataClassification #InformationPolicy #PrivateNetworks #AI

Cybersecurity - Networks - Wireless – Telecom – VoIP

Now is a really good time to think about what information your company should have connected to the Internet.

Yesterday was a better time. Last year was better still. But, now is a really good time.

#CallMeIfYouNeedMe #FIFONetworks

#DataClassification #InformationPolicy #PrivateNetworks #AI

Cybersecurity - Networks - Wireless – Telecom – VoIP

Now is a really good time to think about what information your company should have connected to the Internet.

Yesterday was a better time. Last year was better still. But, now is a really good time.

#CallMeIfYouNeedMe #FIFONetworks

#DataClassification #InformationPolicy #PrivateNetworks #AI

Cybersecurity - Networks - Wireless – Telecom – VoIP

Wi-Fi 7 is good – but not that good.

Over the weekend I replaced the wireless router for a small business in Washington State. It was an emergency replacement; they need it for several routine business functions. It turned out they didn’t have a spare. They took my advice and let me provide two routers, identically configured, so they can swap cables and get back online even when I’m not there.

The new routers I picked up were 802.11be, commonly referred to as Wi-Fi 7. The product literature says, “Leverage the power of WiFi 7 for speeds up to 3.6 Gbps at 1.2X faster than WiFi 6.”

Wait a minute. Hold up. Take a look at the ports on this thing: the WAN port is 2.5 Gbps, and the four LAN ports are 1 Gbps.

They’re not exactly lying, but you need to understand what’s going on, so you don’t have unrealistic expectations about Wi-Fi 7.

1) You can’t get Internet speeds higher than what’s provided by your ISP, and what your WAN port is capable of. Those are hard limits.

2) You can’t get wired LAN speeds higher than the ports and cabling on your wired devices are capable of. Those are hard limits.

3) On a wireless-to-wireless transfer, the physical port speeds don’t matter. BUT... that 3.6 Gbps number is only possible under laboratory conditions when two wireless endpoints are connected to each other on a single aggregated stream using all the radios: 2.4, 5, and 6 GHz. In a real-world home environment you’re more likely to measure 1, maybe 2, Gbps.

For a family of five, will Wi-Fi 7 perform better than Wi-Fi 6? It depends. Are you doing a lot of internal wireless data transfers, or is everyone constrained by the same 500 Mbps data rate from your ISP?

At your place of business, should you rip out twenty Wi-Fi 5 access points and spend the capital budget to upgrade the Wi-Fi 7 infrastructure? It depends. Let’s take a look at your data flows and usage patterns first to see if it could make a difference in your situation.

#CallMeIfYouNeedMe #FIFONetworks

Cybersecurity - Networks - Wireless – Telecom – VoIP

Here’s why the Wi-Fi coverage was inadequate in the Washington Hilton Hotel ballroom during the White House Correspondents’ Association (WHCA) annual dinner on April 25, 2026.

It’s not because the Hilton is being cheap. It’s simply physics. In this post, my goal is to help people who aren’t RF engineers understand why high-density Wi-Fi is so hard to get right.

BACKGROUND
The dinner was interrupted during the salad course by loud noises, and the Secret Service rushed into action. The President and many other people were evacuated and the building was secured. I was watching a Breaking News segment on TV. The journalist who was covering the event for the TV station I was watching was using a Wi-Fi VoIP connection to talk to the newsroom, and it wasn’t working very well.

It’s easy to say, “Wow, the Hilton should have better Wi-Fi in such an important ballroom,” but it’s not that simple.

WI-FI IS HALF-DUPLEX
Refer to the picture. The IEEE 802.11standard, more commonly called Wi-Fi, uses half-duplex communications. It’s bi-directional, but only works in one direction at a time. When the smartphone is transmitting, the Access Point (AP) is receiving, and vice versa.

The reporter I was listening to estimated that there were 1,500 people in attendance. This number may be low; the WHCA official report on the 2025 dinner lists 2,600 people in attendance, in the same ballroom. Television coverage inside the venue showed several guests using their phones to video record the scene. No doubt some of them were live-streaming, or at least attempting to.

In a modern football stadium (another high-density Wi-Fi environment), wireless APs are located under a seat or on a seat back, operate at low-power, and serve a small cluster of nearby seats. In a hotel ballroom this type of fixed arrangement is harder to do. We might imagine a low-power AP under every table (that would be wonderful!), but the tables aren’t permanent and it isn’t practical. Instead, the ballroom has APs with directional antennas mounted at various points on the walls and/or ceiling.

CONCLUSION
When the AP is receiving, and several phones transmit simultaneously, the AP gets interference and decodes very little. The 802.11 (Wi-Fi) standard isn’t designed to accommodate that scenario. The solution is to plan many low-power APs, each serving a very small area. This is difficult to do in an environment with moveable furniture for hosting different types of events.

#CallMeIfYouNeedMe #FIFONetworks +1 206-465-2422

Cybersecurity - Networks - Wireless – Telecom – VoIP

Recently I was given the contract to evaluate the Wi-Fi system in a huge, gargantuan building. Hundreds of feet in each direction, one big open space, thirty-foot ceiling. The existing system wasn’t working well, and my job was to make recommendations for improvement, or design the replacement system.

On the day of the initial site survey, I discovered that the wireless access points were mounted on the ceiling, pointing down. Not good! That will work fine in an office with a ten-foot ceiling. But not thirty feet.

This meant that the absolute best Wi-Fi service in the building was in the top half of the space, where there were no people, no computers, no smartphones, no IoT devices. Their system provided good coverage to randomly moving air molecules between fifteen and thirty feet above the floor.

Between three feet and six feet above the floor, where coverage really matters, there was massive interference caused by clear line-of-site to multiple wireless access points.

The situation reminded me of a conversation I had with another client some time ago.
Client: “How much will it cost?”
Me: “Do you mean for my analysis and design, or to fix the problem? Because the price of my services will be tiny compared to what it will cost you to implement the fix.”

#CallMeIfYouNeedMe #FIFONetworks

Cybersecurity - Networks - Wireless – Telecom – VoIP

This week I did an interesting data recovery task for a family. (This was a legal data access. The identities were verified). They were trying to put together a notification list for an upcoming funeral. They could tell the contacts in the person’s laptop were incomplete because names they knew should be there were missing. And the person’s Android phone, with Google Contacts, won’t directly sync to the email app on the laptop. They could go through the phone contacts one at a time, but, was there an easier way?

Yes, there is.

In this case, it was an Android phone. Refer to the picture.

You can export the Google Contacts to a single .vcf file (vcf is an abbreviation of an abbreviation. It stands for vCard File, and vCard is short for Virtual (Business) Card).

People sometimes think that a .vcf file is a single contact, but a .vcf file can contain multiple contact records. It can be quite large and contain hundreds, even thousands, of contacts.

You can view some of the information with any text editor like Notepad. To easily view all of the information, import the .vcf file into a new or existing address book in an email program.

SUMMARY
For this client, the solution was to export the contacts as a .vcf file from the phone, import the .vcf file into the contacts in the computer, and merge duplicates. Now they have a relatively complete list of contacts in one place, and they can manage announcements and invitations using a full-size keyboard.

The client is in another state. A family member did the steps while I coached them over the phone.

#CallMeIfYouNeedMe #FIFONetworks

#TechSupport #RemoteSupport #HelpDesk

Cybersecurity - Networks - Wireless – Telecom – VoIP

“If You Used an Android Mobile Device to Access the Internet Through a Cellular Network at Any Time from November 12, 2017 to the Present, . . . You Could Get Money from a $135 Million Settlement.”

“The Plaintiffs allege that Google’s Android operating system causes Android mobile devices to transfer a variety of information to Google without users’ permission, consuming users’ cellular data from their cellular data plans. Plaintiffs allege that certain transfers occur in the background, without any notice to the user, including when the devices are in a completely idle state, meaning they are not in use or being touched, with all apps closed. Plaintiffs allege that even though Google could make it so that these transfers happen only when the devices are connected to Wi-Fi, Google instead causes these transfers to sometimes take place over a cellular network. Plaintiffs allege that Google’s unauthorized use of their cellular data violates the law...”

Google got in legal trouble for an activity that violated the Software Developer’s Code of Ethics that I published on August 28, 2016 (available on the FIFO Networks website). Turns out, their action was not just immoral, it may also be illegal. Of course, they denied doing anything wrong.

#CallMeIfYouNeedMe #FIFONetworks

Cybersecurity - Networks - Wireless – Telecom – VoIP

A company just asked for a brief statement of qualifications for a project with disaster recovery planning and a new off-prem backup system. I don't spend a lot of time creating slick marketing pieces. I answer the questions. This is what I sent:
------------
<name redacted>,

Thank you so much for inquiring about my services for Disaster Recovery planning and off-premise data backup system design. You asked for a brief summary of my experience and qualifications for the project.

• Formerly I was the Technical Director of two companies where I designed and built nationwide (USA) satellite-controlled communications systems. One of those companies had over 50,000 subscribers, and the other company had just under 100,000 subscribers. I designed, built, and managed the system with redundancy to achieve “five 9s” reliability, which means no more than about 5 minutes of downtime per year.
• Next, I was Director of National System Development for Cellular One, where we also had a demonstrated interest in maintaining reliable systems in adverse weather conditions with minimal downtime, and no loss of data.
• I taught cellular systems, information technology, and cybersecurity classes at three colleges for a total of 17 years.
• I still teach cybersecurity and information technology under private contract with public utilities. For example, most recently I taught a cybersecurity class to the engineers at <company name redacted>. This July, I’ll be teaching a week-long class in Windows Server Management.
• I have helped companies develop their Disaster Recovery and Incident Response plans in accordance with US laws in various industries, including construction companies and accounting firms.

Thank you again for your inquiry.
---------------

The value of this simple approach is this: I don't chase clients. I work with clients who want me. From long experience, I can tell you that this simple approach saves you so much grief. It makes your work fun.

#CallMeIfYouNeedMe #FIFONetworks

Cybersecurity - Networks - Wireless – Telecom – VoIP

Last Thursday I was doing a remote tech support call for an elderly gentleman and his wife in Macon, Georgia (I’m in Seattle). He said, “The printer is in another room, and I want to check the status to see if my document is done printing. It takes a lot of steps. Is there an easy way to see when the printer is done?”

SOLUTION
I put a shortcut to the printer queue on his Windows desktop, which was actually on a laptop. They both liked it, so I put another shortcut on the desktop of her laptop.

HOW TO DO IT
If you’d like a shortcut to open your printer queue, here are the steps. If you have more than one printer, you can make one for each of them.

Step 1: In Printer Properties, copy the name of your printer.

Step 2: On the desktop, Right-Click - New - Shortcut.

Step 3: Where it says, "Type the location of the item," write:
C:\Windows\System32\rundll32.exe printui.dll,PrintUIEntry /o /n "YourPrinterName"
Between the quote marks, replace YourPrinterName with the name of your printer, found in Step 1.

Example:
C:\Windows\System32\rundll32.exe printui.dll,PrintUIEntry /o /n "WF-2930 Series(Network)"

Step 4: Give the shortcut a name and save it.

Step 5: While something is printing, double-click the icon to see the current document queue and status.

#CallMeIfYouNeedMe #FIFONetworks

#TechSupport #RemoteSupport #HelpDesk

Cybersecurity - Networks - Wireless – Telecom – VoIP

This mini-PC (in the yellow circle) was shipped to me from Texas. The owner, a man who lived alone, suffered a major medical event and will never be able to use it again. The person with Power of Attorney sent it to me to crack. I recovered email, a rather insecure password list, information on all utility bills, where banking is done, and so forth. Now the family can proceed with handling the person’s financial affairs.

The mini-PC is even easier to ship than a laptop, because it doesn’t have any lithium battery inside. It uses an external AC adapter.

#CallMeIfYouNeedMe #FIFONetworks

Cybersecurity - Networks - Wireless – Telecom – VoIP

It’s time for company’s to change this website notice to, “You may need to download an application to view PDF documents.”

The Portable Document Format (PDF) was originally a proprietary format, but it has been an open standard for many years now.

I sign Non-Disclosure Agreements (NDAs) with several of my clients. Adobe’s constant pressure to incorporate their automatic cloud storage and artificial intelligence analysis of documents that are read, created, or edited with their software make their products not just a security risk, but a legal risk.

I canceled my Adobe subscription and uninstalled all of their products from every computer I use for work-related tasks. (Full disclosure: my wife still has her Adobe subscription and has no interest in changing products).

Opening a PDF file in a web browser is also a security risk if you have an NDA, since many web browser providers are analyzing displayed content. If you have security obligations to your clients, I recommend disabling the viewing of PDF files in the browser, or, better yet, use a less invasive browser for work-related tasks.

I’m not making any recommendations in this post (or in the comments) for PDF viewers or browsers, because that would create the impression that this is a sales pitch. If anyone recommends something in the comments, that’s fine, just understand that I’m not making an endorsement here.

But back to the original point, in my opening sentence: unless Adobe is paying you to recommend their product on your website, you should drop the reference to Adobe in your PDF notice. It’s an open standard, and recommending a particular product when it’s not a requirement is misleading at best.

#CallMeIfYouNeedMe #FIFONetworks

Cybersecurity - Networks - Wireless – Telecom – VoIP

Instead of using fear as a tactic to sell cybersecurity services, I find people who are already concerned about their risk, and offer them calm confidence in exchange for money.

#CallMeIfYouNeedMe #FIFONetworks

Cybersecurity - Networks - Wireless – Telecom – VoIP

There’s a lot of misleading advertising about residential (consumer grade) VPNs. The purpose of this post is to clarify the difference between IP Masking and Virtual Private Networks.

WHAT IS A VPN?
From the official IETF documentation:
RFC 4026, Paragraph 3.10. Virtual Private Network (VPN)
“VPN is a generic term that covers the use of public or private networks to create groups of users that are separated from other network users and that may communicate among them as if they were on a private network. It is possible to enhance the level of separation (e.g., by end-to-end encryption), but this is outside the scope of IETF VPN working group charters.”

What does that mean in non-technical terms? It has two parts:
1) A VPN is a private link between two endpoints connected to each other over a network that is also used by others.
2) The private link may be encrypted (and often is), but that’s not a requirement to be classified as a VPN. (For those who are trying to wrap their head around the idea of an unencrypted VPN, I’ll give one example without going into any technical explanation: an unencrypted GRE tunnel is a VPN).

WHAT IS IP MASKING?
Refer to the middle picture. IP masking is when you use a relay service to hide the source IP address, or the destination IP address, from interested third parties.

WHAT’S MISLEADING?
Refer to the bottom picture. You don’t need to pay for a VPN service to do safe online purchasing or banking. Every time you see the padlock in your browser, or the “https” prefix on the address, you’re using an encrypted VPN connection.

THE LESSON
Next time you see an ad for residential VPN service, pay attention to the wording. What are they really trying to sell? The privacy of the VPN is automatic with https. All they’re really offering is IP masking. Do you need it? (Some people really do).

#CallMeIfYouNeedMe #FIFONetworks

Cybersecurity - Networks - Wireless – Telecom – VoIP

The client's firewall was blocking VPN attacks from IP addresses in the USA. Randomized timer with attempts anywhere from 2 seconds to 15 minutes apart. Brute force attack using first initial, last name. In the lower left corner, 19:47:05 is the last entry before I blocked the entire Class B address range.

#CallMeIfYouNeedMe #FIFONetworks #cybersecurity

Cybersecurity - Networks - Wireless – Telecom – VoIP

There are two laptops in my backpack on this trip: my regular laptop, and my air gapped laptop. The air gapped laptop is for work I do for clients when I have an NDA.

Carrying the extra weight became necessary when AI products started analyzing everything: emails, schedules, Word documents, spreadsheets, PDF files - even the simple Notepad app is now infected with spyware.

I'm now getting NDAs from clients that have specific requirements to not expose their information to AI.

On this trip I spent some time engineering a new network. When I finish the design back in my office, I'll send it to the client using encryption on a secure channel.

(Photo: my backpack keeping me company during lunch at TGI Fridays in DFW Terminal E.)

#CallMeIfYouNeedMe #FIFONetworks +1 206-465-2422

Cybersecurity - Networks - Wireless – Telecom – VoIP

Want to reduce "alarm fatigue" caused by false positives? Then quit alarming the wrong stuff. Here’s how to decide what needs to be alarmed:

If it requires immediate human attention, it's an alarm. Otherwise, it's a log entry.

This is one of the most common mistakes I see in the field when I’m working with clients on streamlining their operations and reducing downtime. There is a strong (super-strong!) tendency to say, “I’m not sure, so I’d better make this an alarm.”

In many organizations, there’s also a fear factor: “If I decide not to alarm this, and then we have a critical system outage that could have been prevented, I’ll get blamed for not enabling this alarm.”

The cure for this is twofold: (1) alarm-or-log decisions should be made by a team, so no one person has the weight of the company’s downtime on their shoulders, and (2) the manager over the alarm-or-log team needs to review and approve the team’s plan and take full ownership of it. The manager needs to have the kind of personal integrity it takes to say, “I’m responsible.”

SIDENOTE: In the Navy I was taught, “You can delegate authority, but you can never delegate responsibility. You are responsible for everything your team does.” In the civilian world I’ve seen a lot of bad managers rise in power by blaming a subordinate, and then “fixing” the problem by firing and replacing the scapegoat.

This environment of fear results in everything being alarmed, and the result is that nothing is effectively alarmed.

THE WRONG SOLUTION TO ALARM FATIGUE
The wrong solution to alarm fatigue is excessive automation. Listen to me: there is no automated detection system in a complex network that can evaluate every combination of events. The speed and scale of automated monitoring systems is essential in large networks, but they augment the human agents, they don’t replace them.

#CallMeIfYouNeedMe #FIFONetworks +1 206-465-2422

Cybersecurity - Networks - Wireless – Telecom – VoIP

Best Cybersecurity Hire...
Your best cybersecurity hire is a VP of Operations. That's right. You heard me.

Hire an Operations VP who completely overhauls your company's operations with the objective of removing as much sensitive data from the Internet as possible.

Internet connectivity is for sales and advertising. Everything else gets moved offline.

Wow. Think about how much easier you could breathe!

#CallMeIfYouNeedMe #FIFONetworks +1 206-465-2422

Cybersecurity - Networks - Wireless – Telecom – VoIP

"Find the differences in these two pictures."
You know those sets of almost identical pictures, and you're supposed to figure out how they're not exactly alike? Well, I actually get paid to do that!

A client has a cell tower on their property. The lease is with a tower management company, who then subleases the tower to mobile phone system operators (wireless carriers). My client received a request for modification to one of the carriers' systems.

As always, they asked me to review the proposed changes and submit a report with observations, comments, and recommendations.

The carrier submits construction drawings to the tower management company, who then forwards them to the lessor (my client). Then I review them.

The construction drawings include an "existing" drawing and a "proposed" drawing.

I don't just look at the described changes - I look at everything.

Well. I found a construction change in the proposed drawing that wasn't listed in the request to modify.

Is it a typo? An innocent mistake? Or an attempt to slide in a change?

"Find the differences in these two pictures."

I take that very seriously.

#CallMeIfYouNeedMe #FIFONetworks +1 206-465-2422
 
Cybersecurity - Networks - Wireless – Telecom – VoIP

Is anyone talking about IAM for AI agents? Someone needs to be making Identity and Access Management for AI agents.

When you realize this and make billions from the idea, remember to thank me proportionally.

#CallMeIfYouNeedMe #FIFONetworks +1 206-465-2422

Cybersecurity - Networks - Wireless – Telecom – VoIP

Enabling cloud connectivity to/from printers may be convenient, but it’s not without risk.

I installed this HP printer on Saturday for a small business client. I configured scan-to-folder for each employee. It took some time and would have disrupted the normal workflow, so the owner preferred a weekend remove-and-replace operation.

What struck me was how pushy HP was about setting up cloud services and wireless printing from mobile devices. For this client, the answer is “no” to all of those. Regarding HP’s request for analytics, I didn’t even ask the client; I just selected no to all.

There are a few lessons here.

1) Bandwidth is a finite resource. The more printers and other devices in the LAN that have vendor analytics enabled, the more LAN bandwidth is consumed. Is your network slow? Do your switch port statistics show a ton of traffic? How much can you reduce that traffic by denying permissions for vendor analytics?

2) Where is your data going? You may think you have it all locked down in your Azure/AWS/Google account, and then you discover a printer that someone has configured to use HP cloud services, or some other storage you’re not monitoring.

3) Clicking “yes” on one of the questions requesting analytics for product improvement during installation is all it takes to open a path to a system on the Internet that you don’t control.

4) When you’re all done with your new printer installation and configuration, before you disconnect from the management GUI, take one last look at the cloud management menu (in this example, “HP Cloud Connection.” You may have enabled a cloud connection without even realizing it.

#CallMeIfYouNeedMe #FIFONetworks +1 206-465-2422

Cybersecurity - Networks - Wireless – Telecom – VoIP

Someone isn’t playing nice.
I’m doing end-of-month maintenance for one of my clients. This includes reviewing the firewall logs to look for problems. I found someone with an IP address based in the USA repeatedly trying to login to my client’s system. It was an automated “dictionary” attack. They kept hammering away at it with a “dictionary list” of common login names. They were consistently “denied due to bad credentials,” but I went a step further and blocked their IP address. Now they can’t even communicate – they can’t enter a username on my client’s system to even try.

#CallMeIfYouNeedMe #FIFONetworks +1 206-465-2422

#MSP #RemoteTechSupport #cybersecurity

Another satisfied customer, a woman in her late 70s living in Hawaii. Yesterday we did a marathon four-hour session, where I cleared up a number of issues. Early in the session I taught her how to change her wallpaper from a pretty picture to a solid color, because vision problems make it hard for her to read the icons when there’s a complex picture behind them. I used the expression, “Teach a person to fish...” She used her new skill to change the wallpaper color a couple of times while finding one that provided good contrast for her eyesight.

She had pictures stored in a variety of places, most notably Google Drive and OneDrive. I taught her how to find the pictures, how to rename them, and how to organize them in folders other than the defaults. Again we said to each other, “Teach a person to fish...”

A few hours later she sent me this text message:

“Aloha Bob,
Thank you so much for my first fishing lesson!
You allowed me to gain a mountain of computer confidence. I now understand a few ways to attach the bait, cast my line, and patiently haul in my catch or throw it back...... depending on the result.
You are an excellent instructor! (And after working in higher education for my entire career, I know what makes one)
From across the Big Blue,
Mahalo”

#CallMeIfYouNeedMe #FIFONetworks +1 206-465-2422

#HelpDesk #TechSupport

Probably half my job is actually doing technology problem solving. The other half is explaining technology in non-technical terms to my clients. This isn’t a complaint. It’s a statement of the reality of doing any kind of technology consulting. Your communications skills matter.
Now, here’s the hard part. You’ve got to explain it without sounding condescending, and without making them feel stupid.

I won’t try to analyze the psychology behind it, but in my experience people who don’t understand how the technology works often show evidence of feelings of shame: “I feel like I should understand this, but I don’t.” They seem apologetic.

Here’s the thing, though: we all study different things. I can’t do what the auto mechanic does, or the stock broker, or the doctor. We’ve studied different things, and we all became good at what held our interest. There’s no shame in it. We need each other.

#CallMeIfYouNeedMe #FIFONetworks +1 206-465-2422
Cybersecurity - Networks - Wireless – Telecom – VoIP

I used to ignore connection requests on LinkedIn from financial advisors, because as soon as I connected they sent me DMs telling me I can make a lot of money if I turn over my finances to them (BTW, I still ignore those connection requests).
But lately, there’s a new brand of connection request I’m ignoring: “We can use AI automation to 10x your business growth!”

My business growth is just fine, thank you, because I have a secret: my business is based on personal relationships with each and every client.
It works.
And you can’t automate the process of building those relationships.
Also, I have a really good track record of fixing tough technology problems. Contact me for a no-cost “getting to know you” meeting if you want to find out more.

THE LESSON (there are two lessons):
#1 You can automate selling widgets, but you can’t automate creating relationships.
#2 If you want to use DMs to sell on LinkedIn, your close rate will be higher if you build relationships first, instead of using AI to automate your DMs.

#CallMeIfYouNeedMe #FIFONetworks

Software Developer: “I have an idea. What if we wrote code that only did what the user expects it to do, and nothing else?”
Business Owner: “You’re fired.”

The Software Developer’s Code of Ethics. It’s been ten years now since I published it. About once a year I post it again. It’s never gone viral, but maybe now is the time when enough people are interested in reversing the worsening trend of deceptive software.

#CallMeIfYouNeedMe #FIFONetworks

#cybersecurity #privacy

There was a massive Verizon outage on January 14. Reuters reported that it lasted 10 hours. Downdetector said it received 2.2 million reports of problems with Verizon’s service, but other estimates are as low as 180,000. As of this writing, Verizon hasn’t announced a reason for the outage. Cybersecurity concerns are possible, but have been mostly ruled out. It appears to have been an internal “technical issue.”

I can’t tell you what the specific technical issue was, but I can tell you what the general issue was: massive centralization.

Companies design systems with massive geographic centralization for cost and convenience, not for resilience – or, for that matter – cybersecurity.

Information and communications industries as a whole have been moving steadily towards massive centralization for several years now. Decentralize command and control. Centralization is a military-grade problem. There will be bigger and more impactful outages across all industries while we re-learn this lesson.

#CallMeIfYouNeedMe #FIFONetworks

#cybersecurity #NetworkArchitecture #SystemDesign

I got an email today from one of my vendors letting me know that they'll be requiring 2FA beginning January 12. I logged into my account, and in doing so learned that I had already set up 2FA.

A couple of things:

1) I logged in to set it up, thinking they must not have offered it before. It turned out that it was there as an option, and of course I had enabled it when I created the account some time ago.

2) I’m also thinking, “What!!!??? This is a major global provider of OT/ICS equipment, and they’re just NOW getting around to making 2FA mandatory?”

My guess is they realized they needed it to be mandatory, not optional, for CMMC compliance.

It’s too bad that it takes regulation to make companies do the right thing.

#CallMeIfYouNeedMe #FIFONetworks

#cybersecurity

Follow-up to yesterday’s post about Have I Been Pwned (HIBP):
I’ve seen company email addresses reported in HIBP summaries that were used for such non-business related accounts as Ducks Unlimited. Then, when that account is breached and the email addresses are sold, it just increases the overall spam workload on corporate security systems. It creates other security risks, too, especially when employees reuse passwords for more than one account.

RECOMMENDATION
Consider including a paragraph in the Acceptable Use Policy prohibiting using company email addresses for personal business, social media, or other activities.

Corporate policy makers: You might want to include an exclusion, allowing the use of company email for LinkedIn. There are some use cases where the company email for a LI account makes sense, so you’ll need to do your own risk assessment based on your needs.

Individuals: Using your company email for personal business can create problems when you change employers and lose access to that email. So apart from the company security issues, it’s just wise not to use their email address for anything else, anyway. Regarding LinkedIn: you can add more than one email address to your account in Settings. When you’re out of work you really want access to your LinkedIn account, so if you do use your company email with LI, be sure you go into settings and add a secondary email that you can always control.

#CallMeIfYouNeedMe #FIFONetworks

#cybersecurity #privacy

Some advice when using Have I Been Pwned (HIBP).

HIPB is a great site to use to find out if your email address, and other associated data, has been exposed in a breach.

Here’s two examples of the HIBP report for an old email address of mine.

RECOMMENDATION
Companies are reluctant to disclose the full extent of a breach if they think they can get away with partial reporting. Also, HIBP may not have found all of the leaked records. Therefore, even if HIBP doesn’t list passwords as being included in the breach, you should still change them.

Note that the leaked password in the one example is the password for that account, not the email password. But, if you make the mistake of using the same password for both of them – well, you can be sure the cybercriminal will try that password on your email and everything else they can find.

SUMMARY
Change the password on any account shown to have been compromised.
Don’t use the same password on multiple accounts.

#CallMeIfYouNeedMe #FIFONetworks

#cybersecurity #privacy

Proprietary protocols are a security risk.

Proprietary protocols necessitate vendor lock-in.

When you commit your design to proprietary protocols, you lose the freedom to shop for lower cost products.

You’re stuck with the vendor’s availability and deliverability schedule.

If another vendor comes to market with a desirable feature, you can’t buy their product or use that feature until your proprietary protocol vendor includes it in their product – which may be a long time, if the feature is protected by a patent.

You’re stuck with the vendor’s schedule for firmware updates and CVE patches.

RECOMMENDATION
Your risk analysis should include an inventory of hardware, software, AND protocols.
Recommend the redesign of any system with proprietary protocols.
In the short term, before redesign is complete, update your Incident Response plan, growth plan, and spares inventory to minimize crises.

CEOs: Ask your CISO, CIO, or systems architect, “Do we rely on any proprietary protocols?” And if they don’t immediately know the answer, it’s time to find out.

#CallMeIfYouNeedMe #FIFONetworks

#cybersecurity #CostControl #resilience

Winter weather – power failures – what’s a good design?

In theory – in a perfect world – the backup batteries only need to last long enough for the generator(s) to start up and stabilize with the load of your choice. But, in the real world, the backup batteries should hold the system up in the following scenario:

1. Power goes out.
2. Batteries/UPS take the load.
3. Power failure alarm is issued to the technician on call.
4. Generator fails to start.
5. Generator failure alarm is issued to the technician on call.
6. The tech on call requests service from the generator maintenance contract company.
7. The generator company rolls a truck.
8. The generator service person identifies the problem, repairs it, and starts the generator.

If continuous operation through a power failure is the goal, I design battery/UPS systems for a minimum six hours of run time, and if the generator company has to roll a truck that’s really not enough. Six hours is only enough if you have in-house technicians on call who live close to the monitored system.

If it’s impractical to support a system with the appropriate amount of battery capacity for a generator repair, then the solution is a second generator. If, and only if, the system is protected with a second generator, is it feasible to reduce the battery capacity. Keep in mind that battery capacity decreases over the life of the battery, or with temperature variations, etc. Also, equipment gets added over time, so if the system is built with marginal capacity (generator startup and RPM stabilization), then when you have an outage six months or a year after initial installation, the batteries may no longer be adequate.

Design with lots of margin, not just to load transfer time.

#CallMeIfYouNeedMe #FIFONetworks

#resilience #NetworkArchitecture #infrastructure

Ask yourself, “Why am I doing this with a VM instead of a physical device?”

Ask yourself, “Why am I doing this in the cloud instead of on-prem?”

Ask yourself, “Why am I doing this with public Internet connectivity instead of private data circuits?”

If the best answer you can come up with is a reflexive, “Because it’s cheaper and more convenient,” then you’re not engineering systems, you’re copying what someone else did.

“Cheaper” and “convenient” aren’t the only design criteria.

First, you don’t know if it’s cheaper until you design and spec it more than one way.

Second, you don’t know if it’s more convenient until you actually think through the alternative business and operations processes that are influenced by the design.

Just because an operational solution is different doesn’t mean it’s less convenient. In fact, it may provide amazing new efficiencies.

Here are some design criteria for you to consider:
Security.
Performance.
Control.
Versatility.
Cost effectiveness (don’t confuse “cost effective” with “cheaper”).
Scalability.
Third-party vendor management.
Third-party vendor risks.
Compliance.
OPEX vs CAPEX

#CallMeIfYouNeedMe #FIFONetworks

#cybersecurity #NetworkEngineering #InformationTechnology

From my email to a prospect earlier this week, after reviewing the contract they sent me:
“I don’t accept contracts with binding arbitration requirements. If <company name redacted> behaves ethically, there will be no disputes. If there is a dispute, it can be settled in open court.”

Choose your clients carefully.

#CallMeIfYouNeedMe #FIFONetworks

#cybersecurity #NetworkAdministration #entrepreneurship

A few months ago I discovered a law firm’s financial information (specifically billing and payment information), online. It’s a nationally known law firm, and the records in question were for the Seattle office.

Broken down by customer.
Itemized hourly billing.
Hourly billing rate.
Other expenses.
Customer account number.
Customer payment information, including bank account number.
Law firm’s bank account number.
Amounts paid.
Payment dates.
Balance due.
The information did NOT include details of the services provided.

I found it entirely by accident, with a Google search that wasn’t targeted in nature.

No, I didn’t report it to the law firm. In Washington, “Good faith acquisition of personal information . . . is not a breach of the security of the system when the personal information is not used or subject to further unauthorized disclosure.” (RCW 19.255.005(1))
I believe that protects me, but I don’t want to test it in court, and if the law firm knew about it, they might feel compelled to take some sort of action other than securing their information better.

THE LESSON
Do not store your company records, and host your website, on the same server. I can’t believe I have to write that sentence.

#CallMeIfYouNeedMe #FIFONetworks

#cybersecurity #NetworkArchitecture #SystemsDesign #policy

Concerned about AI-generated malware bringing down your company? Then get your critical data off the Internet.

This isn't rocket science. This is Occam’s Razor.

The Internet is for social media and retail sales.

PII, PHI, employee records, customer information - nothing important should ever be Internet accessible.

Ever heard of private data circuits? Private data circuits are a real thing. People quit using them because the Internet was cheaper.

"It'll be secure," they said.

No. The Internet has never been secure. The Internet cannot ever be secure, because authenticated users will always be tricked into doing stuff for cybercriminals.

If there was ever a time to rethink your business strategy as it relates to information storage and processing, that time is now.

It's going to get worse quickly. Your best defense is to get sensitive data out of the public cloud.

#CallMeIfYouNeedMe #FIFONetworks

#cybersecurity #NetworkArchitecture #SystemsDesign #policy

A lot of the work I do is in high security systems where sensitive data isn’t connected to the Internet, and isn’t hosted on commercial public cloud platforms, because such an architecture can’t meet the design criteria.

A recurring issue I face is educating new decision makers who get ill-informed notions that they can reduce costs (thereby becoming heroes, or so they think), by centralizing information storage or processing on rented commercial platforms. So I go through it all again, patiently, politely, with the new person.

The other recurring threat I deal with is C-level people who want what I refer to as Data Ubiquity: “I want access to all of the data, at any time, from any location, on any of my devices.”

Data Ubiquity = Maximum Vulnerability.

Even “perfect” authentication won’t prevent this vulnerability. Why? Phishing. The authenticated user will be tricked into opening the door for the cybercriminal.

When the data is in no way Internet connected, how does the victim deliver the data to the cybercriminal? Do they print it out and ship reams of paper in boxes to the criminal via FedEx?

Offline Data = More Secure Data.

The cloud is for retail sales and social media, NOT for PHI, PII, corporate secrets, intellectual property, employee records, industrial controls...

#CallMeIfYouNeedMe #FIFONetworks

#cybersecurity #NetworkArchitecture #policy #privacy

This week I fixed a laptop for a client. It was the second time this client has had me do work for her. The first invoice was in 2016.

2016. It’s been nine years. Her husband isn’t in IT, but he’s a tech-savvy person, so he provides most of her tech support. But when he couldn’t resolve the issue, she still remembered me and came back to me for service in 2025.

That’s customer loyalty. Treat them right. They remember. They’ll come back.

#CallMeIfYouNeedMe #FIFONetworks

#HelpDesk #TechSupport #RemoteSupport #OnSite

A Training Manager at a company (who shall remain nameless) requested the course description for my CompTIA Network+ boot camp. It’s been a minute since the last time I got a request for that. There’s so much study material available online now. But in this situation, the company has a need to get several current employees certified in a hurry.

CompTIA’s current version is V9, N10-009. The course is five days, on site, instructor-led by yours truly. No, there’s no guarantee that everyone will pass the exam. On the other hand, I’ve trained hundreds of students at community colleges (semester-long version) and in corporate training rooms (the 5-day boot camp). Most people who complete the course without stepping out of the room to take phone calls, and show up every day, and do the homework, and follow my study tips, will pass on the first try.

So, something to think about, if your company needs several people certified all at once.

#CallMeIfYouNeedMe #FIFONetworks

#training #CompTIA #Network+

“Bob, do I need a new iPad?”
The client complained that the iPad was slow. Pretty vague, but that’s okay. The client isn’t expected to know that there can be a lot of reasons for slowness.

FIRST: What does “slow” mean?
1) “Slow” can mean the device itself is slow, for any one of several reasons. Usually it’s background tasks that are running and using up CPU clock cycles. But it can also be insufficient RAM, or even more rare conditions like internal or external RF interference affecting the CPU, or a failing component.
2) “Slow” can mean the Internet connection is slow. This can be caused by inadequate Wi-Fi signal, external RF interference affecting the 1st RF amplifier, or a problem with the ISP that could be just down the street or miles away.
3) “Slow” can mean the web server the iPad is connected to is having performance issues.

SECOND: Narrow it down.
1) To see if the device itself is slow, try opening and using an app that doesn’t require an Internet connection at all. A good choice is to open Photos. Run a slideshow. Try local editing (not online, but something on the device like cropping or resizing). Play a local MP3, or start a local video. Not streaming. Be sure it’s on the device. If operation is normal, the device is fine.
2) To see if the Internet connection is slow, run a speed test. If the speed is good, it’s definitely not the ISP. But, be careful! If the speed is bad, it doesn’t prove the ISP is the problem. It could be a weak signal, interference, a bad antenna in the device... lots of reasons for slow Internet that are separate from the ISP. In the example picture, we can see that the ISP is not the problem. This Internet connection is rated at 500 down, 35 up, so the speeds are within normal range.
If the ISP is good, but the Internet connection is slow, rule out a weak signal by moving closer to the wireless access point. Rule out interference by testing from a different location: maybe a neighbor’s house, or a coffee shop. Also, if the speed test is bad, check the speed with some other devices. If the speed is only slow on the complainant’s device, it may be an internal problem.
3) To see if the web server is slow, first, ask the device owner: “Were you experiencing slowness while connected to a particular site?” Maybe they’re having a problem with a slow game, or with online shopping. Start by opening a connection to the web server and try it out. If it is indeed slow, try OTHER web servers. Maybe stream a video, or try a game by a different company, hosted on a different server. If the slowness is caused by a particular server, you’ll have clear evidence now.

THIRD: Should I buy a new iPad?
If the device is slow (test #1), you may want to get a new device.
If the ISP is good and the signal is good on other devices, you may want to get a new device.
If the web server is slow, there’s no reason to get a new device.

#CallMeIfYouNeedMe #FIFONetworks

#HelpDesk #TechSupport #RemoteSupport

Today I went to a client location to do a site walk for an expansion they’re doing. I got the details and then immediately scheduled a site meeting for tomorrow with a fiber installer to get a quote for connectivity to the new space. But that’s really not the story...

While I was in the existing office space, the Business Manager said, “Also, the guys are complaining about the Wi-Fi, so if you have time, would you take a look at that?” I said sure. When I’d finished the main activities I tracked down their Scheduler/Foreman and asked him for details about the Wi-Fi problem: “Is it everywhere, or in certain places? Is it all the time, or sporadic?”

He said the Wi-Fi was consistently bad in his office on the second floor. That was really the only complaint. They had remodeled an old storeroom into his office, and it had never been included in the original Wi-Fi plan. The Wi-Fi was truly awful in his office. But – he had an open Ethernet jack!

So I installed an additional Access Point right in his office. A few minutes later he came back in, just as I was finishing up the speed tests: 540 Mbps down, 41 Mbps up. Since they’re paying for 500/35, I’m pretty pleased. I gave him the SSID and key, and he connected – you should’ve seen the smile on his face.

Sometimes it doesn’t take much to be a hero. The simplest things...

#CallMeIfYouNeedMe #FIFONetworks

#TechSupport #OnSite #Remote

"Bob, what does 'bandwidth' mean?"
Earlier this week I was in a video conference with an excellent team from a regional ISP on behalf of one of my clients. Of course the term “bandwidth” was used multiple times in the conversation. I was reminded again of how much this term has changed over the years. Personally, I wish the term was only used in analog frequency contexts, but language is a living thing and the meanings of words change. Here now, for you, is a lexicon of sorts: a brief list of the various meanings given by digital technologists to the word “bandwidth.”

DOWNLOAD SPEED
Maximum Bandwidth: the maximum data transfer rate of incoming data, measured in bits per second (bps), Kbps, Mbps, Gbps, or Tbps. This value may be deliberately rate-limited, or it may be determined by the physical characteristics of the system.

Current Bandwidth: the instantaneous, as-measured data transfer rate of incoming data, measured in bits per second (bps), Kbps, Mbps, Gbps, or Tbps.

UPLOAD SPEED
Maximum Bandwidth: the maximum data transfer rate of outgoing data, measured in bits per second (bps), Kbps, Mbps, Gbps, or Tbps. This value may be deliberately rate-limited, or it may be determined by the physical characteristics of the system.

Current Bandwidth: the instantaneous, as-measured data transfer rate of outgoing data, measured in bits per second (bps), Kbps, Mbps, Gbps, or Tbps.

In the context of metered data, “bandwidth” also has these additional meanings.

MONTHLY DATA CAP
Monthly Bandwidth: The maximum amount of data that can be transferred during the billing cycle. This may be specified as download, upload, or combined up/down data. In this context, the unit of measure is bytes, not bits, so the acronym when correctly written uses a capital B: KB, MB, GB, TB. It does not specify “per second.”

MONTHLY DATA ALLOWED BEFORE THROTTLING
Unlimited Bandwidth: Many “unlimited” data plans include a limit (for example, 100 GB) at the maximum download speed, and after that the customer can still download data, but at a slower, rate-limited speed.

AMOUNT OF DATA USED DURING THE BILLING CYCLE
Actual Bandwidth: This use of the term “bandwidth” answers questions like, “What’s our average monthly bandwidth consumption?” If the average monthly data downloaded is 10 GB and a company is on a 100 GB plan, they may be able to save money by dropping to a 50 GB plan. It also allows the network engineer to see if the company is consistently hitting the throttling limit, in which case the bandwidth allowed in the plan should be increased.

#CallMeIfYouNeedMe #FIFONetworks

#OperatingBudget #NetworkEngineering

"Bob, what does 'bandwidth' mean?"
Earlier this week I was in a video conference with an excellent team from a regional ISP on behalf of one of my clients. Of course the term “bandwidth” was used multiple times in the conversation. I was reminded again of how much this term has changed over the years. Personally, I wish the term was only used in analog frequency contexts, but language is a living thing and the meanings of words change. Here now, for you, is a lexicon of sorts: a brief list of the various meanings given by digital technologists to the word “bandwidth.”

DOWNLOAD SPEED
Maximum Bandwidth: the maximum data transfer rate of incoming data, measured in bits per second (bps), Kbps, Mbps, Gbps, or Tbps. This value may be deliberately rate-limited, or it may be determined by the physical characteristics of the system.

Current Bandwidth: the instantaneous, as-measured data transfer rate of incoming data, measured in bits per second (bps), Kbps, Mbps, Gbps, or Tbps.

UPLOAD SPEED
Maximum Bandwidth: the maximum data transfer rate of outgoing data, measured in bits per second (bps), Kbps, Mbps, Gbps, or Tbps. This value may be deliberately rate-limited, or it may be determined by the physical characteristics of the system.

Current Bandwidth: the instantaneous, as-measured data transfer rate of outgoing data, measured in bits per second (bps), Kbps, Mbps, Gbps, or Tbps.

In the context of metered data, “bandwidth” also has these additional meanings.

MONTHLY DATA CAP
Monthly Bandwidth: The maximum amount of data that can be transferred during the billing cycle. This may be specified as download, upload, or combined up/down data. In this context, the unit of measure is bytes, not bits, so the acronym when correctly written uses a capital B: KB, MB, GB, TB. It does not specify “per second.”

MONTHLY DATA ALLOWED BEFORE THROTTLING
Unlimited Bandwidth: Many “unlimited” data plans include a limit (for example, 100 GB) at the maximum download speed, and after that the customer can still download data, but at a slower, rate-limited speed.

AMOUNT OF DATA USED DURING THE BILLING CYCLE
Actual Bandwidth: This use of the term “bandwidth” answers questions like, “What’s our average monthly bandwidth consumption?” If the average monthly data downloaded is 10 GB and a company is on a 100 GB plan, they may be able to save money by dropping to a 50 GB plan. It also allows the network engineer to see if the company is consistently hitting the throttling limit, in which case the bandwidth allowed in the plan should be increased.

#CallMeIfYouNeedMe #FIFONetworks

#OperatingBudget #NetworkEngineering

"Bob, what does 'bandwidth' mean?"
Earlier this week I was in a video conference with an excellent team from a regional ISP on behalf of one of my clients. Of course the term “bandwidth” was used multiple times in the conversation. I was reminded again of how much this term has changed over the years. Personally, I wish the term was only used in analog frequency contexts, but language is a living thing and the meanings of words change. Here now, for you, is a lexicon of sorts: a brief list of the various meanings given by digital technologists to the word “bandwidth.”

DOWNLOAD SPEED
Maximum Bandwidth: the maximum data transfer rate of incoming data, measured in bits per second (bps), Kbps, Mbps, Gbps, or Tbps. This value may be deliberately rate-limited, or it may be determined by the physical characteristics of the system.

Current Bandwidth: the instantaneous, as-measured data transfer rate of incoming data, measured in bits per second (bps), Kbps, Mbps, Gbps, or Tbps.

UPLOAD SPEED
Maximum Bandwidth: the maximum data transfer rate of outgoing data, measured in bits per second (bps), Kbps, Mbps, Gbps, or Tbps. This value may be deliberately rate-limited, or it may be determined by the physical characteristics of the system.

Current Bandwidth: the instantaneous, as-measured data transfer rate of outgoing data, measured in bits per second (bps), Kbps, Mbps, Gbps, or Tbps.

In the context of metered data, “bandwidth” also has these additional meanings.

MONTHLY DATA CAP
Monthly Bandwidth: The maximum amount of data that can be transferred during the billing cycle. This may be specified as download, upload, or combined up/down data. In this context, the unit of measure is bytes, not bits, so the acronym when correctly written uses a capital B: KB, MB, GB, TB. It does not specify “per second.”

MONTHLY DATA ALLOWED BEFORE THROTTLING
Unlimited Bandwidth: Many “unlimited” data plans include a limit (for example, 100 GB) at the maximum download speed, and after that the customer can still download data, but at a slower, rate-limited speed.

AMOUNT OF DATA USED DURING THE BILLING CYCLE
Actual Bandwidth: This use of the term “bandwidth” answers questions like, “What’s our average monthly bandwidth consumption?” If the average monthly data downloaded is 10 GB and a company is on a 100 GB plan, they may be able to save money by dropping to a 50 GB plan. It also allows the network engineer to see if the company is consistently hitting the throttling limit, in which case the bandwidth allowed in the plan should be increased.

#CallMeIfYouNeedMe #FIFONetworks

#OperatingBudget #NetworkEngineering

"Bob, what does 'bandwidth' mean?"
Earlier this week I was in a video conference with an excellent team from a regional ISP on behalf of one of my clients. Of course the term “bandwidth” was used multiple times in the conversation. I was reminded again of how much this term has changed over the years. Personally, I wish the term was only used in analog frequency contexts, but language is a living thing and the meanings of words change. Here now, for you, is a lexicon of sorts: a brief list of the various meanings given by digital technologists to the word “bandwidth.”

DOWNLOAD SPEED
Maximum Bandwidth: the maximum data transfer rate of incoming data, measured in bits per second (bps), Kbps, Mbps, Gbps, or Tbps. This value may be deliberately rate-limited, or it may be determined by the physical characteristics of the system.

Current Bandwidth: the instantaneous, as-measured data transfer rate of incoming data, measured in bits per second (bps), Kbps, Mbps, Gbps, or Tbps.

UPLOAD SPEED
Maximum Bandwidth: the maximum data transfer rate of outgoing data, measured in bits per second (bps), Kbps, Mbps, Gbps, or Tbps. This value may be deliberately rate-limited, or it may be determined by the physical characteristics of the system.

Current Bandwidth: the instantaneous, as-measured data transfer rate of outgoing data, measured in bits per second (bps), Kbps, Mbps, Gbps, or Tbps.

In the context of metered data, “bandwidth” also has these additional meanings.

MONTHLY DATA CAP
Monthly Bandwidth: The maximum amount of data that can be transferred during the billing cycle. This may be specified as download, upload, or combined up/down data. In this context, the unit of measure is bytes, not bits, so the acronym when correctly written uses a capital B: KB, MB, GB, TB. It does not specify “per second.”

MONTHLY DATA ALLOWED BEFORE THROTTLING
Unlimited Bandwidth: Many “unlimited” data plans include a limit (for example, 100 GB) at the maximum download speed, and after that the customer can still download data, but at a slower, rate-limited speed.

AMOUNT OF DATA USED DURING THE BILLING CYCLE
Actual Bandwidth: This use of the term “bandwidth” answers questions like, “What’s our average monthly bandwidth consumption?” If the average monthly data downloaded is 10 GB and a company is on a 100 GB plan, they may be able to save money by dropping to a 50 GB plan. It also allows the network engineer to see if the company is consistently hitting the throttling limit, in which case the bandwidth allowed in the plan should be increased.

#CallMeIfYouNeedMe #FIFONetworks

#OperatingBudget #NetworkEngineering

"Bob, what does 'bandwidth' mean?"
Earlier this week I was in a video conference with an excellent team from a regional ISP on behalf of one of my clients. Of course the term “bandwidth” was used multiple times in the conversation. I was reminded again of how much this term has changed over the years. Personally, I wish the term was only used in analog frequency contexts, but language is a living thing and the meanings of words change. Here now, for you, is a lexicon of sorts: a brief list of the various meanings given by digital technologists to the word “bandwidth.”

DOWNLOAD SPEED
Maximum Bandwidth: the maximum data transfer rate of incoming data, measured in bits per second (bps), Kbps, Mbps, Gbps, or Tbps. This value may be deliberately rate-limited, or it may be determined by the physical characteristics of the system.

Current Bandwidth: the instantaneous, as-measured data transfer rate of incoming data, measured in bits per second (bps), Kbps, Mbps, Gbps, or Tbps.

UPLOAD SPEED
Maximum Bandwidth: the maximum data transfer rate of outgoing data, measured in bits per second (bps), Kbps, Mbps, Gbps, or Tbps. This value may be deliberately rate-limited, or it may be determined by the physical characteristics of the system.

Current Bandwidth: the instantaneous, as-measured data transfer rate of outgoing data, measured in bits per second (bps), Kbps, Mbps, Gbps, or Tbps.

In the context of metered data, “bandwidth” also has these additional meanings.

MONTHLY DATA CAP
Monthly Bandwidth: The maximum amount of data that can be transferred during the billing cycle. This may be specified as download, upload, or combined up/down data. In this context, the unit of measure is bytes, not bits, so the acronym when correctly written uses a capital B: KB, MB, GB, TB. It does not specify “per second.”

MONTHLY DATA ALLOWED BEFORE THROTTLING
Unlimited Bandwidth: Many “unlimited” data plans include a limit (for example, 100 GB) at the maximum download speed, and after that the customer can still download data, but at a slower, rate-limited speed.

AMOUNT OF DATA USED DURING THE BILLING CYCLE
Actual Bandwidth: This use of the term “bandwidth” answers questions like, “What’s our average monthly bandwidth consumption?” If the average monthly data downloaded is 10 GB and a company is on a 100 GB plan, they may be able to save money by dropping to a 50 GB plan. It also allows the network engineer to see if the company is consistently hitting the throttling limit, in which case the bandwidth allowed in the plan should be increased.

#CallMeIfYouNeedMe #FIFONetworks

#OperatingBudget #NetworkEngineering

Sometimes in-person, on site work is better than doing remote maintenance. Story time...

The owner’s laptop was telling him it needed updates, and he’s not comfortable doing them on mission-critical software. I get it. I hadn’t been on site there in months, so I made arrangements to do the work in person rather than remotely. Last Thursday I was in his office, and I’m glad I was.

His laptop was ponderously slow on boot-up. I set up that machine a little over a year ago. It’s Windows 11 Pro, modern CPU, lots of RAM. It should be nimble. I called him back into his office and showed him that some of his programs wouldn’t work correctly until after he saw the “black flash” on the screen, which is a custom startup script.

While we’re watching the boot process, he said, “Can you stop Teams from opening every time I turn on the computer?” I said, “Sure.” Other things were opening, too, so I asked, “Is there anything else opening on startup that you don’t use or want?” He answered, “All of them. Nothing needs to open until I want it.”

He went on. “Even my browser opens on startup. I don’t know why.” I said, “Okay, you can go do other things for a while, and I’ll get these programs to stop.”

It turned out that the browser that was opening on startup was one I’ve never heard of, called Shift. Scam Detector rates Shift 42.2 out of a possible 100 points, and labels it “Controversial. Risky. Red Flags.” It looked a lot like any standard browser, but it opened on startup even after I removed its entry from the Startup folder. Also, the name of the entry in the startup folder was “ui,” not Shift. An obfuscated name is sketchy. To make it stop opening on startup I had to open the program and go to its preferences menu.

All of this made me want to check with the owner. I asked, “Is there a reason you started using the Shift browser?” He looked puzzled and said, “What’s that?” I showed him, and he thought it was just the latest tweaks to Microsoft Edge. He didn’t know how it got there. With his permission I uninstalled it. Between removing several startup apps and uninstalling a browser with suspicious behavior, his computer is back to full speed again.

THE LESSON
On site tech support is an important service offering. Most remote maintenance software doesn’t let you see the boot process, unless you’re working for a company large enough to have something like Dell’s iDRAC solution. Small businesses typically don’t have that. The advantages to on site support include:
1. Seeing things you wouldn’t otherwise notice, like boot processes.
2. Observing user behavior, which influences a lot of problems.
3. Solid relationship building, creating real trust.

#CallMeIfYouNeedMe #FIFONetworks

#TechSupport #RemoteSupport #HelpDesk #OnSiteSupport