In these turbulent and unprecedented times, RealClear is
still operating their on-site and remote service. While some of our competitors
have left their customers high-and-dry, we believe that providing a reliable IT
support service in a time of crisis is more important than ever.
We have always operated the highest safety standards. Now, even more so. All of our technicians are meeting (and often exceeding) the recommendations from the European Centre for Disease Prevention and Control. Our technicians are following best-practice social distancing, hand-washing and respiratory protection measures. We’re using hospital-grade disinfectant on computing devices we interact with. We kindly request that before one of our technician visits your premises, that the workspace is well ventilated by opening windows and doors.
We’re in this together. We believe most of these standards should be reciprocal. We reserve the right to refuse service if we believe proper disease controls are not being adhered to at a client site. We look forward to assisting you. Take care and stay safe.
of our Dublin clients had a problem with their Sage Accounts Production
software package not activating. Even though the client was using a valid
activation license, the application would still not activate. They tried
installing and re-installing it, but their problem remained. They disabled
their anti-virus and firewall, but to no avail. They phoned Sage but were
informed their Windows 10 computer “must have a bug” and a re-installation of
Windows would be needed. But this really sounded like trying to break an egg
with a hammer.
We went on-site.
Our diagnostics found that while their download speed as 6Mbps, their upload
speed was only a paltry .4Mbps. Using a 4G dongle, we connected their desktop
to another, faster connection. This time, with an upload speed of 1.3Mbps, the
product activated straight away.
you have it. The activation servers at Sage must require a minimal upload speed
in order for their software to activate on client devices. Otherwise, it would
seem the activation process just seems to time-out. It’s always the little
things isn’t it…
Recently, one of our clients, a
business consultancy in Dublin, experienced a rather odd problem. Last week,
they procured five new Dell Inspiron laptops for their team to replace some
aging HP systems.
Upon delivery, we assisted them in installing software such as Office 365 along with their endpoint security software. Printer drivers and other ancillary software were also installed and configured. After migrating data from their old systems, we then connected their shiny new systems to their wireless network (WLAN).
Wireless Teething Problems Emerge
However, less than twenty-four hours later, teething problems began to emerge. To our surprise, some of their users were already experiencing issues with their wireless network connection intermittently dropping. For example, one of the users was trying to email a business proposal to a client when their wireless connection abruptly cut off. Whilst another user, when trying to upload data to a cloud server was greeted with a “page cannot be displayed” error message. Understandably, this was very frustrating. And, it was not just one user affected, but all of them. This should not have been happening on brand new laptops.
Troubleshooting Wireless Connectivity
Troubleshooting an intermittent
wireless problem like this necessitates a methodical approach. (A liberal dollop
of experience and intuition can undoubtedly help too) Taking into account that their
network had remained the same, we did not suspect any problems with their
network infrastructure per se. After all, it worked great with their previous
laptops. There was no obvious reason why the addition of new client devices (in
this case laptops) should cause a problem. (Just in case, we tested the
connection on our own laptops and it worked fine!) The TCP/IP settings on all the laptops were
configured in DHCP mode. This means they were getting an IP address
automatically assigned by the modem-router. However, when pinging the
modem-router, a 25% “packet loss” would sometimes occur. Pinging is like a small
network connection test where you send a tiny “data packet” to the router to
see if it can reach its destination intact. In this case, something was
interrupting these packets causing the internet/network connection to drop. We
were determined to find out the root cause of this.
We decided to use one of the Dell laptops as the test system. On it, the background “services” needed for WLAN networks were running. We disabled their endpoint security software. No effect. In rare cases, Bluetooth can even interrupt TCP/IP transmissions over wireless, so we disabled it. No effect. We then visited the drivers and downloads section of the Dell website to see if any driver updates were available for the Qualcomm 802.11ac WLAN card which the laptop was using. At last, a glimmer of light. We discovered that in December, for this particular model of laptop, Dell uploaded a new WLAN driver which they designated as “urgent”. So, the old WLAN drivers were uninstalled and the new drivers installed. The test system was rebooted. The internet worked for about 10 minutes until, alas, the connection just randomly timed-out again.
We would have to dig a little bit deeper to solve this problem. We deployed a sophisticated packet sniffer or tracer tool to pinpoint the root cause. A packet tracer is an application which forensically traces and logs data packets as enter or leave a computer. We installed it on your test system. Then just like David Attenborough studying wilderbeest on The Serengeti, we sat back and watched. Even when an operating system like Windows 10 is not in use, there will still be loads of network or data packet activity. So, whilst observing packet activity, we had to look out for anomalies. Experience is key here because there will be a copious numbers of background processes running which have the potential to be just red-herring events. These are background data transmissions which look suspicious or anomalous, but are in fact perfectly legitimate. So, after around 30 minutes of observing packet transmissions through the GUI of our tracer, one application kept on appearing. This network-related application called “SmartByte” seemed to be quite active sending packets over the network. This was happening even when the computer was idle. A quick sleuth on Google revealed it to be non-essential bloatware.
So, on our test system, we quickly uninstalled it via the Window’s 10 Control Panel. We rebooted the system. Internet browsing speed using Firefox seemed to have more pep straight away. After a further hour of testing, just to be sure, no packet loss was experienced and no more wireless internet drops. The SmartByte software was uninstalled from the other four laptops. Problem solved!
Bloatware, or the practice of computer manufacturers pre-installing their own or third-party software onto Windows has been going on for years. Third-party software companies paying computer manufacturers to have their products pre-installed on operating systems means they can create awareness of their products with a captive audience. While this has always been more of an annoyance than anything else, in this case, bloatware caused a critical computer function, namely network and wireless connectivity, to fail. For an manufacturer like Dell, which relative to other brands take quality control seriously, allowing an application onto their systems which causes internet dropouts is a serious technical faux-pas. Not only does it waste the time of their own technical support staff, it also has the potential to frustrate their customers. We hope this blog post helps someone else who encounters the same problem!
RealClear are based in Dublin, Ireland and provide remote and on-site IT support service for Dublin. Our remote IT support service is delivered via TeamViewer (or equivalent) and covers the whole of Ireland is a safe, quick and painless way to get your Windows 10, Office 365, Apple (macOS) problems or software installation problems solved from the comfort of your home-office or business. Call us on 01 685 4833. We’re here to help.
Last week RealClear attended Botconf the malware and botnet
conference in Bordeaux, France. Here, malware researchers from the USA, UK,
Germany, France, Spain, The Netherlands and many other countries shared their
Cyber-security incidents can have a devastating impact
on your business. Customer or intellectual property can get stolen. Online
financial transactions can be compromised. Email accounts can be hijacked.
Ransomware attacks can wipe your Windows or Mac systems in a matter of seconds.
All of these threats can result in significant downtime, financial loss and
reputational damage. A common denominator in most of these attacks is the use
of malware by cyber-criminals. Typically, malware is malicious software which
gets installed surreptitiously onto your PC. Once installed, it can perform all
manner of nefarious actions in your system or network. For instance, malware
can secretly record keystrokes, take screenshots, steal online banking credentials
and email passwords. Increasingly, today’s data stealing malware are connected to
remote “command and control” centres in places like as Russia, Ukraine and
China. Once your data is in their hands, it can be used to launch further cyber-attacks
or sold on the darkweb.
Some interesting findings from this conference
1 in 5 malware threats goes undetected
1 in 5 malware threats goes undetected, even when using
the most advanced firewalls or security software. This stealthiness is achieved
by obfuscating the malware’s payload using encryption (such as RC5 or XoR), manipulating
code which produces different cryptographic hashes, and programming the malware
to “phone home” using multiple IP addresses.
Data exfiltrating Android phones
Certain brands of Android phone secretly exfiltrate
your data to remote “command and control” servers. The malware runs at firmware
level on the device. So, even running
and applying OTA (over the air) operating system updates for your device, the
malware still persists. Just another reason why should never store passwords
for email or cloud services in plaintext on a smartphone device.
Some researchers explained how the Darknet is awash
with password stealing kits such as Azorult. This malware can steal passwords from
popular email clients such as Outlook. It can also create a hidden administrator
account on your Windows computer and set up an RDP connection, giving the
hacker free rein over your system. This attack can start with just one infected
macro-enabled Office document being opened. Users should use extreme prudence when
opening office documents.
Malware is getting more difficult to detect and mitigate
Malware is getting more difficult to detect and mitigate. For example, new breeds of smart malware, once installed on your computer, will perform reconnaissance on your system. If anti-virus software is detected running in the background, the malware can silently disable it. Moreover, some malware runtime processes will even temporarily stop if they detect the presence of malware scanning or analysis software. Malware creators and propagators continue to pick surprising and unusual locations to hide their creations such as using the COM1 (serial port) driver folder in Windows environments. Old reliables like the Svchost.exe Windows process is still commonly emulated by malware creators.
Remote Access Trojans (RATs) are in widespread use
Remote Access Trojans (RATs) such as Nanocore, WSH and
Houdini are still in widespread use by cyber criminals. These tools can enable
the attacker to have remote control of your PC. Ports 80 and 443 are commonly (but
not exclusively) used as busy ports make a RAT hard to detect. You can become
infected with a RAT by opening just one infected email attachment or URL (web
The Problem with Two Factor Authentication
Many business owners believe that two factor
authentication (2FA) is a panacea for their email security. While it does
enhance protection, it can also be broken. Many threat actors now present their
victims with cleverly timed fake 2FA authentication pages to bypass this defense.
Beware of the Webinject
Webinject attacks are still rampant. These occur when,
If you’re a business owner who has a website with data collection capability (even
just a contact form), it is essential there is no vulnerable code. Otherwise, your
website contact form could be exploited for use in a phishing campaign.
Mind the NAS
Increasingly, many Irish businesses use a NAS device as a file server or backup device. Some brands of NAS, however, are also capable of exfiltrating your data via a secret inbuilt backdoor left by the manufacturer. One researcher found that an off-the-shelf NAS device from a well-known manufacturer was generating some unusual outgoing HTTP traffic and was utilising some unusual running processes. On further investigation, a root-level backdoor was found communicating to 4 remote IPs via API call and DDNS. And not only that. NAS devices are also targets for ransomware. In fact, they are almost perfect targets as they are connected to your network, they hold data and often don’t have the protection afforded to a traditional server. Between backdoors and ransomware, your NAS device could easily be a security blind spot and you won’t find mentioned on any glossy GDPR guides.
and 1912, two arctic explorers, Roald Amundsen and Robert Scott, endeavoured to
reach the South Pole. Amundsen painstakingly planned his trip. He studied the
methods of Eskimos and other arctic explorers. He reckoned that dogsled would
be the best mode of transport for equipment and supplies. He mustered a team of
experienced dog and ski handlers. He was fastidious in his attention to detail.
From ski goggles to clothing, he painstakingly made sure that every piece of equipment
would suit the environment in which it would be used.
competitor, Robert Scott, a British naval officer reckoned a more high-tech
approach would work best. He bought motorised sledges. He bought the most
expensive goggles and clothing he could find. However, the equipment he bought
was more suited to a mountaineering expedition than an arctic one.
leaders spent a lot of money on equipment. However, it was only in the unforgiving
arctic wilderness where Scott’s equipment procurement mistakes became tragically
apparent. The engines on the sledges ceased working only days into the
expedition. The ill-suited clothes resulted in his team developing frostbite.
They developed snow blindness because their goggles were ill-suited to arctic
reached the South Pole a month after Amundsen. But unfortunately for Scott and
his team of four, they all perished on the return journey to base camp.
Amundsen and his team all made it back safely. The worst problem they encountered
was a toothache experienced by one team member.
There is a
powerful lesson here for businesses procuring technology solutions. Context is
everything and throwing money at “shiny box” solutions does not always work.
You need to carefully examine factors such as:
Is the new solution a genuine improvement on your existing technology enabling quicker and more efficient workflows?
Is the new IT solution aligned with your current work flows?
Is the solution compatible with the IT skill set of your team. Not everyone is IT savvy.
Is the solution compatible with your current infrastructure? For example, many SMEs have bought expensive IT solutions which were reliant on high-speed broadband connectivity when their users in the field did not have access to a high- speed connection. Likewise, buying a Windows-centric solution when most of your users have Apple devices can be a common faux-pas.
Will the solution be adopted by the users? Is it intuitive to use?
How well does the solution protect your client, donor or intellectual property data?
Is the solution GDPR-friendly?
Does the proposed solution have genuine buy-in from your team? Having employee buy-in usually means a smoother transition and greater adoption rates.
Does the solution suit your remote working team members?
What redundancy does the solution offer in the event of failure?
This valiant expedition undertaken by Amundsen and Scott teaches us a very simple but profound message. The best technology solutions are those which are not the most high-tech or expensive, they are ones which are most suited to the context in which they operate.
A Dublin financial
services firm recently contacted us with a Wi-Fi issue. The six users in their
office, most of whom connected wirelessly to the internet, were experiencing intermittent
Wi-Fi dropouts. Naturally, these would occur at the most inconvenient times such
as when uploading files to their cloud server or during Zoom video conference
calls. Moreover, there were some Wi-Fi dead spots in their building where coverage
was poor or non-existent. We performed a wireless site survey. In some parts of
their office building their download speeds were only 7.5 Mbps while their
upload speeds were only .92 Mbps. These wireless connection speeds were
sub-par. Using an ethernet cable we
connected a laptop directly to their Virgin Media modem-router – we got 121
Mbps download and 17.6 Mbps upload. These are fairly standard speeds for Virgin
Media broadband in suburban Dublin. The broadband connection going into their
building was not the problem. It
appeared to reside with their existing infrastructure. They were using a rather
ancient Allied Telesis data switch and coupled with some equally old Linksys
wireless G access points. This hardware was really not up to the job. Their
existing CAT 5e cabling infrastructure appeared to be fine. But a solution had
to be found.
their main requirements. They wanted a high-performance, reliable and secure network.
We decided to install an Ubiquiti wireless network for them. Ubiquiti is a next
generation wireless mesh network, which uses SDR (software defined networking)
for management. A wireless mesh network blankets your office or home with wireless
coverage. The access points (or nodes) all work in concert with each other. The
UFO (or dome-shaped) UniFi access points can be wall or ceiling mounted. These AP’s
deliver high-performance Wi-Fi using 2.4Ghz or 5Ghz bands. They are PoE
(power-over-ethernet) enabled devices, meaning they get their power over LAN
from the Ubiquiti PoE switch obviating the need for the access points to be
near power sockets. In this case, we used a 16-port PoE Edgeswitch (150W). This
device has a data throughput capability of 36 Gbit/s which is ideal for video
streaming applications such as Zoom. We deployed 5 UAP-AC-PRO access points to
give maximum performance. The same SSID and password can be used throughout the
network. Ubiquiti access points use WPA2 encryption. This is all managed by a
UniFi security gateway which acts as the controller.
benefits of an Ubiquiti Wi-Fi network include:
Corporate-grade high-performance, secure Wi-Fi, but without the corporate price tag.
A Ubiquiti network is easily expandable. More access points can be added as your requirements change.
Ubiquiti can manage multiple SSIDs and VLANs with ease. This makes network segregation and guest access easy.
No recurring license fees – Some wireless hardware equipment manufacturers (like Aruba and Meraki) charge a license fee every year. With Ubiquiti, it’s just a one-off charge.
and testing, the staff road tested the new network for themselves. They were
over-joyed with the fast and reliable performance. There was no longer any
wireless dropouts and their Zoom video conferencing worked smoothly and without
lag. Files could be uploaded to their file server reliably and quickly. There
were now in Wi-Fi heaven…
RealClear IT provides an Ubiquiti wireless (Wi-Fi) network installation and troubleshooting service for both business and residential customers in Dublin. We can configure your Ubiquiti (UniFi) network to work seamlessly with your broadband provider whether that be Virgin Media, Eir, Vodafone or Sky. Enjoy secure, high-performance and reliable Wi-Fi today!
your iMac only to discover that it’s displaying a flashing question mark can
induce that sinking feeling in most users. This especially true if you have not
recently performed a backup of your system.
the flashing question mark appears when there is a problem with your iMac’s
hard disk. Many users encountering this problem will often attempt to use the
“command + R” in order to initiate a reinstallation of their operating system. Unfortunately,
this rarely fixes the issue and often just compounds the problem.
substantial number of cases when the “flashing question mark” appears the
underlying problem is a failed or failing hard disk. Your disk might have bad
sectors, firmware problems, read-write head problems or PCB (printed circuit
board) issues. When your iMac looks for the files needed to boot your system up
– it cannot find them. Hence, your iMac will display the “flashing question
week, we helped a Dublin medical practice with this problem. Their iMac, which
they used in their reception area, displayed this rather unwelcome screen. The
last Time Machine backup which they had performed was well over two months ago.
Our diagnosis revealed a failed S-ATA hard disk in their 2013 21.5” iMac. The problem
being extensive bad sectors (14,591 in total) and a corrupt HFS+ disk volume. We
were able to perform a complete data recovery for them.
The lesson as always in these cases, is backup, backup and more backup. We set them up with a robust, automated and GDPR-compliant backup solution so this problem would never be repeated.
RealClear was recently helping a Dublin management consultancy firm with their slow Apple desktop computers. Their 2013 iMacs were running macOS Mojave but were just crawling along and were proving a real productivity killer. For instance, when booting up, the progress bar at the Apple logo screen would take longer to load than the time it took for a kettle to boil. In fact, you could probably have boiled the kettle and have fully imbibed your favourite hot beverage by the time these systems fully booted up. And when they did eventually start, they were molasses slow. Applications ran with the same speed as a traffic jam on Dublin’s M50 on a Friday afternoon of a bank holiday weekend after an accident. Searches in Finder would be glacial, application icons would bounce in the Dock more times than a teenybopper at a Justin Bieber concert. Moreover, their iMacs kept freezing and there were more “spinning wheels” on display than at the Isle of Man TT. They would frequently have to resort to using the Force Quit command just to get the system back to a half usable state again. These were certainly not systems you wanted to be working on when you had deadlines to meet or had a Ryanair flight to catch but had not yet printed off your boarding card.
The roots of this problem go back to the way Apple have designed their latest operating systems. MacOS Sierra, High Sierra and Mojave are simply not optimised to run on spinning hard disks (disks pre-installed by Apple when you first bought your system). Instead, the latest versions of MacOS are optimised to run on solid-state disks. These next-generation SSD disks contain no spinning parts and provide an incredible performance boost with disk access times that are up to ten times faster than spinning hard disks.
We disassembled their iMacs, removed their old Seagate spinning hard disks and installed the latest generation of 3D NAND SSDs. We then deployed the latest version of macOS Mojave (10.14.3) and then migrated their old applications and files.
Their iMacs are now flying along. No more “spinning wheels” and no more freezes. The team can now get their workflow done quicker without the stress and the productivity overhead incurred by slow computers.
iMac of MacBook running slow? RealClear
have been repairing and providing support for Apple iMacs and MacBooks in Dublin
since 2003. Our Mac upgrade service in Dublin breaths new life into your system.
Our service can upgrade the RAM (memory), the OS and the storage (hard disk). Bring
the joy back to using your Mac again.
We’ve had a
couple of inquiries recently from users who informed us that their emails were
repeatedly not sending to certain recipients. Remotely, we checked their email applications
(Outlook, Mail App etc.) and the status of their email servers. Everything
appeared to be fine. The only commonality with all these users was they all used
random letters in their email username. In terms of email send-ability this is
a big No No.
So, if you own a business and your name is John Ryan – don’t ever be tempted insert to middle name initials in your email address.
In terms of
spam filters – random letters in the middle of an email username are like a red
rag to a bull. Spam filters will get triggered and will treat your emails as suspicious.
And suspicious emails will get redirected to the recipient’s Spam folder or
will get filtered upstream and won’t reach your intended recipient at all. When
devising a new email address – keep it simple – don’t use random initials in your
email address. While you might get away with one – use two and your emails will
probably end up in a Spam folder somewhere.
to quickly and securely share files between employees can lead to enhanced
productivity in your business. Even in
2019, there are still businesses in Dublin where team members email files to
each or worse still, using a USB drive for file sharing. Not only is this messy
and time consuming, it’s insecure.
RealClear helped a busy North Dublin dental practice overcome a file sharing
problem – in this case it was the sharing of x-ray images. They were using a
non-networked x-ray machine. Every time their dentists needed to examine patient
x-ray images, a dental nurse had to visit the x-ray room, download the image
from the machine, put it on a small slide file and bring it into one of the
surgery rooms. While this process was only taking around 10-12 minutes per
patient, cumulatively it was wasting over 90 minutes a day. Time which could
have been spent on more billable work. They needed a better solution.
First of all, they invested in a new TCP/IP network-able Carestream dental X-ray machine which could be attached to a server. This means that, given the right set-up, they could make images directly viewable from all workstations in their 3 surgery rooms. The only problem now was they did not have a) a network infrastructure in place b) a server to attach to their new x-ray system to and c) did not have any workstations in any of their surgeries.
After discussing their objectives and workflows in more detail,RealClear recommended a suitable Windows 10 Lenovo server and three Lenovo workstations running Windows 10 Pro. They were happy to procure this hardware themselves using one of our recommended suppliers. We then set them up with a hybrid network (wired and wireless). Because their x-ray room was lead-lined, the wireless connection between it and their router was severely attenuated with data packet loss rates of up to 25%. So, we ran a CAT 6 LAN cable from their x-ray room to the reception area where their router was located. (This reduced packet loss to zero) The rest of their network was configured to work wirelessly employing WPA2-Enterprise encryption. (For additional security, their “Guest Wi-Fi” was isolated from their main production network). On their new server, we mapped the folder containing x-ray images making the patient images accessible from each workstation with just one click.
The team at the surgery cannot believe how they put up with the old setup for so long! Their process for taking patient x-rays has been completely transformed. Without the file sharing network, it was a time-consuming ritual, now it can be done in a snap. Moreover, staff can easily reference old x-ray images more quickly. The new network has made their workflows smoother with their staff having more time to serve their patients in a more efficient and time-effective way.