My Work From Home Tips

We live in an interesting time where business have suddenly been forced into a remote work model in order to stay profitable during the COVID-19 crisis. Because of this, many people have now been thrown into a work from home situation (whether it’s something they wanted or not).

I’ve worked from home on and off for the majority of the last decade. Along the way I’ve found some things that helped me be more successful and productive with this form of work (as well as some that didn’t). So I’d like to share with you some quick tips from my experience. I hope they help!

  • Keep the same schedule that you always have. This seems counterintuitive. At first you’re looking forward to sleeping in longer now that you don’t have a commute, have to look decent in front of people, etc. You’d like to take that extra time and enjoy it as a perk of your newfound freedom. Don’t. Staying in the same rhythm has a passive psychological effect that will make you feel more productive and on top of things. And if you end up going back into the office eventually your schedule won’t be thrown completely off. Find productive ways to fill that extra time, or snuggle with the kids a little extra before starting the day.
  • Wear real clothes. Speaking of looking decent, continue to do that even if no one will see you. When I first started doing WFH I rocked the jogging pants and Crocs like no one’s business. I was at home and I was going to be comfortable. But it doesn’t take long to start feeling like a slob. After getting up on schedule like mentioned above, clean yourself up and put on clothes you’d be proud to be seen in. That doesn’t mean you have to wear a suit, but leave the yoga pants in the drawer. Just making yourself look presentable makes you feel ready for the day and its challenges. It also saves some embarrassment if you need to jump on a video call.
  • Take breaks. WFH can strangely lead to you working too much. Without John the Jokester to derail your train of thought for an hour, you plow right through your morning assignments and realize four hours have passed. It’s lunch time and you never went to the bathroom, much less had a snack. Build in regular breaks to your routine. Your body and brain will thank you. I also find it helpful to stretch and/or do some light exercise during these times.
  • Be ergonomic. Even though you could totally work from your couch all day, your body will thank you again if you don’t. Find a desk, sitting or standing, at which you can work in an ergonomic style. Take advantage of your ability to work in unique places where there is sunlight, etc, but save your neck by not craning it downwards at your laptop screen with your feet propped up.
  • Have a dedicated space. This will be more difficult for some than others depending on the layout of your home and how many people you share it with. But as much as possible, find a place to dedicate to work. Just like with clothes and schedule, this has a subtle mental effect. When you’re there you’re in work mode, and when you leave it’s easier to disengage from that. Make sure up front that your family or roommates know and agree to this as well. Having them respect your workspace will make you all happier in the long run as you will be more productive and easier to get along with.
  • Stop when work stops. When working from home there isn’t a natural stopping point where you see all of your colleagues leaving for the day and you all have the usual end-of-day routine together. It’s also easy to remember at 8pm that one thing you forgot and just grab your laptop to knock it out quickly. Resist the urge. Very quickly the lines between work and home blur and you become discontent, feeling like both work and home are being cheated. Give work your all during work hours, and then give yourself and your family your full attention after 5pm.
  • Just because your kitchen is down the hall doesn’t mean you should visit it frequently. It’s far too easy to tank up on snacks when you’re home. After all, you literally picked the food selection and it’s right there. Maintain self control, both your mind and body will feel better. Your body because of the fewer calories circulating through it and your mind because you’re being disciplined even in the midst of temptation.
  • Recruit your family as your team. It can seem daunting at first to try and be productive with your family around, especially now with schools also being closed at the same time. But we homeschool our children while I work here and have been very successful with it. The key is to get everyone onboard as teammates. Be intentional about talking to them of the importance your work has, both for you and for them. It can seem to them like it’s playtime since you’re home, but work still has to get done. My wife and kids have been incredible at respecting my space, respecting my time, and doing everything they can to set me up for success. This is crucial, and I couldn’t do it without them. She created a green/yellow/red sign on my door so that they know whether I’m available or not. This allows them to not feel like I’m locked away but still be aware of when I need to not be disturbed.
  • Communicate proactively, and over communicate. You will quickly find that it is easy to get out of sync with others or to feel underrepresented. It’s just the nature of physical separation. You can’t yell over the cube wall to ask a quick question, and your boss doesn’t walk in the room as you’re doing something awesome. Make sure you’re communicating proactively when you have a need or successes to report. Don’t let this be the time when you become a person of few words. Refrain from blowing them up with text every few moments, but when you do need to bring something up make sure you’re being proactive and descriptive. There is a gulf left by the lack of proximity and body language, or even voice tone. Be sure that you’re being heard and that the message you’re intending to communicate is the one they’re hearing. Also, with everyone being in their own silos, hours can go by without realizing you haven’t really interacted with others. If you’re more of an extroverted person this can begin to make you feel very unhappy. Utilize the great technology that we have available today for both chat and video conference options. Don’t wait until there is a specific work need, reach out to your friends and colleagues just to be social.
  • Have fun with it. Now that I’ve gotten all of the serious warnings out of the way, I’ll hang an umbrella over it all to enjoy yourself. Keep in mind all that I’ve said above, but also don’t forget to enjoy the benefits that this unique situation brings you. Take those breaks and play with your kids. Have your favorite coffee instead of the cheap stuff served at the office. Sit in sunlight when you’d normally be in a dungeon. Spend extra time in the morning and afternoon with the ones you love instead of being on the road alone. Being around them more has a profound way of reminding you what you’re doing all of this work for anyway.

My Journey to Better Privacy (Part 6: Conclusions)


Over the last few months I have been on a journey to better privacy. During that time I’ve gone over search, browsers, social networks/messaging, digital assistants, and email. This is not an exhaustive list of all the areas where online privacy is concerned, but it’s the primary ones that had not yet been addressed in my life. Now that we’ve gone over each of those areas, and I’ve had weeks to months to live with those decisions, I want to wrap things up with the conclusions I’ve come to over the course of this journey.

In my mind you have a range of choices when it comes to privacy. As with all things in life there is a pendulum, and you can choose to live on either side of that or somewhere in between. Let’s go over the basic options at each of those levels.

Complete Privacy

If you want complete privacy online, below are your options.

  • Don’t use the internet.

That’s it… I’m not kidding. If you want to avoid being snooped on then you literally cannot touch the internet in any way. This isn’t limited to computers and tablets. You should avoid using any type of electronic payments, opting for cash only. Any type of phone usage can be tracked as well. Honestly, I’m not sure you can fully avoid being tracked without going completely off grid (and maybe not even then).

Take home point: if you’re going to use the internet then you’re going to forgo privacy on some level.

Extreme Privacy

So you’ve decided that living in the woods and drinking your own urine is too high a price for privacy? Good choice, but that means you’ll be interacting with the internet on some level. Maybe you still want absolutely as much privacy as possible, regardless what that means in the way of inconvenience. Your options will probably look something like this:

  • Use an operating system that doesn’t signal back to its maker. (Probably a flavor of Linux, but not all of them are considered privacy conscious.)
  • Whole-home VPN (I didn’t go over this, but basically you configure your router to funnel all traffic through a tunnel.)
  • TOR (This is a system that somewhat anonymizes your internet traffic.)
  • Alternate DNS settings (avoid using your ISP’s or Google’s)
  • Web browser that uses all the addons I wrote about, plus others like NoScript.
  • Move your email to an encrypted service like ProtonMail.
  • Use a password manager, probably an offline one.
  • If you want to be super safe, do all this from a virtual machine on your computer instead of on the computer itself.

If it hasn’t become clear yet, this is a giant hassle. Aside from the time and frustration that will go into setting it all up, your network speeds will also be slower and you will constantly (CONSTANTLY) run into issues with sites not working correctly. And here is the kicker, you may still be tracked. Technology is always changing and we’re often not even aware of the most advanced methods until years after they’ve been used. You can totally take this approach, and there are people that do, but be prepared to put in the work. It may also make you a gleaming target as someone who is trying to hide something.

Moderate Privacy

If the above approach is more involved than you are ready for, there are ways to increase your privacy while still achieving a reasonable level of usability. This is basically the balance I’ve been trying to strike throughout the series, not being completely locked down but not throwing my data at people either. Here is what I see as the best approach:

  • Use a search provider that doesn’t track you, like DuckDuckGo.
  • Make smart browser choices, and enhance them with privacy addons.
  • Only use social networks and their messengers in contained situations, or not at all.
  • Know how your digital assistant stores and uses your recordings and configure accordingly, or avoid them altogether.
  • Never send anything sensitive in email. Use encrypted services instead, and maybe avoid email completely.
  • Be mindful of what sites you visit, and if they use encryption (https).
  • Use a password manager (LastPass is my favorite).
  • Use a VPN service when traveling or on public networks.

In my mind this allows you to interact with the internet, but with safeguards in place. It’s the sweet spot.

No Privacy

The other side of the pendulum is not caring about privacy at all. Many (maybe most) take this approach. They either aren’t conscious of the amount of data they’re giving up or assume there is no use trying to stop it. This is certainly the easiest way to approach things, but not one I can agree with. Firstly, your information is obviously valuable. The companies trying to syphon it are making billions off of it. Secondly, you have no idea how long they will keep the data and what they’ll do with it, either now or in the future. Privacy is a human right, and the onus is on us to fight for our own.


Honestly, this journey hasn’t gone completely as I expected. There were a few areas where I started out with an assumption as to what I would do and changed my mind as I researched it. Also, things are constantly changing. I made some posts and later had to return to update with a different conclusion after reconsideration. In the end I think it’s less about choosing a specific set of technologies and more about having a privacy mindset. Look deeper into offerings, not focussing on only features and price but also how they are respecting your privacy. Make sure you’re using secure services. Know that social networks, among other things, are free for a reason. You are the product.

But also, don’t forget to have fun. There is a lot of really great stuff out there and a wealth of opportunity on the internet. Keep your safeguards in place but don’t let fear limit you.

My Journey to Better Privacy (Part 5: Email)

Updated 02/28/2020


If you’ve been following along, then you know I’m on a quest to increase privacy across my digital life. The next stop on that journey is email. This system of communication has become so ubiquitous that we hardly give it much thought. We communicate over it with service providers, friends/family, random blogs, and any number of other entities. Since it’s a digital form of communication some get a false sense of its security, but that couldn’t be farther from the truth. Let’s take a moment to look at the current state of email in 2019.

How It Works

It’s sometimes easy to take for granted how digital communication works these days. We assume that what we’re writing is only being seen by ourselves and the intended recipients. But that isn’t necessarily true, especially in the case of email. In fact, it might be helpful to visualize email as more akin to its physical cousin, snail mail. A friend of mine once said it’s best to consider any email you send to be like a postcard. When you send a postcard it is secure in your house, and therefore somewhat safe. You then place it in the mailbox and send it off through the post office routing system. Along that route it passes through many hands. Those who have malicious intent, or are just nosy, could read it any time they want. Eventually it comes to your recipient’s house, where it is then again somewhat safe due to being in their residence. The same is true with email. Your mail provider places a lot of effort into securing their servers with encryption and other measures. However, once your email leaves there and is being routed to the recipient’s mail it is open and vulnerable. Once it arrives there are measures that keep it safe on the destination as well, but in between it’s basically completely open. Besides all of that, your mail provider likely uses data mining on your emails in order to serve you targeted ads. So even when the email is “safe” it is still being accessed by other parties.

The lesson here is that email should NEVER be considered private. Don’t put anything in email that you wouldn’t put on a postcard.

Safeguarding Email

There are some options for locking down your email and making it secure. Mostly this means using an encrypted service. Providers such as ProtonMail (great review here) offer end-to-end encryption, meaning that even they can’t see your email. There is a web client to securely access the service, or you can download their mobile apps. There are shortcomings in comparison to the convenience you’re used to (such as searching for a subject), but overall it’s a great way to secure your email.

The Downside

If it’s so great, why isn’t everyone using it instead of data vacuums like Gmail? Well, there are reasons. Remember our postcard scenario? Imagine if you sent someone a postcard and they received it just fine but couldn’t read it. With secure email services your recipients cannot read your emails unless you provide them with a password or public key to decrypt the messages. There aren’t a lot of friends that would do that just so they can receive email from me, much less people I barely know.

Also, your email is now sitting on their provider’s servers. Even if ProtonMail takes steps to ensure they can’t read your email it doesn’t mean your friends’ service lives up to the same standard. And any email they send to you will definitely have all of the same pitfalls of normal email. Plus, if someone forwards the email on then all bets are off.

Lastly, if you forget your password then all of your email is lost to you. This is the blessing and curse of ProtonMail not having access to your mail. They can’t snoop on you, but they can’t recover it for you either.


So, what’s a privacy-focused nerd to do? Even though services like ProtonMail aren’t as easy to use as traditional ones that doesn’t mean you should ignore them. As the funny taco commercial once said “Por que no los dos?”. Use ProtonMail for sensitive business emails or personal ones containing identifying information, and keep your usual service for all the spam you get from Old Navy and emails coordinating pot lucks. If you want to keep those from being data mined, swap to something like an iCloud address. It’s run by a major corporation too, but they don’t scan your email the way Google or Microsoft does.

Personally, I already stay away from putting anything in email I don’t have to. I prefer to use secure messaging systems for personal contacts (iMessage or Signal). If secure information needs to be emailed, you can always place it on a cloud storage service that is encrypted and then send them its link. This reduces the amount of storage being used on both email services (sender/recipient), lets you configure the link to only be accessible to certain individuals (either read or write), and lets you bypass the insecure digital postal system already discussed.

Be mindful of what you’re sending and how. And choose the option that works best for your situation.

Update (02/28/2020)

After more consideration I decided to go all in on ProtonMail. And you know what? It was completely painless. At the moment I’m using the free tier, but will likely bump up to the paid one soon (Same with their ProtonVPN service). Everything is working great, but there are some nice perks when you upgrade. Also, you help support their mission by being a paid subscriber, and creating a web where we are free to communicate privately is a mission I believe in.

I’ve forwarded my other data-hungry accounts to it and started swapping services one at a time. So in the end not only is my email more secure but I’ve also achieved a secondary goal of consolidating the mass of email accounts I’ve collected over the years.

You don’t have to use ProtonMail (well, you don’t have to do anything) but I would advise joining the private email movement. It’s really very little effort for the return you and the rest of the internet community receive in return.

My Journey to Better Privacy (Part 4: Digital Assistants)


Since the time I was a child the idea of robotics and automation has appealed to me. When digital assistants started to hit the scene I was stoked. I imagined myself controlling my home like Tony Stark with Jarvis. I tried to hold out for a good Siri solution, knowing that Apple makes quality products and that they are generally more privacy focused. But $400 is way too high for a smart speaker and Siri, bless her heart, is way behind the rest of the class in terms of intelligence. I ended up going with Amazon’s Alexa and have really enjoyed the experience.

At this point in time my investment in the Amazon Echo ecosystem is not insignificant. We are the owners of the full-size Echo 2, an Echo Spot (the alarm clock one), and the 2nd generation Echo Dot (the hockey puck). I even had a second Dot, but have since gifted that to my in-laws. Added up that’s a decent dollar investment (but still hasn’t reached the price of one Apple Homepod). With these devices I’ve been able to have music that plays throughout our house, control a number of lights by voice, have a simple intercom system, and more. An additional perk is that it lets my kids easily do things like turn on the lights in the scary basement from upstairs.

All of that to say, I have good reason to consider the privacy implications of digital assistants. And it could also be painful for me should I need to make a change. So you know I’m taking this seriously.

What Is The Worry?

After the initial rush of excitement surrounding digital assistants and their potential, a number of years have passed and important questions have come up in the mean time. Many people ask, if something is always listening for me to speak is it recording everything I say? Secondly, what is done with the recordings once your choice of tech companies has it? How long do they keep it? Perhaps most important recently is the question of human interaction. We always assumed that only machines interacted with our recordings, but it turns out that people do as well.

Some of these concerns are valid and some simply aren’t. Let’s start by taking a look at how these devices work, and that will help us separate out truth from myth.

How It Works

Honestly, it’s really very simple. In the case of smart speakers, or anything that uses a wake word (Alexa, Hey Siri, Ok Google), the device listens to everything said around it. This happens locally on the device, and it completely ignores anything other than the wake word. When the wake word is recognized, that is when it reaches out to the company’s servers. Any sound during the listening period is recorded and sent up to these cloud servers. That is where all of the smarts are (which is why the devices can have such low power hardware). Using sophisticated language processing, machine learning, etc their systems determine what you’re saying and how to best respond. Any number of things are triggered from there, and whatever you requested happens. That’s it. To summarize: Wake word, snippet sent to cloud, action taken. The companies then take a small percentage of the millions of recordings they receive, somewhat disassociate it from user accounts, and have people work with them to make their language processing smarter.

There are a few key takeaways from this knowledge:

  • The device dumps EVERYTHING it hears unless the wake word is registered. It is NOT recording everything you say.
  • The request is processed by machines. No human interaction is involved.
  • Though people are involved in training the system to be smarter, and that allows them to hear recordings, it is with an astoundingly small portion and your user account is partially decoupled from the recordings at that point.
  • It’s worth noting that Apple is more privacy conscious with its operations, such as tying recordings to a random identifier rather than your user account and doing as many operations locally as possible rather than in the cloud.

What Concerns Remain?

Having said that, it does not mean there aren’t real concerns. In our experience the devices can wake at very random times where we definitely did not say “Alexa”. At first this is just annoying (and a little creepy). The more you dwell on it, though, you start to wonder exactly what it’s picking up. Some have raised the point that personally identifiable information could be overheard, or bank numbers, etc. Sometimes I wonder if it picks up my children’s conversations. Not that they’re saying anything nefarious, but I don’t really want them recorded. Also, you just never know how anything you say will be taken if heard out of context. In today’s society people get really worked up about opinions they don’t agree with. Who’s to say it won’t overhear a conversation that isn’t politically correct, and then the workers might tie it back to you? What if something is acceptable now but in a decade is practically a thought crime (token 1984 reference)? One should always be careful of what they say, but this adds newer and potentially more dangerous considerations. Words you barely thought about almost instantly become data that is globally distributed and perhaps perpetually retained.

Most companies have built mechanisms to let you delete recordings from your account, but that doesn’t mean they’re completely purged. In the end it’s really up to them how long they’re going to keep the data and what uses they’ll have for it. The recording is on their servers and out of your hands.

After the outcry over having people listen to recordings most of those programs have been suspended. I can’t imagine that will last, though. I’m honestly not certain you can properly train the system without sampling recordings. That’s just the nature of how this technology works. They should have disclosed this better and potentially had their employees act more professionally (like not passing around amusing recordings), but it’s simply a reality.

Considerations For Balance

How much all of this matters to you is going to be a personal choice. Everyone has different thresholds for what they consider to be private conversation and how much they care they’re overheard. In many areas of life my wife is my touch point to reality. I can get very lost in the internal academic debate and become completely disconnected from the real world. While wrestling with these subjects in regards to our own home I asked if it bothered her, and she responded something to the effect “not even once”. Just now I asked her what she thought we should do and she said “I don’t even care”.

Another thing to consider is how deep down the rabbit hole you want to go. If you’re worried about devices listening to you without your permission, stop to consider the ones that are already part of your daily life. Every cell phone (smart or not), laptop, smart watch, and many desktops have mics in them. A bad actor could activate any one of those without your knowledge. It’s already been done before with webcams. Facebook, Google, and likely the goverment already have an astounding amount of information on you from multiple sources, verbal or not. And you could just mute or turn off the devices should you need to have a private conversation.


When you put everything together it’s a balance of obtaining the functionality you want vs the information you volunteer. For me that means, as painful as it is, Alexa and I will have to part ways. I really didn’t want that to be the case, and I even wrote up this article originally stating that I was going to keep her. But that didn’t sit well, and here are the main reasons why:

  • Conversations unintentionally overheard: There is no way around it, these devices often think you’re speaking to them when you’re not. That leads to us being recorded when our guard is down, and as stated before the information is then out of our hands and within Amazon’s control. For whatever reason this seems to happen much less with Siri, so I’m not as concerned about our phones, etc having it enabled.
  • People reviewing recordings: Only Apple’s system truly decouples your recordings from your personal information, so theirs is the only one I’m comfortable with in this regard.
  • There is no feature we can’t live without: We did a week trial without the devices and there was surprisingly little impact. A few smart home tasks are more annoying to do with the phone or watch, but overall life went on pretty much the same. Having the Jarvis effect is fun, but not something I’m willing to trade our privacy for.
  • No peace of mind: I mentioned this in the web browser discussion too, but peace of mind is very valuable. No matter how much I run over the facts and come to terms with them, something in the back of my mind was never comfortable with Alexa. Being without that internal battle during our week long test was refreshing, and a part of me has known since starting out with Alexa that something felt off about it. Maybe it’s paranoia, or maybe it’s instinct. Only time will tell I suppose.

So going forward the only digital assistant in our lives will be Siri. She’s not the smartest, and the Apple Homepod is absurdly expensive. If they go on sale or Apple produces a lower cost Echo Dot competitor then I’ll jump on board. In the mean time we just use our phones or watches for the same tasks. And if worse comes to worse, we walk across the room and hit a physical button. Turns out that’s still a completely viable option.

Update (09/08/2019)

A few weeks have gone by since I posted this article and I’ve now changed my position on our Alexa devices. This is because of a couple of key reasons. First, Amazon will let you opt out of having humans review your recordings. Second, I thoroughly reviewed my own article above and concluded that my decision leaned more on the paranoid side than the cautious.

TLDR, all of the information above is still true and valid. But the value vs risk index tips in favor of us keeping Alexa rather than dismissing her, especially as Amazon comes under increasing pressure to make sure she guarantees our privacy. As noted above, my family has received a ton of benefit from using these devices (my children have literally been begging me to put them back). We feel comfortable with the way the technology works and the benefits we receive from using it.

Update (09/26/2019)

At their September hardware event Amazon announced new privacy measures along with a slew of new products. I’m not saying this makes them 100% trustworthy, but it’s a sign in a good direction.

My Journey to Better Privacy (Part 3: Social Networks and Messaging)


I’m on a journey to improve my online privacy. Search engines and web browsers have already been covered in previous posts. What discussion on this topic would be complete without Social Networks (Facebook, Twitter, Instagram, etc)? I’m also going to include messaging along with them because they often go hand in hand (ie Facebook Messenger).

Why Does It Matter?

Social networks encompass a large portion of our online activity, and ironically are also one of the main outlets through which we hemorrhage data. Besides the risks incidents like the Facebook data breach present, why are we okay with giving the social networks themselves so much data? Even if you follow the argument that you’re a good person and have nothing to hide, it’s still disturbing to have a random party repeat back to you what you ate for lunch. Yet we tell things to audiences of thousands, and that data gets spread to servers around the globe. We have seen in recent history how old year books from high school and college have affected people’s careers. What if a decade from now what you’re freely laughing about with friends is completely socially unacceptable? There is a timestamped record of it anyway, and your picture is likely along with it in full HD. In the same vein, what if laws later change around the governance of that data and third parties such as governments or others can freely access it? The point is, we don’t really know how the accumulated data of our lives is being used today, much less how it will be in the future. Also, studies have shown that social media is just plain bad for you.

What Am I Going To Do About It?

Delete all my accounts!!! Just kidding. I’ve actually been down that road before due to a mixture of privacy concerns and trying to engage with people in person more. In the end I came back, and I don’t plan to delete them again. This may sound outrageous given this post is about privacy, but if you will remember I stated at the beginning of this journey that I was trying to strike a balance between full tin foil hat paranoia and living effectively on the internet in 2019. In my specific situation, I have family and friends scattered around the country and globe. I don’t often get to see them in person, so Facebook is a very effective way of keeping in touch with them. Also, groups we are a part of coordinate heavily through it, such as our Sunday School class at church. I use Twitter, Linkedin, and others to stay in touch with the tech community and post (hopefully) helpful information such as the entries on this blog. So, in the end a complete burn-it-to-the-ground deletion would not be the smartest move for me.

I have found over time, however, that there are ways to severely limit what information I give to social media. The first has nothing to do with technology, it’s discipline. I make a practice of only saying online things that I wouldn’t mind a crowd of strangers overhearing. Sometimes I remember this more than others, but overall the idea is to simply be careful what you say. Second, I use a web browser and plugins that block website components that want to spy on me, including those connected to Facebook’s like button that appears on almost every page. On mobile devices you can use apps such as Friendly to still get the social network content without as much bloat and spying.

There are additional steps I’m implementing, however. This is after all a journey forward, not a review of steps I’ve taken in the past. First, I’m setting a specific time frame during the day to be my social media window. I’ve gotten far too comfortable with randomly accessing it throughout the day the moment I experience more than a second of boredom. I think we would all benefit from learning to curb that impulse, and regaining some of the ability we’ve lost to simply just “be”. Second, in order to help reinforce this first goal I am going to remove the apps from my phone. I’ve tried this in the past unsuccessfully, because I would simply log into the web version. But this too is more about discipline than technology. Tech can make a lot of things more convenient, but our choices are still up to us. As a side benefit, I’m looking forward to increased battery life and mental focus.

As mentioned up front, I’m including messaging in this effort as well. I think it is even more sneaky in regards to our data, because we get the false sense that it’s private. You’re having a conversation with those closest to you, forgetting that any number of unknown entities could at some point access all or part of that conversation. I’m taking the same mitigating steps with messaging as those listed above. But I’m taking one additional step of only using messaging platforms that include end-to-end encryption. That means that your messages are protected on your end as well as the recipient’s, and no one in between (including the company hosting the service) can read them. For me that means using iMessage and Signal. iMessage is only available on Apple products, but Signal is cross-platform.


In the end my choices might not match what makes sense for you, and that’s okay. This approach allows me to stay in contact with family/friends and coordinate with groups who are heavily invested in Facebook as a communication platform. But it also allows me to reduce both the amount of data I put into these companies’ hands and the amount of time their products take away from my life. It also ensures that my personal conversations aren’t snooped on. I’m a boring guy with nothing to hide, but I’d still be creeped out if a stranger asked me about where I went on vacation.

My Journey to Better Privacy (Part 2: Browsers)


My Recommendation: Firefox, with the extensions HTTPS Everywhere, uBlock Origin, Firefox Multi-Account Containers, and Cookie AutoDelete
Privacy Simplified: If you just want privacy out-of-the-box and don’t care that it’s based on Chromium, go with Brave.
(Update 04/07/2020: I’ve been using Brave a lot and see great promise in it. I might do a full post about it soon, but in my mind it’s starting to win out over Firefox.)
My Mobile Recommendation: Safari with Firefox Focus enabled as a content blocker, or Firefox depending on your preference.


If you read my previous post, you know that I’m on a journey to achieve better online privacy. Much like with search engines, web browsers are something that I’ve been considering for years. I tend to be drawn towards Chrome for its features and the fact that most sites are built to work with it. Then I become more privacy conscious and move to Firefox, with several addons enabled. Some point either after or before that I use Safari because of its integration with my devices (we’re basically an all-Apple house).

I wanted to make a concrete decision this time, though (or at least as concrete of one as can be made when technology changes so drastically from year to year). For that reason, I’m putting my thoughts down in writing and sharing them with you. It’s an accountability mechanism of sorts. Also, I sincerely hope that it benefits you as well.

*One small note before we get started. There are a LOT of browsers out there. I’m only going to cover the top few that tend to circulate through my life and that I think the mass majority would consider.


Almost without doubt, if you’re asking which browser is going to be fastest and work the best it’s Chrome. Depending on which stats you look at, it has up to 75% of the market share, and for good reason.

By StatCounter –, CC BY-SA 4.0,

But, how is it in regards to privacy? After all, its maker Google has come under a lot of scrutiny in that area over the last several years. Even The Washington Post basically called it spyware. They’re an ad business, using their “free” services to collect mountains of data to fuel that business, and Chrome is just a tool to help direct people towards contributing to that. It’s also becoming a bit of a monopoly as well, to the point where developers only code for it to the exclusion of other browsers. For these and other reasons, many (including myself) are highly suspicious of letting it pilot our journey through the web.

However, they haven’t left users completely without options. If you’re willing to look for the options in settings then you can turn off a lot of the snooping. Also, Chrome has one of the richest extension libraries, so you can add a number of those that will greatly enhance its privacy capabilities.

I for one remain too skeptical to embrace it as my daily driver. I truly wish that weren’t so, because it’s probably my favorite overall. But it just doesn’t sit easy with me.


I’m going to be a lot more verbose concerning Firefox, because it is basically the measure by which I will judge all the others. It has a long history of fighting web browser monopolies and is basically a household name at this point. Below are some of the reasons it stands out to me.

Open Source: It is not the only option I’ll discuss that is open source, but it’s probably the most respected in the open source community. I’m not someone who will say non-open-source is evil (I’m writing this from a Mac), but I do think it’s something we should promote as often as possible. This is especially true in regards to the web. At this point in our culture the internet is almost like a utility. It houses essential resources for communication, productivity, education, and so on. It’s my belief that an open source browser from a non-profit company is better positioned to safeguard that than an offering from a large corporation which has special interests.

Defenders of the open web: Continuing off the point above, Mozilla (the maker of Firefox) has a long history and deep commitment to keeping the web open. Because they aren’t selling ad services, they can freely support ad blockers unlike Google is doing. They also sponsor lots of events to educate people on how to interact with, and contribute to, the web community.

Cross-platform: Firefox will run on Windows, Mac, or Linux. You can also have it on Android or iOS devices. If your life doesn’t reside all on one platform (as most people’s doesn’t) you can still use Firefox and sync your data across all devices.

Not Chromium based: Chromium is the open source browser that Chrome is built on. It’s basically Chrome before some Google-specific components are added in. As already mentioned above, Chrome is becoming a bit of a monopoly. There is NOTHING wrong with building a browser on Chromium. Several fantastic browsers do that. However, it further contributes to this monopoly. The more Chromium-based browsers there are, the more developers code to only that platform. This leads to the exclusion of other browsers. When users hit issues they think “Why is this browser terrible?”, not “Why isn’t this site built better?”. This continually funnels more people towards Chromium based browsers, where the sites “just work”. And in the end Google has gained more control over how the web behaves than any one company should have. Firefox, however, uses its own engine and it’s fantastic. For a deeper look at the pros and cons of using Chromium-based browsers, this article is a great read.

Extensions: Honestly extensions are almost what make a browser in regards to privacy. And Firefox has a WEALTH of them, in addition to the privacy features already built in. Don’t get me wrong, Chromium-based browsers do as well via the Google Chrome Web Store. But, that continues the Google snowball that I’ve already discussed. Firefox is known for being extremely customizable, much of which comes from its extensions. You can go full-on tin foil hat with them or use none at all. Below is the list that I have found to be a good balance between completely open and so secure that the internet is unusable:

  • LastPass (Password management)
  • HTTPS Everywhere (Resends your requests using the encrypted URL instead of the standard one)
  • uBlock Origin (Blocks ads and tracking from Google, Facebook, and others)
  • Firefox Multi-Account Containers (Keeps cookies in silos so that sites can’t use info from other ones to track you)
  • Cookie AutoDelete (Every time you close a tab it deletes the cookies associated with it, so that they don’t linger and become used in malicious ways)

Containers: Continuing off of the extensions discussion, I’d like to expound a bit more on the Multi-Account Containers made by Firefox. This is one of the key features specific to Firefox that no other browser has. I can have my work, social, banking, search, and other sites open in their own little silos. That way none of them mixes together and uses each other’s cookies to spy on me. It really is a fantastic way of walling off information from those with ill intentions. There is a bit of work up front to tell it which containers you want sites to open in, but thereafter it will use them automatically.

Conscience: Last but not least, it just sits well with my conscience. Maybe it’s just me, and others might not put a lot of stock in it, but there’s something to be said for having peace of mind.

So what are the downsides? Let’s not pretend there aren’t any. As mentioned before, you will likely run into more issues with sites not working than with a Chromium-based browser. Who’s fault this is doesn’t really matter, in the end the result is encountering more problems. Ones that likely won’t go away. Secondly, it’s just not as polished in general. The Quantum rewrite took it forward leaps in both speed and performance, but it still seems to lag more and be less smooth overall.

How much any of these cons matter to you will largely depend on how hard-core you want to go with the privacy push. Without a doubt, you can’t go wrong with Firefox when looking for better privacy and security.


Safari is actually quite a good browser these days, and also very privacy focused. Apple has realized that privacy is a niche where they stand out in a good way. Whether they intended to do that for the sake of the users or just ended up there by happenstance, nobody knows. But they’re milking it.

There are a bunch of small features that make Safari appealing in my Apple-integrated world. Chief among these are:

  • Reader mode (Other browsers have one, but this one is the best)
  • Text shortcuts (Every time I want to input my email I simply type “eml” and hit space. The same is true for address, phone, etc. This saves a surprising amount of typing and syncs across my devices.)
  • Seamless syncing with my other devices
  • Built-in reading list
  • Beautiful design and performance on both desktop and mobile

Add to the items above that you can add extensions, plus other capabilities through App Store apps, and Safari is a solid option. You’re probably wondering at this point why I don’t use it given all the bragging.

As with all things, it has its downsides as well. One of the major ones is a less robust extension library. Some of the major players like uBlock Origin is there, but things like HTTPS Everywhere are not. And some that are present don’t work quite as well within Safari for whatever reason. Also missing is a way to manage cookies by tab. I have purchased a separate program named Cookie 5 that will delete them on close of the browser. But I use my browser all day long, and that is a lot of time in between for sites to use my cookies in ways I don’t desire.

So, though Safari provides the best experience overall, I’m sad to say it doesn’t fit well enough into my privacy-focused world.

Mobile is a different story. Apple locks developers into using their web engine on iOS, so no matter what browser you’re using it’s basically just Safari reskinned. Adding in a content blocker like Firefox Focus gives you the ad blocking and increased privacy you want. Also, nothing else matches the smoothness and integration of Safari on iOS.


One of the standout Chromium-based browsers is Brave. I’ve been testing it it out and REALLY like it. This browser’s company was started by the co-founder of Mozilla, Brendan Eich. Its focus is on providing out-of-the-box much of the security/privacy that others offer via extensions, and also on solving the issue of website ads. It has a novel approach where publishers and users opt into a network where users are rewarded for surfing and can give some of that back to their favorite content creators. In this way you eliminate targeted ads and much of the privacy issues that accompany them.

Honestly, it seems like a great browser. It’s definitely a great solution for the not-so-techy folks who just want better privacy. Many of the functionalities I described in my favorite extensions above are built right into the browser, among others. If a site isn’t working well, just click the “shields down” button to allow it to work as normal. Also, it can install any plugins from the Google Chrome Web Store.

The only hangup for me is that it’s Chromium based (which was discussed at length above). Also, the mobile app isn’t awesome. It’s getting better, but still not quite to the level as that of Firefox. If those things don’t bother you, get it. I think you’ll enjoy it.

If you’d like to give Brave a try, click here.


All of that to say, in my opinion Firefox best fits the bill for a privacy-focused world view. It’s the only browser that allows you to silo websites, manage cookies per-tab as I close them, isn’t built on Google software and therefore isn’t controlled by them, and comes from a company that is well positioned to put the needs of the users first.

I won’t be offended if you don’t agree. There are as many opinions as there are browsers. But I hope that sharing this is thought provoking and will assist in your own journey to better privacy!

In the end it’s not which browser you use that protects your privacy so much as 1) where you browse to and 2) being mindful of how the web works. To that end, pick one with a track record for being secure, pick reputable addons to enhance its capabilities, and browse smartly.

Update (09/18/2019)

Apple has been leading the way with blocking cookies in Safari, and now Firefox is following suit. I also conducted my own little test using to see exactly what information websites could pull about me. Without any privacy addons installed Safari gave up less information than Firefox did, even when configured as I’ve mentioned above.

All that to say, Safari is becoming a very good option for privacy if you live fully within the Apple ecosystem. Everything I’ve said about Firefox above still holds true, but Safari is a much better option these days than it once was.

My Journey to Better Privacy (Part 1: Search)


The subject of privacy, for me, is one I’ve been more or less dodging for a long time. It’s something I feel strongly about. I make half-hearted attempts at improving it now and then. But overall I’ve mostly let it go by the wayside. It’s really easy to retweet statements by privacy-focused groups or to make recommendations for what others should do. But when it comes to true and meaningful lifestyle change, it’s tough. There is always a rationalization for why it just isn’t worth it.

And so here we are, time to stop making excuses. I’ve decided to set out on a journey to better privacy. In all of life I’ve discovered that taking things in small steps is always more successful for me than changing all the things at once. So I’m going to take one area at a time and tweak it to be more privacy-focused. As I do so I’ll also be discussing with you the pro’s, cons, and flat out pain of each step. But, at the same time there is always the question of how thick you make the tin foil hat. I’m a tech-oriented person that works in a tech-oriented field. Because of my level of exposure to electronics and the internet I will never fully have privacy. I will, however, be trying to strike a balance between obtaining optimal levels of privacy and being able to live a somewhat normal life.

Step 1: Search

The first step on this journey is swapping my search engine. I chose this to be the first one as an easy entry point, because I’ve done it off and on in the past. Over the years it’s become very apparent that Google is not our friend. They are not a tech business that are our buddies. They are an advertising business that’s using our love of free, high-quality software to soak up unthinkable amounts of data. DuckDuckGo, however, is the closest thing in modern day to what a search engine should be. I should have swapped to it permanently a long time ago. Because I’ve struggled with this already I can go ahead and tell you the up and down side.

The Pros

DuckDuckGo provides what you actually want from a search engine, search results without having your essence sucked away as you use it. They don’t track you, ever. Your searches are yours alone. Secondly, they don’t contextualize your search results based off data collected about you (further locking you into your own echo chamber). Most of us probably don’t even realize how tailored our results are to the information Google has on us. Does this provide extremely relevant results? Yes, but at what cost?

TLDR: It’s not watching you like a creep.

The Cons

What? You’re recommending something to me and it isn’t perfect??? How dare you Landon!

No, DDG isn’t perfect. Neither is Google, we’ve just gotten so used to it that we don’t even notice. I mentioned above that I’ve made multiple attempts at swapping. Each time I would be led by my convictions and eventually bow to convenience. Google searches are just GOOD. I mean, flat out really good. If I search for something in DDG and don’t almost immediately find it in the first 1-3 results then I get frustrated and run it in Google. It’s just the way we’ve been conditioned to operate. But, when I run it in Google I almost always find it right away. During most of my IT career I’ve been in a support role, and finding the correct answer right away outweighed my privacy concerns. Then, if I was going to do it with work I justified doing it with my personal devices too.

So what’s different this time? I’m currently in a role where I’m not under pressure to find results instantly. I can take the necessary time to adjust to how DDG operates and give it a chance to give me what I need on result 4 or beyond. And as I’ve done that, I’ve honestly found that what I need is there if I will take the .05 seconds of patience required to look for it. I’ve heard from others that, over time, as Google is given less info on them then the two providers have much more similar results.

One last area of challenge is that this will apply only to me. My wife has been extremely resistant to swapping to DDG in the past and I don’t expect that to change now. This is actually something you’ll face at every turn when trying to live a more privacy-focused life, those you interact with the most will be reluctant. The truth is that the average user just doesn’t care, and ones that consider it find the transition pain enough of a barrier to stop.

TLDR: There will be a period of adjustment because Google is so freaking good, but keep in mind what you’re giving Google in return (do you even know?).


I’m swapping search on all my devices from Google to DuckDuckGo, and you should too. Drop the creepy guy looking over your shoulder (probably with a weird mustache) and keep your searches to yourself. Learn more about DDG here.

Life in the Key of E

Many years ago, sometime during high school, I set out to learn guitar. This was in the days before YouTube, so all I had to work with was an antique book of my dad’s. Utilizing that, and eventually the internet, I picked up four or five chords and was feeling pretty good about myself. E (or perhaps E minor, I forget which I learned first) was instantly my favorite. When I played it the sound just resonated with me. As time went on I would learn a couple of basic songs, but mostly I would just wing it, combining different cords to make up a tune. Often this revolved around E.

After a couple of decades I’m still at basically the same skill level that I attained in college. Sure my strumming has improved and I picked up a couple of tricks, but I’ve learned no more chords and still for the life of me cannot remember any actual songs. This has been a source of great frustration for me. I don’t like to fail, and it has bothered me to no end that my mastery never reached the level of others I know. Most guitar players can pick one up and play a favorite song or two, even those that know fewer cords than I do. The majority of my time with the guitar is spent simply playing the E chord, with variations thrown in by lifting one finger to make it E minor. I think it sounds pretty good, and I thoroughly enjoy jamming out in this way, but I definitely feel like a loser in regards to the guitar.

In recent years God has allowed me to see how this parallels my life. I’m a very thought-oriented person. Because of this, I tend to decide who\how I should be and then set out to make that happen. I will work tirelessly in pursuit of the course of action I believe to be best, and throw myself headlong against any obstacle that threatens it. To the great surprise of my adult self, that doesn’t always mean success. There are areas that I was certain were to be my primary focus but I’ve seen very little growth or success in them over the years. This is especially sad because I was doing them in service to God, for His Kingdom. However, there are areas I’ve completely ignored that have flourished without me even paying them direct attention. Those taken-for-granted skills and interests developed naturally despite being secondary in focus. It’s almost like I couldn’t help but be good in them. You might say they just resonated. And, funny enough, they also opened more opportunities to speak with people about Jesus than any of the areas I had tried to force open.

So, what am I trying to say? Follow your heart and be the truest version of yourself? No, that crap comes from Disney movies. Your heart is wickedly deceptive and can’t be trusted to steer itself (Jeremiah 17:9). What I am saying is that you were fearfully and wonderfully made by an infinitely wise God. Seek Him, be yourself, and let Him use it in mighty ways. Don’t feel like you have to pattern yourself after this pastor, or that leader, or some successful person. “God is most glorified in us when we are most satisfied in Him.” (Piper) Be satisfied in Him, content with the strengths and weaknesses He’s given you, and play your song. Even if you don’t know a “real” song like the cool kids.

Kindle Fire HD8 Review

Background: I recently found myself wanting to replace my iPad Mini 2. It’s around four years old and starting to become sluggish enough to be frustrating. Given the incredibly low price of Amazon tablets on Prime Day, I decided to take a risk and try out the Kindle Fire HD 8. Below are my impressions after using it for a couple of weeks.

The Good

The Price. Being prime day, I was able to get the tablet for $50. Throw in a 64gb SD card plus a cover and altogether the total was around $80, which is the normal selling price of the tablet. Even if it weren’t on sale, you have to consider that to replace my old iPad with the current equivalent it was going to cost me $300, and that is without expanded storage or any accessories. Right away I’m feeling good about this purchase because of the low initial investment.

The Support. Amazon has now retired the “Mayday” feature, but they still have excellent support built right in. I was having a minor issue where custom playlists were not showing up in Amazon Music. You simply go to the Help app and from there you’re able to request assistance by either email or phone under the “Contact Us” section. The representative contacts you, so you don’t have to wait on hold, and helps you with whatever issue you may have. I’ll admit that at first it sounded like a very low-level call center tech, but nonetheless he was able to resolve my issue quickly. This seems like a great feature for the not-so-tech-savvy folks you may want to gift this to.

The integration. One of the reasons I was willing to take a risk on a Kindle tablet is that we’ve become pretty big users of the Amazon ecosystem. I listen to Amazon music frequently. My family watches Amazon Video. And of course we do a ton of shopping on Amazon (who needs Walmart parking lots, am I right?). Being an Amazon product, all of these are first class citizens on the Kindle Fire. Not to mention Alexa, who is quickly becoming like a family friend around our house.

The Hardware/Performance. For $50, there is respectable hardware in this device. The screen is crisp and clear, the apps run well (mostly), and moving around the tablet is smooth (mostly). More on the mostlies in a moment. Also, coming from a completely closed-off iPad, having the option to expand storage with an SD card was a very welcome feature.

The Bad

The Apps (or lack thereof). Number one, chief issue with Amazon tablets is the lack of apps. There’s just no way to spin it. You won’t find any of the Google products you likely rely on, like Youtube. Microsoft ones are hit and miss (Outlook but no OneNote). There are many popular ones that are present, like Facebook, but easily twice as many that aren’t. You can mitigate this by installing the Google Play Store, or using sites like APKMirror. But, (a) this requires a higher technical skillset than many users are comfortable with and (b) it potentially opens you up to vulnerabilities by bypassing the Amazon app store (you have to enable the installation of apps from unknown sources). Where you fall on the techy spectrum and your views on convenience vs customization will affect how much of an issue this is for you. I found it workable but annoying.

The Operating System. Amazon’s Fire OS is really just a modified version of Android, and it’s a complete mess. Forgive me if I sound biased coming from a mostly iOS background, but stepping into Android feels convoluted and disjointed. Don’t get me wrong, there are things about it that I grew to like. But overall I still prefer iOS by far. This is not only because of the greater consistency and aesthetic appeal, but also for security and privacy reasons. Being Android at its heart, Fire OS is victim to all the same issues Android has (ie I’ve never had to install antivirus on a tablet before). I do, however, feel that privacy is more in the users’ hands with the Fire tablets than those completely pre-stocked with Google’s apps and framework.

The Interface. Jumping off of the OS point, the custom interface of Fire OS leaves a lot to be desired. In fact, it would actually be much better if they just left it at stock Android instead of adding their own customization. I realize that much of the intent is to focus you in on Amazon content. (That is, after all, why these are so cheap. They want it to be a gateway to Amazon services.) I would argue, however, that their confusing interface actually makes this more difficult. Want to watch something on Prime Video? You go to the Video tab, right? Wrong. That tab will advertise videos to you, but it doesn’t list your watchlist, etc. I found it much easier to simply go to the actual Prime Video app, which felt more full-featured and more readily presented what I was looking for. In fact, I moved it and everything possible to the Home page so that I could avoid flipping through the various tabs. They aren’t at all customizable, and after a short time became something I avoided completely. Part Android/part Fire OS issue, I always felt like there were multiple ways of accessing similar things and rarely clear rules as to which should be used. On a less important note, there are a litany of small UI issues that are more preference than anything else (ie I still don’t know how to copy/paste correctly).

The Performance. Before I comment on this, let me remind you that this is a $50 tablet. That being said, if you’ve used tablets of a higher caliber then there is a certain level of responsiveness you’ve become accustomed to, even without realizing it. I had rosy eyes going into this experience due to price, Amazon integration, and some of the other points mentioned above. This area was the smelling salts, as it were, that awoke me to reality. Remember how I said “mostly” in the good performance section? When you first turn on the device things are very smooth, surprisingly so in fact. However, as you begin to install apps and put it through its paces that experience quickly withers. It doesn’t become unusable, but noticeably less smooth. My biggest irritation was when exiting apps back to the Home screen. There would be a delay in the icons appearing on the screen. This may sound like a small deal when you read through this, but think about how many times you perform that action throughout the course of using a tablet. Overall this leads to a noticeable amount of lag that is consistently presented to you. Also, in many apps there was a surprising amount of choppiness. One of the reasons I wanted something newer was so that games and such would perform better. However, when I went back and compared the Fire HD 8 to my 4-year-old iPad mini, it was actually performing worse. Hearthstone had run, albeit not perfectly, on my iPad but was almost unusable on the Kindle. Even simpler games like Candy Crush were annoyingly laggy on the Kindle but ran smoothly on the older iPad. Not what you’re looking for in a new device experience.


So, what does all of this mean? Do I think the Kindle Fire HD 8 is a good tablet? Yes. Do I think it’s one for me? No. In fact, I’ve gone back to using my iPad Mini. I’ll likely save up and buy a newer Mini to replace it. Why? Mostly ecosystem, experience, and apps. If you’ve used a tablet that performs well then using a laggy one feels like going backwards. Also, on iOS I have access to the ecosystem that all my other devices use as well as a rich app store. Whether you’re invested in either the Apple or Google ecosystems, you’re going to struggle adjusting to Amazon’s app selection.

That being sad, this doesn’t mean the Kindle isn’t a great device for others. I think it would be a fantastic device for someone who (a) is buying a tablet for the first time and doesn’t have any previous expectations and investments into other ecosystems or (b) simply wants to consume Amazon services. It’s also great if you want something cheap to get beat up. Full disclosure, we have two of the cheaper Kindle Fire 7 tablets that my kids use. For simple children’s games, etc, they’re just right. I’ll likely save this one for when one of theirs dies and let it be a nice upgrade for them.

Could I make the Kindle Fire work? Yes, but I prefer the iPad. And sometimes preference is all it comes down to.

Windows Server Core Jumpstart

Recently I’ve been looking into the potential that Windows Server Core holds for our environment. Like most eager new Core users, I imagine, I jumped in with grand visions of spinning up a VM quickly and being off to the races administering it from my desktop. The reality wasn’t quite the same, as I ran into a chicken and egg situation wondering how I could set up the machine when I could not yet connect to it. To complicate the issue, I couldn’t find a concise list of information on exactly what is needed to simply make the machine available so that I could begin to work with it.

With that in mind, I’ve compiled the following information in hopes of saving others the same headache. There’s nothing earth shattering here, but hopefully it will allow people to get started with Server Core quickly so that they can move on to more important things, like how the server will actually be used.

Let me know if you have any questions or suggestions. Hope it’s a help to you.

  • Ports to request from your firewall team.
    •  TCP
      • 5985, 5986 (WinRM)
      • 445 (SMB) –This is up to you. I wanted to be able to move files to/from the server.
      • 135
  • Local firewall rules to allow remote administration.
    • Enable Remote Management groups
      (Note: If you enable “Remote Service Management” on the host first, then you can do the others via PowerShell remoting. This can be helpful since copy/paste in things like VMWare console doesn’t always work.)
Enable-NetFirewallRule -DisplayGroup "Remote Service Management","Remote Event Log Management","File and Printer Sharing","Performance Logs and Alerts","Remote Volume Management","Windows Firewall Remote Management","Remote Desktop"

Default outbound traffic to allow

Set-NetFirewallProfile -Name Domain,Public,Private  –DefaultOutboundAction Allow

Enable Ping (optional)

Enable-NetFirewallRule -Name FPS-ICMP4-ERQ-IN
  • Remote management tools
    • Add the remote computer to Server Manager (available on Windows desktop and server versions).
      • Once added, you can easily launch Computer Management and PowerShell for that specific machine by right-clicking it.
    • Connect via PowerShell remoting.
      New-PSSession -ComputerName YourRemoteComputer | Enter-PSSession
      • Cross-domain PowerShell Remoting (ie Dev or Test domains)
        • If remoting isn’t enabled on your local machine, enable it.
          Enable-PSRemoting -Force
        • Add machines to the TrustedHosts list. (Depending on your setup, you might have to substitute IP addresses for the machine names in -Value.)
          Set-Item WSMan:\localhost\Client\TrustedHosts -Value 'machineA,machineB'

          Verify with:

          Get-Item WSMan:\localhost\Client\TrustedHosts
        • Use PSSession to connect
          New-PSSession -ComputerName machineA -Credential (Get-Credential) | Enter-PSSession
      • IIS management (run on remote machine)
        Install-WindowsFeature Web-Mgmt-Service
        Set-Service wmsvc -startuptype "automatic"
        Start-Service wmsvc
        • Set HKLM\SOFTWARE\Microsoft\WebManagement\Server\EnableRemoteManagement to 1.
          (This can be achieved using the local regedit tool and connecting it to the remote machine.)
        • Restart the WMSVC service.
          Restart-Service wmsvc
        • Connect from local IIS Manager for Remote Administration with the local administrator credentials of the remote machine.
      • You can either use sconfig or the following remote PowerShell commands to allow Remote Desktop. (This is especially helpful for quickly getting to sconfig and other commands that do not operate properly with remote PowerShell.)
        set-ItemProperty -Path 'HKLM:\System\CurrentControlSet\Control\Terminal Server'-name "fDenyTSConnections" -Value 0
        set-ItemProperty -Path 'HKLM:\System\CurrentControlSet\Control\Terminal Server\WinStations\RDP-Tcp' -name "UserAuthentication" -Value 1
  • Common configuration tasks
    • The utility “sconfig” can be used for most setup items.
    • For a more speedy and scriptable setup, below are some common configurations via PowerShell.
      • Change date\time
        Set-TimeZone -Name "Eastern Standard Time"
      • Change computer name
        Rename-Computer -NewName "machineA" -Restart
      • Add to the domain
        Add-Computer -DomainName "" -Restart