Chromebook Management and Wifi Networks: Devices vs. Users

I’ve recently had some experience adding 30 or so Chromebooks to a school network, complete with device management licenses, and so far I am, overall, impressed.

One thing that is actually pretty cool because you can actually set available and auto-connected wifi networks for managed Chromebooks based on what organization or suborganization they belong to. That said, I ran into an odd bit while setting up the wifi settings.

FIrst of all, most Chromebooks are wifi dependent, so when they’re first started up and enrolled, they have to be on a wifi network. I’ve found the easiest way to do this is just temporarily use or set up an “open” network.

Please note – I do mean enrolled. By default, if you want the Chromebook to be tied to a management license or system via Google apps for business (or education), you cannot simply sign into the Chromebook with an organization email address. Make that mistake and you need to wipe it back to factory settings. One option – if ordered directly through Google (with known MAC addresses) – you can to set up auto enrollment, and anyone signing in with an organization email automatically enrolls the Chromebook as well.

The option we took was to manually enroll the Chromebooks by hitting the key sequence CNTRL-ALT-e after attaching the chromebook to the open wifi network.

Once enrolled, sign in. Once it is online, the Chromebook starts picking up settings, including the aforementioned wifi settings.

Here we get into an oddity. In the network settings tab of the device settings (above) there are actually TWO sets of wifi settings that can be set or inherited at any level of the organization. Devices, and Users. You can think of “device” wifi settings as those that are available even when no-one is logged in. Since a new user needs to be on the internet to sign in for the first time, they either need access to an open network, OR valid wifi settings under “device” for a secure network provided via the management settings.

“User” wifi settings are used to manage what wifi credentials are pre-loaded and available to any user account that signs into that device. This can be an entirely different set of networks, or simply the same one that was used to log in.

Switching iPhoto Libraries

It used to be that if you had lots and LOT of pictures, iPhoto would slow down, and you’d be told by some well-meaning soul to start a new iPhoto library. The problem being that to switch from one library to another required you to either dig up an app like iPhoto Buddy, or to learn the timing of holding down the “option” key as you started up iPhoto, so that you could select an alternate library.

In short – while less of a pain than dealing with iPhoto taking forever to do anything, it was still painful to do it manually.

It turns out hte latest updates to iPhoto 11 now allow you to switch to another library from within iPhoto.

While I still use iPhoto Buddy, it’s nice to be able to switch on the fly without restarting iPhoto.

When do You Have to Buy Office?

One tool that no computer should be without is the one we typically
call an “Office suite” – a collection of programs to manipulate words,
numbers, and data so that we can present that information to other
people. Microsoft Word, Excel, Access, Powerpoint, and Outlook are the
gold standard for this. For years, companies spent hundreds of dollars
for each copy – and frankly, many pirated copies – because they were
the de-facto standard if you wanted to send files to someone else and
have them be understood.

Office has withstood the onslought of Adobe’s PDF standard, because
you cannot easily edit spreadsheets and text documents once they are
PDF files. Despite the foothold in the law community, Wordperfect is
effectively an also-ran.

Yet, there are alternatives. On the Mac side, there is Apple’s iWork
suite and the OpenOffice – based NeoOffice. For mac, Linux, and Windows, Open Office and Libre Offic all try to capture the
breadth of features and feel of Microsofts 800-lb gorilla. For most
people, they succeed admirably, and given how well most convert
documents in and out of the MS Office formats, there is little need
for most people to buy a copy from Microsoft.

So why in this environment should anyone go out and pay good money for a suite that comes from Microsoft?

Exchange

Google is making significant headway with its powerful online mail, document, and calendar sharing services. Nevertheless, it doesn’t quite meet the power and flexibility – or cost, complexity, etc. – of an Exchange server, especially when it comes to shared contacts. Exchange is completely integrated with Outlook, and nothing else quite works so well for the people who need those features.

MAPI and OLE

Office provides several ways for other programs to communicate with them. A number of programs – especially business or industry-specific ones, use these to create emails or documents from scratch including word processing and spreadsheet documents. Unfortunately, in this case, no combination of Open Office, Thunderbird, etc. are going to quite do the job.

Compatibility

Other office suites currently are very capable when exporting to or importing from the Microsoft document formats. Minor variations in formatting can creep up between different versions of the Microsoft suite (2003, 2007, Mac) as well. Nevertheless, when formatting fidelity, etc. is a must, the results are much better if you stick to the same software all around instead of converting between completely different document formats.

Your boss/school/etc. Told You to.

You can argue that “Exchange” or “Compatibility” also qualifies here, but if your boss, company, or school says to use office, well, then that’s what you do.

In short

If no-one is forcing you. If you don’t need complete integration with an Exchange server. If you don’t need as close to perfect compatibility as possible with other MS Office users, or use software that requires Office to use all of its features, you may want to consider the cheap or free alternatives available to you. Otherwise, well, you need to bite the bullet and go get a copy of MS Office.

Lion: Smooth Sailing With a Few Waves

I’d been putting together some thoughts on Facebook, Google+, Twitter, etc. when Lion was released. Obvioulsy, I immediately installed it – I can afford to. I have backups. Lots of backups.

So what is there to say that hasn’t already been said?

First, some high points. In case you’ve never been bitten by this, never, ever, ever upgrade a business-critical computer until the software you need is updated to work with it. Ever. That especially applies to niche software like architectural CAD software, or if you make a living as a graphic designer.

Also, “rosetta” – the technology that allows Macs to run older programs depending on “PowerPC” chips, is no longer available, at all. This especially hurts those who use products like Quicken for the Mac (Intuit, along with Adobe, is another company that seems to think that adapting to long-announced changes and providing current product updates is just passe). Also, Mac versions of MS Office before Office 2008 will not be usable without an update or switching to iWork or Open Office/Libre Office.

Please note – if you are using Quicken for the Mac, please export your file as a backup before upgrading OS X.

So now what?

Well, I’m not every user. I make my living helping other users. That said, many of the programs I use are the ones I recommend to others.

The Install

Straightforward. Buy the app, let it download, let the installer run. Wait 30 minutes or so after that, and a new splash page appears with your login.

The first thing I checked, as with every major update since 10.5 completely reset the printer settings, was to verify my printers were still there. Yes they were, and yes they worked. Also, the 10.7 update didn’t scrub my custom keyboard shortcut for printing PDF’s (originally at OSX hints).

Personal Information and Mail

I started up the new Mail app, and ended up waiting quite a while for it to update the mail database to the new format. In the meantime, I opened up my google account in Safari, and discovered a new wrinkle. When logging in to at least several services that Lion recognizes using Safari (I can verify this for Gmail and MobileMe), Safari helpfully asks of you wish to add the account to your mail and calendars. Since those accounts were already in Mail.app (which was updating) I simply said no thanks, but it’s a nice touch that goes hand-in-hand with automatically opening up the login sheets at many public WiFi hotspots.

Once the mail had finally updated, I looked in the system preferences. Oddly, even though the soon-to-be-obsolete MobileMe control panel listed that I was syncing my contacts, the (new) unified “Mail, Contacts, & Calendars” account panel showed my Mobileme account as only synchronizing calendar items, mail , and chat items.

Yes, chat items. I’m not sure where that will lead just yet.

Either way, my contacts do sync.

Looking into my address book, I discovered that Address book was no longer syncing with Gmail. I fixed that, and after a few rounds of discrepancy reviews, had my contacts under control again.

Scrolling

I’m still torn on the scroll direction reversal. I will say that it’s actually fairly natural when scrolling via a trackpad.

That said, the hiding scrollbars were driving me nuts. I need to know where I am in the document, and the default setting to hide them when not scrolling can make it difficult to tell if there is anything further to scroll to.

Apps

Despite the dire warnings at the beginning of this post, very little broke. The following third-party apps worked without any apparent hitches:

Hazel – an automated folder cleanup tool.
Both of my password programs – 1Password and Little Secrets – worked fine.
DropBox
BBEdit – text editor
Candybar – custom icons.
Chrome
iStumbler seems to work
LibreOffice
Kindle
MailPluginManager seems to work
Notational Velocity a text note taker that works with simplenote
Google music manager
Picasa picture manager
Microsoft Remote Desktop Connection 2
Steam seems to work – but I havent tried to play any games yet
VLC – video player for flash and WMV videos

The following programs needed or had a Lion specific update that hadn’t yet been installed:

Xcode – New copy currently free
Homebrew – a system for installing linux utilities. Installed apps actually work, but you need to isntall the updated Xcode to add anything else.
Firefox 5 had an update when I opened it, but didn’t like my 1Password plugin.
Carbon Copy Cloner – excellent bootable disk backup system.
iStumbler – for finding WiFi networks
I updated Silverlight just in case
Scrivener has an update for Lion specific features
VMWare Fusion – this virtual PC emulator installed updates
Mail Act-On – a mail management plugin for the Apple Mail app, needed a reinstall.

Then a had a few issues that needed more work:

Pixelmator (a lightweight, awesome, and cheap image editor) had an issue – but an App Store update is coming soon to resolve it, and there are workarounds to get it running.
All of my Emacs (another text editor that works on different platforms) customizations and add-ons will have to be rebuilt, but the version I installed through Brew, as well as my GUI-based copy, both work fine at the default settings.

Lastly were the programs that flat out didn’t work:

Pocket Tanks – an “artillery” game knockoff.

All’s well that ends well.

Overall, it was a very smooth update. While there are a few things that are known to break, very little broke unexpectedly, and I’ve now had enough exposure to this to start getting really comfortable. Many apps did not need updates at all, though a number of the ones that didn’t need post-upgrade updates had already been updated in the recent past to be compatible with Lion.

Markdown and Writing

While major writing projects requiring lots of research, sometimes I just want to write up several paragraphs in an article without a lot of fussing about. Text editors are perfect for this, while also guaranteeing, unlike Word, Pages, or even more open formats, maximum future readablity and recoverability. Unfortunately, going back in to properly add links, italicize or quote text, etc., can be a pain.

Thus was born Markdown. Markdown is both a plain-text syntax for tagging text for web/formatted output and a program of the same name that converts text in the markdown syntax to valid HTML. Since the formatting and syntax use conventions already long common in emails, it’s very easy to mark up the text, and text formatted this way is highly readable even as plain text.

Since I don’t feel like breaking out a massive writing tool like Open/Libre Office or Scrivener every time I want to write up a few paragraphs, and since I absolutely hate going back after the fact to format everything in even the best WYSIWYG implementations when I could do it from the keyboard as I type, I really appreciate the ease of use.

I also appreciate the fact that it’s widely available. While blogger doesn’t directly support it, it’s fairly easily added to WordPress, and is available for Posterous and Squarespace.

So here’s my cheat sheet that I keep in Emacs when I need a reference. Most of it is paraphrased from the original, and further details or nuance are linked to on a section-by-section basis to Gruber’s original spec:

Markdown reference:

You’ll note the headers for each section link to the respective section in Gruber’s syntax page for more information on the available options and nuances.

Block Elements

A paragraph is simply one or more consecutive lines of text, separated
by one or more blank lines

This is a new paragraph.

To FORCE a
newline,
use two
spaces.

Headers

Two types.

This is H1 (with ===== underneath)
====================================

This is H1 (with ===== underneath)

This is H2 (With ------ underneath)
-------------------------------------

This is H2 (With —— underneath)

Alternately, you can use ‘#’

# One '#' for h1

One ‘#’ for h1

## Two '##''s for h2

Two ‘##”s for h2

Three '###' for h3, and so forth.

Three ‘###’ for h3, and so forth.

Blockquoting

Markdown uses email-style “>” characters for blockquoting. They can be
nested by adding additional levels of ‘>’. They can also contain other
markdown elements (headers, code blocks, etc…

> This is a blockquote with two paragraphs. Lorem ipsum dolor sit amet,
>
>> Inset second level.
>
> Donec sit amet nisl. Aliquam semper ipsum sit amet velit. Suspendisse

This is a blockquote with two paragraphs. Lorem ipsum dolor sit amet,

Inset second level.

Donec sit amet nisl. Aliquam semper ipsum sit amet velit. Suspendisse

Lists

Markdown supports ordered (numbered) and unordered (bulleted) lists.

Unordered Lists

Unordered lists use asterisks, pluses, and hyphens — interchangably — as list markers:

- Item a
- Item b
- Item c

Item a
Item b
Item c

Ordered Lists

Ordered lists use numbers followed by PERIODS. Order is irrelevant.

1. Dog
2. Cat
3. Kids

Dog
Cat
Kids

List items separated by a space have the content of the <li> wrapped
in a <p> paragraph tag.

Code Blocks

To produce a code block in Markdown, simply indent every line of the
block by at least 4 spaces or 1 tab. For example:

This is a code block.

A code block continues until it reaches a line that is not indented
(or the end of the article).

HTML in a code block is converted to entities, and Markdown syntax is
NOT processed within a code block.

Horizontal Rules

You can produce a horizontal rule tag (<hr />) by placing three or
more hyphens, asterisks, or underscores on a line by themselves. If
you wish, you may use spaces between the hyphens or asterisks.

---
***
___

Span Elements

Links

Inline or reference. In both styles, the link text is delimited by
[square brackets]. See the original
syntax for a
more thorough explanation of reference-style links.

This is [an example](http://example.com/ "Title") inline link.
[This link](http://example.net/) has no title attribute.

Reference-style links

[This is linked] [id1] to something
[id1]: http://www.midknightgallery.com/  "Midknight Gallery home Page"

This is linked to something

Also, a reference can be implicitly identified by the linked content

  [The Midknight Gallery][] is a great site.
[The Midknight Gallery]: http://www.midknightgallery.com/ "Home"

The Midknight Gallery is a great site.

Emphasis

**Bold**

Bold

*Emphasis*

Emphasis

Emphasis can be used in the middle of a word:

Crap*tac*ular.

Craptacular.

Backslash to escape literal asterix’s like this: \*.

Span of Code

Wrap a span of code within a paragraph with backtick quotes (`)

To include a literal backtick character within a code span, you can
use multiple backticks as the opening and closing delimiters:

``There is a literal backtick (`) here.``

Images

Inline image syntax looks like this:

![Alt text](/path/to/img.jpg)
![Alt text](/path/to/img.jpg "Optional title")

Reference-style image syntax looks like this:

![Alt text][id]

Followed by the same syntax as reference links:

[id]: url/to/image  "Optional title attribute"

Miscellaneous

Backslash Escapes

Markdown provides backslash escapes for the following characters:

\   backslash
`   backtick
*   asterisk
_   underscore
{}  curly braces
[]  square brackets
()  parentheses
#   hash mark
+   plus sign
-   minus sign (hyphen)
.   dot
!   exclamation mark

Automatic Links

Simply surround the URL or email address with angle brackets.

<http://example.com/>

Markdown will turn this into:

<a href="http://example.com/">http://example.com/</a>

Drobo – Stuff That Works

While not quite under “stuff I have at home” – but definitely under stuff I have my clients use – the “drobo” series of drive cases from Data Robotics, Inc. is a fantastic series of drive cases that do far more than allow you to hook up external storage or set up RAID arrays.

Most external drives are limited to the maximum size of one disk, and when your computer drives are near that maximum, backing them up with any sort of history you can dial back becomes a problem. Well, RAID is a solution to this kind of issue, but RAID is finicky to setup, and even more finicky to change or expand.

Hook up a Drobo, and slot in two drives. Now, if one of those drives fails, the other one keeps chugging with all of your data intact. All you have to do is yank the failed drive and slot in a new one, and it automagically rebuilds itself.

Need more space? Add a drive.

That’s it. No fuss, no muss, no reformatting or commands. Just. Add. A. Drive. The Drobo does all the work.

Need more space? Add another drive. Used up all your drive bays? Yank out your smallest drive and replace it with a bigger one. No need to shut it down, etc.

At every stage, the Drobo takes care of everything else.

We even had a client who’s Drobo had gone bad (the top bay failed) pull all the drives out under power, slot them into a new drive bay, and power it up. The drive rebuilt itself and is working just great.

Needless to say, I can’t recommend it highly enough. It’s expandable drive space for backups or storage, for people who don’t want to think about technical details.

Update: Over time this has become a recommendation I’ve reversed. At first, many of these worked, but over time flakiness with dealing with drives (even if you carefully shopped off the compatibility list) and network connectivity and access speeds drove us to finding other solutions.

Providing Reliable Backups for Friends, Family and Very Small Businesses

Tying in with my ode to Dropbox under the “What I Use” section, is this recent Lifehacker article that does an outstanding job of covering how to make reliable backups for the relatives most geeks provide tech support to, that are also transparent enough to pass the Aunt Hattie test. The article also points out how to set up fairly painless password storage (I also love 1Password for that), and remote access for giving them a hand. While it doesn’t cover much on local backups, modern Macs have the excellent Time Machine, and for Windows, the recommended Mozy will not only backup offsite, but will also back up to a local drive for faster recovery than the offsite backups.

In short, this “for your relatives” solution is also perfect for the small, home-office or one one-or-two computer type of business for setting up reliable backups and remote support.

Virtualbox

I recently stumbled across a new (to me) option for virtual machines called Virtualbox, provided for free by Oracle. Like VMWare and Parallels, Virtualbox allows you to create a virtual computer that runs inside it’s own window on your desktop. You can install Windows, Linux, etc., on these virtual machines, and even have multiple virtual servers running on the same computer – though that takes a LOT of memory.

Cons compared to its non-free cousins, VMWare and Parallels perform better and handle 3D graphics better. Pros: it’s a solid product from a reputable company, and it’s free. if you need to test and see if a virtual machine might be the solution for you without shelling out $80 or more, this is definitely the way to go.

Strategies and Considerations for Backing Up Small Businesses

Most of us have seen it before: A client calls, in a panic, because a company report, a critical database, or a critical email is lost. It could be because a computer died, it could be something was stolen, it could be because something was maliciously wiped. Hoping the answer is “yes”, you ask the question: “Do you have backups of that?”

The question serves several purposes. First of all, it gives you a rough estimate of exactly how complicated or expensive the recovery procedures are going to get. Secondly – if the answer is yes – it acts as a pacifier, reminding the client that they may be inconvenienced, but all is not lost. Even if you know they have backups because you already had this talk, calmly reminding them that they have backups helps calm them down, because now they know the odds of things turning out better than their fears have dramatically improved.

Of course, the best time to deal with backups is before you need them, and smaller businesses (5-20 people) have some unique issues that many larger companies with a full-time IT guy on staff wouldn’t typically see. Even with larger companies, it may be hard to convince people to free up money to back up data after they just spent so much money on computer equipment in the first place.

How critical is your data?

What are you willing to lose? Exactly what you back up, and how, will be determined almost entirely by what information you are willing to sacrifice. This determines how long you need to store data and how frequently you back up. If you have to recover information, can you lose a day? Two days? A week? How often do you update your offsite backups? If a computer dies, how much time is allowed to get the user up on a new machine?

These are questions that, in smaller companies, usually need to be answered by the owners. Even if they are not computer-savvy, they need to understand the different ways their data can be protected.

Workstations

Workstations are one of the most common points of failure. Loss of the hard drive or failure of the file system can result in the loss of data not stored on a server. Failure of the computer means time taken to transfer the user, his data, and his programs to another physical machine.

There are three basic ways to protect individual workstations. The first is to avoid having data that exists solely on one workstation. While much more difficult with laptops than desktops because many laptops leave the network, you should encourage users to store as many working files/etc. as possible on network shares hosted by backed up servers. Combined with email accounts hosted on exchange servers or IMAP services like Google apps, this policy allows a user to log into a different computer and begin to get minimally productive with email and network-saved files until everything is restored “just so.”

Of course, while IMAP based email does allow you to recover gracefully if you drop your laptop, it doesn’t prevent you from permanently deleting email (though a properly configured exchange server allows you to recover recently deleted files). Networked storage also doesn’t protect files that are strictly local to the workstation. Protecting this information requires either regularly backing up to another local – usually external – drive, or running a networkable backup client that can back up the computer – or at least the user profiles – to a central backup server.

The last case is one common in graphic design situations: a workstation with many semi-unique apps highly customized to the user. This can be addressed by regularly cloning the drive to another bootable drive, so that recovering from a failure simply requires a reboot from the backup disk or restoring from the clone. Cloning software is also useful when preparing to install a larger HD into a user’s machine.

Servers

Servers are a great way to share information and provide for a central means of archiving needed data, but even here we can have file systems fail and files can be inadvertently or maliciously deleted.

A word about RAID. A question I often get asked is “But we’ve got RAID, doesn’t that give me backups?” No, it does not. RAID allows a server (or workstation) to continue working even if one of the disks fails. It provides some “backup” from outright drive failure, but does absolutely nothing if the file system gets confused, the drive controller or CPU dies, the computer gets stolen, or someone out for revenge starts deleting files.

Here, your concerns should be backing up stored data files (simple with most software like retrospect/backupexec, etc.), providing for “bare metal” restores to the same or similar machine in the event of hardware failure, and performing offsite backups.

Let’s face it. Someone may break into the facility at any time and steal those expensive servers, and smaller businesses generally don’t have separate locked rooms for them. Or a fire may break out. Or a hurricane may come. Whether you use an internet-based backup service like Mozy/Carbonite, or you regularly swap tapes or drives with a copy kept offsite, you need to consider what data actually has to be preserved to allow a business to rebuild itself from such disasters. Cost also needs to be factored in. It takes time or bandwidth to move data offsite, and offsite storage also costs money. These constraints mean that a business must decide which data is important enough to be backed up offsite and how current the offsite backups have to be. Most companies I deal with swap and take a full copy of the local backup offsite on a weekly basis. Some backup just the critical data files offsite via the internet, daily or several times a day. Others combine the two.

On both servers and workstations, there’s the classic “Oops, I didn’t mean to hit save” where a file gets overwritten, and critical data gets lost. Fortunately, most backup methods these days support some form of snapshot, incremental or differential backup features that allow you to revert to any previous version of the same file. The exact method chosen is dependent on the amount of backup storage available and how far back you want to keep copies.

Flaming Hoops

Of course, it doesn’t matter how thorough and complete your backup system is if the data never actually gets backed up. In my experience, even as simple a process as daily tape changes tend not to get done if there isn’t a dedicated IT-savvy person available. There are two solutions to this: simplicity and responsibility.

Make the backup as utterly transparent as possible. Every time the user must take a step to ensure the backups continue, it’s a potential point of failure where users will eventually put off the action or forget to do it. While tapes still have a purpose and usage, our small business clients typically use hard drives that can be swapped out once per week with one offsite to minimize the amount of time and thought needed to maintain backups.

Also, we push the responsibility for swapping out backup devices as far up the ownership chain as possible. Face it – the owner will be a lot more concerned about the loss of business data than some secretary on the first floor. The more invested the person is in the success and continuity of the company, the more likely he will be to make sure backup tapes or drives are swapped out.

As we’ve seen, there are many factors that determine what specific products and strategies you use to maintain data integrity and continuity of operation. There are also many products, from many companies, that can be used for this purpose. They range from those oriented towards larger companies such as Backupexec, to those oriented towards individual needs such as Dropbox or the personal versions of Mozy. Which combination you use depends on how much downtime you can afford to have, and how much data you need to protect.

Recommendations

Antivirus
If you need to have a free antivirus for home use, try Microsoft’s “Security Essentials.” It’s fast, it works, and best of all, it’s free. Even for businesses.

If you have the cash to spring for antivirus (or have to because you are a business and have lots of computers) try out Kaspersky and ESET Nod 32.

On the Mac side, I’d stay away from both of the Norton and McAffee products. Both have a reputation for causing weirdness that should have also been earned on the Windows side as well (I’ve run into some totally showstopping bugs over the last few years). If you NEED an antivirus there is a graphically-driven version of ClamAV for the mac that is free, and will scan files.

Routers
For home gear I now generally recommend stuff from Netgear. Their current boxes seem to generally work more reliably than equipment from Linksys or D-link (though they generally also work well), and are readily available. They also tends to upgrade fairly easy.

Wireless
If you’re willing to spend the extra money, the Airport WAP/routers fromApple are high-quality pieces of equipment with excellent security, signal strength, and ease-of-setup features, as well as allowing their use as a repeater, and a decent Windows/Mac print server for USB printers. The repeater functionality is especially slick and well done. Last but not least, the Time Capsule allows for wireless home storage and across-the-network backups (for Macs). Otherwise, I’d usually go for a Netgear.

Browsers
Windows: IE8 is a huge improvement in many ways. It is somewhat safer from hijackings, has tabs for browsing, and best of all for all too many people I’ve known, finally fixes a printing bug that would cut off the right side of wider web pages.

That said, in combination with all of the various security updates and antispyware and firewalls and such, Windows starts running like a crippled turtle with IE7 on it unless you have a lot of RAM. 512MB, even 756MB, no longer cuts the mustard. 1GB on a Vista machine is asking for trouble.

So if you want a browser that won’t punish your system as much, and is still more secure, nevermind more extensible, do yourself a favor and use Firefox or Chrome wherever you can.

Firefox is a solid browser with support for many useful plugins, but getting away from its origins as a small, light, standards-compliant alternative to IE. Chrome is a browser provided by Google that uses the same “webkit” rendering engine as Safari (also available for Windows) but with an emphasis on speed and a minimalist interface that I wish Firefox would emulate.

Mac: A matter of taste. While there are other good options available such as Camino, you really can’t go wrong with either the built-in Safari, Chrome (intel macs only), and Firefox for those occasions where Safari just won’t work, or vice versa. Firefox is slower but far more flexible, and on the newer intel-based Macs, the differences are far less noticeable.

Memory
As much as is humanly possible. Neither an up-to–date copy of XP nor OSX run comfortably with less than a gigabyte of RAM. Two Gigabytes or more are recommended for OSX or Vista. Check out 18004memory.com for good prices and a great return policy. Another good place to check out is crucial at crucial.com.