Family Tech Support with Identity-Defined Networking

Since I write software for a living, I end up being the “IT guy” for my entire family. This is not limited to my immediate family; we’re talking mom, wife’s mom, our friends, their kids, their parents, etc. Most of the time, they are nowhere near Seattle, so a lot of computer help ends up being done over the phone. Most of my family’s questions fall into three categories:

(1) setting up a computer / network / printer

(2) dealing with Google, Apple, or Facebook

(3) “I think I got hacked”

Questions about (1) and (2) are easy -- sometimes tedious, but generally I can help people make enough progress for them to hang up and run with it. But (3) = cringe -- when people think they got hacked, it’s a whole new ballgame.

First, they are embarrassed and in denial. Somebody fooled them. They clicked a link in an email from a stranger after they’ve been told, “Don’t do that,” a thousand times. They believed some scammer’s pitch. They clicked “OK” to remove the detected malware, and then the “tech support people” called and tried to help them, but now they feel bad because, even after paying some money, they still can’t get their files. It’s not a good situation.

Second, they don’t really know what steps they took to get there, nor do they know exactly how to describe what is wrong.

Third, I am the last person they want to admit any of this to. Last Thanksgiving, they told me all about how they can set up computers, networks, use applications. They know how the Internet works, they know how to use apps, they read about hackers, they get it…

So, when my mother-in-law calls me fearing that she has been hacked, it can be difficult and frustrating for both of us to figure out how to fix the problem over the phone. Since I became “that IT guy” for my extended circle, I’ve been thinking about how to make this easier. Surely there is a way?

I finally found it, and it’s Identity-Defined Networking (IDN). I have a Conductor in AWS, a HIPrelay in AWS, and a variety of HIPswitches and HIPapps spread throughout my product development team. I have a HIPclient on my MacBook. Last time I saw my mother-in-law, I installed a HIPclient on her MacBook, pointed it to the Conductor, gave it an overlay network IP of, and made sure to enable screen sharing (i.e. VNC server built into Mac OS) for my user account on her computer. This took me literally 7 minutes.

Six weeks later, she called my wife in a panic. She got an email from the same “technical support” people that she paid the $250 to a year ago. Scared, she trashed the email. But hours later, something gnawed at her and she wasn’t sure if she clicked on anything. This time, she wisely shut down her computer and called me for help to make sure her computer was okay.

With the HIPclient installed on her MacBook, I was able to perform a miracle in front of her eyes, explaining everything as I went. From my office at work in Seattle, on the phone with her in Boulder, CO:

  • I had her power on her MacBook.
  • When it was up, I could see in the Conductor UI that her HIPclient was online. I added her HIPclient to my “skene-mesh” overlay network, and gave her communication policy with my MacBook HIPclient.
  • I opened a terminal window and pinged her overlay IP address When that succeeded, I knew the rest would be easy because her MacBook appeared to be on the same LAN as my MacBook -- despite our corporate firewall, her ISP in Boulder, carrier-grade NAT in between us, 1250 miles of Internet, etc. (thanks to the magic of our HIPrelay).
  • I opened a screen sharing session to the same IP address (with Screen Sharing, the native Mac OS application). Over the phone I told her to allow me to control her mouse and keyboard clicking “yes” on the dialog that popped up.
    • I showed her that I was in control of her mouse and keyboard, but she could also move and type as well. I could give her a guided tour of everything I was doing.
    • I opened her email, searched, found the email in the trash and we looked at it together. We confirmed that she hadn’t clicked any links or called the phony “tech support.” At this point I heard my mother-in-law start crying tears of joy.
    • I then opened up a terminal window, installed brew, htop, wireshark, a few other tools. I poked around, looked for strange processes, looked for odd applications installed, etc. Things looked pretty good! All this took about 30 minutes.
    • While I was there, I helped her set up a junk mail folder, showed her how to use tabs while browsing, looked at a couple of her photos and talked about the grandkids. I asked her if I could screen capture this for a blog and she said, “I’d be honored.”

    How’s that for 45 minutes? Without our technology, I’d still be talking in circles with her on the phone.

    Watch my video blog "Family Tech Support"

Thursday, September 14, 2017 By Bryan Skene