Today is December 15th, 2011, and here in the US the Judiciary Committee of the House of Representatives is debating House Judiciary Committee Markup of #SOPA: H.R. 3261, the Stop Online Piracy Act.
As brave and forward as that name states, as I watch the proceeding I am dismayed and shocked at the lack of understanding of our representatives to the issues being brought up. I will simply say this. These people are not educated enough to make a decision, one way or another, on this bill, and with that said, they should not be moving it through committee.
The sheer lack of understanding of DNS (domain name service), dynamic IP allocation, DNS to IP variability and the potential disastrous effects of this bill that seem to be completely overlooked should have been the first thing that suggested these folks aren't educated enough to vote on this issue.
So the question comes (with the tin-foil hat) what or who is behind the impetus to get SOPA out of committee today? Who stands to benefit from SOPA?
Thursday, December 15, 2011
Wednesday, October 26, 2011
On "Personal Technology" and the "Next Big Thing"
I have the fortune (or misfortune) of getting Information Week delivered to my door. This year has seen a lot of articles about iOS, Android, Personal Technology, and custom application development. Of course, the executive team at work gets Information Week as well - from the CIO down to the department managers. We have been fairly forward-looking for a while - when Apple released the iPhone 3Gs we were able to support deploying those on a corporate level, and allowed users to bring them into the environment (on a personal level) if they were configured with a profile as detailed in the Apple iOS Enterprise support documentation.
Sadly, we were unable to support droids for a while, since they didn't even conform to ActiveSync security policy (this has changed, fortunately). This has been going on for a couple years, and for a business that is very concerned with privacy (we are a hospital, after all) it was very forward looking. The hospital did not choose to go the route than many others are on - hiring a team to develop custom applications for iOS or Android connectivity to our various data silos, but that wasn't a problem.
This year, however, has been the year of "personal technology" in the trade rags. And as the hospital desperately wants to be at the forefront of technology, they are pushing for support of personal technology at every level.
I am a fan of supporting personal technology. It helps your employees feel attached to your business. It makes them believe that you care about them, and their wishes. But sometimes, you have to balance that with security, business needs, and legal concerns. A strong leader in IS doesn't just give in to the employees, no matter how important they are, if what they want to do compromises the security of your business, and even more important if it compromises state or federal law. I thought we had a strong leadership team in our IS department. Turns out I couldn't be further from the truth.
Leadership knows one word when it comes to "I want" from the VIP/high-profile users: "Sure!"
Can I bring my personal device to the hospital, put explicitly restricted patient information on it, without any oversight or data security managed by the IS security group?
"Sure!"
Can I buy hardware that is blatantly incompatible with our environment, and connect to the internal network with it, so that I look important at conferences and meetings?
"Sure!"
But when we (as the IS team on the ground with the technology) attempt to raise red flags, or warnings to the leadership team that we need to have some sort of structure around these things, and they have to work (function) within the legal and moral scope of our business, we are ignored, or (worse) chastised for even considering such things.
Personal Technology is the "Next Big Thing" in IS - it makes sense because it can save money, it invests your employees in the business on a personal level, and it can improve the effectiveness of your employees - when your environment is able to support it. Before you take the time to let every smartphone, tablet, and personal device into your environment, you need to evaluate the devices, develop a plan, and implement it in a measured way with continued review to determine if what you are doing works for your employees and your business.
Sadly, we were unable to support droids for a while, since they didn't even conform to ActiveSync security policy (this has changed, fortunately). This has been going on for a couple years, and for a business that is very concerned with privacy (we are a hospital, after all) it was very forward looking. The hospital did not choose to go the route than many others are on - hiring a team to develop custom applications for iOS or Android connectivity to our various data silos, but that wasn't a problem.
This year, however, has been the year of "personal technology" in the trade rags. And as the hospital desperately wants to be at the forefront of technology, they are pushing for support of personal technology at every level.
I am a fan of supporting personal technology. It helps your employees feel attached to your business. It makes them believe that you care about them, and their wishes. But sometimes, you have to balance that with security, business needs, and legal concerns. A strong leader in IS doesn't just give in to the employees, no matter how important they are, if what they want to do compromises the security of your business, and even more important if it compromises state or federal law. I thought we had a strong leadership team in our IS department. Turns out I couldn't be further from the truth.
Leadership knows one word when it comes to "I want" from the VIP/high-profile users: "Sure!"
Can I bring my personal device to the hospital, put explicitly restricted patient information on it, without any oversight or data security managed by the IS security group?
"Sure!"
Can I buy hardware that is blatantly incompatible with our environment, and connect to the internal network with it, so that I look important at conferences and meetings?
"Sure!"
But when we (as the IS team on the ground with the technology) attempt to raise red flags, or warnings to the leadership team that we need to have some sort of structure around these things, and they have to work (function) within the legal and moral scope of our business, we are ignored, or (worse) chastised for even considering such things.
Personal Technology is the "Next Big Thing" in IS - it makes sense because it can save money, it invests your employees in the business on a personal level, and it can improve the effectiveness of your employees - when your environment is able to support it. Before you take the time to let every smartphone, tablet, and personal device into your environment, you need to evaluate the devices, develop a plan, and implement it in a measured way with continued review to determine if what you are doing works for your employees and your business.
Tuesday, October 25, 2011
SMB issues with Lion Mac OS X 10.7
This is more of a rant than anything. So be prepared.
As you may (or may not) know, my day job is in IS at a fairly large regional hospital group. I was brought on a couple years ago because of my experience with Mac OS X, and their desire to evaluate and deploy Mac systems in a limited fashion. I put in the effort and legwork to get Macs integrated as much as I could, with what support I had from the leadership. For around 2 years it worked OK. Then came the Lion.
Mac OS X 10.7 has issues here. I'm not sure if it has issues everywhere, I guess it depends on how your environment is built, and whether your users are actually using the environment and not just the computer. The first (and biggest) problem is that when Mac OS X 17.0, 10.7.1, and 10.7.2 connects to an SMB share, it doesn't actually mount the share you requested. What Lion does, is parse the share path, and actually mounts the directory containing the share you want to mount. That seems to be confusing (at least to AppleCare), so allow me to explain.
If you want to mount the share myhomedirectory from your SMB server, you enter the path:
smb://mycompanyserver/homedirectories/myhomedirectory
In Mac OS X 10.4, 10.5 and 10.6, the following things happened when you authenticated to that share:
1. SMB mounted the device /Volumes/myhomedirectory
2. The sidebar shows mycompanyserver under shared devices
3. Finder opens a folder of myhomedirectory
4. Mac OS X display the share myhomedirectory on the desktop (if this item is visible).
In Mac OS X 10.7 the following things happen:
1. SMB mounted the device /Volumes/homedirectories
2. The sidebar shows mycompanyserver under shared devices
3. Finder opens a folder of myhomedirectory
4. Mac OS X display the share homedirectories on the desktop (if this item is visible).
OK, now read through those again. When I was on the phone with Apple, they explained that they had changed the behavior of SMB to mount the root share. Except that's not what they are doing. They are mounting the directory one level above the share point you attempt to access.
This introduces all sorts of problems which may be security issues, or just user-friendliness, depending on your environment. In my environment, no-one has any access to homedirectories - so the links on the desktop, in volumes, and in the sidebar are all useless. The only thing useful is the Finder window that opened, but only if you leave it in List, Cover Flow or Icon view, because if you change to Columns it breaks and you can't see your directory contents anymore. If for any reason you close that Finder window, you have to use Go -> Go to Folder... to reopen it.
Of course I opened a ticket with Apple, and got it escalated, but I'm not holding my breath. In the meantime, we get the following issues in our environment:
As you may (or may not) know, my day job is in IS at a fairly large regional hospital group. I was brought on a couple years ago because of my experience with Mac OS X, and their desire to evaluate and deploy Mac systems in a limited fashion. I put in the effort and legwork to get Macs integrated as much as I could, with what support I had from the leadership. For around 2 years it worked OK. Then came the Lion.
Mac OS X 10.7 has issues here. I'm not sure if it has issues everywhere, I guess it depends on how your environment is built, and whether your users are actually using the environment and not just the computer. The first (and biggest) problem is that when Mac OS X 17.0, 10.7.1, and 10.7.2 connects to an SMB share, it doesn't actually mount the share you requested. What Lion does, is parse the share path, and actually mounts the directory containing the share you want to mount. That seems to be confusing (at least to AppleCare), so allow me to explain.
If you want to mount the share myhomedirectory from your SMB server, you enter the path:
smb://mycompanyserver/homedirectories/myhomedirectory
In Mac OS X 10.4, 10.5 and 10.6, the following things happened when you authenticated to that share:
1. SMB mounted the device /Volumes/myhomedirectory
2. The sidebar shows mycompanyserver under shared devices
3. Finder opens a folder of myhomedirectory
4. Mac OS X display the share myhomedirectory on the desktop (if this item is visible).
In Mac OS X 10.7 the following things happen:
1. SMB mounted the device /Volumes/homedirectories
2. The sidebar shows mycompanyserver under shared devices
3. Finder opens a folder of myhomedirectory
4. Mac OS X display the share homedirectories on the desktop (if this item is visible).
OK, now read through those again. When I was on the phone with Apple, they explained that they had changed the behavior of SMB to mount the root share. Except that's not what they are doing. They are mounting the directory one level above the share point you attempt to access.
This introduces all sorts of problems which may be security issues, or just user-friendliness, depending on your environment. In my environment, no-one has any access to homedirectories - so the links on the desktop, in volumes, and in the sidebar are all useless. The only thing useful is the Finder window that opened, but only if you leave it in List, Cover Flow or Icon view, because if you change to Columns it breaks and you can't see your directory contents anymore. If for any reason you close that Finder window, you have to use Go -> Go to Folder... to reopen it.
Of course I opened a ticket with Apple, and got it escalated, but I'm not holding my breath. In the meantime, we get the following issues in our environment:
- When a user logs into a Lion system, they are presented a dialog listing all the share points in the directory where their network home folder resides. They have to navigate to the network home folder, select it and then continue before the system will log in.
- If a user connects to a network share, they have to be very careful about the application they attempt to use, because most applications won't be able to parse the path if the entire directory tree isn't at least readable by all.
Friday, October 14, 2011
Trials and tribulations of the iPhone 4S and AT&T
Well, all good things come to an end.
As an employee at Apple on June 29, 2007 I was given an original iPhone by the company. I cherished that phone. I was so excited I was even willing to pay $175 early termination fee from Verizon to get that phone and use it. And I did use it every day, for music, photos, phone calls, messaging and when iOS 2 came out, applications. Currently I only have 65 applications on my phone. So the sadness in July 2009, when my screen started to stop responding, was understandable. But I had purchased Applecare. Off I went to the Apple store, and was able to replace my handset. Well, at least until I discovered the first replacement had a broken sleep/power button. So I called up Applecare, who ever-so-graciously overnighted me a third handset. I used that phone, day in and day out until today.
About 3 months ago the wifi stopped working. I'm not sure exactly what went wrong (it doesn't really matter) but I couldn't get on wifi networks anymore, so all my data was EDGE only. That was painful, but a new iPhone was due "soon" so I waited. Then last week, Apple announced the 4S. I was going to upgrade.
My wife, who replaced her aging Motorola Razr with an iPhone on Verizon earlier this year, asked me to switch. But I was pretty satisfied with AT&T. I could do simultaneous data and voice (which I actually used) and except at home, I didn't drop too many calls... so I was sticking with AT&T. Friday morning I log on to store.apple.com and pick a 32GB Black iPhone. But wait, what's this? I have to choose a new data plan, messaging, no. I'm not upgrading my plan. So I cancel the web order, and call 1800-MY-APPLE. 30 minutes later I get Applecare. Oops, they are handling overflow. Back into the queue since they can't help me, they just walk people through web orders. 5 minutes later I'm on the phone ordering my handset, nope, no problem I can place the order with Apple and don't have to change my plan. Yep, I'm all set. Handset is due to arrive 10/14/11. Sweet!
Then the email arrives about the iPhone CSS, and I don't see my plan showing unlimited data and 200 text messages. So I get on the phone with AT&T. I speak to a nice woman, who confirms that yes, that's my plan, wow, an original iPhone data plan? Don't let anyone change that one on you. Great, everything is set, I'm ready to get my new phone.
Today, FedEx delivers without a hitch, 9:35am. I cruise home at 11:15 for a early lunch to set up the new phone, and hit the first snag - AT&T can't handle the volume of activations. OK, I try a few times and then just go back to work after an hour.
Two hours...
Three hours...
At four hours I call AT&T and ask what's up - it's just a backed up queue. Everything is fine, you phone will get activated soon. Yes, you can still use your old phone until the new one is activated.
Five hours...
Six hours...
Seven hours...
I try to activate again. What the heck, it's been a long day. WOOT! Oh, wait. You can configure your phone but you can't make calls yet. Ok, whatever, I'll get by data back on here and get it going. Applications installed, photos, music, movies, all ready to go. Wow, this thing is so fast compared to the iPhone.
Eight hours...
Nine hours...
Ten hours...
Eleven hours...
My wife calls my phone - it goes direct to voicemail. Hmmm. I look at the phone, it say AT&T as the carrier (it didn't before) so I try to make a call.
"We're sorry, you cannot make that call. Please call 611 or 1-800-331-0500"
Ok, I'll call 611.
"We're sorry, you cannot make that call. Please call 611 or 1-800-331-0500"
Ok, I'll power up the old iPhone. Uh-oh, No Service. Must be disabled already. Borrow the wife's phone and call AT&T at 10:54pm, EST. After about 35 minutes, I get a person. Oh, sure, let me help you. ICCID? OK. IMEI? OK. What plan would you like?
I'd like to keep my current plan.
You can't do that. An unlimited data plan is $30 a month, what messaging plan would you like?
I'd like to keep my current plan.
You can't do that.
"I spoke to someone a couple days ago who said I could. Don't change my plan. Let me talk to your supervisor." And I'm on hold for a few minutes.
"Sir, I can't give you the same plan, but I can give you Unlimited data for $30 a month and 200 text messages for $5 a month - that's a grandfathered plan for the older iPhones."
"No, I don't want the same plan for $15 more a month. Let me talk to your supervisor."
On the phone comes the supervisor. Sir, we can't give you that plan with the new iPhone. You have to pick another plan. This is still unacceptable. I'm ready to quit AT&T and switch carriers. I ask him how I do that. He says I can pay an early termination fee of $325. I blow a gasket. I want his supervisor. Sorry, they aren't here. That's not good enough. You've disabled my old phone, I can't use the new one, and I need to talk to someone NOW.
So someone else comes on. I'm not convinced he's any higher up the ladder, because after an additional conversation, the best he can do is keep my old phone and plan going, with a new SIM card, since they killed the current one, and let me return the phone to AT&T and pay a $35 restocking fee but no termination fee.
Unacceptable.
Ok, well, if you return it to Apple you might not pay a restocking fee. You still need to go get a new SIM card at an AT&T Core store since your current one cannot be reactivated.
So it's midnight, and I have no phone. AT&T has failed miserably at customer service, and I'm done. Tomorrow I'm getting a new SIM card for my phone, and confirming I still have the original data plan. And then I have to go to the Apple store about 45 minutes away and return the phone, get my refund, and decide what to do next. But one thing is for sure. AT&T knows nothing about customer service. I spent years working the Genius Bar at Apple, I know what customer service is. AT&T, you deserve to lose me as a customer, and I hope I'm not the only one. I hope you lose tens of thousands for your horrible customer service on this day. People waited hours for phone activations, and I have no idea who else experienced what I did and just rolled over. But I'm not rolling over.
As an employee at Apple on June 29, 2007 I was given an original iPhone by the company. I cherished that phone. I was so excited I was even willing to pay $175 early termination fee from Verizon to get that phone and use it. And I did use it every day, for music, photos, phone calls, messaging and when iOS 2 came out, applications. Currently I only have 65 applications on my phone. So the sadness in July 2009, when my screen started to stop responding, was understandable. But I had purchased Applecare. Off I went to the Apple store, and was able to replace my handset. Well, at least until I discovered the first replacement had a broken sleep/power button. So I called up Applecare, who ever-so-graciously overnighted me a third handset. I used that phone, day in and day out until today.
About 3 months ago the wifi stopped working. I'm not sure exactly what went wrong (it doesn't really matter) but I couldn't get on wifi networks anymore, so all my data was EDGE only. That was painful, but a new iPhone was due "soon" so I waited. Then last week, Apple announced the 4S. I was going to upgrade.
My wife, who replaced her aging Motorola Razr with an iPhone on Verizon earlier this year, asked me to switch. But I was pretty satisfied with AT&T. I could do simultaneous data and voice (which I actually used) and except at home, I didn't drop too many calls... so I was sticking with AT&T. Friday morning I log on to store.apple.com and pick a 32GB Black iPhone. But wait, what's this? I have to choose a new data plan, messaging, no. I'm not upgrading my plan. So I cancel the web order, and call 1800-MY-APPLE. 30 minutes later I get Applecare. Oops, they are handling overflow. Back into the queue since they can't help me, they just walk people through web orders. 5 minutes later I'm on the phone ordering my handset, nope, no problem I can place the order with Apple and don't have to change my plan. Yep, I'm all set. Handset is due to arrive 10/14/11. Sweet!
Then the email arrives about the iPhone CSS, and I don't see my plan showing unlimited data and 200 text messages. So I get on the phone with AT&T. I speak to a nice woman, who confirms that yes, that's my plan, wow, an original iPhone data plan? Don't let anyone change that one on you. Great, everything is set, I'm ready to get my new phone.
Today, FedEx delivers without a hitch, 9:35am. I cruise home at 11:15 for a early lunch to set up the new phone, and hit the first snag - AT&T can't handle the volume of activations. OK, I try a few times and then just go back to work after an hour.
Two hours...
Three hours...
At four hours I call AT&T and ask what's up - it's just a backed up queue. Everything is fine, you phone will get activated soon. Yes, you can still use your old phone until the new one is activated.
Five hours...
Six hours...
Seven hours...
I try to activate again. What the heck, it's been a long day. WOOT! Oh, wait. You can configure your phone but you can't make calls yet. Ok, whatever, I'll get by data back on here and get it going. Applications installed, photos, music, movies, all ready to go. Wow, this thing is so fast compared to the iPhone.
Eight hours...
Nine hours...
Ten hours...
Eleven hours...
My wife calls my phone - it goes direct to voicemail. Hmmm. I look at the phone, it say AT&T as the carrier (it didn't before) so I try to make a call.
"We're sorry, you cannot make that call. Please call 611 or 1-800-331-0500"
Ok, I'll call 611.
"We're sorry, you cannot make that call. Please call 611 or 1-800-331-0500"
Ok, I'll power up the old iPhone. Uh-oh, No Service. Must be disabled already. Borrow the wife's phone and call AT&T at 10:54pm, EST. After about 35 minutes, I get a person. Oh, sure, let me help you. ICCID? OK. IMEI? OK. What plan would you like?
I'd like to keep my current plan.
You can't do that. An unlimited data plan is $30 a month, what messaging plan would you like?
I'd like to keep my current plan.
You can't do that.
"I spoke to someone a couple days ago who said I could. Don't change my plan. Let me talk to your supervisor." And I'm on hold for a few minutes.
"Sir, I can't give you the same plan, but I can give you Unlimited data for $30 a month and 200 text messages for $5 a month - that's a grandfathered plan for the older iPhones."
"No, I don't want the same plan for $15 more a month. Let me talk to your supervisor."
On the phone comes the supervisor. Sir, we can't give you that plan with the new iPhone. You have to pick another plan. This is still unacceptable. I'm ready to quit AT&T and switch carriers. I ask him how I do that. He says I can pay an early termination fee of $325. I blow a gasket. I want his supervisor. Sorry, they aren't here. That's not good enough. You've disabled my old phone, I can't use the new one, and I need to talk to someone NOW.
So someone else comes on. I'm not convinced he's any higher up the ladder, because after an additional conversation, the best he can do is keep my old phone and plan going, with a new SIM card, since they killed the current one, and let me return the phone to AT&T and pay a $35 restocking fee but no termination fee.
Unacceptable.
Ok, well, if you return it to Apple you might not pay a restocking fee. You still need to go get a new SIM card at an AT&T Core store since your current one cannot be reactivated.
So it's midnight, and I have no phone. AT&T has failed miserably at customer service, and I'm done. Tomorrow I'm getting a new SIM card for my phone, and confirming I still have the original data plan. And then I have to go to the Apple store about 45 minutes away and return the phone, get my refund, and decide what to do next. But one thing is for sure. AT&T knows nothing about customer service. I spent years working the Genius Bar at Apple, I know what customer service is. AT&T, you deserve to lose me as a customer, and I hope I'm not the only one. I hope you lose tens of thousands for your horrible customer service on this day. People waited hours for phone activations, and I have no idea who else experienced what I did and just rolled over. But I'm not rolling over.
After writing this I had a vague recollection about the changes in service from the iPhone to the 3G, so I looked it up - yep, when the iPhone 3G came out the plan went up to $30 a month and separate text messaging fees. So maybe I should have taken the offer. But I'm still mad. So I'm not doing anything right now.
Wednesday, July 6, 2011
Drobo can handle the Steam
Steam summer sale gets gamers all up in arms. One of my coworkers (who may soon be a client) laments that his 1TB drive is now full, from games he purchased on the Steam Summer Sale. My answer - "drobo"
Get a Drobo. Put your Terabyte drive in there, and get another TB drive. As you fill them, add more drives, and your steam container scales to multiple terabytes. Problem solved.
Thanks Drobo!
Get a Drobo. Put your Terabyte drive in there, and get another TB drive. As you fill them, add more drives, and your steam container scales to multiple terabytes. Problem solved.
Thanks Drobo!
Subscribe to:
Comments (Atom)
