Sunday, November 29, 2015

Google Cloud Outages

I've written numerous times about cloud availability. Last year I posted about an outage in Microsoft's Azure service.

Some of my comments were:
Recently there was an 11 hour outage of Microsoft's Azure storage services.

Again users were hard pressed to get details on the outage as "the Service Health Dashboard and Azure Management Portal both rely on Azure."
Cloud outages don't have to be like that.

Here're the communications from Google on a pair of recent outages in their cloud services.

Gmail Outage

November 3, 2015 1:21:00 AM PST
We're investigating reports of an issue with Gmail. We will provide more information shortly.
November 3, 2015 1:38:00 AM PST
Our team is continuing to investigate this issue. We will provide an update by November 3, 2015 2:38:00 AM PST with more information about this problem. Thank you for your patience.

This issue is affecting IMAP and SMTP delivery
November 3, 2015 1:48:00 AM PST
Our team is continuing to investigate this issue. We will provide an update by November 3, 2015 2:48:00 AM PST with more information about this problem. Thank you for your patience.

This issue is affecting incoming POP, SMTP and IMAP connections.
November 3, 2015 2:25:00 AM PST
The problem with Gmail should be resolved. We apologize for the inconvenience and thank you for your patience and continued support. Please rest assured that system reliability is a top priority at Google, and we are making continuous improvements to make our systems better.
Four posts in just over one hour.

Google Calendar Outage

November 4, 2015 8:20:00 AM PST
We're investigating reports of an issue with Google Calendar. We will provide more information shortly.
November 4, 2015 9:25:00 AM PST
Google Calendar service has already been restored for some users, and we expect a resolution for all users within the next 1 hours. Please note this time frame is an estimate and may change.
November 4, 2015 10:25:00 AM PST
The problem with Google Calendar should be resolved. We apologize for the inconvenience and thank you for your patience and continued support. Please rest assured that system reliability is a top priority at Google, and we are making continuous improvements to make our systems better.
Three posts in just over two hours.

Everybody is going to have outages. But this is the way to handle them.

Sunday, November 22, 2015

LG Senior Phone

My 90-ish year old mother hit me up a couple of years ago as to why her cell phone didn't look like her friends'. She was using a Motorola Razr V3. I asked her what her friends' phones looked like. She said flat and black. They were using iPhones.

So off I went on a quest to upgrade her to an iPhone. I turned up an iPhone 4 that suited her just fine. She upgraded it on her own to iOS 7 (yikes!).

But she's continued to struggle with control actions on the iPhone. The main problem is that when she completes a phone call she taps the "home" button. This puts the display back on the home screen but doesn't terminate the call. If the other party doesn't disconnect my mother's phone is still on the call. Luckily I have unlimited minutes but it still means she can't place or receive another call.

She enjoys looking at and sharing photos on her camera roll and I like being able to use "Find My Friends" to locate her.

So I set off on a quest to find a more "senior friendly" phone.

They're not easy to find.

I ended up with an LG Wine Smart D486. It's a flip phone running Android. It's about the same size as an iPhone 4 but slightly thicker.


Here are the specifications. Notice that the keyboard pictured on that page is in Korean. Be sure that the one you get has English buttons.

I had some questions and wanted to read the User Manual. I contacted LG in Taiwan and they referred me to the support page. Although it was in Mandarin I could figure out the link to the PDF manual. It was in Mandarin also.


So I bit the bullet and just bought one. Unfortunately they're not sold in the US so I bought it from an organization in Taiwan. Shipment via DHL was quick. I bought it on eBay on 11/12/15. It shipped on 11/16/16 and arrived on 11/18/15.

So far the D486 is everything that I wanted and more.

Language hasn't been a problem (other than the manual) as it comes up in English on the initial power-up.

Generally it works like a traditional flip phone. It uses the 10-digit keyboard for input so you don't want to type much. The "C" key just above "2" is "Clear." You'll thank me for that.

It's running KitKat 4.4.2 so it's current enough.


The version of Android is slightly tweaked. For example it has an "EasyHome" option for the home screen. This gives a simpler homescreen with bigger icons.


I didn't use this option as I wanted an even simpler home screen.


The big weather and clock widget is an LG custom widget.

Like a traditional flip phone, it has several "hard" buttons. One of them is configurable so I set it to launch Google Photos.


In Settings I found how to set the phone to answer incoming calls by just flipping it open. Flipping it closed terminates the call.


And pressing and holding the green "Call" key will call 911.


But the feature that puts this over the top for me is what LG calls "Safety Care."


"Emergency notice" lets you specify who to automatically text message with the phone's location after an emergency call is placed from the phone.



"Phone non-usage notice" lets you specify who to automatically text message with the phone's location when either the phone hasn't been used for a specified time or when the battery is low.



"My location notice" lets you specify who to automatically text message with the phone's location when that contact is called or a call from that contact goes unanswered. I set the "Unanswered calls only" option so I get a text when I call my mother and she doesn't answer.



I tested this and here's what the text message looks like.


"Out of zone notice" lets you specify who to automatically text message with the phone's location when the phone enters or leaves a preset area. I'm not using this feature.


I enabled Google+'s location sharing to replace the "Find My Friends" function.

It doesn't have the proper LTE bands for AT&T but that's not really a problem for her.

It uses a microSIM so moving from the iPhone 4 to the LG was easy.

It came with a set of Google apps but they weren't automatically updating. I went to the Play Store and downloaded current copies. Now they are automatically updating. Don't forget to install and setup the Android Device Manager.

It's early yet but it seems perfect.

Sunday, November 15, 2015

Oracle and Secure Hardware

An article about Oracle being hacked popped up in my news feed recently.
Interns Hacked Oracle Software in under an Hour, Researcher Says 
Among the many ways in making its software more secure, Oracle, he (founder Larry Ellison) said, is looking at implementing security technology built right into the hardware or the chip. He says that the security feature will be switched on, by default and will have no way of turning it off once it is being used.
I'm not trying to be "Chicken Little" but we have to acknowledge that hackers will continue to dive deeper and deeper into our systems. Thinking that you can build secure technology into hardware or chips is shortsighted.

If you want to put your propeller hat on, here's why it will be hacked.


You'd think Ellison would realize that given his company's history with Java.

References:

https://www.schneier.com/blog/archives/2015/03/bios_hacking.html
https://blog.kaspersky.com/equation-hdd-malware/7623/
http://www.computerworld.com/article/2955641/cybercrime-hacking/macs-can-be-remotely-infected-with-firmware-malware-that-remains-after-reformatting.html
http://www.mcafee.com/us/resources/solution-briefs/sb-quarterly-threat-q1-2015-1.pdf
http://www.darkreading.com/vulnerabilities---threats/bios-bummer-new-malware-can-bypass-bios-security/d/d-id/1139823

Sunday, November 08, 2015

Android Pay vs. Google Wallet

About a year ago I posted about Google Wallet. Since then I've been using it where it was available. I still get questions of "What did you just do?" when I use it.

There was a transition time in NFC payment support when Apple introduced Apple Pay. Some businesses even withdrew their NFC payment support, e.g. CVS, over a squabble about fees.

NFC payment took a giant leap forward recently with the transition from Google Wallet to Android Pay.

Google let this transition appear confusing as they repurposed the Android Google Wallet app to a person-to-person payment system and introduced an Android Pay app to effect the NFC payments.

But there's more here than meets the eye.

In a recent post on an xda-developers.com forum triggered by a deep technical question about rooted devices a Google developer said:
That "ensuring" [that the security model of Android is intact] is done by Android Pay and even third-party applications through the SafetyNet API. As you all might imagine, when payment credentials and--by proxy--real money are involved, security people like me get extra nervous. I and my counterparts in the payments industry took a long, hard look at how to make sure that Android Pay is running on a device that has a well documented set of API’s and a well understood security model.
The above discussion was about rooting and explained why Android Pay was sensitive to that condition. This also explains why using Android Pay requires you to have a lock screen on your device.

Then the developer went on to describe the difference in the relationship of Android Pay to the payment networks.
The earlier Google Wallet tap-and-pay service was structured differently and gave Wallet the ability to independently evaluate the risk of every transaction before payment authorization. In contrast, in Android Pay, we work with payment networks and banks to tokenize your actual card information and only pass this token info to the merchant.
You can experience the difference yourself when you add a credit/debit card to Android Pay. If Google has negotiated with the payment network you will be asked to confirm the addition of that credit/debit card with the payment network. In my experience this is done with a live phone call with the payment network. When that is completed and you subsequently use that credit/debit card in an Android Pay transaction you will NOT be required to enter a PIN.

Alternatively if Google has NOT negotiated with the payment network you will NOT be asked to confirm the addition of that credit/debit card with the payment network. Then when you subsequently use that credit/debit card in an Android Pay transaction you WILL be requested to enter a PIN. This seems to be the same method used by the former Google Wallet app.

This difference in the transaction appears to be related to the tokenization of the credit/debit card information.

Transactions involving credit/debit cards where Google has negotiated with the payment network use a token. Google is not a direct participant in the transaction.

Transactions involving credit/debit cards where Google has NOT negotiated with the payment network use virtual account numbers generated by Google.


Subsequent to my initial experience with Android Pay my financial institution canceled my debit card and reissued it. I went to the Android Pay app, deleted my old card and tried to add the new one. It wouldn't add. It looks like Google is limiting addition of cards to those that they have negotiated with the payment network.

I don't consider myself an expert on this subject. This post is just describing my observations.

Sunday, November 01, 2015

OnePlus One - Three Strikes

I've had an ongoing flirtation with the OnePlus One. The first one I traded. The second one I sold. The third one I kept and used.

But...

It really is BIG.

And FLAKY!

I got used to the size but the niggling issues drove me crazy.

The compass didn't work after upgrading to Lollipop. Seems to be a common problem with Lollipop but my Moto X doesn't have the problem.

Cyanogen OS 12.1 replaced a couple of the AOSP applications. The most irritating one was the inclusion of TrueCaller. Let's just say the the OnePlus community didn't have the same perspective as OnePlus. You could opt out of the sharing capabilities of TrueCaller but my beef was that TrueCaller's incoming call screen had a small thumbnail of the caller while the AOSP had a full screen image.

The vibration of the OnePlus One was very weak. So much that I pretty much couldn't feel the vibrations with the OnePlus One in its holster on my hip. Subsequently I turned on audible notifications for everything which is irritating for everyone.

When I was talking on the phone people mentioned that they couldn't hear me clearly. Some Googling turned up that "Ok Google" detection causes problems with voice during calls. Turning off "Ok Google" detection "fixed" it.

The screen's brightness kept lowering resulting in the screen being pretty much dark when you received an incoming call. I tried several of the workarounds to no avail.

And the battery, while longer lasting than the Moto X, still wasn't as good as my wife's iPhone.

So I listed it on swappa and it sold the first day. Obviously I didn't ask enough for it.

What's next? RDF