Sunday, November 17, 2019

The Cloud is Full

Recently ZDNet's  All About Microsoft reported that Microsoft Azure customers had reported hitting virtual machine limits in U.S. East regions.
This is scary.

There were a small number of comments (7) that related that they had had the same experience. Here is a typical comment.
GetNrDone
Happened to me. I tried to deploy a new SQL database in eastus2 2 weeks ago only to be greeted by an error. Opened a tickets and was basically told there was nothing they could do. Escalated the issue with our TAM which also could not get approval for 1 database to deploy. I was asking for the smallest database they offer (s0) and was told we couldn't have it. No communication before, no warning emails, no blog posts, nothing in the service dashboards, even our account team didn't know anything about it. Completely blindsided me and delayed development on an app for a week while i could move resources to another region. Unacceptable and definitely does not live up to promises made!
There's a reddit thread on this here.
dops0
We've faced this issue in North Europe, East US and West US 2. This has just started happening over the last couple of weeks and what's even more frustrating is, we already have sufficient quota allocated to us, but, our users haven't been able to deploy their machines even when within this quota.
This issue hasn't blown up so either it has been resolved or customers were able to work around it as GetNrDone did.

Regardless this is another consideration for using anyone's cloud services. I'd even suggest trying to putting a clause in your contract that guaranteed x% of available capacity on the vendor's part. I'd bet that none of the vendors would accept that but that would at least make the vendor play their cards.

Sunday, November 10, 2019

Cloud Management Skills

Recently McAfee published a report on cloud adoption and risk. The Register did a review of the McAfee study.

The Register concluded:
The ongoing rash of data leaks caused by misconfigured clouds is the result of companies having virtually no visibility into how their cloud instances are configured, and very little ability to audit and manage them.
That's really scary. But it supports my concerns that moving workload to the cloud doesn't eliminate work/effort, i.e. manpower, but rather changes the skills required.

An organization should thoroughly understand the skills change that moving to the cloud brings.

These changes may be addressed with training but may require changing personnel to acquire the appropriate skills. These changes and the change management time and effort should be incorporated in the project timeline and budget for cloud implementation.

McAfee observed:
It’s possible the speed of cloud adoption is putting some practitioners behind.
The number 1 cause of cloud security issues noted by McAfee was "Lack of staff with the skills to secure cloud infrastructure."


That entire list is a good reference when considering moving workload to the cloud.

Sunday, November 03, 2019

Nebo Professional Note-Taking

I had promised more about my new iPad so here it is.

One of my primary objectives for any tablet is to be able to take handwritten notes on it. I even tried that on my Asus Transformer Mini. I used MyScript's Nebo on it but it's a Windows tablet and you know how that is.

So the new iPad supports the Apple pencil technology. Of course I wouldn't buy an Apple pencil. That'd be too easy and expensive.

I ended up with a Adonit Note stylus for half the price of the Apple pencil..

Then I needed a handwriting app. My search kept coming back to MyScript's Nebo. While I wasn't wild about the $10 price I knew from my own experience that it would work well.

And it does.

The following slide show walks through a couple of the help screens. Then you can see my handwriting and the real-time conversion to text. Then I exported it to OneDrive in .docx format.


It all works really well. There are a lot of formatting tricks that you can do but I just want to capture the text.

Sunday, October 27, 2019

iPad Bluetooth Keyboard

When I posted recently about my new iPad, I said that there would be more posts. This is the first of several.

One of my primary uses of an iPad is typing. Even though I use Google's Gboard keyboard, typing on a touch screen is not to my liking.

On my previous iPad Air I had used a Zagg Bluetooth keyboard. I used it so long and hard that the hinge finally broke.

I couldn't find that Zagg had a similar keyboard for the 6th generation iPad.

After some searching I found a Bluetooth keyboard for this iPad.
It's not a ThinkPad keyboard but it works pretty well. And when closed it protects the iPad's screen.

Sunday, October 20, 2019

Checkm8 - Now Is A Good Time To Start Worrying

Have you heard about the new exploit of many iPhone models' boot ROM?

It works on iPhones from the 4S to the X.

There are articles here, here, and here.

Ars  Technica summarized it as:
  • Checkm8 requires physical access to the phone. It can't be remotely executed, even if combined with other exploits
  • The exploit allows only tethered jailbreaks, meaning it lacks persistence. The exploit must be run each time an iDevice boots.
  • Checkm8 doesn't bypass the protections offered by the Secure Enclave and Touch ID.
  • All of the above means people will be able to use Checkm8 to install malware only under very limited circumstances. The above also means that Checkm8 is unlikely to make it easier for people who find, steal or confiscate a vulnerable iPhone, but don't have the unlock PIN, to access the data stored on it.
  • Checkm8 is going to benefit researchers, hobbyists, and hackers by providing a way not seen in almost a decade to access the lowest levels of iDevices.
Physical access, only tethered jailbreaks, lacks persistence, doesn't bypass Secure Enclave and Touch ID, etc.

Doesn't seem to be a big deal to most people.

But the last bullet is the really important one. Even this minimizes the BIG point.
Checkm8 is going to benefit ... hackers by providing a way ... to access the lowest levels of iDevices.
What this means is that from now until the iPhone X is no longer supported by Apple, every security release of iOS will be immediately reverse engineered to discover what vulnerabilities have been fixed. Then malicious hackers will rapidly develop exploits that don't require physical access, tethered jailbreaks, are persistent, and bypass Secure Enclave and Touch ID, etc. Further the hackers will be able to examine Apple's security code for further vulnerabilities and then exploit them as zero days.

Steve Gibson explained this is depth on Security Now #736 (YouTubePDF):
That means that the instant an update is released, it can now be fully reverse engineered, analyzed, and compared against the previous version, which will allow both security researchers, but also bad guys, to figure out what Apple has changed, what it is exactly that Apple fixed. And if they're able to get an exploit out into the wild before a targeted device has been updated, they could take advantage of that. 
Apple can no longer lock down their platform. It is going to be open for anyone to reverse engineer any changes Apple makes to devices which are necessarily still being supported and are receiving updates.
Now is a good time to start worrying.

Sunday, October 13, 2019

Undesign

There was a recent article in Quartz about Elon Musk’s quest for “undesign.”
When Elon Musk leads engineering meetings at SpaceX, he says, “the thing I am most impressed with is, what did you undesign?”

Which is to say, what complications did engineers remove? How did they simplify the vehicle?
Without getting sidetracked on Elon Musk, I really like his concept of “undesign.”

For most of my career I have striven for 2 sometimes conflicting objectives: scale and availability.

My experience is that complexity, particularly the associated boundaries, contribute to un-availability.


At first it would seem that even with the compounding of high availability, e.g. 99.999% and 99.999% you would still get 99.998% availability. But that's not the real world. Cobbling together the interconnects (boundaries) you will be lucky to get them to 99.9%. Then do the math. 99.999% x 99.999% x 99.9% gives 99.898%. You've gone from 5 9s to less than 3 9s.

Explain that to your boss.

When I was with a large Memphis-based logistics company, I would always choose simplicity.

That caused us to struggle with scale but that was easier to buy than availability. And the struggle with scale was easier to explain to management.

Take Elon’s advice to heart.

Sunday, October 06, 2019

iPadOS

When Apple announced iOS 13 they also announced iPadOS.


But iOS 13 wouldn't run on my 1st generation iPad Air. And I'd been struggling with only 16GB of storage.

That was enough of an excuse to sell it on swappa.com and buy a 6th generation iPad.

As soon as I got it I installed iPadOS 13 Beta 4. I followed this all the way through iPadOS 13.1 Beta 4.

And iPadOS promised something that I had always wanted: The ability to easily import files into the iPad without iTunes.

Boy, was I going to be disappointed.

In this Forbes article entitled "Early Thoughts: iPadOS Will Change The Way You Work" said:
#2: A full embrace of external storage devices:
By allowing the iPad's Lightning or USB-C port (depending on what model you have) to be used with adapters to connect to external USB storage devices, consumers can now easily share files utilizing the Files app in iOS and iPadOS. This is not a trivial new feature - it really brings the iPad (and iPhone by extension) significantly closer to the same type of file sharing functionality that has been available in MacOS and Windows for over 20 years.
No, not really. But back to the story.

I even went out and bought a 128GB Lightning/USB-A drive. At least I got a good price on it.

The new feature in iPadOS that is supposed to be "A full embrace of external storage devices" is the Files app.

The Apple fanboys fawned all over this new app. Unfortunately they were victims of Apple's Reality Distortion Field.

ZDNet finally slipped up and admitted what is real on slide 9 of 9:
The Wrap Up
Developers have yet to take full advantage of the new capabilities in the Files app and add-on storage. In particular, including add-on storage as a location apps can import data from. But I'm sure they're working on it.
Does iPadOS make file management as flexible as MacOS or Windows? No..
"But I'm sure they're working on it." GIVE ME A BREAK!

So what does the Files app do?

Not really very much. Basically it provides a separate file store on an iPad or iPadOS device. For the external storage devices that will connect you can move files into and out of this file store.

What you can't do is move these files into and out of native apps' file store. For example, you can't copy a video file from an external drive and have it show up in the TV app. You can't copy an audio file from an external drive and use it as a ringtone. Oh, the Files app may play the video file from the external drive but try to hand that to a 3 year old and have her play it.

While I'm on a roll, the Lightning/USB-A drive I have can't been seen by the Files app. Suggestions from a fanboy were to use an Apple camera dongle. Oh, that doesn't support Lightning input. Further suggestion was to use an external power supply to power the Apple camera dongle. And you need an USB hub for that.

Here's a picture of the recommended configuration:


They fudged by cropping out the external power supplies for the camera adapter and the USB hub.

Here's an excerpt from a RedmondPie article:
Tested & recommended USB flash drive and hubs for iPhone and Lightning-based iPads:
  • Apple Lightning to USB3 Camera Adapter: $32 (required for Lightning-based iPhones and iPads for connecting USB-A flash drives to them as well as providing external power as most drives won't work on Lightning based devices until and unless external power is provided to them)
  • SanDisk Ultra CZ48 256GB USB 3.0 Flash Drive: $34
  • Samsung Duo Plus 256GB – 300MB/s USB 3.1 Flash Drive: $54
  • Samsung Duo Plus 128GB USB 3.1 Flash Drive: $30
  • SanDisk 128GB Ultra Dual Drive USB Type-C: $22.99
  • SanDisk 256GB Ultra Dual Drive USB Type-C: $39
Notice the first item in the list: Apple Lightning to USB3 Camera Adapter!

Also, the Files app won't support my Windows 10 SMB share. It will support my Drobo if I connect to it as smb://drobo.local.

In spite of that I love my new iPad. More later.




Sunday, September 29, 2019

Photo Storage/Backup

A couple of years ago I wrote a post about "automatically storing images from your smartphone." It's time to revisit this.

I'm going to focus more on the storage of images rather than copying them from your smartphone. I'm still using sweech on Android and Air Transfer on iOS. Both of these copy the images from your smartphone to a PC with no change in file names or file size.

This post isn't about absolute backups. I've covered that here and here.

This post is about storage and sharing of images.

Dropbox has pretty much removed itself from consideration.

Google Photos has tons of bells and whistles for presentation and content but sharing is still a struggle. The most direct way is to create a link per album and share it with and individual via e-mail or text. There is some controversy about privacy but I believe it is overblown. Decide for yourself.

And with Google Photos' "Upload size" set to "High quality" storage is free but the images are significantly resized, around 40%. Setting "Upload size" to "Original" eliminates that but will quickly exhaust your storage limits.

What I found was Shutterfly.


I like the price - free.

The size is unchanged and the meta data is unchanged except for the OS date stamps.


I like it.

Sunday, September 22, 2019

Just Use Windows Defender

I'll get on my soap box again. Quit using third-party antivirus tools and use Windows Defender. Why? They are just too risky.


Reason #1: Kaspersky injected a unique identifier into the HTML of every website a user visited. And they had been doing this since 2015.

When called out on this they changed to a constant identifier. They might as well have been waving a red flag that this user is using Kaspersky so the hackers could hit you with a specific attack.

Reason #2: Symantec and Norton's anti-virus products BLOCKED Windows 7 updates. Microsoft has had a well publicized effort underway to move from signing their updates with SHA-1 to SHA-2. The August 2019 updates were the first signed with only SHA-2.

Symantec and Norton blocked the August 2019 updates!

Reason #3: Windows Defender continues to move up the rankings (PCMag, AV-TEST, Tom's Guide).

But you know Microsoft can't leave well enough alone. They are renaming Windows Defender to Microsoft Defender.

Sunday, September 15, 2019

More Stuff to Test

You'll remember that I'm big on TESTING my data backups.

I had an opportunity recently to TEST another of my backup systems - POWER.

My electricity provider, Entergy, is migrating their customers to their "advanced meters."

Since my utility connection doesn't have a bypass switch, the installer had to disconnect power to the entire house.

I couldn't have asked for better communication from the installer. He knocked on my front door and told me what he wanted to do. He offered me the opportunity to reschedule or do it now.

I was expecting the installation so I asked him for a few minutes to shut down some of my equipment.

I have UPSs (Uninterruptible Power Supplies) on my most critical systems but I really never had tested them.

Just to be extra safe I powered down my 2 desktop systems and gave him the thumbs up.

It took him 8 seconds to swap the meter.

My UPSs worked great. I heard a couple of beeps but everything kept working. The Wi-Fi and the WAN never went down. We turned the TV off but the TiVo kept chugging along. The Ring doorbell ran off its internal battery. The Insteon network came back with the house power. The Echos reconnected automatically. I have my Netbox system BIOS set to automatically power on which it did.

Test your UPSs some time.

Sunday, September 08, 2019

SD Card Testing

I heard a discussion recently about how to test SD cards. The speaker mentioned H2testw. I found a guide to using it here.

What H2testw does is write files that contain a test pattern that will fill up any unused space on a disk drive. This means that it will work on SD cards, USB drives, or even hard drives (especially SSDs.). If it writes successfully then it will read the files back and verify the data.

I tried it on an 8GB SanDisk microSD that I had. It tested successfully. The complete test took about  40 minutes.




When the application completes you'll need to delete the .h2w files.

It also reports the writing and reading speeds.

Sunday, September 01, 2019

GRDE Bluetooth Earbud

I wrote about my Bluetooth earbud a while back. That was before I dropped it in the toilet.


Impressively it survived! But the volume kept diminishing on it. That could have something to do with its bath.

Since the GRDE earbud worked so well and lasted through a hard life, when I went to replace it I looked at all of GRDE's Bluetooth earbud products.

This is what I ended up with.
And instead of the proprietary charging cable of the previous model, this one has a wireless magnetic inductive charger that plugs directly into a USB charger.

I hope it is half as good as the first one. And I'll try to be more careful.

Sunday, August 25, 2019

Intel vs. Qualcomm and AMD

I've blogged several times (here and here and here) about the emergence of ARM in the (formerly) Wintel world (known as Windows On ARM - WOA).

The last time I said "It's coming faster than even I expected."

It's here.

In August 2019 Samsung announced their Galaxy Book S running Windows 10 with Qualcomm's Snapdragon 8cx chip. It's on a 7nm die.


For Pete's sake, Microsoft's CEO was on stage at Samsung's announcement.


AMD's latest Ryzen CPUs are on a 7nm die and are announced to ship in Q3 2019.


In June 2019 Intel began making their 10-series processors using 10nm die but won't be up to volume shipments until "sometime at the end of the year and early 2020."


Then in August 2019 Intel announced more 10-series processors built on its 14nm process technology

Intel is at least a generation behind.

And in July 2019 Intel announced that they were selling their modem business to Apple.

Probably won't be seeing these much longer.


Do you sense that Intel is circling the drain?

Sunday, August 18, 2019

Windows 10 and VPN

When I'm in any public place, e.g. hotel, car dealer, doctor, etc., and want to use their Wi-Fi network, I try to use my VPN even though pretty much every site I use is https.

A while back I got a lifetime premium subscription to ProXPN. ProXPN has a long list of servers available including international locations. There are reviews of ProXPN here and here.


They have a downloadable client that takes all the worry out of setup.

But you know me. I'd rather do it myself.

Android Authority has a good article on how to setup a VPN on Windows 10 without the client.

Here are the steps:
Step-by-step instructions on how to set up a VPN on Windows 10:
  1. Click the Start button and select the "Settings" option.
  2. Click "Network & Internet."
  3. Select the "VPN" option and then click "Add a VPN connection."
  4. Select "Windows (built-in)" from the "VPN provider" drop-down list.
  5. Type a name of choice in the "Connection name" field.
  6. Add in a "Server name or address" - get the info from your VPN provider.
  7. Select the "Automatic" option under “VPN type.”
  8. Select one of the "Type of sign-in info" options - "User name and password" in most cases.
  9. Add in your "User name" and "Password."
  10. Click the "Save" button to finish the process.
To connect to a VPN server you’ve set up, go to Settings > Network & Internet > VPN, select the VPN connection you want to use, and then click the "Connect" button. Alternatively, you can click the network icon in the taskbar, select a VPN connection, and click "Connect."
When you're done, be sure to go to WhatIsMyIP and check your IP address.


I use ProXPN's Toronto server and get 100Mbps.

Sunday, August 11, 2019

Insteon Hub Replacement

I've been using an Insteon home automation system for a couple of years. It has worked fine (at least as well as expected).

Until recently.

One night I noticed that the scheduled events hadn't happened. I tried to use the iOS app to look into it but the app couldn't connect to the hub. That wasn't good.

A quick look into my equipment closet showed that the LED on the hub wasn't on. Now, that's bad.

The obligatory power cycle didn't change that. Off to Google for help.

I came across this post on the Insteon forums. If you're into electronics you can geek out there.

In summary all of the older Insteon hubs fail with a bad capacitor or two. Replacing the failed capacitor(s) make it all well.

But I really wasn't into soldering.

In the first post was an update from Insteon.
UPDATE MESSAGE FROM INSTEON:
If you've come here because your Insteon Hub (2245-222) is unresponsive/dead, we now offer a service to migrate your hub account and device links to a new hub, even if you are out of the 2 year warranty period. Email with your hub account info to hubfix@insteon.com and ask for a hub migration. For more information visit this page: https://www.insteon.com/support-know...ew-insteon-hub.
But you know how these things normally go.

Not with Insteon.

I sent the requested information to the specified e-mail. The next day I hadn't heard from them so I called their technical support. The representative who answered the phone was familiar with the situation and quickly found my e-mail. They were already processing it.

If your version is old enough you don't even have to return the old one. Mine was rev 1.4 and didn't have to be returned.

Insteon has your configuration so they pre-configured the new Hub. When I received the new one, I just plugged it in and no re-configuration was required. Even my Amazon Echo integration was undisturbed.

It was 4 days from failure to receipt of replacement.

Insteon was over-the-top helpful.

Sunday, August 04, 2019

2019-07 Cumulative Update for Windows 10 Version 1903

In late July Microsoft released a new cumulative update (the second one in July) for the Windows 10 version 1903 that includes a series of quality improvements.

Bleeping Computer has a thorough article (archive.is) on it.

It is an optional update and you have to click on a new "Download and install" option on Windows Update settings page to apply the patch.

It all worked fine for me but the list of "quality improvements" overwhelmed me.

  • Addresses an issue that fails to record a local user’s last sign in time even when the user has accessed the server’s network share. 
  • Addresses an issue that may sever the domain trust relationship when you enable Recycle Bin in the domain that established the trust relationship. 
  • Addresses an issue that prevents Windows Hello face authentication from working after a restart. 
  • Updates time zone information for Brazil. 
  • Addresses an issue to enable Microsoft Edge to print PDF documents that contain landscape and portrait-oriented pages correctly. 
  • Addresses an issue with PDFs that are configured to be opened only once in Microsoft Edge. 
  • Addresses an issue that may display colors incorrectly when viewing an image on 10-bit display panels. 
  • Addresses an issue that may prevent you from changing the display brightness when using certain graphics drivers after resuming from Sleep or Hibernation. 
  • Addresses an issue in which Windows Graphics Device Interface (GDI+) returns an empty font family name for Bahnschrift.ttf. 
  • Addresses an issue that may cause a mouse press and release event to sometimes produce an extra mouse move event. 
  • Addresses an issue that may cause the UI to stop responding for several seconds when scrolling in windows that have many child windows. 
  • Addresses an issue that fails to bypass automatic sign in (Autologon) when you press and hold the Shift key during startup. 
  • Addresses an issue that may prevent a device from going to Sleep mode when certain applications that rely on Bluetooth are open. 
  • Addresses an issue that may reduce Bluetooth audio quality when using certain audio profiles for extended periods. 
  • Addresses an issue that prevents Microsoft Application Virtualization (App-V) scripting from working if you run it when you’re not connected to a domain controller (DC). App-V scripting also fails when you run it in an environment that only contains Microsoft Azure Active Directory. 
  • Addresses an issue that causes an error if you open Microsoft OneDrive files on demand when User Experience Virtualization (UE-V) is enabled. To apply this solution, set the following DWORD to 1: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\UEV\Agent\Configuration\ApplyExplorerCompatFix 
  • Addresses an issue with UE-V that may sometimes prevent exclusion paths from working. 
  • Addresses an issue that may cause a system that has a Trusted Platform Module (TPM) to stop working. 
  • Addresses an issue that prevents a system from recognizing a Microsoft account or Azure Active Directory account until the user signs out and signs in again. 
  • Addresses an issue that may prevent the Netlogon service from establishing a secure channel and reports the error, “0xC000007A – ERROR_PROC_NOT_FOUND.” 
  • Addresses an issue that fails to update the personal identification number (PIN) policy (minimum length, required digits and special characters, etc.) for Windows Hello for Business when a PIN already exists on the machine. 
  • Addresses an issue that causes failures to create a recovery drive (USB key) with the error, ”0x80042405[gle=0x00000715].” 
  • Addresses an issue that prevents an Android emulator based on the virtual machine platform from starting on some systems. 
  • Addresses an issue that uses a temporary profile to sign in a local user account when the account is configured with a mandatory roaming user profile. The error, “We can’t sign in to your account” appears. The Application event log contains Event 1521, and the event’s source is listed as the Microsoft-Windows-User Profiles Service. 
  • Addresses an issue that changes the status for Work Folders in File Explorer to 0x80C802A0 (ECS_E_SYNC_UPLOAD_PLACEHOLDER_FAILURE) after selecting Free up space. 
  • Addresses an issue that may cause a Remote Desktop Server to stop responding when someone who is using drive redirection disconnects. 
  • Addresses an issue that may cause the Remote Access Connection Manager (RASMAN) service to stop working. You may receive the error “0xc0000005” on devices that have the diagnostic data level manually configured to the non-default setting of 0. You may also receive an error in the Application section of Windows Logs in Event Viewer with Event ID 1000 referencing “svchost.exe_RasMan” and “rasman.dll”. This issue only occurs when a virtual private network (VPN) profile is configured as an Always On VPN (AOVPN) connection with or without a device tunnel.
  • Addresses an issue that causes applications on a container host to intermittently lose connectivity because of a port conflict with applications running on a container.
  • Addresses an issue that intermittently prevents connections to a corporate network when using Always On VPN with the IKEv2 protocol. Connections are not always automatically established, and manual connections sometimes fail. In this scenario, when you call the RasDial function from the command line for the target VPN connection, you receive the error, “ERROR_PORT_NOT_AVAILABLE(633)”.
  • Adds limited support for Windows voice dictation for Chinese Simplified, English (Australia, Canada, India, United Kingdom), French (France), German (Germany), Italian (Italy), Portuguese (Brazil), and Spanish (Mexico, Spain).
  • Addresses an issue with opening or using the Window-Eyes screen reader application that may result in an error and prevent some features from functioning as expected.
  • Addresses an issue that prevents an App-V application from opening and displays a network failure error. This issue occurs under certain circumstances, such as when a system's battery is low or there is an unexpected power failure.
  • Addresses an issue that prevents an App-V application from opening if the client is offline and a startup script is defined for the App-V application.
  • Addresses a rare issue that causes Windows Defender Advanced Threat Protection (ATP) to temporarily prevent other processes from accessing files.
  • Addresses an issue that causes the Start menu to stop responding when new users sign in to Windows 10, version 1903.
  • Updates the Windows Ink Workspace by simplifying the menu and adding direct integration with the Microsoft Whiteboard app for a richer collaboration experience.
Then there's a list of known issues in this update.

  • Windows Sandbox may fail to start with "ERROR_FILE_NOT_FOUND (0x80070002)" on devices in which the operating system language is changed during the update process when installing Windows 10, version 1903.

    Microsoft is working on a resolution and will provide an update in an upcoming release.
  • Devices that start up using Preboot Execution Environment (PXE) images from Windows Deployment Services (WDS) or System Center Configuration Manager (SCCM) may fail to start with the error "Status: 0xc0000001, Info: A required device isn't connected or can't be accessed" after installing this update on a WDS server.

    For mitigation instructions, see KB4512816. We are working on a resolution and will provide an update in an upcoming release.
  • Devices connected to a domain that is configured to use MIT Kerberos realms may not start up or may continue to restart after installation of this update. Devices that are domain controllers or domain members are both affected.
    If you are not sure if your device is affected, contact your administrator. Advanced users can check if this registry key exists HKLM\Software\Microsoft\Windows\CurrentVersion\Policies\System\Kerberos\MitRealms or for “Define interoperable Kerberos v5 realm settings” policy under Computer Configuration -> Policies -> Administrative Templates > System -> Kerberos.

    At this time, we suggest that devices in an affected environment do not install this update. We are working on a resolution and estimate a solution will be available in mid-August.
Scary.

Sunday, July 28, 2019

Silent Notifications

I've been playing with Android Q Betas. On Beta 5 I've noticed a section of the notification shade that is labeled "Silent Notifications".


I'm not sure why you would want a notification to be silent. That seems to be an oxymoron.

Here's what they were:


What's that picture of the phone at the top supposed to illustrate? There's no legend.

What do the sliders beside the "Silent notifications" do? Does sliding them to off make the "Silent notification" not silent? Does it clear the notification?

This is a beta.

9to5Google's article on this begins "Android's notification system has been pretty great for a long time now..."

Amen.

But I guess I'm not a big user of notifications.

9to5Google continues:
Android Q Beta 5 fixes this in one fell swoop by labeling notifications as "Alerting" or "Silent" and splitting up the notification shade as a result. Notifications that are set to "Alerting," the default for most apps, will appear at the top of the list of incoming notifications. Any notifications set to "Silent" are dropped below a clearly labeled section. The section also has its own button for clearing only those notifications.
So if you have a BIG problem with notifications on Android, Q should help.

Sunday, July 21, 2019

Amazon Echo Show Live Video

When I chose the Amazon Echo Show 5 I hadn't considered the possibility of integrating it with my security cameras.

It was easier than I thought.

In the Amazon Alexa app, go to "Devices" and click on the "+" at the top right. Tap "Add Device" and choose "Camera". Select the brand of the camera and tap on "DISCOVER DEVICES".



That was easy.

I use it with my Ring Doorbell and my Wyze Cam.

Incidentally, since my Fire Tablet functions as an Echo, I can see these cameras on it as well.

Sunday, July 14, 2019

Amazon Echo Show 5

I've been searching for a modern replacement for my wife's clock radio. It is a Timex and is so old that the programming for the dates for Daylight Saving Time are wrong!

Her requirements are fairly simple. Tell the time. Play the radio.

I had tried an Amazon Echo Spot. Close but no cigar.

Recently Amazon announced the Amazon Echo Show 5. That seemed worth trying.

She's comfortable with that.

radio.com almost made it a no go. She listens to FM 100. radio.com recently moved all its streaming to its own web service. Amazon has not (yet) included radio.com in its streaming providers supported by Echo routines.

What this means is that you can't create an Echo routine to start playing FM 100. You have to speak a command to the Echo to play FM 100. Worse yet, radio.com apparently has more than one FM 100.

To get the Echo to play FM 100 you have to say "Alexa, play FM 100 Memphis." And with our deep Southern accent, the Echo sometimes confuses "Memphis" with "minutes."

I created a routine to walk her through that.


We still struggle with the command syntax. As an example it would seem that if you start playing FM 100 by saying "Alexa, play FM 100 Memphis" that to stop it you would say "Alexa, stop playing FM 100 Memphis."

Nope. You have to say "Alexa, stop."

We're learning.

Here's a good review on the Amazon Echo Show 5.

Sunday, July 07, 2019

Android Q Beta 4

Somebody's gotta test this stuff. Might as well be me.

My Essential PH-1 has gotten a little banged up. I don't use a case and it shows. 2 corners are scratched up and there's a little crack of the screen on one of those corners.

I still love the PH-1 so I shopped for a replacement. I found one on swappa.com and got it.

As long as I'm going to reload everything why not just put a beta operating system on it? What could go wrong?


Pretty much nothing.

I haven't found much different in Android Q. The biggest change I've seen is the gesture navigation. This is a lot like the iPhone X's interface. Swipe up from the bottom to go home. Swipe in from the left or right to go back.

But...

Swiping in from the left is normally how you activate the "hamburger" menu. So I just don't do that.

Alternatively you can go back by swiping in from the right. That doesn't activate the "hamburger" menu but you have to be very deliberate to avoid the active app from sending a swipe on a menu item, e.g. delete a podcast in Pocket Casts.

The other gesture I've struggled with is to get the app list. The story is that you swipe up from the bottom part of the way and then stop. The app list will slide in from the left.

That has been difficult to execute dependably. Maybe Google will change that before the final release of Android Q.

Sunday, June 30, 2019

Windows 10 1903 Network Icon

More head-shaking here. After the discussion on Windows 10 1903 Explorer Icon, I've come across another one.

Do you remember the color-coded network icons? They had red Xs or yellow !s indicating problems with network connectivity.


In 1903 these have been replaced with a single icon that doesn't have the highlighting colors.


From Howtoconnect:
New disconnected network icon on Windows 10 taskbar
Windows 10 1903 will replace the disconnected network icon on Windows 10 taskbar. Not connected icon will appear for all types of networks whether it is WiFi, Cellular, or Ethernet. This new visual should help you quickly recognize network problems so that you can take action to resolve them. You used to see either a red cross or yellow exclamation mark for the same till Windows 10 version 1809.
Seems like a step backward to me.

Sunday, June 23, 2019

Windows 10 1903 ThinkPad Monitor Driver

I'm a HUGE ThinkPad fan. When I updated my X250 to Windows 10 1903 one of the few problems I had was that when the screen would turn off after not using the laptop, it wouldn't turn back on when you began using the laptop again.

You could tell that the laptop was working. The power light was on, Sometimes you could hear the fan running. It would even beep if you (blindly) clicked on something wrong.

Thankfully I have the Power button set to hibernate when pressed. I could hibernate and then resume and the display would come back on.

Still pretty irritating.

I had gone to the Device Manager and checked the driver for the display adapter. It was current with Lenovo's guidance.

Then while still in the Device Manager I checked the driver for the monitor. It was back-level and "Update driver" loaded a new one from Lenovo.


Seems to be fixed.

While on this quest I came across this workaround:
Solution 5 - Use a keyboard shortcut to restart the graphics driver
Now, this isn’t a solution but might act as a proper workaround until you resolve the issue completely. Maybe with one of the provided solutions or some of the future Windows updates address this. Either way, there’s a black screen and you can’t do a thing besides physically powering off your PC and starting it again. However, there’s a once keyword combination which will, when utilized, restart the graphics driver and the screen might just turn on.
This helped some HP users who were plagued by the same issue. The combination you should try out is Windows key + Ctrl + Shift + B. It’ll automatically restart the graphics driver and the screen should turn on from the Sleep mode.

Sunday, June 16, 2019

Windows 10 1903 Explorer Icon

Sometimes you just have to shake your head.

With all the opportunities/problems in Windows here's an excerpt from Microsoft's post on Windows 10 1903.


Yes, Microsoft spent time updating the icon for File Explorer. If you can't tell the difference, I've included bigger images below.

Before

After

SMH

Sunday, June 09, 2019

Windows 10 1903 Explorer Windows

Recent versions of Windows 10 have had a new capability buried deep in an options menu. This capability was to launch folder windows in a separate process.

So what does that mean to you? Have you ever had an Explorer window stop responding, e.g. a network link that has gone offline.

Sure you could right click on the taskbar icon and select "Close window".

If you've ever done that you immediately regretted it.

That caused the entire Windows desktop and taskbar to restart and everything gets jumbled up.

With the new capability, each instance of Explorer has its own process. So if you force it closed the scope is just that instance. Your desktop and taskbar are undisturbed.

Some articles about Windows 10 1903 say that this is now the default. I didn't find that true on my laptop which I upgraded in place.

To check the status open an Explorer window. Select View then Options.



In the new dialog choose View. Scroll down to "Launch folder windows in a separate process" and check it.


Click on "Apply" and you're done.

Sunday, June 02, 2019

Windows 10 1903 Tamper Protection

If you're running Windows 10 Pro (and you should be) after you upgrade to Windows 10 May 2019 (Version 1903) you'll have a neat new feature that I haven't seen discussed anywhere.

Windows 10 1903 introduces Tamper Protection. Microsoft's support article is here.


Tamper Protection helps prevent malicious apps from changing important Windows Defender Antivirus settings.

Microsoft's page says "Tamper Protection is turned on by default." I didn't find that true.

To turn it on follow these steps:
  1. In the search box on the taskbar, type "Windows Security" and then select Windows Security in the list of results.
  2. In Windows Security, select "Virus & threat protection" and then under Virus & threat protection settings, select "Manage settings".
  3. Change the Tamper Protection setting to "On".
Enjoy.

Sunday, May 26, 2019

Windows 10 1903

Windows 10 May 2019 (Version 1903) was released on 05/21/19.

It will eventually get pushed to all Windows 10 users but if you want it early Microsoft's Update Assistant and Media Creation Tool are both available here.

Windows 10 1903 still has problems with removable drives, i.e. USB drives, so you should use the Update Assistant.


Before you start the install take a backup.

Then turn off Controlled Folder Access. I still don't understand why Microsoft doesn't whitelist their own applications.

If you're running Windows 10 Pro, the next thing to do is go to Settings / Windows Update / Advanced options. In the "Choose when updates are installed" section, reset all the days to 0. DON'T SKIP THIS STEP.


The upgrade should run about an hour.


When you're done, turn Controlled Folder Access back on. If you're on Windows 10 Pro, reset the days in "Choose when updates are installed".

So what's new in Windows 10 1903? Read these articles from Lifehacker and Thurrott.

And stay tuned to this blog because there's lots that they didn't cover.

Update: If you don't see 1903 at Microsoft's update page, try this link. Be aware that there might be a reason that it's not offered to you.

One of those reasons could be the following:


Yeah, I upgraded anyway and I've seen the problem.

Sunday, May 19, 2019

Amazon Fire HD 8

I know that Android tablets aren't really a thing but I use one every day. I've been through 2 Nexus 7s. My first was a Nexus 7 2012 and then a Nexus 7 2013.

I liked the size of the 2012 but it was soooo slow, even after I upgraded it to Nougat. It stays in my car now.

The 2013 was fast enough but the battery has just played out. It will indicate 100% battery available and then just cut off.

Then I came across an Amazon Fire HD 8 (2017) without special offers for $50. I didn't know much about Fire tablets but for $50 it was worth playing with.
Maybe...

The Amazon Fire HD 8 (2017) is a favorite with hackers. There are instructions on how to install the Google Play Store on it. That was easy.

But then Google Contacts didn't work. There's a fix for that.

And the Amazon launcher was odd. There's a fix for that.

But...

The launcher "fix" is still flaky. Amazon blacklisted the apk and it quit working. The creator rebuilt it with a different name. That's working for now.

Kinda...

Recently Amazon pushed an OS update. Suddenly the navigation buttons and the notification bar disappeared. You could navigate to an app but couldn't get out of it. Reboot and you still didn't get the navigation buttons and notification bar.

I suspected the launcher "fix" app. So after a hard reboot I uninstalled it and rebooted. That took me back to the Amazon launcher and the navigation buttons and notification bar were back.

Then the rest of the OS update kicked in. Afterwards I reinstalled the launcher "fix" and it worked this time.

That's pretty much the story of the Amazon Fire HD. It always seems to need something fixed.

That would be tolerable if it was blazingly fast but it's not.

It only has 1.5 GB of RAM so apps are constantly restarting. The launcher "fix" works by letting the Amazon launcher run then running the alternate launcher so you get a noticeable flash every time you press the Home button.

I'm just not sure.

Sunday, May 12, 2019

AT&T Does It Again

On May 3, 2019 at 5:15AM I was at the Memphis Airport. My daughter took a picture on her iPhone XS and added it to a long running iMessage thread (using MMS, not iMessage service, i.e. green bubbles).

I didn't get the text. That began a problematic weekend of missing some texts from that thread and, actually, any MMS thread. Sometimes I would get the message. Sometimes not. Sometimes I would get one of several pictures in a message. Sometimes none.

I spoke to a relatively knowledgeable rep at AT&T. He gave me the standard, and probably usually correct, advice of deleting that thread on an iPhone and rebuilding it. That wasn't going to happen. That thread has YEARS of pictures in it.

That was the response I got from Apple several years ago when I couldn't get my number disassociated from iMessage. Eventually something happened at Apple and I started getting messages.

So I was just going to ride it out and hope it fixed itself.

Then during the day on Monday, I got a notification from Essential that the May 2019 update was available. I went to the reddit subreddit to see the comments. Everything seemed good so I planned to apply it that evening.

While I perused that subreddit I came across this thread.


Turns out I wasn't the only one having this problem and it wasn't specific to Essential phones. Here and here are threads on the AT&T forums.

I applied the workaround suggested and all is well.

Obviously this was something that AT&T did in their network, apparently with no regard for non-iPhone users.

This reminded me of the situation back in August 2016. We were in Bar Harbor and Campobello Island and there were plenty of places that didn't have any AT&T coverage. Every time I would enter one of those areas, my BlackBerry PRIV would lose cellular connectivity and then not reconnect until I rebooted. Similar to this week's issue, there was a workaround to change the cellular connection.

BlackBerry finally pushed out a fix for it but AT&T never owned up to what they did.

Then in September 2016 Apple announced the iPhone 7 with an Intel modem.

BINGO!

I suspect that the iPhone 11 is going to only have a Qualcomm modem. Although iPhones have had Qualcomm modems before, since the iPhone 7 Apple has deliberately slowed the Qualcomm modem to be the same speed as the Intel modem.

I'm wondering if since Intel is pulling out of the cellular modem market that Apple is going to let the Qualcomm modem run at native speed in the iPhone 11. And if this is causing AT&T to adjust their network accordingly.

We'll find out in September.

Sunday, May 05, 2019

R.I.P. Dropbox

I have a long and varied history of file sharing tools. I've used FolderShareAllway SyncLive Mesh, and most recently Dropbox.

The Dropbox ride was a good one. I used referrals and got over 20GB of Dropbox space. I shared folders with my daughter and my mother. I even put my laptop's Desktop folder into Dropbox.

Then on March 1, 2019, without forewarning, Dropbox limited the number of devices for basic (free) users to 3. There was an uproar but Dropbox hasn't blinked.


I have over 20 devices linked. Most of these are obsolete entries but 1) 3 is way too few, and 2) reconciling the active vs. inactive devices is a big task. To relieve this restriction Dropbox wants you to upgrade to Dropbox Plus for $10 per month. Not gonna happen.

So I'm outta here.

I looked around at Box and OneDrive. Due to the kindness of a co-worker I have a free 50GB Box account. With OneDrive I exercised several promotions and have 40GB.

Given my experiences with a number of Microsoft syncing offerings I was reluctant to look at OneDrive.

But Box still requires a client on each device. And OneDrive's client is just built into Windows.

So I'm taking a run at OneDrive. I'm moving slowly though. As I touch a file/folder in Dropbox I'm moving that to OneDrive.

So far, so good.

Sunday, April 28, 2019

Primary, Secondary, Tertiary

I've been following the situation with Boeing's 737 MAX airliners. I came across an article (archive.is / image) on USA Today that was a pretty good summary.

In that article they mentioned that Boeing's 777 airliner's flight computers were not only triple redundant but from different manufacturers.
For the 777, Boeing's twin-aisle intercontinental jet, engineers created triple redundancy for its computers, hydraulics, communications and electrical power. Perhaps the best illustration of the lengths the company was willing to go on backups was found in the plane's primary flight computer. It was built with three microprocessors instead of one, and each came from a different manufacturer: Intel, AMD and Motorola, according to an account by a Boeing engineer.
I like their thinking. One of our clients was doing a backup solution consisting of external USB drives that he was going to alternate weekly and take home. For his needs that was good but I encouraged him to buy two different brands of external USB drives. Just in case.

This reminded me of an old post of mine on redundancy.
At FedEx we learned to have primary, secondary, and tertiary plans. When loading an airplane 1) run weights and balances, 2) put ballast in the front of the plane, and 3) tie the nose wheel to the ground. And always have a backup plane, e.g. "Plan Z."

And an older post on "Belt, suspenders, and raincoat."

I've been known to carry an umbrella as well.

Sunday, April 21, 2019

Wyze Cam

I'm not big into surveillance cameras but a while back I thought I had deer playing in my back yard. I wanted to capture them jumping the fence.

I came across the Wyze Cam. It is a cube about 2" on each side. It takes 1080p video and automatically records a 10-15 second video when it detects motion or sound. These are encrypted and uploaded to Amazon AWS where they are available for 14 days with no subscription plan required. These snippets are also stored on the microSD card if available and the last 32GB are retained. That's a lot of 15 second videos.

.
While the Wyze Cam is intended for indoor usage, it is pretty tolerable of outdoors. I have mine on a screened in porch.

Watch the cat walk around!


Notice how it highlights motion.

It has infrared LEDs so you get black and white video at night. Initially I placed mine on the porch table near the screen. The infrared LEDs produced a glare from the screen so I taped over them. I still got good video with the ambient lighting. I could have just turned them off with the app.

It connects to your Wi-Fi and there are apps for Android and iOS. It will connect to Amazon's Echo if you have one with a screen.

You can set it to send you an e-mail when it detects an event, motion and/or sound. I haven't used that.

It comes with a variety of mounting bases but I have mine just sitting on a table.

Its power is USB and it comes with an AC adapter. I've thought about putting it away from the house and running it off of a battery pack.

The Wyze Cam costs $39 with shipping and a 32GB microSD it needs card to allow local recording. If you have a spare microSD card laying around you can get the camera and shipping only for $26.

There's even an open source project to let you connect the Wyze Cam to an existing security system. And of course there's a subreddit.

Here's some screenshots from the Android app.


The intruder in my back yard wasn't a deer but a raccoon.

Sunday, April 14, 2019

Outage Communication

This post isn't bashing cloud providers, although that's an easy target.

What this is about is to give some examples of outage communication from various providers. And yes, Google and Facebook are in different sectors but the wide differences in their outage communications are still interesting.

On March 12, 2019, Google suffered an outage that impacted Gmail and a variety of their services that depended on their file system. Over the next several hours they posted 3 updates on their G Suite Status Dashboard. The first noted that they were having an outage. The second update was posted in under 2 hours and stated that they were continuing to investigate. It also enumerated the services that were impacted. The final update was 2 and 1/2 hours later and said that the issue was resolved.


But Google didn't stop there. 2 days later they posted a thorough postmortem (archive.is) that identified a root cause and remediation and prevention.

That's the way to communicate.

On March 13, 2019 Facebook had a 14-hour outage which took down the Facebook social media service, its Messenger and WhatsApp apps, Instagram, and Oculus.

Here's Facebook's communication on that outage.


Yes, that's it.

Which of these would you prefer from your services provider? Ask about that before you sign a contract and consider putting a requirement for communication and follow-up in the contract.