The Real Story Behind the Apple Privacy Statement 0

Photo Credit: PicJumbo
IMG 7446 [Editor’s note: Neither the author nor anyone associated with this blog is a lawyer of any kind. This blog is not to be taken for legal advice under any circumstances. If you have a personal privacy question of law, consult a trained and licensed attorney.]

There’s been a LOT of talk about how Apple is standing up to the Federal Government (and specifically the FBI) in the news, and it’s important to realize why the stance Apple is taking matters. This is not a blanket statement against the government cracking encryption (which is a good stance to take, but not what is at stake here).

The major issue is that what many people (even some IT Professionals) think is happening is not what is actually happening.

Basically any iPhone or iPad running iOS 8 and up produces a situation where the government cannot easily get to the data stored on a phone which has been locked with a 6 or more character passcode and disconnected from iCloud. The reasons for this are complex and highly technical, but the basic idea is that not even Apple can reverse the process of a phone locked in such a way. Mostly, this is because the phone’s own internal identification data is combined with the passcode to create a hash – a mathematical representation of the two values that makes up the key to unlock the encryption. Put in your passcode correctly, the mathematical equation output matches what the phone is expecting, and the phone unlocks. Put in the wrong passcode, and there’s no match, and the phone stays locked tight. Put in the wrong passcode enough times, and the phone forgets the key entirely, essentially permanently encrypting all the data – with the same impact as erasing all of it as far as the government is concerned.

In this case, a phone that was in the possession of one of the San Bernardino shooters has been locked with at least a 6 character passcode, and was disconnected from iCloud about a month before the shooting. That means that the government has 10 tries to get the code, or the phone irreversibly loses the encryption key, rendering all data sitting on the phone pretty much unreadable forever.

Here’s where things get tricky.

Apple is not saying they are refusing to unlock the phone for the FBI, or that they refuse to give the government anything Apple has access to directly. This is a common misconception widely reported by the media, and is flat out wrong. Apple *cannot* unlock the phone. It’s not physically or digitally possible for them to do it without changing the codebase that iOS 9 (which is on the phone) uses. Apple *can* give – and has already given – the government anything stored in iCloud. Apple has done this before when there is a valid warrant for that data, and it’s stored by Apple’s encryption, so they can reverse it and provide the info.

The issue here is that the shooter either broke iCloud backup, or manually turned it off, about a month before the shooting. That means that the majority of the information the government wants is located – and is *only* located – on the phone. Since Apple cannot reverse the locking mechanism of the phone, they do not have access to that information and can’t hand it over to the government even if they wanted to.

What Apple can do – and is refusing to do – is give the government a way to perform what is known as a “brute force” attack against the phone. A brute force attack is literally a person or computer trying combination after combination until they hit the right passcode. Normally, each try at the password takes a tiny amount of time to process, and iOS adds a tiny amount of time to that as a measure against exactly this kind of attack. To a user, this isn’t an issue, as a human entering a code won’t even notice it; but a brute force attack requires thousands of attempts to be processed automatically by a computer, and those tiny amounts of times add up to a LOT of extra time when you’re doing it at that level. The second – and more pressing – issue is that after 10 tries, the phone will never be un-encryptable. Ten tries is nowhere near enough to accomplish a brute force attack, and based on what the government is saying, they’re around try 8 right now with no success.

So what can Apple do? They can provide a signed version of the iOS software which can overwrite the restrictions in iOS which protect against such a brute force attack. Basically it would allow someone to make an infinite amount of tries, and remove the pause between attempts. This would allow a government computer the ability to try thousands of attempts, until they happen upon the right passcode and the phone unlocks itself.

This leads to the question, “If Apple could do this, why don’t they?” The answer is the heart of the matter, and a major issue in the field of personal privacy.

Apple could provide a software update to the government, which could be applied via the lightning port (just like you can do with the official software updates if you don’t want them to download right to the phone). They can create an update that allows the government to do what they’re trying to do. The problem is that doing so unleashes a genie that no one wants to see let loose. Putting that kind of software into even the US government’s hands means it is out there. In the same way as the government could use it to brute force crack a phone open when they have a valid warrant, anyone else who got their hands on the code could do the exact same thing with nothing standing in their way. Hackers the world over would quickly be able to break the phone’s security simply by physically getting the phone in their hands for a long enough period of time.

Basically, this is like the government asking Medico or Scalage or another lock maker to provide them with the means to create a key that will open every single lock that manufacturer ever made, given enough time and tries at it. While theoretically possible, it won’t be easy to do, and the harm it could do to millions of people would far outweigh the good it could possibly due for this one – albeit truly significant – criminal case. (Hat/Tip to Henry Martinez for that analogy)

Apple believes that this is a step beyond what they are reasonably expected to do, and the government’s requested methodology would leave millions of other iPhone users open to the potential to be hacked and have their phone data stolen. Once the code exists, someone will figure out how it is done and start using it to hack peoples’ devices in short order. The trade-off is simply not balanced enough to warrant first building and then giving the FBI the altered iOS software update.

Who will win? That’s up to the courts to decide. At this point both sides have valid legal standing and a lot of ground to stand on; but that means both sides could win or lose this one. Don’t be surprised if this goes all the way up to the US Supreme Court, as both sides are apparently going to fight this to the bitter end. Personal privacy and protection for everyone not involved in the crime versus the government’s lawful ability to gain evidence in a criminal case is not something that will be decided quickly or easily – but it is of vital importance to every one of us. Can the government demand something that could so easily be used for both their good and everyone else’s evil? Can Apple refuse to provide a software solution that is within their ability just because of the potential for it to be used maliciously? Unfortunately, current law has not quite kept up with the world of technology as it speeds ahead of lawmakers.

Either way, Apple is bent on fighting this as much and as long as they can, and either way, I think that shows a remarkable level of responsibility and care from them. I expect the government will also fight to the last breath, because the matter is critical to their ability to fight terrorism and other criminal activity. Bot sides are right, both sides are wrong, and I feel horrible for the judges that are going to have to figure this one out.

The times, they are a changin’ 0

Photo Credit: PicJumbo
Bonus IMG 5961
Many of you know that I had been with my until-very-recent employer for nearly 15 years. I’ve seen them go from a fledgling startup to a massive power in the field of High Availability and Migration software during that time, and I’ve been consistently proud of the platform, and proud to be part of the organization. But all good things, it is said, must eventually come to an end.

A short while ago, I tendered my resignation after accepting a position at another firm. While the decision wasn’t an easy one, and took a long time to come to me, it was time to make a change.

I will never forget all the experiences of a decade and a half of new technologies, new frontiers in server IT and Operations, the advent of the virtual datacenter, the advent of no datacenters (Cloud technologies), and the struggles of everyday IT and DevOps administrators in keeping up with the world blurring by. I’ll remember the day we changed the name of our company to match our flagship product, and the day we took the company with that new name public. I’ll remember the leaner times, as the economy contracted and our business was forced to do the same; but also the positive moves which positioned us to remain a leader in our industry.

I don’t think I’ll ever forget the transition to a new corporate identity when we got acquired; the melding of two mindsets and ways of accomplishing goals to keep the best ideas and discard the rest. The process wasn’t easy, and wasn’t always kind – or often even fair, but it was remarkably rewarding as we strove to reach the next level in our corporate evolution.

So now, I’ll take all those memories and bring that experience to bear on a new market. Stratoscale will be my new home, and with luck the place where I spend the next 15 or more years of my career. Their technology is incredible, and their people are some of the most talented and driven I’ve ever had the chance to work with. Even as a new player on the stage, they’re already getting rave reviews and making waves in the industry.

Those who know me also know that wherever I go, those I work with change the world. I work for and with innovators, visionaries, people who shape technology and guide its evolution. This move is no different, as that’s exactly who Stratoscale is. Keep your eyes open, and see what we can do!

And to those I leave behind: Never forget who we were, what we built, and where the future can take you. I won’t be far, I won’t forget the times we’ve had, and no matter what; I will always be proud of every memory you gave me to take with my on the journeys ahead.

Things I wish someone had told me before I started playing Inquisition (No Spoilers) 0

I have played both Dragon Age Origins and Dragon Age 2 – in some cases multiple times – but there were several things that I wish I knew before starting to play Inquisition. Here’s my list.

– This first one is something I actually did hear before I started, but it bears repeating. GET OUT OF THE HINTERLANDS! The starting sandbox is as beautiful as the others, and has a ton of quests (called missions) you can take on, but it’s very easy to get stuck there for 20 hours. Gain about 10 Inquisition Power and 3-4 levels under your belt (around 3-4 hours of play), then move on. You can (and in fact have to) go back to the Hinterlands later, so don’t worry, you won’t miss anything.

– Personal preference, turn off lip shine. It’s under Makeup in the character customization system (which you should definitely check out when creating your character’s look), and leaving it at the default makes you look like you overdosed on lip gloss. On a male character, it looks… really odd.

– You can JUMP! For those new to the series but who have played other games this isn’t a shock, but for those of us who played the earlier games, this is a huge change. There are still some places where you hit the dreaded “invisible wall,” but they’re few and far between in this game.

– The left thumstick will perform a “search” function when you depress/click it. This is important, as it will highlight any loot, resources, and objects of interest near you. Considering that the landscape can very easily hide things, and the number of things out there, you should search OFTEN to find stuff. In the latest patch, found items also show up as gold dots on the mini-map, making it even easier to locate them.

– Your companions don’t automatically join you. Unlike other DA games, you have to actively seek out some companions, and then convince them to join up. This is generally easy to do, but also easy to miss. Keep an eye out for new missions, and re-visit places from time to time – you’ll find that companions will turn up if you follow that advice.

– THERE’S NO HEALERS, but there are several types of healing potions. You also do NOT heal between battles automatically, but must either use potions or return to Inquisition Camps and/or your Stronghold to replenish your health. Warriors also have the Guard talent that gives them an extra health-bar before they start losing HP, and Mages can cast Barrier over their teammates to do the same, so you can live without healing magic.

– While we’re on that topic, fast-traveling to a camp automatically refills your health and BASIC healing potion supply – you do not have to actually “rest” to do it unless you walk into a camp instead of fast-traveling there.

– And refilling other potions (heal over time, mana, grenades, etc.) requires a Potions Bench found in camps and strongholds and reagents (herbs, etc.) and must be done manually. Only your basic health potions are refilled automatically at camps.

– One last note on this, your basic health potions are shared amongst the group, while all other potions and potables are per-character. This means that each character can carry stuff specific to them, but also means that they can’t access potions carried on another team member. Choose wisely.

– OK, I lied, one more on potions. Next to the potions table in most strongholds is a potion upgrade table. Use this along with consumables to improve your potions, elixirs, and grenades to make them last longer, work better, etc.

– Spend your Inquisition Perk Points wisely, they’re very limited and you may only get 10 or so in a playthrough. Some ones to save up for are “Deft Hands, Fine Tools” which lets your rogues pick more advanced locks; and “Forward Scouts” which makes resource nodes like lumber and quarries show up on your world map. There is also a perk that increases the number of healing potions the team can carry, and another to add a 3rd potion slot to each team member – both are quite useful. Finally, there is a Perk that dramatically extends the range of the Search feature – not totally critical but very useful. Otherwise, check all categories and map out which perks you want early in the game.

– DO NOT SELL ALL VALUABLES! Some stuff you pick up that gets put in the Valuables tab in your inventory is actually critical for quests! You can tell what you should hang on to in two ways. If it’s icon is gold, keep it. If it has “flavor text” that shows up when you hover over it, keep it. For the most part, anything else is either not used in quests, or there are enough of them that you can find more later on to turn in. NEVER use the “sell all valuables” option or you will ditch some important stuff.

– You can’t tell your companions’ current approval rating except by trying to figure it out by how they speak to you. Unlike previous games in the series, the companions don’t have approval bars on their Character Sheets, you just have to keep a close eye out for approval messages on-screen and try to glean information based on how they talk when you interact with them. Meaning that if a companion isn’t happy with you, they’ll be very curt with you when you speak to them, as opposed to very friendly when you’re in their good graces. It is not always obvious, either, so your mileage may vary. Companions can get pissed off enough to leave, so if one of them you want to keep starts getting snippy, find ways to make them happy (or at least neutral).

– On that topic, you can’t win them all over completely, so don’t try. Different decisions will make some companions happy and piss off others – even if they are not in your party at the time. That means no more “just don’t take that person on that mission” to get around the approval system anymore. You do seem to be able to keep most of them from being totally pissed off at you – with a LOT of work – but you won’t be able to make everyone happy. If you don’t think you want them in your party, piss them off and they’ll eventually leave (most of them anyway). Otherwise, keep them neutral to happy.

– And one last bit of info on approval. Most characters have a certain set of personality traits. When you speak to them, choosing speech snippets that align with those traits will help you gain approval, so dive deep into the character development of your companions if you want to know how to best approach them.

– Visit the Dragon Age Keep! The Keep allows you to spell out choices you made from the previous Dragon Age games. For those who played through the whole series, this is critical, as many of the choices you made in previous games have an impact on Inquisition, sometimes in surprisingly big ways. Not to worry if you haven’t played the previous games, Inquisition has a default World State it will use that steps through BioWare’s suggested outcomes from Origins and DA2.

– Speaking of different outcomes, you should save often, and use multiple save slots. I usually have 5 save slots and rotate between them as I go. There are a LOT of decisions to be made, and you might not like the outcome of some of them. Multiple saves allows you to scroll back in time and try again. The game does auto-save, but those autosaves get overwritten, so they’re not a lot of help.

– Play with the crafting system. Unlike in other games, the system in Inquisition actually yields good results after a while. More-so in weapons than in armor, but still good to check out early in the story through the end-game.

– Explore EVERYWHERE! While you should leave the Hinterlands early, go back to it and explore all the areas it has to offer. Do this with each sandbox you gain access to. Different quests, Advisor Missions, and other fun stuff won’t show up until you discover them in the sandbox. This is critical for your Strongholds. Vendors, quests, and interactions tend to hide in odd corners in those places.

– Finally, check the War Table often and do the Advisor Missions (the missions that you send your council on instead of going yourself). They yield some interesting results, and in some cases very major results. As it says above, no spoilers in this one, all I’m saying is do as many Advisor Missions as you possibly can. Hint: Time doesn’t really stop when you exit the game, so do the multi-hour Advisor Missions right before you’re done for that gaming session, when you open the game again, they’ll be done.

Locked Down Internet of Things and the Danger it Poses 0

Photo Credit: PicJumbo
IMG 7409 The “Internet of Things” is a real thing these days, with everything from toothbrushes to refrigerators now connected to wifi networks and spewing forth data to so many locations it’s hard to track. But a few disturbing trends in the IoT world definitely should give us all pause for thought.

First, many of these IoT devices are severely locked down. They can’t be upgraded, updated, or patched easily, and sometimes not at all by the end-user. Granted, end-users are famous for not keeping digital things updated to begin with, but not even having the option is a disturbing turn of events. When devices cannot be updated/reconfigured by the end-user, it both leads to issues during the product’s support lifetime and after as well.

During the active support lifetime of the device, the end user cannot ensure the updates work properly, roll back updates that didn’t work and/or create new issues, and control what information is kept and sent by the device itself. Manufacturers have many reasons for doing this, such as assuring a steady stream of information that they can market to others, for example. None of these reasons should be taken as valid for endangering the security of a home network, however. Malicious code that infects your connected refrigerator and cannot be removed until the manufacturer sends out an update is just not an acceptable situation.

After the lifetime of the product, even more problems arise. Manufacturers abandon products all the time, leaving these products without any updates at all going forward, and just as many people who would like to see if they can break in and wreak havoc. Thankfully many products continue to live on well past that point, taken over by community efforts and open-source projects to extend the lifetime of the codebase well beyond the lifetime of the 1st-party support. Locking down these devices so they can only ever be changed by the 1st-party developers can make continued community support impossible, blocking this ongoing benefit.

Secondly, locking down these devices also means that end-users become unable to see what communication is going on between those devices and the world at large. Data leakage will occur, and not being able to limit the data available to leak is a dangerous thing.

I’m not saying that all IoT devices need to be totally open and open-sourced. What I do believe, however, is that the consumer should have the right and the ability to say what will go where, and when it happens. This can be done with end-user accessible settings and controls, with the ability to apply patches and roll them back on demand, and the ability to keep unknown software off of them to begin with. Even Apple, famous for their closed ecosystem, does give users the ability to shut off things they’d prefer not to use. Yes, it will mean changing how we typically interact with these kinds of devices, but making them IoT has already done that; so it won’t exactly be a whole new paradigm. Support vendors who give the end-user enough control to keep themselves safe, and reject vendors that insist on locking out everyone without good reason.

Keep that in mind, when next you consider an internet connected fridge.

Fallout: The Story So Far **SPOILERS** 0

PowerArmorMany fans of Fallout 4 are notably still confused by the state of the world around them. The post-apocalyptic landscape is easily explained, but what exactly happened that lead up to it? This post will attempt to explain the major plot points to you.

**NOTE … SPOILERS AHEAD**.



It goes without saying that explaining the back-story of the game will give away a lot of details of previous games, so please do NOT read this if you want to avoid spoilers about the overall Fallout universe!

Divergence: Where it all went sideways

Fallout’s world is not exceptionally different from ours, up to the point of the end of the Second World War. Prior to this point in history, everything essentially went exactly as it did in our world, so the parallels are easy to draw. Sometime around the late 40’s and early 50’s, things in the Fallout world dramatically changed, and the rest, as the say, is history.

First and foremost, computers and many other electronic technology evolved much more slowly in most – though not all – categories when compared to our world. The transistor and micro-processor were both inventions that didn’t come to the Fallout world until decades later than they were discovered and put into mass production in ours. This has lead to televisions, radios, and desktop screens for computers still using vacuum tubes; and large-scale computers continuing to take up entire rooms or even larger spaces. While the overall level of technology is on par – or even ahead – of our own, it is not miniaturized, and therefore still takes up massive amounts of space.

While computer and audio-visual technology remained very large, other tech did get much smaller. Most notably, nuclear technology and the objects that use it. Portable fusion batteries (impossible in our current technological terms) are common, and power everything from televisions to laser weaponry. Micro-fission cells can power many other items (whereas in our world fission can only take place on a useful level in giant reactor chambers. Plasma weaponry is also somewhat common, meaning the Fallout world scientists managed to tame that beast and make it hand-held.

Nuclear science evolved as a massively faster pace than in our timeline overall. Cars, planes, appliances, and other equipment can all use tiny portable reactors to gain power – reactors that are still going strong 200+ years after they were last serviced and recharged. There’s a very good reason nuclear energy advanced so fast, and that reason is:

The Resource Wars

Some decades prior to the Great War, the world’s supply of fossil fuels began to dwindle. Horrific wars were fought over the last remaining oil fields – including those located in Alaska and the Middle East. While the USA fought off China for the Alaska oil fields with only conventional warfare, European nations and terrorist groups in the Middle East did engage in limited nuclear exchanges, destroying large swaths of the world outside the US. Additionally, the US annexed Canada to capture more resources and secure a land-route to Alaska directly to continue to defend the last remaining oil fields found there.

As these Resource Wars continued, industries once reliant on plastics (which require petroleum products to be made) switched instead to glass and metal. This, combined with an asthetic shift back to the styles of the 1950’s, gave the whole society the look and feel of the 50’s, but with highly advanced technologies only available to those in our timeline in our dreams. Think of it as a scene out of a 1950’s sci-fi novel or movie, and you’ll get the visual idea.

Eventually, the Resource Wars ended as there were nearly no more resources to fight over, but world tensions were still strained to the breaking point. As the USSR had not fully collapsed (how much of it became independent states is not clearly spelled out, but the USSR itself is still a world power); the US, USSR, China, and European Commonwealth were the dominant forces of the world, and on the brink of total destruction. The tensions grew and grew, until 2077, when the simmering tensions boiled over into nuclear annihilation.

And so, our story begins:

When Fallout 4 starts, you play as either a former soldier in the Alaskan Front, or the wife of the same, with a newborn son living in an idyllic suburban paradise. Your robot butler attends to the day-to-day running of the modest two-bedroom house (robotics and AI having become so common everyone could afford them) and you are beginning an average day – late October, 2077. As you go about your daily routine, a news alert is broadcast, and the visibly shaken reporter announces confirmed nuclear detonations in Washington DC and Philidelphia. You and the family immediately head to the Vault-Tec Vault 111 – an underground shelter capable of keeping 1000 people safe from the attacks going on in the outside world, ready to re-form society in about 80 years when the fallout falls to livable levels once more. Or so you’re told…

What happened just before this point:
As you and your family descend into the underground vault, none of you have any idea about the massive and intricate plan that has been going on around you – and that you’ve now become an unwitting player in.

Enter the Enclave:
Leading up to the Great War, the upper echelon of US (and possibly worldwide) leadership realized that some form of mass extinction event was going to happen in their lifetimes. Debates raged about if it wold be a massive climate shift, nuclear war, or something else, but every projection showed the utter destruction of humanity in the none-to-distant future. Planning for the worst, they formed the Enclave – a secretive group who would rebuild society based on a set of criteria known only to them. Race and social status didn’t seem to come into their calculations, as those chosen for the Vaults (a.k.a. Project Safehouse) came from every societal strata and ethnic background. These select few (about 1/1000th of the population at best) were lured into signing up for space in vast underground vaults created by a shadowy company named Vault-Tec. VT was less a for-profit corporation and more an arm of the Enclave government, and the vaults were far from what they appeared.

Each vault – with few exceptions – was actually designed to run a complex and long-running study of societal and psychological experimentation. The results of these experiments would allow the Enclave (safe in their functioning-as-expected vaults) and some control vaults to then take the lessons learned and best re-build the human race. The entire project would be monitored and controlled by Vault-Tec scientists sealed away in relative comfort and watching everything through dedicated video and audio links – as well as the personal reports from select vault controllers locked away along-side their subjects.

Some known experiments:

– Multiple generations locked within a vault with no chance of leaving and ruled by a tyrannical Overseer.

– The greatest musical geniuses of a generation slowly driven mad by psychoactive substances in the air supply

– A vault with only male residents except for one female

– A vault with only female residents except for one male

– Forced elections for “Overseer” in which the chosen candidate would server a one year term, then be killed.

– A lottery where each vault resident might be chosen to be executed

– Cloning experiments that went horribly wrong after multiple generations of clones

– Fanatical anarchists locked up with a massive supply of weapons

– Vault doors which would not function correctly, letting a precise amount of radiation leak into the vault against all efforts by the residents

– Purposely faulty equipment that would not seriously endanger the vault dwellers, but caused a continual stream of stress

– Inclusion of only very upper-class residents, but an inept Overseer and working-class support staff that all had absolute authority over them.

– Cryogenic suspension of all residents except for a very small staff to manage them for the first 180 days

The list goes on and on, with 113 known vaults, and possibly dozens more not yet reveled through the games to date. Each of these experiments were meant to allow the Enclave to observe how humanity adapted (or in most cases, horribly failed to adapt) to the pressures the experiments put them under. This allowed them to formulate the best way to handle rebuilding society when the so called “control vaults” which had no experiments going on in them opened, and the resulting humans walked out to rebuild anew.

What went wrong:

As is evident in all the games, the experiments all failed massively in different ways. Vaults with tyrannical Overseers ended up in total revolt and anarchy. Psychological experiments warped and twisted the minds of the vault dwellers, rendering them savages or sending them all into murderous rages. Societal experiments failed when no one would actually adapt to new paradigms and either forced their way out of the vault, or were driven into murderous rages (that’s a theme repeated quite often). Only a very few vaults had success:

– Vault 21 in Las Vegas was populated with compulsive gamblers, gambling equipement, and the rule that ALL arguments and disputes must be solved by gambling. While the compulsive gamblers bred successive generations of compulsive gamblers, the conflict resolution method work insanely well.

– Vault 31 where committed anarchists and xenophobes were given unlimited weapons and ammunition. Surprisingly they did not destroy each other, but went on to found a xenophobic community generations later when the vault was opened. They’re most definitely not welcoming to outsiders, but otherwise they’re doing very well.

– Vault City, where a vault opened on time, and the residents used the Garden of Eden Creation Kit (GECK) – a device used to supply food, water, power, etc. – to create a new city and are still living happily in it a century later.

– Necropolis, where the experiment to allow radiation into the vault resulted in horrible mutations, but otherwise the residents all survived and lived on (see Gouls in an upcoming post).

– Several control vaults which eventually opened to allow their dwellers to leave.

Aside from those exceptions, the Project Safehouse vaults were all horrific failures, but the Enclave still learned valuable lessons from them. As for the Enclave themselves, secret and perfectly functional vaults kept them alive and well until the background radiation fell enough for them to go out into the world and try to rebuild it.

Next time in this series, we’ll talk about what happened to everything outside the vaults after the bombs fell. Stay tuned!

Notes:
Most information is taken from either official Bethesda/Zenimax sources, or from the Fallout Wiki on Wikia. Both are worth a look!

Be wary of sync services 0

Photo Credit: PicJumbo-Viktor Hanacek
IMG 5938Recently I looked into various task-management apps that will work across my Mac and mobiles (iPhone and iPad). Of course, that means I also need to synchronize data across those platforms, so that tasks created or completed on one device reflect as such on all the other devices. While that’s not generally an issue for most of the major software vendors, it does bring up some important concerns that most of those same developers have completely ignored.

Syncing data between devices requires sending that information outside of your network to a server, where it can then be accessed by the other devices and compared/added/removed. All the major vendors of task software encrypt the transmission to and from those servers with SSL, a reasonable security practice. But nearly none encrypt the data at rest. This means that they have ensured no one (or nearly no-one at any rate) can view the data in flight, but anyone who compromises their security at the server can see all the data in plain format.

As we’ve seen from the recent spate of attacks and hacks against a large number of companies, servers are compromised on an unfortunately regular basis. Having the data rest unencrypted on those servers means that your info (which might include personally identifiable information) will eventually be stolen whenever an attacker decides to focus their attentions on the software vendor in question. Let me repeat, this is not a matter of “if,” it is a matter of “when” this is going to occur.

Luckily, a few of the vendors – such as Appigo and their ToDo app – do allow for you to set up your own sync using services such as DropBox or your own WebDAV server which can be encrypted at rest. Using Dropbox isn’t perfect by any stretch, they’ve shown that their security can be compromised, typically via attack through third-party connectivity. However, they do at least attempt to keep your data safe, and it’s a far cry better than no encryption at all. Setting up your own secure WebDAV server is tricky, and not for the technological newbie, but it is another option to keep your data safe.

So, when syncing your data with any app, make sure the data is encrypted both in-flight and at-rest. “Secure Sync” may simply mean the data is transmitted securely, and it’s up to you to find out if the data is also stored securely. You may find, and in many cases will find, that the data is stored in a format that leaves you wide open.

First Look: Plantronics BackBeat Pro 0

BackBeatPRO plus Spill print cmyk 28MAY15 I finally decided to join the 21st century and get a bluetooth stereo headset for my mobile devices. Up until now I’d been happy with a wired headset and a bluetooth earpiece for when I just needed to make phone calls and nothing else, but with a recent job switch that focused a lot more on my mobile phone, and all-in-one device was going to be a better fit. Looking through the available options, I found a massive choice in products, and a ton of different feature sets to pick from. Luckily for me, several co-workers had gone through this process in the recent past, and helped me narrow down the choices to about 4 selections.

My required feature-set was pretty small:

– Long battery life, a minimum of ten hours of real-world use.

– Ability to activate Siri so that I could voice-control the device.

– Complete compatibility with iDevices (including volume, play/pause, all phone commands, etc.)

– Micro-USB charging. No adapters or other widgets that I’ll lose.

– Customization. Let me choose which features I actually want to use.

– COMFORT. I had experienced some headsets that were horrific on the ears over the years.

– Voice quality. Whoever I call has to be able to clearly understand me.

– At least a little style. This wasn’t the most important feature, but one I wanted on the list.

The combination of these features narrowed the choices down to two, and from that I went with the Plantronics BackBeat Pro headset. One quick browse of Amazon later and I was waiting for the package to arrive. A few days later, and the fun began.

So, how did the headset rank against my list of requirements?

— Battery Life: I never trust the battery specs on web pages and/or box copy. Every manufacturer lies. So when I saw “up to 24 hours of playback time,” I took it with a grain of salt. However, to my surprise, these cans do seem to go for quite a long time on a 3 hour charge. I can’t attest to the claim of 24 hours, but I have run them with music on constant shuffle for 8 plus hours and they didn’t seem to be anywhere near running out of juice. My guesstimate – based on the battery stats voice prompt and my use pattern, is that they’ll clear at least 10 hours with moderate phone use and constant music playback. About the same run-time as the phone itself, so that works well. Verdict: PASSED

— Voice activation and control: The BackBeat Pro works with both Android and Apple devices, and is configured to properly activate Siri on iDevices with a long-press on the Phone button on the headset itself. What I found interesting (and sorely missing from some other wired and wireless headsets I’ve tried) is that not only do you get an audible beep when you press the button, but a second beep to alert you that you’ve held the button down long enough to initiate voice activation. That second beep is critical for me, as otherwise I tend to hold the button down too long and end up confusing the phone or (if you pair two devices) switching to another device. Voice commands were clearly picked up by the phone, and Siri had no issues with my request, beyond it’s usual foibles that have nothing to do with the headset. Verdict: PASSED

— Complete iDevice compatibility. Nearly every headset I looked at has this nailed, and the BackBeat Pro was no exception. Various buttons and dials on the headset properly and correctly activated the associated features on the phone without any issues. This included full control over the audio playback (Play/Pause, Forward, Back, Fast Forward, Reverse, volume, etc.) and phone operations (answer, hang-up, redial, etc.). Verdict: PASSED

— Micro-USB charging. A lot of the headsets required charging stands/bases, or used a proprietary charger (even in this day and age), or otherwise made life for a guy who has a habit of losing chargers on business trips a living hell. The BackBeat Pro uses a standard micro-USB plug to charge, no issues. Verdict: PASSED

— Customization. Most of the headsets I looked at were multi-function, and have so many bells and whistles they could qualify as orchestras. The problem is, some features become downright annoying, and there’s no way to disable them. Case in point, the BackBeat Pro uses Plantronics’ motion-sensing technology to do things like pause the music when you take the headset off and lay it down. I find that unnecessary and possibly even totally annoying if moving the headset out of the way to pick up the phone triggers automatic call answering. Luckily, the BackBeat Pro comes with both Windows and Mac software that communicates via the USB charging cable to enable/disable features and install firmware updates, so you can just shut that stuff off if you don’t want to use it. Verdict: PASSED – plus easy firmware updates!

— Comfort. This is a mixed bag. The headset is big, and even a little heavy. It’s very well cushioned, so you don’t really feel it, and balanced well so that everything sits properly on your head, but it’s noticeable. The cushioning itself is well done, and in all the right places, and the headset isn’t a pain (literally or figuratively) to wear, but the size/weight could be an issue for some. Verdict: MIXED – I found it very wearable, but some will definitely feel it is too heavy.

— Voice Quality. I made several test calls with the headset, and the people on the other end of the line said I sounded clear and understandable. The BackBeat Pro has noise reduction and other features, so this wasn’t a major surprise, but since there is no boom-style mic I was a bit worried. There were no complaints from my callers, though, so I’m going with Verdict: PASSED

— Style. Another mixed bag. While not being ugly, they’re also not beautiful. Aesthetics aren’t my main concern when reviewing tech, so I was ok with it. Those looking for the streamlined style of a Beats headset or the ostentatious appeal of a Sennheiser kit won’t find much to love here, but they’re definitely wearable in public without fear of attracting too many stares. Verdict: MIXED, but passable.

There were some downsides to the BackBeat Pro, however:

They come with every feature enabled, so unless you use the software to turn off the annoyances, plan on learning how to properly handle/move the things without triggering stuff. Additionally, they did NOT play well with my desktop. Audio was choppy and unreliable when attempting to stream music from my 2014 iMac, which is a problem I’ve found with many different wireless headsets. It got even worse when I had the BackBeat Pro multipoint paired (paired with two active devices simultaneously). Although Plantronics claims that multipoint isn’t a problem the headset often had a hard time figuring out which device had “right of way” at any given time.

Finally, the audio tends to pull a bit to the treble side of the equation whenever the Active Noise Cancelling is turned on. Not so much that it really impacts casual listening, but there’s no bass boost, and if you are a connoisseur of very high quality audio you will definitely notice it.

Overall Verdict: PASSED

I’d recommend this headset for anyone looking for a true mobile headset to control, talk with, and interact with mobile phones and tablets. While the audio could be a bit better with the addition of a bass boost function – especially with Noise Cancelling enabled – the audio quality for the speakers and microphone is quite good – better than many other headsets and ear-pods I’ve used over the years. They’re not cheap, but they’re definitely not overpriced for what they do, and a solid choice for mobile stereo headsets.

Fallout 4: Is the Railroad Clueless? (Hint: not really) 0

Photo Credit: Jspoelstra at the Fallout Wiki on Wikia
Icon Railroad HQThe Railroad is one of the four major factions within the Fallout 4 universe. A group of dedicated individuals working together to ferry Synthetic Organics (“Synths”) out of the Commonwealth to freedom, they’re based on the Underground Railroad that existed in the real-world United States of America during the 1800’s. Their real-world counterparts allowed both freed (but still hunted) and non-freed salves to escape to the territories in the northern US, where slavery was banned and/or outlawed.

****WARNING: SPOILERS AHEAD!***

In the world of Fallout 4, a group of scientists called The Institute has created and evolved humanoid robotics (think androids taken to the extreme). Starting with Generation 1, these Synths evolved from skeletal, entirely synthetic creations of metal and polymers into the current Generation 3 Synth; a synthetic human built from organic components. Gen 3 Synths are made of (artificial) flesh and bone, and can walk, talk, eat, sleep, and effectively do everything that an organic human being can do. They are, however, still constructs of the Institute. Synths are sent out into the Commonwealth to spy for the Institute, and in some cases they even replace humans who the Institute believes are in positions to assist their aims. The rest act as servants for the Institute itself, performing all the manual labor so that the scientists can focus on expanding humanity’s horizons. They have programed memories, personalities, thoughts, and goals. They serve the Institute and it’s aims, no matter what.

Except where they don’t. That’s where things get interesting.

Normally, a Synth is effectively a slave of the Institute. While outwardly (and in many ways even inwardly) human, a Synth is a creation of man – built, programmed, and driven by their Institute masters. In some cases, however, something changes. The Synth becomes fully self-aware, and begins to think for itself. As with any other sentient (or apparently sentient) being, self-aware Synths begin to desire freedom, and look for an escape from the closed-world of the Institute; and that’s where the Railroad steps in.

Through a combination of agents, tourists (civilians who aren’t part of the Railroad itself, but are willing and able to assist), and a few key players inside the Institute itself; the Railroad brings self-aware synths out of the Institute and into the Commonwealth. Once there, they are ferried through a series of safe-houses as they are given new identities, back-stories, totally new memories, and even new faces through advanced plastic surgery. From there, the Synth is moved out of the Commonwealth and integrated into society in the world at large – indistinguishable from any real human in the Wasteland.

This process was hinted at in Fallout 3, with the quest “The Replicated Man.” The Lone Wanderer was set on the trail of an Institute Synth who had been memory wiped, had their face changed, and was spirited out to the Capitol Wasteland to begin a new life. An Institute scientist and his synth bodyguard show up in Rivet City, after following a series of leads that lead the team to believe that their quarry was currently living and working there. During the quest to discover the new identity of the Synth, the Wanderer is introduced to another group, the Railroad, who is attempting to stop the Institute team and allow the Synth in question to retain their freedom. Since the Synth had a complete memory wipe, they believe themselves to be human, thus making it even more difficult to figure out who they are.

The Lone Wanderer may refuse the quest, find the Synth and return it to the Institute, find them and not interfere with their new life, or find them and let them go free, but force them to realize they are a Synth, not a real human. While the results of this quest are not carried into FO4, the quest itself does set up both the Institute and the Railroad as major competing factions.

Skip ahead to 2277, and the Sole Survivor can encounter the Railroad in one of two ways:
– At various locations, settlers and others will mention that the Institute must have enemies. They suggest that one can find the Railroad, if they “follow the freedom trail.” This sets off a quest to locate multiple markers along the real-life Freedom Trail – though the in-game trail is much shorter. Each trail marker indicates a letter, and stringing them together provides the passphrase necessary to open an intricate combination lock on the Railroad’s front door.
– During the main quest, a critical piece of intelligence will need to be analyzed in order to move forward in your quest. The only faction that can do so is the Railroad, no matter what faction you wish to ally with. Thankfully, the game properly handles the situation even if you have already wiped out the entire Railroad faction, but at this point in the game you probably haven’t even met them yet. When you reach this point in the quest, all roads lead to the Freedom Trail, and your encounter with the Railroad.

Either way, you meet the members of the Railroad – such as they are. They recently suffered a devastating defeat at the hands of the Institute that wiped out a sizable portion of their forces and cut them off from their former HQ. Assisting them leads to you becoming a Heavy – an Agent of the Railroad responsible for clearing out obstacles to getting their charges along the road to freedom. While not every member is on board with this idea, most are, and you can find yourself in a cloak-and-dagger spy thriller as you help escaped Synths find freedom in the world.

Many fans of FO4 have called the Railroad into question as a major faction. They have few resources, few people, and even fewer good chances to accomplish their goals. In a previous post, even I noted that they weren’t the best faction if you wanted to help the Commonwealth thrive. I will admit, however, that I might have misjudged them.

First, the Railroad is a noble cause. They have found out that Synths have the ability to become sentient, and believe strongly that no sentient being should be locked into slavery to anyone. This doesn’t really support the “not really clueless” hypothesis, but it’s important to point out.

Second, their people are dedicated to the point of fanatical. Once set on the path to a goal, they *will* accomplish it. Even with a fraction of the people they once had, and a new HQ with a fraction of the resources, they keep getting the job done. This points to them being able to adapt to changing circumstances, improvise new solutions, and get things back on track even in a severely changing game. They don’t blindly head toward their goals, they work and change and adapt along the way.

Third, they understand they’re the underdog. No one in the group has any illusions that they’re doing anything but an impossible task. There appears to be no one deluded or clueless – well except for Tinker Tom – and everyone knows that they’ll never actually win. It’s the fight that matters. Each Synth they free is one more victory, even if the war can never be won.

Finally, they’re willing to make alliances. They don’t do so easily, and it takes a tremendous amount of work to gain their trust, but they do make alliances. In FO4, they can ally with the Minutemen, if you follow the right paths to get it done. They cannot – as you’d expect – ally with either the Institute (for obvious reasons) or the Brotherhood of Steel (who want all technology controlled or destroyed), but they do accept honest friendship when it’s offered and it suits their cause.

So while you may consider them misguided, dangerous, or some futuristic version of Don Quixote, they would not by most definitions be considered clueless. And that might just make them the most dangerous faction in the Commonwealth.

Notes:
Most information is taken from either official Bethesda/Zenimax sources, or from the Fallout Wiki on Wikia. Both are worth a look!

The Prescription Costs HOW MUCH?! 0

HNCK1569 Please take a moment and study the picture of the cute kitten. When you’re done reading, you’ll probably have steam coming out of your ears as you swear at the monitor/mobile screen, so take some time. His name is Monty, and he is very cute.

I’m blessed in my life that I have great health insurance that covers pretty much everything I could need from a medical perspective. I realize how insanely lucky I am that this is true. My doctor is incredible, my pharmacy knows me and looks out for me, I have very little to complain about.

I do, however, have a deductible, and at the beginning of each year I have to pay out of pocket until that number is reached. It’s not a massive burden, and I’m again blessed that I can afford to do it. But each January I get dragged back into the reality of the millions of un-insured or under-insured people in this country when I see the raw, unfiltered numbers that represent the insane costs of medical care.

I won’t give out a lot of information on specifics, as blogging about personally identifiable medical issues is generally a bad idea. Suffice it to say that I take certain prescription medications each month that dramatically improve the quality of my life. I might very well be able to live without them, but not anywhere near as well as I can live with them, so I and my doctor consider them necessary. One of those medications – just ONE – was over US$300. I cannot imagine how I’d be able to deal with that kind of monthly expense without health insurance that covered the majority of the cost for the majority of the year.

The medication is question has no generic – not because it’s new (it’s well over 15 years old) or because it’s some massively proprietary formula (it’s a combination of other medications), but because the formula in question is patented by a pharmaceutical giant who has managed to maintain the patent for an inordinately long time. Since the combination works significantly better than the two components alone, this is the best – and considered by many doctors to be the only – possible medication. This company has created a monopoly, and is charging what I can only describe as a certifiably insane amount of money for a one-month supply. If I wasn’t as lucky, as blessed, as I am. If I had to choose between this medication and food, I don’t know what I would do. For those of us who use it, the decision is that important. I don’t even want to think about what would happen if I had to choose between that and food not just for me, but my family, or children, or anyone under my care.

Suddenly, I faced the frightening reality of millions of Americans. I understood the literal life-or-death decisions that un- or under-insured people must make on a daily basis. I realized why some hedge-fund millionaire douche hiking the prices of a drug by 700% is a horrifying thing. This is real, this is happening, and now I understand why it is simply unacceptable in a civilized society.

Pharmaceutical companies should be able to make a profit. The old adage of “the second pill costs pennies, the first one costs billions” is true. I do not begrudge them and their shareholders from making a very good living from the insane amount of brain-power that was required to make these drugs in the first place. But there has to be a breaking point, where the out-of-control greed of the pharma companies combined with legal loopholes that let them set whatever prices they want results in a literal life-or-death situation for their customers. There must be a point where compassion and finance can meet at which allows people to have the medicine they need *and* the company can make a profit, and it is a LOT less then US$300+ (and I’ve seen some that were much higher) for a one-month supply! Come on, millions of people will use the stuff, companies can make an ungodly amount of cash charging a lot less.

Then there’s supply and demand. Artificial scarcity caused by patent laws that have spun totally out of control has created this situation. They can charge whatever they want because there is no competition, and there will be no competition as long as they hold the exclusive legal right to produce the medications in question.

Finally there’s the scourge of fake internet pharmacies shipping who knows what and labeling it as life-sustaining medicine. I’m not talking about narcotics or ED medications, I’m talking about heart and blood pressure treatments, medications for chronic conditions, or critical antibiotics – things that people literally cannot live without. Of course, in desperation, people without sufficient insurance will use these online scam artists to save the thousands of dollars every year that the legitimate pharmacies are forced to charge for the legitimate medications and many have died as a result.

There must be a better way to do this.

I know there’s little one person like me can do about it. I know I have no political capital to spend or clout to throw around. But I promise, I will not forget the shock I felt seeing that total ring up, and realizing that had I not been as lucky as I am in my life, I may have had to make a devastating choice that day – and that millions actually do.

Now, go look at Monty again. Hug your friends and family, get back to your lives, but never forget that many may be making the decsion right this moment to risk their lives because they cannot afford the medication they need. Not because it doesn’t exist, not because it’s in such short supply they cannot get hold of it, but because they simply cannot afford it – and for no good reason that I can figure out.

Cloud Condensation 0

Photo Credit: PicJumbo
HNCK7272I made a prediction a couple of years back, and we’re beginning to see signs that it might just come true, a bit sooner than I expected, but still coming true.

The public cloud market is getting more and more crowded, to the point of saturation of the marketplace by hundreds of players of various and assorted sizes. Massive media attention has brought thousands of customers into those cloud platforms, at all different levels. The result is a highly segmented, nearly fractured, industry that cannot hold in its current form. The logical conclusion of this phenomenon – to use a term coined by a co-worker of mine – will be “Cloud Condensation,” and we’re already beginning to see it.

Cloud Condensation is the phenomenon of public Infrastructure as a Service cloud shrinking and creating two types of fallout:

1 – Through mergers, acquisitions, and corporate collapse; fewer public cloud companies will exist, and

2 – Companies who had begun to move resources to public cloud will reduce the amount of resources they place there, and in fact will begin pulling back many of those resources into private datacenters and/or traditional co-location facilities.

This is not to say that cloud itself will disappear – far from it. The cloud principle is strong and will continue to grow and expand over time. Cloud Condensation simply refers to the mind-shift of moving from public cloud to private or on-prem cloud platforms. There are also a lot more types of cloud platforms than just IaaS, and public SaaS and PaaS continue strong growth.

We are, however; seeing the beginnings of Condensation in public IaaS, and there are a few strong indicators that it’s happening:

– HP dropped Helion Public Cloud late in 2015. While they will continue to focus on HP Enterprise Cloud (their private cloud offering), they began to realize that public IaaS cloud was too crowded a sector.

– Citrix sold off Cloud Platform just recently. OpenStack and CloudStack are still strong, but both are designed for hybrid clouds and converged architecture. Cloud Platform is the tool for managing public clouds in their portfolio.

– Several smaller public cloud players are being acquired by larger players. This is pretty normal in any business, and only points to Condensation when combined with other factors.

– Verizon is winding down its public cloud offerings

– Several other traditionally public cloud platforms are beginning to focus more on managed services

Taken together, there is an industry push to private and on-prem IaaS cloud, and away from public cloud. Once again, this is NOT a death-knell for cloud at all, just a shift in how the cloud looks in the modern world. I suspect we’ll continue to see more of this consolidation and contraction in the market, with larger public clouds taking over market share from smaller shops – absorbing them or driving them under – and the rise of services and platforms designed for private and managed clouds taking the fore. My revised estimate is that we’ll see Condensation kick into high gear within the next 8 months, and extend out for another 12-18 before we have the new paradigm.

Cloud – in all its forms – is here to stay. I just suspect (and we’re starting to see some indication) that we’ll see many companies moving to managed, private, and on-prem cloud platforms.