A message to the protestors

Look, I’m just as pissed off as you folks are that we will have to acknowledge “President Donald Trump” very, very soon. I didn’t want this. I didn’t want Hillary either, but frankly she’d have hurt a hell of a lot less. I don’t want him as my President, I don’t want him representing us to the rest of the world, and I sure as hell don’t want the world that he’ll help shape.

But…

There are violent protests going on all over the United States right now. That has to stop. It has to stop now, and never resume. You will fail, you will hurt those who are trying to keep the damage to a minimum. You will destroy the causes you want to support. And most importantly, you will help Trump prove his own misogynistic, homophobic, homicidal, dumb-ass, short-sighted, anti-humanity ideas.

That’s right, you are helping Donald Trump continue in his plans.

Look, there are a lot of ways that you can stand against him without destroying your own movement:

March and protest peacefully. Hell, we’ve overturned some very deep-rooted and immobile laws and feelings in this country with that policy. It works, and it works incredibly well.

VOTE! over 46% of those eligible to vote in this country failed to do so this year. Let’s say that half of those were unfairly not allowed to – a percentage that would be considered by even liberal sources to be high, but I’ll give you the benefit of the doubt. An additional 25% of the electorate participating would have absolutely changed the outcome. Maybe Trump would have still won, but at least there would have been one hell of a strong voice of opposition. Don’t stay home, don’t ignore the voting booth. Get out there and make your opinion count in the most powerful way the world has ever seen.

Finance organizations and volunteer. Planned Parenthood, Lambda Legal Defense Fund, The American Civil Liberties Union, there are a lot of them out there who are now under fire. Give them money. Give them time. They’re in desperate need of both, and that need is going to get more and more dire.

Stop those who would destroy your message. If you and your fellow marchers/protestors witness someone rioting or looting, surround them. Don’t put yourself in physical danger; just keep them from leaving the scene of a literal crime. Let the police in, and don’t let the criminals out. Force the news to report that those who stand in opposition to Trump will refuse to sanction violence and criminal behavior in their name, and force those who think this is appropriate behavior to recognize that it is not, and you will not either condone or assist them in it.

Finally, remember that Trump will be sworn in as president. We can’t stop that now. What we need to do is become what Britain calls “The Loyal Opposition.” Never let in or give up for a moment on your ideals or values. Never stop pushing (peacefully, effectively) against the policies you do not and can not endorse. But remember we are still all Americans. We are still all bound by the laws of our country and the leaders that are elected to make and uphold those laws. This isn’t a contradiction of terms or oxymoronic thinking, this is what our system of government was designed to do from the very beginning. Believe it or not, not everyone in Colonial America believed that secession and independence was the right idea. Some stood up in favor of remaining loyal to the crown. The did, however, still support the will of the people when the fledgling country decided on which direction it would move.

Teach people about the most powerful tools at our disposal to defeat bad laws: Peaceful Protest, Jury Nullification, Voting the morons out of office, the are a large number of them. Use them, teach others about them, but work within the system to change the system and the message will be broadcast to all the corners of the earth.

Riot and wreck up our cities, and not only is your own message lost, you support the very people you are trying to protest against.

We’re in this together. We will survive the next four years. Let’s not make the situation twenty times worse by fueling the very people and policies we stand against.

Fixing Stubborn Default App Issues With RCDefaultApp

RCDefault Usually, you can set default apps for certain file types right through OS X features directly. Email (in El Capitan) is done by going to the preference pane in Mail.app, most file types allow you to set the default by going to Get Info, etc. However, sometimes things go awry, and that’s where RCDefaultApp comes in handy – big time!

For example, I had been trying out several email apps to find a good “second app” that I could use exclusively for corporate email messaging. This seriously screwed up my default mail app settings, and nothing would convince OS X to not use Mail.app for everything email no matter what. I tried many suggestions found online, but most fixes either no longer existed in El Capitan (repair permissions) or were simply ineffective at fixing the problem. Then one of my Tweeple – @bynkii – suggested I check out RCDefaultApp.

I had used it some time ago (Snow Leopard days) and it worked well, so I hunted around and found it again. First off, make sure you download it from RubiCode’s site only. Other sites seem to only have the non-universal, PowerPC versions which will not work on anything past the Leopard family. Once you have it, open the dmg and then open the Preference Pane file. This will launch a mini-installer that lets you decide if you want to install it for all users or not. Note: one component (“DoesNothing”) will not run, as it is not signed, but apparently it does exactly what it says on the tin, and doesn’t actually do anything necessary to the software itself.

The app is simply a Preference Pane, so open System Preferences, and you will see a new pane called “Default Preferences” under Other at the bottom. This brings up the main window, which lets you set your default apps for a wide variety of file types, sub-types, and more. In my case, I had to change the default email handler, but also the extension for .eml – which is apparently what was causing all the problems for me. Once I made those changes, Airmail became my default email client for the entire system as expected.

So if you have files opening in odd applications, and the normal methods for changing the default apps don’t work, check out RCDefaultApp from RubiCode. It’s free, and worth far more than you pay for it =)

“The Division” Sucks for Casual Gamers

Photo Credit: Joe The Goat Farmer on Flickr
ThumbsDown As you folks already know, I’m not totally immune from liking first or third party shooters. I loved Mass Effect (up until the ending of 3) and I’m nuts over the Fallout games. So when a new 3rd-Person shooter based in the aftermath of a massive disease outbreak and resulting loss of society came out, and it was based in New York City, I was in. The game, however, really and truly sucks for casual gamers, which became painfully obvious within about 90 minutes of playing. Here’s why:

1 – The story is OK but not great. Ubisoft created yet another generic, voiceless protagonist who is about as interesting as dirt. Then they added a cast of milquetoast characters and a story made more to further the shooting than further the plot. That’s pretty much what we have here. Nothing pulled me in. There is no reason for casual gamers to want to play it, aside from hours of fun shooting people if you’re into that. I, personally, am not so much into that. I want to get drawn into the storyline of the game. I want to understand the reasons for doing what my character is doing other than “you’re the good guy, and bad stuff happened, now here’s a gun.”

2 – Mandatory, always on-line. Why would ANYONE still require this for a single-player game after all the fiascos in the last 2 years? Because Ubisoft, that’s why. You need to be always on-line because the game tries CONSTANTLY to matchmake groups. So as far as having a playable single-person storyline, that’s a big red flag. Now let’s add in queues to enter various areas because the game is tracking simultaneous users so that it can attempt to matchmake you. There are games that get this right – like the Borderland series – and there are games that get it totally wrong, like this piece of… code.

3 – Difficulty spikes from hell right after the tutorial. Great, you finish the tutorial – which is very much single-player but still tries to matchmake you (see #2) – and get to Manhattan. At which point, you *will* die on every single mission. Every one. Granted, I’m not an expert at cover systems, but I managed to get through Mass Effect 2 and 3, and several Gears of War titles without major issues. I died on and off, there were harder-than-average missions, but the gameplay was enjoyable and not so hard on “normal” that I wanted to fling the controller across the room. Here, it’s constant “reloading at last checkpoint.” Wave after wave of guys shooting at me, hurling grenades while their buddies shot at me, finding new ways to shoot at me. That, alone, isn’t abnormal, but when you finally do best them, guess what, there’s 10 more coming after you. I’m one guy with one gun, but for some reason this game thinks I’m an army with a full artillery squadron. I soon also realized that the enemies took about 3x the number of shots to die compared to me, so add that in too. It’s beyond “good AI” or “challenging missions” and right into “the computer is a cheating bastard” territory.

4 – It’s not actually a single-player game. It’s not, don’t let anyone tell you that it is. Get a group or get annihilated. I don’t have a problem with this on it’s face, but why bother to even pretend there’s any point to this than grouping up and playing a co-op shooter? As with the other reasons, this alone isn’t necessarily a bad thing. Many games are challenging for a single-player but much more playable with a group. There’s a line between that and “just give up unless you have a group,” which is what we have going on here. So, of course, unless you have 5 hours to invest and want to completely give up your life, good luck enjoying the game. You’ll be stuck in pick-up groups from hell, and I challenge anyone to say that a PUG game is fun for casual gamers.

So, if you want a hardcore shooter that requires a group to avoid frustration, this is a great title for you. As for me, I’m heading back to Fallout 4, where things can be quite challenging, but at least there’s a semblance of a reason that you’re fighting against Super Mutants, and you can – if you work at it – beat the odds.

The Search for Workable Information Worker Software

HNCK2695 Email is – for the most part – the stuff of modern productivity. Begin able to send and receive email, along with the calendars, contacts, and tasks that it brings; is essential to getting work done these days. When you use the native Mac apps, everything is fine. When you need to use 3rd-party tools, things go sideways in a hurry.

For example, I work – as most do – with email, calendar, task, and contact apps on a daily basis. To keep my personal accounts independent from my work accounts, I use the native OS X apps (Mail, Calendar, Contacts, etc.) for my own stuff and 3rd-party apps for everything else. While I was working for a company that used Exchange/Office 365, this was easy to do. Native apps for personal, Outlook for work, and everything went relatively seamlessly. Granted, Outlook has issues, but it worked.

For my personal stuff, all the apps talked to each other and would share data with each other. Accepting an invitation in email put the resulting appointment into the calendar. With 3rd-party apps, the wheels fell off the wagon insanely fast.

After much searching, I gave up on a unified app like Outlook. There are a few out there, but they either rock at email and totally suck at calendars, or vice versa. None could handle everything. Since I now use Google calendars, Outlook for Mac was right out – it doesn’t support CalDAV, which is required for Google Calendar functionality.

So, it’s now 3 different apps – one for email, one for calendars, one for tasks. While not optimal, I can live with that, if they’d actually talk to each other!

I went with Airmail (US$10 in the App Store) for email, Fantastical (US$49 in the app store) for calendars, and todoist (Free with paid features in the app store) for task lists. This was after much experimentation and finally gave me the integrations I need, but there was a TON of trial and error to get to this point.

I tried one email client (Postbox) that worked really well for email. The layout was perfect for me, it allowed me to archive messages to something besides the “All Mail” folder, and it didn’t appear to be a resource hog. Problems arose, however, when I found out that pretty much every *other* vendor decided to stop supporting it for integration and shortcuts. It operated horribly when it came to calendar invitations, sometimes not bothering to tell the calendar software it got one, other times refusing to open the invitation at all, and always spewing out a ton of garbled text instead of the body of the invitation itself.

Then I focused on the calendar. One software package (BusyCal) was great in terms of layout and syncing with Google, but couldn’t handle HTML in invitations. I’m not sure why that was the case, as it’s 2016 and HTML-based invitations have been around for literally a decade now, but whatever. Since 80% of my invitations were for Webex or otherwise included a lot of HTML, this killed the usefulness of the app entirely.

OK, how about tasks? Miserable. Either they have so many features and “Getting Things Done” rule-sets that they’re unusable for someone like me (classically trained in the Franklin/Covey method); or they were just simple task lists with no flexibility at all. One was so complicated that after a week I gave up even trying to figure out how to move a task and just “completed” it so I could start over and create a new one.

So, I figured a “if you can beat ’em, join ’em” approach and tried out a couple of apps that simply framed up the Gmail website into the app itself. While they both worked, they also both refused to talk to anything except themselves. That meant I was stuck with Google’s horrible calendar interface, or nothing. Not a good trade-off for me. Of course none of them allowed for offline support either, which makes traveling painful when I can’t get wifi. To add insult to injury these apps, while essentially being an HTML wrapper, didn’t support any of the Gmail plug-ins that others in my company use regularly. So I got all the headaches of the web interface, and none of the benefits.

Finally, someone suggested Airmail. It does only mail – nothing else – and is a great hybrid between Gmail features and usability on the desktop. The app doesn’t support plug-ins from the Gmail site, but it does have offline sync, handles HTML mail/invitations well, and plays nicely with the OS X Notification Center. That’s about all it does, but it does it very well, and serves its purpose.

Fantastical gave me a great calendar experience. Showing the week-at-glance in a way that was readable, and easily figuring out what an HTML invitation was. It’s functional, readable, and flexible enough to deal with most common calendar scenarios. The price is rather high, but worth it if you need an independent calendar.

Todoist is the glue that holds it all together for me. It integrates with Airmail (and about 20 other apps) and can easily handle flipping tasks around, shifting priorities, and knowing when I need to see things. On the road, I can email things to Todoist and it’ll throw them in the inbox for me to sort out later.

It’s taken over a month of trial and error, but I finally found a set of apps that give me a workable solution to what should have been a no-brainer situation. I’d really like to see someone come up with a workable all-in-one app for Mac-based Information Workers like me, but I guess there just aren’t enough of us to make it financially workable for someone to do it.

Review: Amazon Prime Streaming iPad App

Photo Credit: PicJumbo
IMG 7422I was an early adopter of Amazon’s Prime Video service. They’ve offered tons of free content and a massive library of purchasable content for years now, and some time back the Amazon Streaming Video App for iPhone/iPad was released to allow folks to take the show on the road – literally. I’ve been a user of that app for about two years now, and the latest update brought a LOT to the table to make it even better.

First things first, if connected to WiFi, you can stream anything in Amazon’s catalog. Search for a show, tap the movie or episode in question, and away you go. Granted, this takes a lot of bandwidth, and you can be sure it’ll be blocked on public and in-flight WiFi services. Many are even getting smart enough to block it through VPN’s, so good luck with that.

However, one of the most interesting functions of the app is to let you download anything you’ve purchased for offline viewing. Get on a good connection, download whatever your device and hold, and you can watch it any time, even without a live connection to the Amazon servers. There was one issue with this feature, however, until recently you could not download anything but paid episodes and movies, no Prime shows or movies at all – that was streaming only.

The latest version of the app changed that to now allow any video in the service to be downloaded for offline viewing, with only a periodic re-connect to the service to verify your continued Prime subscription. Details on how often this happens is scarce, but I have gone several days without being online and had no problems at all. This opens up thousands more TV shows and movies that you can now take with you for anytime viewing.

All in all, if you’re looking for an alternative to iTunes video for long-haul, disconnected travel, Amazon has you covered. Happy viewing!

Zoey Tur and Ben Shapiro – Facing a Troubling Fact

WTF OK, for the first time… well… ever… I have to actually agree with something that came out of Ben Shapiro’s mouth. This is not a comfortable situation.

Before we begin, let me say that Ben Shapiro is a misogynistic, short-sighted, borderline bigoted mouthpiece for the right-wing media. I consider myself a centrist, but for the most part, the stuff he comes up with still doesn’t land on my radar. I will defend to my last breath his right to say what he believes, however – no matter how much I can’t agree with it.

A short while back, he was on the Doctor Drew show with a panel discussing Caitlyn Jenner’s ESPN Arthur Ashe Award for Courage. To absolutely no ones’ surprise, he was totally against it. While Mr. Shapiro did indeed spout off with borderline bigoted comments, what happened during the show deserves further attention, and is being largely ignored and/or used to highlight Mr. Shapiro’s bias in many matters. The problem with this is that the incident has nothing to do with his short-sighted opinions, and more to do with a threat made against him on national television.

Here’s the relevant snippet of the show:

YouTube Clip

While I applaud Ms. Tur for standing up for her rights and opinions, the way she did it is unacceptable, inexcusable, and not helping anyone.

The discussion was heated, with Mr. Shapiro flat out refusing to use feminine pronouns to refer to Ms. Jenner; even going so far as to repeatedly refer to transgender identity as delusional. He was crude, impolite, and politically incorrect – but absolutely none of this is either out of character for Mr. Shapiro, or reason to threaten the man with physical harm. Ms. Tur specifically, and with no room for mis-interpretation, threatened the man with bodily harm on a nationally televised program. It’s there, on film, with all of the previous events leading up to it and none of them justifying it.

Mr. Shapiro has indeed requested that law enforcement investigate the matter, and I’ve got to say that’s about the most responsible thing one can do under the circumstances. He didn’t retort with his own threats, he didn’t storm off the stage as so many others have done in similar circumstances, he didn’t even take a cheap verbal shot at her. He just continued on with his – granted, ill-received – argument as if the threat didn’t occur, then followed the appropriate course of actions and brought the matter to the attention of the police.

Say what you want about Mr. Shapiro’s opinions – and I will do so continually – but no one should be threatened with harm because of an opinion. That’s what lead to the Danish Newspaper Cartoon killings, the attack on Charlie Hebdo, and so many other incidents it is sickening. The saddest part of this whole thing is that people proclaiming “Jes Suis Charlie” after the shooting are amongst the same people saying that Ms. Tur was reacting appropriately.

I agree with, and applaud, Mr. Shapiro on this one topic. We don’t see eye-to-eye on nearly anything, and actually don’t even see eye-to-eye on the topic he was speaking about when the incident happened. That doesn’t change the fact, however, that he was threatened with bodily harm. No one – not even those we vehemently disagree with – should ever have that hanging over them.

Encouraging and exploring free speech is a double-edge sword. It only becomes one sided when actual swords start rattling over it.

On Changing from We to They

Photo Credit: PicJumbo
IMG 9748 Jumping from one employer to another is never easy, but doing it after over a decade with your former employers can lead to some very interesting issues. Not the least of which, for me, is suddenly finding yourself in the very odd position of moving to knowing that people you’ve considered part of your work life for years and years are no longer “we.”

Back in my days of so-called wolf-packing from one startup to another; none of us were around one company long enough to truly get the sense of “we.” Any time you approached that level of corporate identity, you either jumped ship because your wolf-pack colleagues were building up a new startup, or because the one you were in was going under. Thankfully, those two scenarios only intersected in my career once, but that was – in the general marketplace – another common reason why “we,” never really latched on to any of us. When I found a home for so many years I found not only new technology platforms we built becoming standards but other employees who were there just as long as I was, “we” became me.

It was an odd feeling for those of my generation in technology. Other verticals, like healthcare and financial firms, do tend to have folks who sign on board and end up staying in the same company their entire careers, but tech moves and changes so quickly and so often that long tenure isn’t typically even an option, much less a common occurrence. Most people I know in the field stay at one company for a maximum of three to five years, and so many co-workers come and go during that time that a collective noun just doesn’t get a chance to stick.

So, when I did finally step out of a long-standing employment gig, and into a new one, for the first time in so long; I suddenly realized that I had become part of the proverbial “we,” and more unnervingly I had to deal with the issue of that life becoming a “they” overnight. It’s not a comfortable position to be in, and thankfully my new co-workers have mostly come from the same situation and are able to help me deal with it, but it is what it is. “We” have become “They” – and I can’t do much but hope to get used to it quickly and move on.

How do you deal with that change in your work life? How can you force your brain into wrapping itself around the fact that the internal communities, political cliques, and personal relationships that defined your day-to-day are now something you exist outside of? More importantly, how do you deal with the fact that it isn’t who you are any longer? After all, melding to become part of “we” changes you to the core, and now that core is gone.

For me, the process is on-going, but I’ve found a few ways to help hurry it along so I can move on and get on with new adventures:

1 – Acknowledge that it won’t be easy. You’ve worked with these people, places, and policies for a chunk of your life. They’ve changed you, and you’ve changed them in at least some ways. Recognize that the transformation from seeing them as part of “we” to being “they” won’t happen overnight. Beating yourself up over it won’t make it any easier, and will make the whole process take a lot longer.

2 – Don’t constantly correct yourself out loud. In your head, make sure to mentally correct yourself when you accidentally say things like “We do it this way” when you meant to say “They do it this way,” but don’t immediately and constantly re-state your statements out loud. First, it’s insanely awkward for everyone listening to you. Once in a while, it’s funny and charming. If you do it every single time, it becomes annoying. Your co-workers know you’re going through one hell of a transition, they know what you mean when you use the wrong pronouns, and as long as they can still see you’re trying to shift your mindset, they’ll let the mistake slide.

3 – Do mentally correct yourself whenever you can. I find that if I’ve said “We do X this way” out loud, a quick mental note that “THEY do X this way” in my head doesn’t break the flow of my thoughts, and reinforces the desire to get the pronouns right over time. You should mentally check yourself and correct the statement in your head, training your brain to pick the right pronoun the next time you have to make the sentence come out of your mouth.

4 – Mentally note when others do it. If you’re in a situation where there are other employees in the same boat, make sure you mentally note when they use “we” instead of “they.” This is not an exercise to see who does it more, but rather a mnemonic you can use to help yourself. By noticing when it happens to others around you, your own brain can form more concrete pathways that help you also start using the appropriate pronouns yourself.

5 – Don’t go correcting others when they do it, at least not as a rule. Again, once in a while, reminding someone that it’s “they” and not “we” can be a good thing, but don’t be that guy/girl who constantly harps on it. First, you look like a douche, but more importantly it doesn’t help either of you. I have a few folks at my new company who remind me once in a while – when it’s appropriate or funny or will break tension. That has been a huge help for me and them alike. But I’ve worked in places where someone will religiously correct the new guy who uses the wrong pronouns, and they just look like assholes.

Finally, remember the immortal words of Mrs. Hughes from Downton Abbey, “There’s no shame in feeling homesick. It means you come from a happy home.” Keeping good memories of where you came from and who you knew there and considered “we” is nothing to be ashamed of. Over time, your brain will recognize that “we” have become “they,” and in the meantime, start finding your new “we” and you can begin to move on.

10 hours in the air

Photo Credit: PicJumbo

IMG 9426

You folks all know I travel quite a bit. Planes, trains, and automobiles – though regretably without John Candy as a sidekick. Recently, I was trapped on a 10 hour flight overseas, and frankly I am not impressed.

Years ago, when I did such a trans-continental flight, the coach seats were slightly more roomy than coach on domestic flights, and the whole business of charging for “extra” legroom (a total joke) was not a consideration. Flying United to Tel Aviv has shown me just how far long-haul flight experience has tanked in the intervening years.

Let’s start with boarding the plane. If course the first class, disabled, uniformed, and other people get on first. That’s actually fair, and I have no objections.

Then it all goes to hell.

Between the priority boarding for credit card holders, frequent flyers, and pretty much anyone who has absolutely any claim at all to it; 3/4 of the plane boarded before us shlubs who had just normal tickets even had a chance to see the gangway. By the time I got on, 90% of the overhead bins were full, everyone was already seated around me, and it was pure hell. Now, I was in the middle of the plane, so theoretically first class, and everyone behind me should be on, but not everyone around me and in front of me too.

So, I get on the plane, sit down, and realize that the extra legroom seat I did shell out for (it being a really long flight) was pretty much the same as any other domestic plane pitch from as little as 3 years ago. God help everyone who didn’t get extra leg-room, I can only image the hell of 10 hours with their knees jammed up against their chests.

In flight service was actually pretty good. When cabin service happened, real meals were served, you could ask for a can of soda or bottle of water instead of a cup of the stuff that’s 90% ice, and the staff were pretty friendly. But the constant movement of beverage carts up and down aisles that were barely big enough to manage that made it impossible to get up and stretch your legs. This became even more critical considering the abysmal seat pitch we all had to put up with. Deep Vein Thrombosis is a very real and very deadly medical condition undeniably tied to being jammed in airline seats for hours on end. The inability to move – pretty much at all – is just the airlines begging for massive lawsuits.

Added to this, it was literally hours between visits by any cabin crew. Granted, I can’t expect them to be continually roaming the aisles; but seeing one of them check in on things every few hours might be nice.

Listen up, American air carriers, it’s time to get in-step with your overseas counterparts and stop treating your passengers like veal – penned in and miserable. Widen the isles, increase sit pitch so the guy in front of me doesn’t lean his seat back into my lap, and start understanding that we’re human beings who deserve at least the most basic levels of respect and dignity.

The Real Story Behind the Apple Privacy Statement

Photo Credit: PicJumbo
IMG 7446 [Editor’s note: Neither the author nor anyone associated with this blog is a lawyer of any kind. This blog is not to be taken for legal advice under any circumstances. If you have a personal privacy question of law, consult a trained and licensed attorney.]

There’s been a LOT of talk about how Apple is standing up to the Federal Government (and specifically the FBI) in the news, and it’s important to realize why the stance Apple is taking matters. This is not a blanket statement against the government cracking encryption (which is a good stance to take, but not what is at stake here).

The major issue is that what many people (even some IT Professionals) think is happening is not what is actually happening.

Basically any iPhone or iPad running iOS 8 and up produces a situation where the government cannot easily get to the data stored on a phone which has been locked with a 6 or more character passcode and disconnected from iCloud. The reasons for this are complex and highly technical, but the basic idea is that not even Apple can reverse the process of a phone locked in such a way. Mostly, this is because the phone’s own internal identification data is combined with the passcode to create a hash – a mathematical representation of the two values that makes up the key to unlock the encryption. Put in your passcode correctly, the mathematical equation output matches what the phone is expecting, and the phone unlocks. Put in the wrong passcode, and there’s no match, and the phone stays locked tight. Put in the wrong passcode enough times, and the phone forgets the key entirely, essentially permanently encrypting all the data – with the same impact as erasing all of it as far as the government is concerned.

In this case, a phone that was in the possession of one of the San Bernardino shooters has been locked with at least a 6 character passcode, and was disconnected from iCloud about a month before the shooting. That means that the government has 10 tries to get the code, or the phone irreversibly loses the encryption key, rendering all data sitting on the phone pretty much unreadable forever.

Here’s where things get tricky.

Apple is not saying they are refusing to unlock the phone for the FBI, or that they refuse to give the government anything Apple has access to directly. This is a common misconception widely reported by the media, and is flat out wrong. Apple *cannot* unlock the phone. It’s not physically or digitally possible for them to do it without changing the codebase that iOS 9 (which is on the phone) uses. Apple *can* give – and has already given – the government anything stored in iCloud. Apple has done this before when there is a valid warrant for that data, and it’s stored by Apple’s encryption, so they can reverse it and provide the info.

The issue here is that the shooter either broke iCloud backup, or manually turned it off, about a month before the shooting. That means that the majority of the information the government wants is located – and is *only* located – on the phone. Since Apple cannot reverse the locking mechanism of the phone, they do not have access to that information and can’t hand it over to the government even if they wanted to.

What Apple can do – and is refusing to do – is give the government a way to perform what is known as a “brute force” attack against the phone. A brute force attack is literally a person or computer trying combination after combination until they hit the right passcode. Normally, each try at the password takes a tiny amount of time to process, and iOS adds a tiny amount of time to that as a measure against exactly this kind of attack. To a user, this isn’t an issue, as a human entering a code won’t even notice it; but a brute force attack requires thousands of attempts to be processed automatically by a computer, and those tiny amounts of times add up to a LOT of extra time when you’re doing it at that level. The second – and more pressing – issue is that after 10 tries, the phone will never be un-encryptable. Ten tries is nowhere near enough to accomplish a brute force attack, and based on what the government is saying, they’re around try 8 right now with no success.

So what can Apple do? They can provide a signed version of the iOS software which can overwrite the restrictions in iOS which protect against such a brute force attack. Basically it would allow someone to make an infinite amount of tries, and remove the pause between attempts. This would allow a government computer the ability to try thousands of attempts, until they happen upon the right passcode and the phone unlocks itself.

This leads to the question, “If Apple could do this, why don’t they?” The answer is the heart of the matter, and a major issue in the field of personal privacy.

Apple could provide a software update to the government, which could be applied via the lightning port (just like you can do with the official software updates if you don’t want them to download right to the phone). They can create an update that allows the government to do what they’re trying to do. The problem is that doing so unleashes a genie that no one wants to see let loose. Putting that kind of software into even the US government’s hands means it is out there. In the same way as the government could use it to brute force crack a phone open when they have a valid warrant, anyone else who got their hands on the code could do the exact same thing with nothing standing in their way. Hackers the world over would quickly be able to break the phone’s security simply by physically getting the phone in their hands for a long enough period of time.

Basically, this is like the government asking Medico or Scalage or another lock maker to provide them with the means to create a key that will open every single lock that manufacturer ever made, given enough time and tries at it. While theoretically possible, it won’t be easy to do, and the harm it could do to millions of people would far outweigh the good it could possibly due for this one – albeit truly significant – criminal case. (Hat/Tip to Henry Martinez for that analogy)

Apple believes that this is a step beyond what they are reasonably expected to do, and the government’s requested methodology would leave millions of other iPhone users open to the potential to be hacked and have their phone data stolen. Once the code exists, someone will figure out how it is done and start using it to hack peoples’ devices in short order. The trade-off is simply not balanced enough to warrant first building and then giving the FBI the altered iOS software update.

Who will win? That’s up to the courts to decide. At this point both sides have valid legal standing and a lot of ground to stand on; but that means both sides could win or lose this one. Don’t be surprised if this goes all the way up to the US Supreme Court, as both sides are apparently going to fight this to the bitter end. Personal privacy and protection for everyone not involved in the crime versus the government’s lawful ability to gain evidence in a criminal case is not something that will be decided quickly or easily – but it is of vital importance to every one of us. Can the government demand something that could so easily be used for both their good and everyone else’s evil? Can Apple refuse to provide a software solution that is within their ability just because of the potential for it to be used maliciously? Unfortunately, current law has not quite kept up with the world of technology as it speeds ahead of lawmakers.

Either way, Apple is bent on fighting this as much and as long as they can, and either way, I think that shows a remarkable level of responsibility and care from them. I expect the government will also fight to the last breath, because the matter is critical to their ability to fight terrorism and other criminal activity. Bot sides are right, both sides are wrong, and I feel horrible for the judges that are going to have to figure this one out.

The times, they are a changin’

Photo Credit: PicJumbo
Bonus IMG 5961
Many of you know that I had been with my until-very-recent employer for nearly 15 years. I’ve seen them go from a fledgling startup to a massive power in the field of High Availability and Migration software during that time, and I’ve been consistently proud of the platform, and proud to be part of the organization. But all good things, it is said, must eventually come to an end.

A short while ago, I tendered my resignation after accepting a position at another firm. While the decision wasn’t an easy one, and took a long time to come to me, it was time to make a change.

I will never forget all the experiences of a decade and a half of new technologies, new frontiers in server IT and Operations, the advent of the virtual datacenter, the advent of no datacenters (Cloud technologies), and the struggles of everyday IT and DevOps administrators in keeping up with the world blurring by. I’ll remember the day we changed the name of our company to match our flagship product, and the day we took the company with that new name public. I’ll remember the leaner times, as the economy contracted and our business was forced to do the same; but also the positive moves which positioned us to remain a leader in our industry.

I don’t think I’ll ever forget the transition to a new corporate identity when we got acquired; the melding of two mindsets and ways of accomplishing goals to keep the best ideas and discard the rest. The process wasn’t easy, and wasn’t always kind – or often even fair, but it was remarkably rewarding as we strove to reach the next level in our corporate evolution.

So now, I’ll take all those memories and bring that experience to bear on a new market. Stratoscale will be my new home, and with luck the place where I spend the next 15 or more years of my career. Their technology is incredible, and their people are some of the most talented and driven I’ve ever had the chance to work with. Even as a new player on the stage, they’re already getting rave reviews and making waves in the industry.

Those who know me also know that wherever I go, those I work with change the world. I work for and with innovators, visionaries, people who shape technology and guide its evolution. This move is no different, as that’s exactly who Stratoscale is. Keep your eyes open, and see what we can do!

And to those I leave behind: Never forget who we were, what we built, and where the future can take you. I won’t be far, I won’t forget the times we’ve had, and no matter what; I will always be proud of every memory you gave me to take with my on the journeys ahead.

Miketalon.com Privacy Policy