Category Archives: FAIL

2017/06/06 · 12:00

Training Tuesday: time to work on my bike repair skills

Warning: this post contains disturbing images of graphic violence that may not be suitable for some viewers. Viewer discretion is advised.

This weekend, Dana and I had planned to go for a bike ride on the Arsenal, so I loaded up my bike. First, though, we’d planned to go see Wonder Woman (which I highly recommend– great flick). Because I didn’t want to have my bike stolen by some miscreant, I secured it to the rack with a cable lock.

After we left the theater, I heard a thump and looked out my rear view mirror just in time to see my poor bike departing its slot in the rack, where it was dragged along for 50yds or so by the cable lock until I could safely pull over.

Dana is not amused.

The first thing I noticed was that I’m going to need new handlebars (and bar tape, which I wanted to replace anyway).

Ever wonder what carbon fiber looks like on the inside? Now you know.

The front tire sidewall was abraded enough to ruin the tire, and the corner of the saddle got chewed up pretty badly too. I think I can duct tape this as a temporary fix.

Sad saddle

The retaining strap that I used to secure the wheel to the rack slot was missing. My best guess? Someone wanted to steal the bike, lifted the top clamp, and then gave up when they found the cable lock in place. I didn’t check the rack so I didn’t notice until it was too late. Thankfully the frame and the carbon wheel fairings seem undamaged, although the rear freehub is making a new noise I don’t like. Bar tape is en route from Amazon and mi amigo Lance is giving me a spare set of bars, so hopefully this weekend I can watch enough YouTube videos to learn how to disassemble my brake hoods and shifters, port them to the new bars, and wrap everything.

Meanwhile, I still don’t have a saddle for my tri bike, so I either better get to Bicycle Cove and spend some money or swap out running for riding for the next week or two…

2 Comments

Filed under FAIL, Fitness

Tagged as cycling, training tuesday, triatlon

2016/07/21 · 07:10

nFlightCam vs Squawk Shoppe cockpit audio adapters

First I bought this adapter from nFlightCam. It didn’t work properly— my phone didn’t recognize that it had a mic plugged in so all I got was loud propeller noise. After testing it, I sent three mails to nFlightcam customer support (since they don’t have a phone number) and got no response.

Then I ordered this adapter from Squawk Shoppe. Immediately after placing an order, they offered to connect me with their Facebook bot for order status, which worked flawlessly. I got the adapter when promised and it worked perfectly.

Then, just before a cross-country plane trip, nFlightCam answered my support email and offered to send me a replacement. That was 13 days ago and, you guessed it, no replacement has arrived.

Executive summary: don’t buy anything from nFlightcam; despite their heavy advertising, their customer support is slow and unresponsive and (at least for me) their build quality suspect. I see from reddit that other users have been happy with their products so YMMV.

Appareo Stratus and planned obsolescence

Back in September 2013, I bought an Appareo Stratus from Sporty’s Pilot Shop. I thought it was expensive, but getting in-cockpit weather and ADS-B traffic data, displayed conveniently on my iPad, was highly valuable. I have used it on almost every flight I’ve made since and it’s proven its value multiple times— being able to see weather while in flight is a huge safety benefit.

Recently I noticed that it was running out of battery unusually fast. Even if I left it plugged in overnight, it would only run for a few minutes when unplugged. I sent Sporty’s customer service an email asking about repair cost. Here’s what they said:

I am sorry, but we are unable to repair the Stratus 1.

We are able to offer $100 off the purchase of a Stratus 1S or 2S.

This is infuriating. The device is not even 3 years old yet, and the manufacturer won’t even attempt to repair it. Offering to let me pay $449 ($549 for a Stratus 1S minus the $100 credit) to get a device that, when it dies, likely will suffer the same non-support is a complete non-starter. I don’t expect a $50 consumer device to have lifelong support, but an $800 aviation device is a completely different story.

So, no thanks, Sporty’s. I’ll keep my money and build a Stratux instead. If this is the level of support I can expect, I might as well save a few bucks and do it my damn self. And when my Foreflight subscription expires, I’ll have to give serious thought to whether I want to continue to support them given their interlocking relationship with Appareo and Sporty’s. Meanwhile, time to take apart the Stratus and see about replacing its battery pack.

(n.b. the avionics stack in our plane has ADS-B weather and traffic, and it will soon be able to push those to the iPad over wifi. However, when I fly rentals or in other peoples’ planes, having a portable device is still a big winner, as is having the redundancy of a second ADS-B receiver just in case… so although I don’t have a single-point dependency on the Stratus I’ll still replace it).

4 Comments

Filed under aviation, FAIL

2016/02/12 · 08:52

Flying Friday: my airplane’s broken, so here’s a blimp

I went to Tampa yesterday to pick up 706 from the shop. I was expecting to write a triumphant post today about flying behind all the new goodies. However, the GPSS steering system is confused and steers the airplane in the opposite direction, so I had to leave it there for further troubleshooting. Instead of my triumphant post, here’s a short video of the DirecTV blimp, which happened to be at the airport at the same time as me.

Garmin Fenix 3 drops data from Stages power meter

I’ve been ignoring this problem for a while, hoping that it would be fixed in a firmware update, but it persists, and I finally got aggravated enough with it to write this post (and to engage Garmin support). The problem is simple: my Garmin Fenix 3 triathlon watch will not reliably record data from the Stages power meter I have on my bike.

A quick digression: there are two major standards for wireless exercise sensor connectivity, Bluetooth Low Energy (aka BLE and Bluetooth 4.0) and ANT+. Some devices support one or the other, and some devices support both. For example, my heart rate monitor (the excellent Scosche Rhythm+) simultaneously transmits both ANT+ and BLE signals, but my Wahoo speed/cadence sensor is ANT-only. When I ride, I usually use two devices: my old iPhone 4 on the handlebars, in a Wahoo case that has a built-in ANT+ adapter, plus my Fenix 3. The iPhone is too old to use BLE, and turning on BLE on the Fenix 3 dramatically drops its battery life, so I’m using ANT for all the sensor data. Having two devices means that sometimes I forget to start or stop one device or the other at various points, so I often have mismatched data between the two.

A picture will illustrate the problem most clearly. When I use the Fenix 3, I end up with ride data that looks like this:

Bad power data is bad

As you can see, the power graph has a few spikes with lots of flats– and an average power of only 23W. (I’ll get to why the average is important in a minute). By contrast, here’s what the ride looked like when captured with the Strava app on my iPhone 4. Note that the power data much more closely tracks the speed, cadence, and HR data.

That's more like it

So why is this important? First of all, as a techie, it annoys me when two things that are supposed to work together won’t. More importantly, I actually use the power data from these rides in two ways. While I’m on the bike, I use it to gauge and adjust my level of effort. For example, yesterday’s ride was pretty windy, so I tried to hold a steady 190-210W while riding into the wind, keeping my level of effort constant and accepting whatever speed that gave me. After a ride, my coach and I use the power data to plan my recovery time and to identify areas where I need more practice (e.g. climbing hills). Having inaccurate or dirty data makes both of these uses impossible.

The Stages power meter support FAQ suggests moving the watch around, but I haven’t tried that yet. My troubleshooting efforts so far have been limited to changing the battery in the Stages and making sure the Stages and Fenix both have the latest firmware. I’ll see what Garmin support has to say. Hopefully they have a magic fix; I have a very early-model Fenix 3 so maybe they’ve made some improvements since launch. Until then, I’ll keep recording each ride twice and keeping the cleanest data.

17 Comments

Filed under FAIL, Fitness, General Tech Stuff

Tagged as cycling, Garmin, triathlon

2015/12/18 · 18:00

iOS charging woes

I have been meaning to write a long article about why I moved from Windows Phone back to iOS, and the good and bad parts of the transition, but I’ve been too busy to bother. I do have time for a quick rant, though: damn, I am tired of having charging problems.

See, Apple has this logo certification program called “Made for iOS.” Join it, and your devices (which might include chargers, cables, etc) can be certified as compatible with Apple devices, and you get a cool logo. Sure, it costs you a few bucks to sign up and get certified, but it’s cheap insurance. Nice line of chargers and cables you’ve got there. It’d be a real shame if anything happened to it.

On my last two road trips, previously-working cables have suddenly started producing the infamous “this accessory may not be compatible” message. Once that happens, it’s game over. The phone (or iPad) will no longer charge from that cable. If you happen to be on a road trip, well, too bad. Luckily I had a spare, but I am now nearly out of working cables, and there’s no guarantee that the name-brand cables I bought from Amazon (all of which were from vendors who claimed to be MFi certified) will keep working. Of course, because it’s Apple, there’s no way to override this dialog, ignore it, or force the device to talk to a tainted cable– once the cable is blacklisted, it’s no longer usable with that device at all.

The worst part? I’ve seen many reports of this happening to people who bought cables and chargers from the Apple store. Since I am unlikely to ever do that I’m not too worried, but I hate the precedent, and the inconvenience factor has been pretty stunning compared to my easy prior life of using micro USB cables with my Lumias. While I understand Apple’s desire to protect the IP embodied in the Lightning interface, and while I even believe that part of the rationale behind blocking non-certified devices is to prevent bad customer experiences, the whole thing has left an unpleasant taste in my mostly-discharged battery.

5 Comments

Filed under FAIL, General Stuff, General Tech Stuff

2015/04/19 · 10:02

A brief rant about the Mac Lync client

I’m supposed to be working on my Ignite slides, but I just ran into something that has flipped my safeties.

I just don’t understand.

Sure, I know the Lync/Skype for Business team has a lot of irons in the fire, what with their new product line and all. And I get that the Mac install base is small relative to the other things they have to do. But there is no reason I can see for the Mac Lync client to be as buggy and underfeatured as it is. They’ve had years to improve it.

The Lync PG has proven they can do rapid engineering work, as evidenced by the excellent speed and quality of the Lync mobile apps for Android and iOS.

And they’ve proven they can build a robust client, as evidenced by the history of the Lync desktop client for Windows.

The Mac Office team, for their part, has shown that they can produce high-quality clients that reliably work with Microsoft’s services.

So why does the Mac Lync client make me want to start throwing things?

Today’s example: I am signed into Lync with my work account. I want to create a meeting in my personal Exchange calendar, invite attendees, and set it up as an online meeting. This is trivial using Windows Outlook and the Lync (and, now, SfB) client: create the invite, click the “Lync meeting” button, and boom.

On the Mac, however, this scenario doesn’t work– clicking the “Online Meeting” button produces an obnoxious dialog telling me that I must be signed in to the same account in Lync as I’m using in Outlook.

This is just the latest in the pecked-to-death-by-ducks experience of using the Lync client on a Mac. In honesty, the client is more stable and has more features than its predecessors; hell, it even supports the Conversation History folder now. But what I want is a robust client, with feature parity with Windows, that works to enable the same scenarios I can easily perform in Windows. That’s not too much to ask.

I don’t know (and, as an end user, don’t care) which team inside Microsoft owns this. And I don’t have an opinion on who should own it. All I want is a solid client experience.

(And while I am on a rant: damnit, the Windows Phone sync client for the Mac is a giant pile of fail. Microsoft has apparently abandoned it in place. Bug reports go into a black hole. Latest example: after months of prerelease availability, Apple released the Photos app and… surprise… the WP8 sync app doesn’t work with it.)

6 Comments

Filed under FAIL, OS X, UC&C

2014/08/27 · 21:11

Rocketman 2014: my epic fail

In idle conversation with my friend and fellow TRI101 attendee Alex, we started kicking around the idea of forming a relay team to do the Rocketman Olympic-distance triathlon. The Olympic distance is the next step up from sprints; it combines a 1500m swim, a 40Km bike ride, and a 10Km run. I figured I could do either the bike or run, but not both back-to-back, and I knew I didn’t want to attempt the swim… but Alex is a strong swimmer and he jumped at the chance. We recruited Ryan, another TRI101 member who runs ultradistance races, and we were all set.

In the weeks leading up to the Huntsville Sprint, I’d been thinking about buying a new bike. Instead of splurging I decided to rent one from Madison Cycles and give it a try for this race. I picked it up on Wednesday, but didn’t get to ride it until Friday, at which point it scared me badly! At nearly 10lbs lighter than my normal ride, and with much narrower tires, different geometry, and different gearing, it felt much less stable, and after my first ride my shoulders ached from gripping the handlebars so hard. On Saturday I rode it again and felt a lot better, though. I packed my stuff, attended the race brief with Alex and Ryan, and got to bed at a reasonable time. Sunday morning found me up at 0430 to finish my last-minute prep and drive out to the Arsenal’s recreation area, which abuts the Tennessee River. I’d signed up for a volunteer shift at the packet pickup booth, where I had a grand time visiting with friends and helping triathletes get their packets and swag for the race. The morning was cool and overcast, and as dawn broke I was excited about the race.

I met Alex and Ryan at the transition area, got everything set up, and headed over to the swim area. In a relay race, the swimmer starts with the timing chip and hands it to the cyclist in T1, then the cyclist hands off to the runner in T2. Rocketman has a separate transition area for teams, which is handy. Once Alex started the swim, Ryan and I hung out in the transition area until he came out, then I was out the chute and on the bike. By this time it had warmed up a bit, but it wasn’t too bad, and I felt great. Fresh breeze! Beautiful scenery! I’d violated my normal “nothing new on race day” rule and was sporting a Camelbak for hydration; I figured it, along with two water bottles on the bike, would keep me well hydrated.

The first mile of the course went by smoothly and quickly. I was keeping an eye on my pace because 40Km was about a third farther than my previous longest ride, and about half again as long as my previous longest race, but I was still feeling great as I rounded the turn near mile 2… and then suddenly it seemed like the bike was slowing down. I pedaled faster. This had no effect other than to rock me back and forth in the saddle. “Maybe I need to shift some more,” I thought. So I did, fiddling with the bike’s four shift levers in a fruitless effort to stop decelerating. Finally I had to unclip and pull over, where after some experimentation I found that the freewheel gear inside the rear hub had broken or something. Pedaling turned the crank, which moved the chain, which turned the rear cassette, which did nothing to the back wheel. I fiddled with it for another 10 minutes or so, to no avail; then I reluctantly turned the bike right side up and started the Walk of Shame back to the corral.

Along the way, I am happy to say, probably 4 out of 5 cyclists who passed by me asked me if I was OK. I appreciated their support a great deal, though they were moving too fast for me to do more than shout “THANKS!” at their rapidly receding backs. At one intersection, world-famous race photographer Gregg Gelmis was set up and captured the moment:

Me after my rental bike crapped out during Rocketman 2014

Thanks to my distinctive jersey (which I love, so shut up, haters), Alex and Ryan could see me before I made it back into the corral and they knew something was wrong. I am very grateful to them for how gracious they were; the mechanical failure of my bike meant that I officially did not finish (DNF’d) and so our team was marked as DNF’ing. Ryan ran the 10Km leg anyway and turned in an excellent time; while he was killing it in the 90-degree sun, Alex and I got to cheer a number of our TRI101 friends and coaches as they crossed the finish line. (Results are here if you want to see how fast everyone was.)

The Madison Cycles folks were very apologetic, and I’m sure they’ll settle up with me when I get back home. Mechanical issues happen. as anyone who’s owned any device more complex than a pencil knows well, so I don’t blame them, but it was still frustrated because I was excited to compete. I still had a great time; I especially enjoy the social aspect of triathlons because, while it’s a very competitive sport, the competitors tend to be very friendly and incredibly supportive. It’s a sport where you can take genuine pleasure in the successes of your friends, which suits me just fine.

The only thing to do: come back next year and DO THE WHOLE RACE. That will show ’em.

3 Comments

Filed under FAIL, Fitness

Tagged as cycling, fitness, triathlon

2013/08/31 · 05:28

Microsoft Certified Systems Master certification now dead

I received a very unwelcome e-mail late last night:

Microsoft will no longer offer Masters and Architect level training rotations and will be retiring the Masters level certification exams as of October 1, 2013. The IT industry is changing rapidly and we will continue to evaluate the certification and training needs of the industry to determine if there’s a different certification needed for the pinnacle of our program.

This is terrible news, both for the community of existing MCM/MCSM holders but also for the broader Exchange community. It is a clear sign of how Microsoft values the skills of on-premises administrators of all its products (because all the MCSM certifications are going away, not just the one for Exchange). If all your messaging, directory, communications, and database services come from the cloud (or so I imagine the thinking goes), you don’t need to spend money on advanced certifications for your administrators who work on those technologies.

This is also an unfair punishment for candidates who attended the training rotation but have yet to take the exam, or those who were signed up for the already-scheduled upgrade rotations, and those who were signed up for future rotations. Now they’re stuck unless they can take, and pass, the certification exams before October 1… which is pretty much impossible. It greatly devalues the certification, of course, for those who already have it. Employers and potential clients can look at “MCM” on a resume and form their own value judgement about its worth given that Microsoft has dropped it. I’m not quite ready to consign MCM status to the same pile as CNE, but it’s pretty close.

The manner of the announcement was exceptionally poor in my opinion, too: a mass e-mail sent out just after midnight Central time last night. Who announces news late on Friday nights? People who are trying to minimize it, that’s who. Predictably, and with justification, the MCM community lists are blowing up with angry reaction, but, completely unsurprisingly, no one from Microsoft is taking part, or defending their position, in these discussions.

As a longtime MCM/MCSM instructor, I have seen firsthand the incredible growth and learning that takes place during the MCM rotations. Perhaps more importantly, the community of architects, support experts, and engineers who earned the MCM has been a terrific resource for learning and sharing throughout their respective product spaces; MCMs have been an extremely valuable connection between the real world of large-scale enterprise deployments and the product group.

In my opinion, this move is a poorly-advised and ill-timed slap in the face from Microsoft, and I believe it will work to their detriment.

18 Comments

Filed under FAIL, UC&C

Tagged as Exchange, Exchange 2007, Exchange 2010, Exchange 2013

2013/04/22 · 22:13

Blacklist blacklist blacklist: the forbidden word

I just got chapter 6 of Exchange 2013 Inside Out: Clients, Connectivity, and Unified Messaging back from Microsoft Press. Like most other major publishers, Microsoft Press has a strict process to try to catch potentially offensive, libelous, slanderous, or sensitive terms before they appear in print. In this particular chapter, the editors requested many changes because of the odd vocabulary associated with message hygiene. For example, it’s OK to say “spam” to mean “an unwanted commercial e-mail message,” but it’s not OK to say “ham” to mean “a legitimate or desired commercial e-mail message” because in some book markets, ham is either unheard of or regarded as offensive.

However, they also busted me for using “blacklist,” as in “real-time blacklist.” This is the accepted term of art for a DNS-based system that allows an e-mail server to look up IP addresses of senders in real time to decide if they appear on a list of known or suspected spammers. Apparently “blacklist” is an offensive word in some contexts, although I’m having a hard time figuring out where or why.

Imagine my surprise when I fired up my Xbox tonight and saw this:

NewImage

Now, to be clear, I get it– Microsoft Press is not the same as IEB, Microsoft’s behemoth of a business unit. I’m sure they have different rules or something. And my editor, bless her heart, is only enforcing the rules forced on her by some clique of zampolits…but seriously?! Xbox LIVE has tens of millions of worldwide customers who are seeing this forbidden word. On the other hand, my book, if I am very lucky, may sell as many as 25,000 copies (that would make it a runaway hit by computer book standards), and yet I can’t use a well-known and commonly accepted term in context.

Sheesh…

3 Comments

Filed under FAIL, UC&C

Tagged as writing

2013/04/20 · 17:36

Exchange OWA IM integration and Lync trusted application pools

I am a bit ashamed to say that I wasted most of a day on this, but I’m posting this in the hopes that I can help someone else avoid the same mistake I made.

I just spent about five hours troubleshooting why I couldn’t get Exchange 2013 Outlook Web App to display IM and presence data from a Lync 2013 standard edition server. I had carefully followed the integration steps in the documentation, including the part that says this:

If you have installed the Microsoft Exchange Unified Messaging Call Router service and the Microsoft Exchange Unified Messaging service on the same computer then there is no need to create a trusted application pool for Outlook Web App. (This assumes that the server in question is hosting a SipName UM dial plan.

So, having read that, I didn’t set up a trusted application pool or trusted application… and IM didn’t work.

I fussed with certificates. I read a ton of documentation. I swore. I drank too much diet Coke. I ran OCSLogger and found errors about an unknown peer. “AHA!” I thought. “There must be an error in the docs and you really do need to create a trusted application pool.”

So I created the pool and the trusted app. Two quick lines of PowerShell, a quick login to OWA, and voila:

NewImage

As much as I would like to claim that it was a documentation error, this was pure fail on my part: the problem was that my Exchange 2013 server doesn’t host a SIP dial plan, so Lync doesn’t automatically add it to the Lync known servers table. It will have a SIP dial plan when I get to the next section of this chapter, but that’s a post for another day.

So, in summary: yes, you do need to create a trusted application pool and application for your Exchange servers even if they are multi-role unless they are hosting a SIP dial plan.

Now, time for another diet Coke…

5 Comments

Filed under FAIL, UC&C

Tagged as Exchange 2013

2012/12/27 · 05:45

Bad experience at Larry’s Pistol and Pawn in Huntsville

I’m not really a complainer by nature (thank goodness), and I don’t tend to have problems with customer service at most of the businesses I deal with– in part because I am picky about who gets my money. Having said that, I had a bad experience with Larry’s Pistol and Pawn in Huntsville that I wanted to document.

Larry’s has been in business for a long time; when I moved to Huntsville in 1991, they had the only indoor pistol range in town. As long as I’ve lived in the area, I’ve shopped there, and I’ve never had a bad experience. Yesterday, though, I had a salesman who was both discourteous and uninformed about the law. He refused to sell me a rifle because I am a dual resident of California and Alabama– “I won’t sell you this because it’s not legal in California,” he said.

I explained that I’d just gone through the same process at another local store, which had called the local Bureau of Alcohol, Tobacco, Firearms, and Explosives (BATFE) office to confirm that it was legal. According to 27 CFR 478 § 11, it is in fact legal for a US citizen who resides in more than one state to purchase a long gun in any state of residence. I meet the legal residency definitions for both Alabama and California, and if you read Example 2 in the definition for “State of Residence” it’s clearly applicable.

Rude Guy wasn’t in the mood to listen; he told me that the other store where I’d made a previous purchase had broken the law. That didn’t seem likely; gun stores tend to be terrifically careful to follow the law and ATF regulations because failure to do so can get them shut down and their employees jailed. I politely thanked him and left. Then I called the local ATF field office myself and spoke to a very helpful ATF employee. I explained my situation, she cited 478§11 to me, told me I was good to go, and gave me her phone number to have Larry’s call her if they had any questions.

Armed with this information (ed.: see what I did there?) I went back to Larry’s, stood in line for the same guy, and explained my phone call. He was even ruder than before: “I don’t care what she said,” he said angrily; “I still won’t sell to you.” Clearly there was no point in arguing, so I left.

I’ve sent Larry Burnett, the owner, a detailed letter explaining what happened, so we’ll see what action, if any, he takes. Until I hear back, though, Larry’s is off my shopping list. If you’re in the market for firearms, ammunition, or supplies, I suggest you go elsewhere.

125 Comments

Filed under FAIL, General Stuff, Smackdown!

2012/10/05 · 19:00

Please stay home, Mr. President

Our dear leader, President Obama, is coming to the Bay Area on Monday. (Why he’s coming is unclear to me; it’s not as though Romney has any chance of winning California, so I presume it’s so Obama can raise money from his legions of wealthy fans out here.)

Anyway, the point of this post is to point out what happens when he’s here. The picture below will help illustrate my complaint.

See those red rings? During his visit, most private aircraft are essentially not allowed to fly within those rings; flight training (and cropdusting, and animal control, and a long list of other operations) are specifically prohibited, and there are other restrictions. Commercial passenger and cargo flights are exempt, luckily (otherwise AA passengers departing SFO Monday would be in even more trouble, hey ho!)

The largest ring is a 35-nautical-mile radius centered around the San Francisco (SFO) VOR. That takes in the Palo Alto, San Jose, Oakland, and San Carlos airports. So from 1pm Monday until 10am Tuesday, the dozens of instructors and hundreds of students training at those airports are grounded. That means an immediate loss of several thousand dollars per instructor– and the losses are greater for flight schools themselves.

More to the point, this is just a further delay in my pursuit of my license, as I can’t fly during that time unless I am actively, y’know, going somewhere.

Oh, and the best part: the geographic and time restrictions of this temporary flight restriction can change at any time. So I could, in theory, inadvertently and innocently violate it if it changes while I am in flight. This is rare and unlikely, thank goodness.

So thank you, Mr. President. I’m glad you’re doing your part to help the economy. See also previous helpful contributions here and here. (substitute “Bush”, “Romney,” or the name of your favorite post-9/11 president above if it makes you feel better, although President Obama has been a worse offender in this respect than was President Bush.)

1 Comment

Filed under aviation, FAIL

2012/09/07 · 05:12

Backups and MEC

tl;dr edition: don’t let this happen to you.

I’ve been working on a couple of iOS applications for my upcoming talk at the Microsoft Exchange Conference. Since MEC starts in just over three weeks, this has become a matter of some importance.

Side note: I often talk about “the Exchange tribe” as a shorthand way to talk about the community with people who aren’t in it. The MEC team has posted a bunch of speaker photos which may help put some faces with the names. These pictures don’t show everything; for example, you can’t see Greg Taylor’s sense of humor, the color of Jeff Mealiffe’s most excellent glasses, exactly how much Scott Schnoll looks like SA Martinez from 311, or what Devin Ganger is trying to karate chop. The pictures are useful for recognizing who’s who, though the rumors that Ross Smith is making a set of MEC speaker trading cards is false as far as I know.

Last night, I unplugged my laptop, tossed it in my bag, and headed for SFO for the redeye to DFW, thence to Huntsville. This morning at DFW, I pulled out the laptop again to work on my code a bit. I had made a stupid mistake the other night: I created a class based on UIViewController instead of UITableViewController, which means that Xcode refused to link the class definition files with the view controller itself in the storyboard editor. That caused a variety of bad behavior, including an inability to link selectors for the “done” and “cancel” buttons in the view

I realized my mistake right after I had deleted the view so that I could recreate it. “No problem,” I thought. “I’ll just restore it with Time Machine.” This, despite the fact that my main Time Machine backup is on a disk back in Mountain View.

So, I tried to do that; I opened Time Machine, found my source folder (/Source/ExOOF in this case), and restored the folder from its most recent update at midnight. Switching back to Finder, I accidentally opened the project in Xcode. I quit Xcode and noticed that Finder was asking me whether I wanted to replace the folder or not. I said “yes” and was greeted by a mysterious Finder error.

Long story short, my working copy is now gone. I can’t restore the Time Machine copy either, as the local replica only contains the project file, not the source code.

“No problem,” says I. “That’s why I have CrashPlan.” A quick trip to the CrashPlan app revealed that… I back up /users/paulr only. When I first set up CrashPlan, I didn’t have anything in /source, so I didn’t back it up. Duh.

So, bottom line: my source code is safe and sound, on a disk on my desk in Mountain View that is completely inaccessible remotely. My app development will have to wait until I get back to Mountain View. I suppose I can work on the accompanying slides, but where’s the fun in that?

Don’t use Symantec security software

You may know that Symantec recently admitted that its network was compromised and that the attackers got the source code to pcAnywhere, Norton Internet Security, and a few other products. Buried in their acknowledgement, however, was the fact that the source code leaked in 2006 and has thus been floating around in the community for quite a while.

Jonathan Shapiro’s response on the IP list seemed to hit the right note for me:

The pcAnywhere source code leaked in 2006, and in all that time nobody thought to do a serious security review to assess the customer exposure that this created? And now after five years in which a responsible software process would have addressed these issues as a matter of routine, they are having people turn the product off?

This is the company that ships the anti-virus and firewall software that you are probably relying on right now. A version of which, by the way, has also leaked. Do you want to be running security software – or indeed any software – from a company that fails to promptly report critical vulnerabilities when they occur and then ignores them for five years?

You can argue about whether Microsoft’s disclosure policy is perfect or not. I cannot, however, imagine a circumstance in which Microsoft became aware of a potential vulnerability and then didn’t fix it for five years.

So: if you’re running Symantec security software on your personal machine, your company’s workstations, or your servers… time to get rid of it and replace it with software from a more responsible (and, one hopes, more security-conscious) vendor.

1 Comment

Filed under FAIL, Security, Smackdown!, UC&C