Cloud, IT & IT Professionals, My Rants, Operating Systems and Software, UX-LX-FreeBSD, Windows

#Linux, #Unix, #Windows, #Apple

Read my last post to see my frustration with where our malevolent computing dictators are taking us.

So is it time to switch from Windows, to Linux or Unix, or Apple?

I do want an alternative to Windows 10;  I want my Xerox PARC graphics interface back;  anyone who want to use the ever changing ribbon, may do so, but give me back my original metaphor.  And they can keep the rented, cloud apps.

#Apple still has the original metaphor they used from PARC.  It has not changed much, but since they are using more homogeneous apps, they are bringing cloud apps to the MAC’s.

#Unix, (the BSD’s) appear to have totally given up on a desktop;  too bad because I feel the FreeBSD line is a better OS, and the driver/application metaphor still conforms to the original Unix ideal of Keep It Simple Stupid.  (KISS is relative, and with today’s command lines, and complex applications, this is not for the faint hearted).  That is why I regret they have not gone after  the desktop.  They are the only follower of the Public Domain model (FreeBSD) model of software.  Anyone can take software from anyone, and create a new free software app, or a commercial app.

#Linux has forgotten their Unix roots. No more KISS principle for them, no sireee.  But they are still the champion of Open Source Software, in that you can take a free piece of software (source), develop it in to a new piece of software, as long as it is free.  (there are exceptions, but I’m not sure how they get around the licensing).

#Microsoft is the behemoth of the lot, and they think, and do as they please.  Customers are there to skin for profits.  Soon Windows will be a cloud desktop only;  don’t believe them when they tell you it will not.

So which way forward for the independent minded person?

The MS model is going Azzure, no doubt.  Even development tools are headed that way.  You want you kids to learn computing?  Sure, they’ll learn the framework way;  they will be the legions of the Azzure gods, not able to use an off-network computer, because, it won’t be connected.

Unix, unfortunately is still foundering and trying to decide what they want to be when they grow up.  I’ve tried volunteering to help, but each time I brought up an idea, I was viciously attacked for suggesting…  …anything.

Apple is too expensive.  I use iPhones and iPads, but I do not want a pre-configured, proprietary hardware to run my desktop on, even if it still is PARC compliant.

Linux seems to be the best alternative.  I’ve played with may versions of Linux, from the red fedora, perhaps now it will be a blue fedora and others.  I still found SuSE to be the best for a Windows replacement.  It is still terse to configure, however the YAST configuration tool gives me a menu or GUI driven way to configure most user level constructs.  It offers every Desktop you may want, my preference is #MateDesktop, with the original Novell-like menu.  It maintains a traditional START metaphor.
But it is still missing software that should be mainstream, and there are so many Desktops to make your head spin.  (Use #MATE).

Well, that’s it for now.  Talk to you hopefully sooner than a year from now.

Cloud, My Rants, Operating Systems and Software, Windows

Is it the end of the Desktop, maybe…

Followers, it has been a while since my last post, although I have not sinned.

I’ve been a Windows devotee, since #Windows 2.11, don’t ask how long that was.  You’ve heard of the old adage that sometimes, we must drag users kicking and screaming in to the future and a better place.  #Windows10 with its Universal whats’am-a call it, UWP, and its trashing of the #PARC metaphor is not it.

What I see is that the new apps are spreading Fear, Uncertainty and Doubt (FUD) in users minds about the (1) ole’ desktop.  New applications have their own menus, most context sensitive, and NO PARC metaphor.  Go ahead, try to find File or Edit on the top menu bar;  oh, there is no menu bar.  The same is true of application data;  you can’t get to it, you can’t read it outside of the app, and you can’t back it up;  wait, I mis-spoke, you can back it up but you can’t restore it, because DRM render’s it unusable.

(2)nd direction they seem to be guiding us to, is to the cloud.  And I don’t mean storing our data there, but running applications on the cloud via a souped up browser interface, and storing the data on the cloud.  And what do you think MS, Google and the like our doing as they are parsing the data prior to saving it to the ubiquitous cloud?  Yes, they parse it;  I’ve had many experiences, when not five minutes after posting a document, I get SPAM about a service applicable to something mentioned in my document.  Yes, I know, the malevolent dictator would never have any-one read my documents directly;  Just like they wouldn’t listen in on our Alexa / Siri conversations;  Wait that was yesterday’s news, we’ve all gotten over that one, haven’t we.  Who cares if they listen in?  Well don’t complain if the read your documents either.

(3) Additionally, our new malevolent desktop dictator / MS, is moving away from GUI tools, to esoteric and convoluted command lines which very few people can use.  The constant upgrades have rendered many of my Windows10 systems broken or unusable.  I’ve paid MS a couple of times, early on to be told to to a clean install;  what?  Are they serious?

I’ve found answers after reading countless posts via search, but most of them involve complicated commands (yes CLI) that are not documented, and which I have no hope or yearning to learn;  they’ve repaired my systems.  In some cases I’ve repaired by re-installing Windows and keeping applications and data.

Desktops in 2019, should not be this difficult.

Now, to be fair, MS is not the only malevolent dictator (yes I stole that from Python).  So is Google, Amazon, and every other big concern which can comb through our data for profit.  I leave it to you to decide, but I’m afraid you already have.  (and so have I, I use cloud file services like the next person).  But I refuse to rent software.  So, #Microsoft, #Adobe, and others, take heed:  If you can’t give me a permanent license, then I’ll look elsewhere.

 

Digital Magazines, eBooks and Audiobooks, My Rants, Standards and Automation

DRM or copy protection

(DRM) Copy Protection History

In the olden days, copy protection was exactly that;  copy protection of a piece of software, which prevented the owner from making a backup, unless the copy protection included a mechanism to allow for it. Copy protection came in a cypher key, or in a physical lock key, such as a USB device (serial or parallel).  Your data was not affected, unless of course you lost your lock key, which prevented you from using your program, and as a result rendered your data useless, because it was forever gone.  Because of the horrendous nature of the processes involved, and the not insignificant overhead it added to the software, most companies have done away with such foolishness.   Microsoft(R) did the most to get rid of the copy protection, by putting out competitive products (Office(R)) without it, and by introducing Xerox(R) PARC GUI interface, but that is another story.  Their far and away, biggest competitor at the time, Lotus(R), quickly fell behind, and was eventually bought by IBM(R) to die a slow death.

The present day agreement by boredom

Back to the present;  today, we have gone way beyond copy protection.  The marketing powers, figured that since software copy protection was so bad, and the public rebelled against it, we should rightly not use it.  But we could protect data the public bought in the form of books, magazines, audio and video media.

All they had to do, is simply to provide us with a two hundred page EULA, in legalese of course, that the average law student would not want to read;  oh, and if there was a quick bypass clause that rendered the end-users’ agreement to the EULA, well that is it.  Lock, stock and barrel.

And it worked;  our legislators, have all succumbed to the lobbies, agreeing that fair rights copyrights are a good thing for the masses, just as in previous generations, if you weren’t born in the privileged class, you didn’t belong there.  What has got me perturbed is that even Europe has fallen in step.

Fair Rights Management

Do I disagree with “fair rights”?  ” N O ”

I am not opposed to an author protecting they’re work and reaping the benefits of their toils, physical, or mental;  both are toils, and deserve to be rewarded, especially if that is how a person is earning their living.

However, there is a difference in public fair use copyright, and in no-rights.  Because that is what today’s Digital Rights Management has become.  The publisher of the works, not the author, makes certain assumptions:

  • They alone have the inaliable right to protect the author
  • They alone will guard the fair use copyrights
  • They at any time render your media collection in to garbage, by the simple virtue of software upgrades
  • Their fair use algorithms and cyphers should render the published work, unusable in the event of their demise

Wait, Tas, no, that can’t be their intent.  I am sure it is the same as classical media;  we’ll always have it.  Books and scrolls have been around since the birth of time, well, almost.  Unless you were educated, and were sequestered in a monastery for life copying a scroll, you couldn’t copy it;  come to think of it you couldn’t read it if you weren’t in the priveleged class, but I digress.  But if I was a king or queen and purchased a scroll or a book, that was mine.  Let’s see:

  1. I could not copy it, no copiers, and even had I access to a mechanical copier, it would be difficult to cut the spine off and re-attach it in order to run the pages through a copier.  And how would I make a presentable book.  No, just send it to the monastery and pay the fees to have hand copied.
  2. But I could have it around forever, within my lifetime, and could then bequeath it to my descendants, who could have it around within their lifetimes, and the bequeath it to their descendants, and so on and so forth. Hmm!  Let think on that for a moment.
  3. When audio came around, in the form of records or tapes, well, I couldn’t copy it, but I could still bequeath it to my descendants and so on.  Oh, I know, tapes…  the industry gave us tape recording technology so we could create our own playlists.  (That’s because they we selling us one good title for the price of twelve, but again, I digress).
  4. By the time video came around, an argument could be made about limiting copying of audio and video tapes.  However, it wasn’t the public that was doing most of the copying, it was pirates who were turning around and selling the copies.  A point can be made, of course, that the public was supporting the pirates by buying the bootleg copies.
  5. By the time of digital media, it became evident some sort of copy protection was required, because computers and DVD copiers had the ability to make perfect copies non-stop.  (See, I knew there was a salient truth in copyrights;  it just took me a while to get to it).  But again, it isn’t the general public who makes the copies, it is the pirates, and the digital kiddies, who then distribute them.
  6. The point is that if I were to go to Wally’s place and buy a bunch of DVD’s, I would have no clue which of those may be bootleg or not.  (And neither does Wally).

Fair Rights Use

So what do we do?  I think we need to devise a system which adheres to the following principles in Fair Rights Use and DRM:

While the distribution company is in business:

It must provide for the identity management of the copyrighted works’ buyer, that’s only fair

It must provide for a number of views the buyer can have;  for example I now read my books on my iPad, my iPhone, or my Windows or Unix computer.  As long as I am the owner of those devices, I should be allowed to download and access the content, within say ten devices.  If I upgrade a device, the identity management should allow for either automatically upgrading keys, or it should allow me as a user to delete one device and add another.

The distribution company must not use a proprietary encoding scheme, simply for taking user’s right to fair use, away;  I don’t care if they use an encoded or signed PDF, or AAC or MP4/M4V, as long as I can use that in a dire circumstance by bypassing the identity management system

Dire Circumstances

And here we are speaking of the distribution company going out of business, dropping the old file scheme, or even deciding they don’t care about protecting older media;  at worst it may mean global thermonuclear war or Armageddon.

Users should be able to access their media without an identity authentication server;  This means that once I’ve downloaded the media to a device, my iPhone for instance, the identity authentication system should give me a Ticket Granting Ticket (TGT) to that media publication, based on the device’s and the user’s identity.  Just so we understand, this is mostly how it works today, with the exception of some Intel Video Cable DRM.  If I download a movie, I get the ticket and I can play it offline.  If I download an ebook or emagazine, I can play it on the device for as long as I like.

The problems start during Dire Circumstances;  if my iPhone’s OS is upgraded and there is no longer any support for the proprietary media player, I, as user would be in trouble;  I would no longer, be able to read/play/watch/listen to the work I’ve purchased.

And here is another issue;  these companies would like to tell us we are not purchasing a copy of a work, we are renting it, as long as ‘they’ allow us to;  I am sorry that is a bunch of crock.  When I pay for a legitimate copy of a work, it is mine.  Just like a book or an album, I should be able to give it away, sell it or bequeath it.

These articles concern mostly publishers of eprint and evideo works, but could be applied to audio and other electronic distributions

The solution

Fair Rights Certificate underwriters, you get what I am saying, I hope.  An underwriter, hopefully global in nature, that will maintain the Identity Manager’s Root Certificate, for a specific line of distribution schema for a number of years, what ever applicable copyright laws allow for, in whichever country you live in.

This underwriter will certify the code in the distribution media’s keys, will release the restrictions on the media, if the root certificate is, no I don’t mean not found, but annulled.  The only way for an annulment to work, would be by the publisher notifying the underwriter that the particular root certificate can be annulled.  And of course, the onus will be on the publisher to renew the certificate each year.  A second way for the annulment would be if the publisher does not renew the certificate, because the are no longer in business.  I would then submit that the underwriter would annul the root certificate, so all media sold under that cert can become non-DRM’ed.

And finally, there must be a guarantee by the underwriter, that the media contains code to de-DRM if a key authority cannot be found in a certain amount of time.  And no, I do not mean in 80 years subject to renewal by a lobbied legislative body.

An identity transfer mechanism must also be available, so if I want to sell a copy of a work to someone in Tasmania, I as Tas can do so.  Of course, I will no longer have rights to that work, the same as if I’d sold a physical book or an album.

Easy, peazy?

No.  Definitely not easy or peazy.  But it must be done, because I want my purchases protected.

My case

I have been buying emags and ebooks since the beginning.  I’ve been through several generations of software, in which the publisher has been kind enough to re-format and allow me access to all of my old emags.  However, there is another publisher who does not appear to care about my purchases either way.  They’ve both told me I have access to the publications because of their generosity and benevolence.  And they both keep updating and changing their encryption schemes every few years.

Which only servers to make me angrier;  I’ve paid the same for that emedia as I would any other physical media.  Where are my representatives in government now?  Obviously not listening to me, but to the publishers.

I think it is time top change that.

IT & IT Professionals, My Rants, Standards and Automation

Naming Standards

Here I’ll be discussing CI naming standards for different server and server like devices.  I’ve been to many a-place with standards, which simply means that the name of the device starts with alphabetacorp-windows-999.  Similar scenarios involve naming devices after a data center, or the OS flavor it is running.

Unfortunately, these are not very descriptive, and do not give anyone a good picture about the devices’ location, OS, classification, or application.  From my perspective, a naming standard should be do the following:

  1. Be brief, as in Unix, so it can be type quickly over and over as required
  2. It should identify the following device meta-data in two to three characters:
    1. physical or virtual data center device is located in
    2. device role classification, such as production, qa, or developmental (I’ve used “p/q/d”)
    3. OS running on the device, such as u/nix, w/indows, n/nas storage
    4. Application role, such as w/eb server, s/ql server, s/harepoint, a/sap, etc
    5. Application sub-role if required, such as application server, indexer, etc.
    6. A two or three digit number, identifying the server farm, and/or unique sequence number of the device
  3. The name should become the CI name in the CMDB and the device, physical or virtual should always be referred by this naming standard.

Let’s take a look at some scenarios:

  1. d4 – may denote, data building delta, data center 4
    tow – may denote the Towson, MD data center, or
    zto – may denote the virtual data center in Towson
  2. p/q/d is what I use
  3. OS, again, u/w/n and others (I’ve also used an abbreviation for a cluster pool)
  4. w/q/s/f, web, sql, sharepoint, file-service
  5. with sharepoint, I’ve used app/ind, etc…
  6. 99

So using the above, if I had a virtual server in the Towson data center, running a production task under Windows Server, as the Sharepoint DB, I may have called it:

zto p w s db 01

Again you may say it is very complex;  and you’d be correct.  However, imagine, a typical Sharepoint installation, with one DB, four App/Web servers, two Indexers, a CMS, and a BLOB device.  That is only eight devices, out of thousands in a typical large scale installation.  How would you manage?

 

IT & IT Professionals, My Rants, Standards and Automation

Standards, Automation and ITIL

Standards, Standard Operating Procedures, ITIL rules…

You may think to yourself that these functions, are either an evil imposed on some organizations by management which has nothing else to do, or that they are a necessary drudgery, to ensure compliance, a pre-defined cookie cutter approach to creating systems, documentation, and of course vocalization of change management to affected parties.

So, which side are you on?  We’ll discuss this further in coming posts.

Apple Hardware, iOS, iPads, Microsoft Hardware

Are #Apple and #Microsoft in collusion to kill the high-end #tablet?

I will refer you to My iPad Pro Wish List. This was a wish list we in the professional community had been putting together for a couple of years before I published my summary. So let’s see how I did:

My iPAD Pro Wish List:

1. I expect 14″ or so
2. QHD
3. True background processing on apps I designate
4. Remote access from my PC/Mac/BSD/Linux
5. Active stylus
6. USB 3 port capable of cow line hub
7. OSX with shell
8. Either provide better on screen keyboard options, or open it up to third parties, NOW

What Apple released in the iPAD Pro:

  1. Check
  2. Check
  3. Nada
  4. Nada
  5. Check
  6. Nada
  7. Nada
  8. Nada

While we’re at it, let’s see what Microsoft released in their Surface Pro 4:

  1. Check
  2. Check
  3. Check/Windows 10
  4. Check
  5. Check
  6. Check
  7. Check – CMD/PowerShell/Bash
  8. Nada

Microsoft appears to be the winner of the Professional Tablet.  Yes I know that MS is providing a souped up version of MS-Office for the iPAD Pro, but the Surface will run Office 365.

So does Microsoft win this race?

No, neither Microsoft, nor Apple wins.  From my perspective, and three years after the above wish list, a Professional tablet at the high end, should have 1TB storage, and 16GB’s of RAM, and be capable of running VMware Workstation or such virtualization. Today it should also have fifteen hours, true battery life.   Apple fails.  Microsoft will work, albeit not with the battery life.  At least Apple doesn’t play games with battery life, when they say ten hours, they mean ten hours of active use.

So Microsoft wins, right.  NO!!!

Both Mr. Cook and Mr. Nadella have priced both devices out of the reach of the ordinary professional.  My current laptop is an HP Envy 15 with a 3200 x 1800 touch screen, 1TB of HDD and 16GB’s of RAM, stock from HP.  I added a 512GB SSD card for less than $300.  The total package cost me about $1,300.

  • Mr. Cook would like me to buy an iPAD Pro for $2,000 that can not run a VM, nor OSX.
  • Mr. Nadella would like me to buy a Surface Pro 4 for over $2,000, with a quarter of the power of my current laptop, to the same specs.

(But here is a secret;  they both have low-end devices with very low RAM and storage, for Corporate use;  you see corporations aren’t interested in power, and the would rather you store and run your data from the cloud than locally;  just in case you thought the low end tablets were for ordinary users).

So either the success of the iPhone and iPAD has gone to their heads, and they believe the can now rip-us off big time by marking up a $100 memory module for $900.00,, or they have both decided and colluded to kill the tablet market.

Which is it?  You tell me.

iOS, iPhone, Laptops and Two-in-ones, Uncategorized

#Apple’s #TouchID implementation misguided

Whoever is guiding Apple’s TouchID implementation is severely misguiding Apple and the public who uses it. 

The idea behind biometric security is that it is infinitely more difficult to crack than a PIN or Password. Where a password or passphrase in today’s marketing techno-lingo may be composed of eight or more ASCII characters, a biometric signature may have tens of thousands of combinations. Even a 30 character password cannot compete with such a combination. Not that it can’t be broken, but it would be more difficult and time consuming. And on a device that can lock and/or wipe itself after a number of incorrect tries, it should be IRRELEVANT.

( Now let me state for the record that a PIN in and of itself, does NOT constitute a password or passphrase in my opinion. If a vendor such as Apple or other security providers allow their users to consume PINs, I would allow for dual authentication on every boot. )

I also understand the reasoning behind dual token authentication.   “I go to work and I can use dual tokens to sign in in the morning, and work all day. In a multi-tenant managed environment dual token is a great authentication method when managing different tenant infrastructures.”  

I can also think of the following industries which can benefit:

  • Nuclear plants
  • Munitions depots
  • Utility distribution grids
  • Aircraft cockpits
  • Banks

I can also understand use of the dual token as implemented by Apple in the following circumstances:

  • When booting, in a ‘motion-less‘ profile;  that means NOT while in a moving vehicle, and not during physical movement such as walking. Those are dangerous activities to be engaged in while trying to enter a passphrase. Legislatures are passing law after law to curb such activities, while Apple is actively opposing the legislation.  

If Apple wants to implement a dual authentication on boot then allow the user to set the elapsed time, say one to four weeks. 

  • Under no circumstances should dual authentication be required after a boot when using biometric authentication:
  1. Not when I’m shopping
  2. Not when I’m driving
  3. Not when I’m walking or jogging (not that I jog)
  4. And certainly not when I’m in line waiting to pay, unless the transaction is over a limit, I, the user has set

Lest anyone thinks I’m beating on Apple, I’m not. This applies to all security implementors in any company and product. 

What do you think?