AT&T Mobile Share “Advantage”

You know you have a problem when you get excited about plan changes on your cellular provider. Yesterday, AT&T gave me a problem.

Initially, no more data overages, higher caps, and reduced pricing tiers looks like good news all around, but is that really true? After looking at the details of these new AT&T data plans I’m less than impressed. They’ve upped the per device access charge from $15 to $20.

Right now I have the $100 plan for 15GB, plus three devices, for a total of $145. Under the new plan, if I move to the similar the 16GB plan the base price is $90 but I’m now paying $60 in per device charges for a total of $150. (+$5)

Even going from the 15GB down to the new 10GB plan, would result in a savings of only $5, at the loss of 5GB of data.

Maybe.

It’s still really a bit confusing, the press release says “All Mobile Share Advantage plans also have an access charge of $10 — $40 a month per device not included in prices shown above.” but then later “customers will pay a $20 access charge per smartphone a month for Mobile Share Advantage.”

My hope/guess is that it’s likely to depend on which plan you pick, at least that’s how it is on the current setup. I believe the current $15 per device does jump to like $20 or $25 , on their current plans. So, if it continues to be a graduated scale, the new 16GB plan may actually be a money saver, but until their pricing calculator shows up when the new pricing is available on Sunday, we probably won’t know.

But from the “clear” statement, it looks like not a great deal. For now, they get a splashy headline. Verizon, who has a similar plan, has the separate fee for allowing “unlimited” reduced bandwidth, instead of charging an overage, and it seems like this increase is just a clever way of hiding that fee.

If I was really concerned about overages I’d probably just do it, but I never go over.

Cisco to audit code in wake of Juniper backdoor

In the wake of an announcement by Juniper that after an internal code audit, they had uncovered two backdoors in the operating systems used in their NetScreen firewalls, Cisco has announced that they’re taking similar steps to perform an audit of their code.

In a blog post by Anthony Grico, Senior Director of the Security and Trust Organization within Cisco, the company outlines that although their normal development practices should detect unauthorized code from sneaking into their products, no process can eliminate all risk. The company will be conducting penetration testing and code reviews.

The company also says that there has been no indication that any code has been compromised, that the review was launched as a proactive effort in the wake of Juniper’s bulletin, and also not in response to any outside request.

It’s generally acknowledged by security experts that due to the level of sophistication of such attacks against companies like Cisco and Juniper, it’s likely state agencies are responsible for the unauthorized code; the Chinese military, the US’s NSA or the UK’s GCHQ. The NSA had an operation exposed by Edward Snowden in which they intercepted Cisco products, mid-shipment, that were destined for other countries, to install backdoor code directly into those routers, firewalls, etc.

However, it may be also be less sophisticated attackers (or governments) who are using existing backdoors. Matthew Green, a cryptographer and professor at Johns Hopkins University, has theorized that the Juniper VPN decryption vulnerability may have been the result of Juniper’s implementation of an altered version of the NSA’s backdoored Dual EC random number generator. As Green explains, encryption depends on unpredictable random number generators, and the Dual EC method that has been advised by the National Institute of Standards and Technology (NIST) since the early 2000s was discovered by researchers to include a (probably NSA inserted) weakness that allowed an attacker to decrypt intercepted traffic.

Juniper utilizes Dual EC, but in a non-standard way so that the (NSA) backdoor was removed. However, researchers who decompiled Juniper’s firmware packages, have compared the differences in the compromised code and found that the compromised sections altered the number generator so that anyone with knowledge of the effected code, could again decrypt traffic.

In effect, the attackers used an existing (closed) door to open a new one for their own use.


Originally published at www.petri.com on December 29, 2015.

Nutanix files for IPO

Nutanix announced on Wednesday that it has filed a Form S-1 with the SEC for a proposed IPO.

The number of shares being offered and the price of the offering have not yet been determined, although the company says it intends to raise a maximum of $200 million; Nutanix will be listed as “NTNX” on NASDAQ.

Nutanix specializes in hyper-converged infrastructure that merges the traditional silos of the physical server, virtualization hypervisor and storage into one integrated solution. It competes in that space with companies like SimpliVity, EMC, and VMware’s VSAN.

Their solution is comprised of two product families, Acropolis and Prism, and is delivered on commodity x86 servers; Acropolis is their in-house hypervisor software. That’s a unique selling point in this market, in which most hyper-converged providers normally resell VMware’s ESXi platform, or in the case of VMware VSAN, are delivered by VMware itself. Nutanix originally, and still, allows customers to utilize the VMware hypervisor if they choose, instead of Acropolis. Prism is their virtualization and infrastructure management platform.

In addition to selling their own Nutanix branded systems (built by Super Micro), they also partner with Dell, who resells the Nutanix platform as their “XC-series” systems, built on Dell hardware. Dell recently announced its intention to acquire EMC, which may sour that partnership in the future.

According to Nutanix, as of October 31, 2015, they have 2,100 end-customers including enterprises customers like Activision Blizzard, Best Buy, Kellogg, Nasdaq, Nintendo, Toyota, Yahoo and the, U.S. Department of Defense.

Nutanix, which began sales in 2011, has posted revenue growth over the last three years, growing from $6.5 million total revenue in 2012 to $241.4 million for 2015. Nutanix has hired an impressive number of virtualization industry big-wigs, at this time employing more (expensive) VCDX certified engineers than any other company, and invested a lot in research & development, and marketing. They currently have a total 1,368 in headcount. However, as a result of these investments, Nutanix also posted a loss of $126.1 million for 2015.

In their Series E funding round last August, the company raised $140 million on a $2 billion private valuation. As of October 31, 2015, they had an accumulated deficit of $312.0 million.


Originally published at www.petri.com on December 23, 2015.

NetApp to purchase SolidFire

NetApp, Inc. on Monday announced its intent to acquire the Boulder, Colorado based all-flash array (AFA) vendor SolidFire, for $870 million in cash.

According the to announcement, NetApp intends to incorporate SolidFire’s products into NetApp’s existing product lines. Following the close of the transaction, SolidFire CEO, Dave Wright, will lead the SolidFire product line within NetApp.

NetApp will continue to push their existing all-flash offerings to the three largest AFA market segments, with their existing lines targeting the enterprise, and SolidFire focused on next-generation cloud and “webscale” architectures.

CRN had reported earlier in the day that an announcement was coming, and in their reporting said that Cisco and Samsung had also been interested in picking up SolidFire. SolidFire had raised around $180 million in funding since it was started in 2009 and launched its first product in late 2012.

SolidFire competes in the AFA segment against other market leaders like EMC’s XtremeIO, Pure Storage and Tegile. The company’s main selling points are a robust storage quality of service (QoS) offering that allows service providers to carve up and guarantee a level of performance for customers, an application programming interface (API) that enables administrators to program against or script any functionality within the system, and a scale-out architecture that uses traditional iSCSI and Ethernet.

NetApp expects the transaction to be completed during the fourth quarter of its fiscal year, 2016.


Originally published at www.petri.com on December 21, 2015.

Juniper finds backdoor exposing encrypted VPN traffic

In a security advisory posted late Thursday, Bob Worrall, Juniper Network’s Chief Information Officer, announced that the ScreenOS software used on the company’s NetScreen firewalls contains an unauthorized backdoor allowing third parties to potentially monitor encrypted VPN traffic.

“During a recent internal code review, Juniper discovered unauthorized code in ScreenOS that could allow a knowledgeable attacker to gain administrative access to NetScreen devices and to decrypt VPN connections. … At this time, we have not received any reports of these vulnerabilities being exploited,” Worrall wrote.

Juniper says that ScreenOS versions 6.2.0r15 through 6.2.0r18 and 6.3.0r12 through 6.3.0r20 are affected should be upgraded immediately to either 6.2.0r19 or 6.3.0r21, as there are no workarounds to disable access. Juniper also says they have no evidence that the their products running their Junos operating system are impacted by this breach.

In another knowledgebase article, Juniper explains what type of logged event may appear on a compromised system, but warns that a skilled attacker would likely be able to clean his tracks and remove the events from the logs.

While it’s not clear who is responsible or how this backdoor was added to the code, many security experts point to a 2013 article published by Der Spiegel that said an NSA operation called FEEDTHROUGH worked specifically against Juniper firewalls and gave the agency persistent backdoor access.

The NSA also had an operation exposed by Edward Snowden in which they intercepted Cisco products, mid-shipment, that were destined for other countries, to install backdoor code directly into those routers, firewalls, etc. However, unlike that operation, if the NSA were to be responsible for the Juniper backdoor, this exploit would be present on any ScreenOS hardware around the world, including within the United States.


Originally published at www.petri.com on December 18, 2015.

Keeping USB drives clean with BlueHarvest

I’ve long been annoyed with copying files to a USB stick, and then handing them to a Windows user (typically a customer) and then telling them to ignore all the .whatever files that are created.

Recently I found BlueHarvest, which runs $15 and has a 30-day trial, and it’s appears to be the new solution to my problem. It automatically cleans the OS X specific files on any non-Mac formatted (exFAT, FAT32) drive that enters the system.

The results have been great, and my portable drives are now very clean.

I used to have a menubar application called CleanMyDrive by MacPaw that would get rid of these, but at some point I quit using it for reasons I don’t even remember. I think the menu bar icon was kind of ugly on Yosemite+ (yes, I’m that picky.)

The new(er) Apple TV

When the 4th generation Apple TV was announced a few weeks back, my initial response was basically “take my money!”

But then, I had second thoughts, and I didn’t order one at the start of the week when they were first available. I don’t really know why, my heart just wasn’t in it. I decided I’d wait it out and let others figure out all the kinks. However, on launch day I had a change of heart and decided to stop by the Apple Store and pickup a 32GB model.

I have two of the 3rd generations units, and the 2nd generation, and while I love them for all they do, I have been patiently waiting for Apple to revolutionize TV. I want a single TV solution from Apple that makes my life as a cord cutter better. Unfortunately, that still hasn’t happened yet, but it’s a nice box.

Pros:

  • Universal search, with Siri, is fantastic. Telling the box to “show me the latest Ben Affleck movies” results in unified results with content from all the major providers like iTunes, Netflix, Hulu, and HBO. Selecting a title brings you to the one that is the best option based on if you’re paying for streaming or if you’d have to buy it. (ex: Gone Girl is available on HBO, and iTunes, but it defaults to HBO.)
  • New remote is very handy, and a nice upgrade from the previous one. The touch sensitive panel is very sensitive and takes some getting used to. I’ve used the motion controller on a couple of games, and it’s fun but not something I’d probably do a lot of.
  • The volume control and TV power is controller through the new remote, and I didn’t have to do anything to program it.
  • The App Store. Yeah, that’s pretty self explanatory.

Cons:

  • The current iOS Remote application that can control my 2G/3G units doesn’t work with the new Apple TV. No using the iOS keyboard to enter search terms on your TV.
  • You cannot pair a bluetooth keyboard (even the Apple ones) to the Apple TV, either.
  • The first two combine to make initial setup with logging into accounts, a real pain in the ass when you have super complex passwords for everything.

Overall, I very much like the new box. There probably isn’t a day that goes by where it doesn’t get used. I’m going to be adding an OTA network tuner and downloading the Channels app this week to replace switching inputs on my TV to a dedicated antenna. I’ll probably also pickup another box for the downstairs TV and then gift my 3rd generation units out to the family for the holidays.

Regrets of a Plus sized model

My original bout with the 4.7” iPhone 6 lasted almost seven months to the day. I remember this because I received it on September 19, 2014. It was the same day my second son way born.

On April 18, 2015, I purchased an iPhone 6 Plus.

Why Switch?

That’s what everyone had been asking me since I even brought up the idea of switching. I’m one of those people who originally couldn’t even fathom Apple ever making a phone with a screen larger than 4”, like what we had on the iPhone 5. Jony Ive had taught us that this was the superior phone size, and I carried that logic and marketing out into the world. Over time, I started to rationalize to myself that a 4.7” phone was a good size, and that if Apple were come out with one I know they’d do it right. It was inevitable. That’d be the phone I’d buy.

And then came the iPhone 6… and the iPhone 6 Plus. The Apple Phablet had arrived.

Admittedly, the thought to join the dark side had entered my mind a few times since the 6 Plus was announced. Would I want a phone this big? Could I handle a phone this big? Back in September, I said “Nope!”

So along came the iPhone 6. And I loved it. Reading my original quick review from October, it’s still absolutely true:

I’ve owned it a month now. Originally I felt that I was going to drop it every time I tried to grip it (using my smaller than normal man-hands) — that panic led me to the Apple Store to pickup the black, leather Apple case. The case gave me a safety blanket and the ability to learn to adapt my grip, however, last Thursday I took the case away. It’s been a week since I’ve removed the training wheels.

I love this phone, it feels great. The size is perfect. The rounded corners feel great holding it for long periods of time. I’m also past fussing about the camera bulge. I worried it’d get scratched, now, in Apple(Care) and sapphire crystal, I trust.

I had an original iPad through work, and then purchased my own iPad 2 on launch day, which I used until it was replaced by the iPad Air. However, I found myself using the iPad Air less and less over time, especially as OS X started to get more and more features from iOS. I started to embrace the idea of two primary screens. My phone and my laptop. Also, the larger screen size of the iPhone 6 gave me fewer reasons to think about the iPad.

And with iOS 8 and OS X 10.10, along came iCloud Photo Library. This feature I absolutely love, but, it blew up my iPad. I have 170GB of photography stored in iCloud now. Even with the optimization features enabled, my 16GB iPad Air couldn’t deal with this. This led to it being turned off completely more than anything, and then eventually being sold to my brother.

I was on the edge of buying a new 128GB iPad Mini for about a week, but I could never bring myself to buy. I wasn’t sold on the utility of another screen. I was actually very happy with the idea of my iPhone 6 and MacBook Pro as my major points of computing.

But then my wife’s iPhone 5S started to have the same issues as my iPad. The 16GB limit would hit and every other day I was shuffling around apps and data to keep her under the bar. Enough was enough.

My solution at the time was to obtain an iPhone 6 Plus 128GB for myself, and give her my gently used iPhone 6. This worked, and at first it was glorious. I was in love with my giant new friend. In my new two device world, it was a match made in heaven. The iPhone 6 Plus was great for reading, writing, and arithmetic.

But, it had trade-offs.

It is massive. It’s great for use around the house or at the office, when you’re not up and around with it. It was the first iPhone that I ever dropped and broke the screen, in seven years of owning them.

Going out with it felt a little bit like having an iPad to contend with. My car didn’t really have a convenient place to put it and at one point we had family pictures done and I forgot to empty my pockets. Now, the giant rectangle in my pants will be forever immortalized in print.

And the struggle with RAM, is real. There simply isn’t enough in it. Having a page open in Safari, and then switching back to a different one caused the site to reload. Having streaming audio from Apple Music running and then opening Tweetbot would cause jitter. It was annoying but not life threatening.

I commented about this back in August, and even then I was planning to stay with it. As I said:

… the reality is I’d have a hard time going back to anything smaller.

It turns out, it wasn’t that hard.

Coming Back

When the iPhone 6S was announced, I started hatching a plan. What if I got a pink one for my wife, and (re)obtained the iPhone 6. I’d just give it a shot for a little bit, and then if I thought it was too small to stick with, I could sell it and go back to my Plus.

So I did, and it turns out, I liked the 4.7” phone a lot more. It was easier to hold, didn’t act as sluggish, and overall was a lot more comfortable for me. Playing around with 3D Touch on my wife’s phone, I imagined the difficulties and all the broken screens I’d have with a larger display to contend with.

The battery life on the regular 6 is crap compared to the Plus, I’d really become spoiled by that, but I own at least a half dozen Anker batteries with more car and wall charging outlets than should be legally allowed, so I made it work. I sold the Plus to a nice woman on Craigslist.

And I love it.

I tried to go back to the Plus, twice, just to be sure. One night I lasted almost 5 hours before switching back. It was sold the next day.

I’m back to the 4.7” phone, and when the iPhone 7 arrives, assuming Apple doesn’t do anything stupid and move everyone to 5+ inch devices, that’s probably the form-factor I’ll stick with for the future.

Pearson VUE’s credential management system has been compromised

Pearson VUE, who manages the certification programs for a large number of IT vendors like Cisco and EMC, has announced that their credential system has been the successful target of an attack. The attackers were able to compromise and access information related to a subset of users.

The company says that the hack is limited and does not impact the integrity of the testing system, K-12 assessment testing, or other systems. The company is still assessing the scope of the damage, but they do not believe that vital information such as Social Security or credit card payment information was compromised; Pearson VUE is working with law enforcement and forensic experts to assess the damage.

While the investigation progresses, access to the credential system is offline.

Various sources have reported that many of the credential management systems that Pearson VUE manages have been offline for the last few days, with the company finally making an announcement on Monday.

In a blog post, Cisco (who uses the PCM platform to track members of the CCNA, CCNP and CCIE programs) explains they believe that the leakage is limited to the holders name, mailing address, email address and phone number.

While you may see reports of additional types of personal information being potentially compromised on the PCM platform, we have been informed that this is not the case with respect to the Cisco certification user profiles.

— Chris Jacobs, the director of Cisco’s certifications program.

Testing for vendor programs, like Cisco, that are impacted will continue while access to the tracking system is down. Pearson VUE has not given any timeline for when access to the tracking system will be available again; the company is offering identity protection to affected candidates for one-year at no cost.


Originally published at www.petri.com on November 25, 2015.

EMC announces Data Lake 2.0 strategy

Data Lake 2.0 is the next generation of the EMC Isilon portfolio. Isilon is EMC’s scale-out network attached storage product. Traditionally, Isilon OneFS runs on physical nodes, with the cluster scaling from roughly 30 TB of raw capacity, all the way up to 50 PB. The nodes are all connected across a redundant, private, Infiniband network. But next year, EMC will offer two more ways to utilize Isilon. In addition to the traditional setup, EMC will offer “Cloud Pools” and “IsilonSD Edge” products.

Software Defined

The IsilonSD Edge product is the eqivilant of an Isilon virtual edition. Instead of running Isilon’s OneFS operating system directly on EMC provided hardware, customers can utilize their own physical boxes, loaded up with disk, and run the Isilon software as multiple instances inside VMware ESXi.

There are some restrictions though, chiefly, the ESXi host operating systems must meet strict specifications. EMC will leverage the hardware compatibility list used by VMware’s VSAN product, to determine what will be a supported IsilonSD configuration. Each IsilonSD virtual node will have VMDK files running on the local storage of the ESXi hosts. Shared storage (even one provided by another EMC storage system like the VNX or VMAX) is not supported. Even though IsilonSD and VSAN will share the same HCL, it should be noted that IsilonSD does not leverage VSAN’s technologies in any way. The VSAN team has done extensive work with testing various storage controllers, solid state, and hard drive brands, so it makes sense for EMC to lean on their work.

IsilonSD is intended for small, remote or branch office, and it will be limited in that it won’t scale-out like its traditional Isilon. Like traditional Isilon, IsilonSD requires at least three instances to create a cluster, but is limited to a maximum of six VMs. Traditional Isilon can scale to 144 nodes (the largest Infiniband switch on the market has 144 ports.) IsilonSD is also limited to 36TB of raw capacity in the cluster.

IsilonSD comes in two licensing models. A fully licensed (and, importantly) EMC supported configuration, and a free edition.

Cloudy, with a chance of RAIN

CloudPools allows administrators to leverage off site “cloud” disk targets as storage for your files. Traditional Isilon has three tiers of disk/node types; high performance all solid-state S-nodes, general performance SSD/disk X-nodes, capacity focused disk based NL-nodes, and high density deep archving HD-nodes. Now you can think of your cloud storage target as the super-cold target for your files. CloudPools leverages rules to determine what type of data, or at what age, files are moved between tiers, or off-site.

End users will have no knowledge of where the files came from, but may see the latency associated with having to retrieve files from off-site instead of from disks located in the company data center. Administrators don’t have to manually move data between on-site or the cloud, as the tiering is automatically done through pre-set policies. Files sent to the cloud are encrypted both in transmission and at the target cloud, and then decrypted as they arrive back on the on-site Isilon cluster.

CloudPools will be able to leverage both public and private clouds offerings. Supported public clouds instead Amazon Web Service S3 and Microsoft Azure; support for VMware vCloud Air is intended for a future release. Private cloud offerings are limited to EMC’s Elastic Cloud Storage solution.

All of this forms EMC’s “Data Lake” — an edge to cloud file storage strategy. IsilonSD Edge puts big data in remote locations, and makes it easily accessible and consumable to end users, with support for Isilon’s SyncIQ replication technology to keep a copy back in the data center for long term archiving, backup and disaster recovery. From there, data can be moved out to a cloud provider as files age out, to keep the speedy access available for more frequently used data.

EMC IsilonSD Edge, Isilon CloudPools, and the Isilon OneFS.Next version that will enable these functions is slated for availbility in early 2016.


Originally published at www.petri.com on November 17, 2015.

IBM acquires Gravitant to expand hybrid cloud offering

IBM announced that it has acquired Austin, Texas based Gravitant, a company that develops software to enable businesses to manage and purchase cloud services from multiple suppliers, and to create mixed environments of private and public clouds.

Gravitant’s software, called cloudMatrix, allows users to quickly compare capabilities and pricing from multiple vendors, and then provision those services, through a single console. Gravitant competes with companies like RightScale and Enstratius. Like most incumbent technology vendors, IBM has been trying to boost its cloud services through several different acquisitions, where the company has purchased SoftLayer, Cloudant and Cleversafe in the last two years. It also purchased The Weather Company, last week for $2 billion.

But the purchase of Gravitant drives home the point that the incumbent vendors still believe that a hybrid cloud approach is the right choice for most enterprise customers.

The reality of enterprise IT is that it is many clouds with many characteristics

— Martin Jetter, IBM’s SVP of Global Technology Services

cloudMatrix can also be used by solution providers, and IBM plans to utilize the software in their own SaaS offerings.

Gravitant was founded in 2004 as an IT consulting company, but pivoted in 2009 to become a product company. cloudMatrix was their first product, released in late 2011. Terms of the deal were not disclosed.


Originally published at www.petri.com on November 5, 2015.

VCDX defense process drops troubleshooting questions

Those who are looking to obtain the highest certification level in VMware’s portfolio, watch out, the company announced in a blog post by Chris Colletti that they’ve made an adjustment to the process.

Gone is the final part of the defense, where in the last 15 minutes candidates would be given hypothetical troubleshooting scenarios. Instead, the time has been assigned to the ad-hoc design session. Additionally, the VCDX-Cloud and VCDX-DT scenario times have both been increased to 45 minutes to match VCDX-DCV and VCDX-NV timelines, for consistency.

Colette, who is currently a Principal Architect and VCDX Evangelist at VMware, explained that these changes have long been in discussion with the VCDX Advisory Council members and with many of the current VCDX panelists.

Previously candidates would defend one of their own designs that had been pre-submitted, vetted, and then invited to defend in front of a panel of veteran VCDX holders. Then the ad-hoc design session, followed by troubleshooting. This is after the candidate obtains multiple prior VMware certifications of VCP and VCAP/VCIX. The defense can only be done at pre-scheduled events such and usually involves a trip to Palo Alto, or another VMware corporate location. The process is somewhat unique in the industry.

Reaction from current VCDX holders in the community has been mixed on social media, but trending mostly positive.

Last week VMware announced a new crop of VCDX holders, bringing the total up to 213. The next defense is November 9, for VCDX-NV candidates, and February 15, for VCDX-DCV. Applications for the February defense are due by December 11, 2015.


Originally published at www.petri.com on November 4, 2015.

Hewlett Packard Enterprise goes public, splitting HP into two companies

On Monday, Hewlett Packard Enterprise (HPE) Chief Executive Officer Meg Whitman, as well as partners and customers, rang the opening bell at the New York Stock Exchange, and with it the long planned separation of the HP’s consumer and enterprise businesses became official.

Going forward, HPE will focus on infrastructure, servers, networking, services, software, and financial services. HPE projects annual revenue for the new company to be $53 billion; HP Inc will sell personal computers and printers, and be run by Dion Weisler.

Wesiler was previously the Executive Vice President of Printing & Personal Systems under the combined company, and Whitman, was CEO.

The split is expected to cost nearly 2 billion dollars, and was originally announced back in October of 2014. HP has also shed nearly 50,000 jobs through the process. Since Whitman took over as CEO in 2011, HP has cut nearly 85,000 from its workfoce. Since the announcement, HP stock lost nearly 1/3 of its value but on the first day of trading HP Inc (which now trades as HPQ) jumped 13 percent, while HPE dropped 1.6 percent.

In an interview with Re/code, Whitman said HPE would have around $5.5 billion in cash on hand, which she said is planned to use for strategic purchases, and cited the recent $3 billion purchase of Aruba Networks as an example of the kind of acquisitions she wanted to make.


Originally published at www.petri.com on November 3, 2015.

Neil

Neil McNeill was the most interesting man in my world.

Neil knew something about everything and had an opinion to share on all of it. Not in a way that made you feel inferior or insignificant, but in a way that kept you wanting to hear more. It wasn’t hard to spend hours in his living room engaged in conversation.

He could discuss corporate taxation, or international affairs, and then a few minutes later explain how to avoid overcharging a lithium battery.

He was born in Kansas. He worked in the Pentagon, lived in Japan and served in Vietnam.

He flew planes both big and small. He retired from the Navy, but didn’t want to be called Captain. He had a PhD from Harvard, was an accounting professor, but hated to be called Doctor.

He was a husband, father, brother, uncle, grandfather, and great-grandfather. Those titles he didn’t mind.

He owned one of the very first telephone answering machines. He sniped eBay auctions for radio control airplane parts. He complained about PayPal, a lot. His house had a gadget, part or widget for doing just about anything.

He was a geek.

In 2013, doctors told him he had just a few months to live. He lasted almost two more years. Even as cancer gripped tighter on his liver, lungs and heart, even as radiation and other treatments abused his body, he always had just enough energy to light up and entertain us all.

Neil’s dad had lived to be 102, but Neil was only 83. He had too much life to live for. This man wouldn’t go down without a fight. Even towards the end, hospice would say he had only had a few days left, and weeks would go by. When they said it was a matter of hours, no one believed them.

They obviously had no scale to properly measure Neil McNeill.

Neil was my wife’s grandfather and since both of mine had passed away years before I was even born, over the the 12 years I knew him, he became mine too. He was the most interesting man in my world, and he will be forever missed.

Peace out, Gramps.

So, tell me about that rash

A couple of months ago I noticed a rash on my wrist, under my Apple Watch. I didn’t put a lot of thought into it at first, made sure to clean the strap and back of the watch. Figured it was just from lack of skin breathing under the sport band, on a hot day, after a workout.

But the rash didn’t go away, it actually got worse, and it seemed to be localized to one spot on the back of my wrist, right where the metal clasp of the sports band rubbed by arm.

And it was getting painful.

My wife was the first to suggest that it looked like a nickel allergy. At first this seemed strange, why would Apple put nickel in the band? Everyone knows that can cause issues. So I did a little research.

The stainless steel in the Apple Watch and in the bands, is grade 316L, per Apple’s own site. It’s incredibly common in jewelry, medical implants, and other places where contact with the human body is a thing. It’s also easier to machine than other grades of stainless steel. But it has nickel in it. According to AZO Materials, about 10–14% of the composite is within spec for 316L.

Still, I’ve worn watches forever, and ever since I was a teenager they’ve all been watches with metal bands. Apple Watch was the first watch in probably 18 years that had a band made out of plastic. (Sorry, fluoroelastomer.) I started thinking back, and when I was about 15, I had a similar reaction on the top of my wrist that a doctor told me was because of the nickel in the back of a cheap watch, but I ditched the watch and it was never an issue again.

My wife suggested that I apply some nail polish to the back of the watch clasp to create a barrier between my skin and the watch. This didn’t last very long, within a day the polish had separated from the metal and stuck to my skin. I started to wear a bandage with some hydrocortisone cream on the irritation, under my watch. But this all seemed silly.

So, I called Apple.

The first person I spoke with instantly transferred me to a specialist the second I mentioned a rash and Apple Watch. They weren’t going to mess around. Tom took my case, and started to ask me a lot of questions about my usage of the watch, how often I wear it, what bands I use, if I shower with it, work out with it, how often do I clean it, etc. Then he started to ask medical questions like if I had asthma, allergies, other issues with jewelry, rashes on other areas, etc. And then questions about the rash specifically, what I was doing about it, what it looked like, did it hurt, was it raised, when did it appear.

The initial call took about an hour, and at the end he had me send 8 pictures of my wrist. Four with the watch on from all angles, and four without the watch on, including a closeup of the rash. Eventually he let me know that this would have to be escalated to engineering and that he’d give me a call once he heard back. It was the Saturday before the big fall announcement, so I didn’t expect anything back for a while. I was told to stop wearing the watch to see if the rash cleared up. Eventually I put the watch back on with a barrier and continued my hydrocortisone treatments. The rash went away.

That Thursday, Tom called, and after discussing the current status of the rash, advised me to try wearing the watch again to see if it returned. So I did, and it did.

Tom called back a few days later, and I let him know the rash had returned. He asked for more pictures, the same as before, which I sent over, and he said he’d call back in a couple of days once the case had been reviewed again.

Eventually, Tom called back and said that after reviewing the case Apple had determined that it was indeed a nickel allergy, and they’d be willing to process a return for the Watch. He also suggested trying an alternative band. I quickly told him I wasn’t interested in returning the watch, because despite the fact it’s slowly trying to kill me, I love it. I asked if under the circumstances I could get a discount or trade-in on another band, he said he’d find out and called back a little later with another woman from the customer support team.

She asked me what band I would be interested in, color, size, and then asked for my shipping address. She initially said she would call back the next day with more information but then about an hour later I got an email from Apple that they were sending me out a new medium black Leather Loop, at a $0 charge.

It arrives today.

For those of you who keep track, I’ve actually had the leather loop before, for about 18 hours. I bought it on an impulse. Twice, actually. The first time I ordered it with the watch before it shipped, but then cancelled it to give the sports band a proper evaluation. The second time, was in the store, but I had buyers remorse at the $150 price tag. (More accurately, I decided it wasn’t worth trying to justify to the wife.)

For now, I’m still sporting bandages under my watch, to clear up the second coming of the rash. My next problem is figuring out what to do about the fact that the leather band isn’t appropriate for working out in.

My other issue is that a week before I learned all this, I backed a Kickstarter for a stainless steel band to match the space grey aluminum watch. It’s made of 316L.

What I would like to see in the iPhone 6S Plus

Despite its increased screen resolution over the iPhone 6, the 6 Plus ships with the same 1 GB of RAM as its little brother. Any 6 Plus owner will attest that this leads to some stuttering and sluggishness at times. I’ve experienced audio tearing and apps crashing under load. It’s not awesome. It makes the 6 Plus look half-assed, and it makes me sad.

This is really my only complaint about the iPhone 6 Plus. The iPhone 6 doesn’t have these issues. Driving so much real estate at such high resolutions just needs more memory. It doesn’t happen often but when it does it’s such a buzzkill.

Otherwise, it’s a great phone and a few months after stepping up to it, I’m glad I did. I had an iPhone 6 at launch day, but back in April switched to the 6 Plus and gave my wife the regular 6. Like Stephen, there are some days where it’s a little cumbersome, and there are even days where I wish for the simplicity and ease of grip from a 4” iPhone 5 style device, but the reality is I’d have a hard time going back to anything smaller.

Java Jive

Yesterday my local paper posted an article about a new coffee shop that has opened up near my house.

Arshad said he has instilled his own requirements for quality in the restaurant. Most of the products used are kosher and organic and he uses organic fair-trade coffee.
And with that philosophy, he also balances the need for affordable prices. Arshad says he has accomplished that and maintains some of the lowest prices in the area. A large cup of coffee at Java Jive costs $1.95 while a small costs $1.50.

I’m all for supporting a local business, so this afternoon I decide to go check it out.

I just wanted to get a plain cup of coffee, nothing fancy. I look at the prices and a confirm what the article says a coffee is, $1.95. I ask the girl working there for one. She asks if I want milk in it. Sure.

“OK, that’s a latte” … Rings me up for a $4 drink.

No, I explain, I just want regular coffee.

“But you said you want milk? Did you mean a cappuccino?” and she points to the cappuccino machines in the corner that look just like the ones you see at a gas station turning powder and water into drinkable substance.

“No, plain, black coffee, with milk in it.” … She looks puzzled. Turns around at the board, looks at me, shrugs her shoulders and says …

“So, not a latte?”

I left and went to Starbucks.

(Thanks to @djchrisallen for pointing out how much like Larry David I’ve become.)

Flash zero-day, again

Symantec has confirmed the existence of a new zero-day vulnerability in Adobe Flash which could allow attackers to remotely execute code on a targeted computer. Since details of the vulnerability are now publicly available, it is likely attackers will move quickly to exploit it before a patch is issued.

I have been limiting my exposure to Flash for a while.

  • I use Safari as my daily browser. Flash is not installed directly on my Mac.
  • For anything that needs Flash, I use Chrome, where it’s integrated with the browser and automatically updated by the Chrome update process. It’s set in “Click to Run” mode, so it only activates when I let it.
  • In my Windows 10 VM, Flash is completely disabled in Microsoft Edge and Internet Explorer. It does have Java enabled, but for reasons beyond my control. (EMC and Cisco)

Now I just need VMware to quit writing every new web interface as Flash dependent.

The one thing hurting your company’s quest for talent

Some tech companies attempt to impede the natural flow of talent by tying the hand of employees with non-compete agreements. … It’s not hard to see why some companies like them. The whole point of these agreements is to discourage employees from seeking greener pastures.

In truth, there is no free lunch. … Tempting though they may be, non-competes are bad for everyone they touch, employees and employers alike. … The bottom line is that non-compete agreements are bad for business. They are anti-competitive and anti-capitalist. … They reduce productivity, create labor market inefficiencies, depress wages and discourage innovation.

Non-compete? More like non-competitive.