Category Archives: General Tech Stuff

2-factor Lync authentication and missing Exchange features

Two-factor authentication (or just 2FA) is increasingly important as a means of controlling access to a variety of systems. I’m delighted that SMS-based authentication  (which I wrote about in 2008), has become a de facto standard for many banks and online services. Microsoft bought PhoneFactor and offers its SMS-based system as part of multi-factor authentication for Azure, which makes it even easier to deploy 2FA in your own applications.

Customers have been demanding 2FA for Lync, Exchange, and other on-premises applications for a while now. Exchange supports the use of smart cards for authentication with Outlook Anywhere and OWA, and various third parties such as RSA have shipped authentication solutions that support other authentication factors, such as one-time codes or tokens. Lync, however, has been a little later to the party. With the July 2013 release of Lync Server 2013 CU2, Lync supports the use of smart cards (whether physical or virtual) as an authentication mechanism. Recently I became aware that there are some Lync features that aren’t available when the client authenticates with a smart card– that’s because the client authenticates to two different endpoints. It authenticates to Lync using two-factor authentication, but the Lync client can’t currently authenticate to Exchange using the same smart card, so services based on access through Exchange Web Services (EWS) won’t work. The docs say that this is “by design,” which I hope means “we didn’t have time to get to it yet.”

The result of this limitation means that Lync 2013 clients using 2FA cannot use several features, including

  • the Unified Contact Store. You’ll need to use Invoke-CsUcsRollback to disable Lync 2FA users’ UCS access if you’ve enabled it.
  • the ability to automatically set presence based on the user’s calendar state, i.e. the Lync client will no longer set your presence to “out of office”, “in a meeting,” etc. based on what’s on your calendar. Presence that indicates call states such as “in a conference call” still works.
  • integration with the Exchange-based Conversation History folder. If you’ve configured the use of Exchange 2013 as an archive for Lync on the server side, that still works.
  • Access to high-definition user photos
  • The ability to see and access Exchange UM voicemail messages from the Lync client

These limitations weren’t fixed in CU3, but I am hopeful that a not-too-distant future version of the client will enable full 2FA use. In the meantime, if you’re planning on using 2FA, keep these limitations in mind.

1 Comment

Filed under General Tech Stuff, UC&C

Need Windows licensing help? Better call Paul

No, I’m not giving it. That would be like me giving advice on how to do a pencil drawing, or what wine goes with In-N-Out Burger.

A year or so ago, I had a very complex Windows licensing questions that Microsoft was unable to answer. More to the point, no two Microsoft people were able to give me the same answer. I did a little digging and found Paul DeGroot of Pica Communications, author of the only book on Microsoft licensing that I know of. Paul quickly and clearly answered my question, and a couple of rounds of follow-up questions after that. Armed with his information, I was able to solve the particular problem I was having in a less expensive, less painful way than just buying all the licenses. As I was cleaning out my inbox, I found our discussion and remembered, guiltily, that I meant to mention Paul’s services earlier. Under the banner “better late than never” consider this a belated, and strong, recommendation.

Leave a comment

Filed under General Tech Stuff, UC&C

PC reliability: Apple, Dell, and lessons for servers?

Via Ed Bott, a fascinating article on real-world robustness from Windows 7 and Windows 8 PCs: Want the most reliable Windows PC? Buy a Mac (or maybe a Dell). You should read the article, which outlines a report issued by Soluto, a cloud-based PC health and service monitoring company. Their report analyzes data reported to their service by customers to attempt to answer the question of which manufacturer’s PCs are the most reliable. Apple’s 13″ MacBook Pro comes out on top, with Acer’s Aspire E1-571 coming in second and Dell’s XPS 13 in third. In fact, out of the top 10, Apple has two spots, Acer has two spots, and Dell has five. Ed points out that it’s odd that Hewlett-Packard doesn’t have any entries in the list, and that Lenovo (which I have long considered the gold standard for laptops not made by Apple) only has one.

The report, and Ed’s column, speculate on why the results came out this way. I don’t know enough about the PC laptop world to have a good feel for how many of the models on their list are consumer-targeted versus business-targeted, although they do include cost figures that help provide some clues. There’s no doubt that the amount of random crap that PC vendors shovel on to their machines makes a big difference in the results, although I have to suspect that the quality of vendor-provided drivers makes a bigger difference. Graphics drivers are especially critical, since they run in kernel mode and can easily crash the entire machine; the bundled crapware included by many vendors strikes me as more of an annoyance than a reliability hazard (at least in terms of unwanted reboots or  crashes.)

The results raise the interesting question of whether there are similar results for servers. Given that servers from major vendors such as Dell and H-P come with very clean Windows installs, I wouldn’t expect to see driver issues play a major part in server reliability. My intuition is that the basic hardware designs from tier 1 vendors are all roughly equal in reliability, and that components such as SAN HBAs or RAID controllers probably have a bigger negative impact on overall reliability than the servers themselves– but I don’t have data to back that up. I’m sure that server vendors do, and equally sure that they guard it jealously.

More broadly, it’s fascinating that we can even have this discussion.

First of all, the rise of cloud-based services like Soluto (and Microsoft’s own Windows Intune) means that now we have data that can tell us fascinating things. I remember that during the development period of Windows 2003, Microsoft spent a great deal of effort persuading customers to send them crash dumps for analysis. The analysis revealed that the top two causes of server failures were badly behaving drivers and administrator errors. There’s not much we can do about problem #2, but Microsoft attacked the first problem in a number of ways, including restructuring how drivers are loaded and introducing driver signing as a means of weeding out unstable or buggy drivers. But that was a huge engineering effort led by a single vendor, using data that only they had– and Microsoft certainly didn’t embarrass or praise any particular OEM based on the number of crashes their hardware and drivers had.

Second, Microsoft’s ongoing effort to turn itself into a software + services + devices company (or whatever they’re calling it this week) means that they are able to gather a huge wealth of data about usage and behavior. We’ve seen them use that data to design the Office fluent interface, redesign the Xbox 360 dashboard multiple times, and push a consistent visual design language across Windows 8, Windows Phone 8, Xbox 360, and apps for other platforms such as Xbox SmartGlass. It’s interesting to think about the kind of data they are gathering from operating Office 365, and what kind of patterns that might reveal. I can imagine that Microsoft would like to encourage Exchange 2013 customers to share data gathered by Managed Availability, but there are challenges in persuading customers to allow that data collection, so we’ll have to see what happens.

To the cloud…

1 Comment

Filed under General Tech Stuff, UC&C

Loading PowerShell snap-ins from a script

So I wanted to launch an Exchange Management Shell (EMS) script to do some stuff for a project at work. Normally this would be straightforward, but because of the way our virtualized lab environment works, it took me some fiddling to get it working.

What I needed to do was something like this:

c:\windows\system32\powershell\v1.0\powershell.exe -command "someStuff"

That worked fine as long as all I wanted to do was run basic PowerShell cmdlets. Once I started trying to run EMS cmdlets, things got considerably more complex because I needed a full EMS environment. First I had to deal with the fact that EMS, when it starts, tries to perform a CRL check. On a non-Internet-connected system, it will take 5 minutes or so to time out. I had completely forgotten this, so I spent some time fooling around with various combinations of RAM and virtual CPUs trying to figure out what the holdup was. Luckily Jeff Guillet set me straight when he pointed me to this article, helpfully titled “Configuring Exchange Servers Without Internet Access.” That cut the startup time waaaaay down.

However, I was still having a problem: my scripts wouldn’t run. They were complaining that “No snap-ins have been registered for Windows PowerShell version 2″. What the heck? Off to Bing I went, whereupon I found that most of the people reporting similar problems were trying to launch PowerShell.exe and load snap-ins from web-based applications. That puzzled me, so I did some more digging. Running my script from the PowerShell session that appears when you click the icon in the quick launch bar seemed to work OK. Directly running the executable by its path (i.e. %windir%\system32\powershell\v1.0\powershell.exe) worked OK too… but it didn’t work when I did the same thing from my script launcher.

Back to Bing I went. On about the fifth page of results, I found this gem at StackExchange. The first answer got me pointed in the right direction. I had completely forgotten about file system virtualization, the Windows security feature that, as a side effect, helps erase the distinction between x64 and x86 binaries by automatically loading the proper executable even when you supply the “wrong” path. In my case, I wanted the x64 version of PowerShell, but that’s not always what I was getting because my script launcher is a 32-bit x86 process. When it launched PowerShell.exe from any path, I was getting the x86 version, which can’t load x64 snap-ins and thus couldn’t run EMS.

The solution? All I had to do was read a bit further down in the StackExchange article to see this MSDN article on developing applications for SharePoint Foundation, which points out that you must use %windir%\sysnative as the path when running PowerShell scripts after a Visual Studio build. Why? Because Visual Studio is a 32-bit application, but the SharePoint snap-in is x64 and must be run from an x64 PowerShell session… just like Exchange.

Armed with that knowledge, I modified my scripts to run PowerShell using sysnative vice the “real” path and poof! Problem solved. (Thanks also to Michael B. Smith for some bonus assistance.)

1 Comment

Filed under General Tech Stuff, UC&C

Coming soon: do-it-yourself armed drones

I recently finished Daniel Suarez’s excellent thriller Kill Decision. The major plot point: parties unknown have been releasing autonomous, armed drones that are killing people in a variety of ways. The drones are capable of insect-level intelligence and swarming behavior, and of autonomously finding human targets and bombing or shooting them. Suarez asks a fairly provocative question: would America’s love affair with drones change if other countries, or criminal syndicates, or even individuals had them and used them as freely in the US as we use them elsewhere? Great plot, well-written, and solid characterizations– by far the best of his books so far. Highly recommended.

Anyway, with that in mind, I saw an article on the Lawfare blog about a guy who equipped an inexpensive commercial drone with a paintball marker. This video shows it in action, hitting targets easily while maneuvering slowly. The video’s a little fear-monger-y, but the narrator is right: “it seems inevitable” that these drones will be used in ways the manufacturer didn’t anticipate.  I sent the video to a couple of coworkers, one of whom asked “I wonder how hard it is to shoot accurately with it?” That got me to thinking… so off the top of my head, I jotted down a few factors that would affect the accuracy of a firearm-equipped drone. Note that here I’m talking about an autonomous UAV, not a remotely-piloted, man-in-the-loop drone. 

  • What’s it for? What kind of range and endurance do you need? It would be easy to build a sort of launch rack that would launch a drone to check out a target that triggered a tripwire, motion detector, etc. It’d be a little harder to build one that could autonomously navigate, but definitely doable– as Paul proved with his Charlie-following project. See also: the Burrito Bomber, which can follow waypoints and then deliver a payload on target.  Drones to sneak into somewhere and snipe a single target would have different range/payload requirements than a patrol or incident-reponse drone. This drives the weight of the drone (since more range requires more fuel).
  • What’s it packing? The purpose of the drone dictates what kind of firearm you want it to carry. Some of Suarez’s drones had short-barrelled .38 pistols, which are plenty good enough to kill from close range but wouldn’t be very accurate past around 35 feet or so. A longer barrel and a heavier round would provide better accuracy, at the cost of weight and size.
  • How much range do you need? A sniper drone that can shoot targets from 1500yds is definitely feasible— use a .50 Barrett, for example. It would be heavy and range-limited, though, unless you wanted to make it bigger. In general, heavier bullets are more stable and give you better accuracy, but they’re heavier to carry and shoot.
  • How stable is the drone? A light drone that’s sensitive to wind, etc. will be harder-pressed to make accurate shots. Gyrostabilizing the gun platform would help, but it would add a weight and cost penalty (including for power for the gyros, plus the gyros themselves). The bigger the drone, the more sensors, power, and ammo you can carry… but the more noise, infrared, and visual signature it creates. A small sneaky drone may be a better deal than a large, more powerful one.
  • What can you see? In other words, what kind of sensors do you have for aiming? How good is their resolution and range? Do they have to be automated? If so, you need to be able to either fire at the centroid of the target or track interesting parts, like wheels of a truck or a person’s head), using machine vision. 
  • Where are you pointing the gun, and how accurate can you be? What kind of angular resolution does the gun-pointing system have? If you’re willing to slow to a dead hover, or nearly so, you can be very accurate (as in the video above). If you want to go faster, you’ll have a more challenging set of requirements– you have to be able to point the gun while the drone’s moving, and changing its aim point means fighting inertia in a way you don’t have to worry about in a hover.

There are lots of other more subtle considerations, I’m sure; these are just what I came up with in 5 minutes. Any engineer, pilot, or armorer could come up with a couple dozen more without too much effort. Of course, you could just buy a pre made system like this one from Autocopter. Isn’t it great to know they’ll lease you as many UAVs as you need? Just for a ballpark figure, Autocopter quotes an 8Kg payload on their smallest drones– figure 3Kg for a cut-down M4 and that leaves you a reasonable 5Kg for sensors, guidance, navigation, and control.

What could you do with such drones? The mind boggles. Imagine that, say, your favorite Mexican drug cartel cooked up a bunch of these in their machine shops and used them to guard the pot farms they run in national forests. Or say the white-supremacy militia guys in Idaho built some for sovereign defense. Or suppose you built 100 or so of them, staged them inside an empty 18-wheeler with a tarp over the top, then launched them into Candlestick Park during a 49ers game. There are all sorts of movie-plot-worthy applications for these drones, to say nothing of the ones Suarez wrote about.

Meanwhile, the February 2013 NASA Aviation Safety Reporting System (ASRS) newsletter is full of safety reports filed after drones got into airspace where they weren’t supposed to be… and these were piloted, unarmed drones. How careful do you think these hypothetical armed drones would be about respecting the National Airspace System? I think I’ll be extra careful when flying around… that smudge on the windscreen might turn out to be an armed autonomous drone.

Leave a comment

Filed under Aviation, General Tech Stuff, Musings

Surface Pro first impressions

Saturday morning I decided, more or less on the spur of the moment, to try to grab a Surface Pro and try it out. This follows a well-established pattern; I wasn’t going to buy an Xbox 360 when it first came out, or an iPhone, and yet somehow on launch day I ended up with both of those. Anyway…

After some fruitless searching, Tom and I found a local Staples that had a 64GB Surface Pro. This was no mean trick because Huntsville doesn’t have a Microsoft Store (I know, right?) and the local Best Buys got zero stock. In fact, as far as I could tell there were none shipped to stores in Memphis, Nashville, Birmingham, or Atlanta. I’m betting that at least the Atlanta region got a handful but those sold out. Anyway, my local Staples stores apparently got 1 64GB unit apiece, so I went out and grabbed one. Total cost with the Type Cover and sales tax was $1111.

This isn’t a review; it’s more a collection of observations, since I don’t have time at the moment to string together a coherent narrative instead of just giving you factoids and observations. Thus this post is worth what you’ve paid for it :)

The hardware build quality is superb. It’s true that the device is thicker and heavier than an iPad, but it’s much lighter and smaller than my 15″ MacBook Pro. I was able to comfortably use it on my lap while on the sofa. One thing I didn’t expect: the Type Cover flexes more than I thought it would. I guess I hit the keys hard or something. This was a little disconcerting at first. The kickstand works very well, and I’ve gotten used to the odd feel of having the Type Cover folded around the back of the unit.

Setup was simple: I signed in with my Microsoft account and it synced all of my profile information. SkyDrive works beautifully, as do all the other Microsoft services (notably Xbox LIVE). I’m glad to have multiple accounts on the device, because the kids cannot get enough of playing with it. They’re used to the iPad and don’t think of it as remarkable, but all of them are fascinated by the Surface. David’s used it for two homework assignments– in preference to his Win7 laptop; Tom is fascinated by the pen interface; and Matt likes that he can play all the Flash-based games that don’t work on the iPad.

The Surface Pro is fast. It boots fast, apps run fast, and the UI performance is “fast and fluid,” to coin a phrase. It does have a fan, and in a silent room you can hear it when it kicks in, but it’s not obtrusive– it’s quieter than the fans in my MBP, for example. 

Battery life? Haven’t tested it, don’t much care. If I want to just browse and watch, I’ll use the iPad, with its excellent battery life. The Surface Pro is an adjunct to, and replacement for, my “real” laptop, which means a 4-5 hour battery life will suit me just fine. I do want to see whether I can charge it with my external 10Ah battery (the excellent RAVPower Dynamo), though I’ll need an adapter.

Setting up VPN access to my office network was trivial. Lync MX won’t work until I get some more server-side plumbing set up. I tried to sign in to the desktop version of Lync 2013 and couldn’t because I didn’t have the necessary server certificate– but going to the Windows Server CA page with IE 10 resulted in a message from the server telling me that my browser couldn’t be used to request a certificate, even though all I wanted to do was download the CA chain. I’ll have to look into this.

And speaking of desktop access: I was easily able to turn on RDP access and hit the tablet from my Mac, but there’s a bug in CoRD that makes the cursor sometimes disappear. I haven’t tried Microsoft’s (lame and poorly maintained) RDP client, nor have I tried RDP from a Windows machine. Just to see what would happen, I plugged the cable from my desktop monitor into the Surface Pro’s mini-Display Port and immediately got a beautiful, mirrored 1920 x 1080 desktop, as expected. 

As many other reviewers have noted it’s a little disorienting at first to have two separate environments: desktop and Metro. However, since I can alt-Tab to switch between apps, in practice that has been absolutely no problem for me. The lack of a Start menu is a bit aggravating, but again, there’s an easy solution: tap the Windows key and start typing. Problem solved.

One night, I sat on the sofa using Word 2013 on the Surface Pro to revise a book chapter. This worked very well; I much prefer the UI of Word 2013 to Word 2011 on the Mac. I didn’t try using any pen input as part of my editing workflow, although that’s on my to-do list.

The smaller physical size of the Surface Pro compared to the MBP is a great asset; I’m looking forward to using it on commercial flights. The Ars Technica review shows the Surface as having a larger footprint than the MBP, but that ignores the fact that you have to open the MBP to use it, and when you do, the screen won’t be at 90° to the bottom– it’ll be tilted further back, which is where the footprint problem comes from. In that configuration the MBP screen impinges on the seatback space, which is how laptops get broken by reclining seats.

I tried running Outlook 2013, flipping out the kickstand, and using the Surface as a calendar display sitting next to my main screen. It’s a fantastic size to use as an adjunct display like that; I could have multiple browser windows (American, Delta, and plastered all over my man 2560 x 1440 desktop and still have glance-able calendar access.

Bottom line: I’m well pleased with the Surface Pro so far and will be swapping out my 64GB unit for a 128GB unit as soon as I can find one in stock.

1 Comment

Filed under General Tech Stuff, Reviews

Skype automatic updates: in-app vs Microsoft Update

One of the problems I most often run into when working with Windows machines is the way updates work. Microsoft has made great strides in improving the update experience for Windows and for Microsoft applications; compared to the steaming pile of filth that is Adobe’s updater, for example, or the mishmash of every-app-its-own-update-client behavior common on the Mac, Microsoft Update is pretty smooth.

But what about Skype? It’s now a Microsoft application, so you’d expect it to receive updates through Microsoft Update… and it does. However, it also has its own update mechanism. What gives?

Here’s a solid explanation, which Doug Neal of the Microsoft Update team was kind enough to let me republish. (My comments are italicized):/p>

While we’re still working through the best way to complement the updating system available via Skype, here are some insights that may explain the differences:

Skype 5.8 [released nearly a year ago] introduced a Skype-based auto-updating features unrelated to any Microsoft technology (and before knowledge of the merger). This updating service will remain for the foreseeable future – and is Skype’s method of offering updates on a more frequent basis than Microsoft Update. These settings and consent to update via Skype’s updating service can be controlled via the Skype | Options | Automatic Updates setting – which also provides a link to more information on Skype’s updating approach via their updater. These updates via the Skype updater can include major and incremental updates. [in other words, the Skype app can pull both minor updates and entire new versions through its built-in update mechanism, as do many other third-party apps on Windows and OS X. ]

As a new addition to the products supported via Microsoft Update, only major versions of Skype are made available via MU. Consent to automatically update via Microsoft Update is granted via Microsoft Update opt-in – the same opt-in experience available via Windows Control Panel | Windows Update | Change Settings. [So MU may offer you major versions, which is useful if you don't now about ]

So, updating Skype via Skype’s updating service is controlled from within the Skype application. This updating experience may include various Skype-specific reminders and prompts that a newer update is available. Turning off updates here will reduced the number of incremental updates your Skype client will receive assuming Microsoft Update is still enabled to provide more major, less-frequent updates to Skype.

Updating via Microsoft Update will only occur for major versions and is controlled within the Windows Update control panel – the same place for all Microsoft product updates. Turning off Microsoft Updates is not recommended – and will result in preventing any updates from Microsoft for all 60+ products supported by Microsoft including security updates. The updating experience for Skype will be the same as you expect for all other Microsoft Updates, namely that unmanaged consumer PCs will see these as Important updates with no UI (applied automatically), or to managed PCs via WSUS/SCCM admin approval.

Having a single update mechanism, à la the iTunes App Store and the Windows Phone Marketplace, certainly seems to be the best model for end users: all app updates are packaged and available on demand in a single location. On the other hand, putting the responsibility for applying security-critical updates in the hands of end users, instead of in a centralized patch management system driven by WSUS or equivalent, is a terrible idea for the enterprise. Having a hybrid approach like this is a compromise, albeit an unintentional one, that may deliver the better aspects of each approach. Long-term I’d like to see the major OS vendors offer a flexible method of combining both vendor-specific OS/app updates with opt-in updates provided by third parties– something like the existing Marketplace combined with the controls and reporting in WSUS would be ideal. Here’s hoping…

Leave a comment

Filed under General Tech Stuff, Security

Thursday trivia #84

  • Joel Gascoigne has some interesting advice about the value of setting a morning routine. I haven’t been successful in doing that lately, but the benefits are sure appealing.
  • Amazon’s new AutoRip service is very cool: buy a physical CD and it shows up in your Amazon Cloud Player. The best part: it’s retroactive, so CDs you bought from Amazon in the past are automatically included.
  • Why the Gun Is Civilization.” Read it and tell me if you find it persuasive in the comments.
  • If your doctor carries a purse, you should be very afraid. (Bonus: now I know what “fomite” means.)
  • Hey, the Lenovo A720 (which seemed to have gone missing over the holidays) is back, in a single configuration, at Lenovo’s site.
  • Protip: if you use the Lync 2010 topology builder to add a new Lync standard edition server to your topology, do not then try to use the Lync 2013 deployment wizard to install Lync 2013 on it unless you like swearing and error logs.
  • This year is the 150th anniversary of both the Emancipation Proclamation and the London Underground.
  • Nearly done with the unified messaging chapter for the book– it’s a game of incremental progress, but I’m slowly getting back into the groove.

Leave a comment

Filed under General Tech Stuff

CrashPlan “Cannot connect to backup engine” errors on Mac OS X

I recently updated to Java 1.7 for work, and after doing so I noticed that CrashPlan was no longer performing backups. (I’m a bit ashamed to admit how long it took for me to notice though!) The company’s support forum suggests uninstalling and reinstalling the client, which didn’t fix the problem. A bit more searching identified the problem: CrashPlan expects Java 1.6, the official Apple version, and it gets unhappy if you replace that with 1.7. The instructions here outline a workaround: you have to stop the CrashPlan background service, modify its configuration file to point to the official-Apple version of Java, and then restart the service. Happy backups!

Leave a comment

Filed under General Tech Stuff, OS X

Microsoft wins UK case vs Motorola Mobility/Google

Earlier this year I had the unique (to me) opportunity to serve as a technical expert witness in a court case in the UK. Tony’s already written about the case but I wanted to add my perspective.

I was contacted by Bird and Bird to see if I might be willing and able to act as a technical expert in a court case; that’s all they said at first. The nature of the questions they were asking soon clued me in that the case involved Exchange ActiveSync and multiple-point-of-presence (MPOP) support for presence publishing– two completely separate technologies which Motorola/Google had lumped together in this case.  .

My role was to perform a wire-level analysis of the protocols in question: EAS, SIP/SIMPLE as implemented in Lync, and the Windows Live Messenger protocol. For each of these protocols, my job was to produce an accurate, annotated packet capture showing exactly what happened when multiple devices synchronized with the same account, and when the status on one device changed.

This isn’t what most people think of when they think of expert testimony; in courtroom dramas and books, it always seems like the expert is being asked to provide an opinion, or being cross-examined on the validity of their opinion. No one wanted my opinion in this case (which is perfectly normal), just for me to to accurately and impartially report what was happening on the wire.

This proved to be incredibly interesting from a technical standpoint. Like most administrators, it had never really occurred to me to look into the depths of the EAS protocol itself to see exactly what bits were being passed on the wire. After a great deal of study of the ActiveSync protocol documentation and many a late night slaving away over Wireshark and Network Monitor captures, I’d produced a report that showed the actual network traffic that passed between client(s) and server for a variety of test scenarios, along with an explanation of the contents of the packets and how they related to user action on the device.

Along the way, I gained a new appreciation for the economy of design of these protocols– it’s surprising how efficient they are when you look at them at such a low level. (And a shout out to Eric Lawrence for his incredibly useful Fiddler tool, which made it much easier for me to get the required data into a usable format.) I found a few bugs in Wireshark, learned more than I wanted to about SSL provisioning on Windows Phone 7.5 devices, and generally had a grand time. I particularly enjoyed working with the attorneys at Bird and Bird, who were quite sharp and had lovely accents to boot. (I’m not sure they enjoyed my accent quite as much, but oh well.)

When I finished my report, I submitted it to Bird and Bird and that was the last I heard of the case until today, when Mr. Justice Arnold issued his ruling. It was submitted as part of Microsoft’s justification explaining why their implementations did not infringe on Motorola’s patent; the purpose of having an annotated set of packet captures was to clearly illustrate the differences between the claimed innovations in the patent and Microsoft’s implementation to show why Microsoft wasn’t infringing.

Florian Mueller has a good summary of the case that highlights something I didn’t know: the patent at issue is the only one on which an Android manufacturer is currently enforcing an injunction against Apple. I am no patent attorney, but it would seem that Apple might have grounds to have this injunction lifted. It will be interesting to see what happens in the related German court cases that Muller cites, but it’s hard for this layman to see any other likely result besides a Microsoft win… but we will see.

Leave a comment

Filed under General Tech Stuff, UC&C

More on the Lenovo A720

It turns out that I was perhaps a little hasty in dismissing the Lenovo A720. If you use the link that Google and Bing offer when searching for “Lenovo A720,” the Best Buy page you get says that the product couldn’t be found; searching for the SKU embedded in the link returns no results. However, searching Best Buy’s site itself for “Lenovo A720″ does bring up a grand total of 1 A720 configuration: 6GB of RAM, 2.5GHz Core i5, 1TB hard drive, and a 1920×1080 27″ multitouch display with a BluRay player.

Best Buy shows that they have the A720 in stock, but only for shipping; it’s not in stores. I didn’t try to order one, so it’s possible that they are exaggerating their stock on hand.

The least expensive 27″ iMac is $1799, which buys you more RAM (8GB), a faster CPU (2.9GHz Core i5), and a 2560×1440 screen. The iMac lacks the A720′s touchscreen, but it can be configured with a larger hard drive (including Apple’s Fusion hybrid SSD/conventional disk) and more RAM (max of 32GB vice the A720′s 8GB.)

Is this a price premium? For your $300, you get a higher-resolution (and, probably, higher-quality; Apple’s iMac displays are very, very good) display, more RAM, and a faster CPU, but you lose the touchscreen. I am not convinced of the value of touchscreens for desktops for the kind of work that I do, so that might not be a bad tradeoff.

However, the iMac isn’t itself available from Apple’s website until January, so the comparison is a bit of a moot point as this juncture. I’ll write another post once the highest-end models from both vendors are actually, y’know, shipping; comparing vaporware or you-can’t-have-it-ware is pretty pointless.


Filed under General Tech Stuff

Where is the Lenovo A720?

About a year ago, I wrote an article examining whether there really was a price premium for Apple laptops. My conclusion: yes, in some cases. A short while ago, Apple introduced a new line of iMac all-in-one computers, and, that same day, Dan Holme and I got to debating their merits on Twitter. Dan is a big fan of Lenovo’s all-in-one desktops, about which I knew little, so I decided to do some digging.

I wanted to see if Apple was able to get a price premium for their all-in-one computers compared to comparable Windows 8 machines. Dan said he’s a fan of the Lenovo A720, which looks like a pretty spiffy machine. I went to Lenovo’s site on 23 October and found that there are 4 A720 models ranging in price from $1949 down to $1469. (These were sale prices; the Lenovo site had a prominent banner pointing out that their sale prices would be in effect for a week or so.) The highest-end machine shown on their site was an A720 – 25647CU. Your $1949 buys a quad-core 2.3GHz Core i7 CPU, 8GB of RAM, a 1TB disk with a 64GB SSD, and a 27″ 1920 x 1080 27″ multi-touch screen. This particular machine also includes a TV tuner and a Blu-ray optical drive. You can’t get a bigger drive, more RAM, or a better graphics card through the usual configure-to-order process.

At that time Apple hadn’t announced availability dates for the new iMacs, so I put this post aside as a draft. I went back to Lenovo’s site on 3 December and found that the A720 models are all listed as “out of stock.” I checked again 19 December and found they were still out of stock. This is odd, given that we are the height of the holiday buying season; rather than a page that says “out of stock- try back later” you’d think Lenovo would be trying to capture my money somehow.

Interestingly, if you use Google or Bing to search for “Lenovo A720,” the first two sponsored results are for Best Buy and Amazon. The Best Buy link 404s, and the Amazon link leads to a single used A720.

So where did the A720s all go?

Searches for phrases like “A720 delay” don’t bring up any results. Perhaps Lenovo is selling A720s as fast as they can make them, or perhaps there’s some issue with their production or distribution. Regardless, if you cannot actually buy one, the question of whether they are less expensive than Apple’s nearest equivalent isn’t very interesting. I look forward to revisiting the question once the A720, or its successor, resurfaces.


Filed under General Tech Stuff

Lumia 920 days 2-5 review

I’m getting settled in to using the Lumia 920 as my daily phone. In some ways this is a big change, but in other ways it isn’t, as I’d been using the Lumia 800 a fair amount over the last few months as an alternate device.

Let me start by talking about connectivity. I’m not talking about just network connectivity, although that so far has been excellent. Even on AT&T’s crappy Bay Area network, I have yet to have a call drop or data service outage, even in notorious bad spots like right across the street from Pizz’a Chicago. No, I’m talking about physical and sync connectivity, beginning with sync connectivity.

I miss wireless sync; at least with Mac OS X, WP8 devices have to physically be plugged in to sync. The Windows Phone connector software has flaked out on me a few times this week. First it refused to sync anything at all, with only a useless error saying that some items couldn’t be synced. This turned out to be because of the OS X sandboxing feature, which prevents the WP connector from accessing music in the iTunes library folder. It’s easy to fix with the “Allow Access to Folder” command, but finding this out required a tedious slog through Microsoft’s support forum. Then yesterday, after updating to Office 2011 14.2.5, the WP connector started crashing each time I plugged the phone in. Back to the forum I went, where I found this article… that turned out not to be the problem. I posted the issue to the forum but haven’t gotten a response yet.

(At this point, lest you think me a hater, I would point out that Apple has exactly the same terrible support process: find an issue, post a plaintive query in their support forums, and hope that someone can help you out– or, alternatively, trek to the store and see if they can help you.)

Now, about the physical connection– the Lumia 920 uses a micro-USB connector. This is perfectly OK with me, as I have other devices that use the same connector, and I have Bluetooth audio streaming in my car. However, the port on the 920 is a little finicky; you have to push the connector firmly into it to ensure that it actually charges, as I found when I awoke one morning and found the phone dead because it hadn’t charged overnight while plugged in.

And speaking of battery life: I’d have to label it adequate. I get about a day’s worth of use, meaning that I leave home in the morning with a full charge and usually need to give the phone a snack sometime between 5 and 8 pm to get a full day’s use. This is essentially what I was getting from the iPhone 4, although the 920 has a bigger screen and LTE. Seems like a fair trade.

Oh, and one more miscellaneous hardware issue: the 920 screen shows fingerprints and smudges much more than the iPhone or Lumia 800. This is a bit annoying, but easily remedied.

The apps I’ve been using have continued to work well. I love the way that the Photos live tile displays my airplane photos; the motion of the live tile looks slick. The Facebook app has a number of annoyances, like insisting on scrolling up to the top of my news feed after I comment on or like any item in the feed.

My limited experience with the newly-released Skype app has been positive: it works well and looks good, though I haven’t tried it for any video calls yet.

The only app-related complaint I have involves Bluetooth music playback in the car: the phone will sometimes freeze for up to a minute. During that time I see the lock screen background, with nothing drawn on it, and the phone’s not responsive to the hardware controls, nor do the stereo controls trigger any action. This has happened three times so far, all at times when I got in the car, started it, and wanted to listen to music. I’m not sure what’s going on with it, but it’s definitely annoying.

Now, on to this installment of “Really?”: things that aren’t present in the hardware or software but really should be. I noticed that WP8 doesn’t seem to have a screen rotation lock, which is a bit of a hassle. I still really miss the hardware mute switch of the iPhone line. In fact, I will continue to miss it for a long time because of the ridiculous way that WP8 implements volume, at least as far as I can tell. If I turn the volume to mute so that the phone vibrates for alerts, that also turns off all sounds for everything on the phone– including Bluetooth audio and even listening to a voicemail message on the internal speaker. Phone calls aren’t affected, though, but this seems like a ridiculous design. I haven’t checked to see if there’s a separate volume level for headphone use, but I bet there isn’t.

Luckily alarms are unaffected, which reminds me of another missing feature: the ability to wake to music by setting a song as an alarm.

Apart from these quirks, the phone is a delight to use. I have the home screen set up the way I want it, and the pervasive use of live tiles really makes it easy for me to quickly see what’s what. The soft keyboard is a vast improvement over the one in iOS, and the autocorrect feature makes it absurdly simple to fix misspellings or to add new words to the dictionary. And I can’t say enough good about the color fidelity or display quality of the screen: it is simply gorgeous.

Tomorrow I’m flying to Huntsville, without my iPhone, so we’ll see how the WP8 experience stacks up for travel use. I’ve got MyTrips (a TripIt client) and the American Airlines app all loaded, so I expect good things.


Filed under General Tech Stuff, Reviews, UC&C

Lumia 920 day 1 review

Saying “day 1″ is a bit of a misnomer, since I’ve only had the phone since about noon, but I wanted to capture a few of my initial thoughts from using it during a typical weekend day: getting directions, handling e-mail and Facebook, and so on. I’ll keep posting these “day X” reviews every so often when I have more to say about the phone and OS.

I bought a black 920 at the Palo Alto AT&T store; I wanted a red one, but they were sold out of everything except black. In fact, I got the last one. That’s pretty impressive considering that we’re in the heart of Apple territory here. I bought the no-contract version; with a free wireless charging plate (which AT&T didn’t have; they’re shipping it separately) the total was about $438. For that I got… a very large phone. It feels disconcertingly large, in fact, and that’s the first thing I had to get used to.

Windows Phone 8 feels very familiar because I’m familiar with WP7.5. However, please note that there is a lot I don’t know about it, so some of the things I mention below may have fixes or workarounds that I just don’t know about. A few observations:

  • AT&T’s LTE coverage in and around Palo Alto is worlds better than their HSDPA coverage so far. I got a good signal in my parking garage and at a couple of the well-known dead spots along El Camino Real. I’m looking forward to seeing what happens when I hit the Page Mill & Hanover intersection, which usually kills calls dead. 
  • Hotspot access was easy to set up, but my iPhone 4 won’t connect to it. I had the same problem using WP7.5 on a different Lumia with the same iPhone, so I’m not sure where the culprit is.
  • Nokia Music is nifty– like a cross between Spotify and Pandora. Having said that, there’s no Spotify app (see below). I am not sure that I’m ready to make the leap to Xbox Music just yet.
  • I’m glad that the 920 has 32GB of storage built-in. This strikes me as the minimum that would be useful for me.
  • When my car stereo (the JVC KW-NT500HDT) is paired with the phone and switched to use Bluetooth audio, there’s a faint crackling sound. It’s audible any time there’s not “real” audio playing, e.g. in the gaps between songs. The Lumia 800 didn’t do this so I suspect some aspect of the WP8 BT stack is to blame.
  • The Windows Phone sync app for Mac OS X is flaky. Sometimes it doesn’t notice that the phone is plugged in, so it won’t sync. Other times it displays mysterious errors indicating that songs couldn’t be synced (and telling me which songs), but not why.


I have several dozen apps on my iPhone, most of which I rarely if ever use. The only apps I wished I had today were Spotify, Skype, and an app I use for checking aviation weather called AeroWeather Pro. There’s a close equivalent, Aviation Weather, that might do the trick; Skype for WP8 is on the way, and I am optimistic about Spotify. Apart from that, the major apps I need (Kindle, Google Reader, USAA, Netflix, Facebook, American Airlines, Fandango, Delta, Instapaper, Evernote) all have WP8 versions. Some of the other apps that would be nice to have, but not mandatory, include the client app for Safeway and Zynga’s Drop7, along with several specific aviation apps (CloudAhoy and the ForeFlight suite chief among them.)

Perhaps the biggest missing item from the phone is something that I don’t think it will ever have: iMessage. Many of my friends and family members have iOS devices– including all 3 of my kids– and switching back over to SMS-only messaging means I lose some functionality.

I can’t comment on battery life; the phone was not fully charged when I got it, I used it heavily all day, and it hasn’t been fully charged yet. I’m interested to see whether it outlasts the iPhone 4′s battery life (which should be easy!)

And two items from the “Seriously?” file: there’s no built-in timer, which is something that ancient generations of Nokia dumb phones have had since time immemorial, and there’s no way to set a custom text tone for an individual contact (although you can set per-person ringtones.)
More tomorrow when the phone journeys to work with me for the first time…


Filed under General Tech Stuff, Reviews

Extremely short Surface RT & Lumia 920 reviews

Palo Alto is lucky enough to have a Microsoft Store, one of just a handful of cities so favored. I’d been wanting to spend a little time looking at the Surface RT and the Lumia 920, both of which are on my things-to-maybe-buy list. I drove over after work and spent half an hour playing with both devices. Herewith my first impressions:

  • The hardware build quality of both is superb. The kickstand is just as good as you’ve heard. The Surface felt great in hand in both portrait and landscape modes; its weight and balance are good. 
  • Despite the fact that neither device has the same resolution as its Apple retina counterparts, the image and screen quality of both devices are on a par with the iPad 3 and iPhone 4 that I currently have.
  • The Touch Cover for Surface is light and thin, but I couldn’t type on it worth a hoot. On the other hand, with the Type Cover I could sit down and rip out text just as I do on my laptop– faster, in fact, than I was ever able to do with Apple’s keyboard dock for the iPad. The weight and thickness of the Surface with the Type Cover was still quite acceptable. It feels a little weird when you flip the Type Cover over to the back, though– I’m not used to feeling keys on the back of my tablet.
  • I didn’t run into any of the performance problems or stuttering I’ve seen mentioned in web reviews but I didn’t play any video.
  • Being able to split the screen in landscape mode and have two apps side-by-side could be extremely useful.
  • My Word 2013 experience was excellent. I may go back tomorrow with some of my book and magazine docs on a USB stick and see how it handles them.

I suppose the biggest problem I have with the Surface is deciding what I’d do with it. I have an iPad which is a great reader, RSS scanner, and so on, but I don’t use it for real work due to its lack of a keyboard. I could add one, but I haven’t. It’s not clear to me that carrying a Surface would be better for my writing-oriented work than just carrying my MacBook Pro (though the Surface is much, much lighter). This will require some further reflection. I love the idea of having a lightweight, go-anywhere machine that can run a full-horsepower version of Word and PowerPoint, but I’m not sure how much I’d use that versus a full-blown laptop that can also run VMs and other kinds of software.

I spent less time on the Lumia 920, though this is arguably my more pressing need; the proximity sensor and speakerphone mic on my iPhone are both dead, so sometimes when I put the phone up to my ear I accidentally press the speakerphone icon, at which point whoever I’m talking to can no longer hear me.

  • The glass and plastic of the case on the Lumia 920 is absolutely gorgeous. I only got to see it in red, but the visual and tactile experience is top-notch.
  • I love the effect that multiple tile sizes brings to the home screen, and I can immediately see how that would give me a much more useful setup than iOS 6 does.
  • WP8 has many innovative touches, like the Lens feature of the camera app. Plus I know several folks on the WP8 team, which is nice. Double plus, 
  • I already have WP versions of almost all the major applications I use. Exceptions include ForeFlight’s apps (which I would run on an iPad in the airplane anyway), AeroWeather Pro, Yahoo Instant Messenger, and specialty apps like those for Safeway and Starbucks stores. I am reminded that the number of apps I have is much higher than the number of apps I regularly use.
  • iMessage is probably the stickiest of all the apps I use– it’s the main way I keep in touch with my kids, for example. I don’t see moving all of my correspondents to Skype as a likely outcome.
  • Because the 920 uses the same size SIM as my iPhone 4 does, so I could just swap SIMs when I needed a particular device.
  • The 920 feels freakishly large compared to the iPhone 4 or the Lumia 800 that I now have. I compared the Lumia 820 and found that it too was larger than I would like. This may yet be a deal breaker.

There are still a few things that I think would hamper integrating these two devices into my workflow. For the Surface, the biggest is probably lack of a native SkyDrive app that can sync from the cloud to the local device. I’m not always someplace where I have Internet connectivity. Since the Surface has a built-in SD card slot, I could keep my docs on a card and then just sync it to my laptop using ChronoSync or similar, but this seems unnecessarily clunky. Jeremy wasn’t crazy about the built-in mail client, and that’s potentially a problem as well.

The problems with the phone aren’t as major– I’ve been swapping between the Lumia 800 and the iPhone just fine, so putting a 920 into rotation should be perfectly feasible. First, though, I need Microsoft’s help in fixing a vexing sync problem that I’m having with my Windows Live ID…

Leave a comment

Filed under General Tech Stuff