My computer and operating system have this wonderful process that connects email to address books and calendars. Recognizing that addresses and dates are often sent in email, the developers were smart enough to remove the friction of cutting and pasting these things into other applications. If there's an address, the email program recognizes it, and clicking on the address will take you to a map, or add the information to the address book. Similarly, the program recognizes dates, and if you click on a date, it'll take you to the calendar and create an event.
So what does my workplace do? Sends out invitations and notifications in PDF format, instead of plain text (or at worst, HTML), which of course defeats the recognition algorithms. It's worse than it was before, because now I can't even cut and paste – I have to memorize it and copy it to the calendar by hand.
Yay?
Similarly, the computer has a wonderful search and indexing system, which allows me not to organize emails or files anymore. I just search for the term that I want, or the date, and it finds things. And because we're not allowed to use Dropbox, I'd email files to myself in order to have them available on all my computers. The search function made them easier to find, six months or a year later.
What does my workplace do? It adopts a non-standards compliant email server system [1] which apparently can't handle large amounts of email (by which I mean normal amounts of email) [2]. So they archive all emails and attachments, making them – unsearchable. They no longer exist on my hard drive. I have to log in to a separate server to get attachments. Of course this server is not available off campus without shenanigans, or at all if you happen to be trying to work someplace without a working internet connection. Like, say, the last hotel I stayed at on business. And the indexing program can't index what doesn't exist anymore.
So we're back to where we were before we started, and perhaps a bit worse. Never underestimate the power of bureaucrats and IT sysadmins to make their jobs easier at the expense of the people they nominally support, and without whom they would not exist.
Being clever, I got around this by forwarding my email to another server (still workplace, so violating no rules), which does not archive. I download this onto my computer, and now I'm back to where I was before. Except that now my email takes up twice the amount of space it did before, on their systems, and on mine. So what exactly did they accomplish here, except to make my life, and eventually, some other sysadmin's, more complicated?
[1] as I said to the email guy when I complained about this, “You say that it's standard, in the sense that lots of places use it, but it's not standards-compliant – that's different”.
[2] approximately 20 GB accumulated over 10 years, or roughly 10 TB to store email for everyone here, or call it 100 TB including backups – which is a ridiculously small amount of data these days, and it means that the system they chose is remarkably poor at its function.
Another website that requires you to create a forever non-deletable account to purchase anything. An account which contains your personal information and credit card number [1] and makes you come up with some bogus password with more than six characters, capital letter, and non-alphanumeric character, then, when you forget it, sends it to you in the clear through email.
Which means that they know your password, and that it’s not stored securely, and it’s just a matter of time before it’s hacked.
Bravo! It’s just like taking your shoes off at the airport, and just like waving the bar-code of your high-security badge at the guard who scans it, but fails to check whether you are actually the person the badge is supposed to admit.
Non-secure security, or as it’s known, security theatre.
What happens to that database when the company goes out of business, as it inevitably does? When there’s no one left to be sued, you think they wipe the disks before they turn off the lights, or is it more likely that the repo man just comes and unplugs the computers and sells them to highest bidder, untouched, with your personal information all there to see for anyone who cares to issue a mysql command?
I just want to buy something. Once. I don’t want to have an account, or a password, or an ongoing relationship. Just a fucking one-time purchase.
[1] if you can’t figure out how to handle a password reset securely, why should I believe that you are not storing my CC number insecurely, either in plaintext or unsalted hashes, and that some Senior VP is not carrying them around on his/her non-encrypted laptop? Because I read about this every damn day.
Review: Infinite Jest lite, without the sort of near-future dystopian SF aspect. But a good fast read.
Get it here. No, I’m not an affiliate.
So Andrea Seabrook is unhappy with her experience in DC. Tired of being bald-faced lied-to by politicians. So she's mad as hell and not going to take it anymore. Except the whole time she was there at NPR, putting their lies on the air, she could have stood up and called them on it. Could have used her time to expose the lies, and hold their feet to the fire. Except she didn't. Was that because her corporate masters at NPR wouldn't let her? Or because access would be cut off if she did? Probably both. But she didn't say why in this interview. And in a classic example of my biggest problem with NPR, Bob Garfield didn't ask the next question, the hard question – why? Why didn't she point this out when she had a chance, before a large audience?
So why does she think starting a blog where she tells the truth is going to change things? She had a chance to change things, for more than a decade, and didn't. Maybe she tried. Maybe she rammed her head against the walls and quit when it got bloody – but she didn't say that in this interview. Rather the opposite.
The example that she gave in her interview was damning though. As an example of the equivalence of both sides, she compared a blatant out and out factual numerical lie by one politician, to a statement of opinion (and a reasonable one, to me) by another. Let's guess which party lied, and which had the opinion.
Ha. That's not fair. The R lied, of course. But just the fact that she somehow thinks that these two things are equivalent says a lot about why I won't be reading her blog.
Politics is the conflict of human nature. It's unreasonable to expect that it won't get mean and ugly, and your opponents won't impugn your motives. Fine. But there's a difference between impugning motives, and just making up numbers which are false. One can be fact-checked. And exposed in the media. But rarely is.
So I won't be reading her new gig, as even now, she still seems to think that reporting opinions-on-the-shape-of-the-earth-differ, both sides are equally bad, is okay.
The place where I work has an increasingly restrictive network policy. It went from almost anything goes – personal devices OK, and the honor system [1], to no personal devices on the network, monitoring software on every machine, full disk encryption [2], and now a net nanny which restricts innocuous web sites (climbing sites, art galleries – not that I surf the web a lot at work, but sometimes I want to check the weather or see how late something is open). They delete, without notification, emails with a zip file or other suspicious things attached, incoming or outgoing. Random security scans. It’s a pain. But…
I have this other device sitting on my desk. A small screen with several antennae. I bike to work with it on my back every day. For a modest monthly fee, I connect to a completely independent high speed network, no work resources used, and no restrictions at all. It’s what I’m typing this on now, in fact. On my lunch break, if anyone at work is reading.
So if the site I just googled shows the ‘restricted – you are being monitored’ notice, I just turn my chair 45 degrees and do it on this Star Trek communicator. Unmonitored.
So what exactly is the purpose of these policies? Is the policy not to access these sites over the work network, or not to access them at all when at work? Because the latter is a major fail. Unless they search me at the gate every day and confiscate my personal mobile and tablet. Because I see no way to enforce these policies short of a camera in every cubicle, or a GSM interception/decryption effort, or policies something like those of TS secure sites. No phones, no cameras, no personal electronic devices, glue up the USB ports, and walk through a metal detector in and out.
Actually the last thing might actually happen.
I’m not getting viruses from these sites on my personal equipment, so I don’t think network security is a valid concern.
I’d like to think that common sense would prevail and the workplace would say, just get your work done. Don’t screw things up. We realize we can’t stop you from doing whatever you want, so be an adult and use your best judgement.
Because short of what used to be called Tempest site security, they can’t stop it. 4G cellular networks and tablets are just making it pointless to have these sorts of restrictions.
One could make an analogy to 3D printing and BATF regulations. It was never difficult to make a weapon in your garage [3], but 3D printing is going to make it easy. That’s going to change things. Similarly, I could have always gotten around work network restrictions, but a tablet and a $10/month 4G subscription makes it dead simple. Plus ethically incontrovertible. It’s my tablet. It’s my network. It’s my time. I just happen to be sitting at work. And if that’s the only factor that makes a difference…
Yes, I know it does. But work can’t be a ratchet. Where I answer the phone on my days off, and take care of business at the beach, but I don’t get to look at the web on my lunch break, or make a blog post on my tablet.
So is the policy that I can’t look at pr0n at work? Not that I particularly want to, but that’s what it always comes down to. Pr0n. How about if I think about it? Or is it that I can’t use work resources to do so? And if I can use a tablet and 4G network that doesn’t belong to them to do so, what’s the distinction?
The distinction is increasingly meaningless, and the question is how will our corporate masters re-write the rules to maintain control of our minds.
How about this policy: Get your work done. Don’t disturb the neighbors, and don’t frighten the horses.
But no organization ever created by man is happy to let things go that way. So it will be the other.
But how?
___________________________
[1] My first few years here, I used my personal laptop and cell phone because I didn’t want two. My next few years, I was happy to use theirs (and was requested to), and pocket the cash, because I trusted them not to monitor my email or phone calls – I didn’t think they had either the capability or interest. I’m back to using my own phone, tablet, and laptop, and keeping my personal communications completely off company devices and networks. Which is going to be interesting next time I travel. But then I won’t be on their networks…
[2] Which only works if you turn the computer off, and who does that any more? I shut my computer down about once a month. Probably less.
[3] I learned how to make zip guns in SE Hinton-like novels written in the 50s-60s.
The new copier requires three button presses and four steps to make a copy. Start, (scan), finish, start. Yay?
Something denizens of the Center of the Universe have known for decades.
Finely tuned
You ride the bike, or drive the fun car, for weeks and months, and it all seems to be fine, everything sounds good, feels good. Then you take it in to get something fixed, broken spoke, or oil change, and get it tuned up, cause why not? It’s been a while. And when you get it back, holy cow, when you get it back, it’s a different machine. Same, but everything sounds better. Or on the bike, not at all.
It’s the same noises, and the same feeling, but better. Less. And more.
It doesn’t work like that for the Honda, or the Toyota, but it does for the fun car, and the fun bike. Maybe the Honda and Toyota are just better machines in the first place. Maybe old cars and new bikes are more susceptible to adjustment.
You notice it because it gets worse slowly, and gets better in one step. It’s probably a metaphor for something.
They’ll slowly degrade, and I’ll not notice as I slowly degrade (and notice), and I’ll have this revelation again in about a year.
Comment Comments Off on Finely tuned Permalink