From the Cloud

Interesting topics from the world of technology

Year In Review 2016 – New Filtering Capability on Results Page

Posted by on Jan 9, 2017 in From the Cloud, From the Mind | Comments Off on Year In Review 2016 – New Filtering Capability on Results Page

One of the things we wanted to accomplish in 2016 was to make refinement of search results easier. To that end, it is now possible to configure lookup fields to be arrays of check boxes on results pages, which can filter the results in real time. This is now standard on every EfficiencySpring based system we build!

Read More

Year In Review 2016 – Adaptive Design in EfficiencySpring

Posted by on Jan 4, 2017 in From the Cloud, From the Lab, From the Mind | Comments Off on Year In Review 2016 – Adaptive Design in EfficiencySpring

Hi All! Here is the first entry of  our “Year in Review 2016” video series. In this brief video, we focus on the new adaptive design capabilities in EfficiencySpring added in 2016. Adaptive Design is now standard on all new systems we build for our clients using this platform, which we provide at no additional cost.

Read More

A Take on Apple Vs FBI by EfficiencyNext’s President

Posted by on Feb 25, 2016 in From the Cloud, From the Mind, Uncategorized | Comments Off on A Take on Apple Vs FBI by EfficiencyNext’s President

Note: The opinion in this blog post is that of Paul Katz, President of EfficiencyNext LLC. There has and continues to be a vigorous debate among EfficiencyNext staff, with many going #teamfbi and others #teamapple. The current Apple Vs FBI issue with regard to accessing a terrorist’s iPhone 5c has been a subject of active debate within technology and non-technology circles. The position held by many in technology is that Apple is correct in this specific matter. I, however, feel the FBI should prevail in this one specific case. Detangling Things There has been much talk about back doors and weakening encryption with regard to the court order for Apple to unlock the iPhone 5c used by Syed Farook, one of two the shooters in San Bernardino terror attack . The iPhone in question is owned by the San Bernardino County Department of Public Health, which has given complete consent for the FBI to access the phone. The court order is not aimed at weakening the iPhone’s encryption. Instead, the court order requires Apple to build a custom operating system that can be installed on the specific iPhone involved, which will: Nullify the auto-wipe feature Remove delays between PIN code attempts Allow for PIN attempts to be conducted at a rate of 80 milliseconds per attempt Apple, through signed encryption security, is the only party that can load a custom operating system on an iPhone, by their own design. This is why the FBI, through the court system, has compelled Apple to build the custom OS, and brute force determine the PIN to unlock the phone. The request is made under the authority of the All Writs Act to help service a valid search warrant. Hence, this particular case is not about encryption, but rather having Apple create a technique they can run themselves (and only them) which bypasses login security mechanisms. Why I Believe the FBI is Right Apple’s Government Information Requests policy currently states “For all devices running iOS 8 and later versions, Apple will not perform iOS data extractions in response to government search warrants because the files to be extracted are protected by an encryption key that is tied to the user’s passcode, which Apple does not possess.”. Apple failed to consider the possibility that the All Writs Act might be employed to compel them to unlock phones via their authentication mechanisms. In my opinion, (I’m not a lawyer BTW), the All Writs Act applies. Apple seems sufficiently related to to this matter, and building a custom modified OS for a company of their size and financial ability doesn’t seem an undue burden. Under the current Law, I don’t see Apple having much of a case. And concern for precedents must cut both ways. If Apple, one of America’s most powerful corporations, is able to refuse to help service a court approved warrant, how many other companies can follow suit?   The Advice Apple Should And Can Give Each iPhone has the ability to accept passwords and phrases far more complex than a four or six character numeric code; the option is there, just buried a little. A six digit numeric pin has one million possible combinations (000,000 through 999,999). Brute force at about 12 attempts a second would take just under 24 hours. This is what the FBI is banking on. That said, A six character password (alphanumeric + special characters) has over 281 trillion possible combinations (281,474,976,710,656) by my count. Presuming the password isn’t readily guessable, we are looking at 6,515,624,460 hours of bulk attempts to brute force the password. Even sticking with numbers, a user can have a nine character numeric password with a possible one billion...

Read More

Microsoft Clarifies its Azure Support Options

Posted by on Jan 22, 2016 in From the Cloud, From the Mind | 1 comment

Microsoft has entered the new year with an updated Azure support page that greatly clarifies the support plans available under Azure ( Prior to this update, a “Free” support column was displayed on the page that included “Web Incident Submission”. This led some Azure customers to believe that when Azure has a technical problem, submission of them for support would be free. This turned out not to be the case; Free “Web Incident Submission” was generally only for billing issues. With the new revision, the free tier is now gone, with the first support option listed now being “Developer” support, which costs $29 a month. Essentially, if you need to submit a technical ticket to Azure Support, you really need to purchase a plan. The @AzureSupport Twitter handle can receive outage info from customers, but fairly quickly, for specific help, they will advise you to open a ticket. I’m happy that Microsoft made this change, and clarified its wording. The new page is much clearer that free technical support in general isn’t offered. On occasion, in the case of major outages, Microsoft has offered complimentary technical support, but it wouldn’t be prudent to bank on that being available for all scenarios. Perhaps one thing to keep in mind is that support plans are purchased at the Microsoft Account level, and applies to all Azure Subscriptions under that account. If you are an IT firm, and setup Azure infrastructures for your customers, it might make sense to ask them if they can have their subscriptions setup on your Microsoft Account, instead of theirs, so that a singular support plan purchase goes farther. Want to discuss Azure with someone? We’re always happy to...

Read More

Recommendations for dealing with and planning for SAM Engagements

Posted by on Jan 1, 2016 in From the Cloud, From the Mind | Comments Off on Recommendations for dealing with and planning for SAM Engagements

In my last post, I actively protested against Microsoft’s bad behavior with how they execute their SAM Engagements. That said, I am a believer in properly licensing one’s software, and as such, EfficiencyNext operates out of an abundance of caution with regard to this. Here are my recommendations. Disclaimer: I am not a lawyer. This is not legal advice, but advice from someone who implements Microsoft technology. Cooperate when You Are Contacted, but Verify The SAM Engagement is a required process, no matter how much the initial contact tries to make it look like they are selling you something. It’s OK to be grumbly, but don’t block the process or try to hold it up. But, always demand they send you an email before giving any information over the phone. I have no doubt there are plenty of hackers pretending to be SAM Reviewers in order to get information they can use to break into networks. Be Truthful Don’t lie. In general, these SAM Engagements seem to be used by Microsoft as revenue optimizers. It’s about increasing revenue per customer, not necessarily anything punitive. If you execute the process in good faith, you might find out you need to buy more licensing, but in general, you shouldn’t find yourself being sued or being forced to pay costs in excess of actually buying the necessary licenses. Lying (or being uncooperative) is a road that actually can actually likely lead to legal action. Understand the Limits of Volume Licensed Operating Systems and OEM Operating Systems This is one of the Big Gotchas. Microsoft Operating Systems, licensed in Volume and Partner Programs, are Upgrade Licenses only. They do not include licensing for the base operating system, which must also be licensed for the computer the Upgrade License is installed on. These base licenses must be business class; that Windows Home license that comes with many PCs doesn’t cut it. That leaves two options: When you buy a computer, make sure it comes preinstalled (OEM) with a valid business-class operating system, such as Windows 10 Professional, and DO NOT LOSE THE RECEIPT FOR THE SYSTEM PURCHASE. Keep the physical copy, and also scan it into an online accounting system immediately. Without an invoice stating the computer originally came with the Windows license, the SAM Reviewer can make the case the OEM OS might have been installed after the computer’s sale, rendering the validity of the license unprovable. This is also a significant concern if your company buys PCs used; in such cases, you should insist on getting a copy of the original purchase receipt. I would argue this is a strong case for buying Surface Pro hardware specifically, as the hardware itself should be considered proof of a valid license, as it always comes with a Professional copy of Windows and is manufactured by Microsoft itself. You shouldn’t be screwed if you lose the receipt or buy the Surface Pro 1/2/3/4 used. There’s simply no mechanism for how the computer wouldn’t have a valid OS installed. The fact that Surface Pro come with Windows 8/10 OEM Professional is actually a $140 value that many other machines you buy at retail don’t have. Purchase Full Retail Copies of a Microsoft Business Class OS, and insure each license is mapped to a computer running an Upgrade Volume License of Microsoft Windows. As of today, technically, even Vista for Business works for this purpose. I highly recommend purchasing current retail copies that are verifiably legitimate, as counterfeit retail software remains a problem today. That’s roughly $200 a pop, but at least with retail licenses, you can transfer them from...

Read More

Microsoft’s Deeply Flawed SAM Engagement Process

Posted by on Jan 1, 2016 in From the Cloud, From the Mind, Uncategorized | Comments Off on Microsoft’s Deeply Flawed SAM Engagement Process

EfficiencyNext finished its first Microsoft SAM (Software Asset Management) Engagement this last  year, having been contacted by a SAM Engagement specialist contracted by Microsoft. This is a process Microsoft Volume Customers go through so Microsoft can check that customer deployments match the licensing they have purchased. Let us first say, we are an absolute supporter of Microsoft in their desire to insure people are using their software by the rules. Volume Customers receive steep discounts over retail, so some form of review every so often seems a reasonable fair trade. That said, I was deeply disappointed with the unethical nature of the original contact by the SAM Reviewer, and Microsoft’s inability to make the process efficient. This post is a compilation of thoughts I have; I will leave out the names of the individuals I worked with; if anyone at Microsoft would like to DM me on Twitter for details, you can find me at @napkatz. Likewise, I have a sympathetic ear to anyone else who would like to vent/discuss about this process. The way the SAM Reviewer Contacted Our Company and Represented Herself was Deceitful and Unethical I took the initial call from the SAM Reviewer. She said that her company was “Offering a Free Software Asset Management Review” of our software environment, and asked for our IT Manager. The tone was clearly that of a sale. Given that tons of companies cold call us about IT services all the time, I started the usual “just send us something in the mail” line. At that point, the tone changed, and she said she was working with Microsoft and that the review was mandatory. I told her to email me, as I wouldn’t share information about our IT setup with a random caller over the phone. She did email me the formal Microsoft SAM materials, confirming who she said she was. And in the FAQ document she sent over, was this threat: We hope that customers will work proactively with us to ensure they have a compliant licensing position.  However, given the great emphasis Microsoft places on protecting its intellectual property, for those organizations that don’t wish to engage in this process, a more formal communication may be made with respect to our licensing rights and your organization’s obligations under your Microsoft license agreements. In short, the SAM Reviewer wasn’t offering or selling us anything; she was forcing our company into a Microsoft-driven audit, under the implied threat of legal action. There’s plenty of potential motivations to be deceitful upfront I suppose; the SAM Reviewer needs to reach a manager of some sort or perhaps the review can’t happen? So maybe she has to lie her way to get to a manager. I don’t know. Whatever the reason, there is no excuse for such unprofessional and unethical behavior. Microsoft should be ashamed of this practice, even if it is their contractors and not them lying and misrepresenting themselves. In short, it is OK to be angry for how this initial contact works. I was, and to an extent, still am. Especially because at our company, we take great pains to make sure we license our software properly, paying Microsoft thousands of dollars a year. The SAM Engagement process ignores the cheaters who don’t have a Volume Agreements, and instead targets paying customers. The SAM Reviewer Only Gives You Three Weeks and You Never See the Review Coming I think this again cuts to how Microsoft doesn’t trust its customers. There’s no reason why these reviews can’t be presented clearly as a scheduled necessity that comes with the privileges of volume purchases at the inception of a Volume...

Read More