A Lack of Presence

There was once this thing called “presence” – I miss it.

I realized not too long ago that I’ve been using technologies like text and instant messaging for, well, decades.  When I started, you had to be logged in to the mainframe.  Then it was IM. (iChat anyone?  MSN Messenger? Jabber?)  Now, it’s on our phones.

The thing that bugs me is that what I always saw as the biggest drawback – “too bad I’m not logged in all the time” – got solved.  Be careful what you wish for! Continue reading


Three tips for new Mac Users

I got a call last week from a neighbor.  “Stop by when you get a chance,” he said.  “I have something to show you.”

Turns out that he’s just switched.  Has a shiny new iMac on his desk, with a not-so-old PC off to the side. Congratulations!

I had this funny feeling that I should have an opinion for him about what he should do next. He was fairly prepared – he’s a smart guy. I kept thinking I should say, “okay, 1-2-3, you should consider doing these things,” but I didn’t have a list at hand. That I didn’t started gnawing at me.

So, I put this together.  Not a top 50 list, or top 25 list, or even the top 10… how about just three things to start with, because they might be the most useful for anyone who wants to actually start to understand their Mac.

Set up a username and password for your Mac.  It’s a very good idea to keep your Mac locked – to configure it so that when it boots up or you wake it up it prompts for your username and password.  I hear you saying  your computer is unlikely to be stolen, and that makes sense but I have another point: not having your computer totally open is a good habit.  When you log in to your computer, you’re reminding yourself that the information you store is valuable.  You do need to provide this information anyway when you install and/or upgrade software; if you use it every day it’s easier to remember.

But more practical reasons are that when you log in to your Mac, you’re not only starting your “session” but you’re unlocking the Mac Keychain.  The Keychain can store passwords for you (explicitly – using Safari, for example) and also stores other security-related data, such as WiFi passwords and security certificates.  When you log in every day with your username and password, you can take advantage of the Keychain without any further effort.  And, by making a strong password for your login, you enable the Keychain to store data securely.  In fact, if you want to remember only one strong password, use it to login (and for your keychain); that’s the “key” to unlock any others.

Eliminate Distractions: Organize your Dock. A new Mac comes with a shiny array of attractive icons in your Dock when you log in.  I suggest you get rid of those you won’t be using often enough to have them sitting there waving at you, and then make it easy to find any of your other applications:

You can eliminate icons in your dock by dragging them to your desktop – there’s a puff-of-smoke effect, and a “woosh” sound that accompanies this.  That’s how to subtract, and that’s half the job.  The other half is having a quick way to get to the apps you don’t use as often by leaving the “Launchpad” icon in your dock or dragging your Application folder to the dock.  What you’ve just done is divided your apps into two tiers – those you use every day (or often enough to justify “one click” access), and the rest that you want to be able to find relatively easily.

Set Activity Monitor to run at startup.  There’s a good way to keep an eye on what your Mac is doing.  It’s called Activity Monitor, find it in the Utilities folder (which is itself in your Applications folder).  It gives you a list of all of the applications running on your Mac (choose the “All Processes” choice in the pick tab next to “Filter”, then click on the “% CPU” column to sort by the most active process).  The bottom half of that window shows you counters and a graphic of your usage of disks, memory, and network utilization.  Consider having this app start when you log in: right-click (or control-click) the icon in the dock, and from Options choose “Open at login”.  That way, it’s always hanging out so that you can switch to it and answer questions like “why is everything so slow” or “is that thing actually doing anything”.  This can be very useful.

Do you see the underlying idea to all of these tips?  If you implement all of these, you learn a bit about how Mac security works, how to navigate around, and what your Mac is actually “working on”.  In other words, if you set a password, configure your dock, and habitually have activity monitor running, you’ll get a bit more visibility into your new computer.  Just having yourself set up this way will help you see a bit better how the gears go around, and might help you get a conceptual step forward towards figuring out how to do more – and have more fun.

Bonus Round:

Check out MacWorld’s How To’s and Videos.

And consider learning more by using these apps:
Broaden your browser use: try Google Chrome.  More functional, updated frequently (so, arguably more secure), and I personally find the bookmarks easier to use.
Get good secure storage for your passwords: try Password Wallet .  It’s a tool to remember passwords for you.  Doesn’t actually “integrate” with your browser like most tools, which makes it a bit more secure.
Store those little pieces of information so you can find them easily wherever you are: try Evernote . File things like images, web pages, and screen shots, other notes. You can search for them, and it runs on a website, or apps for almost every current device.
File your mail messages really quickly and efficiently: try MsgFiler .  Two to six (in my case) keystrokes to file mail messages into the folder of your choice. Makes it just as easy to save for archive as to delete your mail.

(These are all unsolicited recommendations … this is just my opinion, I’m not being compensated for mentioning these.)

Hope these all help!  Have fun!

Spring Cleaning

Spring always seems to take forever to reach New England.  This is nothing new; I’m in agreement with a traditional mode of thinking here that there really isn’t a “Spring”, there is Winter and Summer, and in between “Mud Season”.

But there are cobwebs to be cleared, always.  Like those in the computer.

While I’m not speaking literally, consider the degradation of the state of our computers, or “bit rot”.  It represents a real phenomenon; the concept of entropy turns out to apply to ordered data in our storage systems and to our own organizational structures.

I’ve always followed the advice that I give to others: upgrade your software early and often.  I’m usually first out of the block for new OSs for my client machines (not servers – but that’s another story).  That’s rather extreme – I don’t suggest this for most people – but falling a few versions behind is a significant problem.

I get surprised at unintended consequences, though, as with how upgrading software feels like spring cleaning, but it’s not.  In fact, software upgrades generally leave as much as possible from the previous state as possible.  That’s prudent – you make fewer decisions about deleting things, you decrease risk.  But just because you moved in new furniture doesn’t mean you don’t have cobwebs that pop up.

You’re thinking that there’s a practical story here, and you’re right: whenever I take a machine and “clean it”, it ends up running faster.  Yes, more speedy.  Why?

It’s about ordering of data: if you back a computer up and then restore the backup – especially if you back up and reinstall the OS and the Applications from the original media, followed by only using your backup to restore your data – you’re moving everything back onto the computer into a state where you’ve gotten rid of all the old stuff that you never use anymore, and you’re writing from the beginning of your disk, one block right after another.  Which means that when you go to read the data, it’s all effectively faster to access because it’s been reorganized.

This used to be called “defragmentation”.  Most OSs do this automatically now, or don’t actually need what the defrag applications did, but what they do need is a external process (you) to make decisions about what is no longer needed, and have the computer clean off the disk and rebuild.  There’s nothing like doing the living room by moving all the stuff in there out and cleaning everything before moving the stuff back in – you’ll probably find stuff you don’t want to move anymore, but the real value is just getting to the bare floor and going from there.

I used to think that the slowing of computers primarily related to new software functionality, new web applications, and more intensive use.  I still believe that these are factors.  However, I’m constantly surprised about how much of an impact a full cleaning cycle has on my supposedly well-maintained machines, and take stock at how it’s good to simplify the environment from time to time.

Speaking of the (physical) living room…

Asterisk, Firewall, and Hearing Voices

From the “While I’m thinking about it” department, with help from the “maybe this will be useful for someone else” division.

I’d added a Analog Telephone Adaptor (ATA) to my home Asterisk system a while ago, but hadn’t really gotten a chance to work on it.  About six months ago, I realized that it was misconfigured: when I received calls (which was 95% of the use, as it turned out) audio was fine, but I couldn’t initiate calls with it and get audio.

I realized this because I hadn’t been using Asterisk as my sole voice service, and so cursory testing of the ATA didn’t expose the problem – calls to it on my own network worked fine, so I assumed initiating calls would, too.

I thought about all the Fun with NAT that we always have to deal with, and assumed that was the issue.  As is so often the case, ran off in that direction with no solution.  Looked at the configurations, and everything there looked okay.  Turned directmedia off, so that Asterisk would remain in the media stream, but still no audio.  On the other hand, this ruled out NAT issues, didn’t it?  And I’d never had NAT issues with Asterisk, even though I never actually modified the firewall on that host to open ports for RTP.

My Polycom IP550 (always) worked.  Great.  And the ATA didn’t.  Looking at the network traffic, I saw that call setup looked pretty similar between the two devices… but then I noticed something interesting, that the ATA would get “destination unreachable/host administratively prohibited” replies from Asterisk with RTP.

I dug deeper, and noticed that the first RTP packets when using the IP550 were from the Asterisk server to the IP550, while with the ATA the audio started with the ATA – but there were those unreachable rejects, and no audio at all the other direction.

Stop reading here if this starts to make sense to you – once I put this all together, I started to come up with the answer.

I never had to open the RTP ports on the Asterisk server, because it turns out the IP550 was configured with progressinband=yes.  (There was a note in my config that this was suggested by Polycom).  Because I hadn’t really looked into it (and it was only suggested by Polycom), I never thought too much about it.  But it’s the key, when running Asterisk on a host with a firewall: rather than having to adjust the firewall to manually open ports for RTP, progressinband has Asterisk generate audio to indicate call progress back to the terminal, which means that the Asterisk server “talks first” (starts sending from the negotiated port using RTP).  This means that Asterisk effectively opens the port for RTP bidirectional traffic, and thus obviates the need for the firewall to do so.

It had nothing to do with NAT, but was still a firewall issue.  I run firewalls on internal hosts – I think it’s just good practice.  And I have to be honest: I figured all this out because when I did open ports for RTP, the ATA started working.  That was what I needed to know to figure out the rest of it.

I haven’t yet figured out the drawbacks, if any, to progressinband, but in this case I’m happy to be through this particular issue.  This is one of those occasions where a lot of work – many blind alleys – led, eventually to a fix that’s brilliantly obvious once you know it.  That’s how life is in technology, though.

Word for the day: “micromort”

Thanks to Bruce Schneier for the heads up on this:

micromort, n.  a numerical score for an event based on a probability of death of 1 in 1,000,000 (1 × 10-6, or 0.0001%).  Unit abbreviation μmt.    Examples: hang-gliding=8μmt, horse-riding=0.5μmt; 100 miles of travel in a car=0.5μmt.

As a blogger with the nom de plume of “Stubborn Mule” put it, “shopping for coffee you would not ask for 0.00025 tons (unless you were naturally irritating), you would ask for 250 grams.” The ability to communicate risks in an accurate but understandable manner is undercut by large denominators expressing very small risks.  Multiplying that fraction to get a micromort makes things more perceptible.


  1. Note that these probabilities are based on findings in the U.K., which may not be equivalent in other regions.
  2. The earliest citation that I could locate was R. A. Howard, “On making life or death decisions” in “Societal Risk Assessment: How Safe is Safe Enough?” (1980, ISBN 0306405547), referenced from Wikipedia.
  3. David Spiegelhalter et al have a wonderful site on the topic of Understanding Uncertainty, with some excellent tools.  Spiegelhalter gave a talk at the LSE’s Department of Economics in 2010 with a very good overview.

Why I don’t want to know your password

I’ve realized that over the course of my career I’ve had to cultivate a professional disinterest about some things.  You might even call it “learned blindness” – when I am helping people with a computer problem, I’ve developed a practice of not seeing certain things.

One of things that I don’t see – nor do I want to hear – are passwords.  They are other people’s secrets, like that spreadsheet the CFO has with everyone’s salary info.  (I’ve actually had to help someone with a spreadsheet like that, twice in my career.)  I don’t want to see that information – it’s the definition of “not any of my business”.

It sounds funny when I tell people that I don’t want to know their passwords… they trust me, after all, or they don’t think their password is very important.  Or maybe they share it with others anyway.  The best analogy that I have to explain this is that passwords are like gossip: people listen to gossip because they are curious about others’ secrets.

In most roles I’ve had, I possessed the master key to all of my organization’s data – I could, if I were “curious”, look at anyone’s email, access any of their files (sure, there’s computer code, but there are also pictures), or even eavesdrop on their phone conversations or web browsing.  In fact, because I’ve had responsibilities for monitoring email and phone systems, I see “traffic” – not the contents of email messages, but as I’m watching the logs I see calls and emails senders and receivers.

If you think about it, I can’t be curious about the data under my control because it undermines the trust that my colleagues have in me to protect it.  Being exposed to information that I have no need of is like being exposed to gossip – the only way to really be above gossip is to not listen, to refuse to be present when people are talking.

To even discern whether something supposedly “secret” is also “sensitive” means that I’m already hearing it.  So, that’s why I have a blanket policy of not wanting to be told secrets – like passwords – that I don’t have a need to know; because I might have the “ability” to find out, I want to train myself to not be interested.

One more thing: systems should be engineered so that secrets are minimized or securely shared.  For example, most applications that require a password use encryption to ensure that no one can see the actual passwords – all that system can do is take an input and reply that it matches the stored password or not. When you’re talking to someone who is an administrator, they can’t tell you what your passwords is – though they can change it for you, or change it themselves and then access your data.  But they can’t then change it back to what it was beforehand, so these actions are detectable.  I try to architect processes so that I don’t collect data that I don’t need – like authentication credentials.

It’s great that people trust me – even people who don’t like me very much trust my standards.  But discretion – keeping confidences – starts by not knowing them.

Happy IPv6 Launch Day!

World IPv6 Launch Banner

IPv6 Launch Day – 06Jun12 00:00 UTC

My background may or not be all that unusual: I’ve picked up lots of things that I didn’t set out to learn; responding to topical areas that my employers wanted me to learn or following what I thought was interesting and what I was attracted to – that’s created somewhat of a patchwork of areas of knowledge.

One thing that’s been difficult, sometimes, is forcing my attention away from whatever is on fire today and learning new stuff.  As I’ve mentioned recently, I have had some great opportunities to get taken in different directions.

Here’s one: about two years ago, at a BBLISA talk, I finally got to learn about this amorphous thing off in the distance, IPv6.  Like a lot of technology, getting your arms around a new concept is trying partly because most education seems to be oriented towards those who are learning something wholly new for the very first time, as in how TCP/IP works.

This is what BBLISA is really great for: I know lots about the “current” IP already (“IPv4”); assume that I understand the protocol stack and how lots of services are implemented on it, please, and explain to me what is different and new.  That was an excellent session.

So, I put together IPv6 connectivity on and out of my home network, to the IPv6 Internet.  Last year, as World IPv6 Day approached, I decided that I wanted my externally-hosted personal site available on IPv6, too, so I set up a mirror with a new provider… this year, the whole site has been moved, including my mailhost (Dovecot/Postfix).  All that’s left is Amazon Web Services – (going to be making any announcements soon, AWS?) – which hosts some content (like images and large file downloads such as from my BBLISA presentation).

As of now, 06Jun12 00:00 UTC – it’s Launch day.  Today, the sites listed in the Launch site are supposed to be fully IPv6-enabled, and as they say “This time it is for real”.  I’m happy to be part of this.

Getting Things Done: OmniFocus

I like tools. As a technologist, you might say tools are what I do.  Not all that I do – but it’s an important part.  In the hope that some of the great tools I’ve found might be of interest, this is my first post about some of the most important tools in my bag.

In 1986, working as a consultant, I purchased a seemingly overpriced small notebook that promised to help me manage my time and become more efficient.  This system, called “Time/Design” occupied the same market as the “Filofax” and “Franklin-Covey” planners; T/D was from Europe and was being heavily marketed by one of those companies that I think of as “Sharper Image” wannabes.

It was rather expensive, as I recall, and of course once one purchased the “system”, well, it wasn’t going to update itself for the next calendar year.  But the people in the pictures looked “productive”, and I needed something, so I bought in.

Somehow, a few months later, I learned of a seminar on the system.  There was a workshop being given in Newton (Mass.), right down the road.  It also wasn’t cheap, but it seemed like it would be worthwhile and so I signed up.

That was my introduction to David Allen, who has gone on to write a number of books, starting with Getting Things Done and a practice called GTD; over the years he has refined the thinking and processes and spawned significant interest in implementing these techniques in software.

Initially, much of the work was to answer questions like “how do I use Microsoft Outlook/Lotus Notes to help me” in the context of GTD workflows.  However, several years ago, standalone applications started to arrive to serve as the framework for what you could casually call your “To do lists”.

The first one that I worked with extensively is one that I adopted, called OmniFocus, developed by The Omni Group.  The core of the product was initially developed as a set of scripts and templates for Omni’s OmniOutliner, itself a pretty neat tool for creating documents that are best expressed in an “outline” with a hierarchical structure.  As of today, OmniFocus is available for the Mac and iOS platforms, there’s robust sync technology across devices that I’ve come to rely on.

Why OmniFocus?  I’ve become enthusiastic about several OmniGroup’s products.  The principal reasons have to do with design, both the thought and care that have gone into workflow (especially for OmniFocus), but also because the same level of effort brought to the visual design of the applications.  I’ve learned that I’m a visually-oriented person; this characteristic seems to be echoed in Omni’s products.

What I think of as the core tenets of GTD are:

  • A focus on determining the next action (physical) to move a project or task towards it’s goal.
  • “Capturing” those tasks, the projects or goals they represent, and the commitments that underly them – out of your head and into an external, trusted device/place/list/system.
  • Acknowledgement that we’re really not that good at multitasking; we’re best off concentrating on one thing at one time by delegating all of that “on our mind” to whatever system we have.
  • A practice of periodically reviewing our goals, projects, and what we have completed.  Re-figure that next action for each of our goals and projects, and add it to the system.  Experience that little flash of satisfaction of checking off that “done” box.  Allow some creativity to creep in envisioning project outcomes.
  • Understanding that there are contexts for taking those next actions: either location, the availability of certain tools (like Internet connectivity, or a phone), people, etc., and being able to figure out what can be done in the current context (I’m in the North End, what can I get at the store here?).

OmniFocus supports this process.  It makes it pretty easy to capture stray thoughts, roughly order things, assign contexts to tasks, review, and maintain a level of comfort that it’s all in there, safely.

I’ve found that there are a lot of people who will read a description of something like this, and think that it’s either unnatural, too much work, too contrived, or inessential.  I certainly respect those opinions; you might even make the analogy that there’s a certain level of faith in this approach and if you’re not feeling it – then none of this will be of any help.

However, for me and many others, this process has been useful.  Set aside, if you wish, the technology; the implementation is an individual project.  And GTD is not perfect, I have my own difficulties with it and keenly experience some of its shortcomings – but if this catches your attention, you might find it – and apps like OmniFocus – well worth your time to research.


  1. David Allen, DavidCo website.
  2. Getting Things Done, Amazon/Paper, Amazon/Kindle
  3. OmniFocus from The OmniGroup.
  4. Merlin Mann’s 43 Folders site.
  5. GTD Times site (“The hub for all things GTD”, from David Allen).

What Systems People Do

When many people think of systems people – for example, systems administrators, or IT staff – they wonder what we spend our time doing, when we’re not sitting with our customers and actively working to help fix what’s broken.

While in larger organizations there are people whose job descriptions read “IT Support”, many of us have significant other responsibilities.  What are we doing when the alarm bell (or telephone, or ticket system) isn’t ringing?

Often, the answer is that we’re building things.  This time breaks down partly to projects that we’re tasked to do – say, installing new hardware or software, or network upgrades.  But I’ve had a nice opportunity to consider what happens without tickets, phone calls, or support tasks.

What I’ve concluded is that I think about two things:

First, there’s what’s new to learn.  Arthur C. Clarke once wrote that “the well-stocked mind is safe from boredom,” and a corollary to this might be that one who is hungry to learn can never be sated.  It’s amazing to me how much of the important technology in the IT world is available for free, either because it’s open source, or because there are formal programs allowing access to technology for free or at significantly reduced costs though developer/support programs.  I’m thinking of much Oracle technology (free) and Microsoft systems (available at a nominal cost) – for purposes of evaluation, testing, etc. (effectively, “non-production use”, depending on the specifics of the licenses).

In addition, with the commoditization of the vast majority of computer hardware, courtesy of Intel, along with virtualization platforms, it’s pretty easy for a curious technologist to get exposure to a wide variety of applications and operating systems.  There’s also “the cloud” – in which one can “rent” a virtual server for $.08/hour (Amazon) or $19.95/month (Linode).  There are others, of course, but these are examples of what I personally use.

The second thing that I think about is the question of how to understand the ways in which things break – or to put it another way, what lessons one can learn from outages, errors, breakdowns, and failures of hardware, software, networks, applications, security, or human organizations.  What this means in practical terms is an emphasis (in my time and effort, at least) in thinking about how to monitor systems, traffic, the environment and myself.  What can I instrument?  What can I learn about a complex collection of systems and applications by collecting data?  What patterns can I see, and what can I predict?

“Paying attention” is essential to understanding what we’re doing.  Having the time to improve how I do this has been an experience that has given me a better perspective on how to be better at the work I do.