Looking For A Few Champions

IBM Champion nominations are upon us and with only a week to go to get those in I wanted to send out a plea.  I would love to nominate you as a Champion.  Yes YOU. Unfortunately in most cases I don’t know enough about who you are and what you do.  It’s no good saying “well if I did enough she would know me” because that’s not how it works – very few of us do enough publicly to make others aware of what we do.  Being a Champion can be awarded against lots of criteria not just speaking at events or writing blogs.  Libby has kindly shared some here but anything that falls under advocating for ICS products or committing your own resources to the technical community counts.

As a Lifetime Champion I am fortunate that I don’t need to reapply but I thought if I tried to write up my own dummy nomination here for 2017 hopefully it will help you see some of the things you do as worthy of nomination.  This isn’t me boasting and I hope it doesn’t read as me being arrogant, I’m just trying to encourage by example and help people who may need it.

Why should you be an IBM Champion? *

Describe the contribution in the last year are you most proud of or you believe has had the biggest impact on the technical community, IBM or IBM’s customers. Share as much detail as possible, including the activity’s impact and any links.

Consider activities and accomplishments from the past year that rise above and beyond your job and support IBM products and solutions andthe greater technical community, including both internal and external activities.

The follow on question to this is asking me to list my top 5 activities so I would assume the first question wants just what you consider the most important activity listed followed by an opportunity to list 5 other things you would like considered / are proud of.

Here are a few things I could add under the suggested categories,  I know there’s a lot here, this is FAR more than you need to submit but I wanted to give as many examples as I could.

EVANGELISE AND ADVOCATE FOR IBM

  • Presenting to {named customer} on IBM’s strategy and the ICS roadmap to convince them they were on the right path
  • A tweet sharing IBM news or commenting on  IBM news that got X number of retweets (with link) or a blog or linkedin post that got X number of reads
  • Customer references for internal meetings or presentations I attended and contributed to that helped them deploy ICS products

HELP GROW AND NURTURE THE COMMUNITY

  • Examples of people who contacted me for support or assistance or just advice that I helped out (asking them if they would act as references)
  • The Nerd Girl work at Connect and the mentoring done since then.
  • Participation in multiple user groups

EXPAND REACH ACROSS THE IBM PORTFOLIO

  • My work this year learning and sharing on Docker to support the IBM Connections initative and now Domino
  • Work partnering with IBM security business partners
  • My GDPR work with customers that combines discussions of multiple IBM technologies IOT, blockchain, and Domino data

PROVIDE FEEDBACK ON IBM PRODUCTS AND DIRECTION

  • The IBM advisory panels I’ve been involved in along with references to our meetings
    The design feedback sessions I’ve been involved in with references to the IBM teams involved and the topics I fed back on
  • The “Jams” I’ve contributed to along with my contributions
  • PMRs that highlighted a significant problem in a product and enabled development to improve it

SHARE KNOWLEDGE AND EXPERTISE

  • My series of New Way To Learn sessions I did in May for IBM with links to the sessions and listing Alan Hamilton as a reference. Also listing my blog and slideshare where the sessions are shared
  • A list of my blogs I’ve written this year
  • The conferences I’ve spoken at such as Connect, InterConnect, Engage, MWLUG, AdminCamp and Social Connections along with the presentation content and again links to my slideshare

I really want to hear from people who haven’t been nominated or even people who want some support in being nominated. Please contact me if you want me to nominate you or connect with me on Skype (GabriellaDavis) if you just want to talk about it. Don’t feel you have to know me to reach out.

Also if nothing else, please please nominate yourself.  One trick I found worked for me was to ask a colleague to draft my self nomination and then I updated it.  That way I didn’t feel awkward writing things down and got to see what someone who works closely with me sees me do.

A New Era, A New Future, A New Domino

Some of you may have already seen the tweets out of HCL and the announcement from IBM on the new strategic partnership for ICS products that IBM have just entered into with HCL.  To explain things as simply as possible this means that HCL will take over the development of most of the ICS products whilst IBM continues to manage the product strategy, marketing and licensing.  The products involved include

Domino
Notes (on premises and SmartCloud)
Traveler
Verse
Sametime
IBM Client Access
IMSMO (mail support for Microsoft Outlook)

So what does this actually mean for us as Business Partners and, more importantly, for customers?  In my opinion this is very good news.  The products will benefit from significantly more development investment and resources,  with the existing IBM development teams on those products moving under HCL  In addition IBM will continue to manage the product themselves (using the existing offerings management teams) as well as the licensing, and the strategic direction.

There is no longer any End of Life date for Domino, not even “at least until” dates.

As far as customers are concerned, nothing will change other than an acceleration in the investment and development of products including the announcement of Domino 10 for 2018 and the #Domino2025 project.  Even submitting PMRs will continue in the same way.  There will be no customer – HCL direct relationship.

What is Domino2025? Otherwise known as Project Sapphire this is a strategic and ongoing product development initiative IBM will be starting in November where they will be taking feedback on what people want to help drive the future of Domino.   You can tweet your feedback using #Domino2025 and look forward to workshops taking place worldwide as a continual process to design future (post v10) Domino.

I have a lot more thoughts which I’ll share over the coming days but when I first heard about this and considered it I realised that this is a huge opportunity and a step forward for all the products involved.  I hope you agree.

The birth of a new Domino!

How Apple’s UI Helped Scammers Steal

This week someone I care about very much was scammed out of thousands of pounds.  I am just getting past my anger over it and have spent the past few days trying to work out what I could have done to prevent it happening. I work in security, I believe I have told everyone I care about how to protect from the most basic things but Apple introduced a layer of obfuscation that I hadn’t told anyone to look for, because I hadn’t fully noticed it myself.

So what happened?  This person received an email from someone they knew (let’s say “Gabriella Davis’) with a simple “Good morning” type one liner.  They read the email on their iPad and replied to “Gabriella”.  Several back and forths later this conversation turned into a request to move some money.  In this business situation it wasn’t that unusual a request.  Obviously the “Gabriella” turned out to be a fake email address and the transferred money sent to “Aviva Insurance Ltd” (a valid company) was actually sent to an account owned by someone else and quickly extracted and closed down.

Why didn’t the person who was contacted check that the email they received was from the right Gabriella Davis?   They did.  It is one of the most basic things I teach people, always verify and dig into the email address.  However on iOS the email address was shown incorrectly.  Say the email was from “Gabriella Davis <fakeaddress@gmail.com>” and my real address is “Gabriella  Davis <gabriella.davis@turtleblog.info”> well Apple kindly matched the “Gabriella Davis” phrase part with a contact (me) in his contacts and showed not only my photo on the email as the sender but also – when clicking on it – filled in the gabriella@turtleblog.info address.

Even though the reply actually went to fakeaddress@gmail.com,  there was no way to see that from iOS.  

The person concerned took Apple’s representation of my contact information and my photo on the email as validation that it came from me and he was talking to me.  He wasn’t.  The same email opened in both Notes and Outlook immediately showed the fake address and the fake address was obvious when choosing reply from those clients.  it simply would not have happened if he hadn’t been using iOS.

My instructions to always check the sender address hadn’t been spoofed and always check you are sending to the right person turned out to be the worst possible advice in this case because the contact information Apple prefilled in gave a layer of confidence to the email that otherwise wouldn’t have been there.  “Of course it’s Gab, Apple are even showing me her picture and her email”.

I will probably not open comments on this entry as it isn’t entirely my story to tell and there is lots more information I am not prepared to share publicly.  If you know me and have a specific question you can reach out and I may be able to answer.  Otherwise please warn people you know.

  1. Never reply to important emails on an iOS device
  2. If in doubt , even a tiny bit of doubt, always forward and re-address
  3. Any sense of urgency in an email should be a red flag regardless of anything else
  4. There is no replacement, and always time,  for verbal verification

 

A Plea For 3 Mins Of Your Time To Read This

Recently a friend’s wife was diagnosed with kidney failure. Although she is on dialysis,  she is also on a registry hoping for a donor kidney.  After a few discussions and some internet research, I realised how little I know or understand about donating a kidney. How doing so could add years to a loved ones or a strangers life with little risk to myself.  When someone is on dialysis and waiting for a donor kidney, they need strength and they need hope.

Here’s a few things I didn’t know and I want to share because maybe you didn’t know them either.  I apologise in advance for my ignorance which may be exclusively mine. 

1. It’s not true that the most best match will be from a family member.  Genetic compatability is one aspect but with improved anti rejection medicines it’s very possible and often common for a friend or even a stranger to a donate. 

2. Anonymity is maintained throughout the process if you wish and the recipient may never find out that you tested or if you were a match.  You can start the testing process anonymously and choose not to proceed at any point.

3. The first step in finding out if you’re a match is simply to see if your blood type is a match. If it is you can move onto the next step which is a DNA match test.

4. You can choose to be tested to match for a specific person or to be added to a paired/pooled registry where your kidney will be given to someone you match with and the person you wanted to donate to will get prioritised higher on the match registry or even add your details to a general registry which commits you to nothing.

5. The path for potential donors involves not just ensuring you are physically able to donate a kidney but also emotionally prepared to do so. After you are a match you will often be assigned a counsellor to work with you on the decision to donate and the process itself.  Again if you decide to stop at any point, that is entirely confidential and anonymous

If you want to know more about kidney donation and what’s involved then please take a quick look at these sites http://www.giveakidney.org/ and https://www.kidneyresearchuk.org/health-information/living-donor-transplantation

To register as an organ donor or a living kidney donor in the UK please read this NHS site https://www.organdonation.nhs.uk

An Introduction To Docker From MWLUG 2017

Last week I attended and presented at MWLUG in Alexandria, VA.  This was my third MWLUG event and the biggest so far.    Lots of great and varied content, I even went to a couple of developer sessions, thanks to Richard Moy and the rest of the MWLUG team for putting on another great show.  Next year the conference is getting a new name and a new location in Ann Arbor MI.

This session has been changed from the one I gave previously to reflect changes in Docker storage and networking behaviour.

MWLUG – Sessions upon Sessions (Some From Me)

What are you doing this August?  If you’re interested in ICS technology then then you want to make your way to Washington, DC and MWLUG.  The Midwest User Group conference has once more moved to a new location for 2017 and will be held at the Hilton Mark Center, Alexandria from August 8-10.

Sessions have started to be announced and as well as the usual popular topics there are new Watson Work and Innovation tracks to play in.  Take a look at the list of announced sessions here .

I’ve attended and spoken at MWLUG for the past 3 years and it’s an event I look forward to thanks the the number and breadth of sessions and a chance to meet customers and spend time with the ICS community.  This year I’m speaking again and I’m very pleased to have three brand new sessions and one new speaking partner(!).

In the Best Practices track I’ll be showing you how to architect and configure a hybrid cloud solution for Domino

Setting Up a Hybrid Domino Environment to Ease your Way to the Cloud

Are you looking at Cloud options and wondering how and if you can get there from where you are? If you have Domino on premises and are considering Cloud then a good option is a hybrid architecture which maintains all your on premises configuration managed by your own administrators but adds Cloud client access managed by IBM. We will look at how simple it is to create this hybrid solution using Domino passthru servers and review how things like user and directory maintenance, client access and mail routing will then work. From Domino Admin to Domino Hybrid Admin in a few simple steps.

In the Innovation track I’ll be discussing IoT in the Enterprise, security implications and opportunities

IoT In The Enterprise Brings You Industry 4.0

IoT brings us to the beginning of Industry 4.0 and with the opportunities for improved delivery, services and customer relationships comes challenges of data management, creative process re-engineering and most of all security. IoT devices are arriving through the door each day, meanwhile the introduction of GDPR compliance next year brings additional responsibility for data ownership and privacy. . In this session we will investigate the opportunities for IoT in different business sectors alongside the risks of the IoT experience. We will discuss how to defend and protect against today’s IoT’s vulnerabilities and review how security offerings such as blockchain are evolving. We wil also offer a checklist for how your enterprise can plan for and benefit from the emergence of enterprise IoT.

Finally , in the System Administration track I’ll be joining Linux expert Bill Malchisky  to discuss Docker on Linux and what you need to know

Running Docker and Linux Together

The introduction of docker within IBM’s product strategy as well as the popularity of containers as a solution means it’s time to learn some new tools. Join Gab & Bill as they offer architectural insight for both Linux and Docker along with storage and network isolation tips. Curious about good and bad devops processes, deployment, upgrades and backups? You will receive technical explanations with examples. If Linux is the path ahead, Docker is the depolyment conduit. Let’s get you ready for the journey.

Thank you in advance to the NH / Maine convoy that will help get me from NY to VA,  I’m looking forward to sharing these new sessions and learning some new stuff myself.

Sametime Client Update Breaks Single Sign On

I recently built a new Sametime Complete environment for a customer that included an Advanced and Meeting server.  When I had completed the build I tested a new standalone Sametime client in a VM to confirm that I could login to the new Community server and it would log me into the Advanced and Meeting servers.   Having added the necessary lines to plugin_customization.ini to enable  Sametime Advanced* I was able to login to the Community server successfully and be automatically logged into the Meeting and Advanced servers.   However, when I handed over to the customer for testing I was surprised that they couldn’t actually login to the Meeting server at all through the Sametime client. They got a server unreachable error.

So I did further testing

  1. On my client I was configured to use SSL for both the Meeting server and Sametime Advanced. I could login to the Community server and that logged me in securely to Meetings and Advanced.  That same configuration on a test workstation of theirs failed to login to the Meeting server saying server not responding (although it did successfully log in to Advanced)
  2. If I removed the Sametime Advanced servers from the Sametime workstation client it could suddenly log in to the Meeting server
  3. If I changed the Meeting server configuration in the workstation client to use HTTP (80) instead of HTTP (443) I would be logged in to the Meeting and Advanced server
  4. On the test workstation I could always login to the Meeting server securely through a browser and open a tab to the Advanced server and be automatically logged in there even when the Sametime client claimed it couldn’t reach the server.

So why did it fail on every one of their workstations and not for me? It turns out they were using the latest Sametime client I had downloaded from Fix Central (20170402-0344) for them whereas I was using the 2016 build (20160624-0209).  I took a snapshot of my VM and upgraded my Sametime client to the April 2017 one and I immediately was unable to log in to the Meeting server. I rolled the snapshot back to the 2016 client and everything worked again.

One of the major updates in the 2017 client was SAML functionality and it does seem that the single sign on logic has been broken in some way by that 2017 update.  Everything is working with the 2016 client so for the time being (and whilst IBM investigate the PMR) we are rolling that out.  One to watch out for though – newer is not always better and you might want to avoid the latest 20170402-0344 update.

 

*for Sametime Advanced login to work at all in the client you must ensure “remember password” is checked and the following two lines are in the plugin_customization.ini

com.ibm.collaboration.realtime.bcs/useTokens=false
com.ibm.collaboration.realtime/enableAdvanced=true