Looking For A Few Champions

IBM Champion nominations are upon us and with only a week to go to get those in I wanted to send out a plea.  I would love to nominate you as a Champion.  Yes YOU. Unfortunately in most cases I don’t know enough about who you are and what you do.  It’s no good saying “well if I did enough she would know me” because that’s not how it works – very few of us do enough publicly to make others aware of what we do.  Being a Champion can be awarded against lots of criteria not just speaking at events or writing blogs.  Libby has kindly shared some here but anything that falls under advocating for ICS products or committing your own resources to the technical community counts.

As a Lifetime Champion I am fortunate that I don’t need to reapply but I thought if I tried to write up my own dummy nomination here for 2017 hopefully it will help you see some of the things you do as worthy of nomination.  This isn’t me boasting and I hope it doesn’t read as me being arrogant, I’m just trying to encourage by example and help people who may need it.

Why should you be an IBM Champion? *

Describe the contribution in the last year are you most proud of or you believe has had the biggest impact on the technical community, IBM or IBM’s customers. Share as much detail as possible, including the activity’s impact and any links.

Consider activities and accomplishments from the past year that rise above and beyond your job and support IBM products and solutions andthe greater technical community, including both internal and external activities.

The follow on question to this is asking me to list my top 5 activities so I would assume the first question wants just what you consider the most important activity listed followed by an opportunity to list 5 other things you would like considered / are proud of.

Here are a few things I could add under the suggested categories,  I know there’s a lot here, this is FAR more than you need to submit but I wanted to give as many examples as I could.

EVANGELISE AND ADVOCATE FOR IBM

  • Presenting to {named customer} on IBM’s strategy and the ICS roadmap to convince them they were on the right path
  • A tweet sharing IBM news or commenting on  IBM news that got X number of retweets (with link) or a blog or linkedin post that got X number of reads
  • Customer references for internal meetings or presentations I attended and contributed to that helped them deploy ICS products

HELP GROW AND NURTURE THE COMMUNITY

  • Examples of people who contacted me for support or assistance or just advice that I helped out (asking them if they would act as references)
  • The Nerd Girl work at Connect and the mentoring done since then.
  • Participation in multiple user groups

EXPAND REACH ACROSS THE IBM PORTFOLIO

  • My work this year learning and sharing on Docker to support the IBM Connections initative and now Domino
  • Work partnering with IBM security business partners
  • My GDPR work with customers that combines discussions of multiple IBM technologies IOT, blockchain, and Domino data

PROVIDE FEEDBACK ON IBM PRODUCTS AND DIRECTION

  • The IBM advisory panels I’ve been involved in along with references to our meetings
    The design feedback sessions I’ve been involved in with references to the IBM teams involved and the topics I fed back on
  • The “Jams” I’ve contributed to along with my contributions
  • PMRs that highlighted a significant problem in a product and enabled development to improve it

SHARE KNOWLEDGE AND EXPERTISE

  • My series of New Way To Learn sessions I did in May for IBM with links to the sessions and listing Alan Hamilton as a reference. Also listing my blog and slideshare where the sessions are shared
  • A list of my blogs I’ve written this year
  • The conferences I’ve spoken at such as Connect, InterConnect, Engage, MWLUG, AdminCamp and Social Connections along with the presentation content and again links to my slideshare

I really want to hear from people who haven’t been nominated or even people who want some support in being nominated. Please contact me if you want me to nominate you or connect with me on Skype (GabriellaDavis) if you just want to talk about it. Don’t feel you have to know me to reach out.

Also if nothing else, please please nominate yourself.  One trick I found worked for me was to ask a colleague to draft my self nomination and then I updated it.  That way I didn’t feel awkward writing things down and got to see what someone who works closely with me sees me do.

A New Era, A New Future, A New Domino

Some of you may have already seen the tweets out of HCL and the announcement from IBM on the new strategic partnership for ICS products that IBM have just entered into with HCL.  To explain things as simply as possible this means that HCL will take over the development of most of the ICS products whilst IBM continues to manage the product strategy, marketing and licensing.  The products involved include

Domino
Notes (on premises and SmartCloud)
Traveler
Verse
Sametime
IBM Client Access
IMSMO (mail support for Microsoft Outlook)

So what does this actually mean for us as Business Partners and, more importantly, for customers?  In my opinion this is very good news.  The products will benefit from significantly more development investment and resources,  with the existing IBM development teams on those products moving under HCL  In addition IBM will continue to manage the product themselves (using the existing offerings management teams) as well as the licensing, and the strategic direction.

There is no longer any End of Life date for Domino, not even “at least until” dates.

As far as customers are concerned, nothing will change other than an acceleration in the investment and development of products including the announcement of Domino 10 for 2018 and the #Domino2025 project.  Even submitting PMRs will continue in the same way.  There will be no customer – HCL direct relationship.

What is Domino2025? Otherwise known as Project Sapphire this is a strategic and ongoing product development initiative IBM will be starting in November where they will be taking feedback on what people want to help drive the future of Domino.   You can tweet your feedback using #Domino2025 and look forward to workshops taking place worldwide as a continual process to design future (post v10) Domino.

I have a lot more thoughts which I’ll share over the coming days but when I first heard about this and considered it I realised that this is a huge opportunity and a step forward for all the products involved.  I hope you agree.

The birth of a new Domino!

How Apple’s UI Helped Scammers Steal

This week someone I care about very much was scammed out of thousands of pounds.  I am just getting past my anger over it and have spent the past few days trying to work out what I could have done to prevent it happening. I work in security, I believe I have told everyone I care about how to protect from the most basic things but Apple introduced a layer of obfuscation that I hadn’t told anyone to look for, because I hadn’t fully noticed it myself.

So what happened?  This person received an email from someone they knew (let’s say “Gabriella Davis’) with a simple “Good morning” type one liner.  They read the email on their iPad and replied to “Gabriella”.  Several back and forths later this conversation turned into a request to move some money.  In this business situation it wasn’t that unusual a request.  Obviously the “Gabriella” turned out to be a fake email address and the transferred money sent to “Aviva Insurance Ltd” (a valid company) was actually sent to an account owned by someone else and quickly extracted and closed down.

Why didn’t the person who was contacted check that the email they received was from the right Gabriella Davis?   They did.  It is one of the most basic things I teach people, always verify and dig into the email address.  However on iOS the email address was shown incorrectly.  Say the email was from “Gabriella Davis <fakeaddress@gmail.com>” and my real address is “Gabriella  Davis <gabriella.davis@turtleblog.info”> well Apple kindly matched the “Gabriella Davis” phrase part with a contact (me) in his contacts and showed not only my photo on the email as the sender but also – when clicking on it – filled in the gabriella@turtleblog.info address.

Even though the reply actually went to fakeaddress@gmail.com,  there was no way to see that from iOS.  

The person concerned took Apple’s representation of my contact information and my photo on the email as validation that it came from me and he was talking to me.  He wasn’t.  The same email opened in both Notes and Outlook immediately showed the fake address and the fake address was obvious when choosing reply from those clients.  it simply would not have happened if he hadn’t been using iOS.

My instructions to always check the sender address hadn’t been spoofed and always check you are sending to the right person turned out to be the worst possible advice in this case because the contact information Apple prefilled in gave a layer of confidence to the email that otherwise wouldn’t have been there.  “Of course it’s Gab, Apple are even showing me her picture and her email”.

I will probably not open comments on this entry as it isn’t entirely my story to tell and there is lots more information I am not prepared to share publicly.  If you know me and have a specific question you can reach out and I may be able to answer.  Otherwise please warn people you know.

  1. Never reply to important emails on an iOS device
  2. If in doubt , even a tiny bit of doubt, always forward and re-address
  3. Any sense of urgency in an email should be a red flag regardless of anything else
  4. There is no replacement, and always time,  for verbal verification

 

A Plea For 3 Mins Of Your Time To Read This

Recently a friend’s wife was diagnosed with kidney failure. Although she is on dialysis,  she is also on a registry hoping for a donor kidney.  After a few discussions and some internet research, I realised how little I know or understand about donating a kidney. How doing so could add years to a loved ones or a strangers life with little risk to myself.  When someone is on dialysis and waiting for a donor kidney, they need strength and they need hope.

Here’s a few things I didn’t know and I want to share because maybe you didn’t know them either.  I apologise in advance for my ignorance which may be exclusively mine. 

1. It’s not true that the most best match will be from a family member.  Genetic compatability is one aspect but with improved anti rejection medicines it’s very possible and often common for a friend or even a stranger to a donate. 

2. Anonymity is maintained throughout the process if you wish and the recipient may never find out that you tested or if you were a match.  You can start the testing process anonymously and choose not to proceed at any point.

3. The first step in finding out if you’re a match is simply to see if your blood type is a match. If it is you can move onto the next step which is a DNA match test.

4. You can choose to be tested to match for a specific person or to be added to a paired/pooled registry where your kidney will be given to someone you match with and the person you wanted to donate to will get prioritised higher on the match registry or even add your details to a general registry which commits you to nothing.

5. The path for potential donors involves not just ensuring you are physically able to donate a kidney but also emotionally prepared to do so. After you are a match you will often be assigned a counsellor to work with you on the decision to donate and the process itself.  Again if you decide to stop at any point, that is entirely confidential and anonymous

If you want to know more about kidney donation and what’s involved then please take a quick look at these sites http://www.giveakidney.org/ and https://www.kidneyresearchuk.org/health-information/living-donor-transplantation

To register as an organ donor or a living kidney donor in the UK please read this NHS site https://www.organdonation.nhs.uk

An Introduction To Docker From MWLUG 2017

Last week I attended and presented at MWLUG in Alexandria, VA.  This was my third MWLUG event and the biggest so far.    Lots of great and varied content, I even went to a couple of developer sessions, thanks to Richard Moy and the rest of the MWLUG team for putting on another great show.  Next year the conference is getting a new name and a new location in Ann Arbor MI.

This session has been changed from the one I gave previously to reflect changes in Docker storage and networking behaviour.

More Adventures In *** RHEL Configuration

I know I shouldn’t have blogged on Saturday – as soon as I think I have a problem fixed the universe rises up and slaps me roundly about the head.  So fast forward to the end, it’s Sunday night and I’m installing Connections on RHEL 7 so that’s good.  However to get there I had more hurdles which I’ll note here both for myself and for anyone else

I configured and enabled VNC and SSH for access which worked fine on the same network but not from any other network (“Connection Refused”).  The obvious first guess is that the firewall on the server hasn’t been disabled.  It’s always the first thing I do since I have perimeter firewalls between networks and I don’t like to use OS ones. So Saturday and Saturday night was an adventure in checking, double checking and checking again that I had the firewall disabled.  RHEL 7 has replaced iptables with firewalld but iptables still exists so my worry was that I had something enabled somewhere.  I didn’t think it could be my perimeter firewall since I had built the server with the same ip as an earlier server that already worked. My other guess was VNC being accidentally configured with –nolisten but that wasn’t true either.

By the time I went to bed Sunday morning I had ruled out it being the OS and was going to start fresh a few hours later.  I’d also noticed that although I could connect via VNC it was slow as hell despite having a ton of resources.

Sunday morning I decided to delete all the entries referring to that server’s ip on our Sonicwall perimeter device and recreate them.  That fixed the network access. The one thing I didn’t build from scratch was the one thing that was broken. *sigh*.

At this point I did consider switching to Windows 2016 on a new box but I already planned to use that for another server component and wanted to build with mixed OS. Also #stubborn.

So now I have VNC and SSH access but the GUI is awful. I can’t click on most of the menus and it keeps dropping out.  I’m running GNOME 3 and I can find endless posts about problems with GNOME 3 and Cent OS or Redhat so I bite the bullet and install KDE because all I want is a GUI.  KDE is as bad, slow, menus not clickable.  I make sure SELINUX is set to “Disabled” but still no luck.   I try installing NoMachine as an alternative method but that has the same problem with the GUI – slow, unresponding, menus unclickable and eventually a crash with “Oh no!, Something has gone wrong”.  Which isn’t nearly as entertaining the 100th time you see it.  Along the way I disable IPV6 entirely and found and fixed this bug

https://bugzilla.redhat.com/show_bug.cgi?id=912892

and this one

https://bugzilla.redhat.com/show_bug.cgi?id=730378

oh and this irritating setting

https://access.redhat.com/solutions/195833 “Authentication is required” prompt

Throughout Sunday I’m continually working with /etc/systemd/system/vncserver@:1.0 to modify the settings, create new instances, create new VNC users but no matter what I try it proves unworkable.

I’m using the Red Hat instructions from here which has a configurator you can use to automatically create the file vncserver@ file according to your settings.  I’m suspicious of that file because it has settings I don’t normally use like  -RANDR so eventually I edit the file and change

ExecStart=/sbin/runuser -l turtlevnc -c \”/usr/bin/vncserver %i -extension RANDR -geometry 1024×768\”
PIDFile=~turtlevnc/.vnc/%H%i.pid

To

ExecStart=/sbin/runuser -l turtlevnc -c “/usr/bin/vncserver %i -geometry 1024×768”
PIDFile=~turtlevnc/.vnc/%H%i.pid
Cleared the /tmp/X11.unix/X? directories and restart once more.  Everything including GNOME 3 works and it’s zippy zippy fast.

 

So. Note to self. Next time remove that RANDR setting and win yourself an entire day back.

 

Benefits and Risks of a Single Identity

Below is my presentation from IBM Connect 2017.  I have added some speaker notes to the slides so if you were there in person, this looks slightly different but I wanted to offer some clarity to a few of the pages that were heavy with graphics.  If you were at Connect and saw this presentation I hope you found it useful.

I will next be presenting on the Internet Of Things in the Enterprise @ InterConnect in Las Vegas on March 22nd so a new topic for me and one I hope you’ll find interesting.  Personally I’m nervous – new location, new audience, new topic 🙂