Nov 18

Encryption software can do two things for your email: It can sign your messages, to prove that it was you who sent it and that the message wasn’t altered in transit; and it can encrypt your messages, so no one but the recipient can read the contents.

There are two standard methods for encrypting e-mail: PGP and S/MIME. Most security types like PGP (or its open-source clone GPG), because it’s been around for a long time. The problem is that PGP requires a certain amount of technical savvy to use safely, and it can be awkward to use. That’s especially true on Apple products. While a GPG plugin is available for Mac OS, in my experience it doesn’t work very well. It seems to crash a lot, it breaks with every new Mac OS version, and it’s no longer free.

The alternative is S/MIME, which is an official Internet standard. S/MIME has long been the bastard stepchild of e-mail encryption, largely because it’s more complex to set up and keep up. However, Apple’s Mail programs on Mac OS and iOS both support it, as does Microsoft Outlook on Windows. There are plenty of S/MIME compatible mail programs.

Setting up S/MIME for your Apple products isn’t that hard. Even if you normally prefer PGP/GPG, it’s a good idea to set up S/MIME as well.  Here’s a step-by-step walkthrough.

In this example, I’m presuming you have a Mac and one or more iOS devices (iPhone, iPad, iPod). It’s possible to set up S/MIME directly on an iOS device, but I’ll leave that to someone else to figure out. Here, I’ll show you how to set up S/MIME on your Mac running 10.9 “Mavericks” or 10.10 “Yosemite”, and then transfer that S/MIME certificate to your iOS 7 or 8 device.

Getting an S/MIME certificate

To use S/MIME, you must obtain a SSL Certificate for your e-mail address. To be useful, you need a SSL certificate that is signed by one of the major Certificate Authorities (CAs). The “big” commercial CAs are already trusted by most operating systems. (It’s possible to generate a “self-signed” SSL certificate on your own, but that will generate “untrusted certificate” errors for your correspondents unless you make them do extra work.)

There are several CAs that will give you a “Class 1″ SSL certificate for your email address. That’s the minimum you need.  You can get “better” certificates that provide a stronger proof of your identity. If you don’t already know you need a better SSL certificate (and how to get one), you’re almost certainly fine with a Class 1 certificate.

StartCom offers a basic Class 1 SSL certificate at no charge. It’s good for a year. You can get a new one at no charge when it expires. For personal e-mail, it’s sufficient.

To get a StartCom SSL certificate:

  1. Go to https://www.startssl.com in Safari. (It’s important that you use Safari.)
  2. Click the “Control Panel” button at the top right of the page.
  3. Click “Sign-up”.
  4. Enter your name and address. Enter the e-mail address for which you want a certificate. Make sure you spell it correctly. Click Continue.
  5. A pop-up message will appear asking you to verify that you’ll comply with the StartCom policies. Do so.
  6. Your browser may seem to take a while to load. Don’t hit reload or quit the browser. During this time, your browser and the CA are negotiating your new key.
  7. A new screen will appear asking you to enter a verification code. Check the e-mail account you entered; it should be there. Copy and paste it into the field. You need to do this within 15 minutes, or you’ll have to start over.
  8. You’ll be asked to verify what grade of key you’d like to generate. I recommend you select “2048 (High Grade)”.
  9. After clicking “Install” on the next screen, Safari will download the new key and start the Keychain Access program. You may see its icon bouncing in your Dock. Click the Keychain Access icon in the Dock.
  10. You should see your new key listed under the “login” keychain, in the “My Certificates” category.

Getting more SSL certificates

If you have more than one e-mail address, you can get additional SSL certificates now. Go to the StartSSL Control Panel and click on Validation Manager. This will let you validate the new e-mail address. Once you complete the validation process, you can click Certificate Manager to create a new certificate for the additional address. When Certificate Manager asks you to choose between SHA-1 and SHA-2 (Advanced), select SHA-2.

Installing your S/MIME certificate in Apple Mail

  1. If you already have Mail running, quit it and restart it. That will load the new key (presuming the account is already set up in Mail).

Using S/MIME in OS X Mail

Any message you send from an account that has a valid S/MIME certificate will automatically be signed. In the new-message window, you’ll see a checkmark icon near the subject line. It will be dark (10.9) or blue (10.10) to indicate the message will be signed.

When you receive a message that is signed with an S/MIME SSL certificate, you’ll see a similar blue checkmark next to the sender’s name in the message. Mail will automatically remember that SSL certificate.

To encrypt a message, you must first have the S/MIME SSL certificate for each recipient. Click the padlock icon near the subject line so that it’s a closed padlock. This enables encryption. If you cannot click it or it is greyed out, you’re missing the SSL certificate for one or more of the recipients. The easiest way to get someone’s SSL certificate is to ask them to send you a signed message.

To see if you have a valid SSL certificate for a recipient, check the Contacts application. A checkmark-in-a-seal icon will appear next to each email address that has a valid SSL certificate on file.

Installing your S/MIME certificates on iOS

Once you’ve got your S/MIME certificate installed on your Mac, you can transfer it to an iOS device.

Part One: Export the certificate from your Mac

  1. Open the Keychain Access application. If it’s not already open, you can find it in the Utilities folder of your Applications folder.
  2. Select the “login” keychain from the Keychains list on the upper left side of the Keychain Access window.
  3. Select “My Certificates” in the Category list on the lower left side of the window.
  4. On the right side of the window, a list of certificates will appear. Find the one that’s associated with your e-mail account. If there’s more than one, check the expiration-date column and select the one with the most recent date. However, do not select one that has a red X on its icon; such certificates are invalid.
  5. Choose “Export Items…” from the File menu.
  6. Select the “Personal Information Exchange (.p12)” file format. Give the file a suitable name, and save it someplace safe. I suggest that you do not save it to cloud storage (iCloud, Dropbox, etc.)
  7. You’ll be prompted to create a strong passphrase for the file. This will be used to secure your certificate while you move it. It’s important that you choose a very strong passphrase. I recommend using a random password that’s at least 20 characters long, or a phrase made up of six or more random words.
  8. Now that the .p12 file is created, e-mail it to yourself.

Part Two: Import the certificate on your iOS device

  1. Open the Mail app and find the message that contains the .p12 file. Tap the file icon to load it.
  2. An “Install Profile” popup will appear for the Identity Certificate. Tap “Install”.
  3. A warning that this is an unsigned profile may appear. If that happens, tap “Install Now” to acknowledge it.
  4. You will be prompted for your Passcode. Enter the passcode you use to unlock your iPad or iPhone when it’s at the lock screen. (You do have a passcode set, right?)
  5. You’ll then be asked for the password for the certificate. Enter the passphrase you came up with when you created the .p12 file on your Mac.
  6. You may see a note that the certificate is “Not Trusted“. That’s okay.
  7. Push the Home button. Find the Settings app and start it.
  8. In Settings, find “Mail, Contacts, Calendars” and select it.
  9. In the list of accounts, find the account for this e-mail address and tap it.
  10. Tap the “Account” line.
  11. Scroll down until you see “Advanced”. Tap it.
  12. Scroll down until you see the “S/MIME” section.
    1. Make sure “S/MIME” is turned on.
    2. Tap “Sign”. Make sure that the certificate for this account is selected, and that Sign is turned on. (If you tap on the (i) icon, you should see that the certificate is “Trusted“.)
    3. Tap “< Advanced” or “< Back” to go back to the Advanced screen.
    4. Tap “Encrypt by Default”. Again, select the correct certificate, and make sure Encrypt by Default is turned on.
    5. Back out until you’re at the Account screen, and then tap Done to accept the changes.
  13. Repeat the above steps for each additional iOS device you use.
  14. When you’re done with all your iOS devices, delete the email containing the .p12 file so no one can get a copy by hacking your e-mail account!
  15. Repeat the above steps for each additional e-mail account you need to set up.

Using S/MIME in iOS Mail

iOS Mail will automatically sign any messages you send from an account that has a valid S/MIME key installed.

Unlike OS X Mail, iOS Mail does not automatically remember the S/MIME certificate from a signed message. If you receive a signed message, you need to manually add the key to use it for encryption later:

  1. Tap the recipient’s name in the “From” header. (It will have the checkmark-of-quality indicating a valid S/MIME certificate.)
  2. When the recipient-address pop-up appears, tap “View Certificate”.
  3. Make sure that “Trusted” appears next to the Install button. That indicates that the certificate is valid.
  4. To install the certificate, tap “Install”.
  5. Tap “Done.”
  6. Tap outside the address pop-up to close it.

When you send a message, iOS will automatically encrypt it if you have the recipient’s S/MIME certificate. When you compose mail, you’ll see “Encrypted” at the top of the window. That will appear so long as you have S/MIME certificates for all the recipients. If you enter an address for someone for whom you have no certificate, the header will change to “Not Encrypted“. You’ll see blue padlock icons next to each recipient whose certificate you possess, allowing you to see who the insecure person is.

Oct 29

At last night’s Public Hearing on the Granby Planning and Zoning Commission’s proposed revisions to the town Zoning Regulations, I submitted a written critique of the proposal.

You can find the existing regulations and the proposed amendment on the Town’s web site—although the amendment text isn’t exactly the same as that before the Commission last night. The copy they had includes paragraph numbers.

Granby Community Television posted video of the hearing on YouTube, including the comments I made.

The written comments I submitted are now part of the public record, and should be available for inspection at the Office of Community Development. In my experience, it’s not always easy to get to those public records, especially electronically. Therefore, I’m posting a copy of my comments here.

In PDF format, you can read the  cover letter enumerating my objections,  some revisions I proposed to address the objections, with annotations, and a page of annotations that were too long for the margins that Word decided to spit out as a separate document entirely.

Unfortunately, the Commission closed the public hearing last night after receiving comments from me and my mother, so they aren’t likely to accept additional comment at this time. However, if they make substantial revisions to the proposal—as I hope they do—they would likely need to open a new public hearing.

May 15

Today’s a really bad day for WordPress spammers. My site is under a flood of bogus comments being sent in hopes that one will slip through and carry an advertising link someone will be dumb enough to click. As a result, it may take a while for pages to load.

May 13

On Saturday, May 10, 2014, a few heavy downpours made their way through North Granby. The result was a stream of sediment pouring down Peck Orchard Road from the Peck Orchard Knoll sand mining stockpile building site.IMG_0317Not only did this wash across the road higher up, but water poured down to the foot of the road. When the drainage culvert further uphill got clogged with sand, it reached the lower culvert…

IMG_0324

…which empties directly into Fox Brook.

IMG_0318

The brook, which was running clear above the culvert, turned brown from the runoff coming through the culvert.

IMG_0320

This picture is only a few hundred feet upstream from where Fox Brook discharges into Salmon Brook.

How did this happen? The evidence was there on Sunday. It all starts with the gigantic funnel created by the huge mounds of sand that have been bulldozed up and left exposed. These mountains were created weeks ago, and have stood untouched since then. Notice the pile on the right, which extends far above the original topography of the site. There’s another on the left, hidden behind a hill.

DSCN2665That part in the middle? That’s a “road” dug into the sand. Rain from these hills sheds down into this new artificial valley. Despite R. R. Hiltbrand’s presentation at the special permit hearing, wherein their engineer claimed that this sandy soil was incredibly quick-draining and it could absorb the runoff from a hundred-year storm, this summer thundershower obviously created damaging runoff.

DSCN2664

Looking closer at that hillside, you can see the deep gullies created from erosion. It’s obvious that a lot of water ran down that hill, and that it wasn’t being absorbed by the sand.

DSCN2669

When it hit the bottom of the sand ramp, it left a huge pile of silt on top of the traprock apron that Simscroft-Echo Farms installed.

DSCN2670

That runoff was then funneled off to the side of the driveway… mostly. POK had a small pit in the sand here to catch sediment; it filled up in the previous storm. This time, it didn’t help.

DSCN2671

The runoff went out and around the silt fence and hay bales that were supposed to contain it. It washed onto the “bituminous” driveway apron: chunks of loose asphalt material packed into a firm, but not solid surface. Why didn’t the silt fence work?

DSCN2672

It was full. The design of this “erosion control measure” was laughably inadequate to cope with a spring thundershower; one can imagine how it would perform in a serious summer thunderstorm. It will take a lot more hay to stop a pile of naked sand this size from washing away.

DSCN2678

Besides,a few wooden stakes pounded not very far into the ground are no match for hydraulic pressure. Once the stakes flop over, the fence does nothing to control runoff. However, it does present a serious hazard to traffic.

DSCN2693

Past that silt fence, there’s evidence of a large, erosive water flow. Possibly it was enhanced by runoff from the hillside that has been stripped of trees but not yet stripped of topsoil.

DSCN2695

The result was a veritable river delta stretching across Peck Orchard Road. On Saturday, this part of the road was a brown mass of silty runoff. On Sunday, it was a potentially deadly hazard to bicycle and motorcycle traffic.

DSCN2698

Remember that bituminous driveway material? Here’s a whole bunch of it, several hundred feet down Peck Orchard Road. It may be more permeable than pavement, but it’s not permeable enough to stop this much water… and it doesn’t stay put.

Then we come to the first storm drain on the side of Peck Orchard Road.

DSCN2701

If you’re looking for it, it’s right near the construction sign. (The one that isn’t reflective, and therefore can’t be seen well at night—which is why Connecticut DOT requires reflective signs for state contracts.)

DSCN2709

You still can’t see it? That’s because it’s buried.

DSCN2703

A few leaves and a whole lot of mud make for a clogged storm drain…

DSCN2707

…but not before the whole pipe fills with sediment, and the outlet swale loses a few inches of depth.

DSCN2705

Cleaning out that drainage pipe and runout is going to be a time-consuming, expensive job for Granby Public Works. I wonder if Granby taxpayers will be footing the bill?

Having filled up the first storm drain, the water kept flowing downhill, carrying silt with it.

DSCN2712

 

Very little of this is from winter salt-and-sand spreading. Most of this is fresh silt.

DSCN2717

 

Both sides of the road had torrents of water running down it. Here’s the erosion on the other side of the road. Fox Brook is about 25 feet to the right from this next shot.

DSCN2722

 

By the time the water reached the second storm drain, it was still carrying substantial silt. It made a good start on clogging this drain, too.

DSCN2735

 

You can still see the new layer of sediment in Fox Brook at the other end of that culvert.

DSCN2742

 

But at least it’s not like there’s any environmental threat from this sand, is there?

DSCN2758

I think that filling Salmon Brook’s tributaries with sand might have an effect on any juvenile salmon that might be present.

Since these photos were taken, Peck Orchard Knoll has dug out some, but not all, of the silt from behind their silt fence, and they’ve pounded those wooden stakes back into the ground. The road has been swept, but it still raises clouds of fine sand dust when people drive past. (The past few days haven’t been kind to the paint on cars traveling Peck Orchard Road!) Even so, if we get another fast-moving downpour like last Sunday, this will happen again. The same erosion controls are in place, and they are demonstrably inadequate.

And Granby still hasn’t gotten around to making it illegal to do this again.

 

 

 

 

 

Mar 10

When Michael Girard presented his Peck Orchard Knoll excavation proposal to the Planning and Zoning Commission of Granby, CT, he and his engineer claimed that there was no realistic chance of environmental damage. The proposal called for removing about 100,000 cubic yards of sand and gravel from the site, a hilly residential lot.

The proposal was withdrawn after the Commission showed reluctance to give Peck Orchard Knoll carte blanche to excavate… and because it turns out that they didn’t need a special permit to create what is, in essence, a strip-mining operation on a residential lot in Granby. A simple building permit, issued after pro forma inspection, suffices under Granby’s regulations. However, the plans submitted with the building permit application were substantially the same as the special-excavation plans.

A warm weekend, causing almost two feet of snowpack to start melting, shows evidence that Peck Orchard Knoll’s claims that runoff wouldn’t be a problem were… inaccurate.

While the plans call for Phase One to be a driveway with various sediment controls, the actual first phase of the project is using an old wood road that was cut illegally close to the adjoining property line, according to the town’s previous building inspector. The wood road has been “improved” with crushed stone, but without any inherent runoff controls.

Gravel access road into Peck Orchard Knoll showing muddy runoff leaving the property and heading down Peck Orchard Road

The “wood road” access road into Peck Orchard Knoll, Sunday, March 9, 2014.

The result, as seen here, is a river of muddy water, laden with sediment, running down Peck Orchard Road.

Peck Orchard Knoll access road, showing muddy, sediment-laden water entering the road and running downhill

View of Peck Orchard Knoll access road facing uphill.

Runoff does run down Peck Orchard Road for quite a ways, and a fair amount of water comes down the hill from above Peck Orchard Knoll. However, much of it leaves the road in the swale just uphill from the access road. On this day, the runoff that did come from uphill was practically clear. All of the brown, muddy sediment in these photos is coming from Peck Orchard Knoll. There is a fair amount of sand on the side of the road; Granville plows Peck Orchard Road, and they use a sand/salt mix. However, the sand mix is clean, and doesn’t create mud, especially not this long after the last snowstorm. In the next picture, you can clearly see how clean the “upstream” water (on the right) is, and how muddy the runoff from Peck Orchard Knoll (left) is.

Close-up showing contrast between practically clear water from uphill and deep brown muddy water from Peck Orchard Knoll's access road

Clear runoff in the center/right is from uphill on Peck Orchard Road. Mud at the left is entirely from Peck Orchard Knoll’s access road. Water is flowing downhill, toward the top of the photo.

What about the sediment control? Well, to be fair, Peck Orchard Knoll did install some sediment controls for this wood road. There are hay bales:

Crushed-stone driveway with muddy runoff; along the left edge of the driveway, there is a stack of hay bales neatly piled on top of the snow, completely out of the potential path of any runoff.

POK’s access road. Note sediment-control hay bales (stacked, on left).

And there’s also landscaping cloth:

A used, haphazardly-bundled section of black landscaping cloth, with wooden stakes entwined within, sitting on the snow beyond another landscape-cloth silt fence bordering the POK access road

This bundle of landscaping cloth was, at one time, placed across POK’s access road when they weren’t working. On Sunday, it was carelessly discarded, near (or possibly over) the property line.

Obviously, the Simscroft-Echo Farms employees who are excavating the site didn’t think that it was critical to reinstall the erosion-control system before leaving the site the last time they were working. They aren’t working every day; they’re removing sand when they have a buyer for it. They certainly weren’t working this past weekend, when temperatures were as high as the mid-fifties.

The effect of this negligence is a new river delta in front of Linda Varcoe’s home on Peck Orchard Road:

Sediment lining Peck Orchard, with a broad swath of muddy runoff  crossing the width of the road

The sediment on the left is mostly dirt, mud, and stone dust from the wood road. Some of it is road sand, but notice the muddy texture: road sand doesn’t look like that.

The entire width of Peck Orchard is coated with runoff here. At night, when the temperatures drop below freezing, this will be black ice.

You can also see here that the road is starting to break down from the runoff, perhaps enhanced by the additional heavy truck traffic. Unlike Hartland, Granby does not routinely seal cracks on Peck Orchard Road. However, historically the road has been lightly used and has held up pretty well. This year, it’s a different story.

Muddy runoff pouring into a  two-inch-wide, long crack in the middle of Peck Orchard Road's uphill travel lane; asphalt debris is visible nearby. Muddy runoff fills half the travel lane.

It’s small now, but let’s see how it looks in a week after some freeze/thaw cycles.

This isn’t just a little extra runoff; it’s substantial sediment running the length of Peck Orchard Road.

Quick-flowing runoff traveling through thick muddy sediment covering one-third of Peck Orchard Road's uphill travel lane.

Some of the runoff continues all the way down the road. However, much of it enters a culvert near this road sign.

Fast-moving muddy runoff courses down Peck Orchard Road. Much of it flows into a culvert at the side of the road, hidden under snow. However, a stream of it continues down the road into the distance.

No small amount of sediment is entering this culvert, hundreds of feet downhill from Peck Orchard Knoll’s driveway.

A drainage grate is partially seen underneath a crust of ice and snow at the edge of the road. A thick layer of sediment—some of it road sand, some of it mud—creates eddies in a stream of very muddy water flowing into the grate. A discarded Nantucket Nectars bottle lies in the gutter.

Peck Orchard Road also has a litter problem. Unusually, this drink container isn’t for an alcoholic beverage.

This grate enters a culvert under Peck Orchard Road. It drains on the other side.

Covered with deep snow, a gulley in the downhill side of Peck Orchard Road leads toward Fox Brook, about 100 feet downhill of the culvert opening and currently covered with ice and snow. As such, the brook itself isn't immediately visible.

The culvert’s drainage channel comes out just uphill of Fox Brook, currently frozen over and covered with snow.

Click the photo to see a larger version. Because of the cold winter, Fox Brook is a bit hard to see; it’s in the floor of the valley seen in the background, currently covered with ice and snow. While you can’t see the runoff from this culvert in this picture, it is there, underneath the snow.

That river of mud is heading straight for Fox Brook.

And Fox Brook, a few hundred feet later, empties into Salmon Brook.

These are the wetlands that Peck Orchard Knoll said would be unaffected by their work. During the public meetings, there were those who scoffed at the suggestion that silt and sediment would enter the Fox Brook watershed.

Yet here we are, barely into snowmelt season, and it’s already happening.

We’ve still got a foot of snow to melt.

We haven’t gotten any spring rains yet.

And there’s the potential for so much more runoff, because—let’s not forget—this is a strip mine:

The Peck Orchard Knoll mining site, showing two- to three-foot deep raw cuts into topsoil, as well as exposed hillsides of fine light-grey sand, all unprotected from the elements and with no visible erosion-control measures. A large backhoe is parked on the hillside, where it was excavating sand. A large expanse of freshly-clearcut land extends uphill from these cuts, covered in snowfall.

This unprotected, raw topsoil is already washing down Peck Orchard Road just from snowmelt. What happens if we get a thunderstorm?

There’s nothing left to protect the land here. The topsoil has been scraped aside and piled uphill. There are raw cuts exposing feet of topsoil. A pit of sand is exposed to the elements. Notably absent from the work zone is any form of erosion control whatsoever. That pile of topsoil is wholly unprotected. The banks are unprotected, even as a thick pack of snow is exposed to direct sunlight thanks to the clear-cutting of the property. There’s nothing in place to keep it from washing down the road and into the creek.

Well, except those hay bales and that length of sediment fence.

You know, piled up where it won’t get dirty.

But even if it were in place, is it reasonable to think that such a rudimentary structure would suffice?

Would it hold up to an April thunderstorm?

Just a few months into this excavation—which Girard said could take years to complete—and already, these promises of environmental responsibility appear to have fallen by the wayside. I’m scared to imagine what damage will be wrought to the neighborhood by the fall.

In the meantime, the Town of Granby can’t even scrape up enough people to make a quorum to meet and discuss possible drafts of potential changes that might get enacted to change Granby’s zoning regulations to stop this sort of thing. From my point of view, it simply doesn’t seem to be a priority for Granby’s land-use-governance officials.

 

NOTE: All comments on this site are moderated, and will not appear until approved. This may take hours or days. This is because there are many, many spammers who think that posting blatant advertisements as blog comments is a good idea. Most legitimate comments will be approved and posted. However, I reserve the right to decline posting any comment, especially those that are defamatory or incendiary in nature.

Jul 05

Lowell C. McAdam
Chairman and Chief Executive Officer
Verizon Communications
140 West Street
New York, NY 10007

Dear Mr. McAdam,

I can’t understand your strategy behind pushing Voice Link as a replacement for landline wireless. It seems to be a major misstep, of the kind that should lead prudent investors to short Verizon.

I understand that your revenue from traditional landline services has declined. As you sell it today, copper landline service is mostly noncompetitive with the alternatives, and that has hurt its market share in your service area. But that’s not the whole story.

Yes, copper landlines come with many regulatory restrictions, require considerable maintenance, and do not support competitive broadband data speeds. From a consumer point of view, they only work in the home and they’re expensive.

But, from Verizon’s point of view, I think you’re missing something important: Copper landline technology has a substantial benefit that differentiates it from all of your competitors, a benefit Verizon has failed to market properly.

It’s reliable.

Or, at least, it used to be reliable; in your service areas, your failure to maintain copper plant and infrastructure has weakened that reputation considerably… but it can still be regained.

With a copper landline, properly implemented and maintained, service remains up until the line is severed, and that generally takes considerable damage. If commercial power is out, landlines generally remain up. If you need to call 911, it’s going to work best from a landline, which will have the capacity and power to complete the call, and will reliably connect you to the correct PSAP on the first try, with accurate location data even if you can’t speak. If you need a medical alert device, a landline is the most likely to work when you need it. It won’t turn out not to have a generator, or be overloaded by many calls, or fail due to radio interference. It doesn’t depend on having commercial power to the home to charge batteries or power base stations.

In short, the key differentiator of the venerable copper landline is that it’s suitable for life-critical communications.

Consider: Once you transition a customer to Voice Link, they are now on your wireless service. That’s a commodity product, and it lacks that key differentiator. For a consumer, Voice Link is not substantially different from AT&T’s fixed-wireless service available at Target, or similar offerings from Sprint, T-Mobile, or their MVNOs. It’s also not substantially different in terms of reliability or price from numerous VoIP providers.

By moving people to Voice Link, you’re inviting them to drop Verizon entirely and move to competitors that offer the same service with better features or a better price… because you can’t use your key advantage, the unmatched reliability of a regulated copper landline.

Investors should shy away from companies that willingly surrender a key market differentiator in the name of short-term profit.

Already, Verizon has surrendered the Internet market to its cable competitors by abandoning FiOS. Verizon’s DSL offerings are pathetic compared to cable’s low-cost, high-speed Internet; fixed wireless LTE is so expensive that it’s solely a last-choice alternative.

I am currently a Verizon landline customer. I pay for the service because I value the reliability, even though Verizon’s landline service costs more than a VoIP line even without services now seen as basic, free features on every competing technology: caller ID, call waiting, voicemail, unlimited long distance… If Verizon were to stop providing this landline service, I would not purchase Voice Link. I would move to one of your competitors, where I would get a better value for less money.

My advice to you: Abandon Voice Link as a replacement for copper landlines. Market it as a low-cost alternative for those who need seasonal service, or service where installation of the last mile would be prohibitively expensive to the customer… or as an additional-line alternative to VoIP. Reinvest in your copper landlines to restore their reliability. Market that reliability heavily. Bring the feature set of a basic $35 landline in line with that of a $20/month prepaid cellphone: caller ID, call waiting, and basic voicemail at no additional charge. You can then use affinity programs to sell landline consumers on your wireless offerings by providing a discount.

The alternative—eliminating your inherent competitive advantage, the last advantage of the old Bell monopoly you’ve been allowed to retain—makes no business or social sense.

Sincerely,

 

Robert A. Levandowski

Mar 31

I’m a big fan of the Lego video games… and of Legos in general. I was hooked by the fun gameplay and brilliant humor of the first game, Lego Star Wars. Unfortunately, as the series has made its way through Star Wars, DC Comics, Indiana Jones, and Harry Potter, it has lost some of its magic and a lot of its humor. It’s also revealed a number of fundamental bugs in the code that Traveller’s Tales, the division of Warner Bros. that produces the Lego video games, has failed to address for years. Some of the games contained game-ending bugs, especially on the original Nintendo Wii.

I had high hopes for the new game, Lego City Undercover, even though I wondered how they’d fare with a game that isn’t based on some other media property, but is made up from whole cloth. But playing it would mean investing in Nintendo’s new game system, the Wii U. It’s not available for any other platform.

The short version: Brilliant game, idiotic game system.

The Wii U hasn’t been selling. When the original Wii came out, it took almost a year for stores to have stock for more than a few hours after a new shipment arrived. They flew off the shelves at an unprecedented rate. The Wii U… not so much. From day one, you could have a Wii U by walking in and asking for one.

There are reasons for this.

The first reason, the most immediately obvious reason, is that there were very few Wii U games when the console came out, and none of them were “gotta have” games. Many of the release games were ports of games that were out for Xbox and PS3 for some time. There was a new (but not very innovative) Super Mario game. Nothing, though, in the way of a game that would drive fans to go buy the thing. Lego? Didn’t come out for four months. Zelda? Wait until 2014. (Well, to make the fans happier, Nintendo is porting the old GameCube Zelda game “Wind Waker” to Wii U for this Christmas… but it’s a game we’ve already played.)

I decided to take the plunge for my birthday because the Lego game finally came out, and because retailers have started selling the Wii U at a discount to get rid of stock. Best Buy ran a sale cutting $50 off the price of the basic model. That’s not a good harbinger for a game system that’s less than six months old.

Nintendo sells two models of Wii U: The “Basic” model is white and has 8GB of internal storage. The “Deluxe” model is black and has 32GB of internal storage, and comes with a charging cradle for the new Game Pad controller (available separately for $20 or less), and also includes the game “NintendoLand”. The calculus, then, is (a) Do you want NintendoLand? and (b) Do you want the extra memory?

What Nintendo doesn’t clearly tell you is that the difference in internal memory is essentially a moot point. Neither version has enough internal memory to be useful. The Wii U operating system consumes about 5GB of space on either console. After that deduction, there’s not enough memory left on the Deluxe edition to download “Lego City Undercover” if you wish to purchase it online. If you have any intention of using that internal memory for anything other than game-save files, you are going to have to purchase an external USB hard drive to give the Wii U a useful amount of storage. If all you need to do is save games, the 8GB console will probably do the job… and when it doesn’t, it’s hard drive time anyway.

Although the Wii U has an SD card slot, you can’t use it to store Wii U games or data. The slot is only usable when you reboot the Wii U into Wii emulation mode. However, you can’t just move your SD card from your old Wii to your Wii U. You have to first move anything you care about off that SD card back into the old Wii’s internal memory. Chances are that you bought an SD card for your Wii because all your stuff wouldn’t fit in the Wii’s internal memory in the first place. That’s okay, because you’re going to need to redownload most of your Wii games anyway. Just concentrate on the save data. But I’m getting ahead of myself.

When you buy your external hard drive, if you go to Nintendo’s web site you will find that they recommend a desktop hard drive with its own power cord. It seems that the USB ports on the Wii U do not put out enough power to properly drive a bus-powered hard drive, i.e., the most commonly available, least expensive, and smallest models. Nintendo doesn’t officially support it, but you can work around this by buying a bus-powered portable USB hard drive and a powered USB hub to plug it into. Nintendo’s web site also warns that you shouldn’t use USB flash drives or SD-card adapters with the Wii U as it may not have enough power to operate them properly. In other words, the Wii U’s USB ports are decidedly nonstandard. They’re also USB 2.0 only, so you’re stuck with relatively slow hard drives.

But then, the Wii U specializes in slow.

When you first start the Wii U, you will need to download a new firmware update before you can do much of anything. If you skip the update, you can play games that you bought on disc in a store, so long as you don’t want to play online, or receive patches to fix bugs. Without the update, many of the Wii U’s features don’t exist. The update is large and takes hours to download, even if you have an extremely fast Internet connection. It seems to me that the Wii U has a flawed WiFi system: in downloading the same program to both the original Wii and the Wii U in Wii emulation mode, the original Wii downloads the file almost twice as fast. Even over a 50Mbps connection, the Wii U needs about an hour and a half to download that first firmware update, and it struggles to hit 5Mbps doing so. This may be a combination of flawed hardware and overloaded servers on Nintendo’s end.

Unlike Xbox and PS3, you don’t have the option of using a wired Ethernet connection. Theoretically, you can use a Nintendo-licensed USB Ethernet adaptor made for the Wii with the Wii U. However, folks who have tried this have reported that it’s even slower than the WiFi connection.

That download speed problem doesn’t seem to get better as time goes on.

As for your home firewall, Nintendo recommends that you essentially disable it completely, forwarding every possible TCP port to the Wii U to prevent problems with online games. There’s no mention of whether or not the Wii U supports common protocols like UPnP or NAT-PMP to overcome firewall issues. The suggestion that the Wii U should sit essentially unprotected on the Internet is unforgivably naïve.

Once you have the firmware, you have to go through the process of creating a user account on the Wii U and creating a Nintendo Network account to link it to. This involves responding to a verification email. You can’t choose to have that email sent to your Wii’s email address, for some reason.

Then you get to stare at a “Please Wait” screen while the Wii U menu loads. This takes 20 to 30 seconds, possibly longer. It’s positively glacial, and it sets the tone for the Wii U experience. Nintendo promises a speed boost with an April firmware update, but the video they’ve released shows that menu loads are now merely measured in terms of historical eras instead of geologic epochs.

When you go to load a game for the first time, there’s a good chance you’ll be presented with a popup to download an update to the game. The good news is that, unlike the original Wii, game makers can issue patches to games you’ve purchased on a disc. The bad news is: slow download speeds. Sorry, kids, it’ll be another 15 minutes before that game we just brought home starts loading.

And once you get past that, wait some more while the game loads.

I’ve never, ever, played a Wii game that had anywhere near the amount of “Please Wait” that a Wii U game has.

Be careful about putting the controller down to go do other things. As a power-saving measure, by default the Wii U will turn itself off if you don’t use it for an hour. It doesn’t bother saving your game when it does so. If you get a call from Mom, remember to go unpause the thing periodically so it doesn’t kill your progress. You can turn this feature off, after more waiting for the settings app to load.

The new GamePad controller is interesting, but sort of gimmicky in usage. The use of the second screen is not yet mastered by the programmers. Technologically, it works fine. In terms of being useful instead of a hindrance in gameplay, that’s a tossup.

What the GamePad definitely is would be “uncomfortable”. For some insane reason, Nintendo designed it with a flared chamfer along the case join around the entire perimeter of the case. This means that there’s a sharp ridge biting into your palm as you hold it. Be prepared for a nice red mark after your first session. If, like me, you loved the Wiimote/Nunchuck combination because you could hold both hands in comfortable, supported positions… that’s gone for Player One. You get the GamePad, with its wide, square body. Aching wrists will join your sore palms after a few hours.

On the other hand, all you’ll get is a few hours. The GamePad’s rechargeable battery only lasts 2.5 to 3.5 hours, depending on usage. Once it’s depleted, it needs 3.5 to 4 hours to recharge. You can keep playing while you’re plugged in to recharge… if you unplug the charger from the charging cradle, of course. And if the game you’re playing expects you to wave the GamePad around, that cord will get in the way. The battery appears to be a cost-saving measure; there’s room for a larger battery in the GamePad’s bay, and at least one third-party vendor plans to introduce an aftermarket replacement with three times the capacity that fits into the existing battery bay.

So, you’ve got your external hard drive, you’ve banked up patience for the slow download, you’re thinking about buying a game online. You’re prepared for the idea that it may take all night, even if you have Google Fiber speeds. There’s still more gotchas there.

Unlike Xbox and PS3, your downloaded game is not tied to the account you used to purchase the game. It’s tied to the particular Wii U that you used to download it. If that Wii U breaks, you’re out of luck. You’ll need to buy a new copy.

You won’t get a discount for purchasing online. Downloads are priced at full retail, unless the game manufacturer is running a sale, which isn’t terribly common so far.

Even after downloading the game, you may still have to wait to run it as that patch download system kicks in. That’s right, the game you buy and download won’t be fully patched when you download it.

As for funds to buy the game, you can’t use leftover Wii Points from your old Wii. And don’t buy a Wii Points card in the store to charge up your Wii U unless you want to buy old Wii games with them. For Wii U games, you need to find a Nintendo Network prepaid card or use your credit card. Nintendo Network cards aren’t all that widespread yet. Oh, and you can apply Nintendo Network points to a Wii U or a Nintendo 3DS, but once redeemed on one or the other, you can only use them there.

In short, Nintendo has been paying absolutely no attention to its competitors’ online stores or to the App Store model that’s taken over the mobile world.

So what we have here is a fundamentally flawed console with few good games, limited future prospects, unforgivably slow operating software, flawed connectivity, a painful controller, and a brain-dead online store.

The sad thing is, it’s the only game in town when it comes to playing the wonderful new Lego City Undercover.

If you like the Lego video games, you’ll want LCU. The humor of the first Lego Star Wars, which has petered off and become stale and scarce in recent releases, is back in a big way. LCU is essentially a parody of every cop show and movie trope of any note, with a heavy emphasis on cheesy 1970s/80s cop show. The voice acting—a distraction in Lego Lord of the Rings, where it seemed forced and obviously recycled—is a huge asset to LCU. The dialogue is witty and often laugh-out-loud funny, with the occasional “did he really just say that?” double-entendre.

LCU is easily the most bug-free Lego videogame I’ve played. On very rare occasions, event triggers can get confused, but we’re talking once per four hours or so, instead of the constant negotiations involved in playing Lego Indiana Jones or Lego Harry Potter on Wii. Characters do a much better job of walking and jumping where you want them, too. Busted bricks and showers of studs don’t trigger massive slowdowns and don’t threaten to lock the system up. Given how frustrating the Traveller’s Tales engine has been on the Wii, this is a massively welcome improvement.

It’s also a huuuuge game, with a massive overworld that will take days, not hours, to explore. As another reviewer noted, think “Lego Grand Theft Auto, but as a cop.”

The only downside is that transitions to special events or story levels involve yet more “please wait”. At least the game’s theme music is catchy. You’ll hear it a lot during load screens.

LCU could have been the “gotta have it” game to drive sales of the Wii U. Ultimately, I think the console is too flawed for even a great game to propel sales. If you want LCU, and you know you’ll buy the next Zelda the day it comes out, whatever form it takes, you might think about a Wii U if you find a great discount.

On the other had, if Nintendo wants the Wii U to start selling, they need to:

  • massively improve the operating system’s speed
  • figure out how to speed up the optical drive
  • fix the broken WiFi and their server farms
  • add a wired Ethernet port
  • add fully-standard-compliant USB ports that support bus-powered drives and flash drives, preferably with USB 3.0
  • smooth out the sharp ridge on the GamePad
  • put a better battery in the GamePad
  • tie online purchases to a user account instead of the console
Jul 26

Parallels makes a popular program, Parallels Desktop, that lets Mac users run other operating systems in “virtual machines” on their Mac. One can run various flavors of Windows, as well as UNIX and UNIX-like operating systems such as FreeBSD, Linux, and Solaris. It’s a useful program.

It’s also a program from a company that seems highly clueless.

Okay, I’m not happy that every time a new major version of Parallels comes out, it costs at least $40 to upgrade it… and a new version seems to be required for every new version of Windows and every new major version of OS X. But okay, these things cost money to make, and virtualization software is more complex than most. It’s still annoying when an OS upgrade breaks Parallels until you pony up for a new version.

But now they’ve gone too far. Parallels Desktop 7, which is required to run under OS X 10.8 Mountain Lion, comes with advertisements. When you start the program, you get an ad for other Parallels products, or products from third parties that Parallels has deals with. Many of these products are Windows “bloatware”—software that takes up space, slows things down, and doesn’t provide much (if any) value to the user. You get these ads even though you’ve paid full retail for the software.

And you can’t turn them off.

Oh, there’s a “Don’t show me this again” button. But the thing is, Parallels has taken a unique interpretation of this phrase. Most people, seeing a dialog box when they start a program with some useless blather in it and a “Don’t show me this again” option, would assume that checking the box would prevent you from ever seeing that dialog on program startup again. Parallels’ interpretation, however, is “Don’t show me this particular advertisement again.”

So you check the box, expecting to be rid of it… and a few days or weeks later, it comes back, with a new dubious offer.

Ad infinitum.

If you ask Parallels on their public forums, they’ll tell you that you cannot disable the advertising entirely… and that they can’t remove it because it could affect Parallels’ performance.

Well, the second part is unmitigated bull excrement, certainly. They wrote the ads in; they can write the ads out. The only “performance” that will be hurt by removing the ads is the performance of Parallels’ balance sheet.

Besides, you can disable ads in Parallels Desktop, although you have to use commands in the UNIX command shell to do so. But don’t try to share this information with other Parallels users on their forum; your message will be swiftly deleted by Parallels staff, who continue to publicly state that it’s impossible. (However, if you complain loud enough, they may tell you the trick in private, out of public view.)

That’s just plain sleazy. It’s demeaning to the intelligence of their customers on many levels, and it’s a clear sign that the company has no respect for its customers.

It also raises the question: Parallels, of necessity, insinuates itself deep into the guts of your operating system. If they’re sleazy enough to do this, what else are they sleazy enough to do?

But that’s not the end of the clueless. Have a look at Parallels’ Facebook page. On the plus side, someone from the company is actually watching the page and responding to many posts there. However, the vast majority of those responses is some variation on “Thanks, please visit our website to open a support ticket for your [question|concern|criticism|widespread obvious PR disaster on our part].”

Guys, the key word in “social media” is social. Sending people to your support website to get a response to a question asked in public is anti-social.

The thing is, as much as you wish you could control the narrative on Facebook and avoid public conversations that air your dirty laundry… well… it’s just not possible. Better to avoid having dirty laundry, or at least be seen attacking it promptly and energetically with laundry soap in public.

What Parallels is doing is a naked attempt to control the narrative, one that’s obviously failing… and doing so in a public, insulting-your-customers sort of way. Someone needs to tell them about the Streisand Effect.

Feb 10

Here’s some unsolicited advice for Ron Johnson, the new CEO of J. C. Penney.  Mr. Johnson has announced sweeping changes in the way Penney’s will do business, building on his previous successes at Target and Apple. I think his basic plan is not just sound, but laudable. If he really wants to reinvent department-store retail, here’s three specific things he could do:

Have a public e-mail address.

His former boss and mentor, Steve Jobs, had the public e-mail address steve@apple.com, and the address was well-known to the world. Apple even publicized it on their website. What’s more, Jobs personally monitored the e-mail sent there, and was known to occasionally reply to customer messages. Johnson should do the same: let us mail ron@jcp.com with our feedback. Yes, there will be a lot of noise to go through. On the other hand, CEOs often find themselves isolated from reality behind layers of middle management; having a direct channel to one’s customers helps prevent this. It worked for Steve… and no one else in this retail space is doing it.

Find out when customers are leaving the store because you don’t have their size.

When I shop at department stores, I’m often disappointed to find that they don’t have the size I need in some garment. Most stores don’t do a great job of arranging product to make it easy to find the right size. Even when they do, it seems like they stock sizes based on some inscrutable nationwide formula, not local demand; otherwise, it wouldn’t seem like the local stores are always out of the same sizes!

Look, department-store customers are used to lassez-faire customer service at department stores: We’ve got what we’ve got on the floor, we don’t know what’s coming in next week, we don’t know nothing. If the right size isn’t there, customers just leave. It’s a missed sale… and there’s nothing to tell the retailer “you would have made a sale if you had stocked more of size X.”

Penney’s will make more sales if they have the right sizes. They’ll get more customer traffic if they feel confident the store will have their sizes. You’ll gain customer trust and loyalty if they know you will have their sizes.

The store should figure out some easy way for customers to tell you “I would have bought this item if you had it in this size,” and promote the hell out of it.

Leverage logistics for the customer.

Look, we all know that retailers live and die by logistics and inventory. Penney’s has to know how many items they have in the store, of each type and size. In this day and age, it’s all computerized, and it should be easy to tell how many size-L red men’s cable-knit sweaters you have in the store… and in other stores. If they don’t already have this capability, I’d be astonished.

So, if I come up to a salesperson wishing that the store had that sweater in stock, I should never hear “I’m sorry, we don’t have any” as the sole response. Leverage your logistics; the salesperson should be able to whip out their iPod Touch with its barcode scanner, scan the shelf label, and tell me: “Oh, I’m sorry we’re out of that. I’ve noted that you were looking for it, so we can have more items like that in your size in the future. I see we’re expecting another shipment of this item on Thursday. I can hold one for you, if you’d like. I see our store in Poughkeepsie has two in stock today; I could also call down there and ask them to hold one for you.” (Bonus points: “Or I can have them put one on the truck tonight; it’ll be here tomorrow after noon.”)

This would delight customers, and it shouldn’t cost much—especially if Johnson has any plans to roll out portable-device checkout like he did at the Apple Store. Few stores go this far for the customer nowadays… but I know it used to be standard practice for Penney’s competitors, and that was back when it meant calling the other stores and waiting for someone to check the floor display.

Feb 06

Many years ago, I remember watching the PBS cooking show The Frugal Gourmet as a child, and being enlightened by the host’s explanation of the term “frugal.” Sadly, most people don’t seem to understand the difference, and confuse being frugal with being cheap.

A frugal person seeks to buy things with the most utility for the least cost of ownership. A cheap person seeks to buy things with the least initial cost possible.

Jeff Smith, the host of The Frugal Gourmet, illustrated the difference using meat pounders. One choice was a nice, stainless-steel pounder with an elegant design and some nice artistic flourishes. This pounder was by no means cheap, but was it frugal? No, because it cost more than equivalent tools that would do the job just as well. On the other end of the spectrum was a short length of two-by-four pine stud. This could also be used to pound out a cutlet, and it was undoubtedly inexpensive. However, it was clumsy to use. It was inefficient at the task; it tended to give both the user and the meal splinters, and it was difficult to clean properly. In short, it was cheap. The frugal option was a wooden mallet, of the type you could buy in any hardware store. It was inexpensive, it did the job well, and its finish allowed for easy cleaning. It cost more than the two-by-four, but the cost of using it was lower.

There was a time where being “fiscally conservative”, in the American political sense, meant that one was frugal. A frugal person doesn’t want the cheapest thing; they want the best value for their money. They want something that will last a reasonable time, that doesn’t incur additional costs in its use, yet has no unnecessary bits that run up the price. A frugal person understands that “costs” are not just monetary; wasted time and wasted effort are costs, as well, and need to be factored in. I believe that the term “fiscally conservative” has increasingly shifted away from “frugal” and towards “cheap.” That’s regrettable, because a cheap person usually winds up paying more over time than a frugal one.

I can walk into the local mall and buy a dress shirt at Macy’s for about $30, provided I make sure that the shirt is on sale. (It’s rare that they aren’t.) I can go further out of my way and buy a dress shirt from Brooks Brothers for about $78—less if I buy from their factory outlet, and use the discount card provided through my company’s associate-discount program. A cheap person would consider me crazy for buying the Brooks Brothers shirt. A frugal person would ask: How well are they made, and how long do they last?

My experience with the shirts Macy’s sells is that they are poorly made. It’s rare to buy one that doesn’t have ragged stitching. There are often visible flaws in the stitching. On patterned shirts, the alignment of the panels is haphazard at best. The fabric is often coarse and unpleasant to wear. The collar stays are cheap material that curls or breaks quickly. Most of all, the shirts wear out within a year to 18 months.

Brooks Brothers shirts, on the other hand, are very well made. Rarely, if ever, do I find a stitching error—even on their “factory second” shirts from their factory outlet stores. The material is high-quality, and properly aligned. The collar stays are sturdy and resilient. With proper care, I can get three years out of a Brooks Brothers shirt.

One year for $30, or three years for $78. I come out ahead with the more expensive shirt… and I feel better and look better doing it. That’s the frugal choice. By spending a little bit more, I get a better value for my money. It may mean that I have to plan my purchases more carefully to afford the initial expense, but because I get a better bargain in the long run by doing it, it’s worth it.

The opposite end of the spectrum, the truly cheap option, would be to buy a shirt at Walmart. While the Macy’s shirt is not particularly good, Walmart is well-known for squeezing their vendors to provide the cheapest possible product. The president of Snapper, the lawnmower company, famously told how Walmart’s purchasing agents tried to convince him to make a flimsy, cheap mower for the store (and tarnish his brand in so doing) because the Walmart shopper wanted a “disposable” mower that was cheap enough to discard instead of maintaining. Sometimes you can buy a product that appears identical to one sold elsewhere, including the model number, but the Walmart version is cheaper because it’s missing features that you would have gotten if you’d purchased elsewhere. Cheap, but perhaps the exact opposite of frugal. Much of what Walmart sells, in my opinion, is similarly disposable.

On some level, people realize this; there’s at least one academic paper showing that people perceive goods sold at Walmart as inferior. Yet, rather than save to buy what they perceive to be a superior product… they’ll go to Walmart. Does it really help that you can “afford” the GE microwave at Walmart when it breaks quickly and cannot be repaired because Walmart required GE to use inferior parts that aren’t available as replacement components?

Americans have bought into the cheap lifestyle. Yes, there is a place for cheap: many “consumable goods” are a place to economize by buying based on cheapest upfront cost. These are things that are inherently used up as you use them, like toothpaste or food. Unfortunately, this attitude has spread to “durable goods” as well: furniture, computers, appliances, clothing, cars, homes. We call them “durable” goods because they should last. They may occasionally need repairs, but they should be minor, as these are things that can be made durable—resistant to wearing out, long-lasting.

How does your company requisition durable goods? Do you evaluate suppliers to find the most frugal option, the one that will have the most benefit on your workers’ productivity given the combined cost of purchase and maintenance over the projected life of the item? Or do you just find the cheapest quote for something that meets the minimum requirements on the day it’s purchased? In my experience, most medium-to-large American companies choose cheap, not frugal.

Learn the ways of frugality and apply them to your own life. Spend a little more where it will give you better value; go without or spend less in other areas where you will lose less value to compensate. Encourage frugal thinking, at home and at work. Write to your legislators, and ask them to use your taxes frugally, not cheaply; you want value for that money!

Frugal should be a core American value. Let’s make it one.

preload preload preload