Tuesday 22 November 2016

Mac Safari running slow / slow to start loading page?

My Mac Safari has been running slowly for a bit - it seems to take ages to start loading the page.

Firefox has no such problem - so I'm pretty sure my ISP is OK (I have fibre at approx 40Megs)

So, with thanks to http://www.webnots.com/fix-safari-slow-loading-pages-mac-os-x/ I found the following seems to have fixed my problem.

Disable the DNS Prefetching in Safari:
1
defaults write com.apple.safari WebKitDNSPrefetchingEnabled -boolean false

(You can re-enable it by doing:
1
defaults delete com.apple.safari WebKitDNSPrefetchingEnabled)

Simple as that - don't even need sudo! Just restart Safari and off you go.

(For info, MacBook Pro 15" running Sierra)

Tuesday 1 November 2016

Sorting eMail into folders? Why would you do that?

I picked this up from listening to 'More or Less' on BBC Radio 4 (podcasts are available here http://www.bbc.co.uk/programmes/p02nrss1/episodes/downloads).

Since I got a large (multiple gigs) allocation of eMail space, my archiving/organising of email has effectively fallen to zero. I can search for people and subjects and grab the threads I need most of the time.

I get pushback on this approach from the 'Inbox Zero' brigade but it seems to work for me - after all, I don't organise my twitter or facebook feeds - I just let them scroll by - same with eMail - it'll be there when I need it.

Finally I have some support for my approach - and from IBM Research no less! MIT Technology review introduces and links to the research paper here: https://www.technologyreview.com/s/424056/stop-organizing-your-e-mail-says-study/

As with all things, your mileage may vary but at least I can feel less guilty about the '>999' message count on my mail icon . . :-)




Wednesday 26 October 2016

Quick reminder on self signed certificate generation

Purely a quick reminder to myself on how to generate self-signed certificates . .

This assumes you have openssl - example here works on both Mac and Linux. .

Generate the private key
openssl genrsa -des3 -out privatekey.pem 2048

The -des3 prompts for a passphrase, the -out <<filename>> generates the key, the 2048 is the number of bits

Generate the certificate signing request (csr)
openssl req -new -sha256 -key privatekey.pem -out csr.csr

The -sha256 avoids worrying about whether you'll get a SHA-1 generated with an old version of openssl. -key <<filename>> points to the private key, -out <filename> generates the csr file

Generate the certificate signing request (csr)
openssl x509 -sha256 -req -days 9999 -in csr.csr -signkey privatekey.pem -out certificate.pem

X509 is the certificate type (Note no dash before this parameter), -sha256 avoids SHA-1, -days is how long the certificate is valid for, -in <<filename>> is the CSR file, -signkey <<filename>> is the private key and -out <<filename>> actually generates the certificate to a file.

Check the CSR
openssl req -in csr.csr -text -noout
Make sure this shows the SHA256 (older versions of SSL may default to SHA1)

Check the certificate

openssl x509 -in certificate.pem -text -noout

Friday 20 May 2016

Is parentalcontrolsd eating your memory on your mac?

If you have a Mac, take a minute and run the Activity Monitor

(quickest way for me is to type: Cmd-Space and type 'activity' - good old spotlight)

Do you see a process called 'parentalcontrolsd'? If so, take a look at it:

If it's anything like on my Mac, you may now be saying 'HOWWW much memory?'


2.43Gb virtual? To do what? I don't even have Parental Controls switched on! When I search the web, it seems like no-one else with this problem does either - and there seem to be a lot of people having similar problems.

I'm on El Capitan (10.11.5) but I've had this for a long time. The weird thing is, it's on my 'work' Mac (15" pro retina) but not on my BYOD one that I also use for work and which has much the same software stack (13" pro retina). I've tried pretty much all the internet suggestions and got a whole load of nowhere.

Anyone any ideas?

At the moment, all I can offer is this: Macs have two useful commands for processes. Go to 'terminal' to use them:

pgrep parentalcontrolsd (or even just pgrep parental - it works with partial names)

If you get a number back, then parentalcontrolsd is running.

Then you need:
sudo pkill -9 parentalcontrolsd (you'll get prompted for your password - you need sudo to run this as root)

This kills it stone dead (as you can see in the screenshot). Use pgrep to check.

It's OK to use pkill even if it doesn't find the process - I keep it in a terminal window so I can just use 'up arrow' to run it when I need it. Which I do, because it keeps coming back . . .

More enlightened people will probably be able to create a scheduled job using cron or some such to kill it every hour or so.

**update** I've tried using Automator to run the pkill every hour or so - only problem is that I can't get automator to run a script as root/admin so I get permission errors . .any ideas? **update**

Even more enlightened people probably have a proper cure - if you do, please let me know!

Thursday 12 May 2016

Microsoft Office / Visio not activating even though you have a license?

I use Visio 2010 at work- this is not about the product or the version!

We also have Office 365, but that doesn't include Visio - so I need to order it. The company obtains a license and sends me a link to an automated download/installer.

(For those wondering, yes, I have a Mac. Yes I also have a Windows VMWare image under Fusion)

And to be fair, it validates my internal ID, downloads and installs Visio, with the usual 'please reboot'.

Only problem is, Visio starts up with this:

"Microsoft Visio 2010 cannot verify the license for this product. You should repair the Office Program by using Control Panel."

(I can't screen-shot the dialog box as I now don't get it any more - sorry)

Control Panel offers a 'repair' but that doesn't work. Neither does uninstall/reinstall and plenty of rebooting of windows - thank goodness it's quick under VMWare on the Mac!

Control Panel lets me enter my license key: Nope, can't do that - company 'embeds' it somehow in the download - I don't know what it is.

Anyway, after LOTS of googling and thanks to many people at the Microsoft support forums, this worked for me.

1. Run cmd.exe, but right-click and use 'run as administrator'
2. Navigate to c:\Program Files (x86)\Microsoft Office\Office14
3. Type 'cscript ospp.vbs /act' (without the single quotes)

Easy and intuitive as I think you'll agree! YMMV - it worked for me . . . .

Monday 25 April 2016

Being a good audience - how to attend a presentation

I've just come back from another technical conference. I presented on a number of topics and I also attended a fair few as well.

One thing I noticed as both a presenter and an audience member is that the behaviours of audience members can be very diverse.

I'm not talking about the 'usual' categories of 'the snowman' who won't show any interest or 'the expert' who wants to show how they know more than the presenter - this is a bit different.

Please turn up on time

I know that conferences are hard to find your way around, but as a presenter, we're instructed to start on time (really, we are: at one conference, there was a huge loudspeaker announcement to 'Please start your presentations NOW!' before every session). If nothing else, we need to finish on time.

If your inter-hotel bus was late etc, then OK - please try and 'sneak in' at the back. I'll try and help you out by pointing out seats but a constant stream of people is really hard to manage. And please don't do the 'OK, I need to go now, I'm just heading into a session' part of your call when you're actually through the door.

Do your email outside - or at the back

Believe it or not, it's very obvious if you're 'making notes' or just doing your email/day job. I don't know how to describe it, but it is. If you need urgently to have your laptop open then please at least sit at the back.

If you're doing the 'annotate the slides' thing, then that's fine, although if you have a tablet, that's better than an open laptop. I don't know why, but it is.

And a kindle, is very obviously a kindle. You're reading a book, right? There are other places out of the rain and it's especially annoying if some people are standing . ..

Questions as you go - or at the end?

Find out. My preference is to take them as I go as I can try and work out what's of interest to the audience and tailor my presentation to you. Others have a strict time-keeping policy that asks to keep them to the end. It's OK at the start to say 'questions now or later'?

Also, it's strange but even though you think you've asked loudly, not everyone can hear you. I'm not trying to insult you by repeating your question, but it's that I'm 'mic'd up (amplified) and you're usually not. Not everyone else can hear you and they probably would like to hear both your question and the answer.

Again, if you didn't hear the question, please call out - I sometimes forget to do the 'OK, the question was . .' part and go straight into an answer. If the answer was 'Yes, it is!' then it doesn't mean much on its own.

If a question turns into a discussion, don't be offended if you're asked to 'leave it to the end' or 'take it off-line'. Presenters are paranoid about finishing on time  - come chat at the end, we'll try and get you an answer if we can.

Taking pictures

I'm flattered if you like one of my slides so much that you'd like to save it for later use. Really. And I'll try and hold it on the screen for you but please don't take longer than about 15 secs to focus up.

The exception is if the slide says 'Confidential' or something similar - it's usually polite to ask.

We do try and 'upload our material' where possible, so you should be able to get it if you need it, but be aware we're often tweaking it until the last minute, so you might not be able to get it until after the conference - sorry!

Feedback - yes please!

I know you'll need to fill in what seems to be about 100 feedback forms at the end, but they really are useful so I can get better next time. One request: Please differentiate between something I can do something about and something I can't. If the room was too cold or there weren't enough seats or there was no drinking water in the room - sorry but that's out of my control, usually.

On feedback, if you can't hear me, I'm talking too fast, if the slides are blurred or if I'm standing in front of the projector (it happens!) then please call out. Those kind of things I can fix right then right there.

At the end of the presentation, please come up and chat - we really like to hear from you and we'll stay as long as we have time - usually we'll only disappear if we have to present in the next 'slot'. We present on things we are interested in, so we're happy to talk for a long time!

Sorry - not my thing!

If you find you're in the wrong presentation (I've done this!) either by a bad room number or by the abstract becoming a lot clearer in the title slide (e.g. 'Performance Tuning Good Practices' is actually 'Performance tuning the XZDF2300 noodleplooker appliance') then it's fine to walk out. If the presentation hasn't started, it's OK to let the speaker know why - rather than having them think you just don't like them.

Again, it's fine to walk out in the first 5 mins (really!) but if you're not sure a presentation is 'for you' then please sit at the back and 'sneak out'

Finally, don't bang the door!

If you need to leave for whatever reason, even if only a bathroom emergency, please 'soft close the door'. Nothing makes everybody look around when there is a huge WHAM! when you let the door go.

Any pet hates? Anything to add to the 'things I don't like about presenters at conferences?' - hit the comments!



Monday 4 April 2016

Getting the Best from your Consultants - a 'just my 2c' guide

I work as a 'Consultant', although I have a number of other job roles and titles e.g. 'Solution Architect' 'Subject Matter Expert' 'Agile Coach' 'Business Process Management Expert' etc etc.

For the majority of my time, I work on client/customer sites and locations, not those of my direct employer. This makes my relationship with my customer somewhat different to that of a permanent employee or 'permi'.

Some companies use a large number of consultants on a pretty much constant basis - others employ them on an ad-hoc basis to solve point problems.

One thing I've noticed over many years of doing this is how effectively different organisations use me whilst I'm working for them. Obviously I always try to do my best for them and to leverage as much value as I can for them during my engagements, but it's sometimes easier to drive value in one place than in another.

Are companies aware of what helps a consultant help them? Here's my 'starter for ten' list (in no particular order)

Who, Where and When

You might have multiple offices. You might start early or late. You might want me to work with one person exclusively or with a large number of people doing various different things.

I'm very happy to do either - please let me know. Remember, I don't know your company. If you have 3 London offices, let me know which one I'm due at. If Sarah doesn't work Mondays, that's useful to know as well. If you start at 08:00 and finish at 16:30, then I can do that. If you want me out of your hair until 10:00 then that's fine too.

If the person who wants me to come and help isn't the person I'll be working with, please let the latter know who I am, why I'm there (especially that I'm not there to replace them!) and what I'm meant to be doing. It's awkward on both sides when I turn up to ask for Carol and Carol says 'nice to meet you - who are you and why are you here?'

Finally, if you're having an off-site meeting next week, or there's nothing to do next Monday then let me know and I won't turn up and bill you for the day. . this is also useful if you're multi-country and next Wednesday is your offshore-team's bank holiday and no-one is in to support performance testing for example.

Desks, parking, power, passes, network

If your office is in the middle of nowhere (i.e. not city centre) then parking spaces are pretty much essential, especially if you want me to work flexible hours. If you're in a city and it's walkable or on the tube in London then fine. Also regarding parking, there's often only me so I can't car share, no matter how 'green' I'd like to be.

Desks and chairs are useful too. I appreciate that I'm an 'extra person' that you really don't have space for and I'm OK sharing a desk, but I'm going to need to sit down, power a laptop and put it down to type.

Internet access is essential if you want me to send/receive emails to and from you. Also I can look up our support/fix/documentation etc etc database and connect to all of my co-workers worldwide, but only if I can get online. I do have 3 and 4G but I'm not going to use them to download 100s of mb of patches and updates for you over them. And that's assuming you have 3G/4G coverage on your site.

Passes/Badges are essential in a secure environment - but paper ones that won't open any doors at all (especially in and out of the office, or to the toilets/restrooms etc) can really slow things down - especially if I need to be escorted everywhere by one of you.

Tailgating is not an option, even if 'everybody does it' - our corporate guidelines say that we don't. Also I'm not going to 'just borrow your badge' - thanks for trying to be helpful, but I can't do that either. Hopefully it's obvious why - I'm not being awkward.

'Things everybody knows'

If there's a fire drill every Wednesday, if Friday is casual day (but 'casual' still means no shorts), if birthdays are 'bring cakes' or everyone leaves at 2pm on the last Friday of the month, please let me know - happy to go along with most things.

(Be aware I will often need to pack clothing on a Sunday night, so finding out next Friday is 'come in fancy dress for charity day' on the Wednesday is too late . .)

Similarly "we know it says 'hot-desking' but most people sit in the same place every day so please ask" or "The coffee is provided personally - please put 20p in the tin when you make one" are things that are always useful to avoid causing offence.

Logins, access, code, docs

If you want me to review code, how can I get copies? I can provide shared, secure file areas for us to exchange data, but are you allowed to connect to them? If you want to email them, how big are they? Can your mail system cope with the size? How will you encrypt them?

Ditto for logs and dumps - JVM heap dumps are often in the GBs. How can I look at them? I have tooling with me and I can also help you download the same but we'll need to work together on this one.

Ditto for reading documents, specs etc. I'll bring MS Office and things like Visio viewers with me. I've also got access to all the software my company makes, but if you have a 3rd party product with no import/export filters, please have a think about how I'm going to read it - maybe print to .pdf?

If I need to be on your network, I'll need some equipment to do it - do you really want me to plug in my laptop to your intranet?

Credentials as well. I'm not going to 'just borrow your password' as that breaks all sorts of rules, probably for both my company and yours.

On the subject of credentials, often I really don't want to know what the 'root' or 'admin' password is. In most cases, I don't want production update access either. I'll advise you on what changes or updates to make and help you test on a lower environment, but production changes need to go through your change processes and be enacted by your prod change team (I'm happy to show them what to do - just not to log on and do it in PROD).

If you have sensitive data, I really don't want it on my system - in fact I'm not actually allowed to have it on there. If your logs have your customer's names and addresses in them, I really can't have that on my system.

Objectives and flexibility

It's your money you're paying - let me know how I can help and I'll be as flexible as possible, but please bear in mind why you wanted me on-site in the first place.

If you have a set of things that you need me to do, I'll track them, tick them off and let you know how it's all going. If you think of other things whilst I'm here, I'm happy to consider them but bear in mind that your priorities may now shift.

I'm happy to be a 'walking encyclopaedia' or 'Can you come to a meeting and give us your thoughts?' but bear in mind that's all taking time away from 'Please review our enterprise architecture strategy' if that's my main goal.

'Tapping on the shoulder' or 'Have you got a minute?' - know your consultant!

This is a contentious one and varies from consultant to consultant. Some people (e.g. me) are happy to chop and change from activity to activity and to be engaged on a 'please turn up and we'll form an orderly queue at your desk to ask you things' basis.

For other people, it drives them up the wall! These people need a clear statement of work and a list of objectives that they can deliver against. Consider how your organisation works and the people within it - then try and engage a consultant that fits your style.

Working 'n' days/week

If you want me for 2 days per week, that's fine. Let's agree on those days and I'll be there. I can even be a bit flexible with enough notice - just ask!

On the other hand, if I work for you on Tuesdays and Wednesdays, I can't attend your team update call on Fridays as I'll be working for someone else. In exactly the same way that if I'm working for you, I can't attend their team update call either.

If I'm working on something internal and you want a quick answer to a mail, then I'll try and accommodate you - but I can't spend a couple of hours on it necessarily.

Finally - if you don't like what I'm telling you, or it just isn't working out, let's go our separate ways . .

I'm a consultant - I'm here to bring you the benefit of my and my company's knowledge. I'll advise you on what I think is best for you and your company - but bear in mind it might not be what you want to hear. (See the 'Lord Wessex Effect').

If you want me to approve/'rubber stamp'/endorse or similar something you're produced then (a) both I and my company have to agree with it 100% and (b) it takes a lot of process (and sometimes legal) to put that stamp on there. Obviously if I or we disagree with it, we will say so.

If you disagree with what I'm advising you (and that's fine BTW!) then say so. I might have alternatives, or often there might be something that I'm not aware of in your specific situation that makes a difference.

On the other hand, if you just don't like it, or don't want to do it then just say - you're not going to hurt my feelings. I'll leave a copy with you just so we know where we both stand and then either I can work on something else or we can end the engagement - it's not personal.

Tuesday 1 March 2016

IBM Interconnect 2016 presentations

If you didn't go to IBM Interconnect 2016 in Las Vegas (and why didn't you? ;-) or even if you went and want to share the goodness, it appears that you can get access to and download some of the presentations here: https://www-950.ibm.com/events/global/interconnect/sessions/

(You might even find a couple from yours truly .  .)

Tuesday 9 February 2016

What are you smoking? What is the real meaning of 'Smoke Testing?'

As a mathematician (sorry!) I have a keen interest in defining terms before they are used - it's kind of become a habit.

That's why things like 'I was so shocked I literally died' really grind my gears (see also 'bricked', 'decimated' . .)

One term I hear multiple meanings of often is 'Smoke Testing' - I was discussing this with Dave Hay (highly recommend his blog at http://portal2portal.blogspot.co.uk) and we came up with three that we'd heard on our projects:

'Initial power on/run one transaction' test

In electronics, apply power to the system and turn it on - the 'smoke test' here is that if smoke starts appearing, then something is wrong. 

In software, if you can't even log on, or the disk starts spinning like crazy, or all the RAM is used quickly it's similar.

'Increase load until it breaks to determine the maximum safe load'

This has a car analogy: Yay! Keep increasing the revs/speed until smoke starts coming out of the engine. At that point, back off a little and you have your max safe speed. OK, you should be more scientific but you get the point.

In software, crank up the load-testers until you run out of CPU, RAM, I/O, connections or whatever. Hopefully it won't actually crash, just run low on resources.

It might crash though but not immediately; For example it might queue transactions and eventually the queue will fill.

'Test end-to-end' (rarer)

This one I hadn't heard of until the other day. The idea is to blow smoke into the system from one end and see if it comes out where you expect it to i.e. is the flow correct and are there any leaks? Also, is the smoke that comes out the same type as you put in?

In software, this is analagous to watching for side-effects as well as output. Is the Java heap constantly growing? What about the database connection pool? Memory leak?

Anyone got any more?

“When I use a word,” Humpty Dumpty said, in rather a scornful tone, “it means just what I choose it to mean—neither more nor less.” “The question is,” said Alice, “whether you can make words mean so many different things.”

LEWIS CARROLL (Charles L. Dodgson, a mathematician!), Through the Looking-Glass 


Monday 25 January 2016

Why I like App Stores . . .and it's nothing to do with walled gardens

App Stores: It's a concept that seems to divide opinion but I quite like them for the following reasons:

One credit-card stored in one place

If I have an app store, I have one means of payment. I can register my credit card (whatever type - I don't need to worry if you take Amex/Visa/MCard/Whatever and what country it's registered in, or what currency) in one place and know who the merchant is.

I don't have lots of different web-sites storing my card details. Or if I don't want you to store them (and I don't) then I don't have to type my details over and over again if I want to buy your software.

I can actually recognise the merchant name - I don't have to worry about 'xyz s/w holdings, Bermuda' and whether that's really the software/upgrade I bought or a scammer.

And neither does my card issuer, so my card doesn't get fraud-blocked when I need to spend 0.99 on an in-app purchase and it flags as suspicious.

And there's no 'minimum card value 10.00' restriction: In fact app-stores bundle-up purchases if you buy a lot of things on the same day.

Alternatively, I can buy vouchers for most app stores with cash and not have to worry about credit cards at all.

One user ID & password and one source of spam

I want to use your software or app. I'm happy to pay you for it - you put in the hard work so you should get my cash and that's all good.

What I don't want is to have to 'register an account' with you and have to remember yet another password.

I also don't want mail from you or 'selected partners'. 
No, really I don't.

If I've bought games (or anything else) I like then I'll sign up to your mailing list for updates and 'social' stuff, I'll follow you on Twitter or Facebook, but if I've just bought a hex editor or a GPS app then just take the money already.

I don't want 'a relationship'. If there's a new version, flag it in the store and I'll pick it up. The store's notify system will sort it all out for you.

One place to get all the updates

This is what prompted this post: One place that says 'nn updates available' so that I can click 'update all' and let it get on with it.

I have phones and laptops I don't turn on all that often. When I do, I just want to click a button marked 'update everything on my computer' and let it get on with it. 

Without any more hassle. 
Preferably in the background. 
Without me having to open every single app and click 'check for updates'.
Without me having to update your 'updater' program before I can check for updates.
And only having to type in my 'admin' password once, not once per app.
And really, really preferably, without having to reboot.

On a positive note:

Having run 6 separate updates, at least only one (an update to MacOS itself) has asked me to restart my computer. On Windows that request used to happen every time I updated anything - was it ever really necessary or did people do it 'just in case'?

Tuesday 19 January 2016

Watch out for 'watch' as a variable name in IBM BPM with V8+ coaches

Found an obscure issue the other day at a customer site - writing it up here in case I forget what the details were . .

In summary, if you have a variable called 'watch' in IBM BPM with next gen (V8 and above) coaches, you may see a conflict with dojo stateful https://dojotoolkit.org/reference-guide/1.10/dojo/Stateful.html trying to add a .watch function to your variable. At this point, your coach buttons will stop working - or your coach may not display at all. You will see an error in the browser console of the form 'dojo.watch is not a function'.

Using NG coaches with IBM BPM V8.5.0,1 and above, they were seeing issues in the browser console reporting that '.watch is not a function' and finding that they couldn't press the buttons on the coach.

This appeared to be random with no pattern that they could discern. Some coaches worked, others didn't

The only workaround they could find was to use a heritage (pre V8) coach, where the problem went away.

We did much googling of .watch and dojo.watch etc but couldn't find anything that would explain the 'randomness'

After walking through the process app, we finally spotted that they had a variable called 'watch' in one of the business objects, a couple of levels into the hierarchy.

This variable was sometimes used, sometimes not. In the hierarchy / object graph, that level was sometimes instantiated, sometimes not. When it was in use, the variable reference was object.watch , which conflicted with dojo stateful trying to add the .watch function onto the variable, hence '.watch is not a function'.

Process designer will stop you creating variables with java and javascript reserved words (try creating a variable called 'this' if you want to see it) but it doesn't catch everything. If nothing else, the 'watch' variable was created when the customer was on 7.5.1 and before NG coaches with lots of dojo and the .watch function.

Another one for the 'department of incredibly obscure issues' . ..

Tuesday 12 January 2016

Invalid web-site certificates? Check the obvious first: is the time on your VM image correct?

So, I'm downloading the MQ Explorer support pack.

I run a Mac, and this only works on Linux or Windows, so I fire up my Windows 7 VM image to do the necessary.

Onto the web-site, sign in, choose download method and get a 'This site does not have a valid certificate!' error in Chrome. Worrying! There's no obvious  'override this' in Chrome, so I try Firefox.

Firefox gives the 'This connection is Untrusted' page with the usual 'get me out of here/I understand the risks' options.

Now for internal web-servers, I'd normally hit 'I understand' - but this is an external one - and it's ibm.com - it should be OK? But what if I've been Man-In-The-Middled somewhere? OK, it's my DSL-Fibre connection but better safe than sorry . .

Looking at the screen however, I see this:











The certificate is valid from 15/12/2015 (That's 15th December, if you're used to US date formats!)

"The current time is 08/12/2015 13:44" - er, not it's not! Today is the 16th January 2016 (16/01/2016). What's going on?

So I check the time on Windows in the VMWare - sure enough, it thinks it's still December. The Time Server sync hasn't fired yet or has glitched and I haven't used this VMWare for ages: Obviously since 8th December.

So, I resync the time and everything starts working! Yay!

But I never usually check the time on VMs - why would I? I assumed that the time-server sync is keeping me up to date. It usually syncs up OK, but obviously not often enough - or it can have an error with time.windows.com.


So TL;DR: When firing up a VM, check and sync the VM time to the time server, every time. Then check it against your watch - just to be sure!