This month, Steve untangles a tonguetwisting problem that stemmed from OneDrive taking synchronisation one level too far.
Steve untangles a tongue-twisting problem that stemmed from OneDrive taking synchronisation one level too far
Personally, I think the hopes of the password maniacs were dashed long before the year 2000. There was no architecture or communications protocol that stood in the way back then; even the slowest PC could keep up with the rules about changing every month, not repeating, not reusing and not having normal words.
The humans were the problem. In one business network I used to manage, we had a great password policy; even the CEO was prepared to kowtow to the change rules. Then, one day, I decided to make a broad sweep, after a particularly smart and obstreperous colleague suddenly became an ex-colleague: we could tell after his rather shouty, door-banging departure that he was not only using his login to access files but those of several colleagues.
So I changed all the passwords. Every last one of them. It took ages because I didn’t want to move on to the next user until I was quite sure the change had taken effect on the last, and that they had logged out and used the new password to log back in. At the time (don’t judge) I was reading
P J O’Rourke, a right-wing columnist in the US, who once remarked on how satisfying it was to type “Mercedes”. The way the keyboard is configured makes typing the word an elegant cascade, a twirl of the left hand. I must have been thinking about this when I set everybody’s password to “indubitably”. In-dub-it-ab In-dub-it-ably. More on the right hand than the le left, but still satisfying and rapid to t type.
If, that is, you can remember remem how to spell the word. It turned out to be an almost universal blind spot in people’s vocabulary. Even with it written on a scrap of paper in front of them, their fingers kept stumbling over the letters. Reading it over the th phone to remote workers was wa nightmarish. It took me a wh while l to realise that I’d picked a w word that managed to be both simple and fiendishly difficult: a tongue twister that simply worsened communication between tech manager and harassed, fearful workers.
Eventually, I changed it to the name of our largest meeting room, which everyone was then obliged to change to the word or phrase of their choice. The only person I had trouble with wanted to use “Ptolemy” as his password, but this breaks the readover-phone rule, because he knew that the “P” in Ptolemy is silent and was insufferably smug around those who didn’t. So I changed the password hint on his machine to “inPtolerable”. He may have got the hint.
There are several other computing structures I think humans aren’t built to remember. VPN shared secrets are essentially machine-to-machine passwords, and wh ile a little earlier in the genealogy of technology than the more modern SSL certificate, in practice they’re no less secure. But because they don’t get labelled as “passwords”, somehow people’s brains don’t engage with them in quite the same way.
Take the example of the business above. When the VPN prompted users to log in, I thought it might have been easier for them to have just one shared secret instead of individual accounts and passwords on the company firewall itself. But no. Even though I made it simple and memorable (“catflap”) the humans just weren’t going to keep eep it in their heads.
The very worst, though, has to b be the he most recent. A foreign client, ent, heavily dependent on RDP-based homeworking, has been teetering on the brink of having a domain for decades. Some years its operation grows, others (like 2020) it shrinks. To be more resilient, the boss wanted to push the burden of answering emails down to the h troops, roops, with a fresh set of installs of Office and Outlook. At a
“Reading the password over the phone to distant remote workers was nightmarish”
stroke, all their desktop backgrounds went plain green, and where previously each separate PC had its own desktop shortcut to connect to the RDP host server, now all the desktops had all the shortcuts on them. The clutter level was so high that Windows abbreviated the shortcut names, rendering the careful naming conventions worthless.
If there are worse circumstances for a remote support call than a SwissGerman speaker trying to read out shortcut names from the properties panel, with customers waiting, I’ve not come across them.
The culprit? Outlook, by way of its less evident friend OneDrive. Each new Outlook install managed to refresh the OneDrive install too, and brought with both of them a burst of updates that in all likelihood had been suppressed by low-grade malware or even users trying to keep some games or favourite websites on the computer. At this point it was hard to tell.
The outcome was shot through with tongue twisters that are almost as difficult to follow as the sentence I’m about to type. Because the way the package they used functioned over an incoming RDP link was to relate both the variety of peripherals – printers, credit card scanners, barcode wands, and so on – and the user’s licence to log into the software to the credentials they used to log in to the RDP host server. Suddenly, a functioning OneDrive, with all the user PCs logged into the same Microsoft account identity, assumed that all of the files on all the machines were wanted wherever that account logged in. I expect the green background came from the first machine to be synchronised. For some reason, the customer found this change more peculiar and more spooky than the duplication of RDP shortcuts.
In preference to spending another day on the phone while re-deleting duplicated RDP connection documents, I renamed all of them to short versions of their previous, friendly selves, and turned all intermachine replication off in OneDrive. Not because OneDrive might not be useful; of course it is. Simply because the tongue-twisting power of a set of files that were meant to be singular but ended up being universal was just too intense to be resisted.
Can you make sense of it?
I’m in receipt of a phone. It’s made by a company I hadn’t previously heard of called Realme, and it seems to think that it’s going to make quite a splash in the UK market as we roll out 5G networks. I’m at a loss as to why Realme sent it to me: I’m not really the world’s most avid phone comparison person and I get along fine on trailing-edge hardware. Nonetheless, the phone is here, complete with little headphones and – I kid you not – a Realmebranded, vibrating toothbrush. This Chinese company has never met me so I assume the toothbrush is just a wacky promotional gift rather than a hint.
With a 5G phone in hand I was quite pleased to hear from UK network Three, which had completed a large 5G rollout across the country, lockdown notwithstanding. I wrote straight back, asking whether I could just throw a Three SIM in the Realme phone and be presented with a 5G ultra-high-speed signal. The response was interesting: that’s a question for the corporate team, they said. We’ve passed on your query.
Which was nice, except that there never was a reply. I put the old PAYG SIM in the new phone, and carried it around on those rare occasions when a mission of mercy required me to break isolation. My conclusion is that if there are 5G signals out there in the country, the phone doesn’t tell you about them as they may come and go, and it also sometimes labels things such as Wi-Fi base stations with a hopeful but deeply confused “5G” micro-graphic.
I’ve not seen anything that tells me 5G subscribers will get services over suitable Wi-Fi, and I’m willing to bet that my antediluvian Wi-Fi base station isn’t equipped with the right stuff to deliver that kind of speed. So I’m not going to publish anything as formal as a “5G phone review”, because I think the last few months round here have been about as unrepresentative an environment for testing high-speed base stations as you’d find this side of the orbit of Mars.
Once normal service has been resumed, of course, and that includes whatever it is Three needs to discuss before answering a question prompted by its own press release, I will say more about what this phone might do better than its humble, 4G-only competitors.
Virgin, Barratt Homes and skyscrapers
I’ve been told, via a press release, that Virgin Media and Barratt Homes are collaborating to build homes with Virgin Broadband already plumbed in for the new occupants. I don’t wish to disparage anyone in the housing business: Barratt makes houses for a particular demographic in a particular earnings bracket, and I expect they align well with the demographic that buy Virgin anyway.
Or at least they did before the WFH transition hit. This matters quite a lot, because the traffic patterns of an estate full of young families before Covid-19 was very different from that observed once they started working from home. What seems like a good idea at first pass needs a bit of forethought applying to the idea. It could be good; it could also be the dumbest thing to come along since USB coffee warmers.
You might argue that BT was in this position 20 years ago, since in effect every house with a phone was already wired up to BT. But that’s not the same as the modern scenario, in which every household turns on the internet pipe before they turn on the kettle. BT’s response to the anticipated traffic pattern was to implement contention: the concept that the bandwidth quoted to the customer would actually be shared between many customers. The delays and processing time required to serve up a web page were
“The phone is here with – I kid you not – a Realme-branded vibrating toothbrush”
such that the contention could rise as high as 50:1 before the average user could tell where the slowdown was coming from.
In a modern-day internet access service, there’s more of everything. More horsepower, more servers, more users, more pictures to download. Unfortunately, there’s also a lot more going on in uploads, and this is where the trouble starts. Videoconferencing is as upload-hungry as it gets and audioconferencing is dead keen on grabbing as much of every other resource as it can find. Drop a packet in a video call and nobody will know; dropping a packet in audio is grounds for a tech support ticket.
I can already hear Virgin spluttering in protest. What it’s offering is an ultra-high speed, fibre presented 21st century network. The limits are so much higher than those first-generation ADSL lines that the comparison is almost pointless. The theoretical limits of just one of those lines are so high that an entire mid-sized town wouldn’t use more bandwidth only a few years ago. The problem here is that the faster a line goes, the more it has to make allowances for the absolute physical limits of line speed.
To take a simple example, when you type a keystroke in a remote access VPN session, that single byte value representing the scan code of the character you typed travels in a data packet that’s well over 99% empty. This is because packets that are too small in a Gigabit Ethernet network get “smeared out”, a problem that bizarrely applies whether you’re using copper cables or optical fibres. It’s an issue to do with the speed of light, and it means that your local area internet access method might collapse down to only 10Mbits/sec once a few people do things that are live and use lots of inefficient, tiddly packets.
If you feel I’m beating up on the Virgin crew unfairly, let me give you a peek behind the curtain: Virgin’s press release about this collaboration failed to mention anything about Barratt’s other partnerships, with Openreach and the less well-known Hyperoptic. This means the new homeowner can choose from as many as 18 different ISPs, which reminds me strongly of what I saw in Singapore during a visit a few years ago. There, the state monopoly network wires every property, and the customer can then choose between 31 different brands of ISP.
In the Singapore model, there are so many different brands because people’s needs are so drastically different. Some brands just allow a few approved websites; others emphasise gaming and lag; still others are all about movies and streamed music. Balancing the resulting traffic happens at the deeper level of intertelco networking, where your IPv4 packets are only one of myriad protocols and services. By partnering at the right level, both Singapore and Barratt in the UK can support several different connections. However, what I really want to see is several connections down the same piece of fibre, so that my business VPN for WFH can be offered alongside the streaming, gaming and surfing, with the customer being the one who establishes the balance of services.
Of course, this assumes that there are no shortcuts taken. That was clearly true of Singapore: the very idea of a shortcut made them recoil in horror. By contrast, I remember the disgraceful decision to limit the whole of Ringwood in Hampshire to 3Mbits/sec per connection, irrespective of what the resident or business had chosen and were paying for. Given that the parties involved here are telling different stories in their press releases, any prospective buyer would be well advised to get written guarantees of service levels to guard against the lazy engineer problem.
The simple reality of how to provision an estate development full of new teleworkers is to avoid monopolies wherever they might arise and remain as unrestricted as possible when it comes to future arrivals from new suppliers or different technologies.
That last bit isn’t from the housing estate end of the market, but rather from the analogous world of skyscrapers and tall buildings. It’s still relevant, though, because once a landlord has their hands on your data, they’re quite inclined to want to keep hold of it. They probably also have an insurer breathing down their neck about the inadvisability of giving permission to an unspecified third party to gain access to their machine rooms, conduits and risers.
One heavy-hitting skyscraper landlord was in the habit of quoting the story about Google finding physical fibre-optic taps on its interbuilding data links. A rather higher budget activity than might be justified by the humble teleworker, but even so the vexed issue of wayleaves, and who’s allowed to put fibres into whose junction boxes and so on, is frequently a showstopper in landlord-mediated data provisioning in larger buildings.
But back to the estates. If I was the project manager of a large workingfrom-home deployment, and I came across a whole estate of houses set up with only one, domestic-grade connection supplier, I’d probably ask if we could subsidise the affected staff members making a house move. That’s a more straightforward solution than trying to work around all the legal limits, the landlord’s misunderstandings and the sheer awkwardness of trying to run a known clean business-grade connection into the heart of a location where all of the assumptions are against you.
“What I really want to see is several connections down the same piece of fibre”