Arghh. I just spent 30 minutes trying to set up a locked down restricted shell on my FreeBSD box and I want to help you not do the same. My challenge was properly setting the PATH variable so that the user could not bust out and run any commands. The problem was ensuring that PATH was set for both interactive and non-interactive shells. The interactive ones were easy using either .zshrc or .bash_profile. But although the documentation for bash said it read in .bashrc for non-interactive sheets, it did not.

But, finally I found that .zshenv worked so now I can use the restricted ZSH. Yay!

I am a big fan of virtualization of operating systems. It allows for easy testing and obviously running multiple operating systems on one machine. At my company, we use VMWare ESX for infrastructure virtualization, but for my own use (professionally and personally) I really like Oracle’s VirtualBox. It is fast, reliable, and best of all, free.

As I work for a large, centrally managed company, we unsurprisingly use a standard (Windows) operating system across all of our hardware. As a right-thinking computer user, this is clearly not acceptable. While I wish I could just discard the standard company system image, I cannot do so. For my daily work, I am a Linux fan (Fedora is my distribution of choice). Virtualization allows me to merge those two worlds in a relatively harmonious way. My end goal is to run my company’s OS image inside a virtual machine on top of my preferred Linux installation. But getting there can be a challenge.

Installing an OS inside a VM is straight-forward and not worthy of a blog post but that does not help me particularly because I need to use the company-provided imaging tool that not only sets up the OS, but installs all of the corporate software and settings. This is done using a pretty slick tool (name intentionally withheld) that handles everything once the computer is registered on the back end by our IT staff.

This works great if I am installing onto the bare metal. Otherwise, there are challenges. Below is a slightly dramatized version of my install process. I don’t tell every iteration I tried but hopefully it is helpful to someone.

Once I got my new machine, I happily blew away the company OS install and got Linux working. (After making a backup, what kind of heathen do you think I am?) VirtualBox, check. Got bootable image of system imaging tool, check. Here we go.

Unknown computer

Well, I guess that makes sense. Our IT staff registered the physical machine; their backend would know nothing about a VM running on top of it. I pondered what they could use to identify the machine. Obvious choices included:

• MAC Address
• Hardware Serial Number
• CPU Serial number (ick)

I decided to start with MAC address as that was the easiest to change in the VM. I wanted to make the VM use the same MAC address as the computer itself. In order to do that, however, I had to change the computer to use a different one temporarily, as having duplicate MAC addresses on the same physical network will cause problems. (I am using bridged networking.) So, I changed the MAC address of the computer using ifconfig to something new. (I just incremented the last byte by 1.) And then copied the original one into VirtualBox. This can be done under the advanced settings for the network adapter.

I rebooted into the imaging software again and, success, it started imaging the machine. I was quite pleased with myself. Sadly, it was short-lived. The imaging utility put the OS on the virtual machine but then died once it had booted into Windows and wanted to start installing further software.

In reviewing the logs, I saw the same sort of error as I had gotten originally, that the computer was not recognized by the back end system. This seemed odd as It got part of the way through the install. It appeared that at this later stage of the install the tool used a different set of information to identify the computer on which it was running.

A specific section of the log file caught my eye

-------------------------------------------------------------------------
Make: Innotek GmbH    Model: VirtualBox    Mfg:
Serial Number: 0
-  -  -  -  -  -  -  -  -  -  -  -  -  -  -  -  -  -  -  -  -  -  -  -  -

I could see where this might cause a problem as these are not representative of the actual hardware. These values are returned to an operating system by examining the Desktop Management Interface (aka, DMI) of the PC. Thankfully, I researched VirtualBox and there is a way to set the values that it provides to a child OS. In order to determine what values to use, I used the linux dmidecode tool. This provided a list of the underlying values I would need:

# dmidecode 2.12
SMBIOS 2.7 present.
35 structures occupying 1856 bytes.
Table at 0x54E3F000.

Handle 0x0010, DMI type 0, 24 bytes
BIOS Information
        Vendor: Hewlett-Packard
        Version: L70 Ver. 01.10
        Release Date: 06/24/2014
        Address: 0xF0000
        Runtime Size: 64 kB
        ROM Size: 8192 kB
        [truncated]

Buried in the advanced section of the VirtualBox manual is a section entitled Configuring the BIOS DMI information which outlines the commands to set all of these values. I ended up setting more than I probably needed. (I had to wrap these commands, pull onto 1 line each if you need to run them.)

VBoxManage setextradata "M3065"
      "VBoxInternal/Devices/pcbios/0/Config/DmiBIOSVendor"
      "Hewlett-Packard"
VBoxManage setextradata "M3065"
      "VBoxInternal/Devices/pcbios/0/Config/DmiBIOSVersion"
      "L70 Ver. 01.10"
VBoxManage setextradata "M3065"
      "VBoxInternal/Devices/pcbios/0/Config/DmiBIOSReleaseDate"
      "06/24/2014"
VBoxManage setextradata "M3065"
      "VBoxInternal/Devices/pcbios/0/Config/DmiSystemVendor"
      "Hewlett-Packard"
VBoxManage setextradata "M3065"
      "VBoxInternal/Devices/pcbios/0/Config/DmiSystemProduct"
      "HP ZBook 15"
VBoxManage setextradata "M3065"
      "VBoxInternal/Devices/pcbios/0/Config/DmiSystemVersion"
      "A3009DD10203"
VBoxManage setextradata "M3065"
      "VBoxInternal/Devices/pcbios/0/Config/DmiSystemSerial"
      "XXXXXXXXXXX"
VBoxManage setextradata "M3065"
      "VBoxInternal/Devices/pcbios/0/Config/DmiSystemSKU"
      "F9Y23UP#ABA"
VBoxManage setextradata "M3065"
      "VBoxInternal/Devices/pcbios/0/Config/DmiSystemFamily"
      "103C_5336AN G=N L=BUS B=HP S=ELI"
VBoxManage setextradata "M3065"
      "VBoxInternal/Devices/pcbios/0/Config/DmiSystemUuid"
      "XXXXXXXX-XXXX-XXXX-XXXX-XXXXXXXXXXXX"
VBoxManage setextradata "M3065"
      "VBoxInternal/Devices/pcbios/0/Config/DmiBoardVendor"
      "Hewlett-Packard"
VBoxManage setextradata "M3065"
      "VBoxInternal/Devices/pcbios/0/Config/DmiBoardProduct"
      "string:1909"
VBoxManage setextradata "M3065"
      "VBoxInternal/Devices/pcbios/0/Config/DmiBoardVersion"
      "KBC Version 94.51"
VBoxManage setextradata "M3065"
      "VBoxInternal/Devices/pcbios/0/Config/DmiBoardSerial"
      "XXXXXXXXXXXXX"

(I removed the actual serial number from the listing above.)

After this, I reran the imager for what turned out to be the final time and everything worked.

In the end it turned out to be a bit more work than I outlined above, but the critical steps were covered. I found it both a very frustrating and fun experience (once I got it working). A great puzzle to solve. It shows the power of virtualization software and how it is very unwise to trust what hardware tells you about itself as it is easy to manipulate.

For those who follow me here, I wrote an article on Medium: A Response to Orin Kerr

After my former boss, Susan Evan’s great blog post this morning: In the category of not as easy as it looks: Being Boss, I ran across a Harvard Business Review interview with the amazing John Cleese. It contained a great quote I had to share:

In the book Life and How to Survive It, which I developed with Robin Skynner, we decided that the ideal leader was the one who was trying to make himself dispensable. In other words, he was helping the people around him acquire as many of his skills as possible so he could let everyone else do the work and just keep an eye on things, minimizing his job and the chaos that would come with a transfer of authority.

Since the recent ruling in Verizon v. FCC where the US Court of Appeals for the DC Circuit overturned the FCC net neutrality rules (see the EFF Net Neutrality page for background), there has been considerable discussion about the potential harms (or benefits) of this ruling. I have listened and read and I feel that the mainstream media is missing the large but subtle danger that this ruling causes and why it is critical that the FCC move to reinstate these rules.

The argument that I keep hearing about why the net neutrality rules are needed is that if internet carriers are allowed to offer differentiated internet service for a fee that it will harm consumers by raising the prices that consumers will pay. For example, ESPN might pay Verizon to allow its customers to stream its video for free but will then raise the cost to the consumer to cover this. While overturning the net neutrality rules would allow this, I don’t believe this is a threat. Both ESPN and Verizon know that consumers will prefer a lower cost solution so will not go for that. And if Verizon and ESPN can make a deal that makes it cheaper for the consumer, it might even be a benefit for the consumer. And here be dragons.

I believe that deals such as the one I outlined could be a short term benefit to consumers, but will change the way the economy of innovation works in a way that will harm consumers in the long term by shifting the cost structure of innovation in the favor of existing, large players.

The history of innovation on the Internet has been driven by the little guys. Google, the giant it is today, started as two guys in a dorm room. Facebook, another giant, started in a dorm room. In these and many other instances, the innovators had very limited resources. But, and this is the critical point, once they started providing a service on the internet, access to their new service was provided at the same level as the big players and consumers could judge the merits of say, Google vs. Altavista on the merits of the products and make a choice as to which was better.

My fear is that without net neutrality rules, the barrier to entry will be increased for new companies that can disrupt the marketplace and bring innovation to all consumers. I am not worried about the ESPNs or Verizons of the world. I am worried that it will make getting started harder for the next Google or Facebook.

So I strongly urge the FCC to reclassify internet service providers as common carriers and re-institute and strengthen the net neutrality rules to ensure that the Internet continues to innovate in a free and fair way.

More Background:

• Net Neutrality [Wikipedia]
• Net Neutrality in the US [Wikipedia]

Whenever there is a group of people who intend to work together, whether a couple through marriage, friends planning an outing, citizens guiding a country, or employees running a company, decisions need to be made. Inevitably there are agreements, disagreements, and compromises. There are thousands of methods by which decisions can be reached, but the way in which a decision is reached and the motivations of the decision makers can indicate much about the health of the partnership.

The cynical question “who wears the pants in the family?” is often used to imply that there is one person in a marriage who is in charge. (We will ignore for this discussion the mysoginistic nature of the question.)

The same question can be applied to a company. When there is a conflict, large or small, between parties in the company, who wins? In examining this problem, I divide a company into two main areas: primary functions and support functions. Primary functions provide the stated, outward product or service the company offers while secondary functions are required to run a business but are not specific to any particular business sector. For example, at an automobile company, the engineering department or assembly department would be primary functions while the human resources or accounting would be support functions.

I have observed that as a company grows in size, the balance of power shifts from the primary functions to the secondary functions. In a small company, the majority of the employees are focused on the primary functions and the support functions are usually very small (often woefully small). This results in a very strong alignment between the public goal of the company and the majority of the employees of a company.

What happens as a company grows? The support functions must grow to answer the needs of a larger organization. No longer can one person handle all the accounting and human resources duties by themselves. Departments must be created and staffed.

This poses a huge risk. As with all organisms (and yes, a company is an organism made up of people, just like you and I are made up of cells), organisms desire one thing above all else; survival. The larger the organization, the larger this survival instinct becomes. And a desire to survive often leads to a high degree of risk-aversion.

Avoiding risk is a dangerous thing depending on how the organization responds. Sadly, the common way to avoid risk goes something like this:

• A problem occurs (i.e. bug in software, lawsuit, etc.)
• A process or procedure is created that would have caught that particular problem
• That process is rolled out for everyone to implement

The problem with that methodology is that each process that is created takes time away from the core mission of a company. As an example, let us assume that FooBar Inc. makes widgets. Each widget takes 10 hours to complete, but 1% of the time a widget jams in the machines and causes 20 hours of downtime. This sounds horrible! So FooBar Inc. implements a new process that changes the manufacturing process by introducing a QA step on every widget. Sounds like a great idea. However, it adds 1 hour to each widget manufacture.

• Old System: 100 widgets takes 1000 hours + 20 hours of downtime
• New System: 100 widgets takes 1100 hours

So, in this scenario, a seemingly good idea (extra QA) actually makes the situation worse for making widgets. And this type of decision is made every single day in companies. A singular bad thing happened resulting in a policy that is applied to all scenarios. By not accepting that some risk is unavoidable or that the cost of avoiding some risks is greater than the risk themselves, companies fall into a spiral of creating more and more time consuming processes which eventually stifle their ability to achieve their stated goals.

At some point in the life of most every company there comes a tipping point. A point where the support organizations that oversee these policies and procedures take over. It is hard to see, but can be answered by our original question.

Who wears the pants in your company? When there is a conflict between a support function and a primary function and it is presented to your senior leadership, which way do they decide?

A lot can be judged by that decision.

I’ve been thinking recently about the human characteristics that are critical to match when looking at a workplace: what works, what doesn’t, what causes stress. While there are certainly characteristics about workplaces that are truly unacceptable (threats, harassment, etc.) there is still a broad range of workplace environments that could be considered normal: large company, small company, strict hierarchical, flat management, etc.. How does one look at oneself and determine if you will fit in well with the company philosophy?

In third and fourth grade, I was introduced to Dungeons & Dragons, the classic role playing, swords and socery game that was the passion of so many children and supposed to bring the satanic downfall of society. My friend Josh and I played somewhat infrequently in art class for a year or so. I enjoyed the game, but never became a die-hard player. D&D passed out of my life for a while until I got to college and my friends included those who were still avid players. I still found it hard to play regularly, but I always enjoyed the process of the game and the details that went into creating a character even if actually role-playing that character posed a challenge to me. Physical characteristics and abilities were well defined and quantified through the use of dice roles and formed the basis of how your character operated in the world. More abstract philosophical predisposition was wrapped up in a stat called alignment.

Alignment is a categorization of the ethical (Law/Chaos axis) and moral (Good/Evil axis) perspective of people, creatures and societies.

In D&D, mixing characters of different alignments can have unpredictable results. It should be obvious that mixing a character with a Good alignment with one of and Evil alignment is bound to cause problems, but the challenges of Lawful/Chaotic mixtures can be more subtle but critical to this discussion. Since I believe that we all strive to the Good end of the spectrum, we will restrict ourselves to how the Lawful/Chaotic axis effects our lives.

At its most basic level a person characterized as Lawful Good is one who believes in following rules and respecting authority as the source of positive action in the world. While a Chaotic Good person has a strong inner moral compass to do good as they see it, without regard for established, reognized authorities. For example, the stereotypical medieval knight would be Lawful Good as he follows a strict moral code shared among all knights while Robin Hood did good deeds based on his own internal moral compass.

How does this effect the workplace? Companies have an alignment as well. An organization such as IBM could be seen to be a Lawful organization. It has a traditional view of management hierarchy with well established rules and codes of conduct. Whereas a company such as Google might be considered more Chaotic as it has a more free-wheeling style and supports some level of autonomy from its employees. While all of these characteristics are a sliding scale from Lawful to Chaotic, having a general match is critical.

Picture a Lawful Good employee at a Chaotic Good company? The company will expect the employee to have an internal sense of what they want to acomplish while the employee will be grasping for a level of structure that probably does not exist.

Chaotic Good employee and Lawful Good company? The situation is no better. The employee will be constantly fighting against a system they don’t see the need for while trying to reach the same goals.

Real world examples are of course more nuanced than this, but having a good understaning of the workplace environment you will mess with the best is critical as you look for work in any company. Learning these traits about a company is critical to your happiness and success at a company and you should think about them.

And if you are unsure, take an alignment test, you may learn something!

Changing relationship between employees and employers No long term commitment Employers complain and blame employees Failure to realize it is a two way street

In April of 1946, George Orwell wrote an essay entitled Politics and the English Language. In his essay, he drew a correlation between the quality of diction and writing and the quality of political thought by the population of the United States. He saw a shift in the English language, especially in its use in politics, towards communication which was not intended to inform the reader but to obscure the intentions of the writer or the facts being shared.

In our time, political speech and writing are largely the defense of the indefensible. Things like the continuance of British rule in India, the Russian purges and deportations, the dropping of the atom bombs on Japan, can indeed be defended, but only by arguments which are too brutal for most people to face, and which do not square with the professed aims of the political parties. Thus political language has to consist largely of euphemism, question-begging and sheer cloudy vagueness.

Orwell’s observation of political speech in the mid-40s is just as true today as it was then. Serious issues that affect the lives of every person are distilled to meaningless simplifications. And issues which have virtually no impact on citizens daily lives are exaggerated into rallying cries to bring forward the anger of one political base or the other. (I have intentionally not given any examples of each as I don’t want to give this article a partisan bias. All politicians do this.)

As a lover of technology and one who always hopes that technology will be an enabler of a better and more educated future I hate that the advance of technology has made the situation worse in many areas. Television created the “sound bite.” Twitter and Facebook translated it to an electronic medium that requires or encourages short dialog. While a short phrase can be well crafted, it lacks the ability to give the detail that I feel is required to bring about an informed audience.

An informed audience is critical in all aspects of life, not just politics. I do not believe there is ever a situation in life where being less informed about a topic better prepares you for dealing with it. Computers and engineering certainly.

In my professional and personal life I am becoming well known for being pedantic. In the realm of technical discussion being specific in your communication is critical. Jon Postel codified this idea for computing as “be conservative in what you do, be liberal in what you accept from others.” [1. Robustness Principle ] It is a simple idea that you should be specific and critical of any information you send to others to ensure its meaning is exact while being generous in receiving information from others if their intentions are clear.

This rule applies to human communications as well. Returning to Orwell:

It is rather the same thing that is happening to the English language. It becomes ugly and inaccurate because our thoughts are foolish, but the slovenliness of our language makes it easier for us to have foolish thoughts.

I see that in my office; the repeated use of inaccurate or incorrect language when discussing projects results in inaccuracies spreading from person to person. By not using precise language, people are unable to explain how our products work. This miasma of uncertainty grows over time causing confusion and mistakes.

I find myself worrying that I have become a curmudgeon on this topic. I insist on being pedantic and have been known to take on an inquisitor-like persona in an attempt to extract the actual meaning from someone I am talking with. I hope, however, that I can be a small agent in executing on Orwell’s desire:

The point is that the process is reversible. Modern English, especially written English, is full of bad habits which spread by imitation and which can be avoided if one is willing to take the necessary trouble.

I hope that you will take the time to read Orwell’s essay and begin taking “the necessary trouble.” He finishes with a set of guidelines for better writing and speaking that are worth taking note of. They will make all of us better writers and speakers. They even help with writing shorter tweets.

In early July of 2012, life was different. Marissa Mayer had not yet been appointed CEO of Yahoo. The US House of Representatives had only voted 32 times to defund the Affordable Care Act. Amtrak’s downeaster train service was about to break its annual ridership record. And I was not yet married to my wonderful wife.

But sadly, my iPhone 4 decided it didn’t want to charge its battery anymore, so while I was able to do a final over-the-air backup, it slowly ran out of power and went to sleep. Being the pack rat I am, I did not get rid of it but held onto it in the hopes that some day I would fix it.

THAT DAY HAS COME! I ordered a replacement dock connector cable and installed it this morning. After a few minutes with a friendly charger, my trusty iPhone 4 woke from its long 16 month nap, slightly confused.

I thought it would be interesting to compare a snapshot of where I was with my iPhone nearly a year and a half ago to where I am today. So I present to you 16 month old iPhone screenshot with today’s!

I was quite surprised by the changes. Clearly there is the difference between iOS 5.1.1 and iOS 7.0.4, which to me is shown by the brightness of most of the icons but also in my choice of background image. My current one is from the great photographer John Carey at Fifty Foot Shadows who published a set of images specifically designed to take advantage of the parallax effect in iOS 7.

There is also a clear change in the way I manage and use apps on my phone. I used to obsessively keep everything I used on a single home screen forcing me to use folders. Since then, I have given up using folders on my main screen (they now reside on a second screen to the right) which allows me to have the apps I use most within a single tap.

My app choices are still similar with a focus on location based items and social media. It is quite fun to have an app that Tiffany I wrote, Amiko, on my home screen. I also have embraced podcasts to a much larger extent and have moved beyond Apple’s built-in app to start using Pocket Casts (although I am eagerly awaiting Marco Arment’s new app, Overcast).

Notable apps

• Amiko - The best way to stay in touch with your friends and not forget those who are out of sight. (You really think I wouldn’t promote our app first?)
• Pocket Casts - Much better than Apple’s app, but still has some weird UI/Interactions
• Pocket - Great “read it later” suite including iPhone, iPad, web, browser integration, and app integration
• Reeder - Best RSS reader in my book
• Tweetbot - Funky, but I love their style
• Dark Sky - Best. Weather. App. Ever. It saved our wedding. What else can I say?

Apps which have fallen by the wayside

• Instagram - To be blunt, they have turned into dicks since being acquired by facebook. The public spat with Twitter that serves their purpose and not their users just pissed me off.
• Daily Burn - Nothing really wrong, I just switched to using My Fitness Pal (but still not as much as I should)

So I hope you have enjoyed my trip down memory lane. Soon enough I will update my old phone and it will go into service as my car iPhone (replacing my iPhone 3G which is currently serving that purpose).

[Updated to answer questions]

• The Flickr app has replaced Instagram. I like that I have better control over the posting and the images are full resolution. It allows me to share wherever I want and doesn’t edit my post text (f-u Instagram for removing @ mentions). I also think the design is spot on.
• I am using reminders, not so much as a “do this thing at this time” but more as a general place to jot down quick things. So, for example, I have a list of possible iOS App ideas and a list of features/bugs I need to fix in Amiko.
• While I do work to address notifications, I think the reason there are more on the old screenshot is that given that I used so many folders, I had many more apps “present” on the home screen that could show a badge (they roll up inside a folder)