#Fail: Upgrading To macOS 10.13.1 Can Undo Fix For Epic Security Vulnerability

Posted in Commentary with tags on December 4, 2017 by itnerd

Betanews among others are reporting that the emergency patch that was released last week to fix this epic security flaw can easily be undone:

Numerous users have confirmed to Wired that Apple’s hastily rolled out bug fix is far from flawless itself. It seems that Apple was predicting a particular order in which users would do things, and this assumption means the original problem can be reintroduced. If you had upgraded to macOS High Sierra 10.13.1 and then installed the patch you should be fine — but not everyone has done this.

If you had yet to upgrade to the very latest version of High Sierra — that is, you were running 10.13.0 — and you install the patch and THEN upgraded to 10.13.1, the “root” access bug rears its head once again. Other people have complained that even if they have upgraded to 10.13.1 before installing the patch, there is no notification that a reboot is required to finish the installation, and therefore the problem remains.

The solution is simple enough which is to reinstall the patch after upgrading from 10.13 to 10.13.1. It’s outlined in this support document which was modified to make this clearer. But who checks this sort of thing before they upgrade? Nobody does. In my mind, what should have happened is that anyone who downloads 10.13.1 should get the emergency patch included. Thus you wouldn’t have to think about it. But it is possible that with 10.13.2, which now has this patch included as of the last beta, is due to be released as early as this week, Apple might have figured that this was likely not that big of a deal.

Having said all of that, I do have a question. How was this not caught in Apple’s QA process? Creating a test case around this scenario would not have been hard. And maybe Apple could have tweaked things to stop this scenario from happening. Of course I am assuming that this is a bug rather than a willful decision on the part of Apple. I’m sure that we’re unlikely to get any clarification from the folks at Apple Park on this which is a shame as some transparency given last week’s events would be welcome right about now.

Advertisements

#EpicFail: Linksys Serves Up The Most Disappointing & Frustrating Tech Support Experience I’ve Ever Had

Posted in Commentary with tags on December 3, 2017 by itnerd

I’ve been reviewing Linksys products for a while now. My experience with these products has been positive for the most part. And even when a Linksys firmware got pushed to my WRT32X which crippled it because I was dumb enough to leave auto updates on the router in question, I was still bullish on them. But when I tried to reach out for help from Linksys, that started to change. First of all, I reached out to Linksys via Twitter to ask them about the firmware as well as to ask about downgrading to the previous firmware as Linksys for whatever reason doesn’t have any downloads available on their website:

Now in the past, it would have only taken the @LinksysCares account an hour or two to respond. But they never did. The thing that really got my attention is that when I used the tool that allows me to see what interaction a Twitter user has with a given company, I could see the @LinksysCares account answering other questions before and after mine. That sort of suggests to me that for whatever reason, they didn’t want to answer my question. That didn’t inspire confidence as it appears that this is a touchy topic for them for whatever reason. Even if it wasn’t, the fact that they didn’t respond leaves one with that impression which is worse for them from a perception standpoint.

The next day I wrote the article that I linked to above. My purpose was not to trash Linksys, but to point out to others to not be me. Now in that article I pointed out that I tried to get the attention of Linksys because there were no download resources available and I was as a result crippled. Here’s where things got interesting. ASUS saw this story and immediately offered up a ROG Rapture GT-AC5300 router which would be the direct competitor to the WRT32X. They promised to ship it out for Monday arrival. Clearly ASUS sees an opportunity to take some marketshare away from Linksys by having me review one of their products, thus I accepted their offer. 

At the same time that was happening, I decided to phone Linksys to see if I could get assistance with this issue. Now according to Linksys, you need to fill out this form before you phone to make things easier for you. I did that and then phoned. The wait time was insanely quick which was good on their part seeing as it was Friday at about 4PM. But the person I got couldn’t find my info, so she had to take it down again which burned about 10 minutes of time. That suggests to me that either the form that you fill out prior to calling them is of no value, or she wasn’t on the ball. Either way, it wasn’t a good start to the interaction. Once that was done, I told her what the issue is and all the troubleshooting steps that I did prior to calling. That’s important because I don’t want tech support reps to waste time trying stuff that I’ve already done. Except that she tried to get me to repeat the same troubleshooting steps while trying to get me to a second level tech support rep by putting me on hold multiple times for up to five minutes per hold. When she couldn’t do the latter, she said that someone would have to call me back in 24 to 48 business hours. Which meant Monday or Tuesday.

Let me stop here for a second and tell you why this is a #Fail. The companies who pay me to set up high performance contact centers get this advice from me. You have to have your best equipped, best educated, and best prepared people on the front lines. If you do that, these are the people who will solve your customer’s problems quickly and efficiently which in turn will give your business a great reputation. It appears to me that Linksys subscribes to the logic of having lower skilled reps on the front line. That means that they will have lower rates of customer satisfaction and a lower reputation for the company. By the time I hung up with her 38 minutes later, the reputation of Linksys was lower in my mind. That’s when I posted this to Twitter:

I then went about my business not thinking much of this experience. After all, while I did have a crippled network, I did have Internet access. Thus I could make do until Monday when I would get the ASUS hardware to test and review.

Fast forward to Saturday night. My phone went ding and when I checked it, I saw this:

Here’s the kicker. I hopped onto my MacBook Pro to pull up the social media management tool that I used and saw this:

Screen Shot 2017-12-03 at 3.35.35 PM.jpg

Radian6 is one of the tools of choice that allows you to track the sentiment of your company on social media in real time. Thus this said to me that one of two things was in play. Either Linksys from a social media standpoint was asleep at the switch, or they ignored me until a competitor popped into the scene and then they were forced to react. The cynical side of me says that latter was in play, but I am open to them convincing me otherwise.

In any case, I traded direct messages with them and they promised a call back within 24 to 48 hours. That takes us to Sunday where the call back happened and I got a Level 2 support agent. Unfortunately he tried a lot of the stuff that the first agent that I spoke to on Friday suggested which makes me wonder if they just got someone to call me back and say that they were a Level 2 agent. By the end of the call he had me send him a sysinfo dump of the router which is a complete and detailed log of the router’s configuration and how it was performing and promised to escalate it to engineering because he claimed that he had not heard any reports of this issue with this firmware. Here’s the problem with that statement. Linksys’s own community forums has a thread where people are complaining about a variant of this issue and I even added my own 2 cents to the conversation. Thus someone at Linksys must be aware of it. In any case, that interaction took 31 minutes that I will not get back.

I figured that this was the end of it and I could go back to my day. But the Level 2 rep called back and asked me to try downgrading the firmware to the previous revision. I pointed out that would have done that if it had been available on their download page. To which he replied that they pulled it because of some sort of issue.

Let me stop there for a second and point out something. The fact that this guy actually said that there was an issue with the previous firmware that caused them to take it off their download page was proof positive that the @LinksysCares Twitter account didn’t want to admit it to me on Twitter and chose to ignore me instead rather than help me. That’s a #fail.

Then he directed me to a DropBox to get it. That struck me as odd as you’d think that a company the size of Linksys would have their own resources for this sort of thing rather than relying on DropBox. But I did as he asked and uploaded to the firmware to the router.

That’s when things really went sideways.

You see, downgrading the firmware turned out to be a bad idea as it took the router of the Internet. He then instructed me to reset the router. That didn’t work either. Then he tried to walk me through something that he called a “recovery reset” which still didn’t work. In short, the router appeared bricked. He apologized to me profusely and then made a stunning admission. He had never performed a downgrade of a firmware on a WRT32X before. That blew me away. Why would he suggest something that he had never tried before? That’s a great way to increase the potential that things would go sideways. And to admit to this to a customer is even more stunning. On top of the fact that all his calls are likely recored and someone at Linksys is going to hear that and take a very dim view of what he said.

His next step was to tell me that someone else would reach out to me to arrange to send another router overnight. But that would likely not happen until Monday at the earliest. Then we disconnected. Total time invested: 32 minutes.

Because I wasn’t the sort to give up, I tried his suggestions repeatedly over the next 30 minutes or so. Whether it was through luck or persistence or both, I finally got the router to reset. Now one thing that the Level 2 tech wanted to do was to skip the wizard driven setup so that the router wouldn’t go out to the Internet and update itself. I told him several times that this router is designed to get a firmware update the first time you plug it in and there’s no way to opt out of that. Unsurprisingly that’s exactly what it did, and it highlighted another negative point in terms of this interaction with Linksys support: I know more about their products than they do. That’s really bad.

But at least I am back online.

I am at the point where I am looking forward to having a look at ASUS has to offer. I promised them that I would get their router online as soon as I had it in my hands, and get a review posted after I ran my usual suite of tests. That’s great news for ASUS, but bad news for Linksys. The thing is that this whole experience with Linksys wasn’t disappointing because the product was bad. After all, I was willing to give them a pass on the fact that a piece of firmware that was pushed to this WRT32X took it from the best router I have ever tested to being sub par. It was the support, or rather the lack of support that made it disappointing.

To top it all off, I sent an update via direct message to the @LinksysCares Twitter account. And they replied to that update….. Though I don’t think they read it. The most recent reply is at the top:

Screen Shot 2017-12-03 at 4.29.55 PM.png

Right now, I truly have no words for the above.

I tell the people who hire me to create high performing contact centers that people are willing to forgive product failures to a point. But they are never going to forgive customer service failures. So you have to come to the table with a good product, but better customer service. Linksys only has the former working for them. And that’s not good for them in the long term because great customer service is what will win you long term customers. And that’s what’s lacking from this interaction.

UPDATE: A reader pointed me to these Tweets from users who have the same problem that I do with the WRT32X:

It seems that Linksys has a growing problem on its hands.

Review: Apple Watch Series 3 With GPS

Posted in Products with tags on December 2, 2017 by itnerd

Frequent readers of this blog will recall that I just got a Apple Watch Series 2 in March of this year. So why am I replacing that with an Apple Watch Series 3 with GPS? Quite simply, Apple has come out with a smart watch that despite what I said here, has more than enough of an improvement that it will make Series 2 owners think about whether they should upgrade. In the case of Series 1 or original Apple Watch owners, they will run to their local Apple Store for one.

Now let me point out that I have the Series 3 With GPS and not the Series 3 With GPS + Cellular. Why did I go for the former? There’s several reasons:

  • First if I look at my use case for the Apple Watch, there are very few times where I am without my iPhone 7 Plus. For example, when I ride my bike, my iPhone 7 Plus is connected to my Garmin Edge 520 cyclocomputer via Bluetooth specifically for the incident detection feature. Since Garmin cannot or will not make that feature work with the Apple Watch, it means that my iPhone 7 Plus will be with me when I ride. When I cross country ski, I keep my iPhone 7 Plus handy as I use Runtastic Pro to keep track of how well I ski. While Runtastic Pro does have an Apple Watch app, it still needs your phone to work properly. Though that is apparently going to change shortly according to Runtastic. In other words, having the GPS + Cellular model will not change my life in those areas.
  • Second, my current cell phone carrier of the moment which is Rogers doesn’t support the Series 3 with GPS + Cellular. If they did, I might have gone for it for no other reason than the coolness factor. But they don’t so there was no reason for me to go for it. Though I will note that my wife is thinking about a Series 3 with GPS + Cellular and is willing to dump Rogers to get one.
  • Even if Rogers did support the Series 3 with GPS + Cellular, it’s version 1.0 of this technology. Which means you should likely wait for the next revision given the fact that according to Mobile Syrup, the iPhone that it is paired to has to be turned on and connected to the Internet for it to fully function. On top of that, people who I know who have the Series 3 with GPS + Cellular say that they have problems with the cellular part when they travel overseas. Seeing how much I travel, that’s a potential non-starter.

The looks of the Series 3 Apple Watch With GPS haven’t changed. The screen is the same, and the case is the same. And it’s still waterproof up to 50M and connects to 802.11 b/g/n WiFi (albeit via the 2.4Ghz band via a new WiFi chip). I guess took the attitude of not messing with what already works. Having said all of that, I do feel that he Series 3 is a hair lighter than the Series 2. The bottom line is that I’m not upgrading for looks. But there are three big reasons why the Apple Watch Series 3 with GPS is worth a look, and why I ultimately upgraded from the Series 2:

  • First off there’s the S3 processor that’s in the Series 3. Apple claims it is 70% faster than the S2 processor that is used in the Series 2. Now the Series 2 wasn’t slow. But the Series 3 makes the Series 2 look and feel slow in pretty much every way. The interface is more responsive, third-party apps open much quicker. But the big thing is that Siri is far more usable and Siri finally speaks to you which is a welcome addition because I don’t have to look at the watch to interact with Siri anymore.
  • Battery life is better over the Series 2. Apple still tells you that you’ll get 18 hours of battery life. But I note that at the end of the day, I typically have 75% to 80% battery life left. That’s up from the 75% or less that I was getting from the Series 2. That means that you can go a couple of days between charges if you had to.
  • If you work out, the Series 3 now has an altimeter which now allows you to more accurately track your workout efforts. In my use case, one of my workouts is to run up the stairs of my condo twice. All 35 floors. I do that at least three times a week and it is helping me to keep in shape during the winter. I can now leave my phone behind and simply use my watch to accurately track my efforts as it will track the elevation change by itself. Prior to that, I would need to bring my iPhone 7 Plus and have it track the elevation change.

Other than that, nothing has changed about how how I use the watch. I still use it to pay for stuff via Apple Pay. I still use it to discreetly see and respond to notifications and texts. And I still use it to help me get into better shape. On this last point I have to say that the Apple Watch has turned out not to be the short term novelty that I thought it was going to be. Now, some of this can be attributed to watchOS 4, but the new hardware that was put into the Apple Watch Series 3 with GPS helps with this as well.

My gripes are mostly the same as my last Apple Watch review. It still doesn’t support Android users, not that I am shocked by that. It is still pricey, though can still get the Series 1 if price is an issue. Though you give up speed and the fact that it is waterproof if you go that route. If it were me, I wouldn’t recommend going that route. You’d be better off finding a Series 2 with AppleCare on Craigslist. Such as the one that I have up for sale on Craigslist. (This has been sold)

The bottom line is this, the Apple Watch Series 3 with GPS is a worthwhile upgrade for existing Apple Watch users. There’s enough here to make it worth your while to upgrade to. Pricing starts at $429 CDN and goes up from there. If I were you I’d skip the GPS + Cellular model and plunk your hard earned dollars down on this one as this is currently the best smartwatch to get if you’re an iPhone owner.

Review: TP-Link Smart WiFi LED Bulb With Color Changing Hue

Posted in Products with tags on December 2, 2017 by itnerd

Smart bulbs which can change the color and intensity via an app aren’t new. But the TP-Link Smart WiFi LED Bulb With Color Changing Hue is different. Unlike most bulbs that require some sort of hub to connect the bulbs to your WiFi router, this one doesn’t require a hub. It connects directly to your WiFi router. Now that should mean that setting things up should be more complex. But it’s not. It’s actually simple:

  1. Screw in the bulb into the light.
  2. Download the Kasa app for iOS or Android.
  3. The app will tell you to connect to a SSID that the Smart WiFi LED Bulb is broadcasting.
  4. The app will then tell you to pick your the SSID associated with your WiFi router and enter the password. Note: It only supports the 2.4 GHz band.
  5. Wait while it does its magic. It will tell you when it’s finished.
  6. Done. Declare victory and have a beer.

One thing that I should point out is that you should then take a trip inside the Kasa app to settings and then firmware update. I had a firmware update waiting for me when I did that, It should really prompt you to do the update automatically when the setup was finished.

Now I set the bulb up in the bedroom. Using the Kasa app, I was able to toggle a light on or off from anywhere, or set a default colour (16 million hues) or temperature. Now all of these options can be overridden with your own choices. I found that the bulbs went from a dim and atmospheric level, all the way up to a bright, room-filling brightness. All of this was very easy to do. There’s one extra trick that the Smart WiFi LED Bulb which is a circadian rhythm mode. This mode automatically adjusts a bulb’s brightness and, if possible, colour temperature to match the time of day. Another feature of the Kasa app is scenes which let you set your bulb or bulbs to preset colours, temperatures and brightness levels. Scheduling can be performed individually on each bulb, letting you set when lights should turn on or off. A Good Morning scene simply turns on your lights to a preset level, rather than slowly raising brightness to gently wake you. Finally, though I did not test it, you can pair the bulb to Amazon Alexa and the Google Assistant to enable voice control. And before you ask, there’s no support of Apple HomeKit.

What about energy usage? LED lights use way less energy than other types of bulbs. TP-Link says that you can decrease your energy usage by up to 80% without sacrificing brightness. That’s about the right number and you can track that inside the Kasa app.

So, what do you have to fork over to get all of this? Not all that much actually as the MSRP is $45 USD but I was able to find it on Amazon Canada for $40 CDN. That’s a price point where you could grab a few to fully set your house up with bulbs that allow you to save money and automate your homes lighting easily.

#PSA: You Can Now Unlock Your Phone For Free If You Are Canadian

Posted in Commentary with tags , on December 1, 2017 by itnerd

As of today, cellphone unlocking is now free in Canada. Prior to this, carriers such as Rogers, Telus and Bell could charge you $50 to unlock your phone. That’s no longer the case. On top of that, devices must also be sold unlocked as well.

So, why should you care? It’s simple. If your device is unlocked, you can take it to any carrier and get service for it. Which means if your current carrier isn’t meeting your needs or has horrible customer service for example, you can go elsewhere easier. On top of that, you can switch phones at will without being forced into a new plan. Something that really irked my wife when she got her iPhone 6 as she was forced to dump a really good plan for a crappy one. Finally it means that when you go overseas, you can use a local SIM card at a much lower price point rather than be charged the rather than be hosed by cell phone carriers for roaming. All of this is great for the consumer, but likely bad news for cell phone providers as they will now have to up their game if they want to retain customers.

That’s all good. But it does get better. There are other changes that go into effect today that should make life easier for Canadian cell phone users. You can find out about those changes here.

I’m thinking that Rogers, Telus and Bell are flooded with calls from people asking for their phones to be unlocked. If you tried to get your phone unlocked today, I’d appreciate a comment below describing what your experience was like.

Why Leaving Auto Updates Turned On Your Router Is A Bad Idea

Posted in Commentary on December 1, 2017 by itnerd

This is one of these cases where I’m writing this so that you don’t become me.

I recently reviewed the Linksys WRT32X gaming router. It is an amazing router. One of the best that I have ever tested in fact. So much so that instead of going back to the router that I was using at the time, I kept this one in place because it was so fast. And for months that was a non issue.

That changed two nights ago when a new firmware got downloaded to the router and made WiFi unusable. In effect, it took an outstanding router and made it a sub par router. Now I discovered this when my wife’s computer would not back up to the network attached storage box. During my troubleshooting I discovered that it would back up via Ethernet just fine. I then did further troubleshooting and discovered that the firmware had changed on the router. On top of that, I also discovered that I had left auto updates turned on which led to the firmware being installed.

Here’s what makes this situation worse. For reasons that I do not understand, there are no downloads available for this router:

downloads

That takes away my first thought at the time which was to downgrade the firmware to something that worked. The fact that downloads aren’t available for this router is a #fail in my mind. Thus I reached out to the Linksys Cares Twitter account for help:

No response from them as of yet. When I’ve asked questions to them in the past, they were usually good at responding. So I don’t know what the deal is with that. But I did some looking around via Google and discovered that I am not alone in terms of having a router that isn’t performing up to the level that it should and Linksys is apparently aware of it and is “working on it”.

Now I usually turn auto updates off precisely so that I don’t get into this situation. After all, any company can let a firmware update go out the door which will cause you problems. Just like in this case. But I must have left it on as I tend to leave routers in as close to a default state as I possibly can. But I guess I didn’t think about checking that setting when I decided to leave this router in place. Now I am stuck until I get around to swapping out this router for something that works as fast WiFi is important to me. The take home message is that if you a router and you have auto updates turned on, it may not end well for you. Just like it did not end well for me.

I have learned my lesson the hard way and will be much more careful going forward.

UPDATE: ASUS read my story and is sending me a ROG Rapture GT-AC5300 for arrival on Monday to solve my router issue. I will be reviewing it as soon as I possibly can. Thanks ASUS!

 

Infographic: The Top Game Changing Data Trends For 2018

Posted in Commentary on November 30, 2017 by itnerd

Listograph-trends2018_Infogix

Source: Infogix