Is this the perfect laptop?

LG Gram 17

It’s not often that I encounter a piece of technology that invokes a need to write about it. Especially in the consumer space, as most technology is a bit more of this or a bit less of that, but otherwise, you find the same technologies perhaps cobbled together in a slightly different way. Too often to ensure that an advertiser gets a better cut.

But the LG Gram 17 laptop, the 2022 edition, is a step forward, in my view.

Backdrop

For the last 25 years or so, I’ve clung to the notion that IBM/Lenovo* laptops, spearheaded by the ThinkPad brand, were the best, and that it was not worth the effort of exploring elsewhere. A habit bolstered by lab tests in my old stamping ground, PC Magazine. And because researching a new laptop is not the work of an hour’s googling: it can take me weeks.

But the last three Lenovo laptops I’ve bought have been disappointments in different ways. My previous machine was a Yoga 730. Its battery life was miserably short, no matter how I configured it. Given that my need to schlep a laptop around the world on soul-crushing long-haul flights has diminished to zero, you might not imagine that short battery life was a problem. But it does still need to be mobile, even within the house, and the 730 couldn’t manage more than an hour or so before it started to demand power. And that’s because it was very noisy and ran hot. Where all that energy was going was inexplicable because even light web browsing could trigger a bout of 747-style roaring and a very hot lap.

Before that was another Yoga which essentially fell apart, the back coming off the screen. Then the display itself started coming loose while the keyboard was thin and unpleasant. It ended up with gaffer tape around its edges in a bid to keep it in one piece. After less than three years use, it was dumped.

And the one before that? I can hardly remember it but it didn’t inspire.

No more Lenovo

I was glad to see the backs of them. Unless you actually need the reversible laptop feature, it’s an unnecessary expense and complication, in my experience; I found I didn’t use it to anything like the extent I expected to.

Of course, my 10-year-old ThinkPad – a bog-standard laptop – is still going strong but looks and feels its age: the screen is low-res by comparison to today’s machines, and modern software near brings it to its knees. So I upgraded it to Linux Mint and don’t let modern software near it, apart my Firefox browser. And it works fine in that limited role (despite the glitchy graphics chip for which I should have returned it inside its warranty period all those years ago). It wasn’t cheap when I bought it but then neither were the Yogas: both cost four-figure sums.

So I’ve finally learnt the lesson of clinging too long to a brand that I trusted but no longer do. When specifying a replacement, I wanted a bigger screen than the standard 15-inch diagonal to allow me to work with a pair of browser windows, or a browser and something else. And I wanted a bit of style and light weight because, even using it mainly within the home, weight is an issue. Have you sat with a laptop actually on your lap for any length of time? A 4Kg behemoth gets heavy quickly. I also didn’t want to pay the earth.

Looking for laptops

So on researching the 17-inch laptop market, because that’s about as big as laptop displays get, I found that there are two distinct segments. Most are gaming laptops: they are big, heavy and expensive, and include a hefty dollop of ugliness for free. I do a little light gaming but most modern laptops can handle that. So no thanks.

Then there are premium 17-inch laptops made by the likes of Dell. Very nice but very expensive: well over £2,000. Fine if the company is paying the bill but I’m not in that fortunate position.

LG Gram impressions

Then I stumbled across the LG Gram, which seemed a bit too good to be true. In most walks of life, anything that seems so usually is. But after weeks of prevarication and more research, I realised it was in a class of its own. I took the plunge.

I’ve been very pleasantly surprised. You can easily find technical specifications elsewhere so here I just want to focus on the user experience.

It’s slim and light, feeling far lighter at around 1.3Kg than a machine this size ought to do, and certainly significantly lighter than the 15-inch Yoga 730. The keyboard is large with full-sized keys and sufficient depth to type comfortably; I’m a heavy typist. The display is bright and reproduces colours well, making photo editing a joy.

Audio is pretty good – for a laptop. My expectations were not high as you can’t assume that flat speakers crammed into a thin plastic box will sound anything hifi, and of course they don’t, but it’s not bad, considering.

It connects with everything I need it to connect to as well so there’s no shortfall there, and the camera is HD so Zoom calls look good. Or rather, I look as good as I ever will (no laughing at the back, please!).

And it handles my gaming needs with aplomb: the fans deliver a bit of white noise but nothing like the Yoga 730’s racket. And it not only does it not get hot, battery life, which is plenty long enough, seems hardly affected.

Perfect?

In summary, it’s the first laptop I’ve bought and used in at least 10 years that I’m entirely happy with. After three months of ownership and use, I’m still finding it a joy to use. It wasn’t the cheapest machine out there but if you can stretch to the £1,300 I paid for it (deals do come up from time to time), you’re unlikely to be disappointed unless you have heavy-duty requirements. Recommended.

* IBM sold its hardware division to Lenovo in 2005

Is powerlessness increasing violence?

Without question, the recent murder of David Amess MP is a tragedy, both for politics – no matter what your political persuasion – and for his friends and family. It’s wrong to use violence to express frustration and anger on anyone, MP or not.

However, I can’t help but wonder if there isn’t an important lesson to be learnt. Few would argue against the notion that UK politics today is deeply polarised.

The old tribal loyalties have evaporated. People tend to vote more on individual issues today and there are many, such as climate change, that cut across the old political divides. Instead, there’s a myriad of sub-groups through which anger and frustration can be vented, echo chambers that reinforce world views that reflect to a greater or – often – lesser extent the reality on the ground. These aim to change things through a variety of means from gentle persuasion to direct action.

So it would appear that the outlet for many people’s frustration is not through their MP, the ballot box, or a special interest group such as the RSPCA, routes seen as the traditional ways of changing things.

Though mostly completely legitimate, the growth of echo chamber sub-groups implies that traditional political routes are perceived as pointless and irrelevant. My point is to argue that this phenomenon may in part at least be driven by a sense that Westminster politics does not reflect the pluralistic world in which we live today.

Yet in Parliament, it remains a binary world: you’re either Conservative or Labour. Both these parties support a voting system – first past the post (FPTP) – that allows only one of those two parties to form a government. Anyone in a constituency where the MP isn’t of their political persuasion is automatically excluded from having their views represented, even if they are among a cohort of greater than 50 percent of those who voted. Consequently, many live their entire adult lives without representation.

In such a situation, it may not be seen as surprising that some people’s rage at such powerlessness, perhaps exacerbated by the growth in inequality in the UK, causes a small minority to issue death threats to their MPs – the numbers of which have gone through the roof in recent times. Yes, they are a small minority, but they are likely to be expressing feelings that many also feel but who choose not to express them through violence, whether physical or verbal.

Let me be clear: this is not to excuse, but to offer one possible explanation for the situation in which we now find ourselves.

What’s the alternative? Most countries have adopted some form of proportional representation (PR). It’s not perfect, but I’m not going into the pros and cons here. What I can say is that you’re more likely to get at least some of your views represented in the form of legislation or regulation with a PR electoral system than FPTP.

So I’d argue that if people didn’t feel as powerless, as disconnected from parliamentary politics as they do, if they felt that they had some form of leverage over their government – which right now is clearly governing for the few not the many – and if they felt that they could vote with their hearts rather then having to resort to tactical voting as millions do, then maybe, just maybe, the extremes to which a small minority have resorted may not have had to be manifested in violence, whether actual or potential, but through the ballot box.

Letter to my MP re NHS pay rise

Dear Maria

I’m compelled to write to you in protest at the appallingly paltry pay rise of just 1% to NHS staff.

After all the hard work they’ve been asked to do during the pandemic – which let us note, is not yet over – after all the rhetoric the government has deployed to praise their efforts, and after all the lives they have saved often at the expense of their own health, this is a grotesque insult.

The Government called on us to clap for them and reminded us frequently how critical their work is. But when it comes to practical help, even a one-off thank-you payment, they get a pay rise which is close to invisible. As one nurse commented, it wouldn’t even pay for her car parking charges.

The defence of this decision is that this is all we can afford. Yet we have spent billions – and mis-spent millions on systems that don’t work, with Track and Trace being only the most prominent example, and with much of this money having gone to Tory party donors.

Rather, those who could afford to shoulder the burden of the cost to the economy of the pandemic seem to get away scot-free. And the ultra-rich, with wealth beyond the imagination of ordinary people, pay no more. Their personal tax allowances will even go up. The banks, which could withstand a small Robin Hood tax on each transaction, pay no more. And rather than close tax loopholes such as offshore tax havens, the Government is setting up freeports, designed, astonishly, to be onshore tax havens.

So the public purse can afford to give this money away to the rich, but not to those who have worked their fingers to the bone saving our lives. To say I’m disgusted hardly describes it.

You are, I understand, a Government Whip. You also say you were a nurse. You therefore are in a good position to make my feelings and, I have no doubt, those of thousands of others, known in the highest of circles.

Please do so. I’d be glad to hear what reception you get.

Regards

Manek Dubash

Pandemic lessons

This story is of its time. In a year, maybe less, events may have passed it by. But it’s important for all our futures, nonetheless.

A few days ago, UK prime minister Boris Johnson announced that by mid-June, most restrictions on personal behaviour, imposed to help stem the global pandemic, would be lifted. For people who have endured a year of staying at home (most of the time), avoiding meeting friends and family, this was gold dust. I get it, really.

The immediate result was, according to newspaper headlines, that airlines and travel companies experienced uplifts in bookings of well over 300%, in some cases. In other words, a rush for normality. Again, I get it.

But what I don’t get is the idea that suddenly life can resume as if the pandemic had never happened. That we can resume life as it was. Because we must not.

The roots of the pandemic are in human behaviour today. The wealthy of the world, those in the so-called developed countries, jet around the globe as if it were their personal paradise. And why not? They have the time, the money and air fares are cheap. Astonishingly cheap.

Part of the reason they are cheap is that there is no tax on aviation fuel, which is by far the industry’s biggest single expense. The lack of tax emanates from an international agreement in 1944 that the nascent commercial aviation industry needed a kick start, and the best action was not to tax fuel. This policy has been adhered to ever since. Part of the reason can be found in the encapsulating statement by Bill Hemmings, of Brussels-based campaign group Transport and Environment, that “there aren’t any votes in making trips to Malaga more expensive”.

Yet as he points out, people who drive to France or Spain pay tax on their fuel so why shouldn’t those who fly. And people who don’t fly effectively subsidise those who do. Even if there were tax on aviation fuel at the same rate as road vehicle fuel, it would probably add about €15 per flight. Not onerous – and possibly not onerous enough.

The point? The global pandemic was spread worldwide amazingly quickly by casual aviation. The ability to jump on a plane without considering the real cost. Because aviation contributes 3% of human carbon dioxide emissions, and there is no greater danger facing us right now than the climate emergency.

And this is where it ties into the pandemic. Within the hegemony of ever-expanding growth, seemingly ad infinitum, together with the rocketing human population, there are almost no areas of the planet that humans have not touched in our insatiable demand for food and resources.

We plunder the seas as if they were infinite, we chop down tropical rainforests at a growing rate. Between 1990 and 2016, the world lost 1.3 million square kilometres of forest, according to the World Bank – an area larger than South Africa. Farming, grazing of livestock, mining, and drilling combined account for more than half of all deforestation.

With the disappearing rainforests and the growth of CO2 emissions comes an acidification of the oceans and a huge and a devastating effect on marine life. And a reduction in the rainforests’ uniquely huge ability to soak up CO2.

And as we destroy the rainforests and other habitats around the world to grow food and wrench raw materials from the earth, we destroy the habitats of the plants and creatures that live there.

Evolution has equipped those lifeforms with unique adaptations tailored to their environments. When their world is desecrated, they have to go somewhere. And as human populations grow, the demand for food, products and land grows commensurately. This brings us increasingly into contact with creatures who previously lived in their ecological niches – niches that are being destroyed by human activity.

Those creatures, be they bats, pangolins or whatever, may carry bacteria and viruses that evolution has equipped them to survive with – otherwise they wouldn’t still exist. You can see where I’m going with this: greater contact with humans means a greater opportunity for a virus to jump to another species.

Most of the time it probably won’t. But occasionally, it will, and this is one theory for the origin of SARS-CoV-2 (Covid-19) in homo sapiens.

Once established in one or more humans, pandemics used to stay where they were. Yes, the Black Death in the Middle Ages spread across Europe by ship but it was a slow spread, and had there been modern communications and modern understanding of disease transmission, it could have been stopped very quickly.

The modern pandemic on the other hand spreads around the world before vaccine makers have got their boots on. Thanks largely to global and overly cheap aviation.

So before we all jump for joy at the lifting of pandemic restrictions, my suggestion is that first we think about the impact on the planet that our lifestyles are having. That we think more than twice before jumping on a plane. And most of all, that refuse to vote for politicians who promise growth at all costs – because the planet that has sustained us so far, cannot do so for much longer.

Growth has to stop – or at the very least, the true costs of raw materials, including water, the air, and land, known as externalities and deemed to be free, need to be added to the balance book.

Imagine the age of the Earth as a year’s calendar. Humans arrived sometime in the last 30 seconds or so. We have done all this damage in the last 0.2 seconds. Let’s just stop.

The UK is becoming a failed state

It’s becoming clearer that the United Kingdom is heading towards failure – if it’s not already there. So it’s time to install institutions that work for most other states with which the UK likes to compare itself, namely, an elected head of state and a written constitution. Were these accompanied by a proportional method of electing the government, that would drag Britain out of its obsession with medieval methods of governance and procedure that are increasingly irrelevant if not damaging in the modern world, into the 21st century.

The question is, will the money allow anything like this to happen? Because it is very much in the interests of the big money in Britain – and especially in England – for things to remain exactly as they are. Let’s keep tax breaks for owners of huge chunks of the British land and forests, let’s ensure that people remain obsessed with minutiae and let’s not talk about the big issues.

Pyramid of power

Which big issues? Governance and citizenship, key questions with which most democratic states have grappled before installing institutions that work, some better, some worse than others, to enact the wishes of citizens. These are not questions that Britons are ever asked to seriously consider, either by the educational system or the media.

For example, despite clear evidence that the British monarchy is an anachronism, parked at the pinnacle of a pyramid of power that starts there and includes all the lords, viscounts, marquises, dukes and princes, and the entitled nabobs in the House of Lords – mostly unelected of course – who make laws on behalf of less worthy folk, support for the institution remains undimmed, supported by the controllers of public debate who own most of the media.

When polled, the British return a healthy majority in favour of a monarchy. Yet the British monarchy spearheads the patrimony and privileges of an aristocracy that owns a third of all the land and 50% of rural land. It is keen to perpetuate a landed elite and the cultural circle associated with that continuation of aristo-oligarchy, as well as a social sphere with the wealth to remain both independent of the state and to lobby for its own self-interests, thus propping up an ancient class system antagonistic to submission to liberal democratic governance.

Were the monarchy to divest itself of its inherited private wealth and economic interests, and to behave more as a figurehead institution wholly funded by the public, it might be perceived as modernised. However, it clearly has zero interest – either financially or intellectually – in pursuing that course.

Banana republic

Rather, we recently learnt that the monarch interferes with the wishes of the democratically elected government when it’s in her interests to do so. The British state, addicted to secrecy, was forced to admit this. And where there is one such admission, there may well be others.

This alone, had it happened in another continent, would be enough for learned observers to sagely aver that an unelected monarch behaving in this way is contrary to the many definitions of democracy to which the self-appointed upholders of political probity propound.

But here in the UK? Well, we’re different, special…

With no written constitution, in which the UK is alone among the states with which it likes to compare itself, there is no legal redress. The monarch can do what she likes. Instead, quiet words in the right ears, in private, will undoubtedly be deemed enough – the unwashed masses may be informed in due time – to put matters right.

So why do people continue to support the monarchy? The first reason one hears is that the monarchy does no harm because it has no real power. We can put that one to bed with the revelations about interference with legislation.

The second one is that the monarchy brings people together. It’s hard to gather evidence about this one way or the other, but evidence as to what divides the nation is freely available, and it’s powerful stuff. Specifically, the arguments over Brexit strongly suggest there is no universal vision for Britain – or rather, England. Rather, it’s crystal clear that half the country has one vision of the country, namely inward-looking and xenophobic, while the other half sees it as international and outward-looking. If the monarchy brings people together, it’s not working.

One also hears that the monarchy attracts tourism money, although the amounts, in normal, non-pandemic times, are paltry compared both to the cost of public services, such as the hard-pressed and politically emasculated NHS, or compared to the tax breaks for, and avoidance and evasion practised by the afore-mentioned rich and powerful.

The other argument is to point to the elected head of another state – Donald Trump is the obvious if only the most recent example – and say that ‘we’ don’t want that to happen, so let’s keep the Queen. This clearly misses the point: Trump has gone, voted out. We can’t vote out the Queen, whatever she or her successor does. They’re there for life, because of who their parents were.

Failed state

Yet none of these arguments gains purchase in the minds of the British. There’s little support for a constitution from the two main parties, nor for proportional representation, and none for a republic. The electorate continues to vote for the Tory party, an organisation whose interests are orthogonal to their own, working instead in the interests of those who fund it: large corporations and rich individuals who were recently calculated to gain a return on their investment of 100:1 in the form of contracts and tax breaks.

Continued support for an unelected monarchy is also hard to disentangle from the notion of English exceptionalism which permeates the body politic and the media. It resonates with the Brexit debate and the tone in which it was conducted, and the clear evidence that only England voted – very narrowly – for leaving the EU, thereby becoming worse off by any measure.

It seems to my mind that current circumstances make it very difficult to turn this tanker around, if not impossible. The UK is run by the unelected who govern in the interests of the rich and powerful, and who promulgate mythology about the state we are in, making it hard to move outside that hegemony. As a consequence, it’s very difficult not to conclude that the UK is heading towards becoming a failed state.

When ‘can do’ becomes can’t do

A lesson for modern management

Buffer stopAfter several decades of interaction with the IT industry in all its many forms, in addition to my role as magazine editor when I could see how the publishing industry works from the inside, I can safely say that one over-arching characteristic of modern management is a ‘can do’ attitude.

And this is all very well, and helpful to achieve project goals by instilling a sense of momentum and enthusiasm among those tasked with carrying them out. It’s built into modern managers that they must be positive: to be anything else, especially in front of your peers, is frowned upon; being negative is not a career-enhancing move.

But there are times when that attitude is positively and absolutely counter-productive. Most of the time, we on the outside don’t see this: internal corporate mistakes are usually covered up, no-one admits that an commercial organisation could possibly have done anything incorrectly – or as journalists like to say, fucked up – for fear of damaging reputations, share prices, product sales and so on.

There’s a prime example of how ‘can do’ became ‘can’t do’ that came to light because it affected tens if not hundreds of thousands of people. And the dirty laundry had to be washed in public because – hey – public money was involved. I’m talking about the railways, and how a timetabling process that should have worked didn’t, in part because of various forces majeures, but mainly because of the inability of a group of managers to accept that a project could fail if they carried on with it.

A new British railway timetable was introduced in May 2018, and it didn’t work. The consequence was that hundreds of trains had to be cancelled, more were hugely late and the days of many, many travellers were ruined. Only by removing hundreds of services from the timetable was a semblance of order restored. It was a mess, and it cast the railway industry in a poor light.

There was a variety of reasons for this. There weren’t enough drivers in the south and, in the north, track work that was planned to have finished hadn’t been because of unanticipated ground conditions, for example. But mostly it was because those in charge didn’t galloped ahead with a timetable they weren’t sure was going to work.

What went wrong?
Railway timetables are fiendishly complicated things. Not only do enough track paths have to be found for the services that train operating companies (TOCs) want to run, they have to fit in around a range of other factors such as engineering and maintenance possessions, driver rosters and availability, different train acceleration and braking characteristics, freight trains, gradients, and variables known and unknown such as weather, station dwell times and so on.

Normally the planning for a railway timetable in the UK starts about 65 weeks before implementation, known in the trade as T-65. A variety of iterations then ensues as TOCs bid for track space to run their services, and Network Rail (NR), the organisation tasked with drawing up the timetable, examines the bids and either accepts them, or rejects them if it believes they are unworkable. If the latter, the TOC has to think again and re-present its bids. By T-12, the timetable is supposed to be cast in stone, as that’s the date that advance tickets – which are tied to specific timetabled trains – go on sale to the public.

Most timetable changes, which happen in May and December each year, are fairly minor. But the May 2018 timetable was different.

One of the big differences was the fact that Govia Thameslink Railway (GTR) had a huge number of changes to the timetable to submit as a result of new Thameslink services that were planned to run through London Bridge, under central London, and onto the East Coast main line. Initially up to 20 new trains per hour (tph) were planned, though this was eventually reduced to 18 tph to allow for bedding in. But its initial bids for the hundreds of new train paths were rejected by NR, resulting in the iteration process going back and forth for weeks.

Long story short, GTR’s new services overwhelmed the process, which had never in recent memory had to cope with that volume of changes. It took a long time and only at T-3 was the timetable finally declared ready. But it wasn’t, and it was only the week before the new timetable was due to go live that GTR realised it had a problem: when the TOC overlaid its driver rosters onto the new timetable, they didn’t match, as the company didn’t have enough drivers with appropriate route knowledge to run the new services.

The post-mortem
There was an Industry Readiness Board set up specifically to manage implementation of the new GTR services, on which were represented all stakeholders, including NR and GTR. It had the final say on whether the new timetable should go ahead. But, as Modern Railways magazine reported in its September 2018 issue, when the chair of the committee Chris Gibb, an experienced railwayman, asked if the changes should go ahead, no-one put their hand up to say they should not.

An NR manager on the board, John Halsall, said that at the point where it could have been stopped, T-26 in November 2017, everyone believed the new timetable could be delivered. He said: “That ‘can do and get on with it’ approach, which was so helpful up to a point, was actually the problem when we got to the split second when we could have put our foot on the ball: ‘everybody said, no, we can do this, and we must push on’.”

NR’s systems operations manager Jo Kaye identified the problem: “Everyone was in a spirit of hugely positive forward momentum to make [the timetable] happen. Perhaps because of the culture, of being so keen to deliver, blinded us in some way to the risks.”

So basically, collective lemmingness happened: no-one dared challenge the prevailing ‘can do’ culture for fear of being declared a negative ninny. There’s a lesson there for us all.

Cloud transfers made easy

transfer
Transfers made easy

A while back, I wrote about the problem of consumer trust in the cloud – in particular, the problem of what happens when your cloud provider decides to change the T&Cs to your detriment, and how this can erode the trust that consumers, already alert to the technology industry’s much-publicised failures, are in danger of losing.

The issue that prompted this was the massive capacity reduction by Amazon for its cloud storage service – Cloud Drive – from unlimited to a maximum of 5GB. The original price was just £55 a year but Amazon’s new price for 15TB, for example, is £1,500.

So at this point, unless you’re happy to pay that amount, two solutions suggest themselves. The first is to invest in a pile of very large hard disks – twice as many as you need because, you know, backups, and then become your own storage manager. Some excellent NAS devices and software packages such as FreeNAS make this process much easier than it used to be, but you’ll still need to manage the systems and/or buy the supporting hardware, and pay the power bill.

The alternative is to retain some trust in the cloud – while remaining wary. But this is only half the solution; I’ll get back to that later.

This individual has found another cloud provider, Google G Suite, which offers unlimited storage and a whole heap of business services for a reasonable £6 per month. Google requires you to own your domain and to be hosting your own website but if you can satisfy those requirements, you’re in. Other cloud providers have deals too but this was the best deal I could find.

Cloud-to-cloud transfer
So the problem then is how to transfer a large volume of data to the new cloud service. One way is to re-upload it but this is very long-winded: using a 20Mbps fibre-to-the-cabinet (FTTC) connection it will take months, it can clog up your connection if you have other uses for that bandwidth, and for anyone on a metered broadband connection it will be expensive too. And if you don’t run a dedicated server, you’ll need a machine left on during this time.

Cloud-to-cloud transfer services exist to solve this problem, – and after some research, I found cloudHQ. For a reasonable fee – or for free if you blog about it (yes, this what I’m doing here) – cloudHQ will transfer data between a range of cloud services, including Google, Amazon (S3 and Cloud Drive), Gmail, Box, Basecamp, Office 365, Evernote and many more.

CloudHQ does more: it will backup and sync in real time too, forward emails, save them as PDFs, act as a repository for large attachments, and a range of other email- and scheduling related services for Google and other cloud providers.

The basic service is free but this is limited to 20GB and a maximum file size of 150MB – but the next tier up – Premium – costs £19.80 a month and offers pretty much everything the power user could want.

Hybrid clouds and backup
So is cloudHQ the solution to the problem of cloud-to-cloud transfers? Yes, but putting your data in the cloud still leaves you with a single copy without a backup (I said I’d get back to this). So either you need another cloud service, in which case cloudHQ will keep them in sync, or you create a hybrid solution, where the primary data lives under your direct control and management, but the off-site backup lives in the cloud.

This hybrid setup is the one that businesses are increasingly opting for, and for good reason. And frankly, since your irreplaceable personal data – think photos and the like – is at risk unless you keep at least two copies, preferably three, then using both local and cloud storage make huge sense.

How Firefox just blew it

firefox_current_logo-150x150As a journalist, my Firefox browser – which I’ve been using since almost the day it arrived – is my primary research tool. It’s the place I call home. And it’s just been upgraded. It’s a big upgrade that for me will change the way it works, massively. I’m saying no.

Upgraded

The web is full of articles praising its developer, Mozilla, for updating it so it’s twice as fast. One article lauds “Mozilla’s mission is to keep the web open and competitive, and Firefox is how Mozilla works to endow the web with new technology like easier payments, virtual reality and fast WebAssembly-powered games.” This is endorsed by a Gartner analyst; Gartner is the biggest, and therefore the go-to analyst house in the technology industry for those needing a quote.

If you’re waiting for a ‘but’, here it is. Frankly, I don’t care how much faster it is if means I that half the functionality I’m used to is stripped away. Because that’s what allowing my browser to upgrade to the latest, greatest version would mean.

Extensions

It’s all because Firefox made the clever move to open up its browser very early on to third parties, who wrote extensions to add features and functionality. I loved that idea, embraced it wholeheartedly, and now run about 20 extensions.

The new Firefox – which despite its apocalyptic upgrade moves only from version 56.02 to 57.0 – will no longer run those extensions which for me have been the most useful.

Software developers love adding new stuff and making things look new using the latest software tools. Mozilla has been no slouch in this department. Fine for developers perhaps, but as a user, this constant change is a pain in the arse, as it means I need to re-learn each time how to use the software.

So Classic Theme Restorer (CTR) is particularly precious to me, as it enables Firefox to look and feel pretty much as it did when I first started using it.

CTR puts things, such as toolbars and menus – back where they were, so they work they have always worked – and for that matter, the way that most of my software works. But after the upgrade, CTR cannot work, as the hooks provided by the browser for it to do its stuff don’t exist in the new version.

Two other extensions are key from my point of view. One gives me tree-style tab navigation to the left of the browser window, not along the top where multiple tabs pretty soon get lost. And tab grouping, a feature that disappeared a few generations of browser ago but was replaced by a couple of extensions, means you can keep hundreds of tabs open, arranged neatly by topic or project. Who wouldn’t want this if they work in the browser all day?

Meanwhile, the developers of some other extensions have given up, due to the effort involved in completely re-writing their code, while others will no doubt get there in some form or other, eventually.

Messing with look and feel

This is a serious issue. Back in the day, one of the much-touted advantages of a graphical user interface was that all software worked the same, reducing training time: if you could use one piece of software, you could use them all. No more. Where did that idea go?

Mozilla clearly thinks performance – which can instead be boosted by adding a faster CPU – is paramount. Yes, it’s important but a browser is now a key tool, and removing huge chunks of functionality is poor decision-making.

I feel like my home is being dismantled around me. The walls have shifted so that the bedroom is now where the living room used to be, the front door is at the back, and I’ve no idea where the toilet is.

Some might argue that I should suck it up and move with the times. But I don’t use a browser to interact with the technology but rather to capture information. Muscle memory does the job without having to think about the browser’s controls or their placement. If the tool gets in the way and forces me to think about how it works, it’s a failure.

So version 57 is not happening here. Not yet, anyway.

Why some websites are deliberately designed to be insecure

Passwords remain the bane of our lives. People print them out, they re-use them or slightly change them for different services, or they simply use the same one for decades.

On the other side of the coin, for most users of a service, it’s a pain to remember a password and a bigger pain to change it – and then have to remember a new one all over again as websites change, they get hacked and/or their security policy changes.

But while passwords are imperfect, they’re the least worst option in most cases for identifying and authenticating a user, and the best way of making them more secure is to use each password for only one site, and make them long, complex, and hard to guess. However, some websites are purposely designed to be less secure by subverting those attempts. Here’s why.

2FA doesn’t work

Two-factor (2FA) authentication is often seen as a more secure method of authentication but it’s patchy at best. For example, the division between enterprise and personal environments has today all but evaporated. In the course of their jobs, people increasingly access their personal services at work using their personal devices. And employers can’t mandate 2FA for access to Facebook, for example, which might well be the chosen method of communication of a key supplier, or a way of communicating with potential customers. All FB wants is a password, and it’s not alone.

Two-factor authentication is also less convenient and takes more time. You’re prepared to tolerate this when accessing your bank account because, well, money. For most other, less important services, adding barriers to access is likely to drive users into the arms of the competition.

Password persistence

So we’re stuck with passwords until biometrics become a pervasive reality. And maybe not even then – but that’s a whole other issue. The best solution I’ve come up with to the password problem is a password manager. Specifically, KeePass, which is a free, open-source, cross-platform solution with a healthy community of third-party developers of plug-ins and utilities.

You only have to remember one password and that gets you access to everything. So you only have to remember one single master password or select the key file to unlock the whole database. And as the website says: “The databases are encrypted using the best and most secure encryption algorithms currently known (AES and Twofish).”

It works on your phone, your PC, your Mac, your tablet – you name it, and it’ll generate highly secure passwords for you, customised to your needs. So what’s not to like?

Pasting problems

Here’s the rub: some websites think they’re being more secure by preventing you from pasting a password into their password entry fields. Some website security designers will argue that that passwords to access their service should not be stored in any form. But a password manager works by pasting passwords into the password login field.

The rationale for preventing password pasting is that malware can snoop the clipboard and pass that information back to the crooks. But this is using a sledgehammer to crack a nut because KeePass uses an obfuscation method to ensure the clipboard can’t be sniffed. And it will clear the password in a very short time – configurable by you – so that the exposure time can be very short; 10 seconds will do it.

In addition, as Troy Hunt, a Microsoft MVP for Developer Security, points out: “the irony of this position is that [it] makes the assumption that a compromised machine may be at risk of its clipboard being accessed but not its keystrokes. Why pull the password from memory for the small portion of people that elect to use a password manager when you can just grab the keystrokes with malware?”

In other words, preventing pasting is counter-productive; it’s reducing security. Don’t believe me? Check out this scenario.

Insecure by design

So if you can’t paste a password in, what do you do? If you use a password manager, which is probably the most secure way of storing passwords today and puts you way ahead of the game, you open up the entry for that service in KeePass, expose the password to any prying eye that happens to be passing, and copy in the password – which is likely to be long and complex – manually, character by character. Probably takes a few minutes.

Can you see anything wrong with that? If you’re sitting in a crowded coffee shop, for example?

Yup. A no-paste policy is annoying, slow, prone to mistakes, and highly insecure. Worse, it’s likely to be the security-conscious – those using password managers and the like – who are most affected. Even a simple file full of passwords – hopefully encrypted – and tucked away in an obscure location is likely to be more secure than the method many if not most people use: re-using common, easily memorable passwords.

I’ve had discussions about this with one major UK bank which implemented a no-paste policy and seems since to have reversed course – whether as a result of my intervention (and no doubt that of others too) I have no way of knowing.

Say no to no-paste

So if you encounter a website that does not allow you to paste in a password in a mistaken bid to add security, point out to them that in effect, they’re forcing people to use weak passwords that they can remember, which will be less secure.

As Troy Hunt says: “we’ve got a handful of websites forcing customers into creating arbitrarily short passwords then disabling the ability to use password managers to the full extent possible and to make it even worse, they’re using a non-standard browser behaviour to do it!”

Is the cloud letting consumers down?

The promise of cloud services has, by and large, been fulfilled. Back in the day, and right up to the present day still, the big issue has been security: is your data safe?

What this question is really asking is whether you can retrieve your data quickly in the event of a technological melt-down. You know the kind of thing: an asteroid hits your business premises, a flood or fire makes your office unusable for weeks or months, or some form of weird glitch or malware makes your data unavailable, and you need to restore a backup to fix it.

All these scenarios are now pretty much covered by the main cloud vendors so, from a business perspective, what’s not to like?

Enter the consumer

Consumers – all of us, in other words – are also users of cloud services. Whether your phone uploads photos to the manufacturer’s cloud service, or you push terabytes of multimedia data up to a big provider’s facility, the cloud is integrated into everything that digital natives do.

The problem here is that, when it comes to cloud services, you get what you pay for. Enterprises will pay what it takes to get the level of service they want, whether it’s virtual machines for development purposes that can be quick and easy to set up and tear down, or business-critical applications that need precise configuration and multiple levels of redundancy.

Consumers on the other hand are generally unable to pay enterprise-level cash but an increasing number have built large multimedia libraries and see the cloud as a great way of backing up their data. Cloud providers have responded to this demand in various ways but the most common is a bait-and-switch offer.

Amazon’s policy changes provide the latest and arguably the most egregious example. In March 2015, it initiated, all for just £55 a year, an unlimited data storage service, not just photos as Google and others were already offering. Clearly many people saw this as a massive bargain and, although figures are not publicly available, many took it up.

Amazon dumps the deal

But in May 2017, just over two years later, Amazon announced that the deal was going to be changed, and subscribers would have to pay on a per-TB basis instead. This was after many subscribers – according to user forums – had uploaded dozens of terabytes over a period of months at painfully slow, asymmetrical data rates.

Now they are offered on a take it or leave it basis an expensive cloud service – costing perhaps three or four times more depending on data volumes – and a whole bunch of data that it will be difficult to migrate. On Reddit, many said they have given up on cloud providers and are instead investing in local storage.

This isn’t the first time such a move has been made by a cloud provider: bait the users in, then once they’re committed, switch the deal.

Can you trust the cloud?

While cloud providers are of course perfectly at liberty to change their terms and conditions according to commercial considerations, it’s hard to think of any other consumer service where such a major change in the T&Cs would be implemented because of the fear of user backlash. Especially by one of the largest global providers.

The message that Amazon’s move transmits is that cloud providers cannot be trusted, and that a deal that looks almost too good to be true will almost certainly turn out to be just so, even when it’s offered by a very large service provider who users might imagine would be more stable and reliable. That the switch comes at a time when storage costs continue to plummet makes it all the more surprising.

In its defence, Amazon said it will honour existing subscriptions until they expire, and only start deleting data 180 days after expiry.

That said, IT companies need to grow up. They’re not startups any more. If they offer a service and users in all good faith take them up on it, as the commercial managers at Amazon might have expected, they should deal with it in a way that doesn’t potentially have the effect of destroying faith and trust in cloud providers.

It’s not just consumers who are affected. It shouldn’t be forgotten that business people are also consumers and the cloud purchasing decisions they make are bound to be influenced to a degree by their personal experiences as well as by business needs, corporate policy and so on.

So from the perspective of many consumers, the answer to the question of whether you can trust the cloud looks pretty equivocal. The data might still be there but you can’t assume the service will continue along the same or similar lines as those you originally signed up to.

Can you trust the cloud? Sometimes.