Office 2016: You’re connected to too many services

You’re connected to too many services. Please remove some connections before adding additional services.

Recently I started seeing the above annoying error message every time I opened up Outlook 2016 on my MacBook, but only after being prompted for my passwords for every single email account I had. This is tedious with two connected accounts. I have five.

A quick search led me to a thread on Microsoft Answers, with a solution by Beigs, who posted this image with their answer:

  1. Open Word or Excel 2016 on the Mac;
  2. Click on your name on the top left (a.k.a. the Welcome Screen);
  3. Log off any duplicate accounts, or accounts that have an Alert next to them;
  4. Close all Office 2016 applications, and re-open Outlook.

This worked for me, and from a technical point of view, it makes sense. Thanks, Beigs.

Begging the Question

After listening to, and reading, a podcast and associated transcript turned blog entry by Stephen Fry, I realised that it is necessary for language to change, to adapt, even though I used to be a vociferous defender of prescriptive grammar.

I use a lot of Emoji in my instant messaging apps these days, and I see the Internet pushing and changing the use of language very quickly. In the last 22 years that I have been online, I have also changed the way I speak in real life.

Which raises the question: where and when is it necessary to draw the line between formal and informal speech?

I maintain that blog posts are formal speech, just like newspaper articles and business letters. A blog post is a way to convey an idea, and the fact that it is electronic as opposed to physical shouldn’t matter.

Language must change and adapt, but not at the cost of clarity. I attended philosophy classes during my brief stint at Rhodes University in 1996, and those six months impressed upon me the need for clarity of thought and expression. If we cannot even assign the same meanings to words and phrases, we cannot communicate clearly.

“Begging the question” is an explicit example of the need for this level of clarity. Notice how I “raised” the question instead?

To beg a question is to create circular reasoning, to say “this is awesome because reasons, but the reasons are awesome because of this”.

The entire point of the term is that the question remains unasked. The trouble is that many people are literally begging the question in their public speaking, including politicians. Logical fallacies are talking points, are sound bites, are what we hear on the news, and I feel like we’re regressing.

A longer example of begging the question, using Batman, because the LEGO Batman Movie just came out and I loved it:

“Here is one reason we cannot use: Batman is great and so his gadgetry must be pro. Of course, this would beg the question, since we are trying to figure out why Batman is so great. If you think about this argument, it would go like this: Batman is great because he has awesome gadgetry, and his awesome gadgetry is great because he’s Batman, and Batman is great. This argument travels in a circle. To avoid begging the question, we need to straighten that circle out. To do this, we need to justify the greatness of Batman independently of how we already feel about Batman.”
(Galen Foresman, “Why Batman Is Better Than Superman.” Batman and Philosophy: The Dark Knight of the Soul, ed. by Mark D. White and Robert Arp. Wiley, 2008)

Does this make your head spin? Good. Philosophy is intended to do exactly that. Logical fallacies appear everywhere, and even I am guilty of them, perhaps even on this very website.

Listen to your favourite politician or celebrity. Actually listen to them. Hear the words, phrases, and sentences (if they actually speak in complete sentences), and see if there’s a logical consistency to them.

Question everything they say. If you can, challenge their assumptions. Critically assess the statements they assume are concrete and unquestionable. Don’t let someone tell you how to think until you’ve processed it yourself.

If you want to raise a question, raise a question, don’t beg it.

However, as Stephen Fry once said, “so fucking what?” Eventually the meaning will change to present usage, and I’ll have to adapt.

Air gaps and secure networks

I am a person with many interests. In one conversation, I’ll introduce myself as a new filmmaker. In another, I’m a seasoned theatre actor. Sometimes I give talks on Microsoft’s data platform products, SQL Server and Azure SQL Database. There’s another strong field of interest I have, which I don’t speak much about, and that’s information security (often shortened to infosec).

By no means am I a security expert. I use 1Password for managing my passwords and secure data between members of my company, and I use Cloak VPN when I connect to public Wi-Fi networks. My MacBook Pro’s hard drive is encrypted using FileVault. We have a guest Wi-Fi network at home to prevent non-residents gaining access to our smart lights and my NAS. I have passwords on my two computers’ screensavers.

I know I don’t do enough to keep everything as secure as possible, but I try.

Recently I’ve been watching the Pluralsight course Ethical Hacking (CEH Prep) (login required).

The very first thing in the course is setting up a secure lab environment, so that any tools used in the course are contained in that secure environment. This is the right way to do it, and I am using Hyper-V on my venerable Asus laptop to host these socially unacceptable virtual machines, away from my home network and away from the Internet.

This is called an “air gap”. Theoretically speaking, the virtual machines (guests) have no network access, and therefore there is air between them and a machine that is online. Practically speaking, this is untrue, because my laptop, which is hosting the guests, is online, but Hyper-V has segmented them on their own private network.

So this raises a question: How do I install applications on these guests if I’m not giving them access to any network? I don’t want to connect the guests to the Internet to download anything, firstly because of automatic updates (the lab environment must be predictable), and secondly because the guests may be compromised already, and it would be improper for me to expose compromised machines to the Internet (and my home network).

The answer, as with any air gap, is to do it the way we used to twenty years ago: burn files to CD-ROM or a USB drive, and then access that device from the guest.

Using Hyper-V (and other modern virtualization technology), it is trivial to connect a CD-ROM, USB drive, or disk image to a virtual machine. My challenge, in this “clean-room” laboratory that I’ve set up, is that I have no software on my host operating system. All I want to do is download the files to the host and then make them available to the guest virtual machines.

In the Pluralsight course, the way the presenter did this was to make a network share available from the host to the virtual machines. I decided against this, because it does not keep the lab environment completely separate.

The only other machine I can use is my MacBook Pro, which means having to copy files over the network to my host, which I want to avoid.

I decided to create a virtual hard drive (VHD), which is natively supported on all modern versions of Windows, as well as Hyper-V.

On the host, I created a VHD using the DISKPART command, which is built into Windows.

From the commandline, type diskpart to open it. At the DISKPART> prompt, type:

DISKPART> create vdisk file="D:\Temp\airgap.vhd" maximum=1024

This creates a 1GB virtual hard drive on my host, which I will use to store files that I want to install on the guest. However, before I can use this container file, I have to partition and format it.

Attach the new virtual disk we have just created:

DISKPART> attach vdisk

Create a primary partition on the virtual disk:

DISKPART> create partition primary

Select the partition:

DISKPART> select partition 1

Assign it a drive letter (I used Z: but you can use any available drive letter):

DISKPART> assign letter=z

At this point, Windows will pop up a dialogue box informing us that an unformatted drive has been detected. We can use this box to format the drive, using the default values.

Once the drive is formatted, we can transfer downloaded files to this new VHD.

The next step is using the VHD on the guest. To do that, once the files have been copied, we can detach the disk from the host using DISKPART again.

DISKPART> detach vdisk

This closes all open handles to the VHD, so that we can access it elsewhere.

In Hyper-V, or whichever virtualization host you’re using, the first thing to note is that VHDs cannot be added to virtual machines while they are running, so I have to make sure the guest is shut down.

We then add the VHD as a second hard drive to the guest’s configuration and start up the virtual machine. The VHD is already formatted, and it will receive a drive letter automatically when the operating system has started, so it will be accessible immediately. We can just run the applications or installation from that new drive as if we had downloaded the files directly to the guest.

To make changes to the VHD, we have to shut down the guest and then use DISKPART to attach to the VHD again. It is good practice to take all necessary precautions when attaching the VHD to your host again, because although the guest is turned off, there’s no guarantee that the VHD hasn’t been infected with something.

If you need to add new files, it would be better to create a new VHD instead. Treat the VHD with the same level of trust as a USB drive you find in a parking lot.

If you’d like to read additional technical posts, check out my blog on Born SQL.

On the Internet of Things

I hate the term “Internet of Things”. I say “Internet of Things” and “IoT” because everyone else does, but I don’t like it.

Not everything needs to be online. There’s a Twitter account called @InternetOfShit which posts regularly on this topic.

The first and most important reason why this is a bad idea is security. The Internet is planet-wide, where everyone with a connection is a potential threat. You really don’t want personal and private devices viewable, and possibly controlled, by just anybody.

The second problem is ownership, which also touches on privacy to an extent. Buying devices that rely on third-party providers (including the “trustworthy” ones like Google) means your private stuff is viewable by employees of those companies.

It also means that you could end up with useless equipment that cost a lot of money if the company shuts down or gets sold, and now a marketing firm who buys the assets has access to pictures of the inside of your house, which they will sell indiscriminately to defray expenses. If that doesn’t terrify you, please stop reading, turn off your computer or mobile device, and never visit my site again.

I won’t even get into how white-label Internet-connected cameras (manufactured inter alia by Sony, famous for being hacked many times) need to be rounded up and set alight, because their passwords are 888888, cannot be changed, and can be easily accessed remotely. The prevailing advice from security experts, in fact, is to toss these devices out.

A lot of crime is opportunistic. A database containing credit card numbers, personal information, nude photos, gamer tags, digital currency, whatever it may be, is attractive to certain people who have the technical skills to exfiltrate that information and sell it on to someone else. Rarely will you find that the people stealing this data are the ones using it. Firstly, that’s liable to get you caught, and secondly, the exfiltrator (or “hacker”, an unfortunate use of a perfectly cromulent word) just needs the money, or to prove his or her skills. The big paydays come from large data dumps. Sony, LinkedIn, Tumblr, Adobe, Yahoo, Yahoo (yes, twice), the list is endless.

So what’s the solution? With the number of devices growing exponentially every year, there’s no getting away from the convenience of having lights that turn on when you get home or a video camera to see if anyone is stealing your FedEx packages.

Ironically, the perception of extra safety and security provided by the devices is thwarted by their inherent lack of security. Manufacturers are racing to get into the market, forgoing testing. “Let the customer be the beta tester” is Google and Facebook’s mantra. Many companies are to blame; I’m not just singling these two out. Legal fees are clearly cheaper than research and development.

Which brings me to the point of this piece: building your own “Thing”. Do you want a camera watching your home while you’re away? Build one. Companies like Raspberry, Adafruit, and Arduino (to name just a few) have brought extremely cost-effective computing to the mass market, and relatively easy-to-use programming guides if you’ve never written a line of code in your life. Some of them even run Microsoft Windows!

Of course, building your own camera means that you can’t rely on Google or Sony to record and store your video, so you need what we call a DVR, or Digital Video Recorder. It didn’t help that cable and Internet-based television companies produced devices they also called DVRs, so there is some confusion when you search online. Fortunately the television kind is now called a PVR.

A DVR in this case is a hardware device with a number of connectors for security cameras to plug into. In the last ten years, this industry has seen impressive advances, where cameras are now wireless, connecting via the network, and DVRs can just be software.

In other words, you can buy a relatively inexpensive network-attached computer for your home (traditionally called a NAS, or network attached storage), run DVR software on it, and connect your Raspberry Pi Zero to that. Then, using a (free!) VPN (virtual private network) connection from your phone over the Internet to the NAS, you can view the images or video from the camera, and it’s all sitting in your home, away from prying eyes.

What you’ve done, then, is made your information harder to find. Security by obscurity. The chance of being hacked is still there, but the payday is much lower for a hacker if you use a good VPN server and follow best practices when it comes to securing your network.

One example is the principle of least privilege. What that means is, your camera that you’ve built will have its own security settings, away from, say, your desktop computer. If someone did happen to break into your VPN, and then break into your camera, they wouldn’t be able to hop onto yet another device on the network without doing a bit more work, because the security settings won’t work on any other device on the network (think of it like having a separate password for each device). Breaking this security is time-consuming, and working on stealing billions of passwords from Yahoo is much more lucrative.

Another example is layering. You don’t want to keep your Things on the same network as your computers. Even if they’re physically connected to the same Ethernet network, or everything is on Wi-Fi, there are inexpensive ways to partition your devices onto separate wireless networks, using the same router (which of course you’ve purchased separately, and sits between your cable company’s router and your network).

Yes, it takes a bit of effort to set up and secure your network. Yes, it costs more money. Yes, it’s inconvenient to trade security with ease of use, but the benefits are numerous, and I would suggest that it’s the minimum price of being part of the modern connected world. The manufacturers are responsible for creating ways to safely secure their devices, but we need to make sure we’re using those tools to keep ourselves safe from 7 billion (and counting) potential hackers.

It’s why in South Africa, to avoid being burgled, we just had to make sure we made our wall higher than the neighbours’ walls. If you’re going to be the family with the pretty little fence, welcome mat, and unlocked front door, don’t be surprised when you find a stranger going through your sex toys.

Microsoft BizSpark is now a one-year programme

As of 1 December 2016, Microsoft’s BizSpark programme is now only for one year, down from the original three years.

Given how useful the free Visual Studio tools are, and what is possible with Azure, I’m not surprised, but this is going to affect a lot of people.

From the BizSpark page:

A one year program, BizSpark puts all Microsoft development and test software at your fingertips, including Azure, Windows, Visual Studio, Office and SQL Server for free. Plus, enjoy access to hundreds of free training classes, technical content, and 4 break-fix phone support incidents to help you on your journey.

Anyone who signed up before 1 December 2016 is not affected by this change. The annual renewal is still in effect, but you still qualify for the full three-year programme.

Link: On Getting Old(er) in Tech

My friend Janie Clayton linked to this article by Don Denoncourt, which has some interesting thoughts and observations.

Something with which I agree:

I’ve seen too many people lock themselves into technologies (like Lotus Notes and Domino) and find themselves unmarketable after spending 10 years in that industry. Even if you have a high-paying salary, don’t let the tech world pass you by. Be sure to be up on the latest technologies. And, if you can’t do that at your current position, maybe it’s time to move on.

The entire article is worth taking your time to read.

My funniest line

In 1993, I was in Grade 11 and a member of the Parktown Boys’ High School Public Speaking team. Our four members were as unlikely to be public speakers as you could find. Two were exceptional athletes in their respective disciplines, and stereotypically assumed to be intellectually dim (they weren’t), one was a class clown.

And then there was me, the autistic anti-athlete. During one physical education lesson at school, the teacher had yelled something about how his grandmother could run faster than me, and I’d shot back, “I’m not your grandmother”.

Our topic for one particular speech, in a competition between several schools, was “The Games People Play”.

It was particularly memorable because both my parents attended (my father died only a few months later).

During our rehearsal, our team had come up with a very similar topic, so our stress levels were low, we were in a good mood, and I believe we came second in the competition.

Just before my summation as the leader of the team, the class clown, André, handed back to me by saying “Randolph is what you’d get if Snow White slept with Dopey.”

Naturally this brought the house down, and I could see my parents laughing too. I remember finishing very lamely, and that was that.

After the event, people had congregated as they tend to do, and I noticed André talking to my parents. I also knew that they’d never met, and it was unlikely they had introduced themselves in the short while they’d been chatting.

I walked over, and the line came to me as I opened my mouth:

“Ah, André, I see you’ve met Snow White and Dopey.”

We Didn’t Start 2016

(With apologies to Billy Joel.)


Carrie Fisher, Leonard Cohen, Arquette, Geordie Howe
George Michael, Nancy Reagan, Phife Dawg, Zydeco

Garry Shandling, Garry Marshall, Rob Ford, Ron Glass
David Bowie, John Glenn, Wilder, Castro

Prince Rogers Nelson, “Freaky” Leon Haywood
Zsa Zsa, Henderson, Ricky Harris, Harper Lee

David Smyrl, Caldwell, “Wizard of Woo” Worrell,
Green and White, Kimbo Slice, the great Muhammad Ali

We didn’t start the fire
It was always burning
Since the world’s been turning
We didn’t start the fire
No we didn’t light it
But we tried to fight it

Twitter

I’ve taken a break from Twitter for a while. This means unfollowing everyone. I am using Twitter Lists, though, so I am keeping track of events as they occur.

I have opened up my Direct Messages, and will respond to DMs (following the golden rule, of course).