All posts by Tim Anderson

internet, security, tech

Let’s Encrypt: a quiet revolution

3 Comments

Any website that supports SSL (an HTTPS connection) requires a  digital certificate. Until relatively recently, obtaining a certificate meant one of two things. You could either generate your own, which works fine in terms of encrypting the traffic, but results in web browser warnings for anyone outside your organisation, because the issuing authority is not trusted. Or you could buy one from a certificate provider such as Symantec (Verisign), Comodo, Geotrust, Digicert or GoDaddy. These certificates vary in price from fairly cheap to very expensive, with the differences being opaque to many users.

Let’s Encrypt is a project of the Internet Security Research Group, a non-profit organisation founded in 2013 and sponsored by firms including Mozilla, Cisco and Google Chrome. Obtaining certificates from Let’s Encrypt is free, and they are trusted by all major web browsers.

image

Last month Let’s Encrypt announced coming support for wildcard certificates as well as giving some stats: 46 million active certificates, and plans to double that in 2018. The post also notes that the latest figures from Firefox telemetry indicate that over 65% of the web is now served using HTTPS.

image
Source: https://letsencrypt.org/stats/

Let’s Encrypt only started issuing certificates in January 2016 so its growth is spectacular.

The reason is simple. Let’s Encrypt is saving the IT industry a huge amount in both money and time. Money, because its certificates are free. Time, because it is all about automation, and once you have the right automated process in place, renewal is automatic.

I have heard it said that Let’s Encrypt certificates are not proper certificates. This is not the case; they are just as trustworthy as those from the other SSL providers, with the caveat that everything is automated. Some types of certificate, such as those for code-signing, have additional verification performed by a human to ensure that they really are being requested by the organisation claimed. No such thing happens with the majority of SSL certificates, for which the process is entirely automated by all the providers and typically requires that the requester can receive email at the domain for which the certificate is issued. Let’s Encrypt uses other techniques, such as proof that you control the DNS for the domain, or are able to write a file to its website. Certificates that require human intervention will likely never be free.

A Let’s Encrypt certificate is only valid for three months, whereas those from commercial providers last at least a year. Despite appearances, this is not a disadvantage. If you automate the process, it is not inconvenient, and a certificate with a shorter life is more secure as it has less time to be compromised.

The ascendance of Let’s Encrypt is probably regretted both by the commercial certificate providers and by IT companies who make a bit of money from selling and administering certificates.

Let’s Encrypt certificates are issued in plain-text PEM (Privacy Enhanced Mail) format. Does that mean you cannot use them in Windows, which typically uses .cer or .pfx certificates?  No, because it is easy to convert between formats. For example, you can use the openssl utility. Here is what I use on Linux to get a .pfx:

openssl pkcs12 -inkey privkey.pem -in fullchain.pem -export -out yourcert.pfx

If you have a website hosted for you by a third-party, can you use Let’s Encrypt? Maybe, but only if the hosting company offers this as a service. They may not be in a hurry to do so, since there is a bit of profit in selling SSL certificates, but on the other hand, a far-sighted ISP might win some business by offering free SSL as part of the service.

Implications of Let’s Encrypt

Let’s Encrypt removes the cost barrier for securing a web site, subject to the caveats mentioned above. At the same time, Google is gradually stepping up warnings in the Chrome browser when you visit unencrypted sites:

Eventually, we plan to show the “Not secure” warning for all HTTP pages, even outside Incognito mode.

Google search is also apparently weighted in favour of encrypted sites, so anyone who cares about their web presence or traffic is or will be using SSL.

Is this a good thing? Given the trivia (or worse) that constitutes most of the web, why bother encrypting it, which is slower and takes more processing power (bad for the planet)? Note also that encrypting the traffic does nothing to protect you from malware, nor does it insulate web developers from security bugs such as SQL injection attacks – which is why I prefer to call SSL sites encrypted rather than secure.

The big benefit though is that it makes it much harder to snoop on web traffic. This is good for privacy, especially if you are browsing the web over public Wi-Fi in cafes, hotels or airports. It would be a mistake though to imagine that if you are browsing the public web using HTTPS that you are really private: the sites you visit are still getting your data, including Facebook, Google and various other advertisers who track your browsing.

In the end it is worth it, if only to counter the number of times passwords are sent over the internet in plain text. Unfortunately people remain willing to send passwords by insecure email so there remains work to do.

tech

New year, new web site

1 Comment

I took the opportunity of the Christmas break to move itwriting.com to a new server.

The old server has worked wonderfully for many years, but in that time a lot of cruft accumulated.

The old WordPress template was also out of date. Today it is necessary not only to have a site that works well on mobile, but also one that is served over SSL. I am taking advantage of Let’s Encrypt to give itwriting.com trusted SSL support.

On the old site I ran three blogs. itwriting.com, aimed at professionals. Gadgets.itwriting.com aimed at consumers. Taggedtalk.com for when I occasionally wanted to blog about music. Running three blogs is a hassle and I decided to combine them into one despite the differences in content. The idea is to use WordPress categories to make sense of this but this too is work in progress.

The price of this migration is broken links. Content that is migrated from the old itwriting.com blog is mostly fine, though there are some images linked with http that will need to be fixed. Content from the other two blogs is more problematic and I have some work to do tidying up the images. There is also the old pre-wordpress blog which is now offline. This was active from 2003 to 2006 and I am undecided about whether to reinstate it.

Apologies then for the disruption but I hope it will be worth it.

gadgets, honor, huawei, smartphones

Honor 7x: a great value mid-range smartphone spoilt by unexciting design

Honor is Huawei’s youth/consumer smartphone brand and deserves its reputation for putting out smartphones with compelling features for their price. Just released in the UK is the Honor 7x, a mid-range phone whose most striking features are a 5.93" 2160×1080 (18:9) display and dual-lens camera.

I came to respect the Honor brand when I tried the Honor 8, a gorgeous translucent blue device which at the time seemed to provide all the best features of Huawei’s premium phone at a lower price. The Honor 8 is 18 months old now, but still on sale for around £70 more than a 7x (there is also an Honor 9 which I have not tried). The 5.2" 1920 x 1080 screen happens to be the perfect size for my hands.

What about the new 7x though?

The 7x feels solid and well-made though unexciting in appearance. The smooth rear of the matt metal case is broken only by the fingerprint reader and dual camera lenses and flash. On the front there is the phone speaker and front-facing camera at the top of the screen, media speaker, microphone, headset socket and Micro-B USB along the bottom edge. The larger than average screen does make for a phone that is less comfortable to hold than a smaller device, but that is the trade-off you make.

The Kirin 659 processor has 8 ARM Cortex-A53 cores, comprised of 4 high-speed 2.38 GHz cores and 4 power-saving 1.7 GHz cores. SoC (System on a Chip) also includes an ARM Mali-T830 graphics processing unit. This is a mid-range processor which is fine for everyday use but not a powerhouse.  Benchmark performance is around 15% better than Samsung’s Exynos 7 Octa 7870, found in the Galaxy A3, for example.

PC Mark came up with a score of 4930, a little behind the older Honor 8 at 5799.

image

The screen resolution at 2160 x 1080 is impressive, though I found it a little dull on the default automatic brightness settings.

Music audio quality is great on headphones or high quality earbuds, but poor using the built-in loudspeaker – usually not important, but I have heard much better.

Where this phone shines is in photography. The dual lens is now well proven technology from Huawei/Honor and does make a difference, enabling better focusing and sharper images. If you enable the wide aperture in the camera, you can refocus pictures after the event, a magical feature.

If you swipe from the left in the camera app, you can select between a dozen or so modes, including Photo, Pro Photo, video, panorama, time-lapse, effects  and more. Selecting Pro Photo enables controls for metering (determines how the camera calculates the exposure), ISO, shutter speed,  exposure compensation (affects brightness) and focus mode.

image

If you swipe from the right, you can access settings including photo resolution (default is 4608 x 3456), storage location, GPS tagging, object tracking and more. There is no option for RAW images though.

image

Along the top of the camera screen are settings for flash, wide aperture, portrait mode, moving picture (records a short video when you take a picture), and front/rear camera enable.

There are also a couple of features aimed at selfies or group photos, where you want to be in the picture. If you enable audio control, the camera will take a picture when you say “Cheese”. If you enable gesture control (only works with the front camera), you can take a picture by raising your hand, triggering a countdown. I tried both features and they work.

How are the actual results though? Here is a snap taken with default settings on the 7x, though I’ve resized the image for this blog:

and here it is again on the Honor 8:

Personally I think the colours are a bit more natural on the Honor 8 but there is not much between them. I was also impressed with the detail when zoomed in. In the hands of an expert you could take excellent pictures with this, and those of us taking quick snaps will be happy too.

Likes, dislikes and conclusion

For 25% of the price of Apple’s latest iPhone, you get a solid and capable device with above average photographic capability and a high resolution display. I also like the fact that the fingerprint reader is on the rear, even though this is against the recent trend. This makes it easy to pick up and unlock the phone with one hand, with no need for face recognition.

Still, while I would be happy to recommend the phone, I do not love it. The design is plain and functional, rather out of keeping with Honor’s “for the brave” slogan. No NFC is a negative, and it is a shame Honor has provided the old micro USB instead of USB C as on the premium models.

These are minor nitpicks though and I cannot fault it for value or essential features.

Specification

OS Android 7
Chipset 8-core Kirin 659 (4 x 2.38GHz + 4 x 1.7 GHz)
Battery 3340 mAh
Screen 2160 x 1080
Rear camera Dual lens 16MP + 2MP, F/0.95 – F/16 aperture
Front Camera 8MP
Connectivity 802.11 b/g/n wifi, Bluetooth 4.1, USB 2.0
Dimensions 156.5mm x 75.3mm x 7.6mm
Weight 165g
Memory 4GB RAM, 64GB storage, microSD up to 256GB
SIM slots Dual TD-LTE/FDD LTE/WCDMA/GSM SIM or SIM + microSD
Fingerprint reader Rear
Sensors Proximity, ambient light, compass, gravity
Audio 3.5mm headset jack
Materials Metal unibody design
Price £269.99
audio, gadgets, hifi

The Scalford Hi-Fi show is dead – long live the Kegworth “Europe’s biggest Hi-Fi enthusiasts show”?

2 Comments

It was March 2009 when I took part in an unusual Hi-Fi show, variously known as the Scalford, Wigwam, Wam or Pie Show (Pie show because Scalford is near Melton Mowbray, home of the Pork Pie, and Pie rhymes with Hi-Fi). Wigwam was and is a Hi-Fi enthusiasts forum and the idea was to put on a show where the kit on show was not the latest stuff from big brands, but rather actual systems in use by enthusiasts. Without the normal income from commercial exhibitors, the cost of the hotel booking was met by the entrance fee (£10 as I recall). Exhibitor rooms were free other than a small contribution to public liability insurance. The early shows were run by audio show specialists Chester who did it, they said, as a community building exercise.

Scalford Hall is an English country hotel which must once have been a grand country residence. it is beautiful, rambling and impractical, but full of atmosphere.

The show was an extraordinary success. There was a vastly greater variety of gear on show than at commercial shows, ranging from conventional and modern to old and home-made. The exhibitors were enthusiasts who loved to talk about their systems, and the sound achieved was in general rather better than most. A few pictures, not from the first show:

image

image

Personally I had a great time at Scalford and exhibited 8 years in succession (starting with the first). Hmm let me see:

2009: plain Squeezebox, Naim 32.5/Hicap/250 and Kans 

image

2010: Ergo speakers designed by James at another HiFi forum, Pink Fish Media,  loaned to me for the event. Same source and amplification.

2011: Active Speakers AVI ADM 9 with BK subwoofer

2012: Linn Kaber loudspeakers with Naim amplification; my least successful room I feel. I thought the Naim amplifier would get the Kabers sounding at their best but the sound was average and I was not sure how to fix it. 

2013: Active Speakers Behringer B3031A. The theme here was how to get a great sound on a small budget, and the Behringer active speakers offer a lot for the price.

2014: Amplifier comparison Naim as above vs Yamaha AS500

This was fascinating; a modern budget amplifier compared to a classic pre-power combination loved by many but also considered coloured. Most thought both sounded great and were not sure which was which.

2015: DSD vs PCM comparison using Teac DSD DAC 

2016: Raspberry Pi system no separate amplifier

Some of these events have separate write-ups on this blog.

My goal was not to have the best sounding system but to do something interesting and enjoyable.

Enjoyable it was, but also hard work – at first I didn’t bother booking a room for the night as I lived within 45 minute drive, but I gradually realised that staying over worked better both for access to the room and for hearing other rooms the night before.

Heaving equipment around is no fun even though I didn’t have the heaviest stuff, even so amplifiers, subs and speaker stands are hefty enough. Some of my stuff got a bit bashed about too, though scratches rather than real damage.

The earliest events were run supposedly at break-even or thereabouts by Chester. The only commercial presence in the early shows was a record shop in the lobby.

I was personally fine with everything as we were doing something a bit different that would not otherwise be possible.

Gradually more commercial rooms appeared and it became harder and harder to secure good rooms. My room in year 1 was brilliant and sounded great as a result. Many of the rooms though were small hotel bedrooms in an extension rather than the older part of the building, with poor sound insulation. It was hard to get a good sound in these rooms.

I also began (speaking personally) to feel a bit unappreciated as it was the exhibitors who made the event worth going to, but we paid for the privilege and if someone managed to make some money (as I believe the organisers did in some years) none of it came to us not even a free beer or two. After the first couple of shows the organisation passed to the owners of the WigWam forum, which itself changed hands a few times. In 2017 my heart was no longer in it and I did not exhibit.

The trend towards greater commercialism continues and the WigWam’s current owners now promote the event as "Europe’s Biggest HiFi Enthusiasts Show". The cost for exhibitors has increased and now starts at £85. I have fond recollections of the show and hope it goes from strength to strength, but last year felt it was no longer for me.

Scalford was a wonderful venue, quirky and romantic, visitors could still be surprised to open a door or ascend a stairway and find a corridor of rooms they had somehow missed. Of course it was also a bit impractical and the catering rather ho-hum but it wasn’t a big deal for me.

The show is now moving to Kegworth, just off the M1 near Nottingham. The move to a hotel handy for the motorway and airport is another step away from the atmosphere and culture of the initial concept.

That said, I have no doubt that it will remain a remarkable and unusual event and hope it continues to be a great success.

rants, tech

The annoyance of mistaken email addresses – an example from Netflix

1 Comment

One of the reasons email is broken is that many companies do not bother to verify email addresses when setting up accounts. If someone by accident or design opens an account with an email other than their own – yours, for example – the person who actually has that email address may get bombarded with unwanted emails. Mostly you can just block them with all the other spam but it can be problematic. You may run into difficulties if you try to open your own account with the same organization. If there is money involved you may also get pursued by email for the other person’s debts; presumably this sort of thing can be sorted out but in some cases passively accepting the problem might not be the best idea.

What should happen is that all email addresses are verified. The company where the account is set up sends ONE email to the address given, with a magic link to verify that it really is you that set up the account. If you ignore that email you should never get another one. Sometimes there is even a link to say “this is not me” or “disavow”, which is even better.

Unfortunately it can be hard to inform the organisation of the wrong email address. In the majority of cases, emails come from a “do not reply” address. Often you are meant to log into the account (that is not your account) to make changes or contact support. You would have to change the password of course. That seems a bad idea and might even be considered a tacit acceptance that it is your account, or a hack attempt.

When this happens to me I mostly ignore it, but sometimes resort to things like Twitter support contacts or web chat. It can still be awkward. Here’s my chat transcript when Netflix (which should know better) sent me a welcome email for my new account (nothing to do with me):

Me
Someone has created a Netflix account with my email address. Please delete it.

[Rep] Netflix
Hi there 🙂

[Rep] Netflix
Sure!! No problem

[Rep] Netflix
Could you please tell me what’s your email address?

Me
*************************

[Rep] Netflix
I could find any active account with this email address… don’t you have another email address?

Me
I have just received a welcome email

[Rep] Netflix
To that email? *************************

Me
yes

Me
Hey there, My name is ****. I work at Netflix and help our newest members get started. If you’d like to chat before you start your free month, you can call 1-***-***-**** with any questions. Also, don’t worry about being billed by surprise — we always send a reminder before your free trial ends. If you’re all set, finish your account setup to start watching. If there’s anything you need help with, don’t hesitate to contact us. Cheers, **** netflix.com

[Rep] Netflix
Oohh!!! That’s definetely not from us!!

Me
it passes DKIM

[Rep] Netflix
This is a phising email

[Rep] Netflix
phishin*

Me
ARC-Authentication-Results: i=1; mx.google.com; dkim=pass header.i=@netflix.com

Me
so it is from your domain

[Rep] Netflix
Please tell me the email address who sent you the email
Me

Me
***********************

[Rep] Netflix
OOH!! O.O

[Rep] Netflix
Please wait a second

[Rep] Netflix
I’m checking here… please hang on there

Me
thanks

[Rep] Netflix
It looks like someone took your email information and created an account, but don’t worry, I’m cancelling the account right now

Me
thanks
Me

that is what I said at first 🙂

[Rep] Netflix
Yes… I know xD but I really needed to confirm all the information

[Rep] Netflix
I’m on it now 🙂

[Rep] Netflix
Done 🙂

Me
thanks

[Rep] Netflix
I was a pleasure 🙂

[Rep] Netflix
And one more thing, if you wouldn’t mind, please stay online for a one question survey.

I declined the one question survey.

cloud computing, google, salesforce.com, tech

Quick thoughts on Salesforce and Google Cloud Platform alliance

image

Yesterday Salesforce and Google announced a strategic partnership:

1. Salesforce named Google Cloud as “a preferred public cloud provider”. Salesforce says it “continues to invest in its own data centers”. However it will use public cloud infrastructure “for its core services” as well, especially in “select international markets.” Why is Google Cloud Platform (GCP) just a preferred partner and not the? Well, “AWS is a great partner”, as the release also notes.

2. New integrations will be introduced between Salesforce and G Suite (Gmail, Docs, Google Drive and Calendar for business), and there is a promotional offer of one year’s free G Suite for Salesforce customers. Note that the release also says “restrictions apply, see here”, with the see here link currently inactive.

3. Salesforce will integrate with Google Analytics.

Google has also posted about the partnership but adds little of substance to the above.

Why this alliance? On Google’s side, it is keen to build momentum for its cloud platform and to catch up a little with AWS and Microsoft Azure. Getting public support from a major cloud player like Salesforce is helpful. On the Salesforce side, it is an obvious alliance following the public love-in between Adobe and Microsoft Azure. Adobe competes with Salesforce in marketing tools, and Microsoft competes with Salesforce in CRM.

Google will also hope to win customers from Microsoft Exchange, Office and Office 365. However Salesforce knows it has to integrate nicely with Microsoft’s email and productivity tools as well as with G Suite. The analytics integration is a bigger deal here, thanks to the huge reach of Google’s cloud data and tools.

microsoft, tech, windows

One thing that’s worse in Windows 10 Fall Creators Update: uncontrollable application auto-start

One thing I’ve noticed in Windows 10 recently is that Outlook seems to auto-start, which it never did before. In fact, this caused an error on a new desktop PC that I’m setting up, as follows:

1. Outlook has an archive PST open, which is on a drive that is connected over iSCSI

2. On reboot, Outlook auto-started and threw an error because it could not find the drive

3. In the background, the iSCSI drive reconnected, which means Outlook could have found the drive if it had waited

All very annoying. Of course I looked for the reason why Outlook was autostarting. In Windows 10, you can control startup applications in Task Manager. But Outlook was not listed there. Nor could I find any setting or reason why it was auto-starting.

Eventually I tracked it down. It is not really Outlook auto-starting. It is a new feature in Windows 10 Fall Creators Update that automatically restarts applications that were running when Windows was last shutdown. Since Outlook is pretty much always running for me, the end result is that Outlook auto-starts, with the bad result above.

I presumed that this was a setting somewhere, but if it is, I cannot find it. This thread confirms the bad news (quote is from Jason, a Microsoft support engineer):

This is actually a change in the core functionality of Windows in this development cycle.

Old behavior:
– When you shut down your PC, all apps are closed

– After reboot/restart, you have to re-open any app you’d like to use

New behavior:

– When shutting down your PC, any open apps are “bookmarked” (for lack of a better word)

– After reboot/restart, these apps will re-open automatically

If you want to start with no apps open (other than those set to auto-start via Task Manager/Start), you’ll need to ensure all apps are closed before shutting down or restarting the PC.

Why?

The desire is to create a seamless experience wherein, if you have to reboot a PC, you can pick back up quickly from where you left off and resume being productive.  This has far-ranging impacts across the OS (in a good way).

Not everyone agrees that this “far-reaching impact” is a good thing. The biggest gripe is that there is no setting to disable this behaviour if it causes problems, as in my case. Various entries in the official Windows feedback hub have been quick to attract support.

Workarounds? There are various suggestions. One is to manually close all running applications before your restart. That is an effort. Another is to use a shortcut to shutdown or restart, instead of the Start menu option. If you run:

shutdown /f /s /t 0

you get a clean shutdown; or

shutdown /f /r /t 0

for a restart.

As for why this behaviour was introduced without any means of controlling it, that is a mystery.

gadgets, laptops, microsoft, tablets, windows

A quick look at Surface Book 2: powerful but heavy

Microsoft’s Surface range is now extensive. There is the Surface Pro (tablet with keyboard cover), the Surface Laptop (laptop with thin keyboard), and the Surface Book (detachable tablet). And the Surface Studio, an all-in-one desktop. Just announced, and on display here at Microsoft’s Future Decoded event in London, is Surface Book 2.

image

The device feels very solid and the one I saw has an impressive spec: an 8th Gen Intel Core i7 with 16GB RAM and NVIDIA GeForce GTX 1050 discrete GPU. And up to 17 hours battery life.

All good stuff; but I have a couple of reservations. One is the weight; “from 3.38 lbs (1.534 Kg) ”, according to the spec. By contrast, the Surface Laptop starts at 1.69 lbs (0.767 Kg).

That makes the Book 2 heavy in today’s terms. I am used to ultrabook-style laptops now.

Of course you can lighten your load by just using the tablet. Will you though? I rarely see Windows convertible or detachable devices used other than like laptops, with the keyboard attached. The Surface is more likely to be used like a tablet, since you can simply fold the keyboard cover back, but with the Book you either leave the keyboard at home, and put up with short battery life, or have it at least in your bag.

microsoft, office 365, tech

Microsoft announces Office 2019, Exchange Server 2019 and SharePoint Server 2019

This was not one of Microsoft’s most surprising announcements, but even so, confirmation that some of the company’s most significant products are to receive updates a year or so from now. The announcement was made at the SharePoint and OneDrive session at the Ignite event here in Orlando.

image

If you have an hour or so spare, you can view the session here:

Note that fewer people now use these products; that is, increasing numbers of users are on Exchange Online and Office 365. These are the same but not the same, and get updates earlier than the on-premises equivalents. Still, we may well see a makeover for Office 365 at around the time Office 2019 is released.

Either way, we should not expect a radical departure from the current Office. Rather, we can expect improvements in the area of collaboration and deeper integration with cloud services.

You will also need to think about the following dialog, if you have not already (the exact wording will vary according to the context):

image

The deal is that you send your document content to Microsoft in order to get AI-driven features.

cloud computing, microsoft, tech

Microsoft Ignite: where next for Microsoft’s cloud? The Facebook of business?

image

Microsoft has futuristic domes as part of its Envision event, running alongside Ignite here in Orlando. Ignite is the company’s main technical event of the year, focusing mainly on IT Pros but embracing pretty much the whole spectrum of Microsoft’s products and services (maybe not much Xbox!). With the decline of the PC and retreat from mobile, and a server guy at the helm, the company’s focus has shifted towards cloud and enterprise, making Ignite all the more important.

This year sees around 25-30,000 attendees according to a quick estimate from one of the PRs here; a little bigger than last year’s event in Atlanta.

Microsoft will present itself as an innovative company doing great things in the cloud but the truth is more complex, much though I respect the extent to which the business has been transformed. This is a company with a huge amount of legacy technology, designed for a previous era, and its challenge has been, and still is, how to make that a springboard for moving to a new way of working as opposed to a selling opportunity for cloud-born competitors, primarily Amazon Web Services (AWS) and Google, but also the likes of Salesforce and Dropbox.

If there is one product that has saved Microsoft, it is probably Exchange, always a solid email server and basic collaboration tool. Hosted Exchange is the heart of Office 365 (and BPOS before it), making it an easy sell to numerous businesses already equipped with Office and Outlook. Email servers are horrible things to manage, so hosted has great appeal, and it has driven huge uptake. A side-effect is that it has kept customers using Office and to some extent Windows. A further side-effect is that it has migrated businesses onto Azure Active Directory, the directory behind Exchange Online.

Alongside Office 365, the Azure cloud has matured into a credible competitor to AWS. There are still shortcomings (a few of which you can expect to be addressed by announcements here at Ignite), but it works, providing the company with the opportunity to upsell customers from users of cloud infrastructure to consumers of cloud services, such as Azure IoT, a suite of tools for gathering and analysing data.

The weakness of Microsoft’s cloud efforts has been the moving parts between hosted services and Windows PCs, and legacy pieces that do not work as you would expect.  OneDrive has been a persistent annoyance, with issues over reliable document sync and limitations over things like the number of documents in a folder and the total length of a path. And where are my Exchange Public Folders, or any shared folders, in Outlook for IoS and Android? And why does a PC installation of Office now and again collapse with activation or other issues, so that the only solution is removal and reinstall?

At Ignite we will not hear of such things. Instead, Microsoft will be presenting its vision of AI-informed business collaboration. Think “Facebook of business”, powered by the “Microsoft graph”, the sum of data held on each user and their files and activity, now combined with LinkedIn. The possibilities for better-informed business activity, and systems that know what you need before you ask, are enticing. Open questions are how well it will work, and old issues of privacy and surveillance.

Such things also can only work if businesses do in fact commit more of their data to Microsoft’s cloud. The business case for this is by no means as simple as the company would have us think.