Password Manager Woes

I read a post this morning and it hit a raw nerve or two.

As followers of the blog will know, I use KeePass for all my work and personal passwords. I’ve come across a number of sites that prevent pasting passwords for “security reasons” and it drives me nuts. Fortunately, most of the them can’t prevent the auto-type feature, so at least that’s something…

This attitude goes beyond websites though. The policy at my current employer is all passwords should be strong and unique, but you are not allowed to use a password manager. Why? Because if someone installs a key-logger on your PC and gets the credentials for the password manager, they will have access to all your passwords. WTF? I think this attitude is moronic. I am not capable of remembering hundreds of unique, strong passwords. Using patterns is predictable, so that is also a fail.

I have seen the way some of my colleagues (past and present) deal with passwords and it is farcical.

  • One password to rule them all.
  • Kept in a text/word document on the desktop.
  • Kept in a text/word document on a network drive.
  • Kept on a piece of paper in their desk draw, that is never locked.
  • Freely shared amongst colleagues, so they can “test something using my account”.

For someone to step in and say we can’t use a tool that generates random, strong, completely unpredictable passwords and stores them in an encrypted format makes my blood boil.

Flippin’ morons!

Cheers

Tim…

Learn it or don’t. The choice is yours.

glasses-272399_1280-smallTechnology is scary for a lot of people, but the biggest problem I see out there is denial (It’s not just a river in Africa! :) ).

Newbies

For people who are new to technology, the biggest problem I see is they refuse to actually read what is on the screen. I’m not talking about those stupid End User License Agreement (EULA) screens that nobody reads. I’m talking about basic instructions. If a screen says,

“Enter your username and password, then click the Login button.”

I don’t think that should be a taxing problem for anyone, but for the less computer literate, if something doesn’t go *exactly* as they expect, they go into total melt down. People just have to take a deep breath and read what is in front of them.

Techies

The situation is not always much different for many techies when they are faced with learning new skills. All those lessons you learned in your core skill-set seem to go out of the window. Things like:

  • Read the manuals.
  • Check the log files.
  • Check the vendor support website.
  • Google it.
  • Raise a support call.

Instead, people throw their toys out of the pram and decide the product/feature is rubbish and give up.

This is exactly what happened to me when I started playing with the Multitenant option. I was in total denial for ages. When I finally made the decision to sit down and figure it out it wasn’t so bad. It was just different to what I was used to.

Learning is not a spectator sport!

(Shameless use of the title of Connor McDonald’s blog, which is in itself credited to D. Blocher.)

Learning stuff is all about time. The optimizer fairy didn’t visit Jonathan Lewis one day and tell him “the secret”. If you don’t spend the time, or you give up at the first hurdle, you are never going to get anywhere. You will probably start to make excuses. I’m too old. It’s too complicated. I’ve always been rubbish at learning new stuff. I don’t have time. My company doesn’t support me. We won’t use it for another 3 years, so I’ll leave it until later. The list is endless.

Next time you are sitting in front of the TV watching some trash, ask yourself what those “smart kids” are doing at the moment?

I don’t care what you do with your life. Your choices are no more or less valid than mine. Just don’t fool yourself. Be honest. If you wanted to learn it you would. The fact you haven’t means you really can’t be bothered. :)

Cheers

Tim…

OTN Tour of Latin America 2015 (Southern Leg)

ace-directorI put out a brief video a few days ago (re-uploaded today to fix typos) about my participation in the OTN Tour of Latin America (2015). I’ll be on the southern leg this year. Sorry to those countries who make up the northern leg. I will be back soon I hope.

Anyway, the southern leg of the tour shapes up like this.

  • 3/4 August Uruguay UYOUG
  • 5/6 August Argentina AROUG
  • 8 August Brazil GUOB
  • 10 August Chile CLOUG
  • 12 August Peru PEOUG

I’m looking forward to seeing everyone. See you soon!

After the Peru leg, the wife and I will be going off to see Machu Picchu.

Cheers

Tim…

APEX 5.0.1 : We’re all patched up!

apexAPEX 5.0.1 was released about a week ago. I started to patch some stuff straight away. We were already on APEX 5.0 across the board, so we didn’t need to do any full installations, just patches.

During the patching I noticed we were getting some issues with supposed misconfiguration of static files. After clearing my browser cache, the message went away, so I tweeted this.

“Regarding APEX 5.0.1 patch. Clear your browser cache, or you may get that static files message, even though config is correct. :) #orclapex”

Practically before I hit return, Patrick Wolf came back with this.

“@oraclebase Thanks for letting us know. I have filed bug# 21463521 and fixed it for 5.0.2″

We’re a week on now and all our APEX installations are happily running 5.0.1. We had no issues with the upgrades and no problems with the apps.

We are small fry where APEX is concerned, so don’t take this as the green light to upgrade everything yourself. I’m just saying we had no problems with it, which is pretty cool. If APEX is a strategic environment for you, you will probably need to do a lot more testing than us. :)

Cheers

Tim…

WordPress 4.2.3 : Hurry up and … let it fix itself…

WordPress 4.2.3wordpress has been released.

It contains fixes for some pretty nasty stuff. Usually, the updates have to be manually triggered for a day or so before the auto-update feature picks them up. I was on the blog this morning and there were no “manually triggered auto-updates” available, so it looks like this one has been pushed straight out, which probably makes sense.

By the time you’ve read this you are probably up to date already, but if not, get on your blog and give it a nudge. :)

You can see the changelog here.

Cheers

Tim…

Emergency Monitoring, Real-Time ADDM, Compare Period ADDM, and Active Session History (ASH) Analytics

My recent dalliance with YouTube (141 subscribers and growing! :) ) has left the blog feeling a little bit unloved of late, but then why write when you can waffle in the car? :)

Anyway, the 12c learning train keeps on rolling. I’ve recently put the following articles live.

These are all listed as 12c new features in the 1Z0-060 “Upgrade to Oracle Database 12c” OCP upgrade exam, which I find a bit odd. Two of them are EM12c features, not database features. The other two are existing EM12c features that are now available directly from the database, but I can’t see myself ever using them on the server when it is much easier to do it from Cloud Control. Whatever! :)

Getting close to the end of the OCP syllabus now… I’ll soon have to consider sitting the exam…

Cheers

Tim…

Oracle OpenWorld Rejections : #TeamRejectedByOracleOpenWorld

Once again it is Oracle OpenWorld paper rejection season. :)

Invariably, us conference types start to have a bit of a moan about being rejected, hence my little jibe #TeamRejectedByOracleOpenWorld. In case people lost sight of this being a joke, here was one of my tweets on the subject.

“Setting up a helpline for #TeamRejectedByOracleOpenWorld to deal with all us people who can’t cope with not being heard for 5 mins. :)”

The reaction to these tweets is quite interesting, because some in the community are stunned by the people getting rejected. In reality it shouldn’t be a surprise to anyone. Jonathan Lewis summed the situation up nicely with the following tweet.

“You’re confusing OOW with a user group event. Different organisations, reasons, and balance”

If I’m honest, presenting is not high on my list of desires where OpenWorld is concerned. There is too much to do anyway, without having to worry about preparing for talks. If someone asks me to get involved in a panel session, RAC Attack or some similar thing I’m happy to help out, but if I do none of the above, I will still be rushed off my feet for a week.

The Oracle ACE program is allocated a few slots each year. Some people need to present or their company won’t allow them to attend. Others want the “profile” associated with presenting at OpenWorld. Neither of these things affect me, so I typically don’t submit for the ACE slots. I would rather see them go to someone who really does want them. I get plenty of opportunities to speak. :)

If you really want to speak at conferences, your focus should be on user group events. Getting to speak at something like OOW can be a nice treat for some people, but it probably shouldn’t be your goal. :)

Cheers

Tim…

YouTube : Rags to Riches in 1 Week?

youtubeIf you’ve followed me on Twitter you will have seen me posting links to videos on my YouTube channel. You can see me talking about starting the channel in the first video.

One week and 5 videos in and I’ve just hit 50 subscribers. Watch out PewDiePie!

One thing I didn’t mention in that video was my hopes/expectations as far as subscribers are concerned. As I said in one of my writing tips posts, Oracle is a niche subject on the internet. If you put out some half-decent content on a YouTube gaming or fitness channel, you would probably expect to get a few thousand subscribers fairly quickly. That’s not the case for an Oracle channel. Before I started this YouTube channel I did a little research and the biggest Oracle-related channel I could find was about 30,000 subscribers and that was Oracle’s main YouTube channel. After that some were knocking around 1000-4000 subscribers. Below that were a bunch of channels that were pulling double or triple figures of subscribers. Starting an Oracle-related channel is *not* a good idea if your master plan is to dominate YouTube! :)

OK. With that bullshit out of the way, how have I found my first week?

  • Making YouTube videos is hard! It takes a long time. I’m estimating about 1 hour of effort per minute of footage. The first 3 minute video took 3 days, but that included learning the technology and getting to grips with editing. Hopefully I’ll get a bit slicker as time goes on. :)
  • Doing the vocal for a video is a nightmare. After a certain number of retakes your voice ends up sounding so flat you start to wonder if you are going to send people to sleep. I listen back to my voice on some of the videos and it makes me cringe. It’s monotone and devoid of personality (insert insult of your choice here). As I get better at the recording thing, I’m hoping the number of retakes will reduce and my vocal will sounds less like I’m bored shitless. :)
  • I love the fact I can do “quick” hit-and-run videos and not feel guilty about not including every detail. I’m putting links back to my articles, which contain more detail and most importantly links back to the documentation, so I’m happy that these videos are like little tasters.
  • I’m being a bit guarded about the comments section at the moment. When I look at other channels, their comments are full of spam and haters. I can’t be bothered with that. I’ll see how my attitude to comments develops over time.
  • I’m hoping to do some beginner series for a few areas, which I will build into playlists. This probably won’t be of much interest to regular followers of the blog and website, but it will come in handy for me personally when I’m trying to help people get started, or re-skilled into Oracle. I might be doing some of that at work, hence my interest. :)
  • I’ve tried to release a burst of videos to get the thing rolling, but I don’t know how often I will be able to upload in future. Where Oracle is concerned, the website is my main priority. Then the blog. Then the conference thing. Then YouTube. The day job and general life have to fit in around that somewhere too. This is always going to be a labour of love, not a money spinner, so I have to be realistic about what I can achieve.

So there it is. One week down. Five videos. Four cameos by other members of the Oracle community. Superstardom and wealth beyond my wildest dreams are just around the corner… Not!

Cheers

Tim…

Note to self: Why is this a blog post, not another video? :(

VirtualBox 5.0

virtualboxOracle VirtualBox 5.0 has been released. You can see the Oracle Virtualization Blog announcement here, which includes a link to the official announcement.

Downloads and changelog in the normal places.

I’m downloading… Now!

Cheers

Tim…

Update: Up and running on my Windows 7 PC at work. Will have to wait until tonight to do it on the Mac and Linux boxes at home… :)

Update 2: Running fine on Mac too. :)