Global Nerdy

In an earlier article, I wrote that Yahoo CEO Marissa Meyer doesn’t lock her phone with a passcode. She’s breaking a cardinal rule of corporate smartphone IT, and she’s not alone. I’ve talked to a number of executives during consulting sessions, asked for shows of hands at speaking gigs, and simply asked people at meetings over drinks if they lock their phones with passcodes, and a lot of them simply don’t. Even those who use passcodes often go with terribly simple, easy-to-guess ones like this one from Spaceballs:

The story has stayed pretty much the same over the past couple of years, according to various surveys:

• Over half the respondents to a 2011 survey by Confident Technologies said that they don’t use passcodes to lock their mobile devices.
• In a 2012 survey conducted by ESET and Harris Interactive, 66% of the smartphone users and 90% of the tablet users who responded did not lock their devices with a passcode.
• 36% of the respondents to a 2013 global study conducted by McAfee and One Poll said they lock their mobile devices with a passcode.

It’s the classic trade-off of security vs. convenience, or as Meyer puts it: “I just can’t do this passcode thing 15 times a day.” It’s annoying, and a lot of people see security measures as just another way that the IT department’s role is to obstruct anyone from getting anything done with technology, as shown in this Dilbert comic from 2007:

A number of people store their passwords in the “Notes” app on their mobile device, but the number source of information leakage is the smartphone’s killer app for execs: email. You can find out a lot about a company through an employee’s email, and the high-ranking the employee, the more valuable the email is. A number of companies — some you’d never expect — hinge all their planning on a handful of spreadsheets that get emailed around between a small group of high-ranking people; I’m aware of at least one Fortune 50 company with a division whose finances hang from a single emailed-about spreadsheet (which often goes “out of sync” because different people often edit it at roughly the same time). Email, accessed through a stolen phone, can prove to be the keys to the kingdom.

Someone from Yahoo’s IT department probably had the unenviable task of trying to suggest to Meyer that she lock her phone with a passcode. Perhaps s/he even cited the relevant line in Yahoo’s IT policy. I’m gld I’m not that person.

It sounds as though Yahoo’s IT department will breathe a little easier once she gets an iPhone 5S, which sports a fingerprint reader in its Home button. Like any other authentication system, it isn’t perfect. The “gummi bear hack” of 2002, in which fingerprint sensors were fooled by fingerprints embedded in gelatin in a reasonably well-known trick that’s been effective at countering previous generations of fingerprint readers. There are conflicting reports on whether or not it would fool Apple’s sensor, which was designed by AuthenTec, one of Apple’s 2012 acquisitions. At this point, flawed or not, I’m sure that Yahoo IT are counting the days until Meyer gets her new phone.

One of the realities of office life is that the “C-suite” and any other employees with a certain rank or “pull” at the company will be exempt from the rules that apply to the rest of us mere mortals. When these exceptions concern IT security, the best you can hope for is to limit the consequences of a security breach and make sure your ass is covered. Here are my suggestions, culled from actual practice at real companies where I’ve either pitched or done some mobile device consulting, if you’re dealing with an exec who refuses to use a passcode to lock their smartphone or tablet:

1. Try to sell the executive on doing the right thing and using a passcode. This is a little easier if there’s at least another person at the same level who does, a little more difficult if everyone’s ignoring the rules. You can attempt to cite things such as the recent ZDNet/Cisco/BT survey, in which they report that one-third of the organizations who responded have already experienced a security breach as the result of the loss or compromise of an unmanaged, unprotected, unsanctioned device.
2. If they refuse to use a passcode, be sure to enable mobile device management (MDM) on their device and get remote wipe capability. You want these whether or not the executive uses a passcode, but when they’re going around with unprotected devices, the “nuclear option” of remote wipe is your only line of defense should the phone get lost or stolen. Since many people’s mobile phones are also their primary cameras, and since many people also use them as photo albums for pictures that they somehow fail to back up, you may want to look into “containerization” or “selective wipe capability”. The last thing you want to be is the object of an executive’s wrath because you wiped out the only photos of his first child’s first steps. An effective way to “sell” remote wipe capability is to just say it’s part of MDM, which will allow you to configure their email/calendar/contacts access, sparing them from having to do that.
3. Try to get them to sign a waiver saying that they were advised of the risks and take full responsibility for the consequences. I’ve seen companies do this not just for execs who refuse to use passcodes to lock their mobile devices, but also for execs who use devices that IT is not ready to support or secure, such as the iPad in its earliest days.

Phonebloks: A Concept for a Modular Smartphone

What if phones could be assembled out of detachable blocks held together by a base, like Lego? That’s the idea behind Phonebloks, Dave Hakkens’ concept and social media campaign for a modular phone that would allow users to customize their phone using the components they want. In order to turn this dream into a reality, Hakkens is rallying people to lend their social media reach by the end of October in order to convince hardware and software vendors to get behind the Phonebloks concept. As of this writing, he’s reached over 147,000 of the 150,000 supporters he’s seeking, and he’s still got over a month left!

i don’t know which hardware vendors will buy into the idea, but I think it’s an opportunity for Ubuntu Touch to shine.

Marissa Meyer has the Tech Industry’s “Must-Steal” Phone

Yahoo CEO Marissa Meyer doesn’t lock her phone with a passcode, and to make matters worse, everybody knows it now. At the TechCrunch Disrupt conference, she said “I can’t do this passcode thing 15 times a day.” I’ve heard similar from other “C-suite” people, whose rank often gets them exempted from IT rules that the rest of us mere mortals must follow. Unfortunately, these are the people who get the most sensitive email, from simple messages to spreadsheets with sensitive financial information and presentations outlining confidential plans and initiatives, and an unlocked phone is the gateway to all those goodies. As Tom Cochran, CTO of Atlantic Media (which owns the site Quartz) puts it, the leak of information through a smartphone is like a car accident: it may be low probability, but the cost is high enough to merit protection, whether it’s a seatbelt or a passcode.

The iPhone 5S’s thumbprint scanner is Meyer’s favourite new feature, and Yahoo’s IT department will probably breathe a sigh of relief when she gets hers.

iPhone 5C and 5S

Speaking of the iPhone 5S, here’s yesterday’s keynote featuring both it and its cheaper sibling, the iPhone 5C:

If you haven’t got time to watch the whole keynote, here’s The Verge’s “Under 4 Minutes” summary of the keynote:

And with these announcements, came the jokes:

This article also appears in The Adventures of Accordion Guy in the 21st Century.

This article also appears in The Adventures of Accordion Guy in the 21st Century.

Justin Kozuch is one of the better-known people in Toronto’s startup/indie tech scene, and he comes by his notoriety honestly. As a digital marketer par excellence, he’s worked on a number of notable projects, including:

• Hailo, the smartphone app that connects taxis with people who need them, quickly and conveniently. Justin was their social media marketer and community manager, growing the brand from a virtual unknown to one of the go-to apps for Torontonians on the go.
• Pixel to Product, a Canada-wide research project of his own creation that covered the country’s digital media industry. He won the Mesh Prize to fund the project, and its output was the comprehensive 2011 Canadian Digital Media Economy Report.
• Community management for Radar DDB and OSL Marketing.
• Social Media Week Toronto, where he was the lead events coordinator.
• The TTC’s Customer Liaison Panel, where he gives Toronto’s transit system some much-needed advice on improving their customer service from the angle of technology and social media.

In a just world, Justin wouldn’t be looking for work. But it’s not a perfect world, and looking for work is exactly what he’s doing right now. If you need someone who truly gets digital marketing, social media, and PR, and who comes with my highest recommendations, go talk to Justin! Give him the opportunity, and he’ll take your company to great heights with his social media/marketing/community management savvy.

If you don’t need his services, please help spread the word! Send people to and use the Twitter hashtag #hirejustin:

This article also appears in The Adventures of Accordion Guy in the 21st Century.

Yours Truly before the panel discussion began.

The tech recruiting and placement company Jobspring Partners have been around for a while in several cities in the U.S., but they’re still pretty new in Toronto, having been here for only six months or so. They’ve managed to make their presence felt in that short time, from buying rounds of beer at the monthly Rails Pub Nite gatherings to holding the Toronto chapter of the Tech in Motion meetups. Their most recent Tech in Motion had over a hundred sign-ups, and from the look of it, most of them actually showed up.

My original plan was to simply attend Wednesday’s Tech In Motion, do a little networking, catch up with friends, and watch the panel debate open- vs. closed-source technologies and languages. While cracking open a can of ice-cold Pilsner, Jobspring marketing specialist Rebecca Banks approached me and asked if I would like to stand in one of the panelists who wasn’t able to make it. This is the sort of thing that I was born to do, and from the sound of it, it worked out well:

Dropped a speaker, but picked up the incredible @AccordionGuy! Jeez, talk about a bad situation turned right! pic.twitter.com/ou3QD2QIRv

— Rebecca Banks (@banksr_) September 4, 2013

Kevin Cearns played the role of panel moderator. He’s been in IT for a long time, and currently runs Cand.IO, which provides open source infrastructure and platform services:

My co-panelists were Bitmaker Labs instructor Rob Gilson, who played the role of Ruby/Rails champion:

Representing Team Python was David Wolever, technical cofounder of Akindi and PyCon Canada organizer:

Bruce Johnson, principal consultant at ObjectSharp, and one of my go-to guys when I was at Microsoft, and .NET guy:

My role was to play the bridge, having worked in both the open source world and at Microsoft.

I think it worked out really well, as the panel provided a variety of perspectives, from the t-shirt-and-jeans world of startups to the corporate suit-and-tie life, and everything in-between. Each of us championed our primary language, which was Ruby for Rob, Python for David, C# for Bruce, and at the moment for me is Objective-C. The one language we all agreed on, because it’s downright unavoidable, was JavaScript, in spite of all its quirks. I reminded the audience that Brendan Eich had barely a couple of weeks to throw JavaScript together, and for all the frustration it can bring, I stand in awe at the brilliance at many parts of its design, and how well it’s performs despite being held together with duct tape and bailing wire. I was also only too happy to make sure that Bruce wasn’t alone in waving the Microsoft flag — for all the “tough love” I give the company, they’ve got a lot of good stuff.

Judging from the Twitter feedback, the audience seemed to like us:

#TechInMotion Busy night right there! Some good open source convos and more importantly, some good beer! pic.twitter.com/gkkOeDY5qa

— Remy Samanski (@TechGuyRem) September 4, 2013

Photo by Remy Samanski. Click to see at full size.

Photo by Nitharsen Karunabalasundram. Click to see at full size.

Thanks for the truly awesome discussion panelists and free pizza #techinmotion @JobspringCanada – I learned a lot watching them disagree

— Ryan Weir (@cookingwithrye) September 5, 2013

Went all the way down from Oshawa to Toronto for #TechinMotion talk… Totally worth. Great people, great discussion!!!

— Kyrylo Shegeda (@KyryloShegeda) September 5, 2013

#TechinMotion is holding a very good meet up. Awesome setting on the floor of @JobspringCanada

— GVM Canada (@GVMCanada) September 4, 2013

A sausage party? … And other interesting concepts… #TechinMotion http://t.co/fJuRts8CgD

— Brendon Hawkeswood (@bmhawkeswood) September 4, 2013

That last tweet might seem a little cryptic. I told the audience a condensed version of the “Sausage Party” app, a tale that I will eventually tell on this blog. Let’s just say that it’s the only time I’ve ever been frog-marched into a meeting with a greatly displeased Fortune 50 CTO.

The feedback on the Meetup page for the event was also positive. Shalmaa Sultan wrote:

I think it was really a very good debate. It was like a wrap of the past, the current and the future vision of programming languages. It also gave us a little window on how to plan your career for the future.

That might have been in reference to my advice to the audience to treat their skills portfolio like an investment portfolio. Invest in “sure things” — the skills that you know will make you money, but also invest about 10% in the “longshots” — those technologies that you find interesting but don’t promise an immediate return because they’re still too new or too weird. Once upon a time, JavaScript and mobile development were longshots.

Darryl Marcelline wrote:

…the format was not only interesting, but effective. They abandoned the boring guru/acolyte format.

I admit to a fair bit of cynicism about a recruiter-driven event, but the results were impressive. The sheer contentiousness of the commercial vs. open-source technologies involved forced the speakers to be on their toes, and their responses were much better that what I’m used to seeing at similar events. There was even good-natured conflict and the omnipresent horror of reemergent Javascript technologies, lurking like a zombie in the shadows.

It was a rare learning experience in the Toronto tech meetup scene. This was the highlight of a year of speaker-driven meetups for me.

I glad you liked it, Darryl, and I worked at keeping it from getting boring.

Finally, I have to quote Michael Keara:

It was well worth it for me. Great context info for big questions about technology options. I enjoyed all the speakers but I especially enjoyed Joey DeVilla’s one liners such as “Cobol programmers are so old they don’t even buy green bananas.” Priceless!

I have not yet received any angry emails or tweets from COBOL die-hards, but the day is young…

I’d like to thank the folks at Jobspring for holding the event and for taking a leap of faith and putting me on the panel at the last minute, my co-panelists for being their fantastic selves, and the audience for being so attentive and kind. If you ever need me again to do this sort of thing, just let me know!

This Finnish blog post imagines Microsoft’s acquisition of Nokia as having been started by a “Nigerian 419 scam” style email:

Dear MR NOKIA!

My name is STEPHEN ELOP. I am the son of the former PRESIDENT of MICROSOFT, Mr. BILL GATES III. I am contacting you because a mutual FRIEND suggested you as a person who is trustworthy and reliable.

As you probably know, MICROSOFT’s plans for world domination have recently been foiled by the evil APPLE corporation and their IPHONE invasion of the market. However, we still have the very valuable MS WINDOWS OPERATING SYSTEM in our possession. Unfortunately, we cannot get it out on a SMARTPHONE. This is why I am writing to YOU.

The OPERATING SYSTEM is worth one hundred billion dollars ($100.000.000.000 USD). However, since it is tied to DESKTOP COMPUTERS, we cannot access any of that money. With your help we could transfer the OPERATING SYSTEM on a SMARTPHONE, and then we could share that money in the ration 50% to me, 40% to you and 10% for any expenses.

Read the rest here.

Found via Sandy Kemsley.