It is business as usual: we all have to give a publisher our credit card information so that we can buy apps, subscriptions, etc. One would think Microsoft would make it easier for every customer to give them money, but that is not so.
My main credit card, the one used for online purchases, expired yesterday so obviously it was time to update it so that I could continue buying apps for my smartphone.
So I go to windowsphone.com and see the following:
So far so good. I click "Edit payment info" and get this:
Bummer Microsoft, something wrong with your systems uh? By the way, "contact customer support" is just an helpful suggestion. It could be hyperlinked to a page with a real phone number to contact support. But not, it is not. The "Contact Us" at the bottom leads to a page suggesting I contact my operator or OEM. Very unhelpful because neither has control over YOUR billing.
So I click "View billing info" which instead takes to me a page https://commerce.microsoft.com/PaymentHub/PaymentInstrument which seems to work:
That's my new credit card there. But it wasn't easy to get it there, because that page doesn't have any "Add payment option" link. I suspect it would be in the other page appropriately named "Edit payment info" that already spat out the dummy on me before.
The way I got that credit card there was by using the Windows Phone 8 Wallet app. It worked, but in a cumbersome way. It should work on the "Edit payment info" page but it didn't. I had to enter a new card in the Wallet app and check the box "Set up card for app and music purchases". Lucky there is an app for that, right?
Note though that unless you check the box to make the new card a payment option for your app purchases, it will not be stored anywhere else but on your phone. If you check the box to make the card a payment option for app purchases you are actually redirected to a page outside the app (no way to see the URL but I suspect linked to the Windows account) to add the card information. In effect it seems you are adding the card to the Microsoft account payment info and this is then downloaded to the phone. Works for me but. . .
When I started entering my data I was thinking "cool, I can enter the information here and once it syncs to the cloud I can restore the data in case this phone needs to be reset or if I get a new Windows Phone". The sync in this case exists only one way - from your Microsoft account to the phone. This means updates you make inside the Windows Phone Wallet to an existing credit card doesn't reflect on the Microsoft account - I tried, when my card expired and actually was told by the app to first delete the card online then go back to the app.
No problem, I hear you saying, just enter the data directly in your Microsoft account and it will flow to the phone. Except that as we saw before, one page brings an error and the other doesn't even have an option to add payment options. This means If I want a backup option then the way to go is setting up on the phone itself while having all credit cards set as "App purchase" options, which is not ideal.
Anyway, the card is loaded. I wonder if this was a problem with my account only and how it would have worked if I didn't have the Wallet app (like Windows Phone 7 users for example).
In the next post I will comment on the Windows Phone Wallet app itself and how it works (or it was supposed to).
Found a problem with Office Hub (it seems it doesn't like SkyDrive accounts with 2,200 folders and 30,000 files) which is not a big deal since the standalone SkyDrive app deals with this very nicely.
Some things seem "incomplete" (as mentioned the Windows Phone Desktop app) such as the SMS backup - all good but can I access my SMS from the web please?
Good to see all apps I had on my Windows Phone 7 Nokia Lumia 800 work on this Windows Phone 8 Nokia Lumia 920.
Had a couple of Skype experiences and it worked well. Used Bluetooth to play music with a Samsung Wireless Audio system and a Philips Fidelio clock with no problems - hey Bluetooth seems to work fine!
I read around the web people complaining about their new Nokia Lumia 920 battery life. I have no complains about it. Actually this one was last charged around 14 hours ago and with light use (a little Bluetooth, WiFi updates) it is at 50% now.
Here is what I've done to manage the device's power consumption:
- Push email: I have it off all the time. I use Office 365 and could have push email active but because I receive a high number of emails every day I rather not have the phone constantly updating the Inbox. I manually update these.
- Hotmail update: change the default to daily if you use the Windows Live account only for managing the device, or for something suitable to the volume you receive. There's no manual option here.
- Bluetooth and WiFi off: if you are not connected to a Bluetooth or WiFi access point, having these on is just a waste of battery.
- WiFi search: uncheck [Notify me when new networks are found], [Automatically connect to WiFi hotspots] and [Send information about WiFi connections to help discover nearby WiFi].
- Turn WiFi and Bluetooth on/off quickly: download an app such as Shortcut Tilesand use it to pin a tile to the home screen that allows you to quickly toggle WiFi, Bluetooth and other settings.
- Lock screen timeout: I have mine set to one minute.
- Lock screen background: I use a static photo. Do not use the Bing, CNN, Facebook services as that might initiate data traffic.
- Tap+send: I don't use NFC so this is off. You can obviously create lots of automated tasks with NFC but unless you have tags and actively use them, turn this off.
- Location: if you don't use maps, turn this off. If you do, leave it. Mine is on.
- Backup: I have [app list+settings] on, the rest off. I don't mind if I lose my text messages and my photos are manually copied if I want them - uploading every photo taken to SkyDrive is a sure way to use the battery and mobile data.
- Brightness: I set to medium, no automatic brightness.
- Find my phone: I leave this set. You could save a bit more battery by turning this off but can't manage the phone remotely.
- Background tasks: I turned all off.
- Music+Videos: unless you use Xbox Music, turn [Connect with Xbox Music] and [Xbox Music cloud collection]
- Photos+Camera: [SkyDrive auto upload] off
- Internet Explorer: turn [Use SmartScreen filter] and [Send a Do Not Track request to websites] off.
- Messaging: turn off the Facebook messaging option and if you don't use Messenger turn your status to Offline.
- A large number of apps have automatic updates implemented. Turn these off. For example the Currency app by xe.net updates currency exchange values every 10 minutes by default. If you have weather apps that shows current weather for your location in a tile you might want to replace this with just looking outside the window.
- Switch radio to best service in your area. Every phone has a Maintenance menu. If you are using a mobile operator that offers 100% 3G service (Telecom NZ for example), having the radio searching for 2G service is a waste of battery. You can open the Maintenance menu and set the radio to use WCDMA only.
- Caution is needed here. If you go overseas not all operators are 100% 3G and if you don't turn this back to default you may not roam in all areas. If you try to use the phone in an operator with older 2G and newer 3G mix (Vodafone and 2degrees for example) then you will have limited coverage in some areas because their 2G/3G services have different coverage areas. If you need to place an emergency call while outside your operator area and only 2G is available then you won't be able to do it. PROCEED WITH CAUTION.
Someone found out The Warehouse is importing South African-made Nespresso-compatible capsules, so I decided to stop by and compare.
TL;DR? Half price, but you can taste the difference. Read more in the Geekzone discussion with more pictures.
Not the first time I post a comment here on this blog or Twitter and someone comment with a "You have a large audience and shouldn't be spreading ideas such as this" or "You have a position of influence so you shouldn't post this".
This mainly happens when the person posting the reply doesn't agree with the idea I have just posted or have a business interest that conflicts with the idea.
The way I see those comments they are something like "I don't like what you are saying and because you have a large audience that could believe you I rather you not posted it online".
Think about it for a second. My audience or my position of influence is not an automatic gag order if one disagrees with me.
The last example came after I posted a tweet:
Found application performance monitoring app. Requires Java. *NOT in my server*- Mauricio Freitas (@freitasm) November 18, 2012
In my ops world I follow a good rule: less is better. If I have the option of running something without having to add more to my stack on the server, I will. If I have to add anything to the server, it needs to be really good to justify a spot in the box. And in my books there's nothing great (at the moment) that would make me install JRE on my servers.
So I got a reply:
@freitasm It's your right not to run Java if you wish. But you have a position of authority and IMO should be engaged in spreading FUD.- Paul LeBeau (@paullebeau) November 19, 2012
I guess Paul wanted to say "shouldn't be engaged". But you get the point.
Another impulse blog post. Today I lost all hope for New Zealand ISPs.
Either they have performance problems, billing problems, customer services problems or something else that will make customers' lives a pain. The lack of peering, low caps, high prices, long delays to launch new services and plans, high number of customers sharing a small bandwidth pool make me sick.
Vodafone New Zealand has released new prices for mobile data roaming. It's a good step, but in my opinion it's still too expensive. The best alternative in terms of cost is always to get a local SIM card.
One of the thing in the press release though was an infographic, saying that 100 MB is good for about 400 web pages. This would be an average of 250 Kbytes per page.
The problem is that 250 Kbytes per web page is not a realistic number. Just have a look at the HTTP Archive, run by Steve Souders: the average web page size is actually 1.239 MB, about 4.95 times the number quoted in the infographic.
I looked around: Vodafone's own homepage is four times that at 1.1 MB. The NZ Herald frontpage is 1.6 MB.
The survey was conducted with Flight Centre agents who travel abroad. Their own home website is 1.3 MB.
Surely numbers sent out in an infographic should be a bit more realistic?
UPDATE: Here is Vodafone's comment on this:
As I'm sure you will be aware, the size of a webpage not only depends on the page itself but also the device you are using to access that page. For example, if viewing a media rich webpage on a laptop it will be larger than if you were browsing it on a mobile phone. I suspect that the webpages you reference in your blog were viewed from your laptop or desktop.
The stats we used in the Data Angel infographic were constructed using average values as outlined in the TCF International Mobile Roaming Guide which you can view here http://www.tcf.org.nz/library/e836af40-54d2-4f0e-9098-a69d93305282.cmr
This graphic is based on estimates, as we clearly stated in the graphic itself: "Data usage varies by device. The above examples are based on averages and are estimates only."
HP is calling IT pros interested in discuss, plan and help build the future of our world, technology and businesses. The Enterprise 20/20 initiative centers on an e-book describing the transformative changes occurring in enterprise technology.
The free e-books are available in PDF and iBook formats, released one a month, leading up to HP Discover EMEA 2012 in Frankfurt:
- Introduction (available now): To imagine the future of the enterprise, we need to understand the forces that are transforming our world and the technological innovations that are shaping the future. In what new and unexpected ways will technology work for us?
- CIO 20/20 (available now): Enterprise IT is at a crossroads. This chapter will debate the underlying trends that will affect enterprise IT in the coming eight years and their implications for the CIO.
- Dev Center 20/20 (available now): If today the typical application "supply chain" involves the business, the delivery teams and operations, what will the supply chain of 2020 look like? How will organizations keep up with the insatiable demand for better apps and features?
- Marketing 20/20 (available October 2012): Marketers have more clout than ever, and with that comes new levels of accountability. As such, they are investing in a full spectrum of technologies that can help marketing become more data-driven, measuring every aspect of their function.
- IT Operations 20/20 (available November 2012): Data centers are all going away. Magically, all your IT needs will be taken care of by third-party providers. All of this and more is coming with the data center of the future; at least this is what some people would have you believe.
- Employee 20/20 (available December 2012): The same trends that are shaping the future of business are changing what it means to be an employee of the enterprise. This chapter will examine the future of employment, including acquiring and retaining talent and performance management.
After reading the e-books you can participate in ongoing discussions around each topic by registering at the Enterprise 20/20 Discussion Hub.
If you're in the USA you can also enter the competition to win US$ 5,000 cash and a trip to HP Discover Las Vegas 2013.
Join David Scott, GM of HP Storage and Chris Evans, Storage Consultant/Industry Blogger, for a conversation on the systemic gaps left by legacy storage.
Hosted by HP Storage Blogger Calvin Zito (@HPStorageGuy), this webcast will cover:
- The evolution of storage
- Problems plaguing storage solutions today and in the future
I will be attending (look for Mauricio Freitas). We will also start some discussions on Geekzone IT Pro sub-forum in the weeks leading to the HP Discover EMEA with some great insights and prizes.
Just finished reading a blog post that shows, once again, that people should use their ISP DNS for better performance when it comes to distributed content.
In New Zealand this is even more important because using a local CDN cache gives broadband users a huge advantage instead of fetching resources overseas through a long undersea cable.
There's a dynamic table where you can check the performance loss/gain depending on which CDN you're targeting. Here is one for Australia:
This table shows how much slower a download will be, based on where the CDN is resolved to.
A positive percentage means performance is worse, negative means performance is better. The first one is Google DNS, the second is OpenDNS.
You see now that using those DNS in Australia (and New Zealand, but unfortunately there's no data in the table for our little country) can make things really bad.
Using your ISP DNS will point to the local cache. Using other DNS will instead point to somewhere else in the world.
Just last week we found out someone is bringing big guns to a fight, as Stuff told us Neil Graham was starting an online marketplace business to compete with the one and only Trade Me.
The new web site, called Wheedle wasn't ready for prime time yet when it was first mentioned online and after a few hours of hiccups it was taken offline until its official launch date, 1st October 2012.
In the brief moments the site was up (and down) Geekzone members started reporting some of the bugs around the site (and here as well). The discussion listed simple things such as listings showing completely unrelated images, to a bit more disturbing problem: pages showing someone else's user names and information.
It is great to see since then the mixed up identities problem seems to have been fixed, but other things popped up.
Right now I can imagine some Trade Me folks talking around a whiteboard:
- Tech Guy: We have a problem with Wheedle.
- Non-Tech Manager: Sure, it's a worthy competitor, backed by someone with deep pockets to go for the long run.
- Tech Guy: Not that, but. . . They store their password in plain text, instead of encrypting it before storing in the database.
- Non-Tech Manager: How do you know this?
- Tech Guy: I registered there and just clicked the "Forgot my password". The email came with my password instead of link to reset it. It tells me the password is stored in plain-text.
- Non-Tech Manager: So? That's their problem. If someone finds a vulnerability and manage to download database contents from their server it's their breach of privacy, not ours.
- Tech Guy: Sure. But reports tells us a good number of people reuse the username and passwords in more than one site.
- Non-Tech Manager: Are you saying if someone used their same Trade Me email or username and password to register on Wheedle then a bad guy in [insert country with lots of bad guys here] could try those on Trade Me and in some cases actually gain access to accounts?
- Tech Guy: Hmmmm, yes.
- Non-Tech Manager: Holy shit, Batman!
We can use another scenario: there is something for sale on Trade Me, and armed with a third party list of valid emails addresses for the buyer a scammer could send out an email pretending to be the seller on Trade Me, saying something like "the item didn't sell, I can offer to you very cheap" and then get the unsuspecting buyer to deposit the payment into someone else's account for laundering.
You might say no one would fall for that. Think again. People fall for simple scams all the time.
I don't know what security they have implemented server-side, but sanitizing input data on the client side is no way to go on life:
If this is done on the client side only, then anyone with interest could easily craft a local page to bypass this weak strategy and send something malicious to the server, potentially gaining access to information stored there through SQL Injections.
The question that popped in my mind was "how long before Trade Me" forces people logging into their site to change their passwords?". Simply put, any third party vulnerability can affect Trade Me as an unintended consequence.
What can you do?
- If you are planning to register on any other site make sure you use a different email address, user name and password.
- If you already registered on any other site then go there now and change your email address and password.
Just do one of those two things and you will be a lot safer.
And for those on Twitter who said we shouldn't be criticising newcomers. I'm happy to support a new online marketplace in New Zealand but security should be part of design since Day 0. I hope this is something for them to consider, and good luck the days ahead.