It’s November 2020. The election is over (or over-adjacent), Washington State is heading back into COVID-19 lockdown, and on top of all the practical realities that this will entail for me and my family (from childcare and educational uncertainties to our canceled Thanksgiving plans), my mind is being pulled in a hundred directions at once; from the concerning (rural hospital capacity strains under the second or third pandemic wave), to the cautiously optimistic (two very promising vaccines using a brand new clinical mechanism in biotechnology – synthetic messenger RNA!), to the unabashedly delightful (what’s new on streaming?). For this post, I’ll focus on the last one, in the form of a Christmas musical that has already been watched twice in my house, called Jingle Jangle: A Christmas Journey. And honestly, you could do worse than pulling up one of its John Legend-penned showstoppers to listen along as you read this blogpost, because that’s the sort of artful distraction we can all sorely use right now, and I promise I’ll tie it all back together to technology by the end.
Windows 10 Sun Valley updates
In the latest episode of Petri.com’s Enterprise Dish, Brad and Aaron went on a substantial tangent at the start of the episode talking about the potential upcoming Windows 10 UI refresh, codenamed Sun Valley, which may be dropping in the second half of 2021 (perhaps bypassing an H1 release entirely). Among these UI changes include updates to the Start Menu and Action Center, the latter being a component of Windows that I pay very little attention to as a general rule. This is because I’ve set up my digital life such that anything that demands my immediate attention comes in via my phone, leaving my PC free for whatever primary purpose I’m using it for at that moment, whether that’s my work – which utilizes tickets and email inboxes and other components that don’t really require OS-level notifications – or entertainment, creativity, or video games. This was largely the case for me even in the pre-COVID era, and has only been compounded by the fact that the broadest categories of such notifications – “Leave your office now, to go do the thing, at the place!” – effectively no longer exist. Leaving only two categories of distraction to deal with: the bothersome ones that are largely out of my hands, and the casual ones that I seek out as a means of passing the time.
The Jingle Jangle tech tie-in
I told you I would tie the movie back into the tech, and here it comes. Jingle Jangle was a welcome distraction (seriously folks, you’ve gotta see how well Forest Whittaker can sing, even if he’s in a duet with a much more experienced Disney princess), but it also had a thing or two to say about both gadget release cycles and user interface design. As the two dueling toymakers are designing their various fantastical creations, the film uses a visual storytelling device that somehow merges its turn-of-the-20th-century Hugo steampunk aesthetic with an immersive, holographic, hand-manipulated UI straight out of Minority Report (or Iron Man, if you like), which seemingly acts as an on-screen visual representation of the characters’ imagination and creativity as they tinker with their various gadgets and occasionally soar into the air like Peter Pan. Now there’s a design methodology I can get behind. Wave your hands amid some free-floating, neon-glowing words and formulas, and conquer gravity. I couldn’t let this whimsical UI depiction pass without noting something that isn’t particularly well-known outside of the enterprise augmented reality (AR) space – this sort of UI is a real thing now! Check out the fascinating new case study from Nick David at ARInsider on the Toyota Motor Corporation’s expansive use of Windows Mixed Reality (WMR), specifically the Microsoft HoloLens2 headset. Toyota has been using the headsets for training, design, manufacturing, and service in the field, and many of its applications (such as this fluid dynamics POC) look like they’re straight out of Hollywood. And as every car company prepares to shift away from fossil fuels and toward all-electric vehicles, being able to quickly iterate and service these devices using the latest technology will become more important than ever. Seriously, give it a read – I had no idea AR was being used so expansively already, and this is some impressive stuff. If you need one last Jingle Jangle track to listen to as you read up on practical real-world magic, check out Keegan Michael-Key doing his very best Harold Hill.
Rented laptops and the security vulnerability they create
Concluding the episode, Brad and Aaron tackled a user question from a listener/company that rents out specialized environmental sensors along with ruggedized Panasonic Toughbook laptops containing all of the specialized software needed to run them properly, configured with generic local user accounts to run that software. Our two illustrious hosts could barely conceal their shock at an equipment provider renting out Windows 10 PCs without reimaging them in-between (and yeah, my security brain was definitely cringing a bit as I heard that). If I may say so, I am 100% in agreement with what Aaron had to say here: reimage them every time. Yes, with SmartDeploy, we really are an excellent fit for this specific scenario, and I invite this reader to shoot us an email so I can explain exactly how. Because preserving a specific local account configuration just one minor benefit of reimaging these devices for every customer, even if it’s the one that you’re chasing most urgently at the moment. I will speculate (as charitably as possible) here and say that this company, whoever they are, probably had a “roadshow” type of equipment rental model in mind initially. Ship out a Pelican case with the gear the customer needs, and PCs to run that gear. The customer unpacks and sets up, the gear performs a specialized function (likely only ever acting as a conduit for customer data rather than a permanent repository), and the customer in the field may never be installing software or even have the appropriate user rights to do so. Then they pack it up and ship it back to you when the job is done. On the surface, this seems fine, but it creates exposure on both security and stability.
The security exposure in such a field will likely vary depending on what it’s being used for – as Aaron noted, the Toughbook is often a device of choice for law enforcement, but in my career I’ve also seen them used in construction, real estate, agriculture, and resource extraction (mining, oil/gas, etc.), as well as various uses within the government and military. There are plenty of threat actors who might wish to perform very specific tasks upon specialized equipment, and these are just the sort of machines they would target. Even as a starting point, a roadshow model is really only semi-secure if the gear is always kept under lock and key, and the only people handling it are your employees, which are both dicey propositions in practice. But I would also argue against this model for stability reasons. People using equipment in the field are often not IT personnel, and anyone can make mistakes or accidental misconfigurations. And when those people are your customers, they’re bound to be a bit less patient than your employees would be when calling the IT helpdesk to help fix the problem. The show must go on, and that is doubly true for the more infrastructure-critical applications that this company presumably performs with this sort of gear. So the lesson here, as ever, is don’t take unnecessary chances. Keep a known-good image on hand at all times, and only ship your gear to customers after you’ve applied it.
That’s all for November. We’ll get through this, folks. I wish you all a happy and safe holiday, and if there’s one message you should take home to your (hopefully size-limited) holiday plans, it’s…watch Jingle Jangle.