No Bars in More Places – AT&T vs. Verizon

With all of this digital nomadity so far, one thing remains constant: the need for internet. And one of the weirdnesses of my day job is that I can’t have my own personal phone and their cell phone plan (wat), which means reimbursement and picking my own plan and all the “fun” of discovering what is best in an area.

AT&T Pros and Cons:
Pro: With the Mofi hotspot and a SIM from an iPad on my unlimited data plan, I haven’t experienced any sort of data caps yet.
Con: But, when the signal is low…. it’s a horror show. Case in point – Mesa, AZ. Yes, one of the largest and newest metropolitan areas in the country, the greater Phoenix region, seemed to have the absolute worst AT&T coverage I’ve seen yet, and that includes driving across the middle of nowhere truckstops.

Verizon Pros and Cons:
Pro: Didn’t need to go to the store at all to get set up. The eSIM in the iPhone 11 Pro Max Super Giga Bonker, or whatever the marketing department came up with, allowed me to almost instantly switch from AT&T to Verizon on my personal plan. And since Andy’s got another AT&T phone, we can have some balance to the force; if one doesn’t have service, the other has to…
Con: HOLY COW EXPENSIVE. Not only do you get a data cap (though how hard that cap is, I haven’t experienced yet), but $100 a month gets you A Single Line with 35 GB of data hotspot.

T-Mobile – An incomplete review:
I had a T-Mobile SIM as a second line in the iPhone, and voice/text only. Can’t go wrong with $20 for a phone line, though. The downfall is when you want them as a backup data plan; again, back up to $70 for a single line with only 10 GB of data through hotspot.

Beats the Alternative – Satellite:
I’ve not been able to get some decent information on the net about this, but Viasat seems to do RV plans, but on the high end of $150 a month plus equipment. RVDataSat seems to have real unlimited plans, but the cost of the equipment is upwards of $15k!

Epic Fail and Recovery – Network Gear

So since we’re talking about Plan B situations on our coast to coast journey, let’s discuss network connectivity. Doing the digital nomad thing is great as long as you can connect to the rest of the world. For my first attempt, I failed twice with the Netgear Nighthawk M1 Mobile Hotspot Router. (TLDR spoilers: Amazon link here but who cares because it’s crap and don’t buy it.)

The fail started pretty fast even before we left. The idea with this router is you take any ol’ SIM card with a data plan (in my case, liberated from Fox’s iPad Pro 1st gen, an AT&T legacy unlimited plan, mmmmm….), drop it in the device, set up a little hotspot with the web page or app, voila. Instant internet anywhere.

What I got instead was a failure to charge the battery because the device was too hot. In Las Vegas. At 85º F. WTF. So this device wasn’t going to be the long term live in the Airstream and enjoy the multitude of USB charger ports available. Okay.

Next failure – The critical role of a hotspot is to BE A HOTSPOT. This one didn’t. After a little while of being turned on, it just decided…. nah man, we coo. It didn’t shut off, it just stoped providing any sort of connections. Not for lack of signal, the SSID just wouldn’t appear to any devices. You’d need to hard reboot the device with a battery removal to get the thing to respond anymore.

So, maybe just a bad unit, right? Swappy swappy time with Amazon. New unit arrives via Amazon Prime to my delusional uncle’s house who doesn’t understand why Trump is sending him random packages with license plates and electronics even though the label clearly says FOR SEAN on it…. ANYWAY. New boss, same as the old boss.

Maybe it was just losing AT&T (more bahs in more places…), and I needed a better antenna? Oh, Amazon. Your Netgear MIMO antenna in “retail packaging” was TWICE sent as a display model with clearly noted on the packaging that it was not for sale.

Plan B

So, buh bye went the Netgear. And I found https://mofinetwork.com on Amazon instead. This is NOT a simple router. This appears to be a full linux install in a small ruggedized box with metal enclosure, two cell antennas, two 2.4GHz antennas, and a sweet 12 volt adapter with a fuse tap for always on network. Now have successfully done multiple meetings from I-95 from the truck (where the router is a good 35′ away while driving down the highway). This one has been a winner so far.

On the road with customer calls

Today I’m coming to you from a Flying J station in Gillette WY between customer calls. Successes so far! Two calls from the road with zero issues. These Pilot Flying J stations are nice as they have done recent WiFi upgrades, and often the wifi extends out to the truck/RV parking areas beside the stations. These nice breaks in the driving give you a safe, reasonably quiet place to do the calls.

One disappointment so far has been the Netgear Nighthawk M1 router on AT&T. The router for some reason needs to be rebooted on a fairly regular basis as the SSID stops announcing itself. I’ve checked settings to disable that, but the ol’ “turn it off and turn it on” seems to fix itself. Plus, even though my iPhone had clear, perfect AT&T network pulling down about 5 Mbs, the Netgear said it was roaming on T-Mobile and had no network connection. The SIM I used for the hotspot was pulled from an iPad Pro, so my only thought is AT&T cheaped out on the data plans there, didn’t want to pay for data in rural Wyoming, and only shows it’s “more bars in more places” to voice capable devices as a money saver.

Side note: Jamf Pro has been an absolute show stopper. If you can set up a Mac from a truck stop off a wireless hotspot, it will work anywhere.

We’re doing this thing!

Today we start the epic road trip. After a quick stop back at Airstream for an emergency part, we’re on our way to Beaver, UT for the night.

https://www.instagram.com/p/B1upJsWFYaw/?igshid=102nd12csaxsr

The F-150 is taking this trailer up about 3000 feet into Utah; so far we’re averaging about 15 MPG uphill.

More pictures to come soon.

Plan B at Day One?!?

Welp, this is looking promising. We’ve got the trailer after an hour and a half delay to start, and the next plan B is… there is no plate. No temp plate either. Not too thrilled with Airstream right now – a combo of failure to plan, lost passwords, and an unwillingness to call the bank to get their crap together.

So plan B is to drive with no plates (not even a plate frame!) with a 15 day temp moving permit in the window. So… this can’t go wrong when you’re gone for a month and a half!

Not impressed for a company claiming to sell a premium product with premium prices.

Tales from the Hop Inn

Ah, the digital nomad. Going from city to city, laptop and iPhone with hotspot in hand. This will be a short post, but that’s what Andrew and I are going to attempt this fall, a coast to coast trip from Las Vegas NV to Boston MA. The last character in this tale, a 2019 Airstream Globetrotter 27FB. We’ll have photos from the road, best practices, and some “plan B” stories as well I’m sure. The trip starts August 28, the planning and packing is happening now!

Keep track of the tales by following us on the web at hopinncoffee.com and social media to come.

Creative Data Mining with zone.vision

Your DNS records reveal more about your company than you think, especially if you’re using cloud services.  To verify your identity, Microsoft, Google, Cisco, Atlassian, Docusign, Dropbox, SalesForce, and more use a TXT record to make sure you’re an administrator on a company domain.

As a sales engineer, you can use this information for those meetings where you’re headed in blind.  It happens!  Sometimes you don’t have enough discovery to really have a quality conversation with a customer.  Here’s some tricks to use https://zone.vision (from the folks at DNSimple) to see what DNS is announcing to the world. Continue reading “Creative Data Mining with zone.vision”

Called it! Apple’s T2 Chip and You

Called it.  Apple’s new MacBook Pro line now features the T2 Chip, a new level of security for the machine.  One of the last security vulnerabilities with macOS is physical – got the machine in your hands? Then you can still mess with it.

The T2 chip changes all that.  Introduced with the iMac Pro in 2017, the T2 will prevent you from changing the firmware password on the machine even if you have physical possession.  You’re prevented from booting an OS without verifying its properly signed, and you can be restricted from booting from an external at all.  Finally, any data that goes to the hard drive MUST go through the T2 chip for always on encryption.

“But Sean, what happens if the T2 chip fails?  Wouldn’t that kill every bit of data on my computer?” Eyup.  The chip dies, your encryption dies.  Be sure you back up.

“But Sean, how do I fix the T2 chip if it goes bad?” Well, I’m assuming you’re an IT professional if your answer isn’t “go to the Apple Store.”  Time to investigate a little program called Apple Configurator

“But Sean, all this sounds terrible and possibly dangerous!  I don’t want this in a computer…” The security far, far outweighs the danger in this case.  And, hate to break it to you, you’re stuck with it.  Apple is putting it in every new MacBook Pro (and plan on that to be in the MacBooks, the iMacs, the MacBook Air…. the Mac Mini if they ever get around to it, grumble, grumble…)

You can read a little tiny bit more about the T2 security with the Apple macOS Security Overview. It’s dry, dull, and like awful tasting medicine, completely necessary.  Read it, love it, embrace it.

Now, if you’re a company with a fleet of computers, this is both a benefit and a bit of a problem to solve…  Obviously, security is key.  If the bad guys aren’t after you, you’re deluding yourself.  Of course they’re after you.  They’re after everyone.  This is one more tool to protect, but you’re going to need a plan for how to deploy, protect, and maintain over time.

First, if you’re rolling out a new machine to someone, that old school “flash it and hand it” method of disk imaging is done – Apple says you can’t trust any OS that isn’t its official signature.  Kinda the InfoSec version of “Trust nobody over 30.”  Get on Device Enrollment Program and learn the wonders of the trusted, bootable OS install…  https://support.apple.com/en-us/HT208020

Second, you’re going to want to turn on that firmware and FileVault password. Gonna keep all those passwords in an Excel spreadsheet, buddy?  Maybe in Notepad?  On a post-it in your desk?  Don’t think so, pheasants.  This is a league game!  If you’re not going to keep the keys secure, welp.  Let me know how that works out for you when you’re job hunting.  Plan on a proper inventory management and tracking system.  (Hint: jamf.com)

Third, if you tell your legal team they have a fleet of laptops that potentially could be subject to a legal hold that you have no way to decrypt without the employee handing over a password that you can’t control…  Ever see a lawyer go from almost fainting to murderous rage within 3 seconds?  Stop reading right now and try; we’ll wait for you.

Did you try it?  And survive?  Then you better have a policy to get a copy of those decryption keys.  (Hint: jamf.com)

You will need a plan yesterday for physical security, password security, legal hold unlocks, and while you’re at it, might be a good idea to make sure the machine isn’t pwnd while the user is using it too; let’s keep that software up to date.  It’s time for a management system.  I happen to know a guy to help your Macs… (*cough cough jamf.com cough*)

“But, we don’t have Macs in our business, Sean, haw haw, joke is on you!” Apple has been leading the way in computer design and architecture for 10 years at least now.  Think this isn’t going to affect your Windows fleet?  Your random Ubuntu boxes? Secure computing is coming, folks.  Start planning for winter.