Blog

Google+
My personal blog is about stuff I do, like and dislike. If you have any questions, feel free to contact. My views and opinions are naturally my own personal thoughts and do not represent my employer or any other organizations.

[ Full list of blog posts ]

Data Integrity, 3D libraries, LetsEncrypt, Payments, Duplicati, Telia

posted Jun 16, 2018, 11:02 PM by Sami Lehtinen   [ updated Jun 16, 2018, 11:03 PM ]

  • Data integrity, that's a topic which could go on and on. I've seen so many cases where something is insisted to be used in production and even years after launch, they're unsure if the data is even nearly correct, or if it's absolutely wrong. It's something brown in and something brown out. Yep, it's awesome to have real-time dashboards and advanced analytics and all that. But nobody seems to care if the information shown is right one at all? Yep, that's funny. And I'm pretty sure, I'm not only one who has been observing this kind of projects. Actually it only gets funnier, when at some point someone who's accepted that for production finally realizes that any of the data doesn't make any sense and it's seriously misleading. Honestly, I would like just laugh at that point, but it's also so sad. Well, what did you expect? Why nobody cared about those important things, when it was time to take care of those aspects and verify data integrity and correct values with all kind of use cases.
  • 3D printed multiple pieces of different useful everyday items, which got actually utility value. So many 3D library sites are full of useless stuff.
  • I've been been planning the move of some sites to use LetsEncrypt. I've done all the experiments required so far using IIS, Apache, Nginx and uWSGI, Python 3 SimpleHTTP with SSL wrapper. So whenever I feel like it, it's trivial to transfer the sites to (valid) HTTPS certificate time. Currently all the sites are providing HTTPS, but with expired certificate. Which of course doesn't matter for certain use cases, where server is authenticated using public key fingerprint. But for some people it seems hard to grasp, that the hash of public key is good enough, there's no need for anyone other than me or us to say it's valid.
  • Finally in Finland there's nice real-time mobile payment method, which works well. And without credit cards. As I've written several times, I don't really get the Credit Card fetish, because in most of cases that adds running extra costs. Unless you've been very carefully selecting a provider without extra fees. There are a few provides which give you free credit card without any running extra fees. Yet you have to change provider at times, because usually those are campaigns which only last a few years or so.
  • Tainted leaks - Always mix correct and disinformation so nobody knows what's true. That's the way to push agenda. it's harder to find and dismiss the disinformation from document, which actually contains 80% of totally correct information.
  • Again faulty Duplicati 2 backup update. Default compression module is zip, and then the application claims that invalid compression module has been defined. Awesome! On top of that, downgrade installation ends up in state, where the primary binary files required are missing. My guess is that the developer is going to release a patch for that pretty quickly. Sigh! "Fatal error => Unsupported compression module: zip" Windows version: 2.0.1.61. Anyway uninstall, reboot and reinstall fixed the issue on all platforms. Strange, why update fails, nobody seems to know.
  • Telia and Sonera merger. I terminated one random corporate service via their own on-line service form, which is designed exactly for this purpose. It wasn't any random feedback form. When I called two weeks later to confirm that, they didn't have any clue about that. Well, I'm IT guy and I've been seeing some $hit software and crappy organizations. So I naturally had all the screenshots for them. But well, this is just as usual. Nothing works, and everything fails. Always use at least three methods and get always confirmation that things are as agreed. Sometimes it feels so stupid to verify something repeatedly, but way too often it has turned out to be actually a very good idea. They changed the termination terms too. This is so typical, first they provide conflicting disinformation and then they leverage the disinformation they've provided against customer. My honest opinion is that, it's an total a$s move. Yet I personally see that as kind of a good thing, because it allows all the utterly useless and incompetent staff to be replaced by automation in future. I've said this earlier, only thing that totally doesn't suck with Telia is their IP network. It's nice. But everything else, especially customer service, is absolutely horrible. Every time, repeatedly, over the years. The same thing just happens. Was it business or personal service, doesn't make any difference.

Suomi.fi, Unicode, Duplicati, Valuation, Bad Code, Transactionality, e-ink, XS-1

posted Jun 9, 2018, 11:34 PM by Sami Lehtinen   [ updated Jun 9, 2018, 11:34 PM ]

  • Quickly checked out suomi.fi - Finnish National Citizen Digitalization Service Portal- Including: Services, Web Service, Finnish Service Catalogue, Data Exchange Layer, e-Identification, e-Authorizations, Messages, Service Management, Maps, Payments. All essential services under one national service architecture roof. (Kansallinen palveluarkkitehtuuri, KaPA)
  • Bleeping code is everywhere. I registered for The Register email news letter, and it seems that they've got no idea what Unicode or character encoding is. Just very basic fail, but it's everywhere so don't worry. - Laugh.
  • I'm just wondering if there is a way to get Duplicati 2 to give 'sane' activityreport of update, like Duplicati 1.3 did, verbose is too verbose. I would prefer output where there is A for added D for deleted R for replaced filed (all the content) and M for modified with block count getting changed. Does that sound like a sane wish? Verbose which shows also all details of the files not being updated is way too verbose for my purposes.
  • There seem to be pretty many path issues with Duplicati 2, especially on Windows. First of all exclude paths are kind of problematic, I had to experiment quite a while to find a working combination. And here's another issue when restoring on Windows paths to alternate directory. A quote from error log: Warnings: [Failed to create folder: "c:\duplicati_test\c:\my_test_stuff\", message: Invalid Path.] How's the drive letter there twice? How about working with relative paths? Well sure, different kind of path issues are unfortunately quite common with multi-platform applications.
  • Reminded my self about Veblen good and Giffen good. When I noticed that people don't really realize value of things. One electronics chain markets their products with slogan: "It's just stupid to pay too much". Which is very true with many of the things people are buying.
  • Sometimes when people say that I bought a fake. No, I bought a perfectly working item with good utility value. It just happens that in some regions, there are no other alternatives than fakes. But to me the brand is totally secondary, what I value, is actually the item itself and it's utility value. Of course it's common, that fake sellers are trying to get extra value from the brand, but when I know it's a fake, I'll just drop the brand value to zero. If it's good as it is, it's good. Never mind the fact if it's fake or not. Yes, if same item is available as honest 'no name' I'll prefer that over a fake one. Because I think the "cool" brands are often just lame. But as said, sometimes it's impossible to get non fake items.
  • Have I ever mentioned that amazing (s*t) code is just about everywhere? This time it's the Thunderbird which has mixed up headers and message bodies. I really hope that everyone is using the message preview when deleting mails. because you can delete wrong content, if you send the header information like subject, from, date, etc. Never trust that info. I've been annoyed by email (un)reliability for a long time. Messages getting lost, wrong header information etc. That's why I've said that if you want to know if email has been delivered, put in message one word that doesn't belong there, and ask the recipient to reply with that word. When the message has been oatmeal received and understood. This is the only way to make sure the message has been delivered, and seen correctly. Did restarting program fix the problem? Of course it didn't. What did fix the problem? I just moved the message from folder to another and back. Now the right content is visible again.
  • Wrote a small transactionality module for state, files, databases etc. This makes it guaranteed that there's a single state indicator, before it's updated everything will roll backward and if it's updated, everything will roll forward. Earlier I used to have often implementation specific divider, but now it's all in easy to use library.
  • It would be nice to have e-ink (or other similar potentially semi-transparent technology) based light curtains and wall papers. Then one business would be streaming content for those. Want your boring downtown concrete cube to have Fuji, Osorno, Blue Mountains or Yellow Stone Old Faithful view? Maybe you're bit more modest and enjoy viewing earth from International Space Station (ISS). Maybe just beautiful view of birch trees next to lake from Finland with sauna and some smoke coming out of stack during the midnight sun? In some cases these could be used to cover windows, with white diffusion background. Or just walls with nice led background. At some point these of course could be 100% LED powered, so there's no need for separate background light and display unit.
  • Something different? XS-1 Space Plane-. We will see if it will ever become a reality.

Google IO, Windows 10, Open Source, Fintech, Randomware, Facebook, Windows Hangs, UPS

posted Jun 2, 2018, 8:26 PM by Sami Lehtinen   [ updated Jun 2, 2018, 8:26 PM ]

  • Google I/O 2017 - Notes: Unsurprisingly Google AI - ai.google - was in very important part of the show. It's at the same time awesome and kind of scary. Deep learning is the way to go. Super Chat was just like from the all dark tv shows. Pay us and something will happen. Whatever that will be. Choose your favorite horror movie. We'll be live streaming it! Picture in Picture, Awesome.... Nope, it's meh! Smart Text Selection is actually useful. I've been so often very annoyed by the fact that text selection is so hard. Background execution limits, nice. Developer Tools, Play Console Dashboard is awesome. It answers many of the questions which usually don't get resolved, because everyones claiming that the problem isn't a problem. Android Studio Profilers. Kotlin officially supported on Android, awesome. YouTube Go, that sounds like again that silly development I've talked about. When there's unlimited fast mobile data everywhere, what's the point of downloading content or saving bandwidth. Even most of Wifi's are backhauled using 4G nowadays, in private homes. Tango - Visual Positioning Service (VPS), providing a centimeter location resolution.
  • Windows 10 is Microsoft Botnet with Dragnet Surveillance - Well, no actually any surprises there. I'm so happy I jumped off the Microsoft train when XP was released. I though it was already intrusive enough. But it's nothing compared to Windows 10. One some of the Windows work stations I'm randomly using, I'm getting OneDrive popups all the time etc. - More than year later, I just today (posting date) did read news that Office is also going to have a telemetry feature.
  • Had long discussions about concepts of supporting open source. No details available, but I think supporting open source is win - win situation. Everyone gets good software and it can be improved if there are any particular needs and the end results are shared for everyone to use.
  • Read several arguments discussing fintech, bitcoin, other crypto currencies, real valuation, gold, etc. Well, lot's of good points in those articles. But as said, bitcoin value is based on belief, and well see what it will be in future. - This was triggered by the fact that the valuation of bitcoin is right now above $ 2000 USD and almost € 2000 EUR. - I've been also exploring 'alternative investments' and ways to maintain value. Gold isn't ever investment. It's just a way to maintaining value and even that naturally isn't risk free.
  • Future of Ransomware - IoT risks are alarming, once again. Not any news, I would say. Future is going to be interesting, that' sure.
  • Get your loved ones off Facebook. Yes, that's nothing new or unexpected. We knew this from the very beginning. But it's up to you, if you really think it's worthwhile giving your private information to them.
  • Again got a few Windows server hangs. It seems that if there are any disk i/o related issues, Windows goes way too often belly up, which is pretty annoying. This also happens on multiple completely independent service providers. So, it seems to be a feature of Windows. Probably some kind of I/O timeouts (?) cause the system to enter read only mode, to avoid messing up storage. - Yet nobody, I've talked about this knows, what and why.
  • Just a fun thing, when I were writing the previous line. UPS power failure caused immediate system shutdown. With warning time of around maybe just one second. Sometimes I wonder which one actually cause more problems, using or not using UPS device. Because it's so common that UPS is actually source of the problems, and not actually saving the system from power related damage.

Security Headers, JSON feed, Postgres, SCRAM, Google.ai, Duplicati, DB, 4G, TFS, HAMMER

posted May 27, 2018, 4:04 AM by Sami Lehtinen   [ updated May 27, 2018, 4:05 AM ]

  • HTTP security headers - Nice list of HTTP security headers. I think I've posted about month ago or so lots of stuff about HTTP security headers and related implications. Like that getting CSP right can be challenging.
  • About the customer tracking, like being said. One 'entity' gave up their loyalty program. Because they could already track people at least as well, without it. Using cameras, mobile tracking, and all the technologies the tracking industries are pushing. This might be also one of the reasons why basically every shopping mall providers free WiFi / WLAN. Providing some Internet bandwidth is virtually free, but at the same time you can get so much other information about the devices being used, where those are being used and what those are being used for, etc.
  • Implemented JSON feed for one site / project. Why? Because it was fun and I can.
  • Studied PostgreSQL 10 new features.  Awesome stuff like: Logical Replication, Native Table Partitioning, Additional Query Parallelism, Quorum Commit for Synchronous Replication, Multi-host failover, Crash-safe hash indexes, Multi-column correlation statistics, XMLTABLE, FTS with JSON and JSONB (Binary JSON).
  • Salted Challenge Response Authentication Mechanism (SCRAM) - Pretty traditional solution, nothing new afaik.
  • Google.ai - Federated Learning will change how smart AI systems are. It's just as the collective mind, seen in many cases. Collaborative Machine Learning. kw: Distributed Learning,  Stochastic Gradient Descent (SGD), Federated Averaging algorithm, Secure Aggregation protocol.
  • Other comments about Google.ai writing. Another ridiculous engineering fail. Why they need wireless connection for updates? Isn't 300 Mbit/s unlimited 4G LTE data enough? No, it seems. Maybe they're expecting to get unlimited 1 gigabit wifi? You know what guys, in many cases the WiFi / WLAN is slower than the 4G LTE network. Especially in congested areas, 4G is often really much faster than WiFi. Because WiFi networks very rarely cut down on power, to improve density. But 4G networks of course allow all kind of small cells very efficiently, versus WiFi which unfortunately doesn't do that in most of cases. It's so smart to connect mobile phone with unlimited data to WiFi which is connected to mobile network with unlimited data. Does that sound like sane engineering to you? It's only sane, if you're selling 4G access points or data plans. Duh! I've for a long time recommended for normal users, that there's no reason to get anything else than just one 4G data plan, and that's for your phone. You can then use everything else utilizing the phones tethering. No need for extra devices, no need for extra SIMs no need for extra plans. Just get the data moving simply and sanely.
  • Found issue with Duplicati 2 - which prevents backups from running. Reported it on GitHub issues. It also got fixed incredibly fast. That's what I really do like.
  • Mind blowing discussions about data cardinality and indexing, etc. Nothing to comment about this. But yep, some things can be done correct, or absolutely wrong. I think I've written about this several times too.
  • Finland is planning for national AI strategy. How it's going to change the technology and even more importantly whole society.
  • One major Finnish telco doesn't know difference between bytes and bits. I wonder if it's intentional misleading, or if they just honestly think their customers are stupid.
  • Another silly article, where they talk about WiFi / WLAN usage and 4G usage. Don't they realize that at least half of people are using 4G WiFi routers, which create WiFi from 4G network. So saying using wifi or 4G doesn't really make any difference. Well, fixed wireless, is interesting. Yet it's not going to replace good old single mode fiber.
  • Checked out: TFS and HAMMER file systems, which are under development.  This one made me smile, it's almost like from b-class Sci-Fi movie: "implementing pulse-width modulated time-domain multiplexer on B-tree cursor operation". W0w, that must be something. Maybe we could fit in quantum fusion and dimensional parallel universes too? Yet they do have some interesting points especially on TFS side. But as being said, everything is a trade-off. Something gets better and something else gets worse. It's interesting to see if this ever gets off the ground. File system development is extremely demanding and tedious task. Of course some things can be simplified on purpose, making naive implementations. But that usually leads to other trade-offs like poor performance in some or even many cases. The page and cluster compression scheme is something very similar, I used with my archive system.

Archive, Networking, CPUs, Snailmail, Kill Switch, Backups, Locking, eReceipts, UPS & Power

posted May 20, 2018, 12:54 AM by Sami Lehtinen   [ updated May 20, 2018, 12:55 AM ]

  • I've got a site example.domain and I've also got a www.example.domain subdomain configured. Only the example.domain is actively being used. Therefore the www.example.domain servers robots.txt with disallow: / . For some strange reason - web archive / wayback machine - crawler seems to think that this should be applied to example.domain which naturally doesn't have such a restrictive robots.txt. It also seems that web archive is the only crawler doing such a silly assumption. Why they're doing it? Isn't that a bug? It should be pretty obvious that it's not the same, and the robots.txt shouldn't be applied like that between two different domains - naked and www one.
  • Reminded my self about Cat7 (class f) cables and EuroDOCSIS 3.1 as well as 802.11ac technologies.
  • Multi-threading is coming more important everyday. Intel just announced desktop i9 CPUs with 20 threads. Also latest ARM processors can go up to 64 cores at least on specification level.
  • Checked some statistics, it's totally incredible that in Finland there are 34 million parcels processed in mail per year. And 10 million of those parcels are from China. That's truly incredible ratio. No wonder it takes sometimes a while for customs to process those. Especially under xmas etc.
  • WanaCrpyt0r / WannaCry discussion, domain checks, anti sandbox measures, 'kill switch fail' etc, bad security, internal networks. It's funny how many successes and fails can fit into 'one project'.
  • Microsoft Kill Switch. Yep, that's what I've been saying and thinking for a long time. People don't realize they're using backdoored and booby-trapped software. Which can be leveraged at a right moment, if required. Boom, and you're totally screwed. They can trigger it at anytime. It's not a joke that Windows is very expensive malware / virus. Quotes: "Expensive and hampering, Unfair competition, Intense lobbying, Security risk".
  • It's wonderful when document & SQL databases are mixed in sweet harmony. It's not hard, but it seems that for some parties it's easy to mess-up things. What's the difference of PUT, PATCH, delta UPDATE, UPSERT with absolute value, etc. Sigh. Not that hard after all, but it's important to get those things right. Otherwise end result will be ... interesting ... Yet if the testing is done in single thread mode, without nasty edge cases, it will probably pass and everything seems to work. Until race conditions and 'unexpected' errors start to occur. In this sense, even if you wouldn't personally use different kind of databases or solutions, it's very important to know how the alternative technologies work.
  • Good day of hard work, automated Duplicati 2 backups, backup integrity testing, and data verification. Phew. What's done is done.
  • Had a long discussion about physical security and locking with one organization. It's just as important with physical security that things are designed right, as it is with information systems security. If design is bad, and users get seriously annoyed by it. It's highly likely that the security features won't get used at all, because people prefer disabling such features. Even if those would make them more safe. Yet more safe for random rare events isn't great trade-off if it requires annoying daily tasks requiring time and effort. I guess this applies to most of security stuff anyway.
  • The Quick vs. the Strong: Commentary on Cory Doctorow's Walkaway - Nice essay by Bruce Schneier. Times change. New platforms can be a wild west for a while. But if those become popular. Yep, nothing new there.
  • One e-Receipt service I'm using, lags often for 15 - 30 minutes. I find that incredibly annoying. 15 - 30 seconds would be ok. But it's still a long time, if you don't know if you're going to get a receipt of the transaction or not.
  • Microsoft Office 365 / Microsoft account password change took once again more than 6 hours to be effective. Afaik, I personally find that being a serious security flaw, allowing access with old password for that long.
  • Run once again the regular UPS powered checks, that all key systems remain working for at least 24 hours after power is cut. Also alerts are automatically sent. But that gives us reasonable time to react even during weekends etc. Anyway, it's very rare that power outages last more than a few minutes when power is getting rerouted. Usually there isn't even one power outage per year. This is naturally limited to the vital systems, all secondary systems shutdown start shutting down after a few minutes and there's generator power for those. But that's totally acceptable risk in this kind of environment / use case.

LC4 & LS47 cipher printable tiles sheet (PDF & PNG)

posted May 15, 2018, 7:23 AM by Sami Lehtinen   [ updated May 20, 2018, 12:34 AM ]

LC4 is another pen-and-paper symmetric cipher, using mutable s-box appliance tiles for cipher state and encryption key. LS47 is basically same, but with extended character set and different marker mode. Yet these can be applied as required.


LC4 tileset PNG


LS47 tileset PNG

Why? I did a quick search and didn't find anything else than 3D printable STL version. Duh, but I don't need that. Here's simple version which you can print with any printer, and then attach the tiles to your favorite background. What ever it is. Heavy plastic, cardboard, wood / lego blocks or so.

The set doesn't include the marker object / block / tile, because that's something you'll need to physically have. You can use any small suitable object.

The EFAIL attack / vulnerability, is perfect example why encryption on computer (and handling the plaintext) is potentially dangerous.

kw: printable, printed, paper, laser, cipher, encryption, encrypt, decrypt, set, tiles, blocks, elements, chart, table, tileset, ElsieFour, Elsie Four, "A Low-Tech Authenticated Encryption Algorithm For Human-to-Human Communication", LC4 appliance tiles, tile, algorithm.

Customer tracking, Beacons, Distributed DB, Charts, Security, ISP, Duplicati, B-21

posted May 12, 2018, 9:46 PM by Sami Lehtinen   [ updated May 12, 2018, 9:47 PM ]

  • Checked out customer / people tracking technologies for shopping malls, retail, etc.: Irisys, RetailNext, Visit, ShopperTrak. Many of these can be integrated with a POS system to provide even more detailed customer information.
  • Ultrasonic Beacons (PDF) - What's the surprise? This is blatantly old and obvious technology. It shouldn't be any kind of surprise it's being used. When I was young we had a TV with ultrasonic remote. Btw. I was also able to hear it squeaking. Different frequency for each of the buttons. IR signaling is something way more advanced than ultrasonic tech. It's obvious that this (as any other proximity technology) allows media tracking, cross-device tracking, location tracking and de-anonymization. The part of encoding information was nice, yet totally obvious. Yes, it doesn't matter if we're talking about data transmission or ultrasonic beacons. It's all the same. Ultrasonic audio band is just one transmission method. SilverPush and Lisnr mentioned. SightCorp also provide very interesting customer tracking and emotion information collection features.
  • How Cockroach distributed database works without atomic clocks. Nothing new, because had studied that Google Spanner stuff in detail earlier. This was also exactly the reason why Sharding is so important, so you can have multiple synchronization waits running on parallelly without it causing too much trouble.
  • Britecharts - Seems to be easy to use simple charting too. I'm currently using chart.js which is extremely simple and light, and works well.
  • Interesting attitudes towards security. In one discussion where I asked that system security should be improved I was countered by a claim. Because any system can be hacked, is there any reason even trying to improve security. I was so badly stymied by that, I didn't even bother to respond tot that anymore. But yes, partially it's true. It's very easy to forget that there are very different levels of attackers and there are different attack vectors etc. I have absolutely no doubt that NSA or similar entity couldn't hack the system almost trivially. Or even any actually competent hacker if they really try. But the point was that routes which are blatantly obvious and easy to access and would make people totally laugh shouldn't be present. It's bad if there''s a problem and it's like, did they leave this obvious backdoor there by design? - No that's too stupid or obvious as a backdoor. Yes please, I wish there wouldn't be such things present. It should be a least honest bug, which is hard to exploit. Not something absolutely ridiculously stupid. What happened to the principle of least privilege?
  • Still negotiating with network providers, there's no cartel in Finland. Yet the offers are extremely similar. But that's nothing new in Finland. Usually there's competitive edge, which is what 'all cheap offers' are providing and then there's something much more expensive which is somehow classified as better, even if there's no practical difference. That's what I've found out earlier when running similar comparisons. Also there might be a teaser product, which seems really easy, but if you add extra features then it becomes much more expensive than the other offers with same (extra) features included. - Yet, I haven't received offer which would provide IPv6 and good enough bang vs buck, compared to our old contract. Yet I had negotiated the old contract to be very good. When the contact person changed on the providers side, they said it's seriously underpriced. Hey, I'm not complaining about that.
  • Configured a bunch of system to use Duplicati 2. Actually, I did script everything, from backing up data to verifying and checking the backups with data integrity and restorability automatically daily. I'll keep these test systems running for quite a while, before accepting the solution for production use. Before that, there's actually two parallel systems running on. This one for acceptance testing, and the old one which has been proven to work.
  • Quickly checked out B-21 Raider. It remains to be seen what they're achieving. Probably it won't be publicly shown for a decade.

Project Management, MS OTP, CPU Utilization, Wi-Fi Analyzer, Internet Sharing, Surveillance

posted May 5, 2018, 9:47 PM by Sami Lehtinen   [ updated May 5, 2018, 9:54 PM ]

  • Never ending discussion about project management, scope, software development, etc. Someone wants to use agile methods and a fixed price for project. Well, that's just not going to happen. We can give you fixed hour price. But if scope isn't exactly defined, then the price isn't either. Sometimes these discussions get utterly ridiculous. Is it so hard to get the point, really? So when ordering, it's very important to decide. Do you need something according the specification, schedule and cost. Or do you actually need a working system, in schedule at some cost. Yes, there will be cost overruns most likely (of course it depends how much you wanted to underestimate the amount of work) but you can get practically and actually working system hopefully in schedule. With waterfall, you do probably get technically working system. But it's totally another question if it's practically working system. This problem arises from the well known fact, that it's highly unlikely that all the requirements and things have been considered in enough detail. If there's no flexibility, you won't get practically working system. That's pretty much it. Because if there are any changes required, it does not belong to the scope of the original project. Because it's fixed. Then there should be secondary project, which fixes the short comings of the first project. - Not a first nor last time, I'm going to have this same discussion.
  • Microsoft Login OTP is working again. Let's see how long it takes, before it's broken again. Wow, it worked for a second day in a row. Was someone actually able to fix this? Cool.
  • CPU Utilization is Wrong - No news here. We all know that memory access is slow. It's just like the claims that fragmentation doesn't matter with SSD. Well, SSD is slow, fragmented SSD is slower. As well as RAM is slow and fragmented RAM is slower. It does make difference. Just as the application data access patterns, was it then RAM, SSD or HDD. Accessing data is slow. Using cache efficient algorithms is important and of course data access speed can be improved, but at times it's very expensive. Like CPUs with huge caches, lots of extremely fast ram or very high performance enterprise SSD drives.
  • Fluke (OneTouch AirCheck), Ekahau, RF Explorer, Metageek are tools worth of checking out. If you're interested about Wi-Fi (WLAN) performance and interference. Personally I haven't used Metageek's products. But Fluke, Ekahau and RF Explorer are awesome. Only if things get really bad and there's need for more advanced channel planning and site survey, then we utilize Ekahau. Depending from the environment, it's either easy or impossible to deal with interference. As example, rural large steel warehouse versus open space shopping mall lobby. I've got my own RF Explorer, but other tools are so expensive, we use those on shared basis and only get the equipment when other basic troubleshooting methods fail. - The Wi-Fi Analyzer apps are mostly useless. Yet you can of course check RSSI, link speed, channel and test performance.
  • Another ridiculous discussion with people whom claim they don't have Wi-Fi. Yes you do. Just turn it on from your mobile. It's not that hard. Then you've got Wi-Fi where ever you go and for whatever devices you'll ever need it for. It's that simple, it's cheap and easy and often also pretty fast. There's no need to make simple things complicated. Yet telcos of course love to sell you several Internet connections, because it's very good profit, especially when you're even underutilizing the only connection you'll ever need. Basic connectivity is now 100 Mbit/s unlimited data. Why you would need multiple connections? kw: Internet Connection Sharing, Mobile Hotspot, Tethering.
  • Just took a small ceiling viewing tour in local shopping mall. It's absolutely littered with visitor tracking & camera systems. It's practically impossible to go even near the building so you're not getting covered by multiple cameras. Naturally inside the building the situation remains the same. kw: customer flow analysis, in-store surveillance, retail security, customer tracking.
  • Got bunch of specification documents. Which are all using MS Comic Sans font. I don't know if they're trolling or what. Reminds me from case a long time ago when I sent all documentation in all caps, because the client always sent all of their emails in all caps. I just thought maybe they don't know how to read lowercase or something. At least they didn't complain about it.

Keras, FTTH, Preix, Infonomics, GPON, Integration Projects, Excise duty, Duplicati, Net Neutrality

posted Apr 28, 2018, 9:50 PM by Sami Lehtinen   [ updated Apr 28, 2018, 10:03 PM ]

  • Quickly checked out Keras. Installed and played with it for one day, running tutorial basic tutorial stuff. So I know how to quickly start using it, if any projects that would benefit it pop-up.
  • I'm currently arranging networking for a real estate limited company. It's interesting to see how much prices drop from public list prices when there's some volume behind the order. On the other hand this just shows how ridiculously expensive many 'corporate Internet' connections are. It's funny that individual home Internet connection costs N units, but if you're buying it for dozens or hundreds of individuals price is N / X much lower anyway. And if you're buying it for company or corporation the price is suddenly N * X. Even if we're talking about same type of Internet connection and capacity. Ok, it has been obviously clear that Internet connection pricing is totally political and has nothing to do with the real costs. No wonder many small businesses order just 'home' Internet connection and then forward the invoice to company, because that's lot cheaper. Often even unlimited 4G data will do, because in many cases that's faster and cheaper than VDSL2, Ethernet or fiber technology. Yet you have to know the regionally available actual 4G performance as well as know the hours when it's bad, if it isn't all the time.
  • Embedded devices and web servers. Sometimes I just wonder, how it's possible that they make so slow stuff. Basic requests taking tens of seconds or even minutes. No wonder those are really easy denial of service attack targets, because just a request per second clearly exhausts system resources. Absolute $hit code is just around everywhere. If there's so much code which doesn't work or does perform absolutely ridiculously bad. What kind of security you're expecting? I would say none, none at all. Because even the 'more important' stuff from selling aspect is that seriously broken. Btw. I've written all this, while waiting for one HTTP request from LAN to return. Sigh.
  • Two awesome articles by The Economist.
     - The world’s most valuable resource is no longer oil, but data
     - Data is giving rise to a new economy
    Very nice articles indeed. Data and more data, what else could I say? Yet there's absolutely staggering amounts of detailed data, which isn't being utilized, processed and analyzed at all. I guess this is something what I've mentioned dozens of times.
  • Predix is a software platform for Industrial Internet aka industry 4.0. For information trade see Infonomics. kw: Interoperability, Information transparency, Technical assistance, Decentralized decisions. Principles of Infonomics is worth of reading. And I do agree, that information is radically underutilized in many organizations. We do have all this information, but we're not using it for anything.- Hah, same conclusion again as on previous bullet point.
  • TED: The future we're building - By Elon Musk.
  • ITU-T G.984 Gigabit-capable Passive Optical Networks (GPON) - Encountered term which I couldn't recall. I did read lots of all kind of documentation but this was first one for a long time I really had to read more about.
  • One integration project, where there are the usual issues: Communication, disinformation, undocumented changes, not understanding of logs, changing data structures over and over again and so on. All the usual stuff. Also people misread logs or don't have logs at all and they clearly don't know how their stuff works, and then they complain about things being broken which actually aren't. Things are working exactly as they've requested, but they don't remember anymore what they've requested. Thank you for that, integration projects as usual.
  • Studied customs and excise duty taxation legalization in Finland. It's in own art, but luckily I don't usually have to deal with that. And it's not that complex after all, after you understand the basic concepts and principles. It's just like anything else, first it seems strange and messy, but there are of course exceptions but most of it follow pretty clear rules. It's just like any RFC.
  • Some things in Duplicati 2 documentation are very annoying. First of all, documentation isn't very accessible. Secondarily, the default values for many parameters aren't mentioned. So it's hard to know if some parameter should be used to override a default value, when the default isn't known. Reading the source code helped again. Default compact threshold seems to be 25%. I hope they've updated the documentation since.
  • Net neutrality? Hmm. My Internet connection contract already says that they reserve right to: Queue, Prioritize and Throttle traffic. This is used to optimize traffic. - Doesn't sound too neutral to me? It's also clearly stated that some traffic on the network get absolute priority over secondary classes. - Interestingly at one point 100 Mbit/s symmetric connection wasn't nearly fast enough to play almost any content (even 240p) from YouTube. - Maybe there's some kind of relation, maybe not.

eSuomi, PSD2, Web Junk, Siirto, IoT, Telia DC, OVH IPv6, Box, Augur, Tor DDoS

posted Apr 22, 2018, 9:21 AM by Sami Lehtinen   [ updated Apr 22, 2018, 9:22 AM ]

  • Updated my knowledge about current state of National Architecture for Digital Services from esuomi.fi. Including: Sigle sign-on, Authorizing others, e-Identification, e-Authorizations, Web Services, Service Catalog, Messaging Services and Data Exchange Layer. Forming national service ecosystem with users, public service providers and private companies and communities. When EU integration gets forward there will be Digital Single Market. Strong identification with strong authentication with eIDAS federation. kw: Service Oriented Architecture (SOA), X-Road Finland FI: Kansallinen palveluarkkitehtuuri (KaPA)
  • 10 things you need to know about PSD2. It's also good to remember that Strong Customer Authentication (SCA) and Secure Communication are coming under PSD2. PSD2 information in Finnish / PSD2 Suomeksi.
  • It's rare to see sites nowadays which aren't full of bleeping junk. At least ec.europa.eu and wikipedia.com are still sites without all that spying, advertising, tracking and other 3rd party junk. It seems that even many Finnish national official sites are already polluted and leaking visitor information to foreing spies.
  • OP just joined Siirto payment service, which allows instant money transfer between users without any fees (at least for now). I'm just wondering when they'll be offering services for businesses and what the pricing will be. So basically this would replace the good old bank card with mobile app.
  • IoT Security Anti Patterns - Very nice post by Cloudflare guys. Unauthenticated Pub/Sub. X.509 message brokers. Physical theft + Reverse Engineering. As said, it's guaranteed that Internet will be full of thi.. Nope sh*t. Yes. But it's not news at this point to anyone, hopefully.
  • Telia's data center about 100 meters from my work place is getting more and more complete and massive each day. It's the largest data center in Finland which allows co-location / access by non staff personnel. (FIN | ENG)
  • I don't know what kind of engineering marvel my camera is. But there's really annoying lag between shutter sound and the actual capture of frame. It's so bad, I feel like the developers were just trolling users on purpose. Bad software is just absolutely everywhere. Kind of repeating pattern.
  • Now it seems that OVH has disabled IPv6 address compression, because it was too complicated to get right. Smile.
  • Checked out Box dictionaries for Python with dot notation. Isn't that big deal, but yeah. Python does allow all kind of tweaking. Just as pyclockpro library can be used as intermediate caching layer and or dictionary when accessing data from database (or other sources).
  • I don't know who wrote the firmware for this one router, but it requires 6rd manually enabled (almost) after each boot. Because 6rd setup will fail, if it's on during the boot and connection forming process. These are just the tings engineers seem to make all the time. 'It works', but actually you should say you wrote really bad code. How about making it so, that it practically works and not only technically. Testing is no good, if the guy writing the tests doesn't have any understanding of 'real world'. This is also something which have been seen over and over again, if tech guys write the tests too. One more example of the we've tested it in oval track in Arizona and it works. Haha.
  • Reread Augur - Prediction market documentation and APIs. kw: ethereum, json, rpc, decentralized network, p2p
  • Interesting post about web sites, scraping, mirroring and Tor. Attacked Over Tor. As I said, I've done some similar experiments, but on the bot site. Generating huge amounts of requests and requiring high bandwidth. But that was just for fun and very short run times. To see if there's any effect. Distributed resource exhaustion attack.

1-10 of 553