COVID, Snowmobile, OVH, O365, ip6tables, Zoom, Remote Work, Subgraph

  1. COVID-19 causes many nations to force people to be tracked using mobile phone. I wonder what Orwell would say about this. Some countries use mobile networks directly and some others utilize apps. But the main goal is to track peoples movement in detail.

  2. Are you data hoarding? Check out AWS Snowmobile (@ AWS Amazon). It allows transporting serious data to the cloud by road.

  3. Oh joy, OVH had their network completely down, even status pages and everything. Classic mega fail. Postmortem (@ travaux.ovh.com). It's funny that (almost) global network comes down by single line card having minor issues.

  4. Again receiving complaints that Microsoft Office 365 email isn't working. Also the bounces are still broken. I really don't get how they manage to produce such [fill in] quality software and services. - As example most of the services / open source projects would have fixed such a utterly [fill in] obvious fail, simply by saying [fill in], and 15 minutes later it would have been fixed. But companies like Microsoft are unable to get their [fill in] straight. - This kind of [fill in] causes serious reliability and deliverability problems. - Thank you so much for that.

  5. ip6tables POSTROUTING MASQUERADE, IPv6 NAT, oh boy. Yes with Masquerading, Destination NAT and Port Forwarding. Played with it and it works, can be used if and when required. Yet I really hope I don't need stuff like this.

  6. Projects, process and feedback. Sometimes I just don't get the approach where things are changed again and again, based on more or less random feedback without enough details. It shouldn't be that hard, just quoting that one service name "If This Then That (IFTTT)". But it's much better to say that's wrong, it needs to be "5" or "Blue". But based on what, isn't being told. Fun times, frustrating back and forth games. That combined with slow and ambiguous feedback cycles is total destruction. Feedback is being given based on obsolete old versions, etc. Lots of time is being spent on speculation and trying to guess what needs to be done. When new tests are designed, previous test cases (even with changes (!)) aren't being covered. So classic! As one colleague says: "You don't have time to do it once properly, but you have time to do it over and over again ten times and then pay for the damages". Most of people would just keep randomly doing the changes without cause and be happy (?). Again, I think my only problem is that I do care.

  7. A nice summary post about Zoom in Bruce Schneier's blog. It seems that software like this, is unfortunately very common nowadays. Not just bad software, but spying on level of being spyware and malware. Several pure lies about encryption, etc. Go for Jitsi(@ jitsi.org). It's good to checkout Jami (@ jami.net) as well. I've also used Jitsi with friends. Yet with security conscious friends it's problematic. All media is disabled, WebRTC is disabled, and so on. So basically you'll need non-security hardened browser for it to work. VM with plain Chromium and key media devices linked, seems to be working fine for containment. Also see this more detailed Citizen Lab's article , which also states the obvious Zoom is Intelligence Target.

  8. Read "remote working security guidance book", yet, as expected. It didn't provide any new information. Just the usual stuff. Patching, firewalls, BYOD, COTS, MDM, MFA, home networks, and related challenges. Most important aspect is not to do hasty changes, which would serious undermine existing security practices and solutions. Failover plans in case primary systems are unavailable. Generic security awareness and security training.

  9. A nice post: Connecting to Google Cloud (@ cloud.google.com). Nothing new. I've explored these options earlier.

  10. Subgraph OS (@ subgraph.com) - Installed it on one hacking / testing laptop for fun. Looks nice, kind of Qubes OS but different twist and Tor features included. Tails 4.5 starts now with which have secure boot enabled.

  11. Specification says only that: "this field contains date as a string". Wonderful. No further definition is given. I would put "neljäs päivä tammikuuta jKr. 2021" there. Just to troll them.

  12. Checked out OpenDHT (@ github) project. Could use it when necessary, DHT stuff is nice, but can get painfully complex, unless some nice library is being used. OpenDHT provides bindings for Python 3, Rust and C.

  13. Something different? Living historical times? Yes I guess so. Severe acute respiratory syndrome coronavirus 2, Coronavirus disease 2019, 2019–20 coronavirus pandemic all links at Wikipedia. Polymerase chain reaction + Watched probably too many documentaries about this topic. As example BBC Our Secret Universe The Hidden Life of the Cell and Horizon 2020 Coronavirus Special. Both were purely scientific stories, skipping all the politics.

2021-04-11