Blog‎ > ‎

GDPR, DPO, C-Lion1, SSL StartCom, Python, Failures, Reliability, Backups, Internet, GPS, IoT

posted Jul 4, 2016, 12:29 AM by Sami Lehtinen   [ updated Jul 4, 2016, 12:29 AM ]
  • EU General Data Protection Regulation (GDPR) and Data Protection Officer (DPO) as well as lot of discussion and presentations about Network Information Security (NIS).
  • C-Lion1 is being branched to Hanko, Finland.
  • Constant monitoring of security issues is required with automated alerts. Common configuration mistakes are repeated over and over again. Without automated monitoring and alerts, situation would be really bad. It's not good with monitoring, but it's much better than it would be without it.
  • Again kicked a few new integrations into production. Integration isn't that hard, when you just got a great process and experience and flexibility in implementing it. Often the slowest part of integration is using some 'great generic extensive suits for everything standard'. Which actually makes implementation very slow and hard compared to building what's required using modern tools.
  • Just noticed that StartSSL / StartCom- Website has been overhauled. Nice. I were looking for Organization Validated (OV) SSL certs. It's also really nice that they provide free EV SSL certs. They also provide everything you need to encrypt your confidential emails using S/MIME. There were also some news about StartCom signing SSL certificates for existing domains and so on. Which is yet another reason why current CA system is just so broken.
  • Implementing your own recommender systems in Python - Nice article. Been there, done that.
  • Enjoyed some semi-serious storage subsystem issues with one hosting provider. Only good thing about this is knowing that competent people are working on this already and there's no need to go ballistic and figure out some hard to troubleshoot issues which you don't know enough. - Phew. That's good, bad and the ugly.
  • Once again encountered newbie / hopeless process guys. They were totally surprised that one thing didn't work. Yeah, it works, when it works, when it doesn't you should follow your fallback / secondary process which you practice frequently. - Follow what? Nothing works, panic panic. Well, obviously something works, you called me, you sent me email. So how do you say nothing works? - What we should learn from this story? There's just so many people who are clueless and trust things which "always work". - But that's exactly the source problem. You shouldn't think that things always work. You could lose water, you could lose power, you could lose heating (that's bad in Finland, it could be -35C or worse). But if you've done sane plans, you should just follow well rehearsed backup procedures. What is the problem?  - This reminds me still from the Data Center guys which said it was a nightmare and huge problem that DC lost power for a few seconds. Sure, it did. So what? Anything actually important shouldn't be dependent on one data center or actually the so called 'The Internet' being available. - If you trust something vital to these things, then YOU'RE the problem. The failure wasn't the actual problem, yeah it was inconvenient but so what?
  • It remains to be seen what kind of nightmares Internet of Things will cause. When will people start dying when mobile data didn't work. Well, your cloud based heart pacemaker didn't work because loss of Internet connectivity. Well, there you go. You're happy that only a few people died. Let's see when planes and cruise ships and stuff like that starts crashing and sinking when "The Internet was lost". Sigh. Yes, Finnish Coast Guard just warned about these guys, who think that the only way to navigate a ship is the mobile app on Android phone which loads stuff in real-time from Internet and uses GPS. When any of those things fail, good luck. You're going to have a bad time and you're totally lost at sea. - I think actually that it's pretty much time for Darwin awards. You were asking for it, and you got what you wanted and what's best for human kind and the universe.
  • Sometimes these people make me to think about fun mind games. What if just for fun, we would let the GPS navigation system to drift 20 meters in one hour globally to random direction. And then return it back. It really shouldn't cause any real problems? It would be just way too fun to see what kind of problems that would cause. Yes, this is all because there 'we trust this technology fully' people mentioned above. Nobody should trust GPS for anything important or which could cause damage or worse.
  • It's also important to remember that you're usually getting what you're paying for. Are you paying for real-time replication to another continent? Are you paying for your own national spectrum to delivery our content over dedicated radio network if Internet fails, etc. Some customers, are, most aren't. Does your employees have satellite phones and aggregates with enough fuel? This just in case to reach them if there's national extended power black out. Ok, they don't? What's the plan to contact them in that case? Etc.