Blog‎ > ‎

Integrations, Let's Encrypt, DNSSEC, IoT, Doxing, Hell banning, Python, Tor, Kademlia, PostgreSQL

posted Dec 21, 2015, 8:20 PM by Sami Lehtinen   [ updated Dec 21, 2015, 8:21 PM ]
Just quickly posting some stuff from backlog, which has been growing a lot lately.
  • Once again worked with one project containing all the business as usual stuff. Unordered semi random keywordish dump: SOA, API, Frameworks, centralized ESB solution, ETL, metadata, performance and scalability requirements, data protection, backups, business continuity and disaster recovery plans, localizations, PCI DSS, password protection, SSO, credentials management, federated logins, ACL, AD, LDAP, IdM, user roles and profiles, identity management, enterprise architecture ea, redundancy, end user training, reporting interfaces, configuration management, full text search features, system wide central administration dashboard, error handling, reporting and logging in detail, tons of user interface (UI) and usability related (UX) requirements, FAQ, UI customizations, themes, skins, efficient automated stock management and analytics (BI, Data Discovery and Visualization) to support decision making. Extensive documentation. Purchase and sales ledger management with integrations. User ergonomy (for hardware installations), fully automated bookkeeping. Nice long list, nothing new at all.
  • Recommendations? I just received a recommendation from one start-up CEO. He said to me: 'It's obvious that you know your stuff.' - I laughed and asked if I can use this as a recommendation. Yeah, I'll try to know my stuff and acknowledge the risk of Dunning Kruger effect. Many things nowadays go so deep, that you can't realistically know a lot about many things. Because if you know a lot about something, you simply won't have any time to know anything about anything else. So even if I'm spending almost all of my time studying or working, I'll have to acknowledge that it means knowing extremely little about anything. That's what you can also acknowledge when working with specialists. They usually know stuff only from very very narrow sector.
  • Let's Encrypt Public Beta in December. - I hope that I'll have time to get their cert and utilize it for my projects. It remains to be seen how easy to cert renewal process is and how it works out. But if it's well scriptable as it should be, then there shouldn't be any problems making automatic cert refresh every three months. Or even monthly. This is one of the projects that I'm actually excited about. Not because it would be state of art or technically something special. But because it just means so much for the future of the Internet and small site operators.
  • CloudFlare's Universal DNSSEC - is also awesome security feature. Most of sites won't bother to configured DNSSEC, I've got friends who've gone through it and it required serious effort at least for the first time. I don't wonder why most of sites won't bother. But if it's made easy, why wouldn't you want to use it then. Just like the Let's Encrypt project. This is way cool and important for generic Internet security. - Hey NameCheap, fix your DNSSEC support, plz!
  • The Internet of Things (IoT), major security fail. Vulnerable Coffee Machine Demonstrates Brewing Security Challenges Of IoT - Did I expect this? No, I knew it.
  • Reminded my self about Doxing - history & methods and techniques.
  • Reminded my self about Hell banning aka Stealth banning. I've also studied different methods of spam control as well as doing it indirectly using different reputation systems. I guess my friends can implement efficient banning which mostly will work automatically, but in some cases will just require the official moderators, to indirectly moderate the users moderating the content which is also being statistically automatically moderated. Yep, all the tricks learned from Hacker News and Reddit are being utilized.
  • Upgraded one client utilizing utilized multiprocessing.pool.Pool as well as to use asyncio for dealing efficiently a large number of concurrent connections.
  • Why Tor attack matters? - No surprise. Tor never even claimed to protect from powerful attackers whom are able to monitor networks extensively or run significant number of Sybils.
  • Studied Kademlia implementations in detail. Which means also checking source code of Brian Muller's Kademlia DHT implementation In Python ala Twisted. There are a few things I need to figure out still, but I guess that's not going to be hard, when I just focus on it. Also see high level Kademlia API documentation. Yep, just readthedocs as they say.
  • PostgreSQL just keeps getting better. Can't stop loving the project. Now supporting parallel sequential scans. Yet most of my projects are so small I'm not using PSQL but some are using it.
  • Finished again one ERP integration with customer, article, stock, bookkeeping and invoice handling. Yeah, basic mapping, etl, crud stuff, might get boring at times.