Blog‎ > ‎

RDS, EFF, Sea Lion, Hacked, Haunted, Criminal, Safe Harbor, Reptuation & Identity Management, Tieke

posted Oct 10, 2015, 10:13 PM by Sami Lehtinen   [ updated Oct 10, 2015, 10:22 PM ]
  • Once again enjoyed problems with Remote Desktop Service aka Terminal Services aka Remote Desktop Protocol,  it's just so enragingly badly done. Thank you Microsoft for all this suffering.
  • Finished reading several articles about digital assets and insurances, etc. How the money  and trade will be done in future on-line markets. One example from OpenBazaar which has been already published.
  • A post by EFF -  France is going to expand their already extensive Internet monitoring & spying.
  • A post by EFF - TPP is going to be bad, as bad as they feared. These are complex things, it's good that they're paying attention. Thanks to Wikileaks.
  • Saw old book in my bookshelf. "Miksi tietojärjestelmäprojekti epäonnistuu" by CxO Mentor Oy. It's a book with lessons learned why ICT projects fail. We all know the reasons way too well. Lack of communication, unclear goals, generic rush to get something done without knowing what should be done and so on. Individual decisions made by independent groups as part of whole, but won't fit with the complete picture of the project etc. All the classic fail reasons. Stockdale paradox, etc. Rushing into production without proper testing because we're late from the original schedule. This is one of my favorites.
  • Wondered security best practices again. Why some rare service should be opened to whole world, when we know exactly the one IP address the client(s) are using? Well, maybe just because it's so hard to type in the one IP address. Yes, business and security as usual.
  • Expressways to the future - Official information is now out, the Sea Lion (C-Lion by Cinia) fiber optic submarine cable (1,172 kilometers) at bottom of Baltic Sea should bring Helsinki only 19.5 milliseconds from Frankfurt (HEL-FRA-HEL) round trip (RRT). So basically this means cutting about 10 milliseconds away from current latency, depending from operator and routing, which translates to 33% - 50% reductio nin RRT depending from several factors. - My personal question is, when ROTACS will be built, if it will be built. I think it's highly likely that it will be built, because there's a clear demand for it. But when, and what the route will be. 
  • I guess that at least Sonera (Telia, TeliaSonera) is going to use that cable (Sea Lion), it should be pretty clear at this point. I guess that it puts pressure on other large players like TDC and Elisa. Yet Elisa isn't working so much internationally, so they're buying their transit from other operators. I'm also pretty sure that D TAG aka DT, DTE DTEGY or Deutsche Telekom aka German Telecom will be using the new submarine optic fiber cable.
  • This is also one of the reasons why I've been recently locating most of servers near Frankfurt (Germany) instead of the traditional location near Amsterdam (Netherlands). In future it seems that Eastern Europe is also building Internet at high pace, so at least Warsaw (Poland) does look like interesting location. I also assume that places like Bucharest and Istanbul are going to get more Data Centers in Future.
  • Here’s why you might get hacked even if you ”don’t have anything worth taking” - In many cases they're not after data. They're just after servers with high resources and excellent Internet connection. Also it's quite worrying aspect. Because if I would be after someones data, I would make sure to give a false impression that I wasn't after the data and only after the server resources. Benefit? The security breach / system intrusion case would probably avoid proper investigation and is easily dismissed as 'nothing serious happened'. It's just so easy to always conclude - Ok, it was some script bots / kids that took over our server resources and mined Bitcoins for a while, nothing serious worth of through investigation happened. Just change password and remove offending processes, right? Just like cleaning up infected workstations with anti-virus software, ehh.
  • Haunted by data - Excellent presentation! I've been asking the very same questions. And I really loved the presentation. More big data science plz? "Switch from the hoarder's mentality of 'keep everything in case it comes in handy' to a minimalist approach of collecting only what you need. " - I'm already doing exactly that.
  • The Internet of criminal things - Yes, everything will be monitoring and spying on you in the future. That does look almost inevitable, it already is. You're being betrayed by your smart phone at least.
  • Followed a lot of discussion around OpenBazaar contracts, Reputation management, Networking protocols, UI design, lot of deeply Bitcoin related tech stuff like multi signatures and OP_RETURN data content usage and so on.
  • It's great that CJEU decided that US, EU data sharing Safe Harbor should be ended. It was all the time clear that US companies do not provide required privacy for European users. - Yet it could also mean that some US services won't be available to EU businesses. As well as individual EU countries will make their own privacy legalization and there won't be single EU wide privacy and data protection legalization, it might bring lot of management burden and drive great business for lawyers. I wish it would be possible to get EU wide standard data privacy / security regulations and legalization.
  • We're Replacing Comments with Something Better - Interesting views how Internet Discussion Forums should work. It seems that many media sites are now closing down their comment sections due to problems with moderation, low quality comments etc. I guess this might boost some discussion platforms to new records. Especially social media benefits, because discussions can't be held on the news site itself, so users have to find alternative methods to share their thoughts.
  • Discussed with friends about decentralized reputation, on-line and Internet identity & reputation management as well as how Web of Trust works with this setting. Long and deep discussion as well as several view points from all aspects. Strong identity, Pseudonyms, Personal Identification, Technologies, Legalization, etc. How to combine pseudonyms on different systems and create a trust relation and so on. Related: Reputation management, Digital Identity, On-line identity management from this data it's also possible to derive Social map aka Sociogram.
  • OpenBazaar private messages also allow P2P OpenPGP encrypted private communication directly between peers using STUN & TURN, nice!
  • Some times if targets are too easy, it really makes you wonder, if those are actually just honey pots waiting for you.
  • TIEKE - Finland, a cyber threat preparedness forerunner? - I really like these posts. Because these prove that at least someone is awake an thinking about these things in this forsaken country.
  • I've been mapping and asking offers from local Internet fiber service providers. It seems that the price scale is absolutely humongous. For basically same service you can easily pay 10x too much (1000%) if you don't ask offers from multiple service providers and negotiate about the price hard. Unfortunately I can't give more information because the offers are confidential. But don't just order a fiber connection, work a little to make it faster / cheaper for same money! Let's see what option I end up with. Maybe I'll write about that later, maybe not.