posted Jul 5, 2015, 6:50 PM by Sami Lehtinen
updated Jul 5, 2015, 6:50 PM
Some light stuff during summer vacation.
- Many Samsung SSD drives got badly broken firmware leading to data corruption. Ha! No news, isn't it more or less normal that everything is broken when you start looking things in detail. Often it's just better to accept it, because when you start doing it in the detail, results are often as those are in this case. It just seems to work, and we don't even want to know all the dirty secrets
- Had interesting problem with one VPS server. It has lost it's Internet connectivity. Everything seems to be ok, except IP addresses aren't getting assigned via DHCP. VM ware configuration ok, Windows configuration ok, but yet not working. Strange. Console does work, and I got 'a few' similar servers which all also work correctly. Strange. It's always so fun to troubleshoot more or less random stuff. Here's actually link to the problem with MLD / ICMPv6 / Neighbor Discovery.
- Reminded my self about Explicity Cognestion Notification (ECN), RFC3540 - Reminds me from Source Quench (SQ) messages. - Enabled it on most of servers switching tcp_ecn parameter from 2 to 1.
- Some ISPs seem to have funny attitude about IPv6. They will happily give you /22 subnet for IPv4 but for IPv6 they're only allowing you one /128 address.
- Checked out Open Container Project (OCP) - This is great no it's AWESOME! Now there's really strong coalition (Google, Microsoft, Amazon, Docker) with open governance to create really powerful standard (which is widely supported) containerization technology. Not forgetting small companies like Fujitsu, EMC, HP, Huawei, IBM, Intel, Red Hat, VMware, CoreOS. Container as a Service (CaaS) will be the future of the cloud. Also see runC
- Someone is flooding fake peer information to BitTorrent network - Lol. New attack? Hardly, such attacks are known for P2P networks for ages. First step is NOT TO delegate unconfirmed peer information to whole network. Actually his is exactly what I did for BitMessage at one time. Everything needed to tackle this is to prefer known good nodes and trusting data got from good nodes via peer exchange on relativity basis. So unknown fake peers are quickly left out from 'web of trust'. To deal with this trivial attack requires just a little bit of code to defend against.
- Once again wondered 'normal' server administration style: Disable updates -> because updates cause problems, Open firewall -> because firewalls cause problems, Use default credentials -> because passwords cause problems, Do not allow users to change passwords -> because changing passwords causes problems, Passwords shouldn't expire ever -> because changing passwords causes problems. Phew, nuff said.
- Checked out Minds.com (yet another) social network. My Minds profile. Yep, site is clearly alpha, but working okish.
- Elisa is also starting to offer IPv6 connectivity on mobile via tunneling.
- Something different: Comparison of orbital launch systems, Vega, Falcon Heavy, Long March 5, Ariane 6, OneWeb satellite constellation, Electrically powered spacecraft propulsion, Electrodynamic tether, Magnetic Sail, Photonic laser thruster (Wow, that's complex stuff), Personal reconnaissance satellite - S-400 SAM / S-500 missile
- Google's global surveillance is progressing. Now their goal is to listen and catch all conversations of the world. Not OK, Google! - Good writing about this important topic.
- Eat your own dog food is excellent method. I've found so many bugs during my own usage of LclBd that if someone else would have been reporting those, I would just easily claimed. It's working, you're just doing it wrong. Of course without specifying in detail what's wrong and what's not. Just fixed one Unicode URL spam control issue, where certain Unicode characters caused problems with Google Safe Browsing web API.
- Had some not so interesting loss of network events with Windows. Not amusing at all. Even more debugging is required to locate the problem. Aww.
- Had another day long meeting about change management and process development. There are so many things to consider, which none are new. But ok, let's say it's good to talk about these. Even if anyone who's been working for a long in this sector knows all the usual stuff. Then there's the buy the book and optimal way and then there's the reality with different priorities and people.
- Quickly checked out Google Cloud Repositories
- Problems with OVH Classic seem to be quite unbearable, I re-checked Kimsufi, Vultr, DigitalOcean and RamNode. I'll think I'll try RamNode next.
- Web feels more broken every day? - My view - I think you've just forgotten how things used to be. Like if you encounter BSOD or something, you'll get upset. But do you remember how often Windows 3.1 freeware / shareware apps crashed? When I create web sites, I'll always focus on performance. Like most of pages require just single item to be downloaded and no, I'm not in-lining stuff. I'm just reusing already downloaded stuff. And even amount of that stuff is minimized. Benefit? On slow mobile connection my pages load in under a second, versus many sites which might take minutes(!) yes, that's right to load. I'm sure anyone using NoScript has noticed how full of s*t many popular web sites are today. My sites all load from single domain using HTTPS, no 3rd part junk.
- Yeti DNS Project launched - It's an IPv6 only DNS project supporting DNSSEC.
- Digital Video Recorder (DVR) file system ... Big blocks, simple chaining ... I might write another post about this. Well, thoughts for simple file system for managing data in big blocks to avoid need to defragment. This just came into my mind, because my DVR is at times really loud and seems to be doing some kind of background maintenance tasks, when you would expect it to be quiet. Which practically sound just like defragmention. Tons repeated seeks when nothing should be happening.
- Ubuntu 15.10 Wily Werewolf going to use Python 3.5 default. Finally!
- Quickly checked out line chat app which is perfect Skype replacement.
- I'm following ATHEX 20 closely, it could be possible to get really good investments from Greece with reasonable price. Or maybe not, who knows, what will follow. But I just think there could be a good time to buy when the crisis escalates and money tries to escape. Even if there are good longterm investment possibilities? I've been also discussing this scenario with my trusted friends extensively. It's nice to see how many different arguable scenarios out can get out of this.
- I've been helping my friends to setup their IPv6 connectivity, either using tunnel from HE.net, 6rd, 6to4 or native connection from ISP.
- I just encountered a Finnish company that uses Yubico Yubikey for remote employee authentication. That's nice. Most of companies are still using static passwords.
- Web is getting slower? - Nobody uses you to use websites which are full of junk. As example, LclBd isn't.
I'm starting to build a backlog on these posts again. There might be just a 'dump' post soon again.