Apps, Latency, VOI, OVH, Tor, Hosting, Integration,

  • We've reached a full circle? I don't know if I should laugh or cry, because one new service is advertising that they've got a #website instead of #app. I guess people are just sick'n'tired of crap apps. It can be dynamically loaded without permanent installation. Wow, that's truly amazing!
  • More network latency alerts. This route looks awesome, from Helsinki to: Stockholm, Frankfurt, and back to Helsinki. Nice. Now we've got 50 millisecond extra latency in "intra Helsinki" routing. The physical distance between the two endpoints is about 3 kilometers. Btw. Elisa is still routing all traffic from Helsinki to UpCloud Helsinki data center via Stockholm, is this where the intelligence agencies say that it would be good idea to give all data to us and this is totally legal way of doing it.
  • VOI Scooters - Classic white list versus blacklist fail. There's region where you can drive with the electric scooters, and it's surrounded by red banned area where you can't leave the scooters. But you know what, they've made the classic mistake. They have marked the areas which are banned, instead of marking the areas which are allowed. Now, if you take the scooter from the allowed area outside the edge banned area, then it's in allowed area again. As example take it with car from large city to rural area tens of kilometers away. Duh, nobody's going to recover it from there, probably.
  • OVH Control Panel, amazing work again. Great confirmation message: "Do you really want to delete these {} entries from the DNS zone?". These? Well said. I really would love to know what I'm deleting, but sure. It's just easier to answer, is THIS ok? If nobody specifies what THIS is. Classic business process, protocol and unclear communication.
  • It's not possible to run IPv6 only Tor-node right now. You can run IPv4 + IPv6 node, but you can't run IPv6 alone. Afaik, that's pretty poor design, and reveals that IPv6 is "afterthought".
  • Just read a long complaint how a hosting company "killed a successful business". - Wait what? - Well, they were using single hosting company for ALL OF THEIR IT needs, including backups. Well, I think I've written about that several times in my blog. Why would anyone give everything to Google, Amazon or Microsoft (or any other company) what if they decide to ruin you. Well, then you're out of luck. How about having proper and tested disaster recovery plan. And of course do not use their proprietary services, which prevent you from relocating quickly. Relocating to new hosting provider should be a tested and quick task. Preferably hours, maybe days, but so what. It's not the end of the world. Except, err, you've failed so bad that it kind of makes me wanting to laugh. But sure, it's a sad story if your business got ruined in the process. - Just think about it, if you're proud to say that we're using provider X for everything. It's something you should be really ashamed and hide, and really not proud at all. That's why I've got always prearranged agreements with at least one backup (usually two) providers. So in case bleep happens, we can at least star the recovery immediately. Ok, it's lot of work and not pretty. But it's nothing permanent and just a temporary bump on track. Also if they're going to suspend any service, I would expect personal call before that happening from the hosting provider. But sure, there are those "bulk providers" who just don't give a bleep about their customers and you can't expect such service. - Also always make sure that whatever happens, the attackers can't destroy the backups. So off-site, and off-line backups are required. Independent isolated systems, which do not allow deleting or overwriting data.
  • More integration solutions, but all I can say about this project is "Palkeet" and "VIA", no further details are available.
  • Studied - Very nice indeed, I like it, just like I like Duplicati. One thing I'm missing from 7-zip is Reed-Solomon erasure coding. Minio features: Erasure Code, Bitrot Protection, Encryption & WORM, Identity Management, Continuous Replication, Global Federation, Multi-Cloud Gateway, Kubernetes - Strangely they say AEAD but they still list AES-CBC, shouldn't that be AES-CBC-HMAC-SHA256 or something to provide that authentication part of AEAD.