Category Archives: IT

You’ve heard of Google’s 8.8.8.8…now there’s 9.9.9.9 (a new DNS service from Quad9/IBM)

If you are using Google’s DNS services (i.e., you are using 8.8.8.8 for DNS services), then there is a new provider on the block you should consider: Quad9. The following links detail why you might want it, as well as how to set it up.

We need all the help we can get in dealing with malicious people and computers on the Internet. Glad to see my employer has a role in this.

Advertisements

I create a super simple set of tools to secure your Ubuntu server

And you can get it here: blm849/supersimplehardening: A super simple way to harden your server.

I create a lot of Ubuntu test servers, and I find that as soon as I create a Ubuntu server on a cloud environment, it gets immediately attacked by automated software. This is obviously a concern. A bigger concern is that when I went  searching for recommendations on how to harden such a server, I found  a wide variety of recommendations! It can be hard to know what to do. Still, I needed something. As a result, I created this package of scripts. The scripts do a number of things:

  • prevent direct root login to your server via ssh. This was one of the things I saw consistently happen and once someone cracks the root access on your machine, it’s game over.
  • stop some basic security holes, like IP spoofing
  • download some useful software, like logwatch, ufw and others
  • upgrade all software on the server

This is just a very very limited number of things to prevent attacks. But it is better than nothing.

If you install Apache, PHP, MySQL or other software on your machine, there are even more attacks that will be launched against it. I recommend you get a firewall up and running and at least run logwatch on a regular basis to look for potential attacks being launched against you.

Finally, if it is important for you to secure your server, don’t stop with my scripts. Go out and consult with IT security specialists right away.

Good luck!

What I find interesting in tech, November 2017


Here’s an assortment of 42 links covering everything from Kubernetes to GCP and other cloud platforms to IoT to Machine Learning and AI to all sorts of other things. Enjoy! (Image from the last link)

  1. Prometheus Kubernetes | Up and Running with CoreOS , Prometheus and Kubernetes: DeployingKubernetes monitoring with Prometheus in 15 minutes – some good links on using Prometheus here
  2. Deploying a containerized web application  |  Container Engine Documentation  |  Google Cloud Platform – a good intro to using GCP
  3. How to classify workloads for cloud migration and decide on a deployment model – Cloud computing news – great insights for any IT Architects
  4. IP Address Locator – Where is this IP Address? – a handy tool, especially if you are browsing firewall logs
  5. Find a Google Glass and kick it from the networkDetect and disconnect WiFi cameras in that AirBnB you’re staying in– Good examples of how to catch spying devices
  6. The sad graph of software death – a great study on technical deby
  7. OpenTechSchool – Websites with Python Flask – get started building simple web sites using Python
  8. Build Your Own “Smart Mirror” with a Two-Way Mirror and an Android Device – this was something I wanted to do at some point
  9. Agile for Everybody: Why, How, Prototype, Iterate – On Human-Centric Systems – Medium – Helpful for those new or confused by Agile
  10. iOS App Development with Swift | Coursera – For Swift newbies
  11. Why A Cloud Guru Runs Serverless on AWS | ProgrammableWeb – If you are interested in serverless, this is helpful
  12. Moving tech forward with Gomix, Express, and Google Spreadsheets | MattStauffer.com – using spreadsheets as a database. Good for some
  13. A Docker Tutorial for Beginners – More Docker 101.
  14. What is DevOps? Think, Code, Deploy, Run, Manage, Learn – IBM Cloud Blog – DevOps 101
  15. Learning Machine Learning | Tutorials and resources for machine learning and data analysis enthusiasts – Lots of good ML links
  16. Importing Data into Maps  |  Google Maps JavaScript API  |  Google Developers – A fine introduction into doing this
  17. Machine learning online course: I just coded my first AI algorithm, and oh boy, it felt good — Quartz – More ML
  18. New Wireless Tech Will Free Us From the Tyranny of Carriers | WIRED – This is typical Wired hype, but interesting
  19. How a DIY Network Plans to Subvert Time Warner Cable’s NYC Internet Monopoly – Motherboard – related to the link above
  20. Building MirrorMirror – more on IT mirrors
  21. Minecraft and Bluemix, Part 1: Running Minecraft servers within Docker – fun!
  22. The 5 Most Infamous Software Bugs in History – OpenMind – also fun!
  23. The code that took America to the moon was just published to GitHub, and it’s like a 1960s time capsule — Quartz – more fun stuff. Don’t submit pull requests 🙂
  24. The 10 Algorithms Machine Learning Engineers Need to Know – More helpful ML articles
  25. User Authentication with the MEAN Stack — SitePoint – if you need authentication, read this…
  26. Easy Node Authentication: Setup and Local ― Scotch – .. or this
  27. 3 Small Tweaks to make Apache fly | Jeff Geerling – Apache users, take note
  28. A Small Collection of NodeMCU Lua Scripts – Limpkin’s blog – Good for ESP users
  29. Facebook OCP project caused Apple networking team to quit – Business Insider – Interesting, though I doubt Cisco is worried
  30. Hacked Cameras, DVRs Powered Today’s Massive Internet Outage — Krebs on Security – more on how IoT is bad
  31. Learn to Code and Help Nonprofits | freeCodeCamp – I want to do this
  32. A Simple and Cheap Dark-Detecting LED Circuit | Evil Mad Scientist Laboratories – a fun hack
  33. Hackers compromised free CCleaner software, Avast’s Piriform says | Article [AMP] | Reuters – this is sad, since CCleaner is a great tool
  34. Is AI Riding a One-Trick Pony? – MIT Technology Review – I believe it is and if AI proponents are not smart they will run into another AI winter.
  35. I built a serverless Telegram bot over the weekend. Here’s what I learned. – Bot developers might like this.
  36. Google’s compelling smartphone pitch – Pixel 2 first impressions | IT World Canada News – The Pixel 2 looks good. If you are interested, check this out
  37. Neural networks and deep learning – more ML
  38. These 60 dumb passwords can hijack over 500,000 IoT devices into the Mirai botnet – more bad IoT
  39. If AWS is serious about Kubernetes, here’s what it must do | InfoWorld – good read
  40. 5 Ways to Troll Your Neural Network | Math with Bad Drawings – interesting
  41. IBM, Docker grow partnership to drive container adoption across public cloud – TechRepublic – makes sense
  42.  Modern JavaScript Explained For Dinosaurs – fun

YouTube’s fight with its most extreme creators highlights the problem big IT has on it’s hands

Here’s a really good piece highlighting a big problem the Frightful Five / Big IT have right now with user generated content: YouTube’s messy fight with its most extreme creators – Vox.

Some background is in order. For years, content creators on Youtube (part of Google/Alphabet) have been jacking up the extremism in their videos to get more views. Extremism in all senses of the word, including political extremism. Some do it for Fame, but many do it for Fortune. This was going well for them until….

In March this year, 250 advertisers pulled back from YouTube after reports that ads were appearing on extremist content, including white supremacist videos. As a result, YouTube demonetized a wide range of political content, including videos that didn’t include hate speech but might still be considered controversial by advertisers. Creators called it “the adpocalypse” — they saw their incomes from YouTube evaporate without fully understanding what they’d done wrong or how to avoid demonetization in the future.

And this is the problem for Youtube and other platforms…how to maximize both traffic and profit. For a long time the formula was simple: more extreme videos = more traffic = more profit. Now they are hitting a wall, and advertisers and consumers are fed up.

The question big IT will be struggling with is: how to draw the line? In case you think the line is easy to draw, I recommend you watch the video by Carlos Maza of Vox. He makes a case that it is very difficult, even if at first glance it should be obvious what should be removed.

I don’t think there is a simple answer to this. If anything, it is going to be one of the major political debates of the first part of the 21st century, as global IT companies deal with national laws and policies.

The home speaker / AI market heats up as Sonos makes advances

Sonos One

WIRED has a good review of the latest product from Sonos, here: Sonos One Review: Amazon’s Alexa Is Here, But It Still Has Some Growing Up to Do

What makes this development significant to me is that it signals that Sonos is concerned with Apple and others coming and taking away market share. Sonos has a great line of products already, but Apple is threatening to take a piece of that with their new home speaker with Siri/AI capability. Sonos has beefed up their AI capability to meet the challenge.

I expect that the next big thing in IT will be the vocal interface tied in with a speaker system in some form. I expect we will see them everywhere. Perhaps not for extended communication, but for brief and frequent requests.

If you are an IT person, I recommend you learn more about chatbot technology and how it will integrate with the work you are doing. More and more users will want to be able to communicate with your systems using voice. You need to provide a vocal interface for them to get information and send information.

Most homes will have one device acting as an aural hub. Sonos wants to make sure it is one they make, and not Apple.

Who are The Frightful Five?


According to the New York Times, the Frightful Five are Amazon, Apple, Facebook, Microsoft and Alphabet, Google’s parent company. What makes them frightening?

(The Frightful Five) have experienced astounding growth over the last few years, making them the world’s five most valuable public companies. Because they own the technology that will dominate much of life for the foreseeable future, they are also gaining vast social and political power over much of the world beyond tech.

These companies are getting alot more scrutiny lately. Any organization as wealthy and powerful as they are warrant it. Especially so because we aren’t even certain what impact they have on our societies. I hope the Times and other newspapers continue to give them focus and question their power. And I hope more writers like Scott Galloway examine what these companies do in books like the one he has just written. Most importantly, I hope you continue to seek out information on these companies and question how you interact with them, either directly or indirectly as a member of society.

The iPhone 8 is really the iCamera 8

iphone
Great review of the latest iPhone*, here: The iPhone 8 is a look into the augmented future of photography | TechCrunch. I had heard that the iPhone 8 had a great new camera, but this article really drives that home.

If you are thinking of getting an “8”, this could be the reason you need. On the other hand, if you rarely take photos or don’t care too much about the quality, I think the case for an upgrade gets weaker.

*  I don’t consider the iPhone X the latest phone so much as a promise of where the iPhone is going. To be honest, I think the iPhone X is as much an attempt to celebrate the 10 years of the iPhone and Steve Jobs’s legacy, not unlike the Twentieth Anniversary Macintosh. Not that there is anything wrong with that.