If you are using Google’s DNS services (i.e., you are using 188.8.131.52 for DNS services), then there is a new provider on the block you should consider: Quad9. The following links detail why you might want it, as well as how to set it up.
We need all the help we can get in dealing with malicious people and computers on the Internet. Glad to see my employer has a role in this.
And you can get it here: blm849/supersimplehardening: A super simple way to harden your server.
I create a lot of Ubuntu test servers, and I find that as soon as I create a Ubuntu server on a cloud environment, it gets immediately attacked by automated software. This is obviously a concern. A bigger concern is that when I went searching for recommendations on how to harden such a server, I found a wide variety of recommendations! It can be hard to know what to do. Still, I needed something. As a result, I created this package of scripts. The scripts do a number of things:
- prevent direct root login to your server via ssh. This was one of the things I saw consistently happen and once someone cracks the root access on your machine, it’s game over.
- stop some basic security holes, like IP spoofing
- download some useful software, like logwatch, ufw and others
- upgrade all software on the server
This is just a very very limited number of things to prevent attacks. But it is better than nothing.
If you install Apache, PHP, MySQL or other software on your machine, there are even more attacks that will be launched against it. I recommend you get a firewall up and running and at least run logwatch on a regular basis to look for potential attacks being launched against you.
Finally, if it is important for you to secure your server, don’t stop with my scripts. Go out and consult with IT security specialists right away.
Here’s an assortment of 42 links covering everything from Kubernetes to GCP and other cloud platforms to IoT to Machine Learning and AI to all sorts of other things. Enjoy! (Image from the last link)
- Prometheus Kubernetes | Up and Running with CoreOS , Prometheus and Kubernetes: Deploying – Kubernetes monitoring with Prometheus in 15 minutes – some good links on using Prometheus here
- Deploying a containerized web application | Container Engine Documentation | Google Cloud Platform – a good intro to using GCP
- How to classify workloads for cloud migration and decide on a deployment model – Cloud computing news – great insights for any IT Architects
- IP Address Locator – Where is this IP Address? – a handy tool, especially if you are browsing firewall logs
- Find a Google Glass and kick it from the network – Detect and disconnect WiFi cameras in that AirBnB you’re staying in– Good examples of how to catch spying devices
- The sad graph of software death – a great study on technical deby
- OpenTechSchool – Websites with Python Flask – get started building simple web sites using Python
- Build Your Own “Smart Mirror” with a Two-Way Mirror and an Android Device – this was something I wanted to do at some point
- Agile for Everybody: Why, How, Prototype, Iterate – On Human-Centric Systems – Medium – Helpful for those new or confused by Agile
- iOS App Development with Swift | Coursera – For Swift newbies
- Why A Cloud Guru Runs Serverless on AWS | ProgrammableWeb – If you are interested in serverless, this is helpful
- Moving tech forward with Gomix, Express, and Google Spreadsheets | MattStauffer.com – using spreadsheets as a database. Good for some
- A Docker Tutorial for Beginners – More Docker 101.
- What is DevOps? Think, Code, Deploy, Run, Manage, Learn – IBM Cloud Blog – DevOps 101
- Learning Machine Learning | Tutorials and resources for machine learning and data analysis enthusiasts – Lots of good ML links
- Machine learning online course: I just coded my first AI algorithm, and oh boy, it felt good — Quartz – More ML
- New Wireless Tech Will Free Us From the Tyranny of Carriers | WIRED – This is typical Wired hype, but interesting
- How a DIY Network Plans to Subvert Time Warner Cable’s NYC Internet Monopoly – Motherboard – related to the link above
- Building MirrorMirror – more on IT mirrors
- Minecraft and Bluemix, Part 1: Running Minecraft servers within Docker – fun!
- The 5 Most Infamous Software Bugs in History – OpenMind – also fun!
- The code that took America to the moon was just published to GitHub, and it’s like a 1960s time capsule — Quartz – more fun stuff. Don’t submit pull requests 🙂
- The 10 Algorithms Machine Learning Engineers Need to Know – More helpful ML articles
- User Authentication with the MEAN Stack — SitePoint – if you need authentication, read this…
- Easy Node Authentication: Setup and Local ― Scotch – .. or this
- 3 Small Tweaks to make Apache fly | Jeff Geerling – Apache users, take note
- A Small Collection of NodeMCU Lua Scripts – Limpkin’s blog – Good for ESP users
- Facebook OCP project caused Apple networking team to quit – Business Insider – Interesting, though I doubt Cisco is worried
- Hacked Cameras, DVRs Powered Today’s Massive Internet Outage — Krebs on Security – more on how IoT is bad
- Learn to Code and Help Nonprofits | freeCodeCamp – I want to do this
- A Simple and Cheap Dark-Detecting LED Circuit | Evil Mad Scientist Laboratories – a fun hack
- Hackers compromised free CCleaner software, Avast’s Piriform says | Article [AMP] | Reuters – this is sad, since CCleaner is a great tool
- Is AI Riding a One-Trick Pony? – MIT Technology Review – I believe it is and if AI proponents are not smart they will run into another AI winter.
- I built a serverless Telegram bot over the weekend. Here’s what I learned. – Bot developers might like this.
- Google’s compelling smartphone pitch – Pixel 2 first impressions | IT World Canada News – The Pixel 2 looks good. If you are interested, check this out
- Neural networks and deep learning – more ML
- These 60 dumb passwords can hijack over 500,000 IoT devices into the Mirai botnet – more bad IoT
- If AWS is serious about Kubernetes, here’s what it must do | InfoWorld – good read
- 5 Ways to Troll Your Neural Network | Math with Bad Drawings – interesting
- IBM, Docker grow partnership to drive container adoption across public cloud – TechRepublic – makes sense
Posted in IT
Tagged AI, cloud, computers, GCP, IOT, IT, Kubernetes, machinelearning, MEAN, ML, nodeJS
Here’s a really good piece highlighting a big problem the Frightful Five / Big IT have right now with user generated content: YouTube’s messy fight with its most extreme creators – Vox.
Some background is in order. For years, content creators on Youtube (part of Google/Alphabet) have been jacking up the extremism in their videos to get more views. Extremism in all senses of the word, including political extremism. Some do it for Fame, but many do it for Fortune. This was going well for them until….
In March this year, 250 advertisers pulled back from YouTube after reports that ads were appearing on extremist content, including white supremacist videos. As a result, YouTube demonetized a wide range of political content, including videos that didn’t include hate speech but might still be considered controversial by advertisers. Creators called it “the adpocalypse” — they saw their incomes from YouTube evaporate without fully understanding what they’d done wrong or how to avoid demonetization in the future.
And this is the problem for Youtube and other platforms…how to maximize both traffic and profit. For a long time the formula was simple: more extreme videos = more traffic = more profit. Now they are hitting a wall, and advertisers and consumers are fed up.
The question big IT will be struggling with is: how to draw the line? In case you think the line is easy to draw, I recommend you watch the video by Carlos Maza of Vox. He makes a case that it is very difficult, even if at first glance it should be obvious what should be removed.
I don’t think there is a simple answer to this. If anything, it is going to be one of the major political debates of the first part of the 21st century, as global IT companies deal with national laws and policies.
WIRED has a good review of the latest product from Sonos, here: Sonos One Review: Amazon’s Alexa Is Here, But It Still Has Some Growing Up to Do
What makes this development significant to me is that it signals that Sonos is concerned with Apple and others coming and taking away market share. Sonos has a great line of products already, but Apple is threatening to take a piece of that with their new home speaker with Siri/AI capability. Sonos has beefed up their AI capability to meet the challenge.
I expect that the next big thing in IT will be the vocal interface tied in with a speaker system in some form. I expect we will see them everywhere. Perhaps not for extended communication, but for brief and frequent requests.
If you are an IT person, I recommend you learn more about chatbot technology and how it will integrate with the work you are doing. More and more users will want to be able to communicate with your systems using voice. You need to provide a vocal interface for them to get information and send information.
Most homes will have one device acting as an aural hub. Sonos wants to make sure it is one they make, and not Apple.
Posted in IT
Tagged AI, apple, chatbots, IT, Sonos
Great review of the latest iPhone*, here: The iPhone 8 is a look into the augmented future of photography | TechCrunch. I had heard that the iPhone 8 had a great new camera, but this article really drives that home.
If you are thinking of getting an “8”, this could be the reason you need. On the other hand, if you rarely take photos or don’t care too much about the quality, I think the case for an upgrade gets weaker.
* I don’t consider the iPhone X the latest phone so much as a promise of where the iPhone is going. To be honest, I think the iPhone X is as much an attempt to celebrate the 10 years of the iPhone and Steve Jobs’s legacy, not unlike the Twentieth Anniversary Macintosh. Not that there is anything wrong with that.