Drupal Mountain Camp : Systems then and now

During the first Drupal Mountain Camp in the wonderful scenery of Davos, I was given the opportunity to talk about the concepts of virtualized systems, containers and how systems have been provisioned during my time on the job.

Several principles of System Design were covered as well as the fact that “new technologies” are maybe not so new anymore, as the name or trend might suggest.

You can view the slides of my presentation at the download link below:

Slides

Download

 

Angelesen #38

Da wären wir mal wieder. 3-2-1 Links der Woche:

And that, kids, is why we call it a “Patch (twitter.com)

:)

deviantony/docker-elk: The ELK stack powered by Docker and Compose. (github.com)

Run the latest version of the ELK (Elasticseach, Logstash, Kibana) stack with Docker and Docker-compose.

Das docker-elk teste ich derzeit gerade. Sieht vielversprechend aus. Und läuft auch mit Metricbeat :)

Drumpf’s cyber-guru Giuliani runs ancient ‘easily hackable website’ (theregister.co.uk)

Giulianisecurity.com, the website for the ex-mayor’s eponymous infosec consultancy firm, is powered by a roughly five-year-old build of Joomla! that is packed with vulnerabilities. Some of those bugs can be potentially exploited by miscreants using basic SQL injection techniques to compromise the server.

Was könnte da wohl schief gehen…?

At the BBC, the launch of in-app vertical video is a step toward connecting with new audiences (niemanlab.org)

Vertical Video? FFS!

Law Enforcement Access to IoT Data (schneier.com)

The particulars of the case are weird. Amazon’s Echo does not constantly record; it only listens for its name. So it’s unclear that there is any evidence to be turned over. But this general issue isn’t going away. We are all under ubiquitous surveillance, but it is surveillance by the companies that control the Internet-connected devices in our lives. The rules by which police and intelligence agencies get access to that data will come under increasing pressure for change.

U.S. Global Entry Program to Start in Switzerland February 1, 2017 (ch.usembassy.gov)

Ambassador Suzan G. LeVine commented: “Having been a user of the Global Entry program for several years now, I personally know that business and leisure travelers alike will appreciate the efficiency and speed with which members can get through the port of entry. This will allow participating travelers from Switzerland to focus on their travel plans and reduce the time spent at passport control.”

Yes!

Simon Sinek on “The Millennial Question” (youtube.com)

15 Minuten über die Millenials, sehr gutes Interview mit Simon Sinek

HTTPS on NYTimes.com (open.blogs.nytimes.com)

This is a significant milestone in the 21-year history of our website, and though it’s taken us some time, we are very excited to share this with our readers.

Grosse Seiten auf HTTPS zu bringen ist nicht einfach. Toll zu sehen, dass die NY Times da vorreiter sind!

Atlassian acquires Trello for $425M (techcrunch.com)

Atlassian today announced that it has acquired project management service Trello for $425 million.

Atlassian hat mal wieder eingekauft.

Angelesen #36

Und da wären wir. Das 2017 ist angebrochen. Die letzten paar Tage habe ich mich morgens zuerst um das Einfeuern der Holzheizung gekümmert, da es sonst ein bisschen kalt gewesen wäre. In den Bergen ist das Neujahr viel unspektakulärer (Mensch lese “leiser”) als in der Stadt.

2017 is not just another prime number (weijr-note.blogspot.ch)

Was 2017 ist und was nicht.

GoPro is going down hard (vowe.net)

No, not only that. Now somebody has decided that you cannot use their existing remote control software without a login to a “GoPro+” account. And you need to be connected to the Internet to do that.

My feeling trying to reconnect to the GoPro last time I used it.

Electricity Map | Live CO2 emissions of the European electricity production (electricitymap.tmrow.co)

Live Karte des europäischen Strom Im- und Export.

Diagnose subito! Und bitte mit Bild! (tagesanzeiger.ch)

DNP will auch rasch eine genaue Diagnose, am besten mit Röntgenbild oder MRI-Scan. Eine umschreibende Beurteilung genügt nicht – dabei läge gerade darin die Stärke der Hausarztmedizin: Es gilt, eine essenzielle Krankheit oder eine schwere Verletzung auszuschliessen, die eine sofortige Therapie nötig machten – um sich dann in folgenden Konsultationen der Diagnose anzunähern, während dazwischen die Zeit heilt.

Grossartiger Artikel geschrieben von einem Hausarzt.

Maslow’s hierarchy of SRE needs (plus.google.com)

Good read!

No Signal: Egypt blocks the encrypted messaging app as it continues its cyber crackdown (techcrunch.com)

Last week Egyptian users raised the alarm about their inability to access the highly encrypted app popular among activists, including important whistleblower Edward Snowden.

If your government tells you that something is wrong when they can’t access your private data you should be very much alarmed!

You Need to Rethink that “Jump Server.” (donjones.com)

This jump server should be destroyed and rebuilt frequently – like, once a day – using automated tooling. Doing so makes it harder for a hacker to take hold. Access to the jump server must be via two-factor authentication (2FA), period, making it harder for a compromised account to insert code onto the server.

Guter Artikel zum oft gepriesenen Jumphost

On reading

Several weeks ago a coworker found me reading a book during my lunch at the office. With quite some surprise in his voice, he said, “You read? I didn’t think about you being a book person.” — Well, I reckon I am a book person.

Now that Alvaro just published a great blog post “Of books read and to be read” I also feel like expressing a few words on reading.

If you know my personally you may know that my daily life has very little routine (except the occasional evening tea). I act on plans but still fail at going to bed early and waking up early, but I believe that’s okay to a certain point. So it does not come to a surprise that I also don’t have a routine which other people adopted like “I read quite a few pages of a novel every evening before going to bed”

The Goal for 2016: “Read more…”

I remember the last few days of 2015 I laid out some goals for 2016. One of this was “read more” as this is a very vague goal and not really measure I then wrote down “Read 20 Books”. Which feels like an insane number for someone who barely finishes two books in a year.

přečíst (read trough) and číst (read)

So what do two Czech words have to do with tackling my goal to read more? Hang in there, we’re getting there. Languages are a marvelous thing and some languages have a way to describe if you finished something or not. In the Czech language, you can actually distinguish between having something read through completely and just read it — which does not imply to have it completely. Before 2016 reading always came with the demand of reading a book completely. I cited Austin Kleon earlier already when I started to keep a list of all the books I like (I switched to Goodreads in the meantime because it helps me keep track of my reading list much better).
Once I realized that it’s okay to not finish a book or to drop a book after some chapters and say “OK, I tried to read this book but it has not been written for me” I became much more relaxed on this topic on not finishing something.

Libraries

The 20 Books reading challenge started out of nowhere and I didn’t really have more than 5 books on my list I that really really wanted to read. So after discussing that with A. we came up with the idea that maybe a visit to the local libraries would be a good idea. And well, she was more than right. I visited the local libraries a lot this year. And not buying the books has a lot of positive things to it:

  • You don’t own the books
    I try to declutter my live and belongings all the time so it’s a good thing not to buy 20+ books a year.
  • You must return the book within 4-6 weeks
    Literally limiting the time you can ‘spend’ with the books helps on getting stuff done and reading them (or decide to drop reading them). If you limit the time you find yourself reading the last 30 pages of a book right next to the counter you will return the book 40 minutes later.
  • Experiment and broaden your horizon
    As I didn’t have a plan on what to read I started trying things out and reading topics which are different to what I do on my day to day base. I  occasionally found myself reading some books on human behavior, architecture, finance and much more. Things that would never have crossed my mind otherwise.
  • Reading and researching
    Once you wander off your home turf you start to research new topics and might end up with new lessons learned from other métiers

And how many books did you read in 2016?

In the end, I got through around 25 books (it might have been more because some books weren’t in the database or simply forgot to keep track of it) and I’m currently finishing one. That makes it 26 out of a goal of 20. Pretty solid in my opinion. You might ask for the goal of 2017? I’m leaning towards 25 books. It’s not a performance sport and the enjoyment of reading needs to persist so stressing on this part would be a bad idea in my opinion.

So go and find a book to read or as Alvaro put it simply:

If like I do, you also love books, then don’t be ashamed of starting reading a book, stopping mid way, and jumping into the next book you are curious about. Some people keep dozens of open tabs in their browsers, and that’s fine. In my case I keep dozen of half read books spread across my house, and that’s fine as well.

Angelesen #35

Da wären wir mal wieder mit ein paar Links. Die ruhigeren Dezembertage habe ich bisher genutzt um ein bisschen mit IOT Sensoren zu experimentieren, mal den Blog zu entstauben und einen meiner alten Server abzuschalten. Ziemlich produktiv oder?

And here we go!

Why Is My NTP Server Costing $500/Year? Part 1 (blog.pivotal.io)

We investigated and discovered our public NTP server was heavily loaded. Over a typical 45-minute period, our instance provided time service to 248,777 unique clients (possibly more, given that a firewall may “mask” several clients), with an aggregate outbound data of 247,581,892 bytes (247 MB). Over the course of a month this traffic ballooned to 332GB outbound traffic, which cost ~$40.

Wenn der NTP Server zum Problem wird.

«Der Kolonialismus hat nie aufgehört» (derbund.ch)

Man kommt nicht von einem Ort, das ist ein mentales Konstrukt. Komme ich aus Bern, weil ich zurzeit hier wohne? Oder aus Berlin, weil ich 24 Jahre da gelebt habe? Das Einzige, was klar ist: Ich komme aus dem Bauch meiner Mutter.

Lesenswertes Interview mit Wilfried N’Sondé

Small Transparent Speaker (kickstarter.com)

The best wireless speaker we can make for you and for the environment.

Den grossen Transparent Speaker von People People habe ich schon länger auf meiner Wunschliste. Jetzt gibt es auch den Small Transparent Speaker :D

Mapping the Shadows of New York City: Every Building, Every Block (nytimes.com)

You’re looking at a map of all of the shadows produced by thousands of buildings in New York City over the course of one day. This inverted view tells the story of the city’s skyline at the ground level.

Für alle GIS-Freunde und Städtebau interessierten.

Furiosa’s Cat Feeder (quinndunki.com)

You might say I’ve won this battle. However I just spent 20 hours armor-plating a cat feeder. I think we know who’s really in control here, don’t we?

How to secure a Cat Feeder. Hillarious!

SSH Config Includes (io.adafruit.com)

OpenSSH version 7.3 introduced a very handy Include feature, which is great for people who have to manage connection info for multiple servers

mágica!!

WEMO SD1 mini pro (wemos.cc)

Das D1 mini pro ist der Nachfolger des D1 mini. Sehr unter dem Radar wurde auch noch der SHT30 Sensor veröffentlicht (welcher scheinbar die bisherigen Temperatur und Feuchtigkeitssensoren ziemlich in den Schatten stellen soll)

Ein Bargespräch in vier Akten. (webspecial.bernerzeitung.ch)

Was Berner wirklich wollen. Was Rechte in der Reitschule machen. Wie träge Menschen Mainstream schaffen.

Das Nachtleben treffend hinterfragt und Diskutiert.

Create an Environmental Monitoring Dashboard (blog.alexellis.io)

Ein Blogpost, welchen ich gefunden habe, während ich mit den Wemos Sensoren rumgespielt habe. Jetzt müsst ich nur noch zuhause irgendwas haben das einen Docker Container 24/7 laufen lässt.

Mit dem Navi im Kofferraum gegen Uber (batz.ch)

  • Fahrer freundlich: Wissen wo ist?
  • Ich habe Ihnen doch die Adresse gegeben!?
  • Fahrer etwas weniger freundlich: Ich meine, wo fahren?
  • Das weiss ich nicht. Deshalb nehme ich ja ein Taxi.
  • Fahrer verwirft die Hände.
  • Haben Sie kein Navi?

Changing lanes (theworldin.com)

Early one Sunday morning, half a century ago, Sweden’s motorists pulled off a deft manoeuvre. September 3rd 1967 was H Day, for Högertrafik (“right traffic”) day. The country, like Britain, had driven mostly on the left since the mid-18th century. But that looked untenable by the 1950s. All its Nordic neighbours were righties, making border crossings tricky.

Voters hated the idea of switching: 83% said nej to it in a referendum in 1955. But politicians don’t always feel bound by plebiscites. In 1963 parliament told a commission to prepare for lane-changing. By 1967 catchy pop songs, stickers, slogans and even special underpants reminded Swedes to turn right.

Mr. Robot Killed the Hollywood Hacker (technologyreview.com)

When hackers hack in Mr. Robot, they talk about it in ways that actual hackers talk about hacking. This kind of dialogue should never have been hard to produce: hacker presentations from Black Hat and Def Con are a click away on YouTube. But Mr. Robot marks the first time a major media company has bothered to make verisimilitude in hacker-speak a priority.

Amen!

Quit Social Media. Your Career May Depend on It. (nytimes.com)

Most social media is best described as a collection of somewhat trivial entertainment services that are currently having a good run. These networks are fun, but you’re deluding yourself if you think that Twitter messages, posts and likes are a productive use of your time.

Regt zum Nachdenken an.

drduh/macOS-Security-and-Privacy-Guide: A practical guide to securing macOS. (github.com)

This is a collection of thoughts on securing a modern Apple Mac computer using macOS (formerly OS X) 10.12 “Sierra”, as well as steps to improving online privacy.

Spannender Guide um OSx mehr abzusichern und die Privacy zu verbessern.