Archives for

Cloud Security

A development server recently became compromised, and while this isn’t necessarily a good thing, it does raise awareness and provides impetus to strengthen security measures. Access Control A few axioms: Access control is better through certificates (what you have) than passwords (what you know) Two-factor authentication is better than both (what you have + new knowledge communicated) The point is to be reasonably hardened, but have monitoring which alerts upon compromise (intrusion detection) Regularly conducted penetration testing should help inform the hardening process Encryption is necessary, eventually end-to-end but in any case when logins are being used Apache is a
Read More

SSL, SNI, Certs

HTTPS Everywhere is a wonderful concept, but of course we need functionality first, which means dealing with the whole PKI issue. So, when stuff is located in countries with limited IPv4 addresses, how can this be accomplished? Simply put SNI allows for any number of certificates to work on a single IP address. Basically it extends the HTTPS negotiation protocol to include the domain name. Without that, the connection is made to an IP address first, before the domain name is available. However, there are clients whose support for SNI does not exist, including Blackberry v7.1 and below, Android 2.x
Read More

Open Source Cloud

The day has come when I have confidence it is possible to move off of all third party clouds, with the only exception being social media and social network sites. That is, the wonderful world of email, file sharing and synchronization, and even online document collaboration, can all be supported independent of third party services. Desktop Applications – Open Source Replacements Around 10 years ago I had decided to move off of all possible proprietary third-party applications. This has been largely successful, though there are a few smaller tools I do pay for. In those days the two monsters were
Read More

Style Guide

This is a permanent page about style guides used in writing and for marketing. In particular there two kinds of Style Guides: Brand Style Guide (for product designers, pr types, and all public and corporate communications) Publishing Style Guide (for writers, editors, publishers) These two intersect and the Brand Style Guide should refer to the Publishing Style Guide. Publishing Style Guide This includes all forms of media (text, audio, video, graphics) and includes those elements and forms usually covered by manuals of style. Included are such things as spelling preferences, form of English (American, British, etc.), punctuation (Oxford comma), preferred
Read More

Atom Editor

For Open Source, Atom is a great editor (Brackets is another). But there are still a few warts, and of course plugins must be used for full functionality. All can be installed with: > apm install APPNAME apm install autosave apm install dash apm install language-latex apm install markdown-preview apm install meteor-api apm install meteor-helper apm install meteor-snippets apm install open-last-project apm install sort-lines apm install tree-ignore apm install wordcount Note that for autosave, need to toggle it on in the settings For themes, I am going with the simple Atom Light UI and Solarized Light syntax.
Read More

DNS, Geo, Failover

While there are problems with using DNS for failover of a website, the main problems, for the small businessman, are as follows: Cheap, reliable DNS (preferably two or three different systems, globally located) Easy to edit DNS zones and records Possible redirection to geographically near websites (with multiple sites) Some kind of failover if there is a site failure As someone managing about 50 zones, there are few solutions which are reasonable in price (e.g., $5/mo), and none which provide this kind of failover at the level of DNS, GEO support (geoscaling.com was the last I am aware of), and
Read More

Digital Learning Initiative

Note: this page will be updated as information becomes available There are several issues which are converging into a set of requirements for an online/offline learning platform. I’ll call this the Digital Learning Initiative or DLI (this is the internal name). It will live at learn.southeast.io Some Requirements for DLI Simple and easy to install and manage Ability to add new content, and have content collaboration Localized for Southeast Asian languages Ability to evaluate content Ability for multiple teachers to have access to multiple students, within given courses Ability to work offline in a classroom of up to 50 wifi/clients
Read More

New Year 2015 / 2558

Ah yes, the end of a year and beginning of another. A time to reflect, etc., etc. Well, this year much was accomplished and much was not. Travel, and home life improved. Finances declined. Struggle with workouts, fits and starts. For those not in Cambodia, Laos or Thailand, 2558 is the Buddhist Era (BE) date, which is 543 years ahead of the Common Era calendar.
Read More