Geek Speak Blogs

cancel
Showing results for 
Search instead for 
Did you mean: 
Create Post

Geek Speak Blogs

Level 13

I really liked this piece by SolarWinds VP of Product Strategy Craig McDonald. It reviews different strategies for database and developer to securely deploy hybrid applications.

Read more...

Read more
0 0 154
Level 17

This edition of the Actuator comes to you from my kitchen, where I'm enjoying some time at home before I hit the road. I'll be at RSA next week, then Darmstadt, Germany the following week. And then I head to Seattle for the Microsoft MVP Summit. This is all my way of saying future editions of the Actuator may be delayed. I'll do my best, but I hope you understand.

As always, here's a bunch of links I hope you will find useful. Enjoy!

It doesn’t matter if China hacked Equifax

No, it doesn't, because the evidence suggests China was but one of many entities that helped themselves to the data Equifax was negligent in guarding.

Data centers generate the same amount of carbon emissions as global airlines

Machine learning, and bitcoin mining, are large users of power in any data center. This is why Microsoft has announced they'll look to be carbon neutral as soon as possible.

Delta hopes to be the first carbon neutral airline

On the heels of Microsoft's announcement, seeing this from Delta gives me hope many other companies will take action, and not issue press releases only.

Apple’s Mac computers now outpace Windows in malware and virus

Nothing is secure. Stay safe out there.

Over 500 Chrome Extensions Secretly Uploaded Private Data

Everything is terrible.

Judge temporarily halts work on JEDI contract until court can hear AWS protest

This is going to get ugly to watch. You stay right there, I'll go grab the popcorn.

How to Add “Move to” or “Copy to” to Windows 10’s Context Menu

I didn't know I needed this until now, and now I'm left wondering how I've lived so long without this in my life.

Our new Sunday morning ritual is walking through Forest Park. Each week we seem to find something new to enjoy.

048F2408-CFE5-4464-8C7A-842A9FFC1832.GIF

Read more
3 27 1,448
Level 17

This week's Actuator comes to you from Austin, as I'm in town to host SolarWinds Lab live. We'll be talking about Database Performance Monitor (nee VividCortex). I hope you find time to watch and bring questions!

As always, here's a bunch of links I hope you find useful. Enjoy!

First clinical trial of gene editing to help target cancer

Being close to the biotech industry in and around Boston, I heard rumors of these treatments two years ago. I'm hopeful our doctors can get this done, and soon.

What Happened With DNC Tech

Twitter thread about the tech failure in Iowa last week.

Analysis of compensation, level, and experience details of 19K tech workers

Wonderful data analysis on salary information. Start at the bottom with the conclusions, then decide for yourself if you want to dive into the details above.

Things I Believe About Software Engineering

There's some deep thoughts in this brief post. Take time to reflect on them.

Smart Streetlights Are Experiencing Mission Creep

Nice reminder that surveillance is happening all around us, in ways you may never know.

11 Reasons Not to Become Famous (or “A Few Lessons Learned Since 2007”)

A bit long, but worth the time. I've never been a fan of Tim or his book, but this post struck a chord.

Berlin artist uses 99 phones to trick Google into traffic jam alert

Is it wrong that I want to try this now?

I think I understand why they never tell me anything around here...

Read more
1 17 918
Level 17

This week's Actuator comes to you from New England where it has been 367 days since our team last appeared in a Super Bowl. I'm still not ready to talk about it, though.

As always, here's a bunch of links I hope you find interesting. Enjoy!

97% of airports showing signs of weak cybersecurity

I would have put the number closer to 99%.

Skimming heist that hit convenience chain may have compromised 30 million cards

Looks like airports aren't the only industry with security issues.

It’s 2020 and we still have a data privacy problem

SPOILER ALERT: We will always have a data privacy problem.

Don’t be fooled: Blockchains are not miracle security solutions

No, you don't need a blockchain.

Google’s tenth messaging service will “unify” Gmail, Drive, Hangouts Chat

Tenth time is the charm, right? I'm certain this one will be the killer messaging app they have been looking for. And there's no way once it gets popular they'll kill it, either.

A Vermont bill would bring emoji license plates to the US

Just like candy corn, here's something else no one wants.

For the game this year I made some pork belly bites in a garlic honey soy sauce.

pastedImage_6.png

Read more
0 20 1,206
Level 17

This week's Actuator comes to you from the suddenly mild January here in the Northeast. I'm taking advantage of the warm and dry days up here, spending time walking outdoors. Being outdoors is far better than the treadmill at the gym.

As always, here's a bunch of links from the internet I hope you will find useful. Enjoy!

Jeff Bezos hack: Amazon boss's phone 'hacked by Saudi crown prince'

I don't know where to begin. Maybe we can start with the idea that Bezos uses WhatsApp, an app known to be unsecured and owned by the unsecured Facebook. I'm starting to think he built a trillion-dollar company by accident, not because he's smart.

New Ransomware Process Leverages Native Windows Features

This is notable, but not new. Ransomware often uses resources available on the machine to do damage. For example, VB macros embedded in spreadsheets. I don't blame Microsoft for saying they won't provide security service for this, but it would be nice if they could hint at finding ways to identify and halt malicious activity.

London facial recognition: Metropolitan police announces new deployment of cameras

Last week the EU was talking about a five-year ban on facial recognition technology. Naturally, the U.K. decides to double down on their use of that same tech. I can't help but draw the conclusion this shows the deep divide between the U.K. and the EU.

Security Is an Availability Problem

I'm not certain, but I suspect many business decision-makers tend to think "that can't happen to us," and thus fail to plan for the day when it does happen to them.

Apple's dedication to 'a diversity of dongles' is polluting the planet

Words will never express my frustration with Apple for the "innovation" of removing a headphone jack and forcing me to buy additional hardware to continue to use my existing accessories.

Webex flaw allowed anyone to join private online meetings - no password required

The last thing I'm doing during the day is trying to join *more* meetings.

Play Dungeons & Deadlines

You might want to set aside some time for this one.

Walking through Forest Park this past Sunday, after a rainstorm the day before and the temperature so perfect to catch the steam coming off the trees.

pastedImage_0.png

Read more
2 34 1,677
Level 17

Back from Austin and home for a few weeks before I head...back to Austin for a live episode of SolarWinds Lab. Last week was the annual Head Geeks Summit, and it was good to be sequestered for a few days with just our team as we map out our plans for world domination in 2020 (or 2021, whatever it takes).

As always, here's a bunch of stuff I found on the internetz this week that I think you might enjoy. Cheers!

Critical Windows 10 vulnerability used to Rickroll the NSA and Github

Patch your stuff, folks. Don't wait, get it done.

WeLeakInfo, the site which sold access to passwords stolen in data breaches, is brought down by the ...

In case you were wondering, the website was allowed to exist for three years before it was finally shut down. No idea what took so long, but I tip my hat to the owners. They didn't steal anything, they just took available data and made it easy to consume. Still, they must have known they were in murky legal waters.

Facial recognition: EU considers ban of up to five years

I can't say if that's the right amount of time; I'd prefer they ban it outright for now. This isn't just a matter of the tech being reliable, it brings about questions regarding basic privacy versus a surveillance state.

Biden wants Sec. 230 gone, calls tech “totally irresponsible,” “little creeps”

Politics aside, I agree with the idea that a website publisher should bear some burden regarding the content allowed. Similar to how I feel developers should be held accountable for deploying software that's not secure, or leaving S3 buckets wide open. Until individuals understand the risks, we will continue to have a mess of things on our hands.

Microsoft pledges to be 'carbon negative' by 2030

This is a lofty goal, and I applaud the effort here by Microsoft to erase their entire carbon footprint since they were founded in 1975. It will be interesting to see if any other companies try to follow, but I suspect some (*cough* Apple) won't even bother.

Google’s Sundar Pichai doesn’t want you to be clear-eyed about AI’s dangers

In today's edition of "do as I say, not as I do", Google reminds us that their new motto is "Only slightly evil."

Technical Debt Is like a Tetris Game

I like this analogy, and thought you might like it as well. Let me know if it helps you.

If you are ever in Kansas City, run, don't walk, to Jack Stack and order the beef rib appetizer. You're welcome.

7_18_13 - 1.jpg

Read more
2 21 1,097
Level 17

In Austin this week for our annual meeting of Head Geeks. The first order of business is to decide what to call our group. I prefer a "gigabyte of Geeks," but I continue to be outvoted. Your suggestions are welcome.

As always, here's a bunch of links from the internet I hope you find interesting. Enjoy!

Facebook again refuses to ban political ads, even false ones

Zuckerberg continues to show the world he only cares about ad revenue, for without that revenue stream his company would collapse.

Scooter Startup Lime Exits 12 Cities and Lays Off Workers in Profit Push

Are you saying renting scooters your customers then abandon across cities *is not* a profitable business model? That's crazy!

Russian journals retract more than 800 papers after ‘bombshell’ investigation

I wish we could do the same thing with blog posts, old and new.

Alleged head of $3.5M crypto mining scam bought stake in nightclub

A cryptocurrency scam? Say it isn't so! Who knew this was even possible?

Ring confirms it fired four employees for watching customer videos

Ah, but only after an external complaint, and *after* their actions were known internally. In other words, these four would still have jobs if not for the external probe.

Tesla driver arrested for flossing at 84 mph on autopilot

Don't judge, we've all been there, stuck in our car and in need of flossing our teeth.

It's helpful for a restaurant to publish their menu outside for everyone to see.

IEBYE5932.JPG

Read more
2 36 1,409
Level 17

Welcome back! I hope y'all had a happy and healthy holiday break. I'm back in the saddle after hosting a wonderful Christmas dinner for 20 friends and family. I had some time off as well, which I used to work a bit on my blog as well as some Python and data science learning.

As usual, here's a bunch of links from the internet I hope you'll find useful. Enjoy!

Team that made gene-edited babies sentenced to prison, fined

I wasn't aware we had reached the point of altering babies' DNA, but here we are.

2019 Data Breach Hall of Shame: These were the biggest data breaches of the year

I expect a longer list from 2020.

Bing’s Top Search Results Contain an Alarming Amount of Disinformation

A bit long, but worth some time and a discussion. I never think about how search engines try to determine the veracity of the websites returned in a search.

Google and Amazon are now in the oil business

File this under "Do as I say, not as I do."

Seven Ways to Think Like a Programmer

An essay about data that warmed my heart. I think a lot of this applies to every role, especially for those of us inside IT.

The other side of Stack Overflow content moderation

Start this post by reading the summary, then take in some of the specific cases he downvoted. The short of it is this: humans are horrible at communicating through texts, no matter what the forum.

This Is How To Change Someone’s Mind: 6 Secrets From Research

If you want to have more success at work, read this post. I bet you can think of previous discussions at work and understand where things went wrong.

For New Year's Eve I made something special - 6 pounds of pork belly bites in a honey soy sauce. They did not last long. No idea what everyone else ate, though.

IMG_3763.JPG

Read more
1 31 1,000
Level 17

I visited the Austin office this past week, my last trip to SolarWinds HQ for 2019. It’s always fun to visit Austin and eat my weight in pork products, but this week was better than most. I took part in deep conversations around our recent acquisition of VividCortex.

I can’t begin to tell you how excited I am for the opportunity to work with the VividCortex team.

Well, maybe I can begin to tell you. Let’s review two data points.

In 2013, SolarWinds purchased Confio Software, makers of Ignite (now known as Database Performance Analyzer, or DPA) for $103 million. That’s where my SolarWinds story begins, as I was included with the Confio purchase. I was with Confio since 2010, working as a sales engineer, customer support, product development, and corporate marketing. We made Ignite into a best of breed monitoring solution that’s now the award-winning, on-prem and cloud-hosted DPA loved by DBAs globally.

The second data point is from last week, when SolarWinds bought VividCortex for $117.5 million. One thing I want to make clear is SolarWinds just doubled down on our investment in database performance monitoring. Anyone suggesting anything otherwise is spreading misinformation.

Through all my conversations last week with members of both product teams one theme was clear. We are committed to providing customers with the tools necessary to achieve success in their careers. We want happy customers. We know customer success is our success.

Another point that was made clear is the VividCortex product will complement, not replace DPA, expanding our database performance monitoring portfolio in a meaningful way. Sure, there is some overlap with MySQL, as both tools offer support for that platform. But the tools have some key differences in functionality. Currently, VividCortex is a SaaS monitoring solution for popular open-source platforms (PostgreSQL, MySQL, MongoDB, Amazon Aurora, and Redis). DPA provides both monitoring and query performance insights for traditional relational database management systems and is not yet available as a SaaS solution.

This is why we view VividCortex as a product to enhance what SolarWinds already offers for database performance monitoring. We’re now stronger this week than we were just two weeks ago. And we’re now poised to grow stronger in the coming months.

This is an exciting time to be in the database performance monitoring space, with 80% of workloads still Earthed. If you want to know about our efforts regarding database performance monitoring products, just AMA.

I can't wait to get started on helping build next-gen database performance monitoring tools. That’s what VividCortex represents, the future for database performance monitoring, and why this acquisition is so full of goodness. Expect more content in the coming weeks from me regarding our efforts behind the scenes with both VividCortex and DPA.

Read more
4 9 764
Level 17

I hope this edition of the Actuator finds you and yours in the middle of a healthy and happy holiday season. With Christmas and New Year's falling on Wednesday, I'll pick this up again in 2020. Until then, stay safe and warm.

As always, here's a bunch of stuff I found on the internet I thought you might enjoy.

Why Car-Free Streets Will Soon Be the Norm

I'm a huge fan of having fewer cars in the middle of any downtown city. I travel frequently enough to European cities and I enjoy the ability to walk and bike in areas with little worry of automobiles.

Microsoft and Warner Bros trap Superman on glass slide for 1,000 years

Right now, one of you is reading this and wondering how to monitor glass storage and if an API will be available. OK, maybe it's just me.

The trolls are organizing—and platforms aren't stopping them

This has been a problem with online communities since they first started; it's not a new problem.

New Orleans declares state of emergency following cyberattack

Coming to a city near you, sooner than you may think.

Facebook workers' payroll data was on stolen hard drives

"Employee wasn’t supposed to take hard drives outside the office..." Security is hard because people are dumb.

A Sobering Message About the Future at AI's Biggest Party

The key takeaway here is the discussion around how narrow the focus is for specific tasks. Beware the AI snake oil salesman promising you their algorithms and models work for everyone. They don't.

12 Family Tech Support Tips for the Holidays

Not a bad checklist for you to consider when your relatives ask for help over the holidays.

Yes, I do read books about bacon. Merry Christmas, Happy Holidays, and best wishes.

Read more
1 30 947
Level 17

Good morning! By the time you read this post, the first full day of Black Hat in London will be complete. I share this with you because I'm in London! I haven't been here in over three years, but it feels as if I never left. I'm heading to watch Arsenal play tomorrow night, come on you gunners!

As always, here's a bunch of links I hope you find interesting. Cheers!

Hacker’s paradise: Louisiana’s ransomware disaster far from over

The scary part is that the State of Louisiana was more prepared than 90% of other government agencies (HELLO BALTIMORE!), just something to think about as ransomware intensifies.

How to recognize AI snake oil

Slides from a presentation I wish I'd created.

Now even the FBI is warning about your smart TV’s security

Better late than never, I suppose. But yeah, your TV is one of many security holes found in your home. Take the time to help family and friends understand the risks.

A Billion People’s Data Left Unprotected on Google Cloud Server

To be fair, it was data curated from websites. In other words, no secrets were exposed. It was an aggregated list of information about people. So, the real questions should now focus on who created such a list, and why.

Victims lose $4.4B to cryptocurrency crime in first 9 months of 2019

Crypto remains a scam, offering an easy way for you to lose real money.

Why “Always use UTC” is bad advice

Time zones remain hard.

You Should Know These Industry Secrets

Saw this thread in the past week and many of the answers surprised me. I thought you might enjoy them as well.

You never forget your new Jeep's first snow.

jeepsnow.jpg

Read more
0 31 800
Level 17

I am back in Orlando this week for Live 360, where I get to meet up with 1,100 of my close personal data friends. If you're attending this event, please find me--I'm the tall guy who smells like bacon.

As always, here are some links I hope you find interesting. Enjoy!

Google will offer checking accounts, says it won’t sell the data

Because Google has proved itself trustworthy over the years, right?

Google Denies It’s Using Private Health Data for AI Research

As I was just saying...

Automation could replace up to 800 million jobs by 2035

Yes, the people holding those jobs will transition to different roles. It's not as if we'll have 800 million people unemployed.

Venice floods: Climate change behind highest tide in 50 years, says mayor

I honestly wouldn't know if Venice was flooded or not.

Twitter to ban all political advertising, raising pressure on Facebook

Your move, Zuck.

California man runs for governor to test Facebook rules on lying

Zuckerberg is doubling down with his stubbornness on political ads. That's probably because Facebook revenue comes from such ads, so ending them would kill his bottom line.

The Apple Card Is Sexist. Blaming the Algorithm Is Proof.

Apple, and their partners, continue to lower the bar for software.

Either your oyster bar has a trough or you're doing it wrong. Lee & Rick's in Orlando is a must if you are in the area.

leeandrick.jpg

Read more
0 33 1,153
Level 13

Omar Rafik, SolarWinds Senior Manager, Federal Sales Engineering

Here’s an interesting article by my colleague Brandon Shopp about improving systems management for Microsoft environments. He explores a range of considerations.

Microsoft offers some of its own monitoring options, such as System Center and Windows Admin Center. Federal IT pros can optimize performance by including additional monitoring strategies such as monitoring Windows servers, Microsoft applications, databases, Hyper-V, Azure, and Office 365.

Monitoring Strategies

Windows Servers

Identifying a performance issue involves understanding what’s not operating efficiently. In a Microsoft environment, this means knowing the operating system isn’t part of the problem.

To gain this knowledge, consider tools capable of focusing on the Windows servers to provide highly-specific information and help pinpoint—or rule out—a server-based issue.

Microsoft Applications

It can be impossible to truly understand application health—and, in turn, performance—without understanding how well Microsoft application services, processes, and components are operating.

To get this critical information, consider a tool that gives the federal IT team the ability to:

•Isolate page-load speeds based on location, application components, or underlying server infrastructure

•Monitor requests per second, throughput, and request wait time

•Identify the root cause of problems by monitoring key performance metrics, including request wait time and SQL query executing time

•Identify which webpage elements are slow and affect overall webpage application performance

A greater understanding of the performance levels of the processes feeding in to and out of applications can prove invaluable when trying to identify higher-level application performance issues.

Databases

Every federal IT pro knows monitoring database performance is a must.

Specifically, be sure to invest in a tool with the ability to troubleshoot performance problems in real-time and historically. The historical perspective will allow the team to identify a baseline, so they can better understand the severity of a slowdown. This perspective will then allow the ability to analyze the database workload to identify inefficiencies. Ideally, the tool of choice will also provide SQL Server index recommendations as well as alerting and reporting capabilities.

Hyper-V

For optimized virtual infrastructure performance, be sure to optimize Microsoft Hyper-V—the company’s virtualization platform.

One of the best ways to do this is by understanding and optimizing the size of virtual machines through capacity planning. It’s also possible to take this even further by predicting the behavior of the virtual environment and solving potential issues before they escalate.

Not all tools will provide these capabilities, so choose wisely.

Azure

Many federal IT pros believe cloud monitoring is in the hands of the cloud provider. Not so. It’s possible—and highly recommended—to monitor the cloud infrastructure and transit to help ensure optimized system and application performance.

For example, a good tool will provide the ability to monitor Azure-based applications with as much visibility as on-premises applications. A better tool will go even further and allow the federal IT pro to measure the performance of each network node inside the cloud and to analyze historical performance data to pinpoint a timeframe if performance has degraded.

Microsoft offers a tool called Azure Monitor, which allows the federal IT pro to collect performance and utilization data, activity and diagnostics logs, and notifications from various Azure resources. Azure Monitor integrates with other analytics and monitoring tools, which is a plus for larger environments supporting a range of different types of products and services from a range of vendors.

For further peace of mind—and to help protect against data loss—look for the ability to back up emails to a secondary location.

Conclusion

Operating in a Microsoft-centric world doesn’t mean the federal IT pro must rely only on Microsoft products and services to help optimize performance. Yes, Microsoft has excellent options. But more out there can go a long way toward ensuring a top-performance environment on site or in the Azure cloud.

Find the full article on our partner DLT’s blog Technically Speaking.

The SolarWinds trademarks, service marks, and logos are the exclusive property of SolarWinds Worldwide, LLC or its affiliates. All other trademarks are the property of their respective owners.

Read more
0 10 541
Level 17

Home this week and getting ready for Microsoft Ignite next week in Orlando. If you're at Ignite, please stop by the booth and say hello. I love talking data with anyone.

As always, here's a bunch of links I found interesting. Enjoy!

Microsoft beats Amazon to win the Pentagon’s $10 billion JEDI cloud contract

The most surprising part of this is an online bookstore thought they were the frontrunner. This deal underscores the difference between an enterprise software company with a cloud, and an enterprise infrastructure hosting company that also sells books.

Google claims it has achieved 'quantum supremacy' – but IBM disagrees

You mean Google would embellish upon facts to make themselves look better? Color me shocked.

Amazon migrates more than 100 consumer services from Oracle to AWS databases

"Amazon doesn't run on Oracle; why should you?"

“BriansClub” Hack Rescues 26M Stolen Cards

Counter-hacking is a thing. Expect to see more stories like this one in the coming years.

Berkeley City Council Unanimously Votes to Ban Face Recognition

Until the underlying technology improves, it's best for us to disallow the use of facial recognition for law enforcement purposes.

China’s social credit system isn’t about scoring citizens — it’s a massive API

Well, it's likely both, and a possible surveillance system. But if it keeps jerks away from me when I travel, I'm all for it.

Some Halloween candy is actually healthier than others

Keep this in mind when you're enforcing the Dad Tax on your kid's candy haul tomorrow night.

Every now and then my fire circle regresses to its former life as a pool.

water-circle.jpg

Read more
1 47 1,398
Level 17

In Austin this week for THWACKcamp. I hope you're watching the event and reading this post later in the day. We tried a new format this year--I hope you enjoy what we built.

As always, here are some links I found interesting this week. Enjoy!

GitHub renews controversial $200,000 contract with ICE

“At GitHub, we believe in empowering developers around the world. We also believe in basic human rights, treating people with respect and dignity, and cold, hard, cash.”

NASA has a new airplane. It runs on clean electricity

I hope this technology doesn't take 30 years to come to market.

Revealed: the 20 firms behind a third of all carbon emissions

Maybe we need to work on electric projects for these companies instead.

WeWork expected to cut 500 tech roles

It seems every week there's another company collapsing under the weight of the absurdity of the business model.

Visa, MasterCard, Stripe, and eBay all quit Facebook’s Libra in one day

I don't understand why they were involved to begin with.

Linus Torvalds isn't concerned about Microsoft hijacking Linux

Microsoft is absolutely a different company. It's good to see Linus acknowledge this.

Elizabeth Warren trolls Facebook with 'false' Zuckerberg ad

Here's a thought - maybe don't allow any political ads on Facebook. That way we don't have to worry about what is real or fake. Of course that can't happen, because Facebook wants money.

The leaves have turned, adding some extra color to the fire circle.

fall.jpg

Read more
1 32 933
Level 17

Can you believe THWACKcamp is only a week away?! Behind the scenes, we start working on THWACKcamp in March, maybe even earlier. I really hope you like what we have in store for you this year!

As always, here are some links I found interesting this week. Enjoy!

Florida man arrested for cutting the brakes on over 100 electric scooters

As if these scooters weren't already a nuisance, now we have to worry about the fact that they could have been tampered with before you use one. It's time we push back on these thing until the service providers can demonstrate a reasonable amount of safety.

Groundbreaking blood test could detect over 20 types of cancer

At first I thought this was an old post for Theranos, but it seems recent, and from an accredited hospital. As nice as it would be to have better screening, it would be nicer to have better treatments.

SQL queries don't start with SELECT

Because I know some of y'all write SQL every now and then, and I want you to have a refresher on how the engine interprets your SELECT statement to return physical data from disk.

Facebook exempts political ads from ban on making false claims

This is fine. What's the worst that could happen?

Data breaches now cost companies an average of $1.41 million

But only half that much for companies with good security practices in place.

Decades-Old Code Is Putting Millions of Critical Devices at Risk

Everything is awful.

How Two Kentucky Farmers Became Kings Of Croquet, The Sport That Never Wanted Them

A bit long, but worth the time. I hope you enjoy the story as much as I did.

Even as the weather turns cold, we continue to make time outside in the fire circle.

fire-circle.JPG

Read more
0 33 909
Level 17

Back from Austin and THWACKcamp filming. Can you believe the event is only two weeks away? I'm excited for what we have in store for you this year. It's a lot of work to pull TC together, but the finished product always makes me smile. Wearing the bee suit helps, too.

As always, here are some links I found interesting this week. Enjoy!

15,000 private webcams left open to snooping, no password required

The manufacturers of these devices should be held accountable. Until actions are taken against the makers, we will continue to have incidents like this.

Microsoft: Customers are entitled to know about federal data requests

Great moment for Microsoft here, stepping forward as an advocate for customer privacy rights.

Crown Sterling Claims to Factor RSA Keylengths First Factored Twenty Years Ago

A silly marketing stunt, and I have no idea why they would do this except the idea that there's no such thing as bad publicity. But I think they're hurting their reputation with stunts like this one.

Doordash Discloses Massive Data Breach That Affected 4.9 Million People

Interesting that new users are not affected. Makes me think perhaps the hackers got hold of an older database, maybe a backup.

The simplest explanation of machine learning you’ll ever read

Next time you're in a meeting and someone brings the machine learning hype, just ask yourself, "Do we need a label maker?"

IBM will soon launch a 53-qubit quantum computer

I'm excited for the possibilities brought about by quantum computing, and cautiously optimistic this won't result in Skynet.

Banks, Arbitrary Password Restrictions and Why They Don't Matter

Great summary of the security issue faced by online banking.

If you ever get the chance to have a beef rib at Terry Black's in Austin, you will not be disappoint:

beef_rib.jpg

Read more
1 33 979
Level 17

Hi there! It's Suzanne again. You might remember me from The Actuator April 10th, where I stepped in for Tom because he was busy "doing things." He's on his way to yet another conference and asked me to help out, as if I don't have enough things to do while he's away. Of course I agreed to do it, but not before I made him promise to build me a fire outside and serve me a cocktail.

So, here are some links I found interesting this week. Hope you enjoy!

People v mosquitos: what to do about our biggest killer

As I sit here in our yard, swatting away mosquitoes, I think it's time for us to eradicate them from the face of the Earth. And if this process involves flamethrowers, sign me up.

Seven Ways Telecommuting Has Changed Real Estate

As someone who managed a co-working space and now works from home as Director of Lead Generation for a real estate team, every one of these points rings true.

WeWork unsecured WiFi exposes documents

Speaking of co-working spaces, WeWork shows how to not do network security properly. I bet the printers in the office are storing every page scanned too! Oh, WeWork (sigh).

The true magic of writing happens in the third draft

For me, the true magic of writing happens during the third cocktail.

Google Says It's Achieved Quantum Supremacy, a World-First: Report

Tom keeps mumbling to me about quantum computing, so I'll include this for him. I'm not worried about Google achieving this, because it's likely they'll kill the product in less than 18 months.

What to Consider About Campus Safety, Wellness

As we start touring campuses with our children, these types of questions become important. Is it wrong to expect your 18-year-old (who's away at school) to check in with you daily? Asking for a friend.

7 Reasons Why Women Speakers Say No to Speaking & What Conference Organizers Can Do About It

Second of a 2-part series that talks about why women turn down speaking engagements. I remember the time Tom arranged for an all-women speaking event, 24 women speakers in total. It took longer to arrange, and the process was more involved, but I was proud he made the effort.

Out for a morning walk last week and we stumbled upon this beautiful view of a pond, with steam rising off. #Exhale

pond.jpg

Read more
3 17 992
Level 17

I don't want to alarm you, but there are only 97 shopping days left until Christmas. Which explains why the local big-box hardware stores already have Christmas decorations out. I'm going to do my best to enjoy the wonderful autumn weather and not think about the snow, ice, and cold I know are heading my way.

As always, here are some links I hope you find interesting. Enjoy!

Mystery database left open turns out to be at heart of a huge Groupon ticket fraud ring

An interesting twist to the usual database-found-left-open-on-the-internet story.

LastPass fixes flaw that leaked your previously used credentials

If you are using LastPass, please update to the latest version.

3 Nonobvious Industries Blockchain is Likely to Affect

I'm not a fan of the Blockchain, but this article speaks about industries that make interesting use cases. Much more interesting than the typical food supply chain examples.

DNA Data Storage

It may be possible to fit all YouTube data in a teaspoon. That sounds great, but the article doesn't talk about how quickly you can retrieve this data.

Check the scope: Pen-testers nabbed, jailed in Iowa courthouse break-in attempt

Talk about having a bad day at work.

Amazon Quantum Ledger Database (QLDB) hits general availability

This is essentially a transaction log, one that grows forever in size, never gets backed up, and is never erased.

Now that MoviePass is dead, can we please start funding sensible businesses?

Probably not.

No, really, it's fine.

rule.JPG

Read more
2 21 953
Level 17

The weather has turned cool as Autumn approaches, and everyone here is in back-to-school mode. In past years, September has been filled with events for me to attend. But this year there are none, giving me more time to enjoy sitting by the fire.

As always, here are some links I hope you find interesting. Enjoy!

More Than Half of U.S. Adults Trust Law Enforcement to Use Facial Recognition Responsibly

The results of this survey by Pew helps show people have no idea what civil liberties mean. You can't say it's acceptable for law enforcement to use this tech to track criminals but not acceptable to track your activities. That's not how this works.

Michigan bans flavored e-cigarettes to curb youth vaping epidemic

Finally, someone stepping forward to take action. My town wouldn't allow an adult bookstore because of the problems it *could* cause, but we have three vaping shops within walking distance of the high school.

Facebook Dating has launched in the United States

What's the worst that can happen?

Hundreds of millions of Facebook users’ phone numbers found lying around on the internet

As I was just saying, it is clear just how much Facebook values your security and privacy.

Ranking Cities By Salaries and Cost of Living

I've never been to Brownsville, but apparently that's where everyone would want to earn a paycheck.

Japanese Clerk Allegedly Stole Over 1,300 Credit Cards By Instantly Memorizing All the Numbers

I'm not even mad, I'm impressed.

Artificial Intelligence Will Make Your Job Even Harder

Interesting take on the dangers of automating away those boring tasks in your daily life.

Was exploring a new bike path and found this view as a result. It's always fun to discover new things not far from home.

bridge.JPG

Read more
1 32 952
Level 17

Today is the 5th annual IT Pro Day, a day created by SolarWinds to recognize the IT pros who keep businesses up and running each and every day, all year long. Five years makes for a nice milestone, but in IT time it’s not. Many of you IT pros reading this likely support systems two or three times as old. 

As an IT pro myself, I know no one ever stops by your desk to say “thanks” for everything working as expected. That’s not the way the world works. I’ve never called to thank my cable company, for example. No, people only contact IT pros for one of two reasons: either something is broken, or something might become broken. And if it’s not something you know how to fix, you’ll still be expected to fix it, and fast.

And thanks to the ever-connected world in which we live, IT pros are responding to calls for help at all hours of the day. Not just work calls either. Family and friends reach out to ask for help with various hardware and software requests. Just a few weeks ago I had to show a friend who was struggling with some data how to create a PivotTable in Excel while sitting around a fire.

IT pros don’t do it for the money. We do it because it sparks joy to help others. Sure, the money helps bring home the bacon, but that’s not our end goal. We want what anyone wants: happy customers. And we make customers happy because we respond to alerts when called, we reduce risk by automating away repetitive tasks, and we fix things fast (and those fixes last, sometimes for years).

Today is the day to say THANK YOU to the IT pro, and even give a #datahug to the ones who had enough time to shower before heading to the office.

Cheers!

Read more
2 9 473
Level 17

Had a great time at VMworld last week. I enjoyed speaking with everyone who stopped by the booth. My next event is THWACKcamp™! I've got a few more segments to film and then the show can begin. I hope to "see" all of you there in October.

As always, here are some links I hope you find interesting. Enjoy!

VMware Embarks on Its Crown Jewel’s Biggest Rearchitecture in a Decade

Some of the news from VMworld last week. Along with their support for most public clouds (sorry Oracle!), VMware is pivoting in an effort to stay relevant for the next five to eight years.

Google says hackers have put ‘monitoring implants’ in iPhones for years

The next time the hipster at the Genius Bar tries to tell me Apple cares about security, I'm going to slap him.

Amazon's doorbell camera Ring is working with police – and controlling what they say

This really does have "private surveillance state" written all over it.

Volocopter’s air taxi performs a test flight at Helsinki Airport

At first I thought this said velociraptor air taxi and now I want one of those, too.

Fraudsters deepfake CEO's voice to trick manager into transferring $243,000

Interesting attack vector with use of deepfake tech. Use this to raise awareness for similar scams, and consider updating company policies regarding money transfers.

About the Twitter CEO '@jack hack'

Good summary of what happened, and how to protect yourself from similar attacks not just on Twitter, but any platform that works in a similar manner.

Employees connect nuclear plant to the internet so they can mine cryptocurrency

What's the worst that could happen?

From the VMworldFest last week, a nice reminder that your documentation should be kept as simple and concise as possible:

beer.JPG

Read more
1 33 873
Level 17

At VMworld this week in San Francisco and enjoying the cooler weather. After three straight years in Las Vegas, it's a nice change. The truth is, this event could be held anywhere, because the #vCommunity is filled with good people who are fun to be around.

As always, here are some links I hope you find interesting. Enjoy!

Major breach found in biometrics system used by banks, UK police and defence firms

"As a precaution, please reset your fingerprints and face, thank you."

California law targets biohacking and DIY CRISPR kits

Not sure we need laws against this or not; after all, we don't have laws against do-it-yourself-dentistry. But we certainly could use some education regarding the use of biohacking and your overall health.

Apple warns its credit card doesn't like leather or denim or other cards

Any other company would be laughed out of existence. With Apple, we just laugh, and then pay thousands of dollars for items we don't need.

VMware is bringing VMs and containers together, taking advantage of Heptio acquisition

One of the many announcements this week, as VMware is looking to help customers manage the sprawl created by containers and Kubernetes.

The surprisingly great idea in Bernie Sanders’s Green New Deal: electric school buses

This is a good idea, which is why it won't happen.

Hackers are actively trying to steal passwords from two widely used VPNs

Please, please, please patch your systems. Stop making excuses. You can provide security AND meet your business SLAs. Is it hard? Yeah. Impossible? Nope.

Company that was laughed offstage sues Black Hat

Well, now I'm laughing, too. You can't expect to get on stage in front of a deeply technical audience, use a bunch of made-up words and marketing-speak, and be taken seriously.

This is my fifth consecutive VMworld, and back in the same city as the first. Lots of memories for me and my journey with the #vCommunity

vm_badge.JPG

Read more
0 34 992
Level 17

Getting ready for VMworld next week in San Francisco. If you're attending, please stop by the booth and say hello. I have some speaking sessions as well as a session in the expo hall. Feel free to come over and talk data or bacon.

As always, here are some links I hope you find interesting. Enjoy!

Supercomputer creates millions of virtual universes

Another example of where quantum computers will help advance research beyond what supercomputers of today can provide.

Amazon's facial recognition mistakenly labels 26 California lawmakers as criminals

This depends on what your definition of "mistake" is.

Younger Americans better at telling factual news statements from opinions

I'd like to see this survey repeated, but with a more narrow focus on age groups. I believe grouping 18-49 as "young" is a bit of a stretch.

Attorney General Barr and Encryption

Good summary of the talking points in the debate about backdoors and encryption.

Loot boxes a matter of "life or death," says researcher

As a parent I have seen firsthand how loot boxes affect children and their habits.

Black Hat: GDPR privacy law exploited to reveal personal data

I wish I had attended this talk at Black Hat, brilliant research into how data privacy laws are making us less safe than we may have thought.

He tried to prank the DMV. Then his vanity license plate backfired big time.

NULLs remain the worst mistake in computer science.

I have walked past, but never into, the Boston Public Library many times. Last week I took the time to go inside and was not disappointed.

boston.JPG

Read more
0 31 1,146
Level 17

Had a wonderful time at Black Hat last week. Next up for me is VMworld in two weeks. If you're reading this and attending VMworld, stop by the booth and say hello.

As always, here are some links I hope you find interesting. Enjoy!

Hospital checklists are meant to save lives — so why do they often fail?

Good article for those of us that rely on checklists, and how to use them properly.

A Framework for Moderation

Brilliant article to help make sense of why content moderation is not as easy as we might think.

With warshipping, hackers ship their exploits directly to their target’s mail room

If you don't have the ability to detect rogue devices joining your network, you're at risk for this attack vector.

Uber, losing billions, freezes engineering hires

That's a lot of money disappearing. Makes me wonder where it's going, because it's not going to the drivers.

Study: Electric scooters aren’t as good for the environment as you think

Oh, maybe Uber is paying millions for research articles to be published. Just kidding. Uber offers scooters as well, as they remain dedicated to making things worse for everyone.

Robot, heal thyself: scientists develop self-repairing machines

What's the worst that can happen?

The World’s Largest and Most Notable Energy Sources

I enjoyed exploring this data set, and I think you might as well. For example, current energy consumption for bitcoin is about 60,000 megawatt hours. That's almost the same daily amount as the entire city of London.

We brought custom black hats to Black Hat, of course. We also brought photobombs by Dez​, apparently.

blackhat.JPG

Read more
1 37 1,279
Level 17

Heading to Las Vegas this week for Black Hat. In preparation, I'm bringing a burner phone, wrapping it and my laptop in foil, and then burning them both when I head to the airport to leave.

As always, here are some links I hope you find interesting. Enjoy!

Woman arrested after Capital One hack spills personal info on 106 million credit card applicants

Secure your S3 buckets, y'all. This is a known attack vector, highlighted here as a "configuration vulnerability."

What We Can Learn from the Capital One Hack

Good summary of details regarding the "configuration vulnerabilities" existing within the open source code deployed by Capital One.

GitHub sued for aiding hacking in Capital One breach

This seems to be a stretch, but it's interesting to note. I'm not certain how GitHub is supposed to recognize leaked data is being stored (it could be fake data), or how they should verify code is secure.

Computer Science Curriculums Must Emphasize Privacy Over Capability

I like the idea, but don't think it's enough. Because most of the folks working in IT aren't CS majors, maybe we should have all fields of study include basic privacy and security information, too.

Google’s File on You is 10 Times Bigger Than Facebook’s — Here’s How to View It

In case you were wondering about the data Google is tracking as you surf the web.

All the best engineering advice I stole from non-technical people

A bit long, but worth your time.

NASA has created food out of thin air and it could be the solution to global hunger

Seems promising, but you'll have my full attention when you create bacon from thin air.

Got tired of mowing grass between the newly planted shrubs, so we built a new border path. At this rate, we won't have any grass to mow by 2021.

border.JPG

Read more
2 46 1,293
Level 17

Had a great stay-cation last week. I made no plans except a quick overnight trip to the beach. It was wonderful doing nothing, catching up on sleep, and enjoying our backyard space. I highly recommend everyone find the time to do nothing; your body, mind, and spirit will thank you.

As always, here are some links I hope you find interesting. Enjoy!

Why the WhatsApp Security Flaw Should Make Enterprise IT Nervous

WhatsApp may be the most flawed application out there right now, owned by a company (Facebook) known to have shoddy security practices. If you are using this app, you are putting yourself, your friends, and your company network at risk.

Netflix: 105 Mil Have Watched One ‘Orange Is the New Black’ Episode

Buried inside this story is the reason I included this link: Netflix is losing customers. This is the story to track over the next 24 months. Netflix has a lot of data, and a lot of smart people. I can't imagine this is the end, but likely a pivot.

You’re very easy to track down, even when your data has been anonymized

Privacy is an illusion, a lie we tell ourselves every day.

Louisiana declares state of emergency after ransomware attacks

"It'll get worse before it gets better." - Dalton

Amazon dominates IaaS cloud services market, small enterprises lose out

No shock here, but AWS is the market leader in IaaS, followed by Azure. But many are surprised to find that Google is 4th, behind Alibaba. I'm certain they exist, but I don't know any company outside of Silicon Valley that uses GCP for production purposes.

Why the dockless scooter industry is going after a repossessor and a bike shop owner

SPOILER ALERT: A DotCom company didn't care how their business would affect anything other than money generated. By advertising the scooters can be "left anywhere," these companies have created a nuisance. I'm glad to see people standing up to the stupid.

Quantum Supremacy Is Coming: Here’s What You Should Know

Long, but good summary of quantum computing for those that haven't taken a dive into those waters yet. I view quantum supremacy as the moment when quantum computing is powerful enough to render all current encryption useless.

"These go to eleven."

Happy, honored, and humbled to have been awarded the Microsoft MVP for the 11th consecutive year.

11th-mvp.JPG

Read more
3 38 1,506
Level 9

Building IT software isn’t always the most secure process. The reason for this is simple economics. Companies can’t always afford to build in the security features software needs to be secure.

Let’s walk through a typical IT software project.

As the IT software project is planned out, the security of the software and the data the software contains is accounted for. But after the initial design of the software comes budget planning. There’s almost a 100% chance that the budget requested by the developers isn’t going to be approved by management. Management typically approves somewhere from 50-80% of the requested budget. This means features need to be cut. The business unit that requested the project will want to keep most if not all of the features they requested. That means the development team is going to need to find somewhere else to cut. Something has to give. In typical cases, the best options for securing the data and various security tests are going to be cut. This means that data that was going to be securely stored encrypted will likely now be stored in plain text. Security testing on the software isn’t going to be done at all, or if it is, it’ll be scaled way back.

While these types of cuts are not uncommon, as IT leaders, we need to make the business case for investing in enhanced security. We need to demonstrate that budget cuts in security end up leading to software that’s less secure than end users deserve. From a business perspective, this leaves the company open to potential data breach issues and the remedies that the states and countries the software is operated in are subject to. In the United States, if the software customers are in California or Massachusetts, there are some data protection laws in place that cover data breaches and data encryption.

The issue with data breaches is that you can’t fix the cause of the problem after the fact. Once customer data has been released to unauthorized parties, it doesn’t matter how much money the company spends or what they do to improve the software to ensure a breach doesn’t happen again. At this point, it’s too late—the customer's data has already been breached, and it’s in the hands of people that shouldn’t have the data. There’s no getting the data back out of the public eye. Once it has been released, there’s simply no putting the genie back in the bottle.

As IT professionals, we need to be building software that isn’t easily breached so customer data isn’t released. The fact that in recent years we’ve heard about problems like databases having blank passwords with millions of customers information sitting in them or files sitting in cloud services with no security is just inexcusable.

While budget will always be a major consideration, security also needs to be a driving factor as we consider software development. We shouldn’t have databases without passwords—it doesn’t matter that the default is no password. We shouldn’t have cloud-based file shares with millions of customer records sitting with no security. Once these breaches happen, there’s no getting the data back.

We have to build more secure platforms and software that don’t have simple, easy-to-correct issues in their configuration. The more we can ingrain this thinking into our organizations, the better off we all will be.

Read more
0 11 967
Level 17

Had a great week in Austin last week, even managed to play some touch rugby with members of Team USA. After a short turnaround at home, I'm in Las Vegas this week for Microsoft Inspire. If you're attending MS Inspire, stop by the booth. You know I'd love to talk data with you.

As always, here are some links I hope you find interesting. Enjoy!

Experiments show dramatic increase in solar cell output

This is an example of a problem that would benefit from advances in quantum computing, as it's difficult to build the research models and simulations necessary with classical computers.

Kindle and Nook readers: You know you don’t own those books, right?

SPOILER ALERT: You don't own your music, either.

There’s a Security Incident in the Cloud: Who’s Responsible?

Good reminder about the need to be clear with the duties, roles, and responsibilities between your office and your cloud service provider. My take is that security is a shared responsibility, and it requires constant conversations as new threats emerge at an accelerated rate these days.

Facebook’s $5 billion FTC fine is an embarrassing joke

Fines should serve as a penalty to a company, not a reward.

No limit: AI poker bot is first to beat professionals at multiplayer game

Well, we've taught the machines how to play games, ones that allow them to earn a living, too. Maybe we could spend some time on things like curing diseases and less on things like predicting stocks.

Zoom Mac flaw allows webcams to be hijacked - because they wanted to save you a click

Secure. Open. Convenient. Pick two.

Google workers can listen to what people say to its AI home devices

At first this story seems horrible, just another example of our trust betrayed by a software giant. But I see it as an acceptable use of customer data, stripped of any personally identifiable information, to make their product better. Now, if users aren't reading their agreements, and don't know what is happening, well... security is a shared responsibility, folks.

When you get a chance to have a run with members of Team USA, you do it, regardless if it is 98F in the shade at 7 p.m. in Austin:

rugby.JPG

FWIW, I'm on vacation next week. The Actuator will return in two weeks, providing I get plenty of rest, bourbon, and bacon. Wish me luck!

Read more
1 37 1,339
Level 17

In Austin this week where the weather is boring, just a constant 97F degrees and bright blue skies. The locals tell me it doesn't really get warm until August. I'm not going to stick around to find out.

As always, here are some links I hope you find interesting, enjoy!

People in Japan are renting cars but not driving them

OK, I would never think about renting a car just to take a nap, because we don't rent cars by the hour here in the U.S. Well, not yet, anyway. And at $4 for 30 minutes, I might think differently.

How the Dutch Made Utrecht a Bicycle-First City

I'm always amazed when cities are able to successfully implement bike lanes into their core. Many European cities make it look so easy. I sometimes think how such designs wouldn't work where I live, and then I realize that they *could* work, if the people wanted it to work. Public transportation is broken for much of America; bike lanes offer a partial solution.

Digital license plates now in 3 states, with more on the way

I honestly don't understand what problem they're trying to solve here. Consumers lose privacy, and pay more for that privilege than using regular license plates.

7-Eleven Japan shut down its mobile payment app after hackers stole $500,000 from users

I've said this before, and I'll say it again. Until we hold developers responsible for building applications with poor security choices, we will continue to have incidents like this one.

British Airways faces record £183 million GDPR fine after data breach

Finally, a fine that might cause a company to rethink how they handle security! Thank you GDPR!

Warning: free hotel wifi is a hacker’s dream

As a frequent traveler I can attest that I am uneasy about public and shared Wi-Fi systems such as those in hotels. In a few weeks I'll be at Black Hat, and will probably wrap all my devices in foil, leave them in my room, and burn them on the way to the airport.

User Inyerface - A worst-practice UI experiment

I know you'll hate me for this one, but I want you to try to understand how the things you build are seen by others.

It's Carny season! The best place for $8 draft beers and $6 fried dough.

carnival.JPG

Read more
1 45 1,583