I was invited by Adam Lange and Adam Haertle to share my story in “rozmowa KONtrolowana” podcast (in Polish). I’d like to thank both of them and of course all of participants for invitation, leading it, questions and nice way to spend time in familiar, geeky environment :) now - just view/listen to it your favorite format :)
…but tools have to be used responsibly. first of all, short disclaimer - I’d like to make it perfectly clear before we go into this long piece, that I’m a: …big fan of discussing merits of technology and technology overall. I love technology. I believe having opportunity to create networks, solutions that really connect people and give us chance to exchange information is something I could do for the rest of my life, with full focus and commitment. ...
due to COVID-19 outbreak, we’ve been flooded with request to provide assistance with deploying secure connectivity for remote workers. in some organizations number of remote workers grown from 0 to 7000-10000 in week. some others are serving today over 30000, and here at Cisco, we’re working mostly out of home those days (over 100k people!). thanks to help from my fellow engineers and specialists, we were able to publish following guides, related to building and scaling out VPN headends - both hardware and virtual: ...
ARPA, established in 1958, was first and only space agency at that time in United States. to this day it drives fantasies and is unequivocally identified with the emergence of the Internet, but did you know that ARPA (before it became DARPA in 1972) was responsible for underground nuclear testing (as seismology allowed to determine whether other countries somewhere on Earth were conducting their nuclear tests), guerilla warfare (ARPA reps travelled to and stayed in Vietnam, Thailand and Laos long before US under falsifed “proofs” attacked North Vietnam), or development of machine rifle that became what is today known as M-16? ...
…if everyone is trying to make your life harder. couple weeks ago I refreshed my private email server on FreeBSD. for some time spam levels were raising and I had to do something about it. old spamassassin was not handling it accurately enough anymore. enter spamd from OpenBSD. current postfix has built in greylisting server that’s working quite well. for my installation I tuned it a bit, by extending period of time that has to pass from last delivery attempt (to 1200 seconds, which is 20 minutes): ...
during one of the design discussions with one of our Customers, I had a chance to discuss a bit about using anycast to scale out delivery via CDN. unfortunately, as more ads served even on popular sites is malware or even miners for different cryptocoins it begs a question - how should you protect the site you’re maintaining? using reputable CDN is good first step. the other one, i didn’t know about (and it seems to be quite natural if you think about it) is to verify hash of the attached resources. this can give you powerful tool to verify and then take an action before page is loaded to verify images or for example JavaScript. ...
it’s hard to disagree with Bruce’s article. would blockchain-based solution be the best approach here for accounting? accounted access to data, accounted transactions … something must change. we can’t deal properly with data.
…resent encryption. in particular those that were caught red handed doing mass surveillance of its own and foreign citizens. it’s worth to read this article to understand how PR (written by Camerons speech author) is trying to turn everyone using security and encryption to those helping terrorist. it’s enough today to name somebody ’terrorist’ and suddenly every option is on the table. interrogation, wiretapping, dropping bombs or simply investigating without any specific reason is fair call. ...
interesting blog article how to create truly free way of publishing without fear of censorship. it seems that the last reddit problem restarted discussion about free speech and crypto non-repudiation of published content. in the context of rising pressure from US to build backdoors in every equipment, maybe this is some kind of solution? if you think about it… no, actually you no longer need to do so. it was already thought out. there are people believing that bitcoin (protocol, not digital currency) will be basis of all internet communication soon enough. ...