TechOpsGuys.com Diggin' technology every day

Just read this from our friends at The Register

“You may not agree, but I believe video will be the basis of all communication going forward,” he told attendees at the Oracle OpenWorld conference in San Francisco. “It’s where we see ourselves going – we no longer make devices that aren’t video-capable.”

I don’t know myself, I personally do not like video calls, the other caller can’t see that your playing a video game, or on the toilet, or driving in your car or whatever. Then there’s the compatibility/interoperability issues,  Apple has this face time thing, then there is Skype, and I think several of the IM clients do video. Skype seems the closest thing to a de facto standard. I use skype all day every day but it’s for text chat (99% of it is work related), maybe a couple times a week do a voice conference call, but video, few times a year at best, for me anyways.

Then I can’t help but think back to all of those Star Trek episodes where the enterprise is struggling to communicate with someone else either over video or over voice, I want to scream JUST SEND A TEXT MESSAGE AND REPEAT IT 5000 TIMES FOR REDUNDANCY! It will take less bandwidth and you’re almost certain to get the message across.

I remember back in my BBS days I came across an archiver called UC2 Ultra Compressor 2. It had some pretty crazy redundancy tricks in it, my memory is very foggy as this was about 20 years ago but there was a couple of times when my modem connection was really bad and my modem program registered literally hundreds of errors uploading and downloading data, but UC2 was able to recover it for me. Send your messages with that kind of redundancy, keep it simple, you don’t need to fill your 140″ flat screen TV on your ship’s bridge with garbled video hoping to get the message across.

“Captain! Please repeat, your last transmission was garbled  … DO YOU READ, Come in captain! We’re not reading you!”

Not only that, but text can be more secure, how many times have you seen Star trek episodes where the crew is talking really softly into their communicator so they aren’t heard by the bad guys. A nanosecond of time used to broadcast a text message is also probably harder to trace than a big burst of data used for video or voice.

Looks like AT&T had their first video phone booths back in the 60s, and slowly companies have tried time and again to do video but it’s never caught on, it’s a solution looking for a problem that really isn’t there. There are times when video is nice, but I don’t see a time coming when video communications will dominate over regular voice, or text or whatever.

It seems the other major social media companies are delaying their IPOs, first Zynga, now Facebook. Even Groupon delayed though it seems they may be going forward now. I know it’s a different situation but every time I heard news of these delays it reminded me of a brief(3 month) time that I had at freeinternet.com, as the bubble was bursting the company was in a hotel meeting hall and the CEO was talking about stuff, the only thing I remember from the meeting was that their investors were delaying their IPO due to “market conditions”, that their investors wanted their “quality companies” to wait till things improved (this was about July 2000 if I recall right).

The conspiracy theorist in me thinks that Groupon is doing anything they can to get their IPO out the door because their model is by far the most shaky and they need to cash out before it’s too late. Zynga not far behind.  Facebook makes some real money at the moment, though the hype doesn’t hold water and I’m sure they hope in 2012 or 2013 they may be luckier.

Joke’s on them though, the economy is still going to be in the crapper in 2012, and 2013, and 2014 and 2015 and probably 2016 and 2017 too.

One thing these IPOs do seem to have an impact on is the local housing market in the bay area, a lot of folks (especially in Palo Alto) are apparently wanting to sell their houses but are holding off until these IPOs to try to get some executive to buy them for big bucks.

Life without a bubble is tough..whether it’s social media, or cloud computing, or the government trying to re-inflate housing (and other assets with low interest rates and stuff) there’s a lot of interest in building another massive bubble.

I’ve caused my share of outages, whether it’s applications, systems, networking, storage. My ratio of fixing outages to causing outages is quite good though, so overall I think I do alright.

But every time I am the cause of an outage it’s hard not to feel guilty in some way right? Even if it was an honest mistake. Was just looking at the local news and they were reporting on the power outage in southern California and Arizona and mentioned an Arizona power company believes an employee working at a sub station is what triggered the cascading failure causing:

• Power outage for up to 5 million people in two states
• Killed the commute for those in San Diego tonight
• Shutting down a San Diego airport
• Closing schools in San Diego tomorrow
• Even a nuclear reactor was taken off line for safety

I’m not sure what kind of person this employee is of course, it may of just been an honest mistake, or they may of not been a mistake maybe they were doing exactly the right thing and something failed, who knows. But I certainly do feel for them, the sheer level of guilt has got to be hard to bare.

But at the same time how many people can brag that they single handedly took out a nuclear reactor?

I suppose the bigger issue is the design of the grid how one fault can cascade to impact so many, it’s reported that the outage has even spread to the northern portion of Mexico as well. Stuff like this really makes me fear the wide scale deployment of the “smart grid” stuff, which I believe will make the grid far, far more vulnerable than it already is today.

Running your own mail server also has it’s humorous points, mainly around SPAM. I love it when people spam me acting as my email administrator (which is obviously me as well) saying my email is about to be cut off unless I download the attachment and run the virus or whatever is in there (compound that with the fact that I run linux and would have to jump through a few hoops to run their virus inside wine or something for it to do anything).

This morning I got a pair of LinkedIn security alerts(addressed to an address LinkedIn has no knowledge of no less) –

LINKEDIN

 Your LinkedIn account has been blocked due to suspicious activity.
 Please Follow this link [1] for details. 

 Thank you for using LinkedIn! 

--The LinkedIn Team
 http://www.linkedin.com/ [2]  

? 2011, LinkedIn Corporation

The ironic part here is Sanitizer ripped out whatever url they were trying to insert to spoof the LinkedIn site – so not only is the text to click on accurate, the link itself is accurate as well, there is no malware site to be seen.

I have Sanitizer attach a log as to what it is doing and this is what it said it did

Sanitizer (start="1314091520"):
 SanitizeFile (filename="unnamed.html, filetype.html",
mimetype="text/html"):
 Match (names="unnamed.html, filetype.html", rule="9"):
 Enforced policy: accept

 Note: Styles and layers give attackers many tools to fool the
 user and common browsers interpret Javascript code found
 within style definitions.

Rewrote HTML tag: >>_div_>_p__DEFANGED_div_>_table style="border-top: 4px solid rgb(51, 153, 204); margin: 0pt auto; max-width: 550px; font-family: arial,sans-serif; font-style: normal; font-variant: normal; font-weight: normal; font-size: 12px; line-height: normal; font-size-adjust: none; font-stretch: normal; -x-system-font: none;" width="550" border="0" cellpadding="0" cellspacing="0"_>_table DEFANGED_style="border-top: 4px solid rgb(51, 153, 204); margin: 0pt auto; max-width: 550px; font-family: arial,sans-serif; font-style: normal; font-variant: normal; font-weight: normal; font-size: 12px; line-height: normal; font-size-adjust: none; font-stretch: normal; -x-system-font: none;" width="550" border=0 cellpadding=0 cellspacing=0_>_h1 style="margin: 5px 0pt; color: rgb(0, 0, 0); font-family: arial; font-style: normal; font-variant: normal; font-weight: bold; font-size: 23px; line-height: normal; font-size-adjust: none; font-stretch: normal; -x-system-font: none;"_>_h1 DEFANGED_style="margin: 5px 0pt; color: rgb(0, 0, 0); font-family: arial; font-style: normal; font-variant: normal; font-weight: bold; font-size: 23px; line-height: normal; font-size-adjust: none; font-stretch: normal; -x-system-font: none;"_>_td valign="top" style="font-family: arial,helvetica,sans-serif; font-style: normal; font-variant: normal; font-weight: normal; font-size: 12px; line-height: normal; font-size-adjust: none; font-stretch: normal; -x-system-font: none;"_>_td valign="top" DEFANGED_style="font-family: arial,helvetica,sans-serif; font-style: normal; font-variant: normal; font-weight: normal; font-size: 12px; line-height: normal; font-size-adjust: none; font-stretch: normal; -x-system-font: none;"_>_p style="margin: 3px auto; width: 550px; font-family: arial,sans-serif; font-style: normal; font-variant: normal; font-weight: normal; font-size: 10px; line-height: normal; font-size-adjust: none; font-stretch: normal; -x-system-font: none; color: rgb(153, 153, 153);"_>_p DEFANGED_style="margin: 3px auto; width: 550px; font-family: arial,sans-serif; font-style: normal; font-variant: normal; font-weight: normal; font-size: 10px; line-height: normal; font-size-adjust: none; font-stretch: normal; -x-system-font: none; color: rgb(153, 153, 153);"_>_div_>_p__DEFANGED_div_>_table style="border-top: 4px solid rgb(51, 153, 204); margin: 0pt auto; max-width: 550px; font-family: arial,sans-serif; font-style: normal; font-variant: normal; font-weight: normal; font-size: 12px; line-height: normal; font-size-adjust: none; font-stretch: normal; -x-system-font: none;" width="550" border="0" cellpadding="0" cellspacing="0"_>_table DEFANGED_style="border-top: 4px solid rgb(51, 153, 204); margin: 0pt auto; max-width: 550px; font-family: arial,sans-serif; font-style: normal; font-variant: normal; font-weight: normal; font-size: 12px; line-height: normal; font-size-adjust: none; font-stretch: normal; -x-system-font: none;" width="550" border=0 cellpadding=0 cellspacing=0_>_h1 style="margin: 5px 0pt; color: rgb(0, 0, 0); font-family: arial; font-style: normal; font-variant: normal; font-weight: bold; font-size: 23px; line-height: normal; font-size-adjust: none; font-stretch: normal; -x-system-font: none;"_>_h1 DEFANGED_style="margin: 5px 0pt; color: rgb(0, 0, 0); font-family: arial; font-style: normal; font-variant: normal; font-weight: bold; font-size: 23px; line-height: normal; font-size-adjust: none; font-stretch: normal; -x-system-font: none;"_>_td valign="top" style="font-family: arial,helvetica,sans-serif; font-style: normal; font-variant: normal; font-weight: normal; font-size: 12px; line-height: normal; font-size-adjust: none; font-stretch: normal; -x-system-font: none;"_>_td valign="top" DEFANGED_style="font-family: arial,helvetica,sans-serif; font-style: normal; font-variant: normal; font-weight: normal; font-size: 12px; line-height: normal; font-size-adjust: none; font-stretch: normal; -x-system-font: none;"_>_p style="margin: 3px auto; width: 550px; font-family: arial,sans-serif; font-style: normal; font-variant: normal; font-weight: normal; font-size: 10px; line-height: normal; font-size-adjust: none; font-stretch: normal; -x-system-font: none; color: rgb(153, 153, 153);"_>_p DEFANGED_style="margin: 3px auto; width: 550px; font-family: arial,sans-serif; font-style: normal; font-variant: normal; font-weight: normal; font-size: 10px; line-height: normal; font-size-adjust: none; font-stretch: normal; -x-system-font: none; color: rgb(153, 153, 153);"_

Links:
------
[1] http://roundcube.linuxpowered.net/linkedin-report.com
[2] http://www.linkedin.com/

So, quite a bit of stuff. Roundcube is a new webmail client I am playing with, so far it’s ok, looks nicer than Squirrelmail in general though not as good as SM in other ways.

The [1] link above I assume might be the malware site – linkedin-report.com. But if I were to click on it I’d just get back to my webmail client.

And just a few minutes ago I got one of those emails that poses as myself threatening to cut off my email – oh so funny!

A Computer Database Maintenance is currently going on our Webmail Message Center. Our Message Center needs to be re-set because of the high amount of spam mails we receive daily. A Quarantine Maintainance will help us prevent this everyday dilemma. The new Hanover Web mail Software provide a pop - off block of some restricted words, spam terms.

To revalidate your mailbox Please Fill the link below:

UserName: ....................................
Old Password:.......................................
New Password:.......................................  

WARNING!!! E-MAIL OWNERS who refuses to upgrade his or her account within
Five days after notification of this update will permanently be deleted
from our data base and can also lead to malfunctioning of the client or
user's account and we will not be responsible for loosing your web mail
account. 

Your response should be sent to admin manager
Email: accountuserhelpdesk@mhost2.net

I read slashdot quite often, mostly for the comments, I post (as AC) maybe once every 3 years, but find the discussions interesting on occasion.

One such discussion was here, where someone was asking for advice as to how best to migrate off of gmail onto their own hosted platform. To me it seemed simple enough, but honestly I could not believe the negative response towards running your own mail server.

First off I’ll say I haven’t run a “corporate” mail server for almost a decade now, I have run several mail relays for companies for applications and stuff. I have been running my own mail server for my own personal (and some family) use for more than a decade, and I run another mail server that has maybe a dozen people on it, left overs from when I ran a small ISP in Washington.

So nothing major. I didn’t get the impression that the poster on slashdot was asking for anything major. But I was seeing people talk about massive headaches with blacklisting, anti spam, having to worry about disaster recovery, data replication, and the constant hand holding and patching of the system to keep it running.

I just didn’t get it. I mean sure it took some effort to set up the system I have which is pretty basic, it really requires minimal maintenance, I have never been blacklisted, really have minimal spam problems (very manageable anyways for me).

My setup is basic as I mentioned:

• Postfix for SMTP – I setup quite a bit of anti spam stuff many, many years ago but really haven’t touched it much at all since.
• SpamAssassin – for – duh – spam. I took some time to integrate this into incoming postfix email and it flags messages as **** SPAM ****  in the subject when something hits the spam filter, I have server side mail filters that move that to a dedicated folder. In all my years I have never noticed a false positive and have never had anyone complain that they can’t email me for a reason related to Spam Assassin flagging their email as Spam. My biggest potential issue with Spam Assasin is I probably get 150 spam (that get past the filters) for every real email I get (I don’t get a lot of email at home excluding mailing lists that I occasionally participate in). So I don’t have much “ham” to train SA with. I haven’t recently tried to determine how much spam is blocked at the various levels but last time I did (many years ago) it was quite a bit.
• Anomy Sanitizer – this does quite a few things such as stripping HTML email, stripping bad attachments etc. I’m sure it goes overboard in a lot of cases, and most users probably wouldn’t like it, stripping HTML email probably causes the most usability issues for me as some emails don’t come in with plain text as well as HTML, so some times I  get email that says “Hey click on this link to unsubscribe (or do some other action – e.g. rate Netflix quality back when I used their stuff)” only to find Sanitizer stripped the html so there is no link to click on, and no url I can copy/paste to the browser. But IMO at least it’s a small price to pay
• Cyrus IMAP 2.1 for IMAP – I started using Cyrus back in 2000 when I migrated a company off of UW IMAP onto Cyrus because it had some more advanced functionality vs Courier at the time (don’t remember what). I’ve stuck to it because it seems to work for me. I create different email addresses for pretty much every organization I deal with and have those go to dedicated IMAP folders (server side – not using filtering, postfix delivers directly to the mailbox), so most of the time I am unsubscribed to 85% of the IMAP “user accounts”, and only subscribe when I need to, email collects silently in the background in the meantime. User accounts is in quotes because I use a single account to access all of the other IMAP accounts (which can be problematic for some email clients because they make certain assumptions that don’t apply to me)
• Squirrelmail for webmail – The UI is basic, hasn’t really changed much since – you guessed it – about 2000 when I first started using it, I have, on occasion looked for alternatives but have not found one (until this slashdot discussion that is) that looked interesting enough to try. One big feature I like about squirrelmail is the ability to have many, many “From” email addresses, and select them from a drop down box. I have upwards of 100 different email accounts(view from the outside world – from my view it’s a single account), I maybe need to send mail “From” from maybe 10-20. So when I compose an email I select which email address to send “From”. Squirrelmail is smart enough if I hit reply on an email someone sent, say to my linkedin@ address, the mail client will automatically select the right “From” email address to use without me having to think about it. Since Sanitizer strips out html from emails I don’t believe I have to worry about XSS bugs in Squirrelmail because it’s all stripped out (but I could be wrong I’m not sure). As a result I haven’t upgraded in eons..

The last time I did major changes to my system was probably 5-6 years ago, those were introducing Spam Assassin to the system, and the more painful process of upgrading from Cyrus 1.x to 2.x (it was an ugly upgrade process).

I don’t use anti virus, never needed it(I integrated anti virus with Sendmail at the one company that I did manage the corporate email servers for back in 2000-2002). A lot of my habits and practices were set up a long time ago and there may very well be better ways to go about things these days(one thing would be to investigate using spamd for anti spam instead of spawning a separate SA process for each message), but what I have works, it doesn’t cause issues, I just don’t understand what some of those people were complaining about when running their own personal mail server.

I also don’t do any sort of calendaring system – never really needed it for personal use.

Sure it requires some setup, and you need to be smart (forward & reverse DNS, you want clean IPs that aren’t blacklisted (easy ways to check that are out there). I saw one guy say the person should get a block of 30-40 IPs and put the mail server in the middle of the block! I mean are you kidding me?

Even back when I ran an ISP with maybe 50-60 users (yes it was a small ISP – back in late 90s mostly), we never had blacklisting or spam problems. Maybe we were lucky I don’t know.

I just couldn’t believe the experiences some of these people were posting. Sure I can understand having those kinds of issues if your running a big mail system for a lot of users, but the impression I got was the original poster was looking to run a setup sort of like mine – a small number of users – or maybe just themselves.

I’ve even gone through the process of migrating my mail system from:

• Office with dedicated T1 lines to..
• Home with DSL connection to ..
• Temporary office with T1 lines while my DSL is moved to ..
• Home with DSL connection to ..
• Co-location to..
• Terremark Cloud (where it runs now) and this weekend to..
• Co-location

And all of the DNS changes and stuff associated with it, for the most part the migrations are pretty painless.

A couple of my users were wondering how I went about moving all of their data and stuff from Washington to Miami in a matter of minutes without them noticing anything, it takes some moderate planning but in the grand scheme of things it’s not that difficult from a technical perspective. Next weekend I’ll be migrating them again from Miami to California – their data resides on a different system from mine.

I just wanted to write about my experience – sure it does take some work – depending on how much functionality  you want  – to initially set  up the system. But in my experience once it is setup, the amount of work to maintain it is minimal.

I like the privacy and control I get with running my own stuff. I sure as hell don’t trust google with my data, they could pay me $100/mo for hosting my email with them and I wouldn’t do it. But for others it may be a good option.

I did use Gmail at the last company I worked at, their corp email was Gmail. I really didn’t like it – but what surprised me the most was how slow the search was. I was expecting anything I searched for would be returned in a fraction of a second but it took much longer (not forever but 10-20x longer than I was originally expecting). I never got used to how they organize their mail, with the tags and stuff. Even after using it for ~8 months I never warmed up to it, probably because there was mini demons in the back of my head screaming at me not to like it because I don’t trust Google, I’m sure that had something to do with it.

But for others maybe it’s the best way, or hotmail, or yahoo, or whatever.. I’ve been hosting my own email for so long I never really used anything else.

The most annoying problem I think I ever came across running my own mail system was not granting Spam Assassin enough memory – sometimes it would puke causing the email to get garbled – it would happen maybe once every 150,000 emails or something (which means maybe 2-3 times per year), I ignored it for a few years finally decided to look into it and found that SA was running out of memory so I gave it more(I think I went from something like granting it 32MB to 128MB), hasn’t happened since.

Do I have disaster recovery? No – don’t need it. If my server goes down for a few hours or a day or whatever, mail is likely queued at the other end (mail is often queued for up to what – 5 days before being dropped from the queue?). What happens if I lose an email? Really not the end of the world. I have had a few times when people say my system rejected their message – and sometimes it does, I wrote (again a long time ago) a lot of regular expression checks to try to detect spam, and sometimes it gets a false positive, so I fix it and move on, it’s rare though(again a few times a year at most). If the email is THAT CRITICAL then if they really can’t get through to me they’ll call. And if I don’t answer(or don’t return the call) and it’s THAT CRITICAL – they’ll call again later.

Of course my co-location/cloud stuff doesn’t run just email – it runs this blog, my basic web sites, DNS, and my new co-location serves as my off site backup with ~3.5TB of usable disk space on the system, I brought the system home last weekend and sync’d up 1.7TB of data to it.

Moral of the story is – if you really want to run your own mail system, don’t be afraid – it’s not THAT hard.

One of the bigger things announced recently was that AT&T and T-Mobile are going to try to merge.

I’m watching an interview on CNBC with some bigwig from some company called Evercore Partners, whom is apparently an advisor in this merger.

Anyways one of the main arguments the guy tried to make (along with AT&T) is spectrum. That there isn’t enough spectrum for all of the wireless data that is out there and this merger will some how make more spectrum magically appear.

First off I have for a long time said that the edge data technology (wired or wireless) just doesn’t scale, period (and when I say scale I mean cost effectively scale you can make it go faster in many cases but then it becomes too expensive for almost everyone out there limiting the market opportunities, of course there are those out there that expect and demand gigabit speeds to their home for $20/mo).

This guy seems to forget that there are tens of millions of people using this spectrum already, giving it, and the customers to AT&T really isn’t going to have much of an impact from a spectrum standpoint. They may be able to drive higher capacity utilization so maybe they get an extra 10-20-25% out of it by segmenting their network better in some way, but the bandwidth available to that spectrum is going to be eaten up so fast customers won’t even notice it was there to begin with.

Both AT&T and T-Mobile have very large footprints in the Seattle area, and with all of the job cuts expected during the merger I suspect it will have a harmful impact on the local economy here.

The only good thing about this merger is at least AT&T picked a compatible technology to merge with (that is GSM to GSM), unlike the Sprint Nextel merger which was of course about as polar opposite technologies as you can get.

I like many believe the merger will hurt competition, specifically because T-Mobile has a someone unique position in the market from a pricing standpoint, and being a national carrier they have a lot of coverage. AT&T tries to bring up all these small regional companies as evidence of competition, but in the grand scheme of things they are just the scraps on the plate. I can’t help but assume the merger will result in T-mobile plans turning into AT&T plans at some point.

What we need is something like sub space communications from Star Trek, where data rates are a billion times faster than they are today that will give us enough buffer to grow in to.

My solution to the bandwidth crunch on mobile? Broadcast TV. Want streaming video on your phone? Stream it from the local TV stations in your area via digital antenna (e.g. don’t use the phone network, don’t use wifi). I’m not aware of phones that have this ability at this point though. Don’t have the content your looking for?  Oh well.

Here’s some more color to my blog.

I saw this on LinkedIn a few minutes ago and couldn’t help but laugh.

What is it with people and certifications? I’ve been following Planet V12n for a year or more now and I swear I’ve never seen so many kids advertise how excited they are that they passed some test or gotten some certification.

Maybe I’m old and still remember the vast number of people out there with really pointless certs like MCSE and CCNA (at least older versions of them maybe they are better now). When interviewing people I purposely gave people negative marks if they had such low level certifications, I remember one candidate even advertising he had his A+ certification, I mean come on!

I haven’t looked into the details behind VMware certification I’m sure the processes taken to get the certs have some value (to VMware who cashes in), but certifications still have a seriously negative stigma with me.

I hope the world of virtualization and “cloud” isn’t in the process of being overrun with unqualified idiots much like the dot com / Y2K days were overrun with MCSEs and CCNAs. What would be even worse if it was the same unqualified idiots as before.

There’s a local shop in my neck of the woods that does VMware training, they do a good job in my opinion, costs less, and you won’t get a certification at the end (but maybe you learn enough to take the test I don’t know). My only complaint about their stuff is they are too Cisco focused on networking and too NetApp focused on storage, would be nice to see more neutral things, but I can understand they are a small shop and can only support so much. NetApp makes a good storage platform for VMware I have to admit, but Cisco is just terrible in every way.