Josh Wieder

Big drama today re: the popular messaging app Whisper. Whisper markets itself as anonymous, calling itself “the safest place on the internet”. But The Guardian disagrees. This morning the influential British newspaper published a story alleging that whisper tracks the geographic location of users who have requested that such tracking be disabled - even more alarming, the Guardian claims that Whisper provides location data to the US Department of Defense about Whisper messages sent from military bases, ostensibly to identify whistleblowers. The Guardian also stated that Whisper sends user data to the FBI and MI5. Whisper's terms of service changed after they found out that the Guardian was moving to publish. Now their TOS explicitly allows user tracking regardless of settings. Neetzan Zimmerman , speaking for the Whisper corporate office, has responded with a series of online pronouncements that were full of sound and fury; calling the story a "pack of lies" that w

Getting an opportunity to play with OpenStack effectively can be cost-prohibitive. Particularly for developers looking to integrate Keystone API functionality into their applications - you shouldn't have to build your own OpenStack deployment, or cough up boku bucks. Even if you have the resources, time is irreplaceable. That's where TryStack can come into play. To get going, start by joining the TryStack Facebook group . This is the only down-side to TryStack to my mind. I absolutely *despise* Facebook and everything it stands for. Still, even I managed to reset my long-unused F-Book login to join (they should be rolling out other auth capabilities soon - GitHub is supposed to be next). Within a day Dan Radez with Red Hat had activated my account, and I was able to spin up a couple of servers and got them routing out to the big bad world. Dan has put together a very easy-to-understand instructional video to help with new users: I should make clear that this is on

I try to keep on my toes when it comes to latest distributions of Operating Systems that I use. While I don't use anything bleeding edge that I haven't built with my own hands in production, I like to stay abreast of the latest and greatest.  Windows in in recent years become a drag in this respect. Later iterations have ditched interface features that add nothing to functionality, making adoption a pain, especially for someone in my position that frequently administers servers with a variety of different Windows versions. Thats whats so great about shells - it stays a shell. New features are usually actual features and not visual gimmicks.  So I got myself an early copy of Windows 10. I joined the  Windows Insider Program. I downloaded the  Windows Technical Preview ISO , which you can download by following that link and using the tester  Product Key: NKJFK-GPHP7-G8C3J-P6JXR-HQRJR. I started digging around for some documentation before firing up a VM. And thats when I paus

A few years back - around 2011, Redhat released a Free Cloud server tier to compete with Amazon EC2's offering (IMHO this was an attempt by the big boys to try to annihilate the downside of the market). While EC2 continues to offer free tiny servers, Rackspace bowed out; their minimum offering these days is somewhere around $16 / month. I came across some references to Rackspace continuing to offer free services, b ut this time only to OSS developers . The benefits are great for those who qualify; while it sounds somewhat flexible no doubt depending on the marketing gains to attracting a big name project, even somewhat niche projects are being offered $2000/month in free services . That buys a lot of muscle for the smart consumer. Jesse Noller is the man with the hookup. Send him an email to see what you can get if you meet the requirements.

The Details This is a bit of an old story, but I've found to my unpleasant surprise that the issues surrounding the story are not widely understood or known. Here's the gist: leaks from the US intelligence service have explicilty confirmed that the NSA targets systems administrators that have no ties to terrorism or extremist politics . If you are responsible for building and maintaining networks, the NSA will place you under surveillance both personally or professionally; they will hack your email, social network accounts and cell phone. The thinking behind this alarming strategy is that compromising a sysadmin provides root-level access to systems that enable further surveillance; hack an extremist's computer, and you track just that extremist. Hack a sysadmin's computer, and you can track thousands of users who may include extremists among them (its a strategy that is remarkably similar to the targeting of doctors in war zones ). Five years ago such a lead paragr

A little over two weeks ago I attempted to contact GoDaddy's Abuse contact about malicious scanning coming from a GoDaddy IP. This post will describe how GoDaddy not only ignored my warnings about this criminal use of their IP space, but has allowed this same scammer to use this same IP to exploit legitimate users for years, ignoring numerous warnings from their own customers, industry security experts and even other hosting companies. I will also explore some possible reasons as to why GoDaddy has become a so-called "Bullet-Proof" host; an honor usually reserved for basement "data centers" from Southeast Asia and Eastern Europe. This IP tried to scan my server for Wordpress vulnerabilities, and then tried to scrape some content. The traffic was ham-fisted and amateurish; the kind of traffic that is obviously malicious. The attempt was logged, immediately blacklisted, and forwarded to me. This sort of thing happens all the time. And ordinarily, I am very sym

I have seen indications of periodic connectivity issues impacting Amazon's EC2 Cloud Computing architecture. Personally, I have encountered issues with connecting to Amazon's Yum repository hosts from EC2 instances. Amazon has published Outage notifications of brief connectivity and DNS failures impacting US-EAST-1 Availability zone between October 2nd and October 4th. However, my EC2 instances are within the US-WEST-2 Availability zone and I am experiencing issues today, October 4th 2014 at approximately 11:30 AM EST. For example: # yum provides seinfo Loaded plugins: amazon-id, rhui-lb epel/x86_64/filelists_db         | 4.7 MB  00:00:01 rhui-REGION-rhel-server-optional/7Server/x86_64/filelists_db    | 3.2 MB  00:00:00 https://rhui2-cds01.us-west-2.aws.ce.redhat.com/pulp/repos//content/dist/rhel/rhui/server/7/7Server/x86_64/os/repodata/e5ee2c196ee6525998525a2bf74bb40608dce199-filelists.sqlite.bz2: [Errno 14] HTTPS Error 404 - Not Found T