First site redesign, ever!

13 years is a long time, especially for something to exist on the internet. 13 years ago this October I launched this WordPress powered blog and began mashing out random rants, raves, musings, pictures, and the occasional helpful bit of information.  This site launched on WordPress 2-point-something in 2007, and I have used the same OLD theme ever since then.  The backend has been maintained and I run the latest WordPress 5 release, but the front end has remained steadfast.  I’m a creature of habit in a lot of ways, and that combined with my free time being at a premium these days resulted in the same theme for 13 years. Over the years sticking with the same old style WP theme created some growing pains, but it was always just easier to patch or hack around an issue than redesign. Today that changes and I am launching a whole new look for my blog. Not out of any particular necessity, but more so I think it’s finally time to grow up a bit. It is time for a cleaner look, and a website with a responsive design that actually looks good on mobile devices. Using a modern theme will also make the site much easier to maintain/change/customize going forward, as well as avoid an potential issues that could crop up in future backend updates.  Really, running the same front end for 13 years, and it still being 99% functional from an ever-changing backend is pretty damn impressive to me. Kudos WordPress, kudos.  All of the original features and my long history of posts are still here and still at the same url’s, so everything should function more or less how it did before. It just looks a whole lot nicer now. I’ve even got a couple new blog posts planned out that I will hopefully be posting soon, so stay tuned!

Crowd funding sites have transitioned to full on scams

Seriously, avoid any crowd-funded sites. Kickstarter, Indiegogo, and even things like GoFundMe are hosting full on scams these days.  Some years ago there used to be legit projects and I backed a few and got what I expected.  I’ve only ever had one project not finish, but that’s the risk going in.  However, these days there are straight up scams running unchecked on all of these sites.  I haven’t backed anything in quite some time and have decided I will never be backing anything on these types of sites again.  They have lost all credibility in my opinion.

Pi-hole users are the worst

I’ve noticed a new phenomenon in recent times where a user of a certain product, be it a nas, a switch, a ip camera, wireless ap, or anything else really, posts up questioning why X device is making X number of repeated DNS requests.  Just shut the hell up, seriously. This is normal behavior, it’s how DNS works. The device makes a request and the caching DNS server replies with the answer. This is how DNS has always worked, but these dim bulbs have been given a light in the window to the inner workings of DNS and have suddenly crapped their diapers about it. Also, the thought of offloading a critical network service like DNS to a $30 device is horrifying to me.  But then again, like I said, Pi-hole users are the worst.

Political Spam is not ok

I don’t know why political messages get excluded from Do Not Call Registry penalties, but it’s a bunch of crap. Not only are these calls unwanted and obnoxious, but there is no way to stop them! You can’t block them as they use different numbers every call, and you can’t unsubscribe from them because there is no list, they have your number, and they’re calling it no matter what.
And now… NOW they’re Text Spamming people! So far this elections season, I have received 3 separate spam SMS messages from political candidates. So now not only are they making unwanted calls, but they’re making unwanted texts too. I’ve had psycho-ex’s less clingy than these shady campaigns.
So far, I’ve got:
1 message for Jon Ebel (D)
2 messages for Erik Jones (D)
So, at least I know 2 candidates who will NOT be receiving my vote this fall. Keep it up guys, you’re helping me narrow down my list! ūüėÄ

Taking over from a failure of an IT company

Taking on a new client is a fairly normal occurrence most of the time. It usually goes decently smooth, getting domain and hardware passwords transferred over, sharing knowledge collected over time, making notes of any gotchya’s or unique issues with a client. Every once in a while though taking over a client leads to a complete horror of horrors in discovering how many things were done wrong and what a dangerous position the previous company had left their now former client in.
I’ve been doing this for a decade now and I thought I’d seen it all, but a recent case has proved to me to never underestimate the ability of someone to royally hose things up.
The original reason we were called in was because they had complained of their server freezing up. They had called their IT people 2 weeks ago and they kept getting put off. They were tired of their server freezing so they called us in. What did we find on arrival? A failing hard drive. Something that could have taken down their entire business, and the former IT company put it off for who knows whatever reason?! The good news was the disk was in a raid array, so they had some redundancy, but the failing disk was still causing the server to hang quite frequently. So, we replaced that and rebuilt the array.
The next issue we discovered during array maintenance, and that was a completely dead battery on the controller. So, we replaced the battery.
Next up, the server wasn’t even on a UPS. It was plugged in to the “surge” side (not the battery side) of a UPS, and the UPS wasn’t even big enough to handle the server anyway. So, we got them an appropriately sized UPS.
So, what if the array had died? What if they had lost power and ended up with corruption from a dead array battery and absent UPS? Well, they could have restored from backups, right? HAHAHA! No, no they couldn’t have. The “cloud” backup they were being charged from their previous company wasn’t even backing up any shared files. All of the business’s proprietary data would’ve been GONE. Their cloud backup was only configured to back up the “Program Files” directory, which would’ve been god damn useless in a disaster recovery situation.
While we’re on the subject of billing for services not being provided, we also found that they were getting charged for website hosting. The problem? Their IT company wasn’t hosting their website. They were hosted at another provider in town. The ONLY service their IT company was hosting was public DNS for their site, yet they were billing them at full website price. Nice little scam they had going there, don’t you think?
I wish I could tell you the horrors stopped here, but they don’t.

Read More

A word about Ubiquiti EdgeRouters

EdgeMAX-logoWell, it is 2016 and my Linksys E2000 router that I’ve been using since 2010 and running DD-WRT on was still in use. ¬†It was still a fine router for what I was using it for, but it is starting to show its age. ¬†For one, it didn’t support dual band Wifi (2.4ghz and 5ghz). ¬†A month or so ago I decided to replace the Wifi functionality part of it with a Ubiquiti Unifi AC-AP-Pro to get better coverage and better wireless speeds, both of which were accomplished. ¬†I’ve been pretty impressed with it and Ubiquiti’s controller software that I was becoming interested in some of their other products. ¬†As a coincidence, my local Fiber-to-the-Home ISP announced that they will be rolling out Gigabit fiber access. ¬†Previously, you could only get up to 250mbit. ¬†I was on the 50mbit package, but for the Gig rollout, they’re running a promotion where you can lock in to the Gigabit speeds for as long as you have service with them for only $10/more a month than I was paying for the 50mbit fiber. ¬†So, 20x the bandwidth for $10 more a month is a no-brainer for me. ¬†This meant I had to upgrade my router though. ¬†My Linksys E2000 running DD-WRT was only capable of about 60mbit throughput on the WAN interface due to its aging CPU. ¬†I was already pushing it close with my 50mbit net, but Gigabit would be far too much for it to handle. ¬†So I did some research and ended up selecting the Ubiquiti EdgeRouter Lite. ¬†These are powerful little machines that run Ubiquiti’s EdgeMax OS which is a customized fork of the linux Vyatta routing software suite. ¬†It seemed to have the best bang for the buck features, it was from Ubiqiuiti which I was already interested in and have one of their products, and most importantly it can push FULL gigabit line speed through the WAN!

Read More

Let’s Encrypt!

letsencrypt-logo-horizontalThanks to the¬†Let’s Encrypt project you can now browse my website in glorious https using the free Let’s Encrypt certificate. ¬†It was fairly simply to get the certificate issued and set up the automatic renewal job on the web server. ¬†Let’s Encrypt is providing an interesting service to the masses by making basic https (TLS) encryption free and easily accessible. ¬†In years past SSL certificates would cost hundreds of dollars. ¬†That has changed in recent years with basic certificates coming down to just $5. ¬†But, for sites like this one that I run for fun and don’t make money off of, even $5 seemed like an unnecessary cost and hassle. ¬†Well, Let’s Encrypt virtually eliminates both of those two final barriers. ¬†By providing free certificates issued through their script, there is practically no reason to NOT be running https on your site now. ¬†Thanks Let’s Encrypt ūüôā

Why isn’t everyone doing 2-factor Auth?

17v9nnjz8cwlijpgSeriously, it is 2015 now. ¬†Every big service provider should be supporting some form of 2-factor authentication. ¬†Google is a prime example of the right way to implement this, and everyone should be following their lead. ¬†This weekend I had an email account I hadn’t used in over a year get its password cracked. ¬†The bot then pulled my extremely outdated online address book and sent spam links out to them all. ¬†Fantastic! ¬†So, I changed the password and deleted all of the contacts out of the address book. ¬†Had this provider (cough… AOL …cough) had a 2FA implementation this would have NEVER been able to happen. ¬†Their service wouldn’t have been used to send out spam, and I wouldn’t look like a doofus with an apparently weak password on that old account.

I’ll also add, if you have a service like Google and you’re NOT using 2FA, you need to go set that shit up right now. ¬†It makes your account nearly IMPOSSIBLE to get in to unless the hacker also has your physical device (usually your phone with an app, I recommend Authenticator Plus) to access your account. ¬†Knowing your login name and password alone would never get them in.

Wondering if a service you use supports 2FA or now?  Well, check out this nifty website: https://twofactorauth.org/