The Wiert Corner – irregular stream of stuff

Jeroen W. Pluimers on .NET, C#, Delphi, databases, and personal interests

  • My work

  • My badges

  • Twitter Updates

  • My Flickr Stream

    20140508-Delphi-2007--Project-Options--Cannot-Edit-Application-Title-HelpFile-Icon-Theming

    20140430-Fiddler-Filter-Actions-Button-Run-Filterset-now

    20140424-Windows-7-free-disk-space

    More Photos
  • Pages

  • All categories

  • Enter your email address to subscribe to this blog and receive notifications of new posts by email.

    Join 1,714 other followers

Archive for the ‘Opinions’ Category

Learn to fail – Changing our attitude towards failure – booking.com

Posted by jpluimers on 2017/01/12

TL;DR:

By accepting that failing is part of learning, we decrease our fear of failure and become more willing to experiment with new ideas. As we experiment and seek feedback, we will see how this benefits our customers, by creating a great product that is built on data and not opinions. Innovation won’t happen without failure. We must embrace it to continue learning and grow!

I highly recommend reading the full text by Yolanda van Kimmenade with lots of nice quotes: Changing our attitude towards failure

–jeroen

via: From the Wile E. Coyote-Dept: “Changing our attitude towards failure”, The Booking Blog about fail. – Kristian Köhntopp – Google+

Posted in Development, Opinions, Power User, Software Development | 1 Comment »

Everything Is Broken — The Message — Medium

Posted by jpluimers on 2016/12/31

Nice end-of-the-year reading:

Once upon a time, a friend of mine accidentally took over thousands of computers. He had found a vulnerability in a piece of software and…

Source: Everything Is Broken — The Message — Medium

–jeroen

Posted in Opinions | Leave a Comment »

Organizational Doxing – Schneier on Security

Posted by jpluimers on 2016/12/26

X-mas day 2 thought:

best defense might be to refrain from doing things that don’t look good on the front pages of the world’s newspapers

Source: Organizational Doxing – Schneier on Security

–jeroen

via: »Organizations are increasingly getting hacked, and not by criminals wanting to steal credit card numbers or account information in order to commit fraud,… – Kristian Köhntopp – Google+

Posted in About, LifeHacker, Opinions, Personal, Power User | Leave a Comment »

The IoT strikes back again: half a million IoT devices killed DYN DNS for hours, but fixing this will be hard

Posted by jpluimers on 2016/10/22

Less than a month after The IoT strikes back: 650 Gigabit/second and 1 Terabit/second attacks by IoT devices within a week the IoT struck back again: an estimated half a million IoT devices was used to perform multiple DDoS attacks against Dyn Managed DNS that took around 11 hours to resolve.

Google DNS appears to

Google DNS appears to “live” near me in Amsterdam

High availability usually involves a mix of DNS TTL and/or BGP routing. That’s typically how CDN providers like Cloudflare work (it’s one of the reasons that global DNS servers like Google’s 8.8.8.8 appear near to you and over time routes – some MPLS – to it change). Short DNS TTL can help CDN, requires a very stable DNS infrastructure and is similar to but different fromFast Flux network.

Last months attacks were on a security researcher and a single ISP. The Dyn DNS attack affected even more internet services (not just sites like Twitter, WhatsApp, AirBnB and Github). So I’m with Bruce Schneier that Someone Is Learning How to Take Down the Internet.

Handling these attacks is hard as the DDoS mitigation firms simply cannot handle the sudden increase of attack sizes yet. BCP38 should be part of mitigation, but the puzzle is big and fixing it won’t be easy though root-causes of bugs change as a lot of research is in progress.

I’m not alone in expecting it to get worse though before getting better.

On the client side, I learned that many users could cope by changing their DNS servers to either of these Public DNS Servers:

  • OpenDNS 208.67.222.222, 208.67.220.220, 208.67.222.220, 208.67.220.222
    • OpenDNS does a good job of handing “last known good” IPs when they can’t resolve.
  • Google Public DNS 8.8.8.8, 8.8.4.4
  • Level 3 DNS 4.2.2.1, 4.2.2.2, 4.2.2.3, 4.2.2.4, 4.2.2.5, 4.2.2.6

Some more interesting tidbits on the progress and mitigation on this particular attack are the over time heat-maps of affected regions and BGP routing changes below.

Read the rest of this entry »

Posted in DNS, Internet, IoT Internet of Things, Network-and-equipment, Opinions, Power User | Leave a Comment »

Graphical emoji are killing Unicode

Posted by jpluimers on 2016/08/05

Unicode is about Glyphs that are used in writing. Have you ever seen the emoji on the right being written like this?

This has been bothering me a while and gets worse over time.

According to: Microsoft just changed its toy gun emoji to a real pistol:

Looks like Microsoft and Apple may not be on the same page about firearm emojis afterall. Right after Apple changed its gun emoji to a water pistol in iOS 10, Microsoft replaced its toy pistol emoji with an actual revolver.

While Apple and Microsoft have gone back to edit their symbols, Google continues to use a pistol in Android keyboards and doesn’t appear to have plans to change this. None of the companies in question have adjusted their knife, sword, bomb, poison and coffin emojis, so… ¯\_(ツ)_/¯

When vendors start prescribing how emojis must look like (influenced by all sorts of emotions) without the user allowing to choose (via a font – that’s what fonts are for!) how they look then it invalidates the whole Unicode principle:

Unicode is a computing industry standard for the consistent encoding, representation, and handling of text expressed in most of the world’s writing systems.

These emoji aren’t text and should be gone from the Unicode standard before they can do more harm.

Will the next step be that vendors define their own colours for certain characters in fonts? For Windows Times New Roman A becomes red, B green, C yellow, but in Courier New we’ll permute these colours and all Operating Systems and Versions will do different random colour choices.

–jeroen

via:

Posted in Development, Encoding, Opinions, Software Development, Unicode | Leave a Comment »

 
%d bloggers like this: