High Speed

On 2017-07-252024-05-17 By JohnIn techLeave a comment

Roughing it.

Heisenberg Monitoring Uncertainty Principle

On 2017-07-102024-05-17 By JohnIn science, sysadmin, tech, workLeave a comment

In certain implementations of software monitoring solutions, the type, quantity, and frequency of monitoring – the system or service checks – can result in an increase in load on the systems being tested. This increased load can lead to the flawed interpretation that additional monitoring tools are necessary to identify the load factors, resulting in further-increased load.

Or, to summarize: throw so much monitoring at a platform that it unexpectedly increases load, which prompts additional monitoring. Repeat.

Or, to summarize the summary: You cannot observe any system without impacting it.

Security Fail n+1… +1

On 2017-06-282024-05-17 By JohnIn annoying, security, sysadminLeave a comment

One of the things that frustrates me is when a site – or worse, a group within my own organization – tells me that my password contains characters that aren’t allowed. Or that my password is too long.

Really? So what you’re saying is that you want me to trust that your team’s developers have good security by using a weaker standard than my own?

You need to change your hash algorithms to accept unicode strings of any reasonable length – and, yes, 256 characters of unicode is a reasonable length for a password.

Also, I just spotted a maddening double-shot of security bumbling with an organization that has integrated with Google Auth. The issue isn’t that they’ve integrated with Google Auth – that’s good – but it’s that they’ve disabled the ability to use two-factor authentication therein.

They’re improving usability by using single sign-on, but increasing the attack surface by disabling a proven security feature.

Oh, and they only allow ASCII for passwords. And not even all of them.

How to Reduce Value

On 2017-05-192024-05-17 By JohnIn education, learning, sociology, workLeave a comment

I’ve recently been reminded that there are still people out there who become increasingly impatient and abusive when people don’t reciprocate their impatience and abuse.

In related news: raising your voice and throwing verbal hand-grenades into conference calls when somebody doesn’t understand your perspective doesn’t make you right. It makes you abusive and reduces your value to the organization.