Couple of updates from my world

Good day guys,

Its been almost 2 weeks now since i have started work and i have to say i have learnt a lot of things within the time. The world of AWS is huge and i would say it is a separate universe on its own. You would probably take 1-3 months to get hold of what each part of the system does to suit the ecosystem. In this two weeks, the things i have learnt so far;

1. Git/Github
2. Cumulus
3. The business and technical aspects of Amazon Web Services
4. Building my first stack on AWS

Git and Github are amazing things, where one can track changes and stuff done on a particular stack or code. It works as a version control system. It is a whole world on its own, and learning it has been a joy, and also a precursor to my current role. I am still in the process of learning.

Cumulus, is really an interesting tool. It is basically used to get numerous stacks together and create a system in the right order. Now this tool is really interesting, and for one of my clients, its an essential tool to make changes and get things done. This will probably take a while to get a hold of.

In terms of the business and technical aspects of the Amazon ecosystem, it is awesome i finally got both the accreditations. I still probably have 40-50% understanding on the whole thing but i will get there soon. Hopefully.

Ah yes! I followed some tutorial by AWS and created my first WordPress stack, which includes an EC2 instance, EBS and a database. I have a lot to learn from cloudformation. This would be my homework for the coming week.

Thats all for now!

Great ideas for 1st year mechatronic students with not much IT in them.

Great ideas for a first year internship student for mechatronics and IoT
•Eject the bed or shake it remotely to wake up the kid from anywhere
•Home water usage device which can be fitted to all the water outlets and receives the notification on mobile app
•Brew coffee using Tweeter or Change the Thermostat setting using Tweeter
•Receive notification whenever the physical mail is delivered in the physical mailbox
•A smart recycling system that knows when its full
•A smart bag which reminds you of the items to be carried to office
•Collecting data from all the IOT devices in the house and storing into Google sheets for personal analysis
•Gesture control/ voice recognition remote/key finder

Thanks to my Quora buddies for the ideas. 

First post, First day of 2016

What is AWS? AWS is defined as Amazon Web Services. Its a branch of Amazon and they provide cloud services from PaaS, IaaS to SaaS. So yeah, they are world beaters and its good to be in the bandwagon early when the demand is hot.

One of my resolutions for new year…. is to make sure i master AWS, from the perspective its architecture to its systems operation and engineering. This blog will be a summary of journeys, collections of experiences and technical write-ups on AWS and its support realm as I chalk up ways and methods to get things in the groove.

My vision for the blog, is to educate the world about the beauty of AWS and impart my experiences in managing a cloud infrastructure from my perspective.

Lets start.

Public cloud and the government scenario.- Part 1

Lately there is a buzz about NZ government going into the public cloud space. NZ government is an example of an effort trying to emulate Estonia, one of the worlds leading fronts in employing the e-government strategy. Lets break down the terms.

Public cloud is denoted to be an infrastructure which is available to the public and not personal to a company alone. This does not mean public cloud is like a night market where anyone or everyone can administratively access it. It is about control and what you can “see” and “cant see”This is opposite to a private cloud or in-house equipment. Simple right? yes it is simple. I wont go into the nitty gritty of types of services. That is for another day.

So…. why is the government adamant in implementing a public cloud service. Well, it is the concept of privacy, management of data and location of the physical premise. The public cloud service too has to follow the NZISM model for security compliance. Forget about some of the US-based standards, where Amazon has done a great job in attaining certification. It is the unique nature of the set of security compliances that the public cloud service has to comply to.

To answer the problem, i did attend a meeting by CSA (Cloud Security Alliance) in Wellington. It was hosted by University of Waikato. They discussed about a project called Stratus. Stratus is a cloud security framework to provide tools for security measures and maintain the integrity of data on the cloud. For more on Stratus;

https://stratus.org.nz/

CSA has come up with unique compliance measures from the STAR (Security, Trust and Assurance Registry)  to the CCM (Cloud Controls Matrix). These are in fact great measures to look at measures taken by providers to keep data safe. STAR is mainly an accreditation for cloud service providers. CCM on the other hand is an extensive matrix for auditing a cloud based system to maintain security standards.

One of the key concepts of public cloud is availability. For example, Amazon Web Services have co-locations in the same regional zone. This means that if one data centre goes down in one a-zone, there are 2 more centres in the same region to work with. This is great for the common person, but for government data; it might be a turn off. Replication of data is a sensitive thing. Why? The lack of control. This however depends on the level of secrecy of the document stored. If data stored on the public cloud is deemed to be publicly available, then putting it on a public cloud might be the cheapest and safest way to do it.

Physical security is a cloud providers responsibility, so the government has no authority in managing the physical security for the data they keep. There is a certain level of trust needed from the government to the cloud service provider making sure their data centres are safe and the staff in there are vetted. The only control they have is the service they have purchase and manage. I guess the major question here is; do i reduce operational expenditure by cutting staff needed to manage the data centre and move the money elsewhere for better use? Governments have a responsibility to the socio-economic status to provide more jobs. So there is a shared responsibility between Amazon and Government of NZ.

End of part 1.

*The document is a continuous input*

2016 New Year Resolution

Happy New Year!! It is 2016 today and when I reflect upon my undertakings in 2015, i notice that i barely achieved 10% of my goals. This calls to say that, relating your goals to what you do everyday is probably the best way to look at it.

My personal goals are defined by three factors; economics, personal life and career. This are the 3 key functions needed in a successful run for a year. I shall start with my career.

To make sure these resolutions are good, we should follow the SMART goal system. SMART is defined as Specific. Meaningful. Action Oriented. Realistic. Timely

http://topachievement.com/smart.html

My career goals.
1. Achieve 100% uptime and non-breached SLAs for the fiscal year 2016. Build the API Talents operations
2. Achieve my AWS Solutions Architect and System Operations Associate Certification
3. Become a senior support engineer

My Personal Life goals
1. By end of fiscal 2016, become 80kg
2. Start PR process
3. Help refugee and migrants through MCLaSS volunteering

My Economic goals
1. Save 25% of my annual salary to my Savings account in BNZ in 2016

Transferring files more than 4GB into a flash drive.

One must wonder, how come when you use a flash drive at gargantuan sizes it seems that a simple file transfer of over 4.2GB might tell you that there is not enough space in the drive. Well, it is not your fault, neither the flash drive. The flash drive by design is formatted with a FAT32 file system. In a FAT32 file system, the maximum size of file per transfer you can do is 4.2GB. This limitation is by design.

To overcome this, one can format the flash drive to exFAT. exFAT is practically limitless when it comes to file transfer sizes. For exFAT, it is 16 Exabytes per file transfer.

Source: http://www.ntfs.com/ntfs_vs_fat.htm

To make life simpler, one can reformat the flash drive from FAT32 which is default to exFAT. To do this, for windows 7

~The simple way~
1. Right click on the flash drive
2. Format
3. Choose exFAT as a file system
4. Format the flash drive

~The complex way~ (not fool-proof)
1. Click on the start
2. Run
3. Type diskmgmt.msc
4. Find the flash drive needed
5. Format it using the exFAT file system.

For the complex way, i need to show some screen shots to get it to work. Now with exFAT, you can transfer files with unlimited sizes.

Malaysian ISP and their failures with Information Security.

What pisses me off the most is when funding goes to R&D and operations to big ISPs in Malaysia and particularly a government owned ISP does not care at all about its users and the potential security risk their sites might have. From the perspective of a commoner, there is no reason to care and make sense of the potential risk one site might have in terms of data secrecy and information breach. I would like to introduce you to the wonder site managed by ISPx, occ.unifi.my One might have a new site to login but for god sake please take this site off production. Thx.

When you run a Qualys test on the site, you are in for a disaster result. I do not wish to disclose the results here but this is terrible. I wish i can sack their information security head for being so ignorant with the problems of the site. Okay, even if you do not manage the site anymore, there are lots of users who have personal data on that site. I have tried addressing this to ISPx but to my failure. It always falls on deaf ears.

This probably goes for most of the sites which share the same certificate under the unifi or tm domain. I “applaud” the work done by the security team of ISPx. Why do we pay big bucks then. No idea! Now to the biggie, it is probably the biggest social engineering campaign. There is no verification that it is a Unifi site on Facebook but they have their own form and site, and the details they collect. Man.. seriously, what are you doing ISPx? dont you have a opsec team. Hire me, ill do you a great favor!

Bite me, ISP x. You failed Information Security Practices 101.

The beginnings of my life in New Zealand. Part 1

Kia ora! I was thinking about writing this one. It might induce some flak or opposition to the sellers of New Zealand life and whatsoever, but it has to be done. Truth is important. I live and breath New Zealand air. I love New Zealand but it has to seriously change some parts of its policy so its easier for smart migrants like us to integrate, contribute and live here.

My life in New Zealand have been an interesting one. I have had my ups and downs. The life of living safely and in a slow pace sure does outdo the frantic pace in living in an Asian country. I am from Asia, we live and breathe work. We work hard for the small income we get and we spend it all in the little luxuries we can afford. That of course comes with a great cost, health. Naturally, you will want to move out of that zone so you can have that extra years in you to live old age.

If you look at the places to live online, there are common sights like Scandinavia, Canada, and certain parts of Europe. Australia does well with its ratings but those who live there, can tell you otherwise. Europe and East Asia, are great places to live in, but before you can settle in and get your residency, you will probably be better off living in your own country. Never easy breaking through the fabric of society to land yourself a gem of a job. This left me to one option; New Zealand.

New Zealand…. land of the gods, land of wonder, and the land of beautiful scenery and living. The enticement is real. Mind you, if you are living in Asia, and you read about the splendours of New Zealand, you will be bought over. I was bought over. I loved the prospects, i loved the people, i loved the equality and i loved the way they lived. So, i left my busy life in Asia to the picturesque New Zealand. My new chapter of life begins..

There were few options to consider i came here, to start my new life. If you have a bucket loads of money, then life is always easy. I only have my brains to offer. I, then decided; okay, i will enrol into a course and make it work after that. So i did. I looked up and i got feedback, IT is great and there are many jobs in offer. Information Security was the “in-thing” and jobs will fall at your feet. Remember when i said “enticing”? There you go, from the outside, New Zealand sounded like a dream. I enrolled.

One of the greatest selling points of New Zealand is probably its education. The government has devised a way  to make sure something can sell to bring people in to invest and spend on its economy. So it produced, a one-year level 7 and level 8 program. They guaranteed it was good, and after that jobs come to you in a jiffy. I took up the best of both worlds, a level 7 program and it was in Information Security. How cool was that! The program was sold in such demeanour that even Warren Buffet would have bought shares in a dying IT company any time. I would have to say New Zealand mastered the art of selling. You want to learn about marketing and promotion, learn from New Zealand.

So it begins…. wait for part 2.

Fixing Adware on a Windows 7 machine.

I had an interesting problem with adware hitting a windows 7 machine. Windows 7 is a good distribution of Operating System from Windows now succeeded by Windows 8 and 10. Before i recommend heading to the store to get the good old Norton 360 subscription, we would want to ascertain if the adware can be removed manually for free.

There are different levels of checking and cleaning depending on your level of expertise. Ill start from Novice to Expert level.

Novice

Update your Windows! Windows 7 use windows update.

The first step always. Update your browsers to the current version. Browsers have come a long way. They do an awesome job in preventing adwares, and malware that use a website or internet based applications to propagate. I cant tell you what the current versions of browsers are, but i can tell you which makes sense to have and which have minimal maintenance.

1. Google Chrome – The least amount of maintenance and the most secure to date. They do patches immediately and they use Pepper Flash Player, which is in-built and maintained by Google. This just means you can run your flash without the internal worry of a compromise. If you want updates, and the things, Google do; you can always hop in my blog and follow the blogs list.

2. Mozilla Firefox – A nippy browser with an awesome toolset and great security. Similar to Chrome in terms of web browser security and protection against malicious perpetrators. The only fallback is the reliance of its flash content to Adobe. You will have to install the latest Flash player versions to keep up with the security of running Youtube Videos.

The others, not worth mentioning as the two browsers above give you essentially what you need when you are surfing on the internet.

Next, if your adware still persist, you might want to check your “add/remove programs”. This is a critical step. Remember when you download freeware on the internet, they are not “free”. You will probably be blind when you click “Next” till the end. Sometimes, you might install plug-ins or softwares which might contribute to your adware problem.

1. As you traverse through the installation, read well and clear, what you are ticking and installing.
2. Plug-ins and add-ons unless they are “signed off” by vendors or an authority, they can inflict damage to your system.
3. Never trust “free” anti-virus solutions, ranging from registry cleaners, to any of those adverts that pop up on Skype(this disappointed me) to any of those “cleaners”. Good security security solutions come with a cost.
4. Free antivirus solutions like AVG, went through a notion of selling your web browsing information to third party buyers.
5. Remove all that and do a spring clean.

Check again if that fixes the problem. If it does not, let me know.

Now to the expert section…..

Expert

Remember the moment, when a system hangs for some reason, and you know its a software or document that is “hanging”. You press the magical “ctrl-alt-del” and a screen pops up and you press “Task Manager”. When you click that, magic happens. Lets check this one out.

1. When you see a list of processes, you will notice the “memory allocation” for each process. It is clear to see which takes up most memory. From my experience, most browsers take up a certain portion and this can be accounted for. The rest like windows processes can be accounted for.
2. What you want to look out for are the ones that either look “interesting” or it hits your memory allocation to the roof and its not a software you are currently running.
3. Of course there is no way to tell you every single windows process that goes on, so this is where you open your browser and google each one you think is suspicious.
4. By the process of elimination, if there is a suspicious file running and google confirms it, you can stop the process and try to isolate the process file.
5. This can be done by checking through a search, or if you are really good, through the annals of System32 files.
6. If you are confident enough the file is weird and does not match the specifics, you can delete it.

The next option is the registry. Now thats some serious work. For another day.

For the novices, if all else does not work, either get  Norton 360 or a product that can cover the range of end device security. Money is never wasted in securing your system, as your private information is a whole lot more valuable than a paid software. Don’t be penny wise and pound foolish folks.

The explosion of technology and privacy

Hey guys, I was wondering how many of you out there are so connected that even your watch is connected to the internet. It is scary, don’t you think. Your every move, your every action is logged to a log server that monitors every switch of location and lets the big brother knows what you do.

Now does that scare you enough. I find that technology is great, it covers a lot of tasks we think as humans we cannot do, but honestly is that what we want. Where is the time we are actually spending time without any form of technology involved?

Lately there was an explosion of technology hacking in every field; cars, homeware and even police force vehicles. How far have we gone to get “very connected”? The funniest bit of story i heard was the ability of a pepper grinder to hack the wi-fi at home so the children could be on the dinner table and have a family meal. In the old times, we were “not” connected, computers were a privilege in a rich household and it did not have wifi. It was the dial up modem. One could go have a quick 10 minute meal with the family while waiting for the modem to do its work. Technology was “family-friendly” then.

With social media at its peak of usage, everything is put up there (into the invisible space). From relationship statuses, financial information to personal information with a false sense of trust. So, with a logical deduction;

If everything in your life is on the internet cloud,
You are not sure who is behind that shroud,
One can be selling your information to be proud,
Your life in real will be in doubt.

Every app you have, every social media page you are in, you are selling your life for free. Is there any worth in your own self anymore? Privacy’s biggest question.