Sunday, April 14, 2019

Outage Communication

This post isn't bashing cloud providers, although that's an easy target.

What this is about is to give some examples of outage communication from various providers. And yes, Google and Facebook are in different sectors but the wide differences in their outage communications are still interesting.

On March 12, 2019, Google suffered an outage that impacted Gmail and a variety of their services that depended on their file system. Over the next several hours they posted 3 updates on their G Suite Status Dashboard. The first noted that they were having an outage. The second update was posted in under 2 hours and stated that they were continuing to investigate. It also enumerated the services that were impacted. The final update was 2 and 1/2 hours later and said that the issue was resolved.


But Google didn't stop there. 2 days later they posted a thorough postmortem (archive.is) that identified a root cause and remediation and prevention.

That's the way to communicate.

On March 13, 2019 Facebook had a 14-hour outage which took down the Facebook social media service, its Messenger and WhatsApp apps, Instagram, and Oculus.

Here's Facebook's communication on that outage.


Yes, that's it.

Which of these would you prefer from your services provider? Ask about that before you sign a contract and consider putting a requirement for communication and follow-up in the contract.


Sunday, April 07, 2019

Just Don't Play Facebook Games

If you're my friend on Facebook, please don't play games on Facebook. When you do, you authorize Facebook to share your profile information with the game company. This often includes details such as the Facebook user ID, a list of Facebook friends (that's where I come in), likes, photos, groups, checkins, and user preferences like movies, music, books, interests, and other.

Once the game company has your data (and mine) Facebook has no control over what the game company does with it or who it shares it with.

Oh, I'm sure they have policies about what can be done with the data but there really is no way to enforce it.

As an example, the company that operated the "At the Pool" Facebook game, left all their Facebook user profiles, etc, on a publicly accessible Amazon Web Services (AWS) server for anybody to access.

Here's an excerpt from an article on ZDNet on this Facebook data leakage:
[T]he company has lost control over its most important asset - its users' data - which is now leaking left and right from all the no-name companies and mom-and-pop developer firms who've collected it over the past few years.

Sunday, March 31, 2019

Global Entry Follow-Up

We've been using Global Entry for a couple of years and I wanted to share how it works at various ports of entry.


Dublin

When we departed from Dublin, Customs and Border Protection (CBP) did the U.S. entry processing in Dublin.

First we checked our bags with the airline. Then we went to the Global Entry kiosks. We placed our passport on the reader, smiled for the camera, put our hand on the sensor and answered a few questions. They showed us pictures of our bags and we had to acknowledge that they were ours. We took the receipt that the kiosk printed and headed for the exit. We waved the receipt politely to the Immigration agents and kept going. We didn't see a Customs agent. Then we went to Starbucks and waited on the rest of our party.

Chicago

When we returned from Quebec through Chicago, the CBP did the U.S. entry processing in Chicago.

On the flight into Chicago, when the flight attendant passed out Form 6059B we didn't have to complete it. Then when we deplaned and went to the Immigration area (huge and packed), we went to the Global Entry kiosks. They were marked with bright yellow signs at the far end of the hall. Again we placed our passport on the reader, smiled for the camera, put our hand on the sensor and answered a few questions. The kiosk printed a receipt. We waved the receipt politely to the Immigration agents and kept going to baggage claim. We took our bags and found the Global Entry Customs agent. He was the one without a line. He waved us through and we were done in 5 minutes.

Nassau

Then there was Nassau. Somewhat similar to Dublin, the CBP did the U.S. entry processing in Nassau.

First we checked our bags with the airline. Then we went to the Global Entry kiosks. We placed our passport on the reader, smiled for the camera, put our hand on the sensor and answered a few questions. The kiosk printed a receipt. But then we had to queue up for an CBP agent. They asked for our passports and the receipts from the kiosk. The agent showed us pictures of our bags and we had to acknowledge that they were ours. They asked us a lot of the same questions that we had answered on the kiosk. I couldn't really tell much of a difference in processing us as Global Entry travelers from non-Global Entry travelers.

Campobello Island

We used the Global Entry Cards for our land entry and exit to and from Canada at Campobello Island. They worked just like a passport.

In summary, I still feel that Global Entry is worthwhile even for a casual international traveler. Obviously (and surprisingly) the benefit and process varies significantly by location.

Sunday, March 24, 2019

remove.bg


Every now and then I take a "great" photo of my family but the background is distracting. I've worked hours with editing programs to select the background and then paint it out. Often it works okay but takes a lot of effort.

Then I came across remove.bg. Here's how they describe themselves:
Remove.bg is a free service to remove the background of any photo. It works 100% automatically: You don't have to manually select the background/foreground layers to separate them - just select your image and instantly download the result image with the background removed! ...it only works if there is at least one person in the image.
Here's a before and after:



But wait, there's more.

After you have removed the background, you can replace it with another photo.


Wow!

Sunday, March 17, 2019

Facebook Tracking - Part 2

Go read this first.

Now go try this. Login to Facebook. You can even try my sandbox technique if you like.

Logout.


Leave that alone and go away for a while. Wait until you should have gotten some kind of Facebook notification.

Now go back to the tab where you were logged out.


You just thought you were logged out. Facebook was still tracking you and even updated your profile picture to show the number of notifications you've gotten while you thought you were logged out.

Evil.

Sunday, March 10, 2019

Facebook Tracking

I realize there's lots of noise on the Internet about Facebook tracking you but I just wanted to show you what it really looks like.

I've posted before about how I try to sandbox Facebook. I'm not naive enough to think that's bulletproof but at least I'm trying.

Similarly, I NEVER click on a link in Facebook. As I suggested in the previous post, I right click and copy the link. Then I go over to another tab and paste the link.Then I go and delete all the characters starting with "?fbclid=".

Here's a recent example:
https://l.facebook.com/l.php?u=https%3A%2F%2Fgoo.gl%2FHoh4V9%3Ffbclid%3DIwAR1yCKf6gTjPq_YDl4Y-J37BZ7TIJZGXMvZvH8T9_Zn6OQf_gN0HMHp4kRM&h=AT1dP9OuIl5M0f_qB4pUFO3gx7feNV6B1whGiQYsb2QXb98_FfInyZf_H1u2BzGd15g61SR90EDeuHuljeRyLvmk6JyH_B4eVfEN30qN6ZO8d7o_uAZUyKqX4vqHE775UyKArv4Js_gcGEkBTU1p8gL84__GHE6Zv9zjA885LeHRoXSHCjvZ2SsPPRbmEjuWgkLFhmv_RNxkIW2iCoVIXjq_91x3aGNuRg5Cv26oCgHk0Jx6VYgFpGuhVWAhu22pYgHzvqFEej0iyjbvdJx3qNDxBXU9c57ggOrLcYf5rBp9zaW-RP5rxpZcmnC6RS5SRNbsVhCs1fjhGyI2ZVYfZJnR_WgeT_VgzuatreZLYzKMv9s2gajAttWgnM79qg28QFnADkQYaExt5CA1MotGiR1jCjgQP9nL1ImgQ3zTmNrlojfuzfHMzY9y7SExcHk8bMqvOU7KML1p--ds09Dbfi482AudxWzehwUdEYMUTWhQANMlLIDWBFbEzgeTyZqDD5HblobEqjYorDFd7aawWeIQhiQPIzWFarWKxXJrILwR6g4vhkP2WR_vpQ5P40IIxYmWF5zFrKdwcJpi4OaP4jkoErnnqUaeZrg4EOpho3tTJzu3Jb0xOzsX76SmgyCmMhym9o7bnKF5z7NIw2HLMIGHljlH
This URL is even encoded that further obfuscates what it's doing. I use a URL Decoder/Encoder to make it somewhat readable.
https://l.facebook.com/l.php?u=https://goo.gl/Hoh4V9?fbclid=IwAR1yCKf6gTjPq_YDl4Y-J37BZ7TIJZGXMvZvH8T9_Zn6OQf_gN0HMHp4kRM&h=AT1dP9OuIl5M0f_qB4pUFO3gx7feNV6B1whGiQYsb2QXb98_FfInyZf_H1u2BzGd15g61SR90EDeuHuljeRyLvmk6JyH_B4eVfEN30qN6ZO8d7o_uAZUyKqX4vqHE775UyKArv4Js_gcGEkBTU1p8gL84__GHE6Zv9zjA885LeHRoXSHCjvZ2SsPPRbmEjuWgkLFhmv_RNxkIW2iCoVIXjq_91x3aGNuRg5Cv26oCgHk0Jx6VYgFpGuhVWAhu22pYgHzvqFEej0iyjbvdJx3qNDxBXU9c57ggOrLcYf5rBp9zaW-RP5rxpZcmnC6RS5SRNbsVhCs1fjhGyI2ZVYfZJnR_WgeT_VgzuatreZLYzKMv9s2gajAttWgnM79qg28QFnADkQYaExt5CA1MotGiR1jCjgQP9nL1ImgQ3zTmNrlojfuzfHMzY9y7SExcHk8bMqvOU7KML1p--ds09Dbfi482AudxWzehwUdEYMUTWhQANMlLIDWBFbEzgeTyZqDD5HblobEqjYorDFd7aawWeIQhiQPIzWFarWKxXJrILwR6g4vhkP2WR_vpQ5P40IIxYmWF5zFrKdwcJpi4OaP4jkoErnnqUaeZrg4EOpho3tTJzu3Jb0xOzsX76SmgyCmMhym9o7bnKF5z7NIw2HLMIGHljlH
And notice that Facebook is not only passing a tracking ID along to the target site but using a redirect service (https://l.facebook.com) to launch it.

Once you eliminate all the tracking information, here's what you get:
https://goo.gl/Hoh4V9
Facebook is just evil.

Sunday, March 03, 2019

Zoolz Update 2

I continue to be impressed by Zools as a backup tool. You can get Lifetime of 1TB Instant Vault and 1TB of Cold Backup Storage here for $45.

Since my last post I have tried the Instant Vault storage. Think of it as 1TB of shared storage like Dropbox shared files. But you have to login to the Zoolz web interface and drag and drop files/folders onto a web page.


Then you can request shared links to the files/folders. Those files/folders are NOT automatically updated. This is a separate terabyte of storage from the Cold Backup Storage.

But what really got me looking back at Zoolz was that my CrashPlan for Small Business at 75% discount for a year expired and my monthly charge went to $10. Not a big deal but $10 more than I used to pay.

In revisiting Zoolz I came across a feature that I hadn't noticed before - Hybrid+ backup.
Zoolz Hybrid+ doubles your backup protection by creating a copy of every backed up file to a local server, external or network drive; ensuring faster recovery when needed. Zoolz restore is intelligent enough to minimize recovery time by checking your local Hybrid storage for the file before restoring it from the web, reducing time and bandwidth resources.
And it's included with the regular Zoolz offering.

So I bought a 2TB Western Digital USB 3 drive and plugged it into the back of "The Trump".

Here's how you turn it on.


It took about 4 hours to sync the 400+ GB that I have selected to backup with Zoolz.

Zoolz support was excellent in helping me understand how Hybrid+ worked, even doing some experiments to answer some of my questions.

So now I have cloud backup with Zoolz Cold Backup Storage, local backup with Zoolz Hybrid+, and offline backup with Macrium Reflect.