1. Gold Country Eats
  2. Crush
  3. Doug Steps Out
  4. Idle Words
  5. SONN
  6. Hearing Diva
  7. Hearing Dude
  8. The PawPrint
SONN - The Personal Site of Steven O Noble (SONN)

Hootsuites lack of response shows lack of concern for customer privacy

Earlier this morning I received 1150 messages from Hootsuite, all addressed to different members and all sent to 974 different email addresses (cc’d, i.e. I can see all of them).  The amount of messages managed to lock up my mail process while it tried to deal with processing all of the different addresses..

My tweets to @hootsuite have recieved no answers, and sadly they sent out a tweet talking about security a few hours after the issue happened:

Here is a screenshot of one of the messages, names and email addresses removed for privacy reasons:

 

Worse than that, their main site and blog have no information :

blog.hootsuite.com – screenshot at 12:18 pacific, Saturday November 10th, 2012

But they were nice enough to put it in a help article on their support page which of course, hardly anyone would find.

http://help.hootsuite.com/entries/22353802-seesmic-users-receiving-emails

 

The only reason I knew is because Mashable did an article and linked to the “apology”

As of 12:24PM Pacific, there has been no answer from http://twitter.com/hootsuite, only from their http://twitter.com/hootsuite_help account and there is still no public response i.e. on their blog or front page about the leak.

 

 

The 17 Years of SONN

September 9th, 2012 was the 17th anniversary of my registration of the SONN.COM domain.

Creation date: 09 Aug 1995 04:00:00

Back then I had a 24×7 dialup connection to a ISP called Psyber up in Rocklin California.  Hindsight is 20/20 and knowing what I know now, I should have registered some other domains ;)  Also, domains were _FREE_..

SONN has encompassed all of my different passions from Music to Cars to Networking over the years.  It has been my home, it has been linked to IRC networks, run mailing lists, been part of early viral picture episodes and has slowly moved up the ranks from a 14.4k modem to a 56k DSL to a 128k DSL to a T1 to 10M then 100M and eventually GbE.

I want to thank everyone who has been involved in SONN and helped me along the way.

Jordan MendelsonHe helped me setup Bind 8.  I still use his named.conf to this day.  He has had a long and impressive carrer with Napster, SnoCap, LinkedIn and now SeatMe

Logan Gabriel: He took over the SONN machines when I was hacked, setting up a highly secure (and painful to use at times) OS.

butnik on EFNet (Sorry I can’t remember his real name..):  He handled a lot of day to day things for me.

and everyone else who has been involved over the years, helpful or not so helpful (you WaReZ guys know who you are!).

Here’s to another 17 years.

Expired: Dediserve Discount Code: 50% off for life in Dallas!

Dediserve Discount Code

 

TL;DR until end of August you can get 50% off a 10 node cloud in Dallas at Dediserve by using the code DALLAS50OFF

In my previous post I talked about migrating my important servers to Dediserve after having been a customer for about a year now.  Dediserve truly has the best customer service I have ever experienced from a provider.  The other thing that keeps me at Dediserve that I don’t talk that much about is their reasonable pricing.

I was able to take a $3000 AWS setup where a customer had to turn up and down servers all the time and turn it into a $700 Dediserve order that let them run 24×7.  For a known AWS load you can turn up about 3x the dedicated resources at Dediserve.  There are differences, the main one being that you don’t have usage based billing, so if you need to expand services you will need to order more resources.  There are ways around that though.

For example: one thing I work with my clients on is combining dedicated and bustable/usage based services.  If you use AWS or other usage based cloud providers and you have a static portion of your workload, i.e. you run 10 servers with 1G ram and 2CPUs almost all the time, you move that workload to a less expensive provider such as Dediserve.  The value of burstable/usage based services is that you only pay for what you need, but you pay a lot more.

There is space in the cloud for both models and even private clouds combined together.  For many of my clients being able to reduce their CapEx by 50% or more is a huge benefit.

Recently Dediserve upgraded their Dallas Cloud Servers and in honor of that, they are doing a very special 50% off for life deal until the end of August using the code “DALLAS50OFF“.  If they had this deal when I was migrating my 3k/month AWS customer, I would have been able to take the customer to an almost 90% reduction in cost.

So my suggestion to anyone who is using AWS and has a bill, check out what Dediserve can offer, the fanatical support is just a special extra.

BONUS!

 

For the next 10 people who purchase from Dediserve and buy something other than the special before the end of August you can use this one time %9 discount code from me : LFO74ZHQD1H1

Migrating my important servers to Dediserve

Migrating Router Analysis to Dediserve

 

After using Dediserve for almost a year for other projects, I decided to move my “most important” website, i.e. my startup Router Analysis to Dediserve.  Router Analysis had previously been running on a shared VPS while I waited for the company and site to take off.

The move to Dediserve was flawless.  I setup the server taking advantage of their newly deployed SSD architecture and IPv6 connectivity, opened a ticket to get my site migrated and within a short time it was done.  I am always highly impressed with how friendly and helpful the people at Dediserve are.

Router Analysis recently released a couple of important documents including the Enterprise Edge Router Upgrade Guide and the Cisco ASR 1000 Testing Results, these two documents started bringing in a good amount of viewers.

Yesterday we released our first “product review” where we took a switch that came in for the Gigabit Aggregation Test and did a short review of the unpacking, installation, configuration and a bit of testing: The Edge-Core ECS4610-50T Review.

The Design of the SONN Website Network

I am now going to go a bit further in depth about how the network of SONN sites is setup, if you have any questions please drop me a note!

The main site, www.sonn.com is hosted on a pair of ESXi machines co-located with Hurricane Electric in Fremont California (USA).  One of the ESXi machines is turned down and will turn up in the event that something happens to the main one.  This is mainly to conserve power and be green.

Other sites such as crush.org, idle.net, dougstepsout.com and hearingdude.com are also hosted on the same infrastructure.

Crush.org gets the most hits out of all of the sites, about 7k unique visitors and 30k page views a month (yes… not a lot).  Crush.org uses MaxCDN for images and is behind a caching reverse proxy that is behind Cloudflare.

Cloudflare has been good to me, the outages have been limited and the price can’t be beat ($0).  Before Cloudflare and the reverse proxy, I would run into funny spawning issues with Apache2 (I am not that great of a sysadmin).  Now everything is very nice.

There are a few other sites behind Cloudflare including idle.net which has only a few visitors.

For Router Analysis, I am using Dediserve behind Incapsula.  Previously I hosted Router Analysis on a inexpensive shared VPS and had numerous issues with site performance.  Even after I put Incapsula in front of Router Analysis, I still saw issues.

I tried using Incapsula for crush.org but I ran out of bandwidth very quickly.  I also have my fathers Gold Country History site Doug Steps Out behind Incapsula.

If I was going to compare the two platforms, Cloudflare vs Incapsula, it would be hard.  They both seem to provide good information, with a slight edge to Incapsula with their weekly status emails.

Past the SONN websites, there are DNS servers (one of which runs at Dediserve), a VoIP network (Part hosted at Dediserve), Mail Servers and other random bits.  Most everything is available on both IPv4 and IPv6 which is important to me as I have been involved with IPv6 for the better of 15 years.

 

The State of IPv6 July 7th, 2012

I had a idea last night to do a study of IPv6 connectivity between major ISPs and the top Alexa sites.  I can’t take full credit for the idea, it was driven by a study done by The Security Skeptic.

The study looked at IPv6 reachability based on AAAA records and reported that the improvement over 2011 is only 5%.

To start my test I took the top 25 sites based on Alexa and grabbed their AAAA records.  What I found was sad.  Out of the 25 sites only 12 had AAAA records.. less than 50%.  And out of those 12 sites, 8 were google owned. The nice thing I saw was that the top 4 sites are all dual stacked.

I am not sure if we should congratulate the companies that are dual stacked, or shame the ones who are not.  Here is the list:

www.google.com
www.Facebook.com
www.youtube.com
www.yahoo.com
www.baidu.com – No IPv6
www.wikipedia.org
www.live.com – No IPv6 — Microsoft
www.qq.com — A chinese IPv6 connected site!
www.twitter.com – No IPv6
www.amazon.com – No IPv6
www.linkedin.com – No IPv6
www.blogspot.com
www.google.co.in
www.taobao.com – No IPv6
www.sina.com.cn – No IPv6
www.yahoo.co.jp – No IPv6 — This makes no sense? Japan is very IPv6 friendly.
www.msn.com – No IPv6 — Two Microsoft sites in the top 25.. both IPv4 only.
www.google.com.hk
www.wordpress.com – No IPv6
www.google.de
www.google.co.jp
www.google.co.uk
www.ebay.com – No IPv6
www.yandex.com – No IPv6
www.163.com – No IPv6

We know that companies like eBay, Amazon, Twitter, LinkedIn and Microsoft have qualified individuals who could setup IPv6 and I am sure the others do too.

So what does this mean?  Are companies like eBay and Amazon concerned about global connectivity?  That someone might get a IPv6 result and not have full IPv6 connectivity to the entire Internet?  Do the companies themselves not have IPv6 connectivity from some or all of their providers?

I plan to do a bit more digging to try and figure out if there are secondary issues keeping companies from doing IPv6.  What kind of issues?  CDN support, Advertiser Support, Providers not offering IPv6; those are some of my thoughts.

If anyone has extra data feel free to drop me a note.

Cisco Router Training

The SONN Sponsored Router and Switch Testing Company, Router Analysis is offering Cisco Router Training.  The training will be tailored to your specific needs and can also be used as Consulting.

Steven Noble has been connected to the Internet Industry for over 20 years, 9 years with Vendors (Cisco and Procket) and 11 years with customers (XDN/3Crowd, Exodus Communications and Foundation Health).

Steven has worked with customers around the world on Testing, Design, Deployment and Other Related Topics.  His experience spans the Access Layer to the Core.  He has delivered training for Customers and Cisco Employees around the world for the last 8 years.

For more information visit the Router Analysis Cisco Training Page.

Vyatta’s view from the Cloud (Expo)

I worked with Scott for many years at Exodus Communications. His insight into the cloud via Vyatta is spot on.

The Value of an End-to-End Cloud Computing Operating System
— “The productization of Big Data will be an interesting trend to track, and I think we’ll start to see some significant investment in this area over the coming months,” noted Scott Sneddon, Vyatta’s Director of Cloud Solutions, in this exclusive Q&A with Cloud Expo Conference Chair Jeremy Geelan. “We at Vyatta think this trend is exciting,” Sneddon continued, “because these kinds of new ventures will always need powerful and creative networking and security solutions.”
Cloud Computing Journal: Agree or disagree? – “While the IT savings aspect is compelling, the strongest benefit of cloud computing is how it enhances business agility.”
Scott Sneddon: Whether you’re a mature company or an emerging business, time-to-market is critical to success. Rapid deployment of network infrastructure or a new product line always requires capital. The companies that win always optimize their cash flow and keep plenty of it on hand to seize opportunities. That opportunity could be a critical executive hire, an undervalued target acquisition or a necessary engineering build-out. Either way, cloud computing when executed correctly can directly impact how nimble companies can react to market opportunities.

New .TLDs and the race to the bottom

I’ve been hearing all day about the list ICANN put out this morning of requested new .TLDs.  Discussions are everywhere on Twitter, Google+, Facebook, you name it, everyone has something to say about the subject.

The most interesting aspect I see is the amount of money that ICANN made from the registration fees.  The cost to register your own .TLD is $185,000 US, maintaining it is $25,000 US a year.  There are over 2000 applicants for TLDs, and ICANN has admitted that they have made around $352 Million US in application fees.. $352 Million!

All of this for .TLDs like .apple and .google as if people will type that in, they don’t even type in .xxx yet!

Then of course there is the whole issue of brand confusion.  Will ever bank have a .bank domain?  What happens when there are two banks with the same name, currently one of them would have the .com and the other might have a ccTLD (Country Code TLD), which makes logical sense.  But now with .bank you have to somehow mingle everything together.  Will they do bankname.us.bank and bankname.eu.bank?  At what point does all of this become an exercise in idiocy?

For some reason ICANN CEO Rod Beckstrom thinks that these new TLDs will benefit users by creating domain name registry competition.  We all know the .TLD that the internet runs on, and it is .com.  Normal people assume .com, it’s the logical choice.  Unless your brand is justin.tv and even then, there is someone squatting on justin tv .com (I purposely broke it up to avoid a link) because they know people will type in justin tv .com as it’s a normal thing to do.

Of course we have come to the point where most people just type a name into the search bar, which google’s chrome has combined with the address bar.  I watch my wife do it all the time (it drives me a bit crazy).  To me, certain things need to be either bookmarked or typed in directly (banks and other secure sites), otherwise you run the risk of getting a bad redirect.

That about sums it up from my perspective.  Feel free to lash out at me if you feel otherwise :)

Cartoonist turns lawsuit threat into $100K charity fundraiser

I find this entire saga delightful. First off, FunnyJunk really did take and repost a lot of The Oatmeal’s content on their site. It’s easy to prove, the Internet is archived (literally!).

Secondly Matthew Inman if you follow him on any other social media channels is a normal, creative person who is putting his ideas out to entertain. He has a few books, he sells posters, shirts and other items to keep the site going.

Matthews response to FunnyJunk is hysterical, I feel like we are back in the ’90s again, where people took less crap and reposted any threats they got.

I don’t see how Matthew did anything to FunnyJunk other then point out the obvious and call them out. It took a year for FunnyJunk to come back and complain?

Now FunnyJunks Lawyer says he is trying to get the donation page taken down? The money goes for good causes and Matthews supporters have willingly given it.. I just don’t see it.

Cartoonist turns lawsuit threat into $100K charity fundraiser.

Testing The Waters

I’ve spent about half my life earning money from computer related jobs.  During that time I have pushed the envelope from using OS/2 to run a multi-node DOS BBS and putting it on the Internet using a 24×7 dialup.  I started running my own websites (sadly archive.org only has my site from 1998 on) and have hosted them myself the entire time.

At Foundation Health, I had access to some smaller Cisco routers (2501) but never the larger ones (Cisco 7000).

Joining Exodus Communications in 1996 gave me access to a 7000, a 7500 and some other random devices.  As I started to build out the network I had to start looking at devices other than Cisco.

There were some crazy router vendor startups back then, people like Berkeley Networks, who was running their route processor on windows.  My team spent a lot of time meeting with new vendors and trying to decide who was the best to move forward with.

Once we had decided which vendor to look at, we had to get a box in the lab to test.  Many of these vendors were excited to get invited into the Exodus lab.  They spent a lot of time working with us, updating hardware, firmware, software to try and meet our goals.  This was my first real foray into the art of Router Testing.

I wrote a lot of RFPs, RFIs, etc.  I wrote test plans based on the Exodus network and executed them against different vendor equipment.  Learned the hard way how much the design of a router affected its functionality in a network.

After Exodus I went to Procket Networks.  The way I convinced Procket that they needed me was to sit at my house with a limited set of tools and find bugs.  Procket brought me in to run the Customer Simulation Lab (i.e. pretend I am a customer, do customer things and see what happens).  It was great fun and gave me a chance to build my customer advocacy skills.

After Procket was acquired by Cisco, I ended up in the Techincal Marketing Engineering team for the CRS/12000 routers.  Within the team, I was first tasked with learning the CRS and training Sales Engineers.  While doing the training we utilized testing equipment to show that the products were performing as stated.  Over time I moved into a competitive testing role.

My first competitive testing for Cisco was done using some ancient gear found laying around the company.  Quite a bit of time was spent tracking down the source of the equipment and getting the latest code legally.  Basically it was a nightmare.  I spent a while with the code that came on the systems then when I got the new code, I found that essentially everything had changed (the command line completely changed).

Over the years I spent time testing newer devices, working with customers (onsite and remote) on how to properly test, wrote and executed test plans.  Being able to utilize 17+ years of testing/breaking things gave me a lot of insight into the different vendors, how a new router would probably perform and the issues each vendor has.

For now I am doing consulting for companies looking to design and test networks.  It’s a rewarding career but as all consultants know, it’s spotty.

Older Entries

Latest Posts

Blogroll

Designed by SONN
©2013 SONN