DNS over HTTPS, why it represents everything wrong in the IT industry today.

So a couple of weeks ago I read this article and wanted to comment on it, but was taken ill preventing me commenting at that time. Since then I have had plenty of time to think, and the subject of that article has been on my mind more than I expected it to be. The post I was going to make at the time was how I felt it was the wrong solution to the problem it purports to solve, but upon reflection I have come to the conclusion that it is worse than that, it is not only the wrong solution, but it is also a demonstration of everything wrong with the IT industry today.

posted at 04:24:25 PM on 1 Jan 2018 by Craig Stewart

Tags:standards comment rant opinion privacy 

Lets talk about Social Justice Warriors

So lets start off by saying I am a white, heterosexual, middle class, male. I have seen lots of comments on the internet about Social Justice Warriors (SJWs for short), and I gather that, based upon what I have seen, I should be worried for my very existence, as these SJWs are apparently out to rid the world of my kind, that is to say white middle class cis gendered (yes I know that "cis gendered" is a label for non trans gendered people, and some see it as an insult, but I am what I am, and I have no better label to use) heterosexual able bodied men. But I have very few examples I can point to of any of these SJWs that really concern me, or indeed that I disagree with in any significant way.

Before we go any further I should probably explain what triggered this particular rant. Recently a person at Google has been sacked for breach of Google's internal policies, a situation that has come to light because the breach was an article they authored about how diversity polices may be harmful, and then circulated within Google, and which promptly leaked. Now I have seen a version of this article, and I shall discuss my thoughts on it later, but what worries me now is the "debate" about the actions taken by Google, and I have already seen some very negative comments. There appear to be two basic sides to this debate, those who say the article was damaging, and wrong, and so Google did the right thing, and those that say Google has damaged itself by shutting down dissenting internal opinions (something the article points out is a risk of Google's current internal culture) and has also trampled this person's free speech rights. My concern is that these are the voices that are going to be screaming about SJWs in the not to distant future. So I thought I'd have a rant about the stupidity of this position from the viewpoint of a SJWs typical "victim".

posted at 09:56:50 PM on 8 Aug 2017 by Craig Stewart

Tags:controversial opinion equality comment rant 

The death of a smartphone, and the liberation it brings.

I knew I relied heavily on the access that I get by carrying around a smart phone, I read my emails, send and receive text messages, look things up on the internet, etc. It is a very useful tool, but I didn't realise how much of an impact it has on my life until it died. So I immediately ordered a replacement, but that took two whole days to arrive. The fix for my old phone was outside my ability level, and I couldn't find anyone who could fix it in a hurry, so I elected to spend two days without it, or any other phone. And it has been two of the least stressful days I have had in a very long time. Disconnected from the world, I didn't need to worry about things I could do nothing about, or keep abreast of the latest goings on on twitter. I almost regret getting a new phone, the old one is off for repair, and will be back in two to four weeks. I can hardly imagine spending that much time without a smartphone. Before the old one broke it was because I thought I would become overly stressed, and fail to cope, but having spent two days with only having the internet when tethered to a desk I can't imagine how relaxed I may get without a smartphone. Maybe in future I shall turn the phone off for periods of time. Maybe too much connectivity is a bad thing?

posted at 09:20:57 PM on 22 May 2017 by Craig Stewart

Tags:breaking oops opinion comment 

So I decided to join a professional body.

I have for a long time thought that the IT industry has an issue with how people within it present themselves to the rest of the world. Everyone wants to be an "Engineer", indeed my current job title is "DevOps Engineer" (a title I am not particularly enamoured with, but that is a matter for another time). We all know that Engineers create clever solutions to otherwise very difficult problems. The issue I have with this is that in many other fields where you find Engineers there are rules, and regulations, and bodies that decide who gets to call themselves "Engineer" and what standards those people must meet. In most of these other fields there are highly defined Engineering Standards against which we can measure the ability and performance of these Engineers. In IT this is not enforced, now I have been very lucky to work with some incredibly talented and intelligent individuals, and I do not wish to deride their contributions in anyway, but without the standards to measure ourselves against, using the term "Engineer" just cheapens it. Unfortunately I have no idea what the standards should be in IT, and I have no idea what the underlying problem with the way many working in IT think that I feel is not proper Engineering, after all I am no more an "Engineer" than anyone else in IT using that title, and claiming otherwise would be a lie. And so I have joined BCS in order that maybe I can get more exposure to the rest of IT and perhaps learn more about what the standards I feel are missing should be.

I shall probably write more on this in the future, but for now here's to hoping that membership of a professional body is going to be a positive step towards understanding my industry, and how I can make it better.

posted at 08:55:47 PM on 10 May 2017 by Craig Stewart

Tags:sysadmin bcs opinion reflection thinking 

New Mail server

Not so long ago I suggested I may change my mail server software. I have recently done so, moving from a highly customised qmail installation to postfix. I have done so for a number of reasons, but that is not to say I dislike qmail.

What did I get out of qmail?

  • Easy to configure, all the configuration was done using flat files, named for their purpose, there was no monolithic and confusing config file to search through
  • Highly customisable, I had applied many patches, and made alterations to my specific installation that served my needs
  • multi process mail system, this one mattered to me, and is why when I switched I switched to postfix, there is no single binary running as root, that does everything, each process runs with the privileges it needs.

So why did I want to change?

Well qmail, and specifically my installation, had become unwieldy to add new functionality to, I wanted to add greylisting, and there were many ways to do this, but they all required adding yet another patch, and out of laziness I had not committed all my changes to any sort of source control. I couldn't stomach manually going through another patch and seeing where it didn't apply cleanly and why, and fix it again. So I had a choice stomach the pain of another round of patching, rebuilding, and testing, and make things worse for myself, set up source control for my qmail set up, or move to something better supported in the community, and with more features.

Postfix suited my needs reasonably well, it is a multi-process mail system, using the idea of least privilege, it has a modular design allowing the addition of extra features much more quickly and easily. It is also better supported, and even has pakages within debian, my operating system of choice. Greylisting was added easily by simply installing another package (postgrey) and altering the config of postfix to use it. By setting up postfix to allow access over ssl on port 465 (as I had previously on qmail) it has also enabled opportunistic encryption for any mail servers sending email to me (something I had considered adding to qmail, but had decided wasn't worth the effort) and I have also been able to easily enable opportunistic encryption for when my server sends email out to other servers that support it.

So do I regret using qmail in the past? Not at all I learnt a great deal from using qmail, and I still prefer it as a basic mail system to postfix, it was just becoming too much hassle to support new features.

What mail server would I advise others to use? For the most part I would suggest google apps or office365 if you want your own domain, or any of a number of other paid for mail hosting solutions, very few poeple have the time and skills and patience to run their own mail server. It started as a learning exercise for me, and I like the control I have over my set up. If someone genuinely wanted to run their own mail server my advise would be to find out what suits their needs best, qmail is great if your needs are simple, and is relatively easy to learn if you have some basic knowledge of how networks and specifically email work, but everyone has different needs, and those needs can change over time, my certainly have.

posted at 04:31:34 PM on 31 Dec 2016 by Craig Stewart

Tags:email sysadmin opinion 

Free SSL certifcates in a post "Let's Encrypt" world.

So, about a year ago I renewed my SSL certificates, and I was using StartSSL as my certificate provider, because they were free, if a little awkward to use. One of the limitations they placed on the free certs is that they could only be valid for a year. At the time I was interested to see what would become of Let's Encrypt as it promised not only free certificates, but a much easier way to get, and manage those certificates. They went live in April this year. I have been considering setting up my cert through Let's Encrypt, and renewing my SSL certificate was the perfect opportunity to do so, however, I have not got myself into a possition to fully automate the renewal of all the places I use my SSL certificate, so while it is still a manual process, and I got the reminder from StartSSL I figured why not give them another go.

posted at 08:27:21 PM on 22 Sep 2016 by Craig Stewart

Tags:opinion sysadmin security ssl 

Brexit, democracy, and liberalism.

So, there was this vote last Thursday. Apparently we voted to have Armageddon! Or at least if my social media feed is anything to go by that's what we did. What annoys me about the wailing and gnashing of teeth coming from those who voted to remain (or at least the most vocal of them) is that they claim to be liberal, and that those that voted Leave are as illiberal, as stupid, and as racist as it is possible to be. And yet, look at what they are saying "the leave camp are wrong, we should not listen to them". Last I checked liberalism was about allowing personal freedoms, not about refusing to acknowledge a view point that diverges somewhat from your own.

posted at 08:05:11 PM on 27 Jun 2016 by Craig Stewart

Tags:politics opinion rant 

Why can't commuters get out of the way?

So I commute by public transport, this involves using the bus train, and Sheffield's SuperTram. The problem I am about to rant about is far worse on the tram and train than on the bus, but does occur on the bus occasionally, it's also a rush hour problem more than at other times of the day, presumably because rush hour is when their are fewer seats and more people have to stand. The problem is that people get on and stop, which at first glance doesn't really sound that bad does it, but consider this, lots of people do this, and by get on and stop, I don't mean get on, find some space, and settle in for the journey ahead, I mean step through the door and just stop right there. At busy times this means you have to fight your way past the crowds of people just to get through the door. Every time this happens to me (almost entirely without fail, and the exceptions don't really bother me much) there is amble room for everyone stood in the doorway to stand apart, and have some space, if these people just spread out into the middle of the tram/train carriage. I have had to fight my way through people crammed into the vestibule of the train, and when I had to ask one woman to move out of the way of the door into the carriage she asked me why I wanted to get past as there were no seats. What appeared to escape her however was the fact that the aisle was empty, not just less crowded, empty. Why stand like sardines for a thirty minute journey (my morning commute by train) when I can stand in plenty of free space? The tram is basically the same problem, but without the excuse that there is a door to separate the doorway area from the rest of the tram. The disabled area on the tram is also next to the doors (a sensible location all things considered) but due to this location it gets clogged up with these ignorant twats milling about the doorway. I am ashamed to say that recently (about a month ago now) when I got on the tram to see a woman with a disabled child in a wheel chair blocking the steps into the middle of the tram I didn't yell out to all the people blocking the disabled bay that they were utter failures as human beings, or try and move them on. More recently I had to fight passed the same group of people to get onto the tram, to allow people to get off (as I couldn't get far enough onto the tram not to block people from getting off initially due to these crowds), to get back on again, and then once more to get off a couple of stops further on!

Seriously, what does it take to get these people to think "hey, maybe I'm in the way, perhaps I should move, possibly that will make everyone's life easier, my own included"? The fucking morons!

posted at 09:15:32 PM on 2 Dec 2015 by Craig Stewart

Tags:rant stuff people opinion stupid 

"If you have nothing to hide, you have nothing to fear"

So, we have another bill in Parliament to allow the government to spy on us. This one tries to ban end to end encryption, so that should the police or security services need to access your private communications they can do so with out you, or the person you are communicating with knowing about it. Aside from this defeating the point of encryption, it's a lovely side step around the criticism that the government wants to ban strong encryption, the encryption can be as strong as you like as long as it has a hole in the middle where the government can read it. Now as a technical person this riles me, but I am not an encryption expert, so rather than rant about something other people can tell you about far better than I, I'm going to wander off on a different tack.

posted at 11:56:42 AM on 7 Nov 2015 by Craig Stewart

Tags:rant politics security opinion 

The Price You Pay

So a number of concepts and ideas and comments have been floating around my head of late, and none of them have been significant enough, or have I formulated my thoughts enough, to want to pass comment on them on my blog. But it has occurred to me that they have a common thread, and that is that there is a price to pay, and we, as a society, must choose the price we are willing to pay!

posted at 09:19:23 AM on 3 Oct 2015 by Craig Stewart

Tags:comment opinion thinking politics