Software, gingercats, all the important stuff!
Just a quick note!
I’ve been doing this blog thing for a while now (cough!) … but for those of you who are interested there is a hunk of old blog articles to be read here https://gingercatsoftware.com/Blog.php it may be useful to someone. I hope! LOL
Enjoy.
I’ve found an interesting article about AI by research psychologist Robert Epstein over at Aeon.co . It’s a good read and a breath of fresh air with regards a lot of the noise that is being generated of late, about AI running amok (yes I’m guilty of jumping on that band wagon!).
Mr Epstein’s basic premise is that the brain does not work like a computer – it’s different because it contains 86 billion neurons with 100 trillion interconnections. This big hunk of humanity changes due to each unique experience, and we can’t just reduce human conscious down to a big bag of self learning algorithms. That and the computational model that a lot of people rely on is flawed.
I sort of agree with him on a lot of this, but I am also still a little concerned about things like people with photographic memories, how studies in childhood development will influence our understanding of the creation of human consciousness, and I’m still worried about self learning. But if you want a fresh perspective on this stuff the article is well worth a read. May be we are not doomed after all!
I have spent the afternoon researching the work of Sarah Jamie Lewis. A very interesting person and among other things she used to work for GCHQ! The irony is that she is now an independent security researcher who is pro anonymity and privacy advocate.
She is also the author of an interesting product called onionscan, which is a tool that can be used for mapping the dark web.
This particular talk I found rather interesting
Sarah Jamie Lewis: OnionScan: Practical Deanonymization of Hidden Services
https://www.youtube.com/watch?v=r8hr0nlfJRc
Among other things it gives rise to the fact that if you want security you should find your self a great Sys admin! Put simply a lot of sites on the “Dark Web” are not well configured and if you use such services you could be at risk.
She covers such topics as why you should be careful if you use apache as a dark web server. Why not to use a google analytics id (don’t use the same id for all your sites) and be aware that if your using it in the real world as well as the dark web this is a rather incriminating vector!
Other things discussed are exif metadata (from photographs for instance) that give away your geolocation, phone type etc!!
Most importantly though she mentions a lot of the good things that the dark web can be used for including, that a lot of the dark web is blog sites, forums that help drug users with regards catching addiction before it happens and harm reduction. Also that the dark web is used to monitor human rights abuses, and censorship data gathering.
She sums up buy proposing that peer to peer may be the future of creating secure communications due to the fact that the client server model is rather difficult to secure and anonymise. Some very interesting, important and thought provoking work. Her twitter feed is also an interesting read and rather humorous but probably NSFW!
Related links
Source for onionscan
https://github.com/s-rah/onionscan
My server hasn’t been working too well over the last 24 hours due to it becoming a bit of a snow flake, that and the fact the the plumber always has leaky pipes! Not to mention that I was running a rather old version of Debian.
What’s a snow flake server you may ask? It’s what all system admins should avoid! It’s a server that does all sorts of things (often rather well) and as such is a precious little snow flake! The problem with this is that the server will not, or is not, easy to manage or update or improve due to lack of documentation, configuration issues, and / or as was my issue- software and hardware conflicts.
There are a number of ways to manage machine production and developer working environments. These include approaches such as blue green servers, machine imaging with products like puppet and Ansible. As well as a VM approach with products like Vagrant or a software container product like Docker.
Whats also interesting is that with good old fashioned tools like password less key managed ssh access, and shell scripting you can control a lot of the process that the above products like to take claim for.
I’m going to think quite a bit about this snowflake problem some more in the coming weeks. I shall probably write more about how I, as someone with a “production server” and a number of other needs keeps all the ducks on the wall. The end result is that I hope I can create a machine from scratch in a very short space of time. Or at least learn a few things.
Stay tuned!