antipaucity

fighting the lack of good ideas

vampires vs zombies

A few years ago I wrote about why I like good vampire and zombie stories.

I had an epiphany this week related to that, that I thought you’d all find interesting.

If vampires exist, zombies can not exist [long] in the same universe. Why? Because they’d be eliminating the only source of food for the vampires. And since vampires are, more or less, indestructible (at least to the wiles of marauding zombies), when they eliminated zombie outbreaks, they’d do it quickly and efficiently – and, most likely, quietly.

tesla’s solarcity bid isn’t about energy production

Ben Thompson* (temporary paywall) makes an excellent first-order analysis of Elon Musk's bid to acquimerge SolarCity with Tesla. But he, uncharacteristically, stops short of seeing the mid- and long-term reasons for the acquimerge.

It's about SpaceX.

It's about Mars.

It's about the Moon.

Musk knows that he needs an incredibly-solid pipeline of technology to get SpaceX past its initial "toy" phases of being a launch company to the ISS.

He wants to ensure that he's able to support the future on non-terrestrial bodies – lunar missions, Mars missions, long-term space exploration, high-altitude space stations, etc.

Sure, it happens to be good for Tesla (integrating solar tech at Tesla charging stations is a no-brainer). But that's not the end game.

The goal is space.


* Follow Ben on Twitter – @benthompson

can you disable encryption on a windows server?

This was asked recently on Server Fault.

I’m asking if there’s a way to prevent files from being encrypted. I’m referring to some extent to ransomware, but specifically I want the following scenario:

  • Windows File server w/ shares (on the E: drive)

I want a way to tell the above server “don’t allow files on the E: drive to ever be encrypted by anyone or any software/process.”

And, of course, the answer to this question is “no”, as I and others said:

No, you cannot prevent files from being encrypted. How is the OS supposed to know if a file is encrypted vs being of some format it doesn’t “know” about?

You can disable OS-level encryption, and perhaps some programs from running via GPO, but that cannot stop every program, nor users uploading already encrypted files.

What you want to do is ensure users are only putting files where they are supposed to – and no where else.

But more interesting is why you would even ask something like this: is it because you really only want “plaintext” files on the share? (Even when the “plaintext” is a binary format (like an EXE, PNG, etc?) I suppose there could be “value” is disallowing even the concept of encrypted files .. but since encrypted files look like files (albeit ones that are not readably openable).

And I think this really belies an exceptionally-poor understanding of what encryption is – and what it is not. Encryption is meant to protect (or hide) specific content (the “specific content” might be the entirety of your phone or hard drive, or an email, or a trade secret, etc) from eyes who shouldn’t be allowed to see what is happening. Yes, there is ransomware that will encrypt or obfuscate files or file systems and demand payment to be decrypted – but attempting to solve for that corner case by attempting to disallow even the concept of encrypted data is highly misguided: the way to prevent/mitigate ransomware is by a combination of good system management practices, solid IDS and IDP software/appliances, sane anti-virus policies, and general good user behavior. (And, maybe, by using OSes less targeted by ransomware authors.)

on ads

My colleague Sheila wrote a great, short piece on LinkedIn about ads recently.

And this is what I commented:

I held off for years in installing ad blockers/reducers.

But I have finally had to cave – been running Flash in “ask-only” mode for months now, and just added a couple blocker/reducer extensions to Chrome recently (in addition to the ones on my iPhone for Safari).

I like supporting a site as much as the next guy (I even run a few highly unobtrusive ones on my sites) – but I agree: when I cann’t tell whether it’s your content or an ad, or even get through all the popovers, splashes, etc, I’m leaving and not coming back

I hate the idea of ad blockers/reducers. But it is coming to such a point where you can’t read much of what is on the web because of the inundation of ads.

And mailing list offers. Oh my goodness the mailing list offers. Sadly, the only way to block those seems to be to disable javascript … which then also breaks lots of sites I need it to work on – and whitelisting becomes problematic with something like javascript, since it’s usefully ubiquitous (in addition to being uselessly ubiquitous).

For Safari on iOS 9, I have three blocker/reducer apps installed (they’re free, too: AdBlock Pro, AdBlock Plus, & Refine (App Store links)). It’d be nice if they worked for Firefox, Opera Mini, and Chrome, too – but alas they do not (yet).

Also run two blocking/reducing extensions in Chrome (my primary web browser) on my desktop – Adblock Plus & AdBlock).

Shame the web has come to this. Schneier’s written about it recently. As has Brad Jones & Phil Barrett.

Wired and Forbes even go so far as to tell you you’re running an ad blocker and ask to be whitelisted or pay a subscription.

Forbes’ message:

Hi again. Looks like you’re still using an ad blocker. Please turn it off in order to continue into Forbes’ ad-light experience.

And from Wired:

Here’s The Thing With Ad Blockers
We get it: Ads aren’t what you’re here for. But ads help us keep the lights on.
So, add us to your ad blocker’s whitelist or pay $1 per week for an ad-free version of WIRED. Either way, you are supporting our journalism. We’d really appreciate it.

If you’re detecting my adblocker, maybe instead of telling me you won’t do anything until I whitelist you (or subscribe), you think about the problem with ads first.

Just a thought.

meetings

The author of a recent Medium post is so close to right, it’s scary. Gary says the best thing you can do is to cut your meeting length in half.

And that is a phenomenal step. One that needs to happen. But one that needs to happen in conjunction with an even more monumental shift.

Change the start time of meetings to something “weird”.

Don’t start on the hour or half hour. Don’t even start on the quarter hour.

Start at 10 past or 10 til, and go for 15, 30, or 45 minutes – with a hard cut off. Just like college classes. Oh – and just like class days when all you had was a test, as soon as your part of the meeting is over, leave. You may have to wait to leave until the end. But once your piece is done, just like when you finished your test, walk out and get on with your day.

dave winer is wrong

Or maybe he’s right. But for the wrong reason.

Over on Medium, which is where I saw his post, Dave said:

“The problem of requiring HTTPs in less than 140 chars: 1.Few benefits for blog-like sites, and 2. The costs are prohibitive.

There’s actually a #3 (sorry) — 3. For sites where the owner is gone the costs are more than prohibitive. There’s no one to do the work.”

While this was more-or-less true-ish in times gone by, with the advent of truly-free SSL (and not merely the manual free edition you could get from StartSSL) from Let’s Encrypt (see my how-to), automated, hands-off maintenance of your SSL-iness is possible (and encouraged).

There are, potentially, good reasons for saying SSL won’t be required. But blaming costs, upkeep, and “few benefits” are not among them. If anything, SSL-ifying your blog will help with some (not all) attacks launched against self-hosted/-managed services where login data can be otherwise captured in plaintext.

Dave, I like you. But you’re wrong on this one.

prediction look back

Time to look back at last year’s tech predictions. I did this at the half-way point, so let’s see what has changed since then.

  • AIX is still kickin’
  • HPUX hasn’t died yet 🙁
  • Solaris is still being clung-to by Oracle
  • HP split in half – count this a win
  • IBM has dropped from 162 to 138 per share – count this a win
  • IBM still doesn’t realize POWER is having death-throes, but it’s also not dead yet … so this was wrong
  • Z/OS has continued, though not growing as much as I hoped
  • cloud is less of a “thing” and more of a “thing” at the same time … this is a wash
  • cloud hosting providers are competing more on price .. but not as much as I’d expected
  • more “new” (ie less than 15 years old) tech and tools are making their ways into stodgy businesses and government agencies, but it’s painfully slow to watch
  • everyone is trying to be buzzword-compliant – this is a definite win
  • “real” 3D hasn’t arrived on cell phones (though the extra touch sensitivity of the new iPhone 6S and 6S Plus is cool
  • still counting the iPad Pro as a correct on my “MacBook Flex” prediction
  • no fat binary option with the latest OS X to support iOS and x86 hardware
  • no non-x86 Macs .. but the iPad Pro is close
  • Apple may or may not be working on developing a car … this is not true yet, but I think it will be “soon”
  • Tesla has added models, but nothing in the “everyday” category yet
  • SpaceX hasn’t sent anything to Venus or Mars, but they’ve done a bunch of other cool stuff
  • Square doesn’t have a bank option
  • no local competition against Uber and Lyft .. but they’re growing like crazy
  • more cities and regions are fast moving towards being “gigacities” .. not as many as I’d hoped, but it’s happening

In a week or two I’ll put out my predictions for 2016. But first, what are yours?