English

Just another nice data point for my hypothesis. Now SD-cards have been exploited: "On Hacking MicroSD Cards". In the last year alone people found exploits for hard disk controllers or for wifi sd card.

My hypothesis: "Every thing containing a microcontroller can be exploited to do more than planned or something completely different. And as almost every piece of technology that surrounds us uses a micro controller, almost everything around us can do more than we expect ... and probably do already more than we expect from it. Who know ... most people doesn't even know what their computer is doing while they think their computer is just doing word processing. First derivate of it: Time to do some stretching in order to be able to put our heads between the legs for brace position and to give our butts an good-bye kiss when everything gets out of control".

The $year++ just took place. So i just wanted to wish you a nice 2014. I made some new years resolutions. Like loosing the same amount of weight as in the last 3 months every 3 months in the next year. Like doing my taxes earlier this year. But is the same resolution as last year and this year i dropped my tax declaration into the postbox with just one or two hours left to of the old year.

There will be a new LKSF version this year. I planed to release it on 1.1.14. However after working on it, a publication in first half of this year is more realistic, perhaps first quarter ... however i can't promise it. The blog will stay at this relatively low level of publication, however i plan to post technical articles when interesting stuff is passing by ... however end of last year the construction of my home as been finally completed, so maybe i have much more time now for the blog again. This was really a killer for the blogging frequency.

So: Have a nice 2014. I wish you a lot of success and i hope you stay healthy at least until the next $year++

As the first three events are in Germany and take place in german language, i will now switch over to german. Zusätzlich zum gestern angekündigten Event in Hamburg möchte ich drei weitere Vorträge ankündigen, die ich halten werde.

Business Breakfast in Düsseldorf am 15.1.2014

Am 15.1 findet in Düsseldorf ein Oracle Business Breakfasts statt. Dieses wird drei Themen haben:

• 1. Panic - das unbekannte Wesen oder: Die 10 größten Unixmissverständnisse
• 2. Oracletuning für Solaris 11
• 3. Highlights vom Solaris Day am 3. Dezember 2013 in Frankfurt (diesen Vortrag wird mein Kollege Michael Färber halten)

Anmeldung ist auf der Seite des Events möglich.

Business Breakfast in Frankfurt am 21.1.2014

In Frankfurt findet 8:45 bis 12:30 ein Business Breakfast zum Thema Security statt. Also wer zu diesem Vortrag (ich werde zwei weitere Punks erzählen, die nicht im Vortrag sind, aber die sind eher klein) die Tonspur haben will, wäre hier richtig aufgehoben.
Eine Anmeldung ist hier möglich.

FRAOSUG am 21.1

Michael Gottwald hat dann gleiche die Chance genutzt und mich auch für einen Vortrag for der FRAOSUG verhaftet. Ich werde dort meinen Vortrag "Der Panic – das missverstandene Wesen – oder : 10 (oder mehr) Irrtümer zum Thema Solaris." halten. Es ist die Langversion des Vortrags aus Düsseldorf Beschreibung und der Link für die Anmeldung findet sich hier. Es geht in diesem Vortrag um Missverständnisse, die mir regelmässig über den Weg laufen in der Praxis. Ich vermute, das die Menge der Leute, die mich zweimal am Tag ertragen eher klein ist, aber dennoch

Oracle TechDay Vienna

Ich selbst halte da keinen Vortrag, nichts destotrotz möchte ich die Gelegenheit wahrnehmen, auf den Oracle TechDay Vienna hinzuweisen. Mehr Informationen findet ihr auf der Anmeldeseite.

This is an announcement for an event in Hamburg taking place in german language. So the rest of the text will be german.

Es ist wieder ein Oracle Breakfast in Hamburg in Vorbereitung. Termin ist der 28.1.2014 in der Zeit zwischen 09:30 und 13:30. Das Thema in Hamburg ist diesmal die "Service Management Facility". Ja, ich weiss es ist schon seit Solaris 10 enthalten, doch ich sehe einfach noch viel zu viele init.d-Scripte da draussen.

Deshalb eben dieses Thema. Aus der Einladung

Die Service Management Facility (SMF) von Solaris, obschon seit Version 10 enthalten, ist für die meisten Kunden immer noch ein Feld, das recht selten betreten wird und oft mit dem Schreiben eines init.d-Scripts umgangen wird. Dadurch verliert man jedoch Funktionalität. Dieses Frühstück will noch mal die Grundlagen der SMF auffrischen, Neuheiten erläutern, die in SMF dazu gekommen sind, Tips und Tricks zur Arbeit mit SMF geben und einige eher selten damit in Verbindung gebrachte Features erläutern. So wird auch die Frage geklärt, was es mit dem /system/contract-mountpoint auf sich hat und wie man das dahinterstehende Feature auch ausserhalb des SMF gebrauchen kann

Um zahlreiche Anmeldungen auf dieser Seite wird gebeten.

Not everything in the world is brand-new and sometimes your brand new server has to communicate with a really old TCP/IP enabled device. As such devices are sometimes really limited in resources, sometimes they don't obey some of the best practices. This article will describe and issue arising out of this and how to circumvent it.

It's not that frequent that you have bunch of engineers of Solaris in Germany for a day of presentations. However ... on December 3rd they are in Germany. I just want to invite you for this event. Please register for it on this website. It promises to be really interesting as the agenda contains the names of the who-is-who of engineering as well as interesting presentations. So if you want to listen to those people and ask them questions (or tell them what you think about their product )

Agenda
Time	Session	Speaker
09:00	Registration and Breakfast
09:45	Oracle Solaris - Strategy, Engineering Insights, Roadmap, and a Glimpse on Solaris in Oracle's IT	Markus Flierl
11:15	Coffee
11:35	Oracle Solaris 11.1: The Best Platform for Oracle - The Technologies Behind the Scenes	Bart Smaalders
12:35	Lunch
13:25	Solaris Security: Reduce Risk , Deliver Secure Services, and Monitor Compliance	Darren Moffat
14:10	Solaris 11 Provisioning and SMF - Insights from the Lead Engineers	Bart Smaalders & Liane Praza
14:55	Solaris Data Management - ZFS, NFS, dNFS, ASM, and OISP Integration with the Oracle DB	Darren Moffat
15:25	Coffee
15:45	Solaris 10 Patches and Solaris SRUs - News and Best Practices	Gerry Haskins
16:30	Cloud Formation: Implementing IaaS in Practice with Oracle Solaris	Joost Pronk
17:00	Q&A panel - All presenters and Solaris engineers

The mails with the slides for the attendees of the Oracle Breakfasts should be out by now, so i want to link people to the presentation i've held at the breakfast. I just whitened them (the c0t0d0s0//org is just a kind of an ineffective watermark ) as i don't think that my blog is the right location to publish oracle branded slides as it's by no means an official Oracle blog.


(click to view)

It is more a live demo put into slides and without the voice track it may be a little bit hard to understand, but maybe it is useful to some or the other.

Markus Flierl , VP in charge of Solaris Engineering at Oracle, wrote an interesting article about his impressions from the OOW2013 in "Impressions from Oracle Open World 2013". At first he gives an nice example what happens when engineers work together ... well ... to engineer things to work together:

When we initially tested the Oracle DB on this large machine it took 2800s to fill a 30TB SGA when running Oracle DB 11g on S11.1. Working closely with the Oracle DB team we have been able to get this down to about 130s now! That's a 21x speed-up! We had to do a whole bunch of work on both sides to accomplish that!

However he speaks a little about the future like Solaris Kernel Zones, the Unified Template Builder and the integration of OpenStack and Puppet as well. Really worth a read.

Okay, i know this will annihilate productivity for today, but just in case you have some brain cycles to spare: Here is a small jump and run game called Oracle Runner.

Interesting article about stuff you have to know when you have to use IDR (Interim Diagnostics / Relief) on your system: "Top Tip: Managing Solaris 11 IDRs".

Since Solaris 11.1 the ssh implementation of Solaris supports the usage of X.509 certificates. There is a tutorial of a colleague that explains the setup however when i linked to it a while ago, i got some mails telling me, that it was a little bit on the hard side to understand. So i thought it would be a nice idea to explain the stuff Hai-May Chao wrote in her article on OTN the LKSF way.

However there are a few differences: I won't explain that much about command lines and - more important - i'm using openssl instead of pktool to create keys and certificates.

That was really cool in the recent days. I made my 4 "Solaris Security 11" events as part of the Oracle Business breakfast series talks in the last 2 weeks. I don't have the final count, but the final numbers of attendees were north of 100 people, not bad for such small event series (it's organized by local technical colleagues) with extremely technical content. There is really a lot of interest in this kind of topics. I'm doing a final release at the preso at the moment for distribution. Think i will put a deoracleized version on the blog.

Friday was a little stressful. Did a second talk about "Oracle Virtual Networking" afterwards in front of a few colleagues. This is really great technology, so i like to talk about it. Closed at 14:10, went to the garage, arrived there at 14:13 (didn't know that there was parking space directly in front of the building), the machine for payment just took cash and only bills up to 20€. Dang. Just two 50€ bills. And 17 cents short of the money in coins. Damned. Okay, going into the adjacent shopping centre to get smaller bills. 14:21. Short traffic jam in the Peteul tunnel. Doesn't sound that bad alone, but my flight to HAM started boarding at 15:00 and so things started to get interesting and in the tunnel i got a little bit nervous. As i had to refuel and return a rental car it got even more interesting. To make the story short: Was at the gate at 15:10 .. not a single minute too early.

That said: Telling people about technology, sharing my knowledge and enthusiasm for it by doing such presentations. Could do this all the time

12 years and one day after NineEleven. It's okay only to remember the victims of Nineeleven on 9/11 of each year. But on all other days we should remember that civil rights is an ongoing fight, too. Not only against terrorist in the pre-nineeleven sense and terrorists in the inflationary post-nineeleven sense, but especially against people that offer you a little bit of security with the price tag of large dents in your civil rights.

Sometimes i would like to be able to do the jedi mind trick. Like "This isn't the performance issue you are searching for". Because it would be easier to convince people in that case that they saw the effect, but not the cause. That said, I think the real root cause on what i will describe in this block of this problem is the separation of database admins and system admins. But that's my personal opinion.. Imagine from one day to another, your storage goes mad. The analytic tools of your storage show long latencies, the led of the storage just show massive use of the storage. As you didn't made any change your first assumption is "storage has a defect" or "i just hit a bug in the storage firmware". At the end he or she thinks "No major release changes. Perhaps a few minor configuration changes. And none of them has to do with storage".

The new iPhone has a fingerprint scanner and some people are already complaining that this isn't good decision of Apple in this "NSA here, NSA there" times. Perhaps it's really not a clever idea from the PR perspective. However you have to do a threat analysis. What's more reasonable and more dangerous and damanging to you. The fear that the fingerprint (most often the sensor don't deliver a finger print but something like a hash code of the print) may leave the phone (you leave 1000 copies of your finger print a day around you just by grabbing stuff anyway). Or thieves, friends preparing a prank or your significant other just following the grease traces on your phone to find out the unlock code (which you don't need with a finger print scanner)?