Tuesday
16Mar2010

Migration complete!

DateTuesday, March 16, 2010 at 12:00PM

I did not think that the migration which I started to undertake back in December would take this long to complete.  Nor be this painful.

All of my hosting originally was on Dreamhost.  That was fine - until you started to load multiple resources.  A photo here, a video there, and a blog post there combined with another photo.  It’s not their fault, its just the pains of shared hosting and I didn’t want to pay the extra premium to bump up to a dedicated hosting option each and every month. 

So back in December I started looking.  Looking for a way to allow me to keep and use Dreamhost(Im still a fan of them) as well as provide a little more flexibility as well as provide a way in which I didn’t have to update my software every few weeks(Wordpress - Im a fan but all of the security patches and updates recently have killed me when you try to manage multiple sites).

I know how to do everything on my end, and I don’t mind doing it for others.  But when maintenance takes up so much time that you can’t even dedicate any time to your own site to actually do anything with it.  Then it becomes a problem.

I’ve known about squarespace for a while due to listing to the twit network.  I know Leo is a fan so I took the plunge and tried a fourteen day trial.  I was in love.  No more security updates that I have to deal with, easy templates to work with, and it just works. They even have step by step instructions on what you need to do to get your own domain pointed to their site.  And once you do that, it just works.

So I figured out how I was going to do the blogging component.  That was one step.  The only downside(for me that I can see) at least for Squarespace was the little amount of storage you got with account before you had to jump plans or buy more storage(which I admit is not that expensive per month, but it does add up).  So what I did was I devised a plan to spread out the storage and bandwidth to other locations outside of Squarespace, and that is what took forever to figure out.

The video component of it was easy.  The videos could be hosted on a sub domain of randomizedharmony.com (media.randomizedharmony.com) back on Dreamhost.  They offer “unlimited” bandwidth and storage on their hosting plans - so that was easy enough to tackle.  Just had to configure the video players to point at the correct location and then all video was coming from the dreamhost systems.  This saved on my monthly Squarespace bandwidth meter as well as storage. 

Next up was photos.  This was not so easy.  I originally used Gallery2 on my Dreamhost server, but I had so many problems with that where the thumb nails would disappear the database would get corrupt or any other random issue which meant I had to reload the photos multiple times.  Also, applying updates was no always easy for that software.  I needed an easy to use system which also offered a lot of storage.  I like to upload my photos nice and large and a lot of them. I tend to take way more than I could ever view but I enjoy doing it — plus - I got a secret plan in the works which requires more space and organization. **Insert Evil Laughter Here**

So out to the web to start trying out photo sharing sites.  Sites dedicated to just photos.  It took a while, but eventually I landed on SmugMug.  For a few reasons.

  1. You could point a domain to your smugmug page, so photo.randomizedharmony.com now brings you to my smugmug page
  2. You can customize it just about as easily as you customize the Squarespace page
  3. It just works
  4. Its one yearly fee
  5. Unlimited storage and unlimited bandwidth

I was sold. 

So now, photos are being uploaded to smugmug and appear from that domain(photo.randomizedharmony.com) the videos from dreamhost(media.randomizedharmony.com) and the blog contents (and random iphone photo uploads) from squarespace(randomizedharmony.com).  This helps spread out the balance of everything I have so that its not all reliant on one particular system, but also puts as little strain as possible on each system while still being able to maintain all the media I have.  And since I do plan on becoming more media centric this year(again - my evil secret plan to rule the world) I needed something a little more flexible which delivered on a good price and speed and which reduced the amount of time I spent managing things.

So would I recommend this setup for someone else?  Not particularly.  A setup I would recommend for others might be for them to use Squarespace as their blogging/hosting company and smugmug pro account for their video and photo sharing(yes- smugmug pro does do video in their galleries, but I wanted a little more flexibility for the interaction with the blog and to come from a different domain for my specifications.  I do have to say that I will be making use of this in my secret project to come though)

It took a few months, but the migration is complete.  It took my this long to migrate all my email over to the randomizedharmony.com domain - but even like that - there might be something which I missed.  It happens, and when the 404 occurs, I’ll be sure to notice, groan, and then fix it.

AuthorPaul | CommentPost a Comment |
| Print ArticlePrint Article |
tagged , , , , , , , in ,
Monday
15Mar2010

Some things should never come in a packet

DateMonday, March 15, 2010 at 7:25PM

There are some things, such as jelly, I'll accept in a package, but butter in this type of package is unthinkable.

AuthorPaul | CommentPost a Comment |
| Print ArticlePrint Article |
tagged , , in
Sunday
14Mar2010

Now I have to equip a +5 defense modifier for my email?

DateSunday, March 14, 2010 at 5:26PM

One of the shows which I listen to on a frequent basis is Security Now and it started out pretty much in the best way to grab attention ever.  A new phrase: Weaponized Email.  Actually once it was more thoroughly explained, it doesn’t appear to be as bad as it originally sounded. Apparently it is the new term for Spear Phising which, per Search Security can be defined as:

Spear phishing is an e-mail spoofing fraud attempt that targets a specific organization, seeking unauthorized access to confidential data.

So apparently its not as bad for me as it seems.  I say for me because I am able to see through emails which tend to be phising in nature.  But that comes with the nature of working in the tech field and being around the internet news all the time.  Most of the current population isn’t able to decipher what is and what is not a phising email, at least the good ones.  The good phising emails sometimes look so authentic that until you really inspect it, it looks like the real thing to even the best experts out there.

What makes spear phising more dangerous is that it is specifically targeted to a specific company/group and potentially has a larger chance of someone falling victim to the phising scam.  Old style phising scams typically target thousands to millions of people but spear phising scams can target under one hundred people and due to the nature in which they are engineered are more successful.  A prime example of this is if someone is able to hijack a facebook page or through other methods find out the events of a company which they wish to target(for example - a company outing, picknick, etc) they can send targeted emails as though on from one of the people from the company to others in the company indicating to check out photos/etc from the recent events.  When they go to check out the link, they get infected with some sort of malware allowing for the access of the hackers to the company system.  As soon as they have one computer under their control, they can then use this access to gain control of other systems, sometimes hopping from one system to another getting access as they go along. 

This works because there is an implied chain of trust going on.  Normally a phising email has nothing to do about recent/daily events.  (Such as - Is this you?).  But if you receive an email from a coworker who was at the event a few days after a company picnic letting you go to a link which looks like it goes to facebook, there is a higher level of trust.  There is the assumption that it came from the person whom said it was sent from - who really checks the headers anyways?  Maybe only the hardcore geeks but the average person doesn’t know how to check or even care to check headers of their email.  Due to this (what looks like) higher level of trust, the average person assumes its safe to click on the link.  It wouldn’t suprise me if this would even catch some IT professionals off guard.

One of the more highly publicized incidents of the spear phising is of course the breakin to Google’s servers recently.  The sequence of attacks is know as the Aurora attacks, and for those venturous few, you can read a little more on this at McAfee’s Blog regarding the Aurora attacks.

A more specialized attack means that we’ll need to have our shields secured more when we check our email.

So how can you equip your email with a +5 defense modifier?  Take a few simple precautions:

  1. If you receive a link in your email - do not click on the link.  Instead either copy and paste the link if it looks like a legitimate link, or type in the link manually.  It is easy to mask the destination of a link from what is shown on screen.  While this can leave you still somewhat vunerable - if the domain of the site is not recognized do not go to it at all
  2. If you are using Outlook, make sure to keep your windows up to date.  Outlook uses(at least in current versions) IE to render HTML emails.  Any security updates in IE can potentially be triggered in Outlook.
  3. If Grandma emails you to look at pictures of her Blueberry pictures on facebook, do yourself a favor and log into facebook and go to your grandma’s profile manually instead of clicking on the provided link.
  4. Do not rely on current phising emails to be grammatically incorrect or to have bad spelling.  Modern phising email scams are professionally done.  Long gone are the Nigerian Princess money phising emails which automatically trigger the internal phising filters in our minds due to the horrible spelling and grammar
  5. Just because an email has the real images of the institution which the email is supposedly from, does not mean that the email is authentic.  These items can be copied, linked to, and referenced.  In fact, it could be that an authentic message from an institution can be copied, and only the link(s) in the message can be edited to install malware.

Also, always make sure that you have some sort of anti-malware/anti-virus software installed on your computer and that this is up to date. At the current moment, Macs are more secure and less susceptible to malware.  If you are running Windows, I recommend that you check out Microsoft’s free antivirus software.  Its lightweight and offers protection which is essential for all computers.  If you want a little more options and robust software, there is a wide selection available.  One of the best antiviral packages out there is Nod32.  It may seem to be a little pricey(more than free), but it is by far the best antivirus software out there which I have come across.  The antivirus software provides both anti-malware and anti-virus software and the security package does more, but most people should be fine with the antivirus software.

I think for now, a +5 defense modifier should be fine, but unfortunatly we will need to a +10 modifier.  I guess after leveling up a few levels, we should be able to think and use the proper equipment to do this.  Until that day…

AuthorPaul | CommentPost a Comment |
| Print ArticlePrint Article |
tagged , , , in ,
Thursday
04Mar2010

Long live the Ficadile!

DateThursday, March 4, 2010 at 8:50AM

Many years ago I went on a trip with some friends.  We looked around while waiting in line and of course, being the most intelligent of college students that we were, we didn’t know what we were looking at.  Course now times are different.  We are all grown up and smarter.  But amazingly enough, I at least still do not know what that darn fish is.



Thats ok though.  Im not looking for answers.  The Ficadile lives on and continues in its awesomeness to this day.

Long live the Ficadile!

AuthorPaul | CommentPost a Comment |
| Print ArticlePrint Article |