Posts From April, 2012

In case of emergency, wear the shopping bag

In case of earthquakes, it's always recommended to wear an helmet to avoid to be hit in the head. But not always you can grab something valid.

Grappa (to be not confounded with Italian grappa) helps us: it's a shopping bag with a SHOEI helmet inside! Say no to those pesky rubbles that always want to hit your head, just wear Grappa and you are safe!

Advertising in homeworks

Well, today in Italy I saw something that cross the bounds of decency: advertising in homeworks.

It is quite normal: read a paragraph, then answer the questions. The problem is this: the paragraph actually is a press release from the Italian Postal Service!!!

Imagine to have an homework like this:

With nearly 100,000 places to buy stamps, ship a package or renew a passport, the U.S. Postal Service is expanding customer access to its products and services. It’s not about brick-and- mortar Post Offices anymore, as postal products move online and into retail outlets, grocery stores, office supply chains and pharmacies.

Then have to answer questions like "Where you can buy stamps?", or "How many offices are in the country"?

Product placement? Subliminal message? This kind of stuff should be illegal....

Is Kickstarter a scam?

Short answer: no, even if they don't send you anything.

Long answer: Kickstarter is a crowdsourcing website where some inventors can find investors to launch their idea. How does it work?

Who has an idea writes a project, calculates how much time and money needs, makes a prototype and an interesting video to promote it.

If you like that idea you can contribute with your hard-earned money, if the project becomes propular and reaches the objective in some time, it will be financed, otherwise the money will be given back automatically.

To thank investors, every project has some "donation tiers", for example they can say "I will send the final product to anyone who will donate more than $200".

Happens that people can be confused and think that it works like Amazon, that the product is almost ready for production (if it is, why asking money for research&develop?) and ready to be shipped. Instead the product is in name only, and it needs money to be realized. If you pay, you are not buying the product, but you are helping the inventor to finance the project. (And then, as with all investments, you will be compensated in some way, for example by getting the prototype in previe at discounted price, or something else)

Let's do an example:

The ZionEyez, and HD camcorder integrated in a pair of glasses. The production should have started in october, instead in april they are still trying to solve a problem with cable wear, and the electronics is up in the air.

The buyers investors got very angry, for example, I take this comment from a fellow citizen of mine:

is this ZionEyez Team of Naples?
ready to line up me to an eventual one class action against this group in swindle odor greet all the swindled ones, I think that I will lose mine 300€ [...]

Besides the awful English "made in Google", is he really serious to ask for a class action? For $300? Who will pay the lawyers? In a recent case about a security breach, the 11 victims got a $1925 compensation, but the lawyers got millions ($600k + $2mil).

How to change the SSH port

When I set up my server, I decided to keep the SSH port at its default value for those three reasons:

  1. Worried to make the configuration file corrupted and not being able to log in anymore.
  2. Worried about some incompatibilities with some SSH software.
  3. With a port scanner it's trivial to find the new SSH

Of course I didn't leave the server in the wild with default settings:

  1. Access via preshared key with a long passphrase
  2. Configured Shorewall to slow down access to the port 22 (at most 1 request per minute)
  3. Set fail2ban to block access for 24 hours to who inputted the wrong password for more than three times
  4. Set fail2ban to send me an email in case of hacking

Recently, there was an attack from Korea with hundreds of logins.

Initially I decided to ignore the matter, then I said "Hey, changing the ssh port it's trivial!", so here is how to do that on Debian/Ubuntu:

nano /etc/ssh/sshd_config

Then change the port here:

# What ports, IPs and protocols we listen for
Port 2200

Then, restart the SSH daemon

/etc/init.d/ssh restart

Voila!

Google's jokes for April's fool 2012

Probably you already see them, but I list the jokes that Google did this 1st april:

Taking pictures framing with fingers

A prototype of a japanese camera doesn't have viewfinder or display, just insert a finger in a slot and frame with finger. Explain with words is much more difficult than really it is, this is the video: