non troverete mai gente

Ok, sono fuori dall’Italia dal 2008 (rientrato con la legge cervelli in fuga ma cmq mantenendo i miei clienti esteri). Oramai il mio curriculum e’ in mano a svariate agenzie le quali mi chiamano con progetti che partono “domani” e che hanno un chiaro budget a disposizione di cosa vogliono/possono spendere come tariffa oraria.

Secondo voi, io a uno cosi’, dovrei stare a rispondere?

Posto che sto lavorando con una media di 220 giornate fatturabili annue… per cui NON ho bisogno di altro lavoro, semmai di continuare ad alzare le mie tariffe orarie (signori, viviamo in un mondo capitalista, non stiamo a prenderci in giro).

Se le aziende italiane vogliono trovare (tradotto: se vogliono essere competitive su un mercato globale) devono fare un salto di qualita’ a livello di ricerca di personale.

…e non piangere miseria sui giornali che non trovano personale specializzato

AGGIORNAMENTO: così si fa un un annuncio di lavoro se volete essere presi in considerazione …

WhatsApp numbers data collection by China?

I’m a single 41 years old italian and european citizen, on social media and dating apps. Nothing odd until here. Funny thing is since a couple of years I get targeted by lots of good looking chinese ladies with the sole purpose of “adding me on WhatsApp” using the bait of a getting to know me better for a relationship. All of them, once added or once I deny to be interested to add em on WhatsApp, they disappear.

Once, I thought I was simply not good to keep the interest on an instant messaging conversation… twice started to get frustrating… after the 3rd and 4th time I started asking to stay in the dating app without disclosing my mobile number. After seeing repeatedly disappearing interest once I declined the use of WhatsApp… all from chinese/asiatic look alike women, well… my paranoia got triggered and decided to write this post.

Someone is gonna see it in a more contextual search, maybe.

Telelavoro Capitolo2

Ovvero… starlink.com

…questo post a un anno di distanza del primo tentativo con 2 diversi operatori telefonici. A sto giro andiamo di padelle satellitari per il servizio in LEO (low earth orbit) di Elon Musk.

Fail 1

Idealmente era da mettere sul terrazzo, peccato che l’antenna vada a cercare il nord e non il sud come TUTTI gli altri servizi satellitari. Per cui servirebbe una pertica di metallo di almeno 4mt (sono 3 ad arrivare alla grondaia sopra la mia testa) per superare il tetto e avere visibilita’ verso nord. Non ho idea di quanto possa essere impattata da alberi e dalla mansarda che sta sopra di me. Sarebbe da valutare di metterla in cima al tetto e avere il cavo che vien giu’ libero, da attaccare all’occorrenza.

Fail 2

Lo Starlink arriva con un cavo lunghissimo, per cui ho fatto la prova piazzandolo sulle scaledel condominio. Non c’e’ stato allineamento coi satelliti, e’ troppo in copertura.

Successo

Ovvero… con la coda tra le gambe, stavo gia’ andandomene a casa, ho avvistato il custode. Mi sono fatto aprire la sala comune e ho almeno testato il servizio… va che e’ una lippa…

volevo telelavorare in Presolana

ma… i miei test con 3 diverse simcard sono stati miserabili

qui sotto con PosteMobile al Colle Vareno

questa invece Iliad, sempre a Colle Vareno

(da notare l’uplink… il che mi fa pensare male, se non malissimo)

simcard tedesca SimplyTel in roaming invece non si agganciava manco alla cella
…sia questa che PosteMobile erano nel mio Xiaomi Mi9, mentre Iliad era in un Punkt

+++ stesso giro di test da un altra locazione +++

Iliad al Passo della Presolana….

e PosteMobile… sempra al Passo, sempre con un uplink da “parolacce, tante”

measuring a connection MTU

I did end up on this link https://www.sonicwall.com/support/knowledge-base/set-mtu-in-vpn-environment-in-case-of-throughput-issues/170705131319789/ but the command which is suggested do not seem to be valid on a Devuan GNU Linux system.

Instead… ping -s 996 www.yahoo.com

Ping itself gives the total count +28 bytes of IP and ICMP headers.

Why all of this? well, for instance 996(1024) is the maximum MTU on a roaming simcard over the WINDTRE network in Italy… 1436(1464) over PosteMobile (non-roaming). Since I do have an OpenVPN on port 443/TCP which accepts only connections from known IPs… well, I had to go over my german symcard’s network to reach home.

Now fiddling with link-mtu and tun-mtu… stay tuned

debugging slow logon

I love solving tough problem, or at least cast some light. One of my customers (I’m back consulting as whitehat.berlin since 2018) was having some serious issues on the AD logon. It took above a minute, with sessions timing out, for users to logon to their workstation. Beautiful, overprovisioned setup, we didn’t really spot the error, aside of going down to update fileserver’s fiberchannel card drivers and starting moving around data between shares. I still believe it is suboptimal to either partition the load manually creating new shares, not leveraging, if it does the job, the DFS(R?) solution from Microsoft.

The fun though came for someone like me to the challenge of collecting data in a proprietary enviroment, especially when you do have a vendor on storage, one on the appliance involved, and another and another, and none of them is responsible for the whole solution… a bit like the BER airport, everyone involved, noone responsible for the overall solution. So, how to isolate the problem at least? We had data from the storage itself, all green, all performant, not much from the client OSs… that in this case are the Microsoft fileservers. So? Well, seems that Microsoft itself has a metrics interface called WMI… Windows Metrics Interface… good ah? Out of which it delivers all the info you see in the Task Manager and similar tools. Well, a bunch of skilled hackers came up with 2 nice tools, one built above the other.

On one hand leoluk/perflib_exporter which looks up in memory, actually bypassing the standard WMI interface (more details on its github page) and delivers a full data dump of ALL available metrics that are in the OS. I was having a SysOps orgasm going through it. On the other hand martinlindhe/wmi_exporter that simply reads that dataset and converts to a format understandable by prometheus. Leading to this beautiful chart…

debugging_logon

This way we could spot which server was serving, how many filedescriptors were open on a certain share… and so on and so on… and yes, I had to come up with the SMB Samba Share data class… as that was missing, but it was just a couple of hours of cut&paste work. I now need to find the time to clean it up to get it merged back in the main project.

p.s. I didn’t know… golang compiles, with no complain, from linux, a .exe windows binary

device unbind

I don’t like writing about things I didn’t do. But in this case my colleagues at OLX are mentioning I shall document it, for others. We were in trouble with an EBS volume on AWS as we had 2 of them attached to a box, one supposedly released but not completely.

From AWS Web UI we saw that the device was released, but in the box we could still do the listing of the content of the mounted device. It was RO though… but still, unclean situation.

We first cleared the filesystem in memory cache, and at least that removed the data from within the filesystem tree structure… but we could still fdisk list the device… at this stage I went for the latest escalation solution in this domain… call Alessandro Rubini, co-author of Linux Device Drivers.

Solution suggested… go into /proc/sys device folder “xen”, then folder related to the device module “blkblock” or something similar… then in there, there were 2 symlinks, with the name/alias of the devices… this is basically the reference in memory of the mapping between the module and the device… it is kept in the MODULE_DEVICE_TABLE data structure. Echoing such string (unique to the device) into the “unbind” special file which is in the above followed folder, releases the datastructure and therefore the device without having to unload the module. There was another healthy device held by such module, therefore we couldn’t unload/load it to flush its state.

$ ls /sys/bus/xen/drivers/vbd/
bind module uevent unbind vbd-12345 vbd-98765
$ echo  vbd-98765 >/sys/bus/xen/drivers/vbd/unbind

Third Async Cats Meetup

incontro berlinese sulla gestione di team remoti

Async Cat Herding

Our third meetup will be slightly unusual in that instead of being a brief lunch session we’ll try and bring enough speakers together for an afternoon session. The idea was born at Europace: After our last meetup Stefan Rudnitzki approached me the idea of hosting a “complete afternoon meetup all around innovative management techniques over at Europace”. We quickly picked a date, reached out to interesting speakers and booked the meetup space.

Please make sure to register online.

As at least some talks will be German only, as such the announcement will be kept in German below.

Innovative team management techniques Meetup @ Europace

Hallo zusammen,

die Europace AG plant gemeinsam mit Async Cat Herding am 28. Februar 2017 einen Nachmittag rund um das Thema innovativer Team Management Methoden. Das Ganze findet bei der Europace AG (eine Tochter der Hypoport AG) in der Klosterstraße 71 in Mitte statt. Euch…

View original post 398 more words

i2c_hid & cryptdevice

you’ll find lots of people complaining about luks, cryptdevice, grub and a damn usb keyboard… now, the fun comes with new laptops like the one i’m playing with

first of all it has on board a cursed SoC called baytrail (renamed bayFAIL by most of the people on the internet) …. second, well…. whatever… you are on your own … as me, as always

the laptop is a Lenovo 100S, it comes for 199EUR off the shelf in any electronics store in Germany… and to install, go straight to a Debian Testing amd64+i386 DVD iso… to be dd-ed onto a usb stick. Don’t use a non-multiarch installer, the EFI will be ur enemy. It won’t boot 😉

so…. the solution for the damn keyboard… once installed… and once you logged in with an external usb keyboard is to modify the /etc/initramfs-tools/modules and add the following:

i2c_designware_platform
i2c_designware_core
i2c_algo_bit
i2c_hid

then just type:

update-initramfs -u

and reboot

…yes, you are welcome