Skip to content

The Isoblog. Posts

Secure defaults kind of matter…

snyk writes on secure defaults:

Before version 2.6.0 hipster data “store” did not by default require authentication (wait, what?) and also did bind to * instead of

As a result, by default, each MongoDB data “store” has been accessible from the entire internet.

Scanners such as Shodan provide an index to all such MongoDB installations on the entire Internet. Enterprising anonymous “hackers” have monetized this opportunity by accessing these installations over the Internet, encrypting the data and then accepting Bitcoin for the decryption password – or scamming the installations owner, assuming that people who put production data on internet-wide installations with unauthenticated access deserve to be conned and then conned over again.

Other hipster data stores, including Elastic Search, CouchDB and Redis, are known to have similar access properties. NoSQL might actually mean “NoSequrity”.

Leave a Comment

EU described own policy as ‘complete failure’

EU Observer reports on a five page internal note from the EU director-general at the commission’s internal market and industry department:

“Absolute NOx emissions of diesel vehicles under real driving conditions have hardly changed” despite “various” EU “steps”.

“On the road, a Euro 5 vehicle emits almost the same amount of NOx per km as a Euro 3 vehicle.”

The testing method, which is nothing like real road conditions, is mentioned as a contributing factor.

Leave a Comment

The mountain is melting…

Swiss magazine Blick reports that the Moosfluthbahn up to the Aletsch glacier is out of operation, because the glacier is melting under it. The station is brand new, and went into operation only last year.

The station up at the glacier had been constructed with the glacier melting in mind: It sits inside a concrete tub which can be righted with hydraulics. Engineering calculations have been made assuming 9 meters of movement in 25 years. The actual measured movement has been up to 0.7 meters per day, though.

The glacier is melting very rapidly, making the ground unstable. Similar things are happening all over the Alps.

Leave a Comment

To build or not to build… and if so, what.

Bloomberg has an article about the Car Manufacturer summit between Trump and US car manufacturers.

Basically, Trump needs manufacturing jobs for the people who voted for him, but the US car industry does not look good. More than 100 plants have been closing in the US under the last two presidents, and if one would be building cars in the US, plant and product would be looking a lot like… Tesla.

Which is not only defeating the point with regards to Job creation, because the plant would be mostly automated. It is also defeating the point of all the Oil people, which have been helping Trump as well, and which very much would like to see the US not transitioning into renewables before they get out of their superheated Carbon bubble.

Leave a Comment


So Python is a beautiful language, which is also kind of slow. And the more cores you have, the worse it gets, because of the GIL in the most popular implementations.

Other languages are much better at concurrency, one of them supposedly being Go. So Geeks at Google have been pondering the problem, and came up with a Python-to-Go compiler called Grumpy. Read more about it in their blog.

In rigged benchmarks it looks awesome, and under real world load it supposedly performs quite well.

But the best part is the Logo. Which looks like this:


Leave a Comment

Shit geeks say

So the Geeks at Datacenter Dynamics quote this geek:

“With a market of more than 80 million people within a roundtrip delay of 30 milliseconds, covering all major cities of Northern Europe, the Baltic states and western Russia, Stockholm is an ideal location for cloud players and other major data center actors,” …

So how many million people are within 30ms of you? :-)

In other news, the more countries go renewable, the less they are charging for power (they may be charging for infrastructure, though). For data centers in Norway and Sweden, it appears that we are below 4 Cent/kWh now. Oh, and can we please use the exhaust heat from your computers to heat our capital, please?


Lianne Ploumen launches fund on family planning in response to Trumps funding cut

The NL Times reports:

Dutch Minister Lianne Ploumen: “We want women to keep as much access to their rights as possible”, Ploumen said on Tuesday. “Banning abortion does not lead to fewer abortions. It leads to more irresponsible practices in back rooms and to more mothers dying.”

She’s launching an international fund to make up for the about $600 million gap created by Trump’s decision to scrap funding to organizations that help with family planning and offer safe abortions in developing countries (Nope, that’s not the USA. Yet.)


1 Comment

The Blog

Tech Meta: As you can see, this blog is still being built.

  • I seem to have fixed the most glaring problems with the stylesheet – blockquotes and links in the text are no longer in an outsized font.
  • Basic wordpress hardening is in place. A longer article about that needs to be written.
    • Command line tools for WP are in place, and the installation of the blog has been ansibilized. In a completely horrible way, because uploading a shell script that runs WP-CLI is not the Ansible Way™ at all. This needs to be prettyfied as much as possible, but still won’t be the Ansible Way™ when finished.
  • I have been testing the blog with mobile, and the theme seems to be adaptive just fine.

What’s missing: A number of things are not here, yet.

  • Let’s Encrypt Integration is still not in place. It will come.
  • I am still looking for a nice tool that can accept an Android Share intent and will fetch a header and a nice image from the URL and make an article of the “link” format with a number of Categories from it.
    • There is a WP Android App. I need to test it, and also need to understand if it fundamentally can work with Google Authenticator enabled on the blog.
    • If it does not solve the “here’s a link, make a basic article share out of it” problem, it’s not really helpful. It’s not that I’ll be writing a lot of text on a cellphone, that would be dump. I need to be able to do G+ like sharing from a cellphone as a reminder to edit and fatten the share later from a proper machine.

What will happen (several times): When everything is finished, I need to destroy this VM and redo it from scratch and backup in order to make sure it’s completely hands off. We will have a short service interruption for that, but you should not be worried, we’ll be back. I still have no timeline for that.

So what will happen? Some Guidelines: As the new G+ is as horrible as the preview promised, I’ll pull my presence out of social media as much as possible.

  • We have a RSS content full feed and a RSS comments full feed, on autodiscovery. Subscribe to them.
  • All links will go to G+, manually. Or not, if I forget to do that. Use RSS, really.
    • Comments on G+ are off. Use the comments in the blog.
    • The awesome Friends+me will pick that up and spam the rest of the social media. Comments can’t be off there, but I won’t be reading them. Sorry about that. Use the comments in the blog.
    • Comments are moderated for first time posters. Once you have commented here and have been enabled, you should be able to do so without moderation.

Yes, it’s retro. That’s probably a feature.


The Trump Yacht in the Netherlands

The Telegraaf has an article (Link goes to the mobile site, b/c the real site has Adblockerblockers active) on the “Trump Princess”, a ship that had been renovated a long time ago in a wharf in the Netherlands.

Please note that this is about an event from the late eighties. Trump bought the “Yacht”, had it refitted in the Netherlands and sold it three years later. The history of the ship is available on Wikipedia, and it’s not particularly long by todays standards of the one percent-percenters. It’s interesting, because before Trump the Yacht starred in the James Bond Movie “Never Say Never Again” in a promiment role as a supervillain headquarter. A Youtube Slideshow about the ship is available.

Trump tried upgrading to something even larger, but that failed, says the final paragraph of an article on Yachtharbour. In fact, he bought the Amels shipyard in order to not complete the construction of the “Trump Princess II”. Amels is a large “Superyacht” wharf near Vlissingen.

The first “Trump Princess” has been notorious, because of a Tweet from Bart Mos two weeks ago, who made a big deal of the rather tasteless interiour of this thing, which happened almost 30 years ago. He later apologized.

1 Comment