Sunday, February 28, 2010

The power of social media during crisis

I am very impressed. Just had to write this after a very long blogging hiatus to note how proud I am of the Internet community ref. the Chile earthquake and the possible tsunami danger towards Hawaii and the whole pacific region.

Jennifer Chandler did a very good initial commentary on this:

I would just add that the world concentrated on Hawaii quite a bit. Now we should follow the developments in Chile. They will need help. And we should not forget Haiti.


Saturday, February 13, 2010

It has surely been quite a while..

Gosh, it seems that I have lost a bit of touch to blogging. Now it is time to return.

Come to think of it, I started my Internet life over 20 years ago. My first real connection was
through my university, Lappeenranta University of Technology, in around August 1989. This fun started with a Unix..eeh HP-UX account at the university computing centre. They had a whopping 2 Mbit/s connection at that time. I started to build the campus dorm networks in 2001-2002 or thereabouts. 10 Mbit/s to the dorm room, over fiber..unbeliveable at that time.

I am going to try to follow and observe the technical developments during last years in a small blog series. Let's see how this turns out.

First, the phenomena called Google..

Tuesday, September 30, 2008


I had to switch servers at my hosting provider (Nebula). Let's C how this works..

Saturday, July 26, 2008

DNS in danger..or should I say, the Internet

As we all know, Dan Kaminsky found a very efficient way to poison DNS resolver caches. The vulnerability and the coordination work (very well done Dan & all folks involved!) has been discussed extensively by the IT blogosphere and -press, CERT:s (US-CERT / CERT/CC and CERT-FI for example). The internet operations community and DNS server operators should be very well informed.

I am still worried. Why?

The patches are not at all completely installed. Windows users should be already quite cleared, thanks to the coordinated release of Microsoft patches at July 2008 MS patch Tuesday. According to several reports like the one generated by (links here and here), the implementation situation on the real resolving nameservers is a bit on the weak side, mildly said. The patches available to BIND implementations are not
final and have shown to have major performance problems especially on Solaris enviroment. So I fully
understand the ISP:s who are very concerned on their patch situation.

Why this vulnerability is so special? DNS is one of the fundamental services that makes Internet tick. It is the white pages of the ┬┤net, binding all domain names to the related IP addresses. The ability to disturb this database - totally unnoticed by the end users - is really really nasty.

Just think of it:

Someone changes NS records of Google at a major ISP resolver stack. All Google-related traffic of the ISP customers (opening page of Firefox, Gmail etc) goes where the attacker wants. Hmm, a nice drive-by exploit code to Firefox opening page?

A major bank webbank A-record is redirected to Somewhere Else. How many webbank users type https:// at the browser URL line?

Need I say more?

I hope the ISP:s do their best to get their infrastructure protected. And good luck to ISC for their efforts
in finding a complete solution at the BIND issues. The really challenging part is how to patch all SOHO NAT firewalls and WLAN boxes...this is one of the very first times when we need a patch the black box with blinking lights at the bottom of the cupboard. Globally.

It must be July. The mainstream press has been surprisingly quiet on this one.

Let's be careful out there..

Labels: , ,

Friday, March 14, 2008

Heathrow a black hole for baggage?

I arrived yesterday from a overseas trip, transferred at LHR. Travel agency thinks that 1 hour 20 mins is enough to transfer from Terminal 4 to Terminal can maybe already guess the rest of story.

The flight I arrived with to LHR was delayed. The plane had to wait for a landing slot 20 minutes after the original arrival time. Then we parked into some remote part of the airport with a bus transfer to Terminal 4. Now I had 40 minutes to the original takeoff time. Had to wait the bus transfer for 5 minutes and then 10 minutes of circling around the runways. Arrived to Terminal 1 25 minutes before the takeoff of the continuation flight, 5 minutes before the official "gate closure time".

Then the always ever llovely Flight Connections Centre. This facility processes I guess a six-number figure of passengers every day. Luckily my flash of the boarding pass with practically no time left provided me access to the Fast Track -route, wich took around 8 minutes, all with laptop, shoes & belt away.

Managed to reach the gate 10 minutes before takeoff. The plane was not about to pushed back from the gate immediately, so I asked from the gate attendant if my bags are on track with me. She said that they have already registered at Terminal 1 I felt very lucky indeed.

My luck subdued at Helsinki Airport baggage area. No sign of my bags and the lost baggage handlers
didn't see a sign of them at their systems..

So I arrived on Thursday. First time I saw something of my bags was on Sunday morning when one of the bags was seen on transit from Paris (!!) to Helsinki. I received it Sunday afternoon. There was already an indication that the other bag was about to arrive from Heathrow the same moment but no..the flight for that
bag was transferred to Monday. As I am writing this, no firm sighting of the second bag..4 days after my arrival.

Just wondering how much does the lost baggage sorting cost to the airlines. I think it is partly to them to
blame..why they allow booking continuation flights with marginal possibilities to reach the next flight if
there is the slightest problem on transfer. 1 hour 20 minutes from Terminal 4 to Terminal 1 at LHR is pure insanity.

Labels: , ,

Monday, January 28, 2008

How to distribute a small project with modern tools?

I have a "family project" that will culminate sometime before summer this year. This will involve several people in several locations. (I have to be terse on the will notice the reason later :) ) How to coordinate something like this effectively?

My brother suggested Basecamp. We have been using it now for a couple of weeks. Results have been very favourable so far. Surely it lacks all the nice details of $$$-commercial project management tools, but for us, Basecamp does the trick.

(Edited 28.1 - it is Basecamp, not Backpackit. Same company though.. )

Labels: ,

Monday, January 21, 2008

Peering arrangements, part 2..and ads at WHOIS records!

This is interesting, suddenly my blog has raised substantial interest..

Now I've heard another version of the Nebula vs. Eunet peering story. According to this, the choice for Nebula to peer with Eunet at Stockholm is totally Nebula's decision. Oh well. From an old network geek viewpoint, for two finnish ISP:s peering at Stockholm is really funny. Ten years ago that would have been financially impossible.

I guess I haven't heard the final version on this one. :)

Then something completely different. Just noticed that Network Solutions has started to place ad slots to WHOIS records. Let's have a look at record of, the American Registry of Internet Numbers for example:

American Registry for Internet Numbers
3635 Concord Parkway, Suite 200
Chantilly, VA 20151

Domain Name: ARIN.NET

Promote your business to millions of viewers for only $1 a month
Learn how you can get an Enhanced Business Listing here for your domain name.
Learn more at

Administrative Contact, Technical Contact:
Ryanczak, Matt
American Registry for Internet Numbers

..and so on. It seems that this started today. Just wondering how many scripts go bonkers around the globe because of this.

Labels: , ,

Sunday, January 20, 2008

Does it really make sense for finnish ISP:s to peer at Stockholm?

While debugging a website problem (not my own) I discovered an interesting rift among Nebula and Eunet(Elisa) IP peering. They don't want to talk to each other on finnish soil. See yourself:

3 ( 1.537 ms 1.571 ms 1.544 ms
4 ( 9.199 ms 8.853 ms 10.071 ms
5 ( 10.810 ms 8.677 ms 8.748 ms
6 ( 11.268 ms 8.686 ms 8.592 ms
7 ( 8.999 ms 8.928 ms 8.889 ms
8 ( 8.845 ms 9.069 ms 9.058 ms

When discussing this at a popular network people hangout IRC channel, I understood that
Eunet has offered substantial increases in their transit pricing. OK, I understand transit is a commercial game, but domestic peering at FICIX is another. I don't see the business logic for Eunet to peer with Nebula at Stockholm. It costs them money in their own international capacity to Stockholm, too.

When the breakup happened, there was some spectacular round-the-world paths visible. Here is one example.

Labels: , , ,

Saturday, December 29, 2007

Interesting "feature" on my web hosting provider

On December 7th I observed an issue with Blogger-based blogs and my hosting services provider, Nebula. I am using their Webhotel Pro -service, which is quite a nice set of services. After Dec 7th I couldn't post my Blogger-based blogs to a Nebula server. Hitting "Publish" -button resulted just...a timeout.

I observed that the server had rebooted just a short time ago and the SSH key had changed. Oh well, I thought that Blogger got confused as I use SFTP as transfer method. So I changed the publishing method to FTP and back to SFTP. No avail. Time to send a message to Nebula.

"Please send us your update address and we add it to the whitelist" was the answer.

W h a t ?!

It turned out that Nebula had blocked access to SSH/FTP interfaces of their hosted websites from outside Finland "from the beginning" (quote from Nebula's customer service email). They have whitelisted CMS sites like Blogger, but it seems something changed at the beginning of December.

Nice thing here is that Nebula hasn't documented this feature at all on their product documentation. This has to change. They updated the whitelisting for Blogger, but this doesn't help the whole problem.

Tuesday, December 25, 2007

This is a test post

My hosting provider (Nebula) has an issue with Blogger. Let's see if this works..

Thursday, December 06, 2007

Nokia E90 - first experiences

My good ol' Nokia 9500 Communicator started to show signs of total disintegration a couple of months ago. The phone's mecanics can't handle normal wear & tear of biz-use more than two years. I've seen several 9500:s with plastic joints or cover broken. And I have repaired my phone's "phone-side" LCD twice. There seems to be an issue with fixtures of the said LCD.

Well, after a nerve-wrecking 1.5 month wait for the new E90, the new biz communicator arrived. I have now used the phone for about two weeks. I am not totally pleased.

Some features are quite annoying. For example:

No possilbility to set a timer on a profile change

I would like to be polite at meetings. With 9500 it was very convenient to set the Meeting -profile to change back to normal, say 10 mins after the scheduled meeting end time. Now this "timed profile" -feature is no longer available. I have already missed a couple of calls because of this.

Only one SMS or email message open at the same time

Now this is really annoying. In a busy situation I might want to work on multiple messages at the same time.

ESC and Alt -keys missing

I can't be not the only person using a Unix box with my E90 and PuTTY. Yes, I know that PuTTY binds the last sent "special character" to the green phone -key - but still..

If Nokia would know how many total system administration disasters have been saved with a Communicator and Symbian PuTTY, they'd have considered the removal of the very critical keys in UNIX system administration and editor usage.

Now some positive sides. It was about time to get 3G/HSDPA connectivity on board. WLAN functionality works a-ok. Browser is radically improved. But the last rant this time:

Battery capacity not acceptable

If the phone battery is not capable of providing enough juice for a full business day, we are back nearly 5-10 years on usability. Nokia's solution to provide a "battery-based battery charger" is really hilarious. They should have not scaled the physical dimensions of the phone down if this was to be the result.

If Nokia is to make a E90i I hope they'll boost the battery capacity at least 30%..

Saturday, August 18, 2007

Skype network outage

How about your own telephone service provider having a network outage lasting for ~30 hours?
Thank God Skype isn't providing access to 112 / 911 -services, in that case someone could actually use Skype as a primary or even only voice calling service. Then these users would have been for one day without access to a lifeline facility..

Techie-wise an interesting outage. I really hope Skype could talk, perhaps even in a very detailed way, what went wrong. Maintaining a P2P beast that has presently 6, in peaks 9 million users and has 200+ million registered accounts must be quite an interesting job. When a machine of that size decides to go down, booting it back up is..not a job I'd like to endure myself. :)

Now as there is no official word what went wrong - let's speculate. And it is now really pure speculation, because Skype hasn't revealed too much of its inner workings. I guess that they were doing some maintenance, swapping some root nodes or something. And that update message was never used before - interpreted wrongly in the client base and a cascade effect was ready.

Interesting bit is that Skype points to the "login problem". So could it be that information about the nodes carrying login capability was mangled somehow?

Last, there has been a lot of words from various columnists regarding "Skype loosing their credibility". Heck, this was their first major outage as far as I remember. This year's reliability figures are lost, but in the long run and also considering their really innovative technology side - this means nothing.

Skype has been a real saver for me. I've talked numerous hours with superb quality with my family from business trips around the globe. Skype has always worked, even from a meeting room where the network allowed only HTTP through a proxy! I have a SIP account from a local provider here and I find very rare occasions where it works perfectly.

Only improvement I'd like to see is lowering charges to mobile number destinations in Europe. 16+ eurocents / minute is..a bit on the expensive side.

I hope this event could help Skype to open a bit in their PR side. The columnists could have been quieter if Skype would have been proactive in their PR.

Labels: ,

Saturday, June 23, 2007

APRS in voluntary sea rescue service use

Just now there is quite a bit of APRS activity at sea in front of Helsinki. This very versatile amateur radio service has been made much more visible by integrating APRS data to Google Maps. Just log in to the following site: and zoom to Helsinki. I've understood that this integration of APRS trackers into the voluntary sea rescue vessels is quite unique in the whole world.

Labels: , ,

Monday, June 18, 2007

Weather services improving

I was very annoyed on Foreca's website. It crashed my Nokia E61 browser when trying to download localized weather information. Now everything has changed. The new Foreca website works like a charm on my E61 and has additional features like extened 6-day prognosis. 10 points to the developer team @ Foreca!


Loire tour in a separate blog

A slight blog diversion here..the Loire tour is in a separate blog, Loire2007.