Category Archives: Uncategorized

War in Ukraine – Ideas for sanctions against Russia

I collected a list of sanction ideas, to punish Putin and his elites for invading ukraine.
Hopefully some companies and individuals will pickup these and also contribute more ideas.

Protest against Putin’s war against Ukraine 

  1. #Apple #iphone / #Google #android – mobile phones, prohibit updates and cloud services (appstore/maps/voice/music/backup), but hey they can switch to trusty #Huawei
  2. #Microsoft #Windows / #Apple #macos #ios – prohibit software updates, makes russia vulnerable to foreign cyberattacks, but hey they can switch to trusty #RedFlagLinux
  3. Open Source mirrors at #CDN and universities and #linux distributors like #RedHat #SuSe #Canonical #Ubuntu – block russian internet networks, makes russia vulnerable to foreign #cyberattacks
  4. cloud providers like Amazon #AWS / Microsoft #Azure / Google #GCP – block russian internet networks, eliminates russian usage of cloud services
  5. DDoS protection providers like #Akamai #Cloudflare – cancel contracts with russian companies, makes russia vulnerable to foreign #cyberattacks
  6. #Microsoft #Windows – deauthorize russian licenses, send russia back to trial “democracy” mode
  7. AntiVirus companies like #Avast #Bitdefender #McAfee #Norton #TrendMicro – block pattern updates for russian internet networks, makes russia vulnerable to foreign #cyberattacks
  8. car makers like #Audi #BMW #Ford #GM #Honda #Hyundai #Jaguar #Kia #Mercedes #Nissan #Porsche #Tesla #Toyota #Volkswagen #Volvo – send bricking software updates to russian luxury cars, annoys the rich russian population
  9. game stores like #Epic #Origin #Steam #Ubisoft – block russian internet networks, annoys the rich russian population
  10. video platforms like #Facebook #Instagram #Periscope #Snapchat #TikTok #Twitch #Vimeo #Youtube – block russian internet networks, annoys the rich russian population
  11. network equipment companies like #Arista #Aruba #Cisco #Extreme #Juniper #Nokia – prohibit software updates, makes russia vulnerable to foreign cyberattacks, but hey they can switch to trusty #Huawei
  12. various countries – prohibit flights to/from russia, refuse refueling, same for seaports, no vacation for the rich russian population
  13. various countries – cancel overflight rights for russian aircraft for your airspace, leading to more expensive routes for russian airlines
  14. expel russian students from western universities the same way russian war now has forced foreign students in #ukraine to leave universities
  15. video streaming services like #Disney+ #AppleTV #Hulu #HBO #Prime #Netflix – block russian internet networks, annoys the rich russian population
  16. various countries – seize yachts of rich oligarchs in your national waters/ports until russian aggressors redraw
  17. south korea, japan and taiwan – limit food variety in russias supermarkets, no asian snacks/sweets for the wealthy russian population during war against ukraine
  18. western companies should refuse to prolong any maintenance contracts software/hardware/license/support for russian companies
  19. car makers like #Audi #BMW #Ford #GM #Honda #Hyundai #Jaguar #Kia #Mercedes #Nissan #Porsche #Tesla #Toyota #Volkswagen #Volvo – stop shipping replacement parts, annoys the rich russian population
  20. VPN providers like #ExpressVPN #CyberGhost #PrivateVPN #VyprVPN #Windscribe #ZenMate – block outound russian internet networks, annoys the rich russian population

Yihaa – Rancher with Kubernetes

Starting today, my favourite conatiner orchestration Rancher now also supports Kubernetes across all host instances, thus creating a real elastic service environment on top of docker.

It’s realy great to see how kubernetes automatically scales across all available instances and re-spawns processes after upgrades or migrates services on reboots of host instances.

The kuberetes app catalog isn’t working at the moment.

iOS and Android application code audit

Playing with Android Studio and iPhone simulator this week, to get an application ready for source code review without having to release the code itself.

As usual the code within android is a bit messy, whilst iOS code is absolutely clean and easy to read. What I expected.

Running the android emulator without Intel HAXM acceleration is horribly slow.
No problems an absolute comfort on iOS with Xcode on the other side. (admitted that iOS code is being compiled to native x86, so this is quite an unfair comparison)

OpenStack Juno – DevStack

Spent a lot of time stacking and unstacking a single OpenStack installation on my Mac using the DevStack scripts.

It really looks like shuting down and restarting a whole OpenStack installation is almost impossible. Nice if you have enough machines, datacenters and/or even enough co-locations to survive any planned or unplanned power outages.

Very frustrating, waiting for ages to create all the openstack node components just to see a bunch of red lines running across my screen.
Although one can easily switch log consoles to access all the different processes it’s really scary to keep up with the logging speed whenever something wrong happens.
And fixing things by hand will always be destroyed after unstacking again.

As much as I like OpenStack, or even I do like DevStack for small short notice tests, having a production environment running on OpenStack seems so not-ready-for-production to me.

Yihaa – Rancher

I’m so amazed. Discovered Rancher today, a fully GUI enabled containerized platform to orchestrate other docker instances within docker masters on different hosts.

Although the GUI needs more work, the generel idea of having a docker based orchestration frontend, which by the way can be updated/replaced on the fly without disrupting
the other containers services.

Other worker docker nodes can be easily attached to the master orchestrator, as well as almost any known cloud technology/distributor private/non-private/public.

Definitely worth a look:

Evaluating SELKS – Suricata Elasticsearch Logstash Kibana Scirius

Still thinking about mirroring my DSL traffic to Suricata.
But I might need some redesign first, as my fritzbox is serving Wifi users directly without the chance to mirror the traffic before it goes to the internal DSL modem.

Need to split up the modem/routing from the routing/wifi part.
Draytek Vigor in front of the fritzbox would be an idea, or lose the fritzbox completely, as vigor could do all by itself I guess.
Otherwise sending all the traffic to pfSense would also be nice…
…I can’t decide right now.

So much options so less time.