Skim that stone | #ChallengeTim
Thursday, May 31st, 2012Right, so now we’ve established I need to lose a stone and hold it for 30 days, we have to work out how to do it.
Important things
Well the first important thing is to be actually able to measure my weight! I don’t actually own any any bathroom scales so some of Ebay’s cheapest scales are on the way.
Now a slight problem is that I find the whole losing weight culture thing very annoying and self facing. It’s almost like it’s parodying itself. Joining the weight-losing establishment I will not be.
Diet:
I’m quite lucky that my general eating habits are quite sparse – usually just lunch and tea. I plan to keep this. Keeping habits I’ve honed over the years will mean I’m happier. Happiness and willpower are very important.
As a result of this, somehow my stomach isn’t as sensitive to hunger as other people. I’m sure this is partly due to my body always having enough stored up energy to power a small car, but not having to fight off raging hunger 3+ times a day must be somewhat of a blessing…
I’ve never really got into a snacking culture, so not eating that Mars Bar? I didn’t have it in the first place… Fizzy drinks? I drink a fair amount of Diet Coke which one can criticise for a wide variety of reasons, but calories is not one.
I need to watch out on Alcohol related calories, but I’m hardly a heavy drinker, so this is probably just a matter of being aware of it.
Basically I’ve put on weight through massive portions of lots of carbohydrates and relatively sporadic exercise. So to beat it, I’m planning to reverse this. Don’t eat loads of carbohydrates and do lots of exercise. We’ll see.
Some of the things that make me sad is that I’m going to have to scale back my tomato consumption. 
Tomatos are, in my opinion, one of the best additions to any dish, ever. This isn’t going to go away, I’ll just need to be more creative and eat much smaller amounts of tomato awesomeness.
Exercise
I have lots of running and swimming and walking lined up.
Any suggestions on how to make this process as not-annoying-as-possible would be welcomed… and I mean annoying for other people, I’m fairly resigned to it really.
#ChallengeTim
Wednesday, May 30th, 2012A few weeks ago, I asked for help working out some challenging things to do over the summer.
Do something challenging!
Here are the 7 things I’m going to do by the end of August:
- Drop 1 stone in weight and keep below that weight for at least a month. If I slip above it, the month restarts..
- Climb something high.
- Run 70km over 7 consecutive days.
- Swim over 100m across open, cold water without assistance
- Swim 30 consecutive lengths in a 50 metre pool
- Do a 30 mile hill walk (try and include a good amount of up an down too)
- Get driving lessons and pass my driving theory test.
Are you thinking what I’m thinking? That 7 things is rather unambitious for 90 days?
We’ll see how it goes, amendments may be made, suggestions are still very much welcome! 
The Art of Deception :: Talking net security at Blue Light Camp
Sunday, May 20th, 2012I recently came across this this photo – some of the things that I took on holiday with me back in 2006:
Holiday 2006
I was struck by one of the most recognisable items in the picture – The Art of Intrusion by Kevin Mitnick.
The book is an interesting mix of Kevin Mitnick – a notorious former black/greyhat computer hacker/cracker – talking to former associates about other alleged hits.
Obviously, in the same way as watching Frank Abagnale‘s Catch Me If You Can doesn’t mean you support the passing of fraudulent checks or posing as airline pilots, clearly I also don’t endorse any of the things described in the Art of Intrusion – but the really valuable thing about the book is that it allows you to get inside the minds of ‘the bad guys’, see and understand how and why they do things.
The prequel to The Art of Intrusion is slightly different. The Art of Deception is the story of Kevin Mitnick’s own run from the FBI – Mitnick famously evaded the FBI for 2 and a half years before his arrest, during which time he managed to gain unauthorised access to the voicemail of the FBI officer who’d been assigned to his case (allowing him to evade capture for some time longer).
A few weekends ago, I was Blue Light Camp – billed as “the first truly interdisciplinary emergency services unconference in the UK”. As the name implies, there were many people from a variety of different emergency services backgrounds and so when I saw a talk titled The Art of Deception, I vaguely remembered the book, and wandered along. Kate Norman of an NHS trust (or known better to me as a friend of Ian Forrester), had recently read the book and was interested in people’s opinions. No-one else had read the book, but the discussion that followed was quite insightful.
I hadn’t gone along to talk internet security, in theory, yes, I’ve been in ‘Cyber Security’ competitions but largely my aim of attending this event was to listen, learn and meet some passionate and enthusiastic “blue lights”. The discussion was interesting because we really covered a lot of ground; privacy online, uses of social media and website’s being taken down/defaced.
The question was: “What can one do about one’s website being defaced/hacked/DDOS’d/etc?”
I think really the answer is quite simple: “You can apologise and do your best to bring things back to normal as fast as you can with the resources you have available”.
Ultimately, whatever you do, you can never be fully confident your website is secure – in the same way that you can be confident that whilst you’re a good driver, even if you’ve done advanced driving courses, someone can still drive into your rear end at a traffic lights or cut you up on a motorway and a collision happens. Even if you took all the possible precautions, there’s still some risk involved.
In terms of compromise of websites; even if your penetration testers haven’t found any serious flaws in your CMS (hint: if this happens, hire someone else), even if your base operating system is all patched and up to date, it’s not unlikely that tomorrow, someone will discover a vulnerability that affects one of them, and that your regime of patching doesn’t happen that quickly because you value stability.
It’s a very thin line to tread, and ultimately, it’s wisest to recognise that you’re going to do your best, but at some point in the next 10 years, you’ll need to apologise to your users. Being good at apologising to your users is not a skill to be sniffed at. If you can do it well, explain what happened in terms the users and your management understand then so much the better. There are worse things your could do than looking into the best ways to apologise to your users – to me this seems like a good use of training time.
During the session at Blue Light Camp I brought up this XKCD cartoon:
XKCD explains...
The amusing thing about me reading The Art of Intrusion was that it was 2006. 6 years ago. I was a teenager. I was still at school, and that must have been a library book (I’ve never owned a copy of it). It was just one of the security orientated books I read at the time (along with Bruce Schnier’s “Secrets and Lies in a Networked World”)
The types of attack, the types of thinking described in the books are alive and well today – there isn’t a problem with legislation – illegal acts are quite clearly illegal – yet really there’s been many years in which to learn how best to respond to security issues.
What scared me though is how far we’ve come in terms of the pervasiveness of technology since 2006 (back then government websites were mainly brochures, I hadn’t joined Facebook yet, Twitter really didn’t exist), and yet the basic premises of responsible and realistic net security are still not well known.
How can we fix this? How can one explain net security to the masses? As in ‘nothing is ever truly safe’ not ‘you need a password with lower and upper case and numbers’? As in ‘we fucked up, we’re really sorry, have some cake’.
I don’t know the answer, but I think it’s probably not going to be by prepending everything with “cyber” and trying to scare the shit out of everyone.
At Blue Light Camp I described Kevin Mitnick as “a bad person”.
I was asked: “well did did anyone die because of him?”
I responded negatively..
“Well on the scale of people we deal with, he’s not a very bad person then!”
My Epic Pennine Way Night Hike
Friday, May 18th, 2012A couple of weeks ago I had a spare few extra days and wanted to go and do a longish hill hike. The Peak District is the most accessible and I was busy til late afternoon so I figured I’d get the train to Edale, then walk up the Pennine Way through the night.
Epic Night Hike Route : Edale, Kinder, Bleaklow, Blackhill Glossop
I walked from Edale station, to Upper Booth, up Jacobs Ladder, onto Kinder Low, past Edale Rocks, along the edge of the Kinder Plateau, past the downfall, past Mill Hill. Over the Snake Pass, up to Bleaklow Head – at this point, dawn broke and I got to enjoy the view.
Summit of Bleaklow at Dawn
I then head down past the Wain Stones towards Torside Clough. I was pretty tired by this point so I threw up my tent in a shallow depression out of the way and slept for 10 hours… until 4pm!
I then walked along the Pennine way, across the Torside Reservoir Dam to Crowdon and took the easterly path up to Black Hill… which was incredibly boggy. Dusk came just before the summit.
On the way back, I was able to walk along the Pennine way,which fortunately is paved, because I really think more peat swamps in the dark would be been highly unpleasant. Ultimately, I got down to Crowdon by about 1am.
From Crowdon, I walked back across the dam, along the Longdendale Trail, off , up a little road, between the twin reservoirs, up Padfield main road and all the way down Woodhead Road to Glossop.
I did a bit of a videoblog, there’s not a whole lot to see, but it’s nice to document the highs and lows of the journey. My camera messed up slightly a few times so a few clips didn’t really come out too well.
My Epic Pennine Way Night Hike
Hike Statistics:
Distance: 29 Miles/47km
Ascent: 4243 Feet/1293m
Notable summit: Kinder/Bleaklow/Blackhill
Walking Hours: 18.5
Sleeping hours: 10
Daylight Walking Hours: 6
Headtorch Walking Hours: 12.5
I need your help: challenge me something!
Sunday, May 13th, 2012
Find a horizon
In three months, I want to have completed 7 personal challenges.
I’m not too bothered about where the achievements weigh in on a global scale – I’m not trying to set a world record – just a “Tim record”.
I need your help to help me work out what to do. I’ve had a few ideas, some of them are ok, some of them aren’t so great. What do you think I’d find challenging?
A note: challenges have to be vaguely appealing to me – it doesn’t matter whether playing golf or BASE jumping are challenging, I don’t want to do either.
“Fitness”
Other suggestions welcome
- Complete a street marathon
- Swim over 100m across open, cold water without assistance
- Swim 30 consecutive lengths in a 50 metre pool
- Drop a stone in weight and maintain it for at least 30 days.
- Be able to do 50 sit ups in 5 minutes
- Be able to do 10 consecutive pull ups
- Run 70km over 7 consecutive days
- Run 10km in under an hour
- Climb up and down x000 metres in xxhours (how many?!)
- Do a 20 mile hill walk
- Do a 30 mile hill walk
“Skills”
Other suggestions welcome
- Get baseline climbing qualifications
- Get baseline kayaking qualifications
- Get baseline windsurfing qualifications
- Get surfing lessons
- Go paragliding
- Bake something new
- Make a short film (must not be a documentary, music video or advert)
“Culture”
Other suggestions welcome
- Throw two, 3 course, dinner parties
- Perform two open mic nights
- Prepare an entertaining 30 minute talk on notechnical subject and give it at two barcamps
- Learn the Melbourne Shuffle
- Write a song for Youtube
“Technology”
If anyone can suggest technical challenges that are actual challenges, that’d be good.
- Be able to deploy a 4 machine Magento cluster from a script (or systems provisioning system) with mysql master-master replication, Varnish ESI, local CDN, SSL, sane firewalls and low impact scheduled backups.
“Travel”
I’d quite like to have a travel section here, but I can’t think of anything that sounds appealing that’s a challenge. (I’m not a fan of “x countries in x hours” because it seems rather shortsighted, and liable to make sure you only see a bunch of airport lounges, in addition most “visit this country” challenges seem to essentially be “spend some money”, which isn’t really a challenge – the challenge was getting the money or being a creative routefinder.)
- Travel by as many different modes of transport as possible from A to B
So yeah, which 7 of these should I do? What should I do that’s not on this list?
You tell me.
Howto access the Pirate Bay if you’re on Virgin Media, Sky, BT, TalkTalk, Be, Plusnet, O2, Orange or T-Mobile
Thursday, May 3rd, 2012As you may have noticed, Virgin Media, Sky, TalkTalk, Virgin Media, O2, Be, Plusnet, Post Office broadband, Orange and T-Mobile and others, just started blocking The Pirate Bay.
Unfortunately, now the proxies are being threatened – this may be a time to take a look at http://www.pirateparty.org.uk/help and see whether you are able assist.
There are various ways to bypass the block, but let’s start with the easiest way to get around your ISPs blocking – here are some links to some very simple proxies and mirrors you can use to get on the site:
More mirrors and ways to access it here:
How to setup a proxy for a website like the Pirate Bay
Wednesday, May 2nd, 2012You may have read recently about attempts to block the Pirate Bay.
There are a variety of reasons I think this is a bad idea, perhaps I’ll write a post about it, but this is simply about how to quickly and easily deploy a web proxy for a specific website which could be anywhere in the world.
This is REALLY quick and simple. Let’s go!
1) Go to LowEndBox.com and buy a cheap VM of your choice.
- The more exotic the location the better, though even the UK should work.
- The specification doesn’t matter, though 128MB of RAM or more will be best.
- Don’t accept anything with less 15GB monthly bandwidth
- I’d expect, even at peak, your proxy to use less that 500MB/month – well within most limits.
- Be aware of your provider’s T’s & C’s. They may not like you.
NOTE: For other uses, I’d recommend networks with more reliable reputations than simply “is cheap” – ability to reimage, console access, awesome support – this time none of those are required.
2) Request Debian Squeeze or Ubuntu Lucid 10.04 as the server OS
- You could use other things, we’re going to use Debuntu.
3) Login as root. If you’re not root, you can always “sudo -s” for root.
Let’s update the machine and install the nginx – the program that we’re going to be using.
- apt-get update
- apt-get dist-upgrade -y
- apt-get install nginx -y
4) Let’s configure your DNS before we go further. I’m assuming you have a domain – yourdomain.com. Go to your domain’s DNS records and create an “A” record called tpb.yourdomain.com, with your server’s IP address as the details. The TTL doesn’t matter, but generally you’ll prefer smaller to larger. Save that, and let’s get back to the server!
5 ) Let’s configure nginx:
- nano /etc/nginx/sites-enabled/tpb.config
- Paste in :
server {
listen THESERVERSIPADDRESS:80; server_name tpb.yourdomain.com;
location / {
proxy_pass http://thepiratebay.se/;
}
access_log /dev/null;
error_log /dev/null;
}
Obviously, you’ll need to change tpb.yourdomain.com and YOURSERVERSIPADDRESS to what they actually are.
To save this, type ctrl-o, *enter* ctrl-x.
6) You can now configure SSL if you want, or leave it unconfigured as it is. I’m not going to cover this here, right now, but it’s a nice touch.
7) Run:
- /etc/init.d/nginx restart
Hopefully nginx should restart without errors. If there are errors, look at them carefully and try and understand where you might need to go back to.
Go to tpb.yourdomain.com – hopefully your DNS changes will have been noticed by now and that should work nicely.
9) Publicise your URL to your friends and family.
10) Introduce someone else to these instructions. 
My blog is not about money
Tuesday, May 8th, 2012Recently, I scored an ‘SEO hit’ – a blog post explaining simply and easily how to access the Pirate Bay.
Unique visits to my blog by month
My traffic graph exploded. Suddenly I had to take note of the skills I’ve built up at scaling websites rapidly which fortunately, wasn’t very difficult for me.
As the initial sense of “wow, I just increased my traffic logarithmically” faded, the business side of my brain started thinking
Obviously, the answer is yes. 10,000 page views = ~£10 via adsense. ’Yay’.
What I have realised is that for me, the real benefit of this blog – the really powerful part – is how fast and how far, with very little effort, I can share ideas and knowledge.
Tags: advertising. SEO, Blog, business, new media, page views, revenue
Posted in Commentary, Random Musings | No Comments »