All posts by SunSaturn

Quantum technology, artificial intelligence and privacy

Today I would like to talk to you about what is going to happen in next few years and direction world is going to go. To start off with quantum computers will arrive. With INTEL submitting their first 16 qubit chip to research lab in Europe a few weeks ago from time of this writing, technology is near. Quantum chips won’t replace traditional chips think of them more like an add-on like a graphics card. Example: people use graphics card for artificial intelligence as they are faster than normal CPU’s so instead people use GPU’s and when quantum computers arrive they will use quantum instead. There are still difficulties in technology with it requiring a set temperature to operate efficiently when they can overcome that, then perhaps we can have a 50 qubit chip, at 50 qubits it could finally challenge traditional chips. Although places like D-Wave etc have 2000 qubit implementations, they are WAY to big for a normal user!

 

Quantum computers when they arrive will pose a lot of new challenges with technology today. First of lets talk about the pros: encryption will be better, medical research will be way better, artificial intelligence will be able to take on tasks they could not before, number crunching and data prediction in general will be faster and more feasible, your toilet will speak to you letting you know how to change your diet before you get a disease! The cons: where there is power it is always abused: while we submit our DNA to health agencies, governments will steal that for their own purposes, stock markets will collapse till code on exchanges are rewritten to delay buying and selling of stocks to create fair market advantage again, big companies like Facebook and Google will control AI for the most part and that will starve off competition. To create fair competition for AI, all researchers need all the data google and Facebook have to train programs.

 

Protecting yourself in a quantum world. When browsing the internet whenever possible use the Tor Browser. This will protect you against Google etc being able to record everything you search for. Artificial intelligence exists for image recognition, speech recognition, tone recognition, and a lot of difference technologies. In the future to protect yourself against them using AI against you, never put a picture of yourself on any of these sites. After all we have no problems in them detecting images of cats and what not, but having a camera on street one day be able to recognize you because you uploaded your picture to Facebook or Google is not a good idea. Currently image recognition is only good at detecting for about 10 years because of the aging process, this is why drivers license wants a new photo before that, typically every 5 years. Technology with GPS has advanced to pinpoint you very accurately with smart phones. Companies like Google etc can trace you by everywhere you bring your smartphone, in fact they have made it so you cannot pull battery out anymore on all recent phones, just shutting the phone off is not enough. One solution is to install Fake GPS app so you can always appear from Christmas Island and only disable it when you need it. Another issue is credit card companies showing all your purchases, embrace crypto-currencies for their anonymity. After all the purpose in crypto-currencies is to put these credit card companies out of business in first place as they having been ripping off businesses for years with transaction fees and passing on the cost to you, its time you fought back against them as well to keep more money in your pocket. While its not possible to remain completely anonymous, ie: your drivers license and passport pictures, doing your best to protect your privacy beyond that is left as an exercise to the reader.

 

Enhancing AI the safe way is easier said than done. One solution would be for example to create a free dating website for people where they can remain anonymous with their real names, however researchers could pull all characteristic data into their AI programs for training. Social media site the same thing, allow people to remain anonymous. Facebook unfortunately if not knowing your real name will go behind your back and ask friends on your list for real identifiable information, so your not safe period associating your pictures with this company, also history has shown them in bed with the NSA. Essentially what Facebook is is a FBI database for the public and your just adding to it for them. So keep posts away from things like what you go to everyday, or to much of your likes or dislikes, remain neutral on everything by not clicking like on anything. Another solution could be opening an account where noone knows you originally under your real identity and keep family and friends to other apps that don’t invade your privacy and use encryption with a respected trustable company. Facebook info on you is viewable on you by anyone in position of authority with or without your consent, they have backdoors to the system to view anyone, keep this in mind especially when crossing borders.

 

AI research after all is about things like taking someones foot size and matching it with another characteristic to say determine if person is male or female. Never should it reach a point of knowing real names and addresses of people, this is a safety concern and a privacy concern everyone should be fighting against. When people say they don’t fear surveillance because they have nothing to hide, Edward Snowden says he tells them: “Arguing that you don’t care about privacy because you have nothing to hide is like arguing that you don’t care about free speech because you have nothing to say.” Words of wisdom.

 

Also the legal system is flawed in general, all it takes is hearsay to put anybody away without any scientific evidence. All it takes is a few people to collaborate their stories on a lie about someone at a trial to put innocent people away. You can see why you should fight for your privacy, less info people have on you, less believable people will be.

 

Until next time,

SunSaturn

SSL certificates + yoga quote of the day

SSL certificates where installed Friday, all is working perfectly now.
Like to leave everyone with a wonderful quote:

What if our religion was each other
If our practice was our life
If prayer, our words
What if the temple was the Earth
If forests were our church
If holy water—the rivers, lakes, and ocean
What if meditation was our relationships
If the teacher was life
If wisdom was self-knowledge
If love was the center of our being.” ~ Ganga White

Dan.

SSL certificate

Looks like another 2 years has passed and time to renew SSL certificate for SunSaturn. I expect to have expired SSL certificate replaced within 2 weeks, for now just use something like Firefox where it is easy to add exception to site to access billing and CPANEL easily.

Dan.

Quantum Computers and Encryption

I should make a note on quantum mechanics and encryption to people having come from a computer science background. You really believe encrypting your data is safe? Read on…All numbers stored in a computer are 0’s and 1’s. This has traditionally meant on and off in electronics. In assembly language or binary, here is what a byte really looks like 0000 1111. It is 8 bits, so there are in essence 2 to the power of 8= 256 possible combinations in a byte, each of those bits can be 1 or 0. Encryption for today is based on an old math concept you may remember from school. A prime number has exactly two factors, 1 and itself. Any number can be written as a product of prime numbers. If you multiply two large prime numbers, you get a huge non-prime number with only two (large) prime factors. So concept of today’s encryption is it will be REALLY hard for a computer to figure out the 2 prime numbers when a large number is involved. Here is problem with this encryption: with quantum computing, there are 2 concepts called superposition and entanglement. Entanglement you can think of as 2 objects in space and time can be in same place at same time and do 2 completely different things. Einstein use to call this “spooky”. A mathematician named Peter Shor came up with a quantum algorithm that if a quantum computer exists, then all today’s encryption could be broken easily. The university of waterloo in canada already has a quantum computer prototype. All they really need to do to complete it is come up with enough “qubits”(these are particles we have that currently can do entanglement), so 2 objects can be in 2 places at same time, and all encryption is broken. Current record is 12 qubits. When quantum computers exist we will need a new algorithm that superimposes bits to make encryption sound again, but nothing you have right now cannot be broken, and when quantum hits, all your SSL, and non-symmetric encryption keys will be rendered useless, unless your already on board with an algorithm such as lattice for example. So this a quick note on where science is, fact we can make particles be in 2 places at one time now, and making sure you don’t believe your encyption is safe. As soon as scientists figure out how to make more qubits by studying decoherence, quantum computers are officially here.

Here is a reference for formula that will break all encryption when quantum computers have enough qubits: Shor’s Algorithm

And here is waterloo’s status where they are at with there current quantum computers: Waterloo University …. go CANADA!

Till Next Time,

Dan.

Adding webdisk to CPANEL

At times people are asking me is it better to use filezilla, ssh etc for building their websites with CPANEL. Wouldn’t it be nicer if your working on windows to just be able to open up “My Computer” or “This PC” icon and just access your files like a drive letter like C:\. You can do this, and it will be so much easier. It won’t be a drive letter, but it will be under “Network Locations” just like a regular drive.

First of all under windows 8.1 if you do not have “My Computer(This PC)” icon on your desktop, this is how to add it. On your desktop screen right click on empty spot and select “Personalize” -> “Change desktop icons” -> now check “Computer” and anything else you want then click “Apply”.

Now let’s map the network drive.
In Windows 8.1 just right click “This PC” on your desktop and click “Map Network Drive”. In previous windows versions,
To connect a drive from My Computer, click Start, right-click My Computer, and then click Explore.
To connect a drive from Windows Explorer, right-click Start, and then click Explore.
On the Tools menu, click Map Network Drive.

In the Drive box, click a drive letter.
In the Folder box type the following:
\\cpanel.sunsaturn.com@SSL@2078
Next click on “Connect using different credentials”, click “Finish”

Enter your username and password for CPANEL, click box to remember your credentials, and now you can access all your files from just a drive letter.
(ps. Make sure your reconnect at startup box is checked, should be default on windows 8.1)

Till Next time,

Dan.

RJ45 to DB9 Cisco console cable

If you need to make your own cisco console port cable, RJ45 to DB9, here are the pinouts for your reference.

If you have 568A ethernet cable:

CAT 5                                              DB9
Pin 1: Green Stripe                          Pin 8
Pin 2: Green                                    Pin 6
Pin 3: Orange Stripe                        Pin 2
Pin 4: Blue                                       Pin 5
Pin 5: Blue Stripe                            Pin 5
Pin 6: Orange                                  Pin 3
Pin 7: Brown Stripe                         Pin 4
Pin 8: Brown                                    Pin 7

If you have 568B ethernet cable:

CAT 5                                             DB9
Pin 1: Orange Stripe                       Pin 8
Pin 2: Orange                                 Pin 6
Pin 3: Green Stripe                         Pin 2
Pin 4: Blue                                      Pin 5
Pin 5: Blue Stripe                            Pin 5
Pin 6: Green                                   Pin 3
Pin 7: Brown Stripe                         Pin 4
Pin 8: Brown                                   Pin 7

Notes:
a)DB9 Pins 1 and 9 not connected.
b)The “Blue Stripe” and “Blue” must connect to pin 5 on DB9
c)If using Startech DB9 to RJ45 Adapter(GC98FF)for example, what matters is standard they wired RJ45 with, as Ethernet cable then would not matter as long as both sides were the same standard.

References:

http://www.ciscoconsole.com/wan/cisco-general/cisco-console-rj45-to-db9-cable-pinout-details.html/

http://www.instructables.com/id/Simple-RJ45-DB9-Cisco-console-cable/

Till Next Time,

Dan.

Linux DHCP IPV6 Host Server

I will do a very basic walkthrough of how to setup a Linux server to act as DHCP6 server for your network. Before we begin, we need to understand a few things that are different from IPV4. First thing is we cannot send a gateway with DHCP6.
Second we can only send IP address and DNS servers with DHCP6. So to accomplish both, we use radvd along with DHCP, the former sends the gateway, the latter sends the IP address and DNS servers to client. I will assume here you know how to install radvd and dhcp in linux so I won’t get into linux server administration. In order to be DHCPV6 stateful so we can assign addresses, both M and O Flags need to be set to 1 in radvd advertisement so clients know to go get the IP address from DHCP6 server. So for radvd our objective is simply to set advertisements on, and set the M and O flags bits.

My /etc/radvd.conf contains following:

interface br0
{
    AdvSendAdvert on;
    AdvManagedFlag on;
    AdvOtherConfigFlag on;
};

This is all you need. We are advertising, and setting the M and O bits here. Now radvd will send our clients our link-local gateway and tell them to go get their IPV6 information from DHCP. This is probably the most confusing part about this setup, there is NO way to send our real IPV6 gateway, clients only get the LINK-LOCAL gateway and from that must be able to get out to the internet. AGAIN I WILL REPEAT, they get your “Link-Local” gateway ie: “fe80::226:5aff:fe6b:ca8d”, not your real “2001:aaaa:bbbb::1” gateway. This is a limitation of the protocal, but it is not a big deal, we can still forward clients out a link-local gateway.

Ok now clients have our routers link-local gateway, now we can setup our dhcpd6.conf, and perhaps assign some static IPV6 addresses to some dhcp clients to since we like to know who is who. Only issue with IPV6 and static addresses is we can no longer use MAC Address, we need to use DUID of the client. This is also problematic since DUID is the same for all ethernet cards on each host. To solve that problem you can look into using DHCPv6 IAID, but since we only have 1 ethernet per client, we will only focus on DUID. Let us assume
we have a 2001:aaaa:bbbb::/48 to assign to clients.

Let us look at the bottom of my /etc/dhcp/dhcpd6.conf:

authoritative;

subnet6 2001:aaaa:bbbb::/48 {
  #lets range last octet from decimal 1000-65535 which in hex is : 3e8-ffff
  range6 2001:aaaa:bbbb::3e8 2001:aaaa:bbbb::ffff;
  option dhcp6.name-servers 2001:aaaa:bbbb::3,2001:aaaa:bbbb::4;
  option dhcp6.domain-search "sunsaturn.com";
} 

#you get this by typing "ipconfig /all" on windows machine and look for "DHCPv6 Client DUID"
#just separate with : instead of -        
host dandesktop { #unfortunately, same client-id for each ethernet card in same host, so only 1 will get an IPV6 address here
  host-identifier option dhcp6.client-id 00:01:00:01:1B:67:B6:C3:58:5B:39:45:07:90;
  fixed-address6 2001:aaaa:bbbb::5;
} 
host laptop { #unfortunately, same client-id for each ethernet card in same host, so only 1 will get an IPV6 address here
  host-identifier option dhcp6.client-id 00:01:00:01:1A:F5:AF:22:48:5B:39:3A:06:38;
  fixed-address6 2001:aaaa:bbbb::17; 
} 

So what I started doing was a standard catchall block, setting DNS servers and IPV6 addresses for clients I did not assign statically giving them an IPV6 address in range 2001:aaaa:bbbb::3e8 – 2001:aaaa:bbbb::ffff.

Then I assign 2 static IPV6 addresses to my desktop and my laptop. I ran “ipconfig /all” on the two Windows 8.1 machines and collected their DUID’s. Then used a search and replace program on the DUID to change all “-” characters with “:” characters to match format in the dhcpd6.conf file.

Now after we start dhcpd, make sure it is running:

router:/etc/dhcp# ps aux|grep dhcpd6
dhcpd    19531  0.0  0.0  47252  2640 ?        Ss   May04   0:00 /usr/sbin/dhcpd -6 -user dhcpd -group dhcpd -cf /etc/dhcp/dhcpd6.conf
root     22152  0.0  0.0 105304   880 pts/1    S+   00:05   0:00 grep dhcpd6
router:/etc/dhcp# 

Now if all goes well from radvd, clients will get the link-local “fe80::226:5aff:fe6b:ca8d” gateway, run off and check UDP port 546 on IPV6 to get our settings from dhcpd6.conf file for an IP address and the DNS servers, and voila we are done! If you have issues with clients, please checkout my other how to on setting up a windows dhcp client.

Until Next Time,

Dan.

Windows 8.1 enable DHCP IPV6 Client

How to enable a windows 8/8.1 client for IPV6 DHCP server
Before we start, a common problem with IPV6 not working is you have all these different interfaces when you look at “ipconfig /all”. At one point I disabled all my vmware and virtualbox interfaces, then also realized windows had these teredo and isatap interfaces also interfering with client.

A good set of commands to run if your clients are getting IPV6 from your DHCP server and not someone else is following:

netsh int ipv6 isatap set state disabled
netsh int ipv6 6to4 set state disabled
netsh interface teredo set state disable

This should make sure we do not have any conflicting interfaces. Now if IPV6 client still not working, make sure following settings are enabled on client

1) We start a powershell with “elevated” administrator privileges.
2) We list all interfaces, to get the number of the interface we want to enable IPV6 on.
3) In my case for wifi on laptop it is number 4, so we take that and list the settings for the interface.
4) In my case settings are already applied but we set routerdiscovery=enable managedaddress=enable anyways.

This should make sure your client is configured to pull IPV6 address from an IPV6 DHCP server.

PS C:Windowssystem32> netsh interface ipv6 show interfaces

Idx     Met         MTU          State                Name
---  ----------  ----------  ------------  ---------------------------
  3           5        1500  disconnected  Ethernet
  1          50  4294967295  connected     Loopback Pseudo-Interface 1
  4          25        1500  connected     Wi-Fi
  6          40        1500  disconnected  Bluetooth Network Connection
  7           5        1500  disconnected  Local Area Connection* 3

PS C:Windowssystem32> netsh int ipv6 show int 4

Interface Wi-Fi Parameters
----------------------------------------------
IfLuid                             : wireless_0
IfIndex                            : 4
State                              : connected
Metric                             : 25
Link MTU                           : 1500 bytes
Reachable Time                     : 25000 ms
Base Reachable Time                : 30000 ms
Retransmission Interval            : 1000 ms
DAD Transmits                      : 1
Site Prefix Length                 : 64
Site Id                            : 1
Forwarding                         : disabled
Advertising                        : disabled
Neighbor Discovery                 : enabled
Neighbor Unreachability Detection  : enabled
Router Discovery                   : enabled
Managed Address Configuration      : enabled
Other Stateful Configuration       : enabled
Weak Host Sends                    : disabled
Weak Host Receives                 : disabled
Use Automatic Metric               : enabled
Ignore Default Routes              : disabled
Advertised Router Lifetime         : 1800 seconds
Advertise Default Route            : disabled
Current Hop Limit                  : 64
Force ARPND Wake up patterns       : disabled
Directed MAC Wake up patterns      : disabled
ECN capability                     : application

PS C:Windowssystem32> netsh interface ipv6 set int 4 routerdiscovery=enable managedaddress=enable
Ok.

PS C:Windowssystem32>

If you want to setup a DHCP server, see my how to on setting up a Linux DHCP server.

So to finish off your going to want to make sure you run following 2 commands to make sure windows has not cached
any lease times for DHCP.

ipconfig /release6
ipconfig /renew6

Another thing to note is things like VMware workstation will make “ipconfig /renew6” hang. It will not affect you getting your dhcp interface information, it will just hang on their vmnet1 and vmnet8 drivers. A solution there is, put all VM’s in bridge only mode, then on vmnet1 and vmnet8 you can just disable ipv6 under properties, and good to go.

Until Next Time,

Dan.

New Server

Updates will be performed all week to move to new server. I expect very little downtime, this server move with SSD’s, and lots of disk space will help improve SunSaturn’s offerings. New server is now at datacenter and changeover is commencing.

Some updates are already in progress, and an IP change will be done. Please contact me to be added to facebook if you would like more up to date progress.

List of server improvements:

1) Main SunSaturn will be using FreeBSD 10 with ZFS for improved snapshot backups.
2) CPANEL will have more memory and disk space
3) Server is using INTEL enterprise SSD’s to increase performance.
4) Server is fully capable of full virtualization.
5) Uptime will be improved with server update.
6) Sites will load faster, and we have lots of bandwidth.
7) We will offer CPANEL on SSD’s completely, websites will be very fast
8) Increased memory and SSD’s will make databases 10 times faster.

Dan.