Alien Gear Holsters is the Industry Leader in Concealed Carry Comfort

Alien Gear Concealed Carry Holsters
Alien Gear Concealed Carry Holsters
Alien Gear Holsters
Alien Gear Holsters

Post Falls, ID-(Ammoland.com)- Alien Gear Holsters has added more comfort and durability to its latest concealed carry holster. To improve on the design of the Cloak Tuck 2.0, the Cloak Tuck 3.0 is designed with more neoprene and less hardware than ever before.

By reducing the hardware on the backside of the Cloak Tuck 3.0, the sweat-resistant neoprene delivers more comfort to every concealed carrier. This advancement helped the IWB holster claim the title of “Best Holster in the History of Ever” by readers of Concealed Nation, “Gear of the Year” by Gun Digest, and Editors’ Choice by American Rifleman.

The Cloak Tuck 3.0 is also stronger than its predecessors. Its holster clips are now made with premium engineered polymer, a tough and resilient proprietary material. This durable IWB Holster is also designed with a wear-resistant thermo-elastomer surface.

Alien Gear Cloak Tuck 3.0 IWB Holster
Alien Gear Cloak Tuck 3.0 IWB Holster

Alien Gear Holsters backs every holster with a 30-Day Test Drive, Forever Guarantee and free holster shell trades for life. The American-made Cloak Tuck 3.0 is available for just $43.88.

Alien Gear Holsters
Alien Gear Holsters

About Alien Gear Holsters

Founded in 2013, Alien Gear Holsters manufactures premium, incredibly comfortable holsters for concealed carry. Alien Gear Holsters are the most comfortable concealed carry holsters on the planet. Any planet. For more information about Alien Gear Holsters, visit http://ift.tt/OfqRpR.

This post Alien Gear Holsters is the Industry Leader in Concealed Carry Comfort appeared first on AmmoLand.com Shooting Sports News .

via AmmoLand.com Shooting Sports News
Alien Gear Holsters is the Industry Leader in Concealed Carry Comfort

You’re Probably Going to Get a Tick This Summer. Good Luck.

Maps from the Centers for Disease Control and Prevention.

When you find that tick on yourself—or worse, on your kid or on a loved one’s hard-to-reach body part—don’t reach for the matches. Check out these six myths about ticks, so you’ll know what not to do.

Myth: You Should Remove a Tick With Chemicals or a Burnt Match

Photo by emiliokuffer

If a tick is attached to you, slowly sucking your blood, yanking the tick out with tweezers might mean you leave the head and mouthparts embedded in your skin. Ew. So you’ve probably heard that it’s best to get the tick to voluntarily let go. Unfortunately, that just makes things worse.

That means don’t burn a match, blow it out, and place the still-hot match on the tick’s abdomen. And don’t rub the tick with a harsh chemical like alcohol or nail polish remover until it lets go. These methods make the tick vomit up the blood they’ve already eaten, squirting it (along with saliva and possibly infectious germs) into your bloodstream.

Instead, try to grab the tick near the skin and pull it out from there. Don’t have the fortitude to execute such a precise maneuver with tweezers? The Tick Twister and Tick Key make the job almost foolproof. I have an insect/arachnid phobia that I can’t quite explain, but when my husband got a tick on his back recently, I was able to use the Tick Key to remove it without having to touch the tick or even look closely at it. You just slide the Tick Key over the disgusting, wiggly-legged lump, and off it pops.

Myth: Ticks Come From the Woods

Photo via VisualHunt

You certainly can pick up a tick from the woods, but you’re also likely to find them in parks and backyards. Ticks bury themselves in damp soil or leaf litter, and climb up on grass or brush to wait for their prey (a deer, a mouse, or a squeamish human, for example.)

You can make your yard less of a tick haven by keeping your grass short, removing any rotten leaves or similar debris, and get rid of brush piles where mice like to live. Dogs and deer can spread ticks, too, so put some Frontline on your pup and try to fence out the deer if you can.

When you go to tick-prone areas, wear shoes that you’ve thoroughly sprayed with permethrin. This is an insecticide that is very safe for humans but stops ticks from crawling up your legs. Treat your favorite hiking boots, socks, and pants with the stuff; consider it for the shoes you use for yard work, too. To finish the job, spritz on a DEET-based spray whenever you head out to the backyard or park. It’s also safe when used properly, even for kids, and it will repel mosquitoes as well as ticks.

Myth: You Should Wear a Hat Because Ticks Drop Out of Trees

Photo by Stuck in Customs

You may well find ticks in your hair, but they aren’t falling from the sky.

Remember, ticks spend their time in damp leaf litter so that they don’t dehydrate. When they’re ready to snag a meal, they don’t climb too far from the ground. They’ll go to about ankle or knee height, and hang off the edge of a twig or blade of grass with their legs extended. Entomologists, who probably think this is cute, call this behavior “questing.”

Once you brush against the tick, though, it’s on your body and all bets are off. The tick will climb up, up, up your pantleg, and you could find it anywhere. In one study, the lone star tick “favored the lower extremities [legs], buttocks, and groin” while blacklegged ticks didn’t care and would bite anywhere.

Ticks could be in your hair, in your beard, in your armpits, or where the sun don’t shine. They’re also very small, so you (or a very close friend) need to examine these areas carefully. Me, I just take a shower after I’ve been outside, and hope for the best.

Myth: If a Tick Bites You, You Probably Have Lyme Disease

Again, maps from the CDC.

It’s time for a little bit of good news. You probably don’t have Lyme disease.

First, although Lyme is common in more areas than it used to be, it’s still in just a small portion of the US. Most cases are in the northeast, from Virginia on up, with another swath in the Wisconsin-Minnesota area. If you live anywhere else, you’re much less likely to catch the disease at home.

Instead, you might get ehrlichiosis, babesiosis, Rocky Mountain spotted fever, or any of a variety of other tick-borne diseases. Each one has its own home range, so check with your local health department to see what they say you should worry about.

Even if the tick carries the Lyme disease bacteria, it doesn’t transmit them until it’s been attached and feeding for 36 to 48 hours. So if you know that tick wasn’t there yesterday, there’s a good chance you’re in the clear.

Myth: You Should Get That Tick Tested

Photo by Thirteen Of Clubs

We’ve told you in the past that if you find a tick, you should save it for testing. That depends, though. Back in 2010, my husband found an evil little tick sucking the life force out of my adorable dear infant son, and the pediatrician had us send the tick to be tested at the county health department. We rushed to do so, and the results came back negative. Phew.

But a few years later, another of our kids was bitten by a tick, and the doctor shrugged and told us testing was no longer recommended. Tick bites are fairly common these days, the tick can have Lyme without giving it to you, and you can get Lyme disease even if this particular tick wasn’t the one that did the deed. Check with your doctor to see if they agree with ours; this advice may vary.

By the way, a blood test for Lyme isn’t likely to help either. Instead, your provider will probably recommend watching for symptoms of Lyme disease—not just the famous bull’s eye rash, since it doesn’t always appear, but also flu-like symptoms, fatigue, and achiness. If you have any of these, with or without noticing a tick bite, call the doc. And if Lyme is common in your area, it’s possible your provider might want to treat you with a course of heavy duty antibiotics whether you show symptoms or not.

Myth: If You Get Lyme Disease, You’ll Have It for Life

There’s some truth to this one: If you had Lyme disease, and were already treated for it, you could still have fatigue and pain for months afterward. This happens because the disease damages parts of your body, and it can take a long time to recover from that even after antibiotics have killed the responsible bacteria.

But there is also a whole mythology around “chronic” Lyme disease, where people describe wide-ranging symptoms that they say are caused by hidden colonies of the bacteria. Click the wrong Google results while you’re recovering, and you’ll find yourself deep in a rabbit hole of conspiracy theories and alternative medicine clinics that say they have the real way to treat you, even though your doctor wants to hide the truth.

Probably some of the people with “chronic Lyme” have real autoimmune or neurological conditions that are going undiagnosed while they chase a fictional villain. If you end up with Lyme disease, don’t be afraid to seek help (or even second opinions), but do keep your wits about you. There’s a lot of myths out there.


via Lifehacker
You’re Probably Going to Get a Tick This Summer. Good Luck.

Watch a near-pristine Apple I boot up and run a program

Glenn and Shannon Dellimore own at least two original Apple I computers built in 1976 by Steve Wozniak, Dan Kottke, and Steve Jobs. The couple recently purchased one of the computers at auction for $365,000 and then lent it to London’s Victoria and Albert Museum for an exhibition. The hand-built machine is in such good condition that they were able to boot it up and run a simple program.

The superlative rarity of an Apple-1 in this condition is corroborated by this machine’s early history.The owner, Tom Romkey, owned the “Personal Computer Store” in Florida, and was certified as an Apple level 1 technician in 1981. One day, a customer came into his shop and traded in his Apple-1 computer for a brand new NCR Personal Computer. The customer had only used the Apple-1 once or twice, and Mr. Romkey set it on a shelf, and did not touch it again.

The Apple I was the first modern personal computer: the whole thing fit on just one board and used the familiar keyboard/monitor input and output.

By early 1976, Steve Wozniak had completed his 6502-based computer and would display enhancements or modifications at the bi-weekly Homebrew Computer Club meetings. Steve Jobs was a 21 year old friend of Wozniak’s and also a visitor at the Homebrew club. He had worked with Wozniak in the past (together they designed the arcade game “Breakout” for Atari) and was very interested in his computer. During the design process Jobs made suggestions that helped shape the final product, such as the use of the newer dynamic RAMs instead of older, more expensive static RAMs. He suggested to Wozniak that they get some printed circuit boards made for the computer and sell it at the club for people to assemble themselves. They pooled their financial resources together to have PC boards made, and on April 1st, 1976 they officially formed the Apple Computer Company. Jobs had recently worked at an organic apple orchard, and liked the name because “he thought of the apple as the perfect fruit — it has a high nutritional content, it comes in a nice package, it doesn’t damage easily — and he wanted Apple to be the perfect company. Besides, they couldn’t come up with a better name.”

In other words, Woz invented the Apple computer, but Jobs invented Apple Computer. Here’s a longer video of another working Apple I:

This one is also in great condition, although it’s been restored and some of the original parts have been replaced. If you’d like to play around with your own Apple I without spending hundreds of thousands of dollars at an auction, I would recommend buying a replica kit or trying out this emulator written in Javascript. (thx, chris)

Tags: Apple   computing   Dan Kottke   Glenn Dellimore   Shannon Dellimore   Steve Jobs   Steve Wozniak
via kottke.org
Watch a near-pristine Apple I boot up and run a program

The Game Is On in This Incredible Game of Thrones Season Seven Promo

The first promo for the new season of Game of Thrones is here, and kings and queens and guillotines are ready to take some lives. Only stop, it’s Winter Time.

Game of Thrones comes back this summer with its penultimate season, and our three major players are set to make their next move. Queen Cersei has taken over the Seven Kingdoms, but Jon Snow is poised to reclaim the North, and Daenerys has creeped into Westeros and staked her claim on Dragonstone, the former Targaryen throne. But these power plays won’t mean shit when the White Walkers come barging in. This season is setting up to be something truly special.

Game of Thrones returns July 16.

[YouTube]

via Gizmodo
The Game Is On in This Incredible Game of Thrones Season Seven Promo

Here’s all the new stuff in Apple’s latest security document

Hey guess what? Apple has a new security whitepaper! Apple only releases these things once every few years, and they represent the public’s only window into how iPhones and other Apple products secure the massive amounts of data entrusted to them.

Even though Apple hasn’t released a security whitepaper since Sept. 2015 (or since iOS 9, if you prefer to measure time in software updates), there’s not much earth-shattering new information in the latest edition, which covers iOS 10.

This is probably a good sign for users — the fact that Apple isn’t making many changes to the basic security structure of the iPhone likely means that Apple hasn’t uncovered any major flaws in its product. The company puts significant resources into testing its own security and invites outside researchers to do the same through its bug bounty program.

But Apple has rolled out plenty of new features and products in the last few years, and the security whitepaper reflects that. Here are some of the biggest new developments:

TouchID opened to developers

When Apple first debuted Touch ID, it used customers’ fingerprints solely for unlocking iPhones and approving purchases in Apple-controlled environments like iTunes and iBooks. But starting in iOS 9, Apple opened up Touch ID to support biometric-approved logins for third-party app developers. The whitepaper gives us a small update on the encryption key generation and storage that makes this possible:

With iOS 9 or later, developers can:
• Generate and use ECC keys inside Secure Enclave. These keys can be protected by Touch ID. Operations with these keys are always done inside Secure Enclave after Secure Enclave authorizes the use. Apps can access these keys using Keychain through SecKey. SecKeys are just references to the Secure Enclave keys and the 
keys never leave Secure Enclave.

By generating the codes on a one-time basis, Apple is able to offer access to TouchID confirmations without re-using keys that could get stolen or leaked. This is similar in philosophy to the way that Apple Pay generates one time transaction codes without transmitting your actual credit card number.

HomeKit won’t let your smart house spy on you

In the dystopian future our current reality, your smart TV might spy on you or let someone else spy on you. Or your digital assistant might testify against you. Apple wants to avoid these scenarios with Apple TV and the rest of the HomeKit-enabled devices that make up its smart home offerings.

Apple offered details about how HomeKit securely communicates with a user’s iPhone and the devices in his house while keeping his information private even from Apple in its last whitepaper, but there’s one new tidbit about how it secures Apple TVs. Apple makes an effort to keep hackers away from your Apple TV by requiring two-factor authentication on iCloud accounts in order to provision the TVs:

The process to provision Apple TV for use with HomeKit is performed automatically when the user signs in to iCloud. The iCloud account needs to have two-factor authentication enabled. Apple TV and the owner’s device exchange temporary Ed25519 public keys over iCloud. When the owner’s device and Apple TV are on the same local network, the temporary keys are used to secure a connection over the local network using Station-toStation protocol and per-session keys. This process uses authentication and encryption that is the same as that used between an iOS device and a HomeKit accessory. Over this secure local connection, the owner’s device transfers the user’s Ed25519 public-private key pairs to Apple TV. These keys are then used to secure the communication between Apple TV and the HomeKit accessories and also between Apple TV and other iOS devices that are part of the HomeKit home.

Siri’s still clunky with third-party apps (but it’s for your own good)

After more than seven years on the market, Siri is pretty good at answering your questions — as long as those answers are contained within Apple apps. Siri can tell you the weather or schedule reminders, but she runs into trouble if you ask her to Venmo some cash to a family member.

The security whitepaper explains why: Apple is trying to follow the privacy rules users set in place for apps and not violate them with Siri requests.

Although Siri has access to iOS contacts and the device’s current location, Siri checks the permission to access iOS-protected user data of the app containing the Extension to see if the app has access before providing that information to it. Siri passes only the relevant fragment of the original user query text to the extension. For example, if the app doesn’t have access to iOS contacts, Siri won’t resolve a relationship in a user request such as “Pay my mother $10 using PaymentApp.” In this case, the Extension’s app would only see “mother” through the raw utterance fragment being passed to it. However, if the app does have iOS contacts access, it would receive the iOS Contact information for the user’s mother.

New possibilities (and privacy) for live-streaming

iOS 10 expands a developer tool called ReplayKit, which makes it possible to livestream or record video from the iPhone’s screen. Naturally, Apple’s added privacy notifications to let customers know when their screens are being recorded and make sure they consent to the recording.

Originally impossible, recording and playback of iOS screens had been a popular feature available to jailbroken iPhones before it was added into iOS. Unsurprisingly, Apple has applied a logical but highly restricted scope to how the feature can be accessed.

Apple also ensures that users don’t lose control of their recordings: “The movie file is written to a directory that’s only accessible to ReplayKit’s subsystems and is never accessible to any apps. This prevents recordings being used by third parties without the user’s consent,” the paper explains.

Start a payment on the computer, finish on your phone

Apple Pay is available for web transactions in iOS 10 and most of the security architecture is what you’d expect for a web-based payments system. Apple requires websites to register and have their domain verified by Apple, and sites need to serve their content over an encrypted HTTPS connection.

But there is one cool feature that’s new here — you can start a transaction on your laptop and finish it with your iPhone or Apple Watch. This transaction handoff requires some interesting security wrangling that allows your credit card information to remain securely on your phone or watch.

In the case of Mac to iPhone or Apple Watch handoff, Apple Pay uses the end-to-end encrypted IDS protocol to transmit payment related information between the user’s Mac and the authorizing device. IDS uses the user’s device keys to perform encryption so no other device can decrypt this information, and the keys aren’t available to Apple. Device discovery for Apple Pay handoff contains the type and unique identifier of the user’s credit cards along with some metadata. The device-specific account number of the user’s card isn’t shared and it continues to remain stored securely on the user’s iPhone or Apple Watch. Apple also securely transfers the user’s recently used contact, shipping, and billing addresses over iCloud Keychain.

About that bug bounty…

Apple was a bit slow to adopt a bug bounty, finally introducing one last year. The program, which offers financial rewards to researchers who find security flaws in Apple software or hardware, was invitation-only at first, but Apple said it would slowly expand the list of invitees.

The bounty program gets a nod in the new whitepaper, which notes that hackers can participate even if they haven’t received an invite. “In order to be eligible for an Apple Security Bounty, researchers are required to provide a clear report and working proof of concept. The vulnerability must affect the latest shipping iOS and where relevant the latest hardware. The exact payment amount will be determined after review by Apple,” the paper explains.

There are a few other tweaks (helpfully highlighted on Github) but that’s everything major in this update.

Featured Image: Bryce Durbin/TechCrunch

via TechCrunch
Here’s all the new stuff in Apple’s latest security document

Howto Encrypt MySQL Backups on S3

TwinDB Backup supports encrypted backup copies since version 2.11.0. As usual the tool supports natively backup and restore operations, if backup copies are encrypted the tool takes care of decryption.

Installing TwinDB Packages repository

I will work with CentOS 7 system to show the example, but there are also packages for Ubuntu trusty and Debian jessie.

We host our packages in PackageCloud which provides a great installation guide if you need to install the repo via puppet, chef etc. The manual way is pretty straightforward as well. A PackageCloud script installs and configures the repository.

curl -s http://ift.tt/2nboXIn | sudo bash

Installing twindb-backup

Once the repository is ready it’s time to install the tool.

yum install twindb-backup

Let’s review what files the tool actually installs.

# rpm -ql twindb-backup
/opt
/opt/twindb-backup
...
/opt/twindb-backup/bin
...
/opt/twindb-backup/bin/twindb-backup
...

The RPM installs the files in opt because we use OmniBus to package twindb-backup. We package with the tool itself its own python, dependencies. That way we make sure there are no conflicts, no surprises due to different modules versions etc.

The post installation script also creates a cron config and a sample tool configuration file.

# cat /etc/cron.d/twindb-backup
@hourly  root twindb-backup backup hourly
@daily   root twindb-backup backup daily
@weekly  root twindb-backup backup weekly
@monthly root twindb-backup backup monthly
@yearly  root twindb-backup backup yearly

# cat /etc/twindb/twindb-backup.cfg
# NOTE: don't quote option values
# What to backup
[source]
backup_dirs=/etc /root /home
backup_mysql=no

# Destination
[destination]
# backup destination can be ssh or s3
backup_destination=ssh
keep_local_path=/var/backup/local


[s3]

# S3 destination settings

AWS_ACCESS_KEY_ID=XXXXX
AWS_SECRET_ACCESS_KEY=YYYYY
AWS_DEFAULT_REGION=us-east-1
BUCKET=twindb-backups

[ssh]

# SSH destination settings

backup_host=127.0.0.1
backup_dir=/tmp/backup
ssh_user=root
ssh_key=/root/.ssh/id_rsa

[mysql]

# MySQL

mysql_defaults_file=/etc/twindb/my.cnf

full_backup=daily

[retention]

# Remote retention policy

hourly_copies=24
daily_copies=7
weekly_copies=4
monthly_copies=12
yearly_copies=3

[retention_local]

# Local retention policy

hourly_copies=1
daily_copies=1
weekly_copies=0
monthly_copies=0
yearly_copies=0

[intervals]

# Run intervals

run_hourly=yes
run_daily=yes
run_weekly=yes
run_monthly=yes
run_yearly=yes

Preparing Encryption Key

We use GPG to encrypt the backups. The tool doesn’t manage the keys so it’s all user responsibility to create and save a backup copy of the key.

Let’s generate the key first.

# gpg --gen-key
gpg (GnuPG) 2.0.22; Copyright (C) 2013 Free Software Foundation, Inc.
This is free software: you are free to change and redistribute it.
There is NO WARRANTY, to the extent permitted by law.

gpg: directory `/root/.gnupg' created
gpg: new configuration file `/root/.gnupg/gpg.conf' created
gpg: WARNING: options in `/root/.gnupg/gpg.conf' are not yet active during this run
gpg: keyring `/root/.gnupg/secring.gpg' created
gpg: keyring `/root/.gnupg/pubring.gpg' created
Please select what kind of key you want:
(1) RSA and RSA (default)
(2) DSA and Elgamal
(3) DSA (sign only)
(4) RSA (sign only)
Your selection? 1
RSA keys may be between 1024 and 4096 bits long.
What keysize do you want? (2048)
Requested keysize is 2048 bits
Please specify how long the key should be valid.
0 = key does not expire
<n> = key expires in n days
<n>w = key expires in n weeks
<n>m = key expires in n months
<n>y = key expires in n years
Key is valid for? (0) 0
Key does not expire at all
Is this correct? (y/N) y

GnuPG needs to construct a user ID to identify your key.

Real name: Aleksandr Kuzminsky
Email address: backups@twindb.com
Comment: Key for encrypting MySQL backups
You selected this USER-ID:
"Aleksandr Kuzminsky (Key for encrypting MySQL backups) <backups@twindb.com>"

Change (N)ame, (C)omment, (E)mail or (O)kay/(Q)uit? O

You don't want a passphrase - this is probably a *bad* idea!
I will do it anyway. You can change your passphrase at any time,
using this program with the option "--edit-key".

We need to generate a lot of random bytes. It is a good idea to perform
some other action (type on the keyboard, move the mouse, utilize the
disks) during the prime generation; this gives the random number
generator a better chance to gain enough entropy.
We need to generate a lot of random bytes. It is a good idea to perform
some other action (type on the keyboard, move the mouse, utilize the
disks) during the prime generation; this gives the random number
generator a better chance to gain enough entropy.
gpg: /root/.gnupg/trustdb.gpg: trustdb created
gpg: key 8564B88A marked as ultimately trusted
public and secret key created and signed.

gpg: checking the trustdb
gpg: 3 marginal(s) needed, 1 complete(s) needed, PGP trust model
gpg: depth: 0 valid: 1 signed: 0 trust: 0-, 0q, 0n, 0m, 0f, 1u
pub 2048R/8564B88A 2017-03-28
Key fingerprint = 441E 4B7A FD92 C0D5 4C6B 0C89 4AE0 849C 8564 B88A
uid Aleksandr Kuzminsky (Key for encrypting MySQL backups) <backups@twindb.com>
sub 2048R/0CE02576 2017-03-28

We don’t use passphrase for the key.

Preparing twindb-backup configuration

We need to change default config. Let’s review the changes.

[source]
backup_dirs=/etc
backup_mysql=yes

It’s always nice to save backup copies of /etc. If you don’t want to backup directories, comment out backup_dirs.

# Destination
[destination]
# backup destination can be ssh or s3
backup_destination=s3
keep_local_path=/var/backup/local

We store backups in s3 and we will also keep a local copy (for faster restore time).

[s3]

# S3 destination settings

AWS_ACCESS_KEY_ID=XXXXX
AWS_SECRET_ACCESS_KEY=YYYYY
AWS_DEFAULT_REGION=us-east-1
BUCKET=twindb-backups

We will store backups in S3, so change these options to your key and bucket values.

[mysql]

# MySQL
mysql_defaults_file=/etc/twindb/my.cnf
full_backup=daily

The tool uses a defaults file to connect to MySQL, so specify it here.

# cat /etc/twindb/my.cnf
[client]
user=root

Don’t forget to chmod 600 /etc/twindb/my.cnf.

The config also tells how often to take daily full copies. The hourly copies will be the difference between the last full copy and the current state. It’s so-called differential backups.

To encrypt the backup copies add a [gpg] section

[gpg]
keyring = /root/.gnupg/pubring.gpg
secret-keyring = /root/.gnupg/secring.gpg
recipient = backups@twindb.com

It specifies where GnuPG can find private and public keys of the recipient.

Optionally you may want to change local and remote retention policies, but the defaults should be good enough.

Test backup run

Now let’s run the tool manually to see how it works.

# twindb-backup backup daily

The tool should produce no output unless there is an error.

Listing available backup copies

The tool can tell you what backup copies are available now.

# twindb-backup ls
2017-03-28 05:32:40,412: INFO: ls.list_available_backups():22: Local copies:
/var/backup/local/d312b5e3a877/status
/var/backup/local/d312b5e3a877/daily/files/_etc-2017-03-28_05_32_26.tar.gz
/var/backup/local/d312b5e3a877/daily/mysql/mysql-2017-03-28_05_32_30.xbstream.gz
2017-03-28 05:32:40,417: INFO: ls.list_available_backups():33: hourly copies:
2017-03-28 05:32:41,087: INFO: ls.list_available_backups():33: daily copies:
s3://twindb-backup-test-0/d312b5e3a877/daily/files/_etc-2017-03-28_05_32_26.tar.gz.gpg
s3://twindb-backup-test-0/d312b5e3a877/daily/mysql/mysql-2017-03-28_05_32_30.xbstream.gz.gpg
2017-03-28 05:32:41,687: INFO: ls.list_available_backups():33: weekly copies:
2017-03-28 05:32:42,269: INFO: ls.list_available_backups():33: monthly copies:
2017-03-28 05:32:42,831: INFO: ls.list_available_backups():33: yearly copies:

The encrypted copies have .gpg suffix. Note the local copies are not encrypted.

Restore MySQL from backup

Now we have a backup copy s3://twindb-backup-test-0/d312b5e3a877/daily/mysql/mysql-2017-03-28_05_32_30.xbstream.gz.gpg. Let’s restore MySQL database from it.

# twindb-backup restore mysql s3://twindb-backup-test-0/d312b5e3a877/daily/mysql/mysql-2017-03-28_05_32_30.xbstream.gz.gpg --dst restored
...
170328 05:39:49  innobackupex: completed OK!
2017-03-28 05:39:49,566: INFO: restore.restore_from_mysql():354: Successfully restored s3://twindb-backup-test-0/d312b5e3a877/daily/mysql/mysql-2017-03-28_05_32_30.xbstream.gz.gpg in restored.
2017-03-28 05:39:49,566: INFO: restore.restore_from_mysql():356: Now copy content of restored to MySQL datadir: cp -R restored/* /var/lib/mysql/
2017-03-28 05:39:49,566: INFO: restore.restore_from_mysql():357: Fix permissions: chown -R mysql:mysql /var/lib/mysql/
2017-03-28 05:39:49,566: INFO: restore.restore_from_mysql():359: Make sure innodb_log_file_size and innodb_log_files_in_group in restored/backup-my.cnf and in /etc/my.cnf are same.
2017-03-28 05:39:49,566: INFO: restore.restore_from_mysql():362: Original my.cnf is restored in restored/_config.
2017-03-28 05:39:49,566: INFO: restore.restore_from_mysql():364: Then you can start MySQL normally.

Now we have a restored database in restored directory that we can copy to /var/lib/mysql

# ls -la restored/
total 30756
drwxr-xr-x 6 root root     4096 Mar 28 05:39 .
dr-xr-x--- 5 root root     4096 Mar 28 05:39 ..
drwxr-xr-x 3 root root     4096 Mar 28 05:39 _config
-rw-r----- 1 root root      262 Mar 28 05:39 backup-my.cnf
-rw-r--r-- 1 root root  5242880 Mar 28 05:39 ib_logfile0
-rw-r--r-- 1 root root  5242880 Mar 28 05:39 ib_logfile1
-rw-r----- 1 root root 18874368 Mar 28 05:39 ibdata1
drwx------ 2 root root     4096 Mar 28 05:39 mysql
drwx------ 2 root root     4096 Mar 28 05:39 performance_schema
drwx------ 2 root root     4096 Mar 28 05:39 test
-rw-r----- 1 root root       89 Mar 28 05:39 xtrabackup_checkpoints
-rw-r----- 1 root root      562 Mar 28 05:39 xtrabackup_info
-rw-r----- 1 root root  2097152 Mar 28 05:39 xtrabackup_logfile

The post Howto Encrypt MySQL Backups on S3 appeared first on Backup and Data Recovery for MySQL.


via Planet MySQL
Howto Encrypt MySQL Backups on S3

Three Home Invaders Discover World’s Best Home Defense Weapon

long ar-15

Three home invaders dressed all in black and wearing masks and gloves probably thought they’d easily overpower the owner of a Broken Arrow (OK) home.

They clearly didn’t count on the homeowner’s adult son being there, armed with one of the best home defense firearms ever designed, an AR-15.

Three would-be robbers were shot and killed Monday when an Oklahoma homeowner’s son opened fire on them with an AR-15, authorities said.

Wagoner County sheriff’s deputies were called to the home in Broken Arrow, southeast of Tulsa at around 12:30 p.m. local time. When they arrived, they found the three dead suspects and two uninjured residents.

Sheriff’s spokesman Deputy Nick Mahoney said the suspects enetered the home through a glass back door with the intent to burglarize it. It was not immediately clear why they picked that home.

Mahoney said the suspects encountered the homeowner’s 19-year-old son, who opened fire after an exchange of words. Two of the suspects died in the home’s kitchen while a third was found in the driveway.

It was not immediately clear whether the suspects were armed, but Mahoney said the preliminary investigation indicated the shootings were in self-defense. The homeowner’s son volunteered to give a statement at the sheriff’s office.

A forth suspect, believed to have been the wheelman for the three deceased home invaders, has since been arrested.

19-year-old Americans armed with variations of Eugene Stoner’s rifle have been killing bad guys  since 1964.

The most common AR-15 configurations we see on today’s civilian market, featuring collapsible stocks, 16″ barrels, and standard capacity 30-round magazines, give homeowners a light recoiling, very controllable and precise semi-automatic rifle. The very common 55-grain M193 round FMJ “ball” round fragments in both tissue and in building matters at home defense distances.  Hollowpoint rounds designed for varmint hunting, law enforcement, and home defense, such as Winchester PDX1 “Defender” line can be even more devastating to bad guys, while breaking up faster when encountering build materials.

AR-15’s are more powerful and carry more rounds than handguns, while their bullets run the same or less risk of over-penetration and creating downrange injuries as most handgun rounds. AR-15s are far less punishing to shoot than shotguns loaded with quality defensive ammunition, and get back on target faster for follow-up shots if needed.

Commonly paired with a red-dot optic and a weapon light, AR-15s excel at battling bad guys both day and night, and are easily controlled by shooters of nearly any size or stature.

ar-15 shooter

“America’s rifle” was used to save two lives in Oklahoma today, and enabled a single teenager to quickly triumph over three criminals.

The post Three Home Invaders Discover World’s Best Home Defense Weapon appeared first on Bearing Arms.

via Bearing Arms
Three Home Invaders Discover World’s Best Home Defense Weapon

Video: 9 Tips to Building a Stable MySQL Replication Environment

This video walks you through nine tips you should consider when deploying and managing a MySQL Replication environment and how utilizing ClusterControl can help make deploying, managing, monitoring, and scaling MySQL easy.

Though MySQL replication is one of the easier HA deployments to set up, it is also easy to break and time-consuming to troubleshoot.  ClusterControl’s point-and-click interface lets you securely automate deployment and scaling of MySQL replication setups to get production-ready environments up and running in a very short time. No need for guesswork, or time-consuming experimentation with different open source utilities.

ClusterControl and MySQL Replication

ClusterControl provides advanced deployment, management, monitoring, and scaling functionality to get your MySQL instances up-and-running using proven methodologies that you can depend on to work.  ClusterControl makes MySQL replication easy and secure with point-and click interfaces and no need to have specialized knowledge about the technology or multiple tools. It covers all aspects one might expect for a production-ready replication setup.

Ongoing maintenance and troubleshooting MySQL Replication is easier with ClusterControl because it removes the complexity that is often introduced when using multiple external tools and ClusterControl lets you monitor all your MySQL deployments from a single interface.

To learn more check out the following resources…

Tags: 

via Planet MySQL
Video: 9 Tips to Building a Stable MySQL Replication Environment