Douglas Crockford famously declared browsers to be "the most hostile software engineering environment imaginable," and that wasn’t hyperbole. Ensuring that our websites work across a myriad of different devices, screen sizes and browsers our users depend on to access the web is a tall order, but it’s necessary.
If our websites don’t enable users to accomplish the key tasks they come to do, we’ve failed them. We should do everything in our power to ensure our websites function under even the harshest of scenarios, but at the same, we can’t expect our users to have the exact same experience in every browser, on every device.
A knife is only as good as its edge: The sharper, the better.
A sharp edge not only makes your cutting tasks easier, it also makes them safer. With a sharp edge, you use less force and have more control resulting in fewer accidents.
Sharpening a knife, in theory, is a very simple task. But with new steels and complex grinds, it can get difficult very quickly.Here are a few pointers.
Sharpen Anytime, Anywhere
You can sharpen a knife with almost anything — a fancy sharpening system, the bottom of a coffee cup, your belt, or even a piece of sandstone. But the key to sharpening is understanding the angle you need and using a progressively finer material.
Eventually you will acquire muscle memory, allowing you to hold an angle relatively steady. One way to train yourself is the “Sharpie trick”: Coat the cutting edge with a Sharpie marker and sharpen until the ink is gone.
As an experiment, for a year I sharpened my Kabar Becker BK9 with nothing other than a piece of sandstone and my belt.The sandstone acted as the coarse treatment and the belt the finer treatment.And, much to my surprise, it worked quite well.The blade didn’t look pretty (and really your big chopper never should) but it was quite sharp.
Eventually, the unevenness produced by common materials was enough to necessitate a trip to a professional. However, it worked for a year and I am sure in a survival situation, it would work even longer.
Start Stropping
Every steel can benefit from the use of a strop.A strop is usually a piece of leather “charged” with some kind of compound, but it doesn’t have to be.In talking to folks at Triple Aught Design on my podcast, TAD’s former knife guy, Gianni Donati, swore by the use of a cardboard edge.Anything can work.
Stropping on a cardboard edge
The idea behind the strop is that by passing the blade over the charged leather, the microscopic edge performing the actual cutting is realigned. The result is a sharper and easier to use knife. A few swipes on each side of the blade is all that is needed to strop an edge.
The key is stropping regularly.With older steels, 1095 for example, the benefits are quickly seen.With something like ZDP-189, which is much harder, the benefits aren’t as shocking. Stropping is particularly helpful for convex-ground knives. The gentling curving grind is hard to match up to a perfectly flat sharpening stone, but it mates well with the give found in most stropping substrates.
A regular stropping routine and a modern high-hardness steel can help you all but avoid full re-sharpenings, which, with some high-end powder steels, can take more than an hour.
It’s been two years since I purchased my latest Dragonfly. It is still hair-popping sharp, even though it has not seen the sharpening stone.Stropping alone did the trick.
Maintain Consistent Angle
More than anything, the important part of both stropping and sharpening is consistency. And consistency is all about practice.
Skilled sharpeners need no guides of any kind and can get razor edges from any abrasive material. Practice on a cheap knife with soft steel, like a Buck with 420HC or a Victorinox. Over time you will get a feel for the angle of the knife. Once you have the “touch,” sharpening harder steels is just a matter of more repetition.
Some knife sharpeners help users maintain a proper angle. These systems are great for beginners or people that need to batch out edges. However, as sharpeners get more expensive, all they do is help hold a consistent angle with guides, braces, and rulers.
Something like the Apex Pro or the Wicked Edge is nothing more than a series of braces and rigid arms designed to hold an angle to the edge that is exactly the same over and over again.
Choose A Sharpener
Prior to diving into high-end systems, I would recommend something like the Sharp Maker from Spyderco or the Lanksy system.They may not tune the blade to a thousandth of an inch, but they have enough consistency to get good results.
If you absolutely need that high-end edge, one capable of reflecting newsprint, then you probably need to upgrade beyond these two systems. But that gleaming edge adds more appearance than performance.
In the end, the best grinders don’t use a system at all.Jesse Jarosz and Murray Carter, two custom makers, put the final edge on their knives by hand. I’ve seen an expert shave with an axe and fillet a piece of paper, both after freehand sharpening.
For mere mortals like us, the best treatment is a pair of strops with two different grits of compound and either a Sharp Maker or Lansky.With those tools, a good routine, and some practice, you will have sharp blades forever.
Eventually, with experience, you will come to learn a great deal. Nothing shows you the soul of a steel like sharpening it.
The business world seems like it caters to extroverts. And that makes sense: As a business owner, you need charisma to lead a team, negotiate with partners and engage with them regularly. In addition, you need to network with new people and improve your client relationships.
For an introvert, therefore, these responsibilities may seem intimidating, or even overwhelming, to deal with. Introverts tend to prefer quieter, solitary environments; but does that mean it’s impossible for them to be successful entrepreneurs?
Of course not. If you’re an introvert, you have your own strengths and weaknesses; and while you may have some extra challenges to overcome in business ownership, you’ll also have some extra advantages — if you know how to use them.
1. Choose your business category wisely.
Your first step is to choose your business carefully. Before you write up a business plan, think carefully about your idea and how it will relate to your personality and mental and emotional needs:
Play to your strengths. Not always, but often, introverts like to bury themselves in specific, individual tasks. For example, you might like to code applications at work, or, as a hobbyist, you might be an expert woodworker. In either case, you need to build a business that caters to your particular strengths. There’s almost certainly something you can do or something you know that extroverts won’t be able to match. So pinpoint it and exploit it.
Minimize interaction demand. When you start planning your business, opt for a model that doesn’t require much personal interaction. For example, you might want to avoid one-on-one consulting or training if you don’t enjoy socializing. You might also want to rely more on helpful tools to build your business than do other people.
Start small. Whatever your business is, start small. Hire only the people you need; that way, you can get used to your role gradually and avoid overloading yourself with new people and situations.
2. Find partners who’ll complement you.
If you’re strongly introverted, you’ll be better off finding business partners and employees who complement your personality and skill set. For example, if you hate the idea of making a sales pitch to a stranger and don’t like talking to people in general, team up with someone who’s strongly extroverted and straightforward, who likes having conversations.
Introversion is a collection of strengths and weaknesses, and extroversion is, too; so you’ll need a blend of both if you want your business to perform its best.
This is your company. This is your brand. You get to define it and build it in any way you choose. Obviously, you have to consider the limits of practicality and what will work best for your business, but consider adopting policies and values that cater to your introverted nature. For example, if you prefer written communication to spoken communication, consider making your business fully remote, with all your employees working from home.
If you don’t like the idea of one-on-one sales meetings, opt for more inbound marketing strategies, to reach your revenue goals.
4. Use online networking and interaction.
If you don’t like to engage with people in the real world, maybe you can find your stride in online interactions. Instead of going out to networking events, for example, you can do the majority of your networking over social media. You can rely on emails and instant messages for the bulk of your interactions, and reserve in-person meetings for when you really need them.
There are some benefits to talking to people in person, so don’t be exclusive with online interactions.
5. Practice socializing.
While it’s definitely possible to be a solo entrepreneur, I don’t recommend it. Sooner or later, you’re going to have to socialize with other people, whether it’s partners, clients, employees or mentors. If you aren’t good at socializing, or prefer to avoid it, you’ll need to practice, to get your social game up. Conversation and interactions are skills, like anything else, and you can refine them if you spend time working on your abilities.
Start by attending more networking events, and talking to other attendees there. Also, develop new tactics for guiding conversations the way you want them to go. This may seem intimidating at first, but you’ll get the hang of it.
6. Learn to be uncomfortable.
There are a couple of important things to remember here. First, your introversion isn’t a curse — it’s a strength, if you know how to use it, and you need to be able to play to that strength. Second, no matter what, you’re going to face situations that make you uncomfortable as an introvert. If you want to be a successful entrepreneur, you need to become more comfortable with the idea of being uncomfortable.
It’s only through discomfort that we challenge ourselves to grow, learn new things and earn successes that only people dream of.
JAYSON DEMERS
Jayson DeMers is founder and CEO of AudienceBloom, a Seattle-based SEO agency. He’s the author of the ebook, “The Definitive Guide to Marketing Your Business Online.”
Guardians of the Galaxy Vol. 2 premiered a brand new trailer tonight. It’s got space battles, dancing, and more Rocket gadgets. Plus, we finally see Peter (Chris Pratt) meet his dad. Just try to be upset that the galaxy is in danger while watching this.
We’ll have a closer look at everything new this reveals later, but for now learn how yelling at someone is the difference between being friends and being family.\
dryriver writes: BBC Capital explores why good ideas people have in the workplace almost never reach the top decision-makers in a company. From the report: "Surely you’ve heard the plea from on high at your company: we want more innovation, from everyone at every level. Your boss might even agree with the sentiment — because, of course, who doesn’t like innovation? It’s good for everyone, right? Yet when it comes to innovating at your job it might be better to lower your expectations — and then some. Your idea is far more likely to die on your boss’s desk than it is to reach the CEO. It’s not that top managers don’t want new ideas. Rather, it’s the people around you — your colleagues, your manager — who are unlikely to bend toward change. Today, big companies that don’t innovate face extinction. ‘Companies are almost forced to say that they are changing these days,’ says Lynn Isabella, professor of organizational behavior at the University of Virginia Darden School of Business in the U.S. But, ‘it’s not organizations that resist change; people resist,’ says Isabella. ‘The people have to see what’s in it for them.’" As mentioned in the report, some of the key questions that the people whom you pitch your ideas to will ask themselves include, what does this innovation mean for me personally — will it be more challenging or will it lead to more career opportunities, and what will it mean for my job — will I get fired or will it be (or was it) worth it? Many times the answers to these questions don’t stack up in favor of the innovation, Isabella says. As a result, the people who need to buy in don’t push for change.
Tonight at 9 p.m. EST, 6 p.m. pacific, Trump will be giving his first major speech to a joint session of Congress. Here’s how you can watch it anywhere, no cable required.
The address will be streaming live through all of these outlets:
The Onion (if you want your address with commentary)
Trump’s speech isn’t technically a State of the Union address since that usually doesn’t happen until a president has been in office for a year. But the so-called “address to a joint session” is still pretty important, with the president expected to lay out his vision and goals for the country in the coming years.
Let’s briefly touch on how Elasticsearch and MongoDB became easy targets…
Elasticsearch
Elasticsearch® does not implement any access control: neither authentication nor authorization. For this, you need to deploy the Elastic’s shield offering. As such, if you have an Elasticsearch deployment that is addressable from the Internet, you’re asking for trouble. We see many deployments have some authentication around their access, such as HTTP Basic Auth – though sadly, some don’t employ authentication or network isolation. We already wrote a blog about this here.
MongoDB
MongoDB (< 2.6.0) does allow for access control through account creation. It binds to
0.0.0.0
by default (allowing access from anywhere). This is now changed in /etc/mongod.conf in versions >= 2.6.0. Often administrators don’t realize or don’t know to look for this. (Using MongoDB? My colleague David Murphy wrote a post on this issue here).
We began to see incidents where both Elasticsearch and MongoDB had their datasets removed and replaced with a
README/note
instructing the user to pay a ransom of 0.2BTC (Bitcoin) to the specified wallet address (if they wanted their data back).
MySQL
So is this latest (and similar) attack on MySQL MySQL’s fault? We don’t think so. MySQL and Percona Server® for MySQL by default do not accept authentication from everywhere without a password for the
root
user.
Let’s go over the various security options MySQL has, and describe some other best practices in order to protect your environment.
Default
bind_address=127.0.0.1
in Percona Server for MySQL
MySQL currently still binds to
0.0.0.0
(listen to all network interfaces) by default. However, Percona Server for MySQL and Percona XtraDB Cluster have different defaults, and only bind on
Recall, if you will, CVE-2012-2122. This ALONE should be enough to ensure that you as the administrator use best practices, and ONLY allow access to the MySQL service from known good sources. Do not setup root level or equivalent access from any host (
%
indicates any host is allowed). Ideally, you should only allow root access from
127.0.0.1
– or if you must, from a subset of a secured network (e.g.,
10.10.0.%
would only allow access to
10.10.0.0/24
).
Prevent Access
Also, does the MySQL database really need a publicly accessible IP address? If you do have a valid reason for this, then you should firewall port 3306 and whitelist access only from hosts that need to access the database directly. You can easily use
iptables
for this.
Default Users
MySQL DOES NOT by default create accounts that can be exploited for access. This comes later through an administrator’s lack of understanding, sadly. More often than not, the grant will look something like the following.
GRANT ALL PRIVILEGES TO 'root'@'%' IDENTIFIED BY '123456' WITH GRANT OPTION;
You may scoff at the above (and rightly so). However, don’t discount this just yet: “123456” was the MOST USED password in 2016! So it’s reasonable to assume that somewhere out there this is a reality.
Max Connection Errors
You can deploy max_connection_errors with a suitably low value to help mitigate a direct attack. This will not prevent a distributed attack, where many thousands of hosts are used. Network isolation is the only way to ensure your mitigation against this attack vector.
MySQL 5.7 Improvements on Security
Default Root Password
Since MySQL 5.7, a random password is generated for the only root user (
root@localhost
) when you install MySQL for the first time. That password is then written in the error log and has to be changed. Miguel Ángel blogged about this before.
Connection Control Plugin
MySQL 5.7.17 introduced a new open source plugin called Connection Control. When enabled, it delays the authentication of users that failed to login by default more than three times. This is also part as of Percona Server for MySQL 5.7.17.
Here’s an example where the 4th consecutive try caused a one-second delay (default settings were used):
$ time mysql -u bleh2 -pbleh
ERROR 1045 (28000): Access denied for user 'bleh2'@'localhost' (using password: YES)
real 0m0.009s
$ time mysql -u bleh2 -pbleh
ERROR 1045 (28000): Access denied for user 'bleh2'@'localhost' (using password: YES)
real 0m0.008s
$ time mysql -u bleh2 -pbleh
ERROR 1045 (28000): Access denied for user 'bleh2'@'localhost' (using password: YES)
real 0m0.008s
$ time mysql -u bleh2 -pbleh
ERROR 1045 (28000): Access denied for user 'bleh2'@'localhost' (using password: YES)
real 0m1.008s
mysql> SELECT * FROM INFORMATION_SCHEMA.CONNECTION_CONTROL_FAILED_LOGIN_ATTEMPTS;
+---------------------+-----------------+
| USERHOST | FAILED_ATTEMPTS |
+---------------------+-----------------+
| 'bleh2'@'localhost' | 4 |
+---------------------+-----------------+
1 row in set (0.01 sec)
Password Validation Plugin
MySQL 5.6.6 and later versions also ship with a password validation plugin, which prevents creating users with unsafe passwords (such as
In order to get stung, one must ignore the best practices mentioned above (which in today’s world, should take some effort). These best practices include:
Don’t use a publicly accessible IP address with no firewall configured
Don’t use a
root@%
account, or other equally privileged access account, with poor MySQL isolation
Don’t configure those privileged users with a weak password, allowing for brute force attacks against the MySQL service
Hopefully, these are helpful security tips for MySQL users. Comment below!
"The Pentagon is the latest government entity to join the open-source movement," writes NextGov. An anonymous reader quotes their report:
The Defense Department this week launched Code.mil, a public site that will eventually showcase unclassified code written by federal employees. Citizens will be able to use that code for personal and public projects… The Defense Department’s Digital Service team, whose members are recruited for short-term stints from companies including Google and Netflix, will be the first to host its code on the site once the agreement is finalized… "This is a direct avenue for the department to tap into a worldwide community of developers to collectively speed up and strengthen the software development process," a DOD post announcing the initiative said. The Pentagon also aims to find software developers and "make connections in support of DOD programs that ultimately service our national security." Interestingly, there’s no copyright protections on code written by federal employees, according to U.S. (and some international) laws, according to the site. "This can make it hard to attach an open source license to our code, and our team here at Defense Digital Service wants to find a solution. You can submit a public comment by opening a GitHub issue on this repository before we finalize the agreement at the end of March."
David Goodman, director of the Ohio Development Services Agency, says the state has a panoply of programs helping small businesses that don’t get the same publicity as a tax credit for a huge corporation adding 1,000 jobs.
For example, Columbus e-commerce web developer Rocket Code LLC can earn up to $210,000 in incentives if it creates 30 jobs and meets other Ohio Tax Credit Authority Terms. The company applied for the credit when it had just 18 people, and unlike some state programs, it didn’t…