In my company HelpSoft we run various websites either selling products, offering free stuff and we also own a web portal where women can find new friends.

For all of these we wanted a live chat solution. Simplicity, functionality and pricing were three factors in this process. You see Zopim everywhere, so we looked at that. We did try to sign up for a beta, unfortunately they don’t seem to like new customers because the required activation e-mail never arrived.

Sometimes in these cases, the forgotten password button is a help, but that failed too. No e-mail arrived. And ironically, their live chat support were not online.   I’m not a man who enjoys waiting a lot, if I want something I want it now, not tomorrow or whenever they feel like responding to a support ticket. So they were trashed and the whole idea of Zopim was out.

I visited one of my favorite web sites, alternativeTo and did a search for Zopim.  Some very irrelevant products showed up and so did cSupport.

I had fallen in love with IM integration I read about on Zopim. cSupport did that too, limited to XMPP, but I can live with that since that’s my favorite IM protocol anyway. And a 14-day trial with no credit card required, I mean, what’s the worst that could happen?

Getting started

It was simple, really. I clicked the “Start trial” button and inserted a name, an e-mail address and a username. I picked the “Premium” plan, it seemed to fit our needs fine.

The activation e-mail arrived! YAY! And so we were started, pretty quick.  Found the JS snippet and attached it to a site or two, just for testing.

The sign up process is flawless, it’s simple and easy.

Making it work

I’m a big fan of integration, customizing and especially usability (for our users/customers). I had trouble getting the provided Javascript example code to work (not the standard one, but the one allowing me to prepopulate the form fields in the chat with info) so I contacted cSupport via the live chat on their page. I got help instantly and received a piece of JS that worked.

Later, the same night, I found a few bugs in the product. Nothing big and nothing that would harm your kids. Just enough to be annoying, and my first thought was “this is useless.” – that did change quite fast though!

I contacted the chat support again and reported my bugs, they took action immediately and within hours new code were pushed that fixed the issues. What they were isn’t important, since they have been fixed and dealt with.

Ideas for improvement

I have had some ideas for improvement of the system. And here’s the beautiful thing: all my requests, except for one, are either planned or already implemented, the last one is under review.

Integration

There are two things to integration. One is the integration on web sites, the other thing is the IM integration used for chat agents.

Both are very easy to wrap your head around. The web integration is simple Javascript you include on our pages and that’s it. If you want to customize it, you can do and the documentation describes this.

The IM integration is easy as well. Add a Jabber account to your favorite XMPP client, accept friend requests from the chat bots. And done. Ready to go!

The IM uses commands. Being a very UNIXy guy, this is what I like. This is what a IM session looks like seen from that agent’s side:

Conclusion

cSupport is a startup. But it’s the kind of startup I like. We decided after a few days to pay for it and signed up for the paid Premium version. We have integrated it on 3 sites currently, and yes it does work multi-site.

I would definitely recommend cSupport to others. When you hit a bump in the road, you can get help. If you have a good idea (that makes sense) it will be considered, and in my case have several ideas implemented.

Oh, and by the way

I, my company HelpSoft is not in any way affiliated with cSupport. This blog post is not sponsored or an ad. It is merely my excitement I am sharing with the world.

1Password

This software is simply awesome! 1Password makes it possible for you to store all your passwords securely and gives you the ability to easily use those logins from your browser. Furthermore you can store credit card information in it, and it will be able to fill that out for you too.

Adium

I still think that Adium is the best instant messating app for your Mac. It supports most IM protocols, and that’s about what there i to day.

BetterZip

For unpacking a wide range of archives, BetterZip really gets the job done easily.

Camtasia

If you make instruction video or any other kind of screencast, Camtasia is without doubt the best application for recording these sessions I have used. Not only is it very easy to start recording, it also offers to record your mic and/or the system audio. Also, editing your work afterwards is very easy.

CoRD

While I think that Windows is a useless OS, CoRD is the best app for remote controlling those computers/servers running Windows via RDP.

Divvy

Being and old GNU/Linux desktop user, there were some things I have missed on OS X in regard to managing application windows. Divvy really makes this task easier. It gives you the ability to arrange your windows very easily and with a click on a keyboard shortcut.

Hands Off!

Control which applications has access to the internet and to write files on your disk. If you’re a security paranoid like me, you will love this.

iStat Menus

Keep an eye on your CPU, Disk, memory and network usage at all times right in your menu bar. Highly customizable and has a nice simple design.

LimeChat

The IRC client to rule them all. The themes are created using standard CSS. It also gives you a small preview window which shows you everything going on in all channels you are joined in. Great if you’re curious.

Keynote

PowerPoint.. seriously..met… the boss! Nuff’ said.

NaviCat (for MySQL)

If you manage MySQL databases and you’d like something a little nicer than phpMyAdmin and you’d like something to use for building and testing queries easily, this is the tool you want.

Transmit

Connect to FTP/SFTP/DAV/S3 either in Transmit or mount them as a drive. This just works beautifully and is extremely easy to use. Panic really did a great job here!

In my example i want all users within the “sftp” group to hit /srv/sftponly.  This can be done on userlevel or on group level. I will be using groups.

At first, use your favorite editor to ecit /etc/ssh/sshd_config and find the line starting with “Subsystem sftp” (usually at the bottom) – change it so it looks like this:

Subsystem sftp internal-sftp

Next, we need to add the rule to match users. Add this to your sshd_config at the bottom:

Match Group sftp
PasswordAuthentication yes
ChrootDirectory /srv/sftponly
AllowTCPForwarding no
X11Forwarding no
ForceCommand internal-sftp

Now add the sftp group:

groupadd sftp

Add our first user:

useradd -d /srv/sftponly -g sftp -s /bin/false <username>
passwd <username>

Now, restart openssh:

/etc/init.d/ssh restart

And you should be all set. Use your favorite SFTP editor to test. Also try logging on via SSH to make sure that the user does not have access to do that.

Troubleshooting

Along your way some problems might occur. I will try to address the most common ones here. At first what you want to do is enable debugging in openssh so you can see in the logs what happens. Edit /etc/ssh/sshd_server – find “LogLevel” and change the setting to “DEBUG” – and restart ssh. The problems below are shown either in these logs or in the output of the “sftp” command from the client. When using the sftp client be sure to add the “-v” flag for verbose output.

Problem: fatal: bad ownership or modes for chroot directory component “/”
Fix: chmod 755 /

Problem: fatal: bad ownership or modes for chroot directory “/srv/sftponly”
Fix: Folders in the path along the way must be owned by root:root and must not be writable by anyone but root. This is because the directory we are going to use will be the root of the new users.  In my example the fix would be: chown root:root /srv ; chown root:root /srv/sftponly ; chmod 755 /srv ; chmod 755 /srv/sftponly”

As a server administrator, there are a lot of concerns and one of the bigger ones is security. I know a whole lot of server administrators, and when I did a Q&A to know about their backups I was astonished to find out that more than 30% of them did not even take backup. I got a lot of responses and there are many ways of handling your backup, but a lot of them are very very wrong and will not do you any good in case of an emergency.

Do you even back up?

If you do not back up your data, what will you do in case of a hardware failure? Sure, you might be running a RAID, but a RAID is no guarantee, a RAID can break and then you will loose the game.

If you do not take backup, what will you do in the event of a fire breaking loose and destroying everything where ever your server is placed? Is your data valuable to you?

How do you back up?

Making backup is good. But how do you save your backup on the remote host? A few common ways of making backup is via FTP/SFTP/rsync. So, now you’re safe, right? If a fire breaks out, water disaster, disks die and so on, you will have your backup. And that’s good.

If your backup is automated, then your client somehow authorized to the backup server. In most of the above mentioned cased that authentication gives you full access to the backup data! Why is that bad?  It is because an attacker that has success gaining access to your server, will be able to emulate the authentication of the automated backup and therefore be able to delete both production data AND backup data.

How much is your backup worth now?

A couple of days ago I bought a UPS and set it up and now I figured I should also set it up. So I did some reading and this is my result served to make it easier for you.

In this guide, this setup is used:
- Computer with GNU/Linux Debian Lenny
-  APC Back-UPS 800

The software I use is apcupsd which is in the Debian repository. Start by installing it:

apt-get update && apt-get install -y apcupsd

The next thing is to configure it. I did a whole lot of reading the manual for apcupsd to make sure I did things right. When your UPS is set up, hook the USB cable into your server.

Go to /etc/apcupsd and edit the file apcupsd.conf

My UPS and most of the newer UPS’es form APC uses USB to interface with the server, and that makes it easier for us to talk to it. These are the parameters I have set:

UPSCABLE usb

Define that we use a USB connection to the UPS.

UPSTYPE usb
DEVICE

ONBATTERYDELAY 5
BATTERYLEVEL 10
MINUTES 10

ISCONFIGURED=yes

/etc/init.d/apcupsd start

# apcaccess

APC      : 001,044,1076

DATE     : Thu Nov 25 10:20:32 CET 2010

HOSTNAME : natalie

RELEASE  : 3.14.4

VERSION  : 3.14.4 (18 May 2008) debian

UPSNAME  : natalie

CABLE    : USB Cable

MODEL    : Back-UPS BR  800

UPSMODE  : Stand Alone

STARTTIME: Wed Nov 24 20:30:05 CET 2010

STATUS   : ONLINE

LINEV    : 230.0 Volts

LOADPCT  :  13.0 Percent Load Capacity

BCHARGE  : 100.0 Percent

TIMELEFT :  53.0 Minutes

Wed Nov 24 20:22:50 CET 2010  Power failure.

Wed Nov 24 20:22:56 CET 2010  Running on UPS batteries.

Wed Nov 24 20:23:57 CET 2010  Reached run time limit on batteries.

Wed Nov 24 20:23:57 CET 2010  Initiating system shutdown!

Wed Nov 24 20:23:57 CET 2010  User logins prohibited

Wed Nov 24 20:24:16 CET 2010  apcupsd exiting, signal 15

Wed Nov 24 20:24:16 CET 2010  apcupsd shutdown succeeded

Make NAS’es shutdown too!

ssh -i /etc/apcupsd/keys/id_rsa -l <username_for_nas> <ip_for_nas> ‘ps’

ssh -i /etc/apcupsd/keys/id_rsa -l admin <ip> ‘/sbin/poweroff’

echo “UPS ${2} initiated Shutdown Sequence” | ${WALL}

echo “Will now shutdown NAS systems before killing server” | ${WALL}

/usr/bin/ssh -l admin -i /etc/apcupsd/keys/id_rsa <NAS1_IP> ‘/sbin/poweroff’
/usr/bin/ssh -l admin -i /etc/apcupsd/keys/id_rsa <NAS2_IP> ‘/sbin/poweroff’

${SHUTDOWN} -h now “UPS ${2} initiated shutdown”

Also, the “it’s expensive” and “you need to buy” argument is used a lot of times – I see that argument as invalid. It’s not a question about money, it’s a question about whether the device is great or not.

Actually, all of this is nonsense, as the iPad should not be considered a replacement for a computer, as mentioned. The iPad is an extra device you get, something more, when you’re out and you DO NOT have the need for a computer, but would like to watch some movies, listen to music, read books, show your friends pictures.

Also, being on a flight the iPad is EXCELLENT for movies, reading and you can sit with it in a relaxed position like a piece of paper or a book.

As a response to: http://www.pcmag.com/article2/0,2817,2358590,00.asp

1 ) If you want an iPad you must know that you want quality and that you want to pay for the fact that the product is extremely well created and beautiful. If you are poor and you use the argument that the iPad is expensive, that only tells that you are  too poor to own it.

2) Beginning in november, Apple will launch iOS 4.2 for the iPad making it able to multitask.

3 ) Flash is annoying and it concumes a huge amount of CPU and memory. Also it introduces security issues.

4 ) With a photo kit an iPad does have USB. (Remember the poor argument when beginning to argument that this is pricey)

5 ) For the purpose of what you need an iPad for, you have absolutely no use for higher resolutions. Also, it scales down websites wonderfully.

6 ) If you want a bigger screen the device will be bigger and the smart size of the iPad starts to disappear.

7 ) You can get on-the-go charging kits for the iPad. (Don’t even think about it, poor guy)

8 ) Personally I have never, ever used the webcam for anything but fun and it is not something I would need in the device I use for movies and reading books.

9 ) You can buy a keyboard. The iPad is nice and compact without it with a wonderfully working on screen keyboard. (Again… )

10 ) The photo kit mentioned above you can use the USB interface from your camera or read the most commonly used card, SD. (…)

11 ) iPads have the potential of flash, taking over the world, doing your mom AND making coffee all at the same time.

12 ) The screen on a netbook is usually made from plastic that extremely easy gets scratched and ugly when exposed or just even touched. The iPad is covered with glass and made for touching. The glass on an iPad is very hard to scratch.

13 ) On a device the type of an iPad you do not need a faster processor.

14 ) On a device like an iPad you don’t need more than 64 GB space. Also, where did the “you can buy this and that but it’s too expensive” argument go here?

15 ) True story. A new version of the iPad with better specs will come when times require it. (No! you’re too poor! Remember that even Microsoft stated in their own advertisment that macs are for cool people)

16 ) On a device like the iPad you don’t need a full blown OS. In fact that’s one of the major FEATURES of it, not having the full OS. iOS is great for touch.

17 ) With an iPad you can get the apps you need through iTunes.

18 ) Square-ish? That argument is lame. I won’t even comment further on it. The iPad can rotate, period.

19 ) Wireless-N is indeed fast enough for HD video. The iPad is not a replacement for a computer, it’s an additional device.

20 ) Aaand.. the iPad can’t?  My iPad plays 720p HD without any problems.  You would NEVER need 1080p on such a small screen! Not even if it was 13 inches.

21 ) The battery argument again? It was in 7.

22 ) But! None of them even comes close to how beautiful the iPad is.

23 ) … Who wants to do that?

24 ) Again.. enough about the money! Apple stuff is for cool people who knows that good things cost good money – and those who can afford to be awesome. Don’t make money an issue, cheap ass.

25 ) Again the money issue. The connector, get it!

26 ) More advanced? It’s just flat and boring as hell. It’s very entertaining playing games on the iPad because you interact with it. You can even play scrabble and use it as your board and have your letters on the iPhone.

27 ) The iPad has built in 3G and you can readch your Plex/Nine at home with it to watch TV and stuff. You won’t need legacy ports on a iPad kind of device.

28 ) You certainly can on the iPad too. I just bought a data card from another carrier and put it in, BAM, internet on the iPad. This argument is directly wrong.

29 ) Get Apple Care.

30 ) You can do that from iPad too.

31 ) Yes you can, through apps.

32 ) Argument based on basically thin air.

33 ) What are you a hundred?  Rent it online with iTunes.

34 ) As can you for iPad.Navigon, TomTom, CoPilot. iPad runs all iPhone apps.

35 ) The iPad gives you access to internet within 1 second. Also the iPad is an EMBEDDED DEVICE, not a computer.

36 ) Get a netbook for your child, I don’t have kids, I don’t give a crap about kid friendly.Besides, with the awesome games and the fun way to interact with them the kids will be entertained for hours with the iPad.

37 ) Again, go online and stream from Plex (and eyeTV). (But mommy, data is expensive, I’m poor.. waaaaaaah.. )

38 ) Say hi to Opera

39 ) True. Java is slow anyway so why use it? Like flash it consumes a lot of system resources.

40 ) iOS 4.2 in  november. it’s okay to use upcoming and “possible” and “potential” in these arguments, as used earlier with the netbooks.

41 ) If you don’t have a computer already, an iPad is not a device you would use. It’s not a god damn replacement, it an addition.

42 ) Use files and streaming instead of physical optical media.

Test setup: XEN based VPS. 256 slice from Slicehost running Debian Lenny 64-bit

Let’s get started!

The first thin you want to do is install OpenVPN:

apt-get update && apt-get install -y openvpn

If everything above goes as it should, OpenVPN is now installed and we will continue to configuring it.

The following 4 commands will go to the configuration directory, copy easy-rsa (which we will use), copy a sample of the configuration file and unpack the sample.

cd /etc/openvpn
cp /usr/share/doc/openvpn/examples/easy-rsa/2.0/* .
cp /usr/share/doc/openvpn/examples/sample-config-files/server.conf.gz .
gunzip server.conf.gz

Now that these files are in place it’s time to start creating keys and configuration. For this we will use the easy-rsa package supplied by OpenVPN. This package makes the creation and signing of keys much easier.

Next thing we are going to do is set the variables for easy-rsa to use. These must be set every time you want to use easy-rsa if you have been logged out!

. ./vars
source ./vars

Make sure that our directory for keys exists, has the correct settings and such. Note! If  you have any keys at this point, they will be removed!

./clean-all

Set up your Certificate Authority

./build-ca

We need a certificate and a key for the server itself, let’s build those. The second argument is the name of the server. If you choose to change this from server (there’s not really a reason to do so), then remember to change this as well in the config changes we make later on.

During the build-key-server process you will be asked for various information, you can choose to change this if you want, but for the setup to work it is not necessary. Just make sure that Common Name is server

./build-key-server server

We need to build the Diffie-Hellman parameters.

./build-dh

We are basically done with building the server now, but at this point no users will be able to log on and use the VPN. We use the build-key command (remember that vars MUST be set for this to work, if you want to create users at a later time). I will create a user called “fbh” for myself.

Again, I will be asked for some information and again I can choose whether to enter this or not.

./build-key fbh

Next thing we need to do is edit the server configuration file to know where these keys are located, use your favorite editor and open the server.conf file and find the part that holds paths to keys. Change it as following. (Note! If you change the servername from “server” above, this is where you need to change the keyname)

ca /etc/openvpn/keys/ca.crt
cert /etc/openvpn/keys/server.crt
key /etc/openvpn/keys/server.key

# And a little further down

dh /etc/openvpn/keys/dh1024.pem

For now, leave all other parameters  at the default.

You are now done with a basic OpenVPN server. If the LAN you are connected to uses the range 10.8.0.0/24 currently, you should edit the server.conf file and find the line that says “server 10.8.0.0 255.255.255.0″ and change it to something else, otherwise you will encounter a conflict!

Tunnel internet access through the VPN as well

With the above setup you will be connected via VPN to the network of the VPN server, however you will not be browsing the internet through the VPN server. As you might think, this configuration is not done in the client. You will need some changes to the OpenVPN server for this to work, as the server pushes configuration to the client.

Again, edit /etc/openvpn/server.conf and add the following line to it:

push “redirect-gateway def1″

Now it will set the client’s default gateway to go through the OpenVPN server upon connect – however, it will not work yet and there are multiple things to this.

At first, you might currently be using your ISP’s DNS servers, and they will probably not allow you to do recursive lookups when not connected through their network. So you need to push a set of open DNS server as well, or set up your own on the server (this tutorial does not cover that). In this tutorial we will use Level 3 Communications DNS, as they have a set of free, public DNS servers that responds quickly. Add these lines to your configuration:

push “dhcp-option DNS 4.2.2.1″
push “dhcp-option DNS 4.2.2.2″
push “dhcp-option DNS 4.2.2.3″

We’re getting closer now, but it might STILL not work. Also, you must have NAT between eth0 and tun0 enabled in iptables. You will need to know the name of your public interface to do this. In most cases it’s eth0. To enable it run these commands:

/sbin/iptables -t nat -A POSTROUTING -o eth0 -j MASQUERADE
/sbin/iptables -A FORWARD -i eth0 -o tun0 -m state –state RELATED,ESTABLISHED -j ACCEPT
/sbin/iptables -A FORWARD -i tun0 -o eth0 -j ACCEPT

If you want these to be run whenever the server reboots, to make sure this works, add the 3 lines to /etc/rc.local before the “exit 0″ line. This script is being run every time a multiuser level is started up on the server.

Almost there! The last thin you need is to enable forwarding, do this with:

echo 1 > /proc/sys/net/ipv4/ip_forward

And done! Restart OpenVPN and make sure that it starts up

/etc/init.d/openvpn restart

Your VPN server is now able to tunnel connections and you are able to connect to the internet through it.

When I have the time, I will be publishing a tutorial on setting up clients as well.

Men er du egentlig klar over hvad det koster for en virksomhed at lave en regning? Undrer du dig over at du måske skal betale 15-20 kroner for at få tilsendt din telefonregning med posten? Jeg er nødt til at lave et sidespring fra hovedemnet her, for det er egentlig endnu en spændende ting. Jeg laver lige et kort regnestykke for hvad det koster at lave en regning.

Brevpapir med logo mv. – ca. 30 øre pr. stk.
Udskrift af regning, slid på printerudstyr ca. 50 øre pr. stk.
I alt pr. ark – 80 øre

Konvolut med logo og afsender ca. 1.25 kr. pr. stk.
Porto – 5,50 kr – max 50 gram.

En typisk telefonregning eller lignedne er der ca. 3 ark. Så udgiften for virksomheden der sender regningen er:
3 x 0,80 = 2,4 kr
Konvolut og Porto = 6,75
Total 9,15 kr (og den pris gælder kun til Januar 2011, så stiger portoen til 8 kroner for et normalt brev. Så bliver totalprisen 11,65 kr)

Oven i den udgift kommer naturligvis administrationen af IT systemet til at lave skidtet, løn til de mennesker der skal lave trykket og så videre. Når alt kommer til alt, så vil jeg tro at en prissætning på 18 kroner for at få en regning på papir er lavt sat.

Nå, men tilbage til emnet!

Fordi det er så dyrt at sende mine regninger med posten, så ryger de nu i en e-mail i stedet. Jeg trykker på en knap i mit regnskabssystem og vupti så er der sendt en e-mail med en regning, nemt og bekvemt – i modsætning til at bruge tid og energi på det andet. Da man er en mindre virksomhed så skal man i øvrigt også afsted og finde en postkasse at putte sit brev i.

Fordele ved at sende det med Post Danmark:
- Det virker professionelt (Et fungerende IT system er mindst lige så professionelt som en printer)
- Det ser pænt ud

Ulemper ved at sende med Post Danmark:
- Det koster penge
- Det tager tid
- Post Danmark er gode til at smide breve væk
- Hos kunden bliver et stykke papir lettere væk
- Man kan ikke copy/paste kontonumre og beløb ind i sin netbank
- Det koster penge (Ja, igen, for det koster mange penge)

Altå, min konklusion er at det er ALT for dyrt og besværligt at sende et brev. Der er også en artikel i Information hvor der snakkes om hvad uddeling af post betyder for miljøet - og det er da meget godt, men den kære repræsentant fra Post Danmark glemmer også ting. Artiklen glemmer fakta.

Han skriver: “Og det er formentlig en overraskelse for mange, at den største belastning opstår, når brevet skrives på computer.” – men HVAD er udledningen i forhold til at skrive skidtet i hånden? Der er ingen konkrete tal. Når han er så præcis, har han så også regnet på CO2 udledningen ved fremstilling af det skriveredskab man skal bruge til at skrive med?

Han glemmer også at de fleste tager BILEN når de skal i postkassen – og der udleder vi blot ved at køre 200 meter tilsyneladende samme mængde CO2 som Post Danmark bruger på resten af forløbet. Derudover, så har postbudet på den vej jeg bor ikke en cykel med en EU scooter, er dens udledning medregnet?

Importopkrævninger

Til at starte med vil jeg vise dig en importopkrævning jeg har fået fra Post Danmark, kig godt på beløbene før du læser videre:

Jeg har bestilt en DVD med en dokumentarfilm på, den kostede $30 og momsen af varen er derfor 45 kroner. Det er OK. Men se deres gebyr!

Gebyret for at betale 45 kroner er intet mindre end 160 kroner! Post Danmark forstår VIRKELIG hvordan man tjener penge, når ens primære forretning er noget skrammel som ingen gider bruge. Det her er grunden til at monopol er noget fanden har skabt. Den DVD jeg har bestilt som til at starte med kostede 180 kroner kommer altså nu til at koste 385 kroner! Det er en helt fuldstændig åndssvag mængde penge for en DVD.

Egentlig var det en DVD jeg meget gerne ville se, men jeg synes at et gebyr på 160 kroner er fuldstændig urimeligt, så jeg har valgt at betragte de ca. 200 for DVD og forsendelse som tabte penge. Penge jeg hellere vil tabe end jeg vil give de 160 kroner til Post Danmark.

Nå, men det her blogindlæg handler egentlig om, at jeg synes folk er ufatteligt negative. Det er ikke hver dag, men hver ENESTE dag, der er en eller anden som skal beskrive at en eller anden har været et svin fordi bla bla. At alt bare er træls og det hele er imod én.

I min verden, så er livet præcist så godt (eller skidt) som vi gør det til. Hvis man stiller glasset ude på kanten af bordet, så falder det ned på et eller andet tidspunkt. Der er rigtig mange mennesker der hele tiden stiller glasset på kanten af bordet.

Hvis man gang på gang bliver røvrendt af de mennesker man omgås, så bør man måske overveje om det er de rigtige typer af mennesker man omgås, fremfor at finde flere fjolser og så gang på gang blive skuffet og ked af det over dem?

Tit ser man folk, der om morgenen skriver “alt er planlagt, det er bare perfekt! det bliver en fantastisk dag” – med det, så har de folk sat deres forventninger efter at alt er perfekt og der skal således ikke ret meget til før end, at man om aftenen kan læse “det har været en lortedag! Alt gik galt, det begyndte at regne! Alt mit nye tøj er vådt og beskidt. pis .Hvorfor er der bare ALDRIG noget der lykkedes for mig?” – jeg er af den overbevisning at i langt de fleste tilfælde, så er det fordi man vælger at det skal gå en imod. I stedet for at blive muggen over, at det regner, så burde man måske købe en paraply og nyde det selskab man er i alligevel?

Altså.. afstem sine forventninger og skru drastisk ned for dem. Håb på det bedste, men lad være med at blive skide sur, hvis det hele ikke kører efter din bog. Nyd tingene som de er. Er der noget der går dig skævt, så se at kom videre i stedet for at sidde fast. Lad være med at bære nag, lad være med at være pissesur over ting der ikke rager dig eller ting som du alligevel UMULIGT kan ændre. “Fuck jeg hader det fucking lortevejr og det her lorteland fordi vejret stinker så meget. Fuck jeg hader at Brugsen er begyndt at lukke kl. 17 i stedet for 18, fuck dem de fucking røvhuller! Nu nåede jeg ikke at handle.” Det er ting som du ingen jordisk chance har, for at gøre noget ved – så hvorfor lade dig irritere og blive sur af det? Køb en pizza og så husk, at fremover er det inden kl. 17 du handler.

Prøv at husk på nogle af de små ting, som er helt fantastiske. Når det regner, så gå ud på en græsmark, luk øjnene og mærk hvor dejlig luften omkring dig er lige nu – ikke i går og ikke i morgen.  Når græsset lige er blevet klippet, så stop op et øjeblik og nyd den dejlige duft af nyklippet græs, eller når du alligevel kører forbi en rapsmark, så stå ud og se det smukke syn.

Prøv også at gøre en god gerning for nogle andre mennesker, som er 100% uopfordret og så mærk efter hvor en dejlig følelse det er at have gjort noget godt for nogen andre, som ingen forventinger havde til dig. Du vil blive overrasket.

Jeg har også fundet et klip af Nick Vujicic, et menneske der i høj grad er livsbekræftende. Det er der mange der kunne lære noget af.

Jeg er af den helt klare overbevisning, at vi skaber vores egen lykke. Det er NU vi har livet og det er NU vi skal nyde det og få det absolut bedste ud af det. Der er ingen himmel hvis du opfører dig pænt – og der er heller ikke et helvede hvis du bare fyrer den af. Hvis det skal koste mig 10-12 år i den anden ende, at have levet mit liv til fulde, så skide værre med det! Hellere 60-70 indholdsrige og fantastiske år end 80-90 røvsyge år, hvor det hele er gået op i at tage hensyn og forbehold.

Livet er fantastisk!

Jeg møder mange ting rundt omkring, som jeg synes er super fede – men jeg møder også ting, som jeg virkelig synes er til grin. Der er dog én ting, som jeg synes går igen og igen. Udbyderne mangler SSL kryptering på deres kontrolpaneler og deres webmail.

Nogle vil kalde mig sikkerhedsparanoid, men det kan jeg ikke tage mig af. Hvis man først er i gang med at sniffe trafik, så er en af de letteste ting i verden at sniffe trafik der sendes i clear text.

Først, hvis du ikke helt er klar over, hvad jeg ævler om, så se min screencast der omhandler emnet:

Hvis du ikke allerede vidste det, så ved du en lille smule mere om sikkerhed nu. Så langt så godt.

Problemet i det hele er at mange hostingvirksomheder ikke sørger for at SSL kryptere forbindelsen til f.eks. deres kontrolpanel eller deres webmail.

Set med mine øjne, så er dette meget kritisk da man jonglerer rundt med folks private data. Nogle vil så argumentere med at SMTP jo alligevel ikke er krypteret, eller at de fleste kunder alligevel uploader data via en ukrypteret FTP forbindelse.

Det er bare ikke et holdbart argument, for der er ingen grund til at gøre tingene værre end de er. Dernæst, så er risikoen for at data opsnappes på en webmail væsentligt større end den er på f.eks. FTP.  Mange mennesker kigger på deres Webmail alle mulige steder men de logger ikke på FTP og uploader ting og sager fra f.eks. en hurtig netcafe i luftnavnen.

Jeg har kigget på lidt forskellige hostingselskaber, og vil derfor her komme med en kort forklaring på hver af dem, om de benytter SSL eller ej. Bemærk! At dette kendetegner hvordan tingene ser ud d. 22/03-2010.

Inforce A/S: Hos Inforce A/S eller Webhotel.net er der ingen kryptering på kontrolpanel og webmail. Deres OWA er der kryptering på.

UnoEuro.com: Hos UnoEuro er der SSL på kontrolpanelet, men som standard på Webmail er der ingen kryptering. Man kan vælge “sikker forbindelse” – men så bruges et self-signed certifikat. Læs lidt om forskellen på self-signed og signed.

Web10: Web10 har ingen SSL kryptering på hverken webmail eller kontrolpanel.

One.com, SurfTown.dk og Gigahost.dk benytter alle 3 SSL kryptering på både webmail og kontrolpanel.