Wednesday, 26 July 2017

Goodbye, YouTube Video Editor...?

It's rare that Google do something anti-awesome.

Sometime late last year, I discovered YouTube has a basic (but well-featured) video editor built into YouTube - which has been there for a decade... They've recently decided to discontinue it, as of the 20th of September 2017 - which is the anti-awesome part. I'm sad, because I'd mentally flagged it as a "killer feature" to introduce to teachers as we start to go beyond the very basic use of GSuite for Education features.

The real killer of this change is that it was one of the few ways K-12 schools could leverage across several platforms - notably Chromebooks - to edit video for free.

Indeed, it seems to be one of the only options to edit video on Chromebooks, so schools that have gone heavily in for Chromebooks will be particularly sad. Later generation models that support Android apps may have a few options, but the limited storage onboard Chromebooks will make it hard for budding videographers!

Google Connect has a thread calling for the retention of the feature. You may want to upvote it!

Google cites poor uptake, but this is probably primarily because it's an obscure feature, and many people quickly graduate onto "better" software (or don't edit at all). Of course, schools with small budgets, and especially those with Chromebook programmes, will really suffer from this change, as video is a popular medium to enrich teaching, learning and project work. Perhaps being Flash-based is the final "death knell", but it's a shame they don't consider HTML5 or some similar framework - which would also open it up to iPads.

Please Google/YouTube, reconsider!

Friday, 30 June 2017

Distributed Monitoring Projects - RIPE ATLAS & FlightAware FlightFeeder

I'm currently hosting nodes for two distributed monitoring networks - one for several years now (since perhaps 2010 or so), and the other one as of yesterday.

Distributed monitoring networks put small, low power, low bandwidth devices into your network to get a better view of various things of global scope.

The two I'm currently involved in are RIPE Atlas Probes and FlightAware's FlightFeeder.

Friday, 9 June 2017

Secure DNS Recursion with DNSSEC

As you're no doubt aware, the Internet basically runs on two things: TCP/IP and DNS.

Given that you usually hit DNS before you get anywhere near TCP/IP, it seems like a good idea that you can actually trust DNS records. Also, many of our security features require DNS - think about things like SPF and DMARC, and emerging protocol DANE.

It turns out, as with most Internet security, that this was an afterthought.

Read on to see how you can secure your DNS resolvers against DNS cracks...

Wednesday, 7 June 2017

Outgoing Email Security in 2017: SPF, DKIM and DMARC

In the IT trade, you are regularly exposed to the misery of others that are somewhat less tech-savvy.

Of late, I've been exposed to far too many people falling prey to 3rd party compromised accounts and spoofed email attacks - with quite significant financial losses. It has also happened to other schools. It's something sysadmins can help with, so let's do that!

As you no doubt know, the Internet is not secure by design - and that includes Email. Read on for how you can take some steps to help secure your school's outgoing email communications...

Thursday, 2 February 2017

When Microsoft DNS Broke YouTube...

School IT departments have an interesting life.

The Internet is simultaneously incredibly useful for education, but also carries significant risk - and it is often a regulatory or other legal requirement to filter content for minors (or just something you know parents want done, or you believe is ethically desirable in less "controlling" regions of the world).

Google (having deprecated header-based mechanisms, which didn't even work properly) offer a number of very useful DNS-based mechanisms for enforcing control of questionable content for your users, both on YouTube and for Google search.

Of course, this requires some DNS hacks.

And when Microsoft changes the way their DNS hacks work, things break...

Thursday, 15 September 2016

When your firewall dies, and you need something, FAST.

For a number of years, I've been mentioning to colleagues, managers, interested members of staff and random strangers in the supermarket (well maybe not the last one) that I don't like single points of failure in enterprise ICT infrastructure.

I occasionally picture my network layout in my head, and think about the single points of failure with dread.
"One of these days, that single fancy firewall is going to die. And we're not going to be happy about it". 
Said firewall "died" last week...

Caching servers are a great idea with new IOS releases...

Would you like to save hundreds of gigabytes of Internet traffic?

That's some serious caching...
With the recent release of IOS 10, it's clear our users have been chomping through a fair few megabytes of data... Hopefully, we don't see too many people visiting us with "early adopter flu" in the next few days...