Re-purpose An Old Google Search Appliance

I managed to get my hands on a pair of old Google Search Appliance (GB-7007) boxes. I wanted to see if I could re-purpose them for some other task other than a search engine.  Under that bright yellow “Google” hood, it’s a Dell motherboard, with over 40GB memory and 2 Quad-cores CPU’s.  Since it’s a standard PC, it’s a matter of finding the right BIOS.

This is where the service tag comes in handy.  Using Dell Product Support page, I was able to identify the box’s Dell server product.  In my case, it’s the PowerEdge R710.  I found the BIOS update through the PowerEdge R710 support page and downloaded it to a bootable USB drive.

Before proceeding with the BIOS update, I read Dave Hope‘s post on getting his GSA reconfigured.  He suggested to remove the jumper labelled PWRD_EN, which disabled the password to get into the BIOS.  After changing the boot order, I used the USB drive and went through the update.  As Dave also noted, the executable may complain it can not erase the Google Search Appliance BIOS, but can be forced to do an update anyway using the switch “/forcetype”.

Now it’s just a matter of running diagnostics and finally boot a CentOS or Ubuntu DVDs to re-install a new Linux OS.

Heartbleed: A Scrambled Egg with Lots of Ham

CVE-2014-0160The sensational headline news this week was “Heartbleed” security flaw, which was covered by most mainstream and tech sites.  It was an old bug that was accidentally introduced, and just discovered recently1. The report got IT professionals scrambling to fix their systems.

At first glance, the bug is benign enough, with chances of hacking the passwords or SSL keys rather slim. However, like any other hacking issues, if someone is determined (and clever) enough to exploit this bug, they may just get a bunch of useful data. Whether or not they can use the hacked data to steal client information, or use it for a phishing site, it’s unclear. Just the thought of the potential leak scares the daylights out of everyone! It’s also proof that the marketing behind this bug was very effective.

Regardless, the actions need to be taken are as follows:

  1. Check with Qualys SSL Analyzer to determine if your site is vulnerable.
  2. If vulnerable, upgrade OpenSSL to version 1.0.1g, or alternatively recompile OpenSSL without the “heartbeat” option (-DOPENSSL_NO_HEARTBEATS).
  3. Recompile or restart the web server to reload the latest OpenSSL libraries.
  4. Test the site(s) with the Qualys SSL Analyzer again.  Also check if site is functional.
  5. With the new OpenSSL, generate a new SSL key, and re-key a new certificate.  Install the new key/certificate in the web server(s).
  6. Urge the users to change their passwords – which they occasionally have to do, anyway.  This step is tricky considering the PR scare that it’s going to generate when admitting the site is vulnerable.  However, the notification is the responsible thing to do.

When the dust settles, we can look back and use this as an important reminder how fragile the Internet is.  Customers are expected to be cautious of their data being transmitted over the Internet, no matter how secure a company claim they’re being kept.

  1. Introduced in 2011 and found out in February 2014 []

Still Unknown PC’s Future

Can the PC Business Survive?The business of selling Windows based laptops and desktops are at a critical point. The industry is still suffering from profit loss, notably with the most recently high profile exit of the PC business by Sony. Previously, many experts believed the PC business could have been saved by Windows 81. Unfortunately, the result was (and still is) much less than anticipated.

Is there still a future in the PC business? Most insiders will say they’re cautiously optimistic. After several years of lost revenues due to falling prices and lack of consumer demand, the industry is beginning to cut its losses. Several promised innovations, such as integrating the computer with TV, did not pan out. The PC itself sees no significant improvement in the technology, other than the usual CPU and OS upgrades. Laptops are starting to become more like a tablet, such as a “convertible tablet“, but the cost and usability are questionable when compared to the sleek and highly marketable Apple iPad.

A glimmer of hope is in the cloud services. With the rising demand of highly portable and cheaper devices, such as tablets and Chromebooks, the direction is to provide products on the lower end of the PC units.  But, there is a big dependency on the ubiquity of wireless infrastructure, such as Wi-Fi or 4G/LTE. Then there are the security concerns over possible data leaks and hijacking. The balancing act is still being performed.

The PC industry’s downward spiral may also be contributed to the dependance of corporate and government mass purchases. In the past, they were always reliable sources of revenue, much more than consumers. However, in this tough economy, with rising cost on both private and public sectors, those revenue streams have dried up. No one expects high volume sales to increase the bottom line, any more.

So where’s the industry going? Like any good business, it has to stay on course: Continue to innovate and cut cost.  It needs to weather storm. The free market will sort itself out and consumers will pick the best from the lot. Perhaps to be in the last few to remain standing will be the winner in this highly competitive business.

  1. Even the release of Windows 8.1 failed to change people’s perceptions []

BYOD: Why It Should Be The New Normal

Smartphone UseThere’s been a lot of talk lately about Bringing Your Own Device (BYOD) to work. It’s not a new concept. People love their smartphones, tablets, or laptops. They prefer using a particular brand for personal and work. They bring it to work because it’s convenient to carry just one device, and they can be productive with their own.

Traditionally, companies provide their own “certified” devices to retrieve secured Enterprise data. However, it’s difficult to stop employees from transmitting those data somewhere else, either via E-mail, USB drives, or Cloud Storage, potentially enabling others to see them. A strong privacy policy may be enough deterrent – at least in the beginning. As time goes by, employees will get complacent and too comfortable in taking their data everywhere, not realizing the confidential data may be leaked.

As an IT leader, one can imagine the complexity of supporting multiple devices and worries about zero control over securing protected data. Case in point, the biggest early adopter of BYOD was IBM. They learned valuable (and painful) lessons from it. Employees were not aware of insecure apps, not using secure channels to transmit data, and losing their unprotected/unencrypted devices. These security breaches could potentially cost them, or anyone else for that matter, millions of dollars to repair.

So, why is there growing trend to adopt BYOD? In this tough economic condition, company expenses have to be cut aggressively. The most obvious is to stop allocating budget for productivity machines. Having the cost shifted to the employees, it eliminates the need for company’s machines to be stocked, upgraded, and re-stocked.

Employees have also voiced their concern about the lack of productivity using company issued devices, such as a Blackberry, instead of their favorite iPhone or Android phones. It doesn’t make any sense to have a dedicated, company issued, device just to receive e-mails or phone calls for work, and another for personal use. It certainly becomes challenging to carry two devices, especially when an iPhone, for example, is more than enough to handle all of those tasks and be just as productive.

IT leaders are starting to embrace this BYOD trend because solutions are starting to appear, as the concept become widely accepted. Android and iPhone devices are now equipped with additional security to deter data theft or loss. Both Google and Apple are serious about Enterprise adoption and have updated their OS to be more secure. Now, it’s up to the IT leaders to trickle down the information to users on how to secure their devices, according to the companies’ need.  Instead of preventing employees to bring their own devices, educate them on how to secure the content of their own devices. As Ronald Reagan would say: “Trust, but verify.” There is a level of trust on both sides, but both must remain vigilant.

It is time to stop believing the myths of bringing-your-own-device to work. BYOD is happening, whether or not IT is ready. It is the “new normal”.

Quality Visual Presentation

Ever sat in a meeting with slides and slides of presentation that showed nothing but densely packed text and confusing charts?  Most people have. It’s no wonder many don’t look forward to going into meetings when their first expectation is a poor presentation.

However, there was one man who could present and held the audience captivated.  He was Steve Jobs. During his keynote speeches, he managed to get the audience hanging on to his every word and anticipating that “one more thing” that would leave everyone in awe.  It helped that he had great products to present, but in addition, he used visuals as one of the most important tool of his presentation.  He used minimal words (and numbers) written using a giant font. He used graphical icons to represent the current topic. He used animation for impact. Very concise and to the point.

So why doesn’t everyone follow Steve’s presentation methods?  Perhaps it’s because of the old thinking: “More is good”. The more stuff written down, the more credible and complete it gets. Unfortunately, these days, people are busy and have a short attention span. They don’t want to be held up in a long winded presentation.

The best ways to present effective visuals:

  • Be simple
  • Use graphics, icons, and symbols to reinforce or communicate a concept
  • Use key words, not full sentences
  • Contain only one concept per slide or page
  • Contain only three to six ideas on each flip chart sheet
  • Use color where possible, but not excessively

Steve Jobs was known to obsess over design.  He was also obsessed with simplicity.  It showed in his quality presentations. One can learn a great deal from his obsessions. It would make sitting in presentations a much more pleasant experience.

Will Windows 8 Save the PC Business?

Windows_8_screenshotPredictions are in already: Windows 8 will be irrelevant. The clues seem to support the suspicion – the masses are already happy with Windows 7. Enterprise already made a substantial investment upgrading to Windows 7. Another migration in 2012 is just too soon.

But putting all that aside, the PC manufacturers need to support Windows 8 because it’s the platform that will finally bring integration of desktop PCs with Tablets1 – especially in an Enterprise environment.  There’s also a good list of new features that will ensure some to upgrade.  Plus, there are millions of new PCs and Laptops to sell, every year.

Windows 8 is still relevant and it will save the PC business.

  1. As demonstrated in Microsoft’s Build Conference 2011 []

The PC is Evolving

Toshiba Portege Z830 Ultrathin Laptop

Toshiba Portege Z830 Ultrathin Laptop

Taking the headline from Time Business article, the PC industry is certainly in a different place now.  The PC, aka Microsoft based laptops and desktops, have always been the corporate standard for productivity machines. On the Enterprise level, corporate users demand Microsoft products (ie. Powerpoint) suites, VPN to access internal servers behind the firewall, Remote Desktop for Windows servers, and in some cases, multiple monitors for multitasking needs.

However, there’s been grumbling about the tablets taking over Enterprise issued PCs and Laptops – mainly due to juggernaut Apple’s iPad.  In response, there are now many more tablet offerings from RIM, Toshiba, ACER, or ASUS.  But such ventures do not always end up well. HP pulled the Touchpad after 6 weeks of production!1 That’s just the start – who knows who else will quit the quest to quell the iPad.

There’s a glimmer of hope to revitalize the PC business: the Ultra-thin laptops are coming.  Recently, Toshiba has just announced a good looking one called the Z830 coming this November.  Lenovo has an offering. Even ACER is in the mix.

Just in time too.  There’s a need the lightest portable laptop that will not break one’s back. It helps that it looks as cool as the Macbook Air.

One problem though: price.  It’s understandable why Apple charges way too much for the Macbooks – they’ve historically done this since the Apple II days2. But the PC should not cost as much. To be more competitive, there’s an expectation the PC Ultrathin laptops to be (much) cheaper than the Macbook Air, if they want to sell more of it. Kind of like the HP Touchpad fire sale.

So here’s hoping the evolution of the PC is towards something more useful, powerful, affordable, and highly portable.  There’s still life in the PC world.

  1. Like the old saying from Chrysler’s Lee Iacocca: “Lead, follow, or GET OUT OF THE WAY!”  It’s easier to follow the leader. In HP’s case, they sure did got out of the way. []
  2. 1980’s []

Finding Team Success

Every companies have different departments.1 Every departments have different goals and operating procedures. But to a customer, they don’t see these different departments – they only see one company.  So, it’s very important everyone in the company work as a team.  Finding the key for team work success can be summarized in the following steps:

  1. Prepare to succeed.
  2. State your positive intent.
  3. Describe the issue fairly.
  4. Facilitate the discussion.
  5. Gain agreement on next steps.

It comes down to persistence and positive thinking.  Refrain from blaming each other. Do understand what others are going through. Focus on helping the customer.

Most of all, follow through on the agreed next steps.  Nothing is more rewarding than a happy (and returning) customer!

  1. Some companies aptly call departments as “divisions”. []

Listing Memory Usage by Process

Solaris OS LogoA question asked to me often, “Which processes are using up too much memory?”  I generally use top to figure them out manually.  But there’s a better way to do it, using Solaris pmap command.  I can get a good estimate on the memory usage.  Brandon Hutchinson has a shell script that provides a nice output.  I modified it a little bit to include a column for process owner.

#!/bin/sh
/usr/bin/printf "%-6s %-9s %-13s %s\n" "PID" "Total" "User" "Command"
/usr/bin/printf "%-6s %-9s %-13s %s\n" "---" "-----" "----" "-------"
for PID in `/usr/bin/ps -ef  | /usr/bin/awk '$2 ~ /[0-9]+/ { print $2 }'`
do
   USER=`/usr/bin/ps -o user -p $PID | /usr/bin/tail -1`
   CMD=`/usr/bin/ps -o comm -p $PID | /usr/bin/tail -1`
   # Avoid "pmap: cannot examine 0: system process"-type errors
   # by redirecting STDERR to /dev/null
   TOTAL=`/usr/bin/pmap $PID 2>/dev/null | /usr/bin/tail -1 | \
   /usr/bin/awk '{ print $2 }'`
   [ -n "$TOTAL" ] && /usr/bin/printf "%-6s %-9s %-13s %s\n" "$PID" "$TOTAL" "$USER" "$CMD"
done | /usr/bin/sort -rn -k2

Note, this script needs to run as “root” for pmap to have permission to examine each process.

Output looks something like this:

PID    Total     User      Command
---    -----     ----      -------
694    25240K    root      /opt/RICHPse/bin/se.sparcv9.5.9
696    5208K     root      /usr/dt/bin/dtlogin
613    4992K     root      /opt/CA/BABcmagt/caagentd
326    4512K     smmsp      /usr/lib/sendmail
260    4440K     root      /usr/sbin/syslogd
269    2440K     root      /usr/sbin/cron
196    2360K     root      /usr/sbin/keyserv
193    2352K     root      /usr/sbin/rpcbind
103    2336K     root      /usr/lib/sysevent/syseventd
235    2224K     root      /usr/lib/nfs/lockd
206    2184K     root      /usr/lib/netsvc/yp/ypbind

What’s Next in IT Jobs?

The year is ending and it’s time to re-evaluate one’s career and direction in the next five years.  Doing the nuts and bolts of systems administration may not be as relevant anymore.  An article in Computer World UK noted:

So what should today’s IT employee do to protect his or her career? “Look for the skills the company is going to need five years from now, not now, and start building them,” advises Forrester’s Schadler. “These include vendor contract management, integration with the cloud, analytics, rich lightweight Internet workforce applications, mobile applications — these are all skills for the next decade,” he says.

IT executives are considering cloud computing. That’s where the game is at.  It’s going to be a slow shift, but it will surely happen.  Better be prepared than sorry.