Difference between revisions of "KWNPSA Meeting Notes"
BobJonkman (talk | contribs) (Add Past Item) |
BobJonkman (talk | contribs) (Add previous events) |
||
Line 3: | Line 3: | ||
__TOC__ | __TOC__ | ||
+ | |||
+ | {{:Dark Web, Hidden Services/Meeting Notes 2018-04-16}} | ||
+ | |||
+ | ----- | ||
+ | ----- | ||
+ | |||
+ | {{:File Formats/Meeting Notes 2018-03-12}} | ||
+ | |||
+ | ----- | ||
+ | ----- | ||
{{:Corporate Surveillance/Meeting Notes 2018-02-12}} | {{:Corporate Surveillance/Meeting Notes 2018-02-12}} |
Revision as of 23:40, 17 April 2018
- (KWNPSA Upcoming Events)
- (KWNPSA Past Events)
- (KWNPSA Meeting Notes on one page)
- (KWNPSA Requested Topics)
All the NPSA Meeting Notes on one page
Contents
- 1 Dark Web, Hidden Services
- 2 File Formats
- 3 Corporate Surveillance
- 4 Document Storage
- 5 Markup Languages and Note Taking
- 6 Project Management
- 7 Monetization
- 8 Dark Web, Hidden Services
- 9 File Formats
- 10 Corporate Surveillance
- 11 Document Storage
- 12 Markup Languages and Note Taking
- 13 Project Management
- 14 Monetization
- 15 Malware
- 16 Offsite Hosting
- 17 Blockchains
- 18 Branding
- 19 Estimating Time and Resources
- 20 Documenting Things
- 21 Regulatory Compliance
- 22 Smooth Succession
- 23 Financial Software
- 24 Collaborative Editing Tools
- 25 All About VoIP
- 26 Keeping Remote Sites Up To Date
- 27 Keeping Computers Up To Date
- 28 Introductions And Planning
- 29 Malware
- 30 Offsite Hosting
- 31 Blockchains
- 32 Branding
- 33 Social Media
- 34 Estimating Time and Resources
- 35 Documenting Things
- 36 Regulatory Compliance
- 37 Smooth Succession
- 38 Financial Software
- 39 Collaborative Editing Tools
- 40 All About VoIP
- 41 Keeping Remote Sites Up To Date
- 42 Keeping Computers Up To Date
- 43 Introductions And Planning
Dark Web, Hidden Services
- Date
- Monday, 16 April 2018 from 7:00pm to 9:00pm
- Meetup Event
- https://www.meetup.com/NetSquared-Kitchener-Waterloo/events/245564977/
- Location
- Upper Board Room in First United Church, 16 William Street West, Waterloo, Ontario Map
- Event Announcement
- Dark Web, Hidden Services/Announcement 2018-04-16
What is the Dark Web? Is it full of bad guys? What are Hidden Services? Aren't those illegal? Why would a Non-Profit organization want to use the Dark Web? Why should a Non-Profit organization make their online services available as Hidden Services? What software can we use to access the Dark Web and create Hidden Services?
We'll have a demonstration of Tor and I2P, and have a round-table discussion of the benefits and pitfalls of using them.
--Bob Jonkman & Marc Paré
Resources
Meeting Notes
- In attendance were 14 members out of 39 signed up for the meeting.
- Laurel video recorded session for Bob
- Most people at the meeting are also Meetup members
- The intent was to present both Tor as well as I2P, however, the Tor demonstration and background information took longer than expected. There will be a follow-up meeting covering I2P in August 2018.
Tor Browser - getting down and dirty with Tor - the basics
- Bob's Tor slideshow presentation is available on KWNPSA Public Documents site
- this presentation of the Tor browser is aimed to admins who would consider the use of Tor beneficial to their organization and members
- Tor still needs mode of authentification
- best practices -- use Tor as is from the official Tor website and keep it updated, Avoid any use of pre-modified Tor clients from any other sites.
- Tor is basically a hardened version of Firefox
- DO NOT USE BitTorrent (any client) inside of the Tor browser as the BitTorrent identifies IP addresses
- BitTorrent does not work well on Tor
- Q/ Can you use ghosting? A/ Not sure, but if tunnelling, will reveal your ghosting IP address but bittorent will still show data
- Tor tends to be slow and laggy
- The use of Tor may harm your reputation if you are found to use Tor with certain ISP's! Your IP may become exposed/found out if you make use of the wrong exit node. Some ISP's or sites may may try to ban you from any future connection, or, worse case scenario, In certain cases, there may be possibility of having your own ISP blacklisted by using Tor.
- Using Tor may raise suspicion by legit sites, where they may wonder why the use of Tor is needed to visit their site (What do you have to hide?)
- if you make use of some poorly chosen Tor exit nodes, they may be connected/linked to other nefarious sites.
- Tekksavvy is good at providing Tor exit nodes, most ISP's are not relatively warm to the idea of the use of Tor
- see slides re: Tor failure modes
- note that CAPTCHA is hardened and will reveal your identity
- The concept behind the Tor browser was initially conceived by the US defence project
Question (members) & Answer (Bob)
- Why make use of a good and legit exit node? -- Helps protect your identity and also helps harden Tor for its use in countries where rights abuse is pervasive.
- Is Tor easy to configure? -- Tor is easy to misconfigure.
- How active is Tor's development? -- Patches are constant and often.
- Tor breach? -- If in jurisdiction where Tor is monitored, some nefarious entry nodes could be made available through Tor traffic and may make that entry node vulnerable. German nodes (entry and exit) are popular.
- Is there encryption node-to-node? -- Tor is onion routed and encrypted multiple times ... see slide "How Tor Works: 2"
- The nodes (onion peels) are known only by certain devices, but not all in the nodal chains.
- How many node layers are there? -- You may configure Tor to use as many layers as you need but 3 layers are really all you need as more layers add to latency. With the arrival of Quantum decryption, it may become easier to decrypt the Tor nodal routes, but hopefully there will be an equivalent Quantum solution for an updated Tor browser.
- 80% of net is encrypted (https) -- However that is only for 1 layer; under Tor, layers are more numerous. Under https, we still see some list of certificate authorities that are unusual (Turkey, Tawain Telephone Service etc.), there are still some bogus certificates. The use of Tor makes it more difficult for bogus authorities to have any influence over your browsing.
- Do we know the number of compromised exit nodes? The number of compromised exit nodes are still unknown but research on such is being done, some research, for example, is being doen at UW.
- Can an exit node be a relay node? -- Yes. however it is not recommended to run an exit node, running a relay node is most likely safe enough.
- is it possible to set up your exit node but only for individuals that you wish to use that particular exit node? -- Not sure. Member suggests that you could possibly use a pre-configured Tor rc file. But you would have to carry the exit node detail on some physical device and be possibly stopped at borders. Bob usually recommends using off-the-shelf hardware bought in destination country to avoid being stopped at the border.
- Can blockchain technology be used for Tor? -- Not sure.
- How many Tor devs? -- Tor is developed by many, some at institutions such as universities.
- What is the adoption rate? -- Not really sure, however, making use of VPN's is popular, Tor could also be configured to do the same; therefore Tor is seeing much more takeup in some business models.
- Does it work on cellphones? -- ORBOT, but it is extremely slow compared to Tor
- Can we use it with VPN? -- Yes, a little more complexity is involved, but yes they do work well together.
- Are there frequent improvements and updates of the project? -- Yes, There are hopes that perhaps streaming will work well later, but browsing websites is still a little painful.
Tor installation
- Download from site is easy
- Do not change the default settings, even screen size may be tracked.
- to add a server, must add a few line to the Tor .rc file "torrc"
Round-table discussion
- What would you use this for?
- Use for human rights organizations, to communicate with members or view pertinent websites that are blocked in certain countries.
Back to: Dark Web, Hidden Services
File Formats
- Date
- Monday, 12 March 2018 from 7:00pm to 9:00pm
- Meetup Event
- https://www.meetup.com/NetSquared-Kitchener-Waterloo/events/244120869/
- Location
- Upper Board Room in First United Church, 16 William Street West, Waterloo, Ontario Map
What file formats do your documents, images, spreadsheets use? Can you exchange your files with people using Macs? Linux? VMS? Will your documents survive an upgrade of your application software? Can you switch to another word processor? Image editor? Spreadsheet app? Can you still read the files from backups created years ago with different software? Can you choose the file format your application uses?
In the month of Document Freedom Day we'll look at the importance of open, well-known file formats, and compare it to closed, proprietary formats that are so prevalent today.
--Marc Paré & Bob Jonkman
Resources
- Document Freedom Day
- http://www.documentfreedom.org/
- Document Freedom Day (DFD) is the international day to celebrate and raise awareness of Open Standards.
- Digital Freedom Foundation
- http://www.digitalfreedomfoundation.org/
- Digital Freedom Foundation is the non-profit organization behind different International Days including Software Freedom Day, Education Freedom Day, Hardware Freedom Day and Document Freedom Day
- The Document Foundation
- https://www.documentfoundation.org/
- The Document Foundation is proud to be the home of LibreOffice and The Document Liberation Project
Meeting Notes
What are Free/Open File formats?
- and what are closed or proprietary formats?
Survey of participants
- Free/open File Formats users: #
- Proprietary File Formats users: #
Round Table Discussion
Software and applications
Free/Open File Formats
- make list here
Closed or Proprietary Formats
- make another list here
Corporate Surveillance
- Date
- Monday, 12 February 2018 from 7:00pm to 9:00pm
- Meetup Event
- https://www.meetup.com/NetSquared-Kitchener-Waterloo/events/245128116
- Location
- First United Church, 16 William St West, Waterloo, ON Map
How do we keep our workplaces secure? Does your organization use cameras? Does it filter web content? Check for document exfiltration? Inspect e-mail? Monitor keystrokes? Is this sneaky, underhanded spying, or merely good business practice? What are the ethics of corporate surveillance for System Administrators?
Join Kitchener-Waterloo Non-Profit System Administrators at our monthly round table meeting for a technical, philosophical and moral discussion.
--Bob Jonkman & Marc Paré
Resources
Office Audit and Control Management Server | TechSoup Canada
Meeting Notes
Notes taken by Bob Jonkman
What is Corporate Surveillance
- Most corporate management is meant to ensure computers aren't altered, no viruses are introduced
- Bob has worked in a place that checks all outbound e-mail for keywords, looking for data exfiltration.
- Some exfiltration data is monitored for employees' protection, also video camera footage, so if theft occurs employees are not falsely accused
- Some places archive e-mail for several months
- Data retention required for legislative purposes, but can be used for forensics and surveillance
- Is employee monitoring legal? Yes, employees sign contracts allowing this to take place, and that all data belongs to the corporation
- Including "shower ideas", that are developed outside of company time
- Some places allow "reasonable use" of telephone, internet.
Ethics
- Do employees even know they're being monitored?
- There may be pop-up messages indicating that USB-drives are inserted, &c.
- Sometimes you see evidence of SysAdmins taking remote control
- But would you still want to work in a place like that?
- Very stressful to work in a place like that.
- Washroom breaks being logged!!
- Creepy for those being surveilled
- Maybe employees need a guaranteed that the data will not be retained, and is secure from data theft
- Need a union to protect the employees
- Even when it's obvious that data on the computer is being logged and monitored
- Is that common sense?
- Some SysAdmins do not want to do forensics against their co-workers
- Or even SysAdmins doing forensics against managers
- Refusal to perform surveillance against co-workers can result in dismissal
- Sometimes the stuff unearthed is disturbing (pornography? worse?)
- We can all make reasonable arguments in favour of surveillance
- But big companies have shown time and time again that they can't be trusted with the data
- And we can't opt out
- Data correlation can identify individuals in millions of records based on only three data points
- Definitely unethical to sell my data collected through browsing
- But it's OK if one company shows their products based on data they've collected previously
Internet Surveillance
Internet Surveillance Companies (ISC) provide services at no cost to the user, but their business model is based on selling those users' data
- Google is providing a service that predicts your "needs and wants" based on analysis of big data
- Selling it advertisers, insurance agencies, potential employers
- "Minority Report", "Thoughtcrime"
- Selling it advertisers, insurance agencies, potential employers
- The "free services" are monetized by the sale of personal data
- Most people don't know how much, how detailed it is
- You're constantly being given things you want to see, you want to hear
- But it's nothing that grates you, nothing that you don't want to see
- So your online experience is shaped in a pleasant way,
- For someone who wants something different, the experience is not in that model
- It's more insidious -- you're being tempted to have greater desires
Your desires are being shaped, not reflected by the collection of big data
-- Steve Izma
"5 things about TV" (get actual title from Steve Izma)
- Subliminal advertising, designed to hit your subconscious
- Outlawed on TV
- There is similarity between what anti-spam laws prohibit and what ISC are doing
- Reddit: Kids know that laws are weaker in US, consider Canada more favourable for keeping privacy
- As a SysAdmin, if you collect data on employees, what stops ISC from gathering that data?
- try to safeguard your employees, your company, your employers.
- Not just stealing stored data, but data from streaming services (search, video, forums)
- Google acts like an independent nation
- Needs legislation; corporations will kill people for profit if not prevented by law
- Internet Surveillance Companies give us what we want, but are they reshaping our values?
- Culture is important, will surveillance companies change your culture?
- People rooted in culture are more difficult to move
- We need legislation to preserve culture; we can trust our politicians to look out for us (???)
- (Side conversation on government subsidising Canadian culture)
- Good: Preserves our culture
- Bad: The good culture just moves offshore, only the mediocre Canadian stuff stays behind
- Some producers will create anything just to attract grant money
- Canadian funded productions are made to look like American productions; no cultural benefit to Canadians
- Canadians need to support Canadian businesses
- If Blackberry had been a US company, would they have been successful?
- Lots of loyalty -- Microsoft failed in the mobile market
- Nortel failed not because they were Canadian, but because they made poor choices
- 19yr old believes Canada has a better grip on surveillance legislation
- He gets a wider point of view, not just from one source
- Regulations?
- Canada has lots of regulations to keep data private
- In the US much data privacy data is pushed by FBI; Canada's equivalent is RCMP
- Is the funding and capability in Canada equivalent? (10% tax base of US)
- "Five Eyes", mutual spying on each other
- Bell has a proposal to throttle and turn off sites they find offensive
- Done through an "independent body"; keep our content we've paid for out of pirates' hands
- Who will monitor the Canadian web? The CRTC? Who enforces the regulations?
- Yet another attempt by Big Media to provide services in the old model
- Blackberry's encryption may be good, but they've still compromised themselves for large markets
Protection
- How can we protect ourselves?
- Don't use the main services like Google (use SearchX) or Twitter (use GNUsocial or Mastodon)
- Use proxy services like Tor and I2P (the Dark Web)
- Use VPN services (but how can you trust the VPN provider?)
- Trying to do black-box analysis of "protection" sites may be hazaradous
- As bad as our loss of privacy is, other countries have their entire access blocked (and surveilled)
- Corporate profits always take priority over ethics
- Not a sustainable model in many cases
- Staff is hired to find loopholes in contracts to maximize profits
- Corporations that go out of business are cannibalized to create new markets, improve
- Venture Capitalists will also undermine ethics
- Tim Wu, "The Master Switch", on how corporations shape the legislation that controls them, and how independent service providers get displaced by monopolies
- Privately held companies (and non-profits) can still uphold their ethics
Future topics
- Fallout from data breaches Equifax, Yahoo
- How do these companies work? "reputation management companies"
- Do these companies operate?
- You can get your own data from them, legally mandated
- There are Meta-access services that get info from all services
Back to: Corporate Surveillance
Document Storage
- Date
- Monday, 13 November 2017 from 7:00pm to 9:00pm
- Meetup Event
- https://www.meetup.com/NetSquared-Kitchener-Waterloo/events/243067519/
- Location
- Queen Street Commons Cafe, 43 Queen Street South, Kitchener, Ontario Map
- Event Announcement
- Document Storage/Announcement 2017-11-13
How do you store your documents? Where do you store them? What software creates your documents? What software stores it? What software retrieves it? What about document indexing and searching? How do you deal with non-textual documents? What document file format do you use? Is parchment and goose-quill still best?
This month there'll be a shooting match between the Well-Known Format SysAdmins and the OpenStandards SysAdmins. But it'll be a polite shooting match at our round table discussion, with SysAdmins relating their own practices, learning new ones, and telling tall tales.
--Bob Jonkman & Marc Paré
Resources
File Storage | TechSoup Canada
Future Venues
- Communitech has indicated we can no longer use the Jellybean Room on Mondays
- but the room is available on Wednesdays
- but it's only available until 8:00pm
- do we want to switch meeting days?
- Marc will check if there's any availability on Mondays
- but the cost will probably be higher ($15/hr now)
- but the room is available on Wednesdays
- We were contacted by Reg from One King North Map, a coworking space
- Reg indicated that "Also it's complimentary, so you don't have to pay for using our space to hold meetups"
- Marc followed up with Reg and has yet to hear back from him
- Apparently, Reg was unclear in his communication, probability of having access to this venue space does not look promising
- Other possible venues:
- Old school board building (Marc has contacts, will investigate)
- Downtown Community Centre Map
- but they require all KWNPSA attendees to purchase memberships at $15/year
- Paul Nijjar investigated for KWLUG; it was deemed unsuitable for a non-profit group
- Bob's notes indicate there are also meeting room fees, insurance costs, and participants under 18 years old are not allowed.
- Descendants Beer & Beverage Co. apparently has meeting facilities. Kirk will investigate. Map
Meeting Notes
Cloud Storage
- Microsoft Office 365
- Lots of KWNPSA members use Office 365
- Default installation moves documents to US servers
- Microsoft will move documents to Canadian servers on request
- but this may take up to seven years
- Microsoft OneDrive was automatically installed at one organization
- Business version of Skype can't be turned off, once it's installed!
- It is difficult to use Business Skype with non-business instances of Skype
- But there is finally a good GNU/Linux client for Skype, works with multiple video streams
- Google G Suite (Google Docs)
- Used by political organizations
- This seems like a bad idea; want to keep political affiliations and activity away from prying eyes
- Google Drive storage
- Some SysAdmins have seen identical filenames in folders
- Perhaps the User Interface hides extensions or filename suffixes
- Maybe Google Drive uses links or pointers?
- People move files, but they still exist in orginal locations
- Google Mail uses flat storage of all messages, tags on each message are displayed in UI as though it is a folder structure
- Some SysAdmins have seen identical filenames in folders
- Used by political organizations
- Cloud horror stories:
- Company advertising genetic testing services stored data in the cloud
- then sold people's personal genetic data to a pharmaceutical or insurance company
- Genealogy company acquired data stored "freely available" from individuals' web sites
- Now sells this data, and it is not available to the original authors
- Suggestion: "Poison the well" by creating a "Fake Uncle Ralph" to prove authorship (see Wikipedia:Trap street)
- Company advertising genetic testing services stored data in the cloud
- Security risks
- Commercial cloud providers will hand over customer data to authorities
- National Security Letters -- Cloud providers may be compelled to keep this data access from their customers
- Ensure you have a contract with a Service Level Agreement (SLA) that specifies where servers are stored (Canada? US?), how data is routed
- Even if source and destination are both in Canada, traffic may still be routed through US and subject to snooping; Canadian data has no protection when routed through US
- Technical means: Source Routing can specify how a packet is sent through the network (Internet)
- Commercial cloud providers will hand over customer data to authorities
Encrypted File Storage
- Use VPNs to keep remote sites within your own network
- Encrypted tunnels, eg. Secure Shell (sshfs)
- Encrypted file systems
- Encrypted containers
- eg. TrueCrypt (now obsolete, use VeraCrypt instead)
- eg. CipherShed
- TrueCrypt, VeraCrypt, CipherShed are all cross-platform (Windows, MacOS, GNU/Linux)
- eg. LUKS
- See How To Create an Encrypted Drive in a File Container by Bob Jonkman
- eg. FreeOTFE (obsolete) or LibreCrypt provides OTFE (On-The-Fly-Encryption) for Windows that's LUKS compatible
- For any corporate encryption, Additional Decryption Keys are needed
- Any user-encrypted files or containers can be decrypted by the organization's ADK; ensures data is not lost when user forgets password or leaves the organization
- Office 365 encryption
- The culture for Microsoft products is less concerned with encryption (poor adoption of encrypted technologies?)
- Encrypted Backups?
- For backups in the cloud, or on local storage
- Encrypted backups can become un-restorable with minor errors
- Bob recommends making unencrypted backups, then saving them in an encrypted container; even better to keep unencrypted backups physically secure
Sharing Files
- File permissions
- Staff doesn't know how to use filesystem permissions, makes all files globally read/writeable
- Use a Document Management System to assign authorization to documents
- Access control with a DMS can be more finely tuned
- DMS also provides benefits such as metadata and search/indexing
- but it needs the skills of a librarian to properly catalogue documents
- and a DMS adds another layer of abstraction; more work for the SysAdmin, more to go wrong
- Physical file systems (file cabinets, folders) were treated better by staff than digital file systems
- Using Roaming Profiles for shared file access
- SysAdmin can force desktop computers to put "My Documents", "My Pictures" &c. on the server for shared and secure storage
- Doesn't work for Windows' "My Desktop"; that folder appears to have special privileges, but we don't know how
- Can "My Desktop" or "My Documents" be made read-only to force staff to use server storage? Doubtful
- Thin clients don't store data locally
- Use the Browser Local Storage? (please, no)
- "Libraries" feature in Windows can combine several folders (from different sources) into one
- SysAdmin can force desktop computers to put "My Documents", "My Pictures" &c. on the server for shared and secure storage
- Commercial applications for managing roaming profiles: Micro Focus ZENworks (formerly NAL, Novell Application Launcer); Intel LANdesk Manager, Computer Associates
- Staff gets easily confused with shared filesystems
- Folder tree changes, filename and foldername changes
Storing Binary Files
- Music Files, photos, video, CAD drawings, &c.
- Using Google Drive is not efficient for binary files, better to keep on local (non-cloud) storage
- Post-production for music can't be done online
- Cloud services need cloud-based client software to manage binary files
- Google Docs does not have a good music client to manage music file for an orchestra
- But Google Docs has good photo apps
USB Sticks or Thumbdrives
- How to prevent the use of USB drives?
- Physically hotglue the USB ports on organizations' computers
- Pop up a warning to the user when USB device is inserted
- Lock the computer when a USB device is inserted
- Worried about "Parking Lot USBs" (USB drives found in the parking lot, may contain malicious payload)
- Physical attacks through high-voltage discharges (see https://usbkill.com/ )
- The only protection against physical attacks is physical protection
Future Topics
- Document Management: There are specialized software tools to manage your documents, provide version control, allow staff to checkout documents for exclusive access, and to provide indexing and search tools. What do you use?
- Encryption How do encrypted file systems work? Demonstration/Workshop on creating encrypted file containers.
- Microsoft Evening (do they still provide sponsorship? Marc will check with Eli)
Markup Languages and Note Taking
- Date
- Monday, 16 October 2017 from 7:00pm to 9:00pm
- (Thanksgiving! Scheduled for the 2nd non-holiday Monday of the month)
- Event Announcement
- https://www.meetup.com/NetSquared-Kitchener-Waterloo/events/243068343/
- Location
- Communitech Jelly Bean Room 1st Floor, 151 Charles Street West, Kitchener, Ontario Map
How do you take notes? What software exists for note taking? What markup language is best for taking notes? Are your notes available on your phone or tablet? How do you synchronize them? How do you publish your notes online? When is it better to use a Note Taking application rather than a proper Word Processor?
This month we invite all the devotees of MarkDown, WikiText, MoinMoin, YAML, and LaTeX to contribute to the discussion at our round table.
--Marc Paré & Bob Jonkman
Resources
Note-taking applications
- Xpad https://launchpad.net/xpad
- MATE Desktop Sticky Notes http://wiki.mate-desktop.org/applications
Markup Languages
Markup Editors
- Atom.io https://atom.io/
- Sublime Text https://www.sublimetext.com/
- Notepad++ https://notepad-plus-plus.org/
On creating a standard Markup Language:
Meeting Notes
Practices
- Bob edits notes directly into MediaWiki (but only at KWNPSA)
- Has tried Sticky Notes, Xpad, not suitable
- mounts website locally, edits with his text editor, saves directly to website
- Writes notes in notebook, transcribes to wiki, then copies generated HTML source to destination website
- Steve's practice is to separate content from form
- Create content first, but in a way that it's easy to add formatting stuff later on
- WordProcessing doesn't do that, tries to do them both
- WP tries to be an operating system
- On all principles, WP are bad
- But LibreOffice tries to fix that, its internal format is not proprietary
- Valuable for
- When writing, be concerned primarily with content, secondarily with syntax, format
- Can always add typographical content (the markup) afterwards
- eg. Wordcount isn't really needed, can't do it accurately by examining marked-up text
- Steve uses his own markup, similar to Markdown, related to groff
- Only worries about paragraph breaks and lists, maybe section headers
- Does not want ML to interpret line breaks, unless there's two in a row
- Always works in Linux, so LF only
- Steve uses AWK script to render text,
- But how to apply markup to a previous line?
- Uses VIMperator in Firefox to edit online content
- Create content first, but in a way that it's easy to add formatting stuff later on
- Kirk managed documentation in SGML using James Clark's DSSSL processor called "Jade" to generate RTF, TeX, PDF(?)
- DSSSL == Wikipedia:Document Style Semantics and Specification Language
- James Clark also wrote groff, modelled on SoftQuad troff
- Schema for SGML was DocBook
- None of which gave the results, so he used
- DocBook in XML
- Kirk wrote a stylesheet in XSLT to turn DocBook into XML for LibreOffice
- "compiled" documentation, literally using "make"
- XML provides rigid consistency, important to typographers
- Also created WinHelp files with DSSSL
- Also tried to create TeX files
- The important part is that a single source document created multiple output file formats
- Nick
- Taking notes for school,
- OneNote can be handy, good for finding notes and subcategories
- Adapting different note taking for different purposes, even sticky notes
- Different apps are suitable to different purposes
- Short term is good with StickyNotes or Xpad
- Version of StickyNotes with Win10 is colourizable
- November is NaNoWriMo month,
- Use OneNote is nice because it organizes a lot of notes, eg research, character development
- But not for the actual manuscript, use a WP for that
- There's a StickyNotes app for Android: Search F-Droid for "Sticky Notes"
- Different situatation: Academic, professional, hobby -- all have different requirements, different needs
- How to do the website?
- Not his website, done on webs.com
- Needed to directly edit HTML in webs.com, no feature to FTP content
- The webs.com HTML viewer is not so great, uses his browser to download source, converts to PDF for a rough idea, then copy'n'paste back into the site
- Notepad++ has nice indenting
- Nick's site is largely static, but needs to update meeting events
- Gets content from HTML e-mail, imports to Word, saves as HTML, then massages by hand (Word generates very verbose HTML)
- this is a pretty common technique with other SysAdmins
- Taking notes for school,
- Raymond
- Casual note taking (temporary), eg library cards
- Needs to do it on the cellphone
- Notetaker on iPhone
- Google Keep on Android --
- Has checklists! Good feature!
- Google Notebook was good, no longer exists
- Uses computer to enter content for reading on cell phone
- For serious notetaking
- Started with text files, but that's a problem, eg. need diagrams, searching
- Searchable is a top requirement
- Offline use is important
- Bob has horror story: taking notes at KWNPSA directly into wiki, closed laptop, needed to recover document from browser cache
- Organization is important,
- Re-ordering, re-sorting
- Javascript, programming
- Using Evernote for a long time
- Has a limit on the traffic, now restricted to two devices (annoying with Macbook, cell phone, office desktop)
- Can search, even text in pictures.
- Free (as in gratis)
- Crossplatform
- Evernote and StickyNote can synchronize!
- Tried OneNote years ago, didn't work well
- Formatting or search ability wasn't good enough
- Casual note taking (temporary), eg library cards
- Mojtaba is not a heavy note taker
- Tried OneNote
- gedit and vim on the desktop
- Google Notes on the phone
- Plain text!
- Does programming with vim
- just search through directories with egrep
General Musings
- Raymond has used Atom.io competitor Sublime Text
- Mojtaba has used vundle (package manager for vim)
- People using online apps to synchronize between devices
- OneNote does not have an import/export function
- Raymond can set up a channel ifttt (If This Then That)
- But OneNote is too proprietary to get stuff out (export)
- Steve: Organize stuff in a file system to make it easy to find
- Doc files in one subdir, PDF in another, then create a "logfile" to locate stuff
- Keep notes organized by project, more concerned with content
Tech stuff
- How is a "schema" different from the ML?
- LaTeX is a superset for Tex
- Much more structured
- But easier to use
- And probably faster to describe things like formulas
- groff is pretty much the same syntax for marking up math
- Every computer science and math student needs to know TeX
- Built-in font is "Computer Modern"
- But there are commands to change to any other font for better legibility
- Donald Knuth wrote "metafont" to create fonts, TeX to do page layout
- Tex is primarily layout and presentation, LaTeX adds semantics
- Steve gives a brief overview of LaTeX document structure, logical and strict
- In typesetting
- Authors are just concerned about appearance
- Typesetters want more document structure
- groff is a typesetting language
- runoff for running online printers in the 1960s
- Bell Labs operating system created to generate output
- "We'll write you a typesetting language", just need an OS so they created Unix
- troff was the result "typeset and runoff"
- Author died suddenly, Brian Kernighan needed to reverse-engineer the code, rewrote in C
- SoftQuad got rights to the troff code, developed it before "SGML handbook", HoTMetaL
- Tied to Coach House Press
- Reminiscing about the old days when you could still talk to people in charge of major industries
- Phototypesetting: Steve gives a brief history
- Mindmapping tools
- Freeplane:
- Lots of features
- Non-linear editing
- decorate with icons
- Lua scripting language
- Freemind is another
- Both Java applications, for platform independence?
- Mindmanager is a commercial version for Windows
- Similar to WP outlining feature
- But you need to scroll up and down to find things
- Freeplane:
- Spectrum of file formats
- From binary data with human read-only output
- to readable input formats
- eg. JSON format is not a good human-readable language
- eg. YAML is for machine readable, not human
- XML is not as human-readable as Markdown either
- Markdown is an incomplete language, can't deal with some formatting issues
- Lists are a problem (but there is the pipe character
- Makes sense for XML to be more strict
- Machine needs to read the DOM
- Sometimes meaning of document structure disappears for human readers when a stylesheet is applied that alters appearance
- Typographic needs a structure like XML
- Can contain markup content that is not rendered, but gives typographic instructions
- eg. command to kern a paragraph
- Steve uses attributes as non-content typographic instructions
- If you need to pass structural data use XML
- Markup languages can target either humans or machines
- The more complicated the document structure, the more you need a non-human-readable format like XML
- Can contain markup content that is not rendered, but gives typographic instructions
- Books with indices lend themselves to XML
- also bibliographies, very strict for punctuation and capitalization
- Steve can apply scripts to a document to apply structure, strip out what the author has done
- Generate Tables fo Content from marked up content, don't cut'n'paste
- DRY - Don't Repeat Yourself
- What is the format that uses separate lines for markup, eg.
Heading ======= Subheading ----------
Requirements
- SGML and HTML and XML aren't meant for writing, but for semantic meaning
- More of an interchange format
- Editors need to be for getting content into the editor quickly
- Choose an editor or Markup Language for "pretty", how it appears
- or choose an editor/ML for semantic meaning
Future topics
- Scripting Languages
- Social Night in December, start earlier (6:00pm) for food!
- Internationalization, Localization Scheduled for May 2018
- Dark Web, Hidden Services Scheduled for April 2018
- Corporate Surveillance Scheduled for February 2018
- Fundraising Scheduled for Jan 2018
- Because KWNPSA may need to raise some funds ourselves in 2018!
Project Management
- Date
- Monday, 18 September 2017 from 7:00pm to 8:30pm
- Event Announcement
- https://www.meetup.com/NetSquared-Kitchener-Waterloo/events/243066154/
- Location
- Communitech Jelly Bean Room 1st Floor, 151 Charles Street West, Kitchener, Ontario Map
What is Project Management? How do SysAdmins provide support to Project Managers? What kind of projects directly affect SysAdmins? Do Non-Profit SysAdmins manage projects? What tools are available for project management? What server-based software exists for project management? Who provides outsourced project management? What standards exist for project management? What certification?
Let's bring together SysAdmins and Project Managers to discuss the state of the art. As always, we'll have round table discussion to ask questions, provide expertise, and share stories of past experiences.
--Bob Jonkman & Marc Paré
Resources
Project Management | Techsoup Canada
The Project Management Association of Canada
Canada's Technology Triangle Chapter | PMI | Project Management Institute
(unrelated) https://www.adminadminpodcast.co.uk/
These guys talk about being an IT administrator, whether thats a local desktop engineer, a cloud-native specialist deploying to cloud hosting platforms running Linux, or an enterprise Windows admin...
Meeting Notes
- Sponsorships
- We like NetSquared and TechSoup, but don't want the KWNPSA direction dicated by the sponsors
- Stickers were distributed!
- NaNoWriMo - National Novel Writing Month - good tie-in with Document Storage
- Discussing backups and formatting and document semantics
- File Formats -- tie-in with Document Freedom Day in March
- Introductions - SysAdmins, Typesetters, Software Testers, Software Developers, Teachers
- Not a single Project Manager, but all these projects!
What is Project Management?
- What is a project?
- Has a start and deadline, must have a goal, and measure of success
- Certain kinds of reports, eg. financial statistics, not part of the normal booking routine, eg. grant proposal, eg. special audit
- Contrast with regular operations, which may still have a continuous improvement goal
- Always implies collaboration, eg. a book
- Tasks of project management
- Eliminate Redundancies
- Optimizing the whole project, costs, resources,
- Set constraints and scope of the project
- Scheduling
- Distributing the responsibilities of labour and resources
SysAdmin role in Project Management
- Sometimes SysAdmin is the Project Manager
- Some projects start internally, others are imposed externally
- Server upgrades, reports and time estimates for operations
- Small companies may not have large project teams, people wear many hats
- Sometimes no diff between PM, Team Leader, Department Head
- Who are the "boots on the ground"?
- Again, communication flows are important, making sure it happens smootly.
- Avoid animosity by keeping communications open. There's not software for that
- Even software like Slack doesn't achieve this, needs people-to-people communication. Needs change, software doesn't keep up.
- Time estimates are horrible to figure out in IT
- Need buffer time,
- SysAdmin will have a good idea of time needed to perform tasks.
Software
- Manual techniques like sticky notes and whiteboards
- Gets transferred to software
- Requires stakeholders in a meeting, maybe video conference, not asynchronous tools like e-mail
- But getting contributions in a live meeting may be tough. After the meeting people finally got involved by sending e-mail
- Keeping the tone collegial is everyone's task, but bridge-building is definitely a skill for PMs
- Concurrence: Multiple people may need to access (Read/Write) the project data
- Is concurrence necessarily the best data management practice?
- We had vigorous discussion on the merits of document concurrency
- Good for managing sub-tasks, not good for overall project coherence
- We had vigorous discussion on the merits of document concurrency
- Lose focus of the project with too many simultaneous changes
- Is concurrence necessarily the best data management practice?
- Software licencing can be onerous -- cost of software, seat licenses, and audits
Specific apps
- Symantec Timeline circa 1998.
- Microsoft Project
- Project Libre
- Open Source has XML data format, anyone can read the data without having the software
- Cloud-based project management, eg. Basecamp
- 10 Cloud-Based Project Management Tools to Serve Every Company's Needs
- Google Drive?
- Etherpad? Nextcloud?
Project Management Standards and Certification
(wasn't discussed in the time available)
Stories
- Management dictates timelines, despite project management best practices
- Management dictates "buy from the lowest bidder", not based on project requiremetns
- Management dictates "Put the dev stuff into production", not following proper dev-test-prod protocols
- There is a gap for project managers that have one foot in the software dev world and another foot in the communications field
- PMs spend a lot of time speaking to both developers and management
- Need to teach better communication skills to developers to speak to Management
- although Management may not have the communications skills to listen to developers
- Discussion on the "Mythical Man Month", the book of project management gotchas
- Skunkworks may be more efficient and effective than following the full Project Management procedures
Monetization
- Date
- Monday, 21 August 2017 from 7:00pm to 9:00pm
- Event Announcement
- https://www.meetup.com/NetSquared-Kitchener-Waterloo/events/241820045/ iCal
- Location
- Communitech Jelly Bean Room 1st Floor, 151 Charles Street West, Kitchener, Ontario Map
How can a Non-Profit organization raise money from their services? Can a Not-For-Profit organization make a profit? Why do some NonProfit organizations have separate corporate entities for fundraising and their core business? How do NonProfit SysAdmins manage crowdfunding? How does monetization affect NonProfit status? How does monetization affect legislation concerning mailing lists? What does the NonProfit SysAdmin need to know to enable monetization on the Internet? What software exists to enable monetization?
Join us to discuss these and other ideas for monetization.
--Marc Paré & Bob Jonkman
Resources
Which Crowdfunding Platform Is Best for Your Nonprofit? | TechSoup Canada
Canada's Law on Spam and Other Electronic Threats - Home - Canada's Anti-Spam Legislation
Meeting Notes
What NonProfit Organizations sell stuff?
- Publishing companies
- Food co-ops
- Musical societies (CDs, services)
- Event admission for political groups, rallies
Two companies?
- If activities don't fit within the mission statement, then CRA may consider it a separate, for-profit company
- Charitable companies are particularly vulnerable, hassled by CRA
Drawbacks to monetization
- Need End-of-year reports, tax knowledge
- Need an audit/auditor over a certain amount (maybe $100K?)
- Tricky to justify certain kinds of income, esp if there is significant profit
- Need a budget that justifies certain expenses eg. equipment
- People don't have enough knowledge of IT systems to use them properly
- Using spreadsheets that don't integrate with financial systems
- But still better than a Word Document
- Frustrating for SysAdmins, who need to provide support
- No user knowledge of version control, journalling, &c.
- Using spreadsheets that don't integrate with financial systems
- The Treasurer position of a NonProfit has frequent turnover, no continuity
- Treasurer may be volunteer, unskilled for the task
- Some NonProfits deal with esoteric financials (book sales, royalties), may not have a system in packaged software
- Need specific information that the grant agency (that provides funds) wants to see
- Concerns with transparency, opening the books for the public
- Who maintains privacy of finances?
- Need a designated Privacy Officer
Methods of monetization
- "Legacy Gifts": Larger groups (orchestras?) are pitching bequeathing estates as donations, triggered by a will.
- Important to performance groups, as their audience ages
- In Europe, cities a fraction of the size of KW get government funding for the arts, so fundraising not necessary
- In Canada there are people hired by NonProfit art and performance organizations to do nothing but acquire funding through donations
- Integrate small NonProfit groups into the finances of a larger organization, eg. at a University
- But the reporting needs may not be adequate.
- Need to know about methods for funding proposals
- Software? Forms? Documents?
- http://career.publicoutreachgroup.com/ Facilitates fundraising for non-profits
- Community Foundations will organize the funding for NonProfits, eg. Kitchener-Waterloo Community Foundation
- Other arts groups set up their own foundations, eg. KW Symphony
- Or set up your own foundation, then the KW Community Foundation will provide the administration for it
What does a SysAdmin do to enable monetization?
- Not too interested in accounting
- Shopping carts on websites
- Not done internally, this gets contracted out
- Point-of-sale systems?
- Need to combine with sales data from other systems
- Provide integration to other systems
- Select and set up Crowdfunding platforms
Crowdfunding
- Has Crowdfunding passed its peak? It was the big thing two or three years ago.
- What criteria are used to select a Crowdfunding source?
- Techsoup: https://www.techsoupcanada.ca/en/community/blog/which-crowdfunding-platform-is-best-for-your-nonprofit
- Centre for Social Innovation in Toronto:
- Bring your own audience, your own following, before starting the campaign
- Pretty much everyone involved already needs to be in place
- Crowdfunding sites don't necessarily increase your reach, or attract more contributors
- Crowdfunding is good for devices, eg. Pebble Watch
- If you haven't reached your funding level in three months, it's not likely to fly
- There are "Crowdfunding Brokers"
- providing Consultancy, advocacy,
- Centre for Social Innovation trying to get social advocacy agencies involved (two or three years ago)
- City of Waterloo had a program to crowdfund Civic Improvements
- Had their own website
- People proposed their own projects, advocated for them, got the funding. Then the City would implement them.
- Thorough failure... People did not want to give money for things they had already paid for through taxes
- Education: Raising money for supplies, program was halted by the Ministry of Education: "We already provide funding for that."
Financial Software
Needs dedicated staff to manage privacy issues, but if your NonProfit Org has enough staff to maintain it, it's very effective
- Purchasing financial software also purchases the skills and expertise of building such a system (Lawyers, accountants)
- A way of recording transactions without requiring the expertise of accountants
- Avoid bitrot (spreadsheets may not be the same from one year to the next)
- QuickBooks?
- Has a non-profit module
- QuickBooks is common, but doesn't provide the detail for non-profits
- eg. selling worldwide through Amazon, QuickBooks doesn't provide geographic customer data
- Dedicated software provides more granularity in recording transactions.
- with QuickBooks you still need other tools to record other data
- Spreadsheets are prone to user error, eg. changing or deleting a formula
- Orgs hold fundraisers to pay for events
- Events themselves may raise funds through admission fees
- There exists fundraising software
- Similar to contact management software, eg. CiviCRM, Sales Force Automation, Symantec ACT!
- CiviCRM provides metrics, eg. number and amount of donations
- Metrics are really important for donations and ticket sales
- Good for larger NonProfit orgs, too complicated for small ones
- And with a list of donors, privacy becomes a concern
- Some integrates well with financial/accounting software
- Detects patterns of donations, sends out requests only at the correct intervals, or when donors are ready
- Coordinates with maturity of investments held by donors, when NonProfits can get a pledge.
- Good software can snipe other NonProfits looking for donations
- "Grant Station" (subscription software, available through TechSoup)
- TechSoup subscription is more flexible (cheaper) than purchasing directly from Grant Station
- Provides a list of Canadian and American grant agencies
- helps prepare online pitches for donations
- Hones your skills in preparing grant applications
- "Canada Donates" is also useful for NonProfits
- TechSoup Canada: Constituent/Donor Relationship Management
Accounting software:
http://www.techsoupcanada.ca/en/taxonomy/term/287
- Newviews
- QuickBooks
- MYOB (Mind Your Own Business) (defunct? Only in Australia?)
- Microsoft Money
- GNUcash (Free Software)
- Scrooge (chequebook model, not really for NonProfits) (FS, KDE)
- FrontAccounting (ERP)
Tax Software
- LibrePlanet Ontario: Free Libre Canadian Tax Preparation Software Project https://libreplanet.org/wiki/Group:LibrePlanet_Ontario/FLCTPSP
- UFile: worked under WINE (Wine Is Not an Emulator) until Win10
"If you're looking to monetize your NonProfit group, joining TechSoup is very beneficial." (spontaneous endorsement from KWNPSA attendee)
- (KWNPSA Upcoming Events)
- (KWNPSA Past Events)
- (KWNPSA Meeting Notes on one page)
- (KWNPSA Requested Topics)
All the NPSA Meeting Notes on one page
Dark Web, Hidden Services
- Date
- Monday, 16 April 2018 from 7:00pm to 9:00pm
- Meetup Event
- https://www.meetup.com/NetSquared-Kitchener-Waterloo/events/245564977/
- Location
- Upper Board Room in First United Church, 16 William Street West, Waterloo, Ontario Map
- Event Announcement
- Dark Web, Hidden Services/Announcement 2018-04-16
What is the Dark Web? Is it full of bad guys? What are Hidden Services? Aren't those illegal? Why would a Non-Profit organization want to use the Dark Web? Why should a Non-Profit organization make their online services available as Hidden Services? What software can we use to access the Dark Web and create Hidden Services?
We'll have a demonstration of Tor and I2P, and have a round-table discussion of the benefits and pitfalls of using them.
--Bob Jonkman & Marc Paré
Resources
Meeting Notes
- In attendance were 14 members out of 39 signed up for the meeting.
- Laurel video recorded session for Bob
- Most people at the meeting are also Meetup members
- The intent was to present both Tor as well as I2P, however, the Tor demonstration and background information took longer than expected. There will be a follow-up meeting covering I2P in August 2018.
Tor Browser - getting down and dirty with Tor - the basics
- Bob's Tor slideshow presentation is available on KWNPSA Public Documents site
- this presentation of the Tor browser is aimed to admins who would consider the use of Tor beneficial to their organization and members
- Tor still needs mode of authentification
- best practices -- use Tor as is from the official Tor website and keep it updated, Avoid any use of pre-modified Tor clients from any other sites.
- Tor is basically a hardened version of Firefox
- DO NOT USE BitTorrent (any client) inside of the Tor browser as the BitTorrent identifies IP addresses
- BitTorrent does not work well on Tor
- Q/ Can you use ghosting? A/ Not sure, but if tunnelling, will reveal your ghosting IP address but bittorent will still show data
- Tor tends to be slow and laggy
- The use of Tor may harm your reputation if you are found to use Tor with certain ISP's! Your IP may become exposed/found out if you make use of the wrong exit node. Some ISP's or sites may may try to ban you from any future connection, or, worse case scenario, In certain cases, there may be possibility of having your own ISP blacklisted by using Tor.
- Using Tor may raise suspicion by legit sites, where they may wonder why the use of Tor is needed to visit their site (What do you have to hide?)
- if you make use of some poorly chosen Tor exit nodes, they may be connected/linked to other nefarious sites.
- Tekksavvy is good at providing Tor exit nodes, most ISP's are not relatively warm to the idea of the use of Tor
- see slides re: Tor failure modes
- note that CAPTCHA is hardened and will reveal your identity
- The concept behind the Tor browser was initially conceived by the US defence project
Question (members) & Answer (Bob)
- Why make use of a good and legit exit node? -- Helps protect your identity and also helps harden Tor for its use in countries where rights abuse is pervasive.
- Is Tor easy to configure? -- Tor is easy to misconfigure.
- How active is Tor's development? -- Patches are constant and often.
- Tor breach? -- If in jurisdiction where Tor is monitored, some nefarious entry nodes could be made available through Tor traffic and may make that entry node vulnerable. German nodes (entry and exit) are popular.
- Is there encryption node-to-node? -- Tor is onion routed and encrypted multiple times ... see slide "How Tor Works: 2"
- The nodes (onion peels) are known only by certain devices, but not all in the nodal chains.
- How many node layers are there? -- You may configure Tor to use as many layers as you need but 3 layers are really all you need as more layers add to latency. With the arrival of Quantum decryption, it may become easier to decrypt the Tor nodal routes, but hopefully there will be an equivalent Quantum solution for an updated Tor browser.
- 80% of net is encrypted (https) -- However that is only for 1 layer; under Tor, layers are more numerous. Under https, we still see some list of certificate authorities that are unusual (Turkey, Tawain Telephone Service etc.), there are still some bogus certificates. The use of Tor makes it more difficult for bogus authorities to have any influence over your browsing.
- Do we know the number of compromised exit nodes? The number of compromised exit nodes are still unknown but research on such is being done, some research, for example, is being doen at UW.
- Can an exit node be a relay node? -- Yes. however it is not recommended to run an exit node, running a relay node is most likely safe enough.
- is it possible to set up your exit node but only for individuals that you wish to use that particular exit node? -- Not sure. Member suggests that you could possibly use a pre-configured Tor rc file. But you would have to carry the exit node detail on some physical device and be possibly stopped at borders. Bob usually recommends using off-the-shelf hardware bought in destination country to avoid being stopped at the border.
- Can blockchain technology be used for Tor? -- Not sure.
- How many Tor devs? -- Tor is developed by many, some at institutions such as universities.
- What is the adoption rate? -- Not really sure, however, making use of VPN's is popular, Tor could also be configured to do the same; therefore Tor is seeing much more takeup in some business models.
- Does it work on cellphones? -- ORBOT, but it is extremely slow compared to Tor
- Can we use it with VPN? -- Yes, a little more complexity is involved, but yes they do work well together.
- Are there frequent improvements and updates of the project? -- Yes, There are hopes that perhaps streaming will work well later, but browsing websites is still a little painful.
Tor installation
- Download from site is easy
- Do not change the default settings, even screen size may be tracked.
- to add a server, must add a few line to the Tor .rc file "torrc"
Round-table discussion
- What would you use this for?
- Use for human rights organizations, to communicate with members or view pertinent websites that are blocked in certain countries.
Back to: Dark Web, Hidden Services
File Formats
- Date
- Monday, 12 March 2018 from 7:00pm to 9:00pm
- Meetup Event
- https://www.meetup.com/NetSquared-Kitchener-Waterloo/events/244120869/
- Location
- Upper Board Room in First United Church, 16 William Street West, Waterloo, Ontario Map
What file formats do your documents, images, spreadsheets use? Can you exchange your files with people using Macs? Linux? VMS? Will your documents survive an upgrade of your application software? Can you switch to another word processor? Image editor? Spreadsheet app? Can you still read the files from backups created years ago with different software? Can you choose the file format your application uses?
In the month of Document Freedom Day we'll look at the importance of open, well-known file formats, and compare it to closed, proprietary formats that are so prevalent today.
--Marc Paré & Bob Jonkman
Resources
- Document Freedom Day
- http://www.documentfreedom.org/
- Document Freedom Day (DFD) is the international day to celebrate and raise awareness of Open Standards.
- Digital Freedom Foundation
- http://www.digitalfreedomfoundation.org/
- Digital Freedom Foundation is the non-profit organization behind different International Days including Software Freedom Day, Education Freedom Day, Hardware Freedom Day and Document Freedom Day
- The Document Foundation
- https://www.documentfoundation.org/
- The Document Foundation is proud to be the home of LibreOffice and The Document Liberation Project
Meeting Notes
What are Free/Open File formats?
- and what are closed or proprietary formats?
Survey of participants
- Free/open File Formats users: #
- Proprietary File Formats users: #
Round Table Discussion
Software and applications
Free/Open File Formats
- make list here
Closed or Proprietary Formats
- make another list here
Corporate Surveillance
- Date
- Monday, 12 February 2018 from 7:00pm to 9:00pm
- Meetup Event
- https://www.meetup.com/NetSquared-Kitchener-Waterloo/events/245128116
- Location
- First United Church, 16 William St West, Waterloo, ON Map
How do we keep our workplaces secure? Does your organization use cameras? Does it filter web content? Check for document exfiltration? Inspect e-mail? Monitor keystrokes? Is this sneaky, underhanded spying, or merely good business practice? What are the ethics of corporate surveillance for System Administrators?
Join Kitchener-Waterloo Non-Profit System Administrators at our monthly round table meeting for a technical, philosophical and moral discussion.
--Bob Jonkman & Marc Paré
Resources
Office Audit and Control Management Server | TechSoup Canada
Meeting Notes
Notes taken by Bob Jonkman
What is Corporate Surveillance
- Most corporate management is meant to ensure computers aren't altered, no viruses are introduced
- Bob has worked in a place that checks all outbound e-mail for keywords, looking for data exfiltration.
- Some exfiltration data is monitored for employees' protection, also video camera footage, so if theft occurs employees are not falsely accused
- Some places archive e-mail for several months
- Data retention required for legislative purposes, but can be used for forensics and surveillance
- Is employee monitoring legal? Yes, employees sign contracts allowing this to take place, and that all data belongs to the corporation
- Including "shower ideas", that are developed outside of company time
- Some places allow "reasonable use" of telephone, internet.
Ethics
- Do employees even know they're being monitored?
- There may be pop-up messages indicating that USB-drives are inserted, &c.
- Sometimes you see evidence of SysAdmins taking remote control
- But would you still want to work in a place like that?
- Very stressful to work in a place like that.
- Washroom breaks being logged!!
- Creepy for those being surveilled
- Maybe employees need a guaranteed that the data will not be retained, and is secure from data theft
- Need a union to protect the employees
- Even when it's obvious that data on the computer is being logged and monitored
- Is that common sense?
- Some SysAdmins do not want to do forensics against their co-workers
- Or even SysAdmins doing forensics against managers
- Refusal to perform surveillance against co-workers can result in dismissal
- Sometimes the stuff unearthed is disturbing (pornography? worse?)
- We can all make reasonable arguments in favour of surveillance
- But big companies have shown time and time again that they can't be trusted with the data
- And we can't opt out
- Data correlation can identify individuals in millions of records based on only three data points
- Definitely unethical to sell my data collected through browsing
- But it's OK if one company shows their products based on data they've collected previously
Internet Surveillance
Internet Surveillance Companies (ISC) provide services at no cost to the user, but their business model is based on selling those users' data
- Google is providing a service that predicts your "needs and wants" based on analysis of big data
- Selling it advertisers, insurance agencies, potential employers
- "Minority Report", "Thoughtcrime"
- Selling it advertisers, insurance agencies, potential employers
- The "free services" are monetized by the sale of personal data
- Most people don't know how much, how detailed it is
- You're constantly being given things you want to see, you want to hear
- But it's nothing that grates you, nothing that you don't want to see
- So your online experience is shaped in a pleasant way,
- For someone who wants something different, the experience is not in that model
- It's more insidious -- you're being tempted to have greater desires
Your desires are being shaped, not reflected by the collection of big data
-- Steve Izma
"5 things about TV" (get actual title from Steve Izma)
- Subliminal advertising, designed to hit your subconscious
- Outlawed on TV
- There is similarity between what anti-spam laws prohibit and what ISC are doing
- Reddit: Kids know that laws are weaker in US, consider Canada more favourable for keeping privacy
- As a SysAdmin, if you collect data on employees, what stops ISC from gathering that data?
- try to safeguard your employees, your company, your employers.
- Not just stealing stored data, but data from streaming services (search, video, forums)
- Google acts like an independent nation
- Needs legislation; corporations will kill people for profit if not prevented by law
- Internet Surveillance Companies give us what we want, but are they reshaping our values?
- Culture is important, will surveillance companies change your culture?
- People rooted in culture are more difficult to move
- We need legislation to preserve culture; we can trust our politicians to look out for us (???)
- (Side conversation on government subsidising Canadian culture)
- Good: Preserves our culture
- Bad: The good culture just moves offshore, only the mediocre Canadian stuff stays behind
- Some producers will create anything just to attract grant money
- Canadian funded productions are made to look like American productions; no cultural benefit to Canadians
- Canadians need to support Canadian businesses
- If Blackberry had been a US company, would they have been successful?
- Lots of loyalty -- Microsoft failed in the mobile market
- Nortel failed not because they were Canadian, but because they made poor choices
- 19yr old believes Canada has a better grip on surveillance legislation
- He gets a wider point of view, not just from one source
- Regulations?
- Canada has lots of regulations to keep data private
- In the US much data privacy data is pushed by FBI; Canada's equivalent is RCMP
- Is the funding and capability in Canada equivalent? (10% tax base of US)
- "Five Eyes", mutual spying on each other
- Bell has a proposal to throttle and turn off sites they find offensive
- Done through an "independent body"; keep our content we've paid for out of pirates' hands
- Who will monitor the Canadian web? The CRTC? Who enforces the regulations?
- Yet another attempt by Big Media to provide services in the old model
- Blackberry's encryption may be good, but they've still compromised themselves for large markets
Protection
- How can we protect ourselves?
- Don't use the main services like Google (use SearchX) or Twitter (use GNUsocial or Mastodon)
- Use proxy services like Tor and I2P (the Dark Web)
- Use VPN services (but how can you trust the VPN provider?)
- Trying to do black-box analysis of "protection" sites may be hazaradous
- As bad as our loss of privacy is, other countries have their entire access blocked (and surveilled)
- Corporate profits always take priority over ethics
- Not a sustainable model in many cases
- Staff is hired to find loopholes in contracts to maximize profits
- Corporations that go out of business are cannibalized to create new markets, improve
- Venture Capitalists will also undermine ethics
- Tim Wu, "The Master Switch", on how corporations shape the legislation that controls them, and how independent service providers get displaced by monopolies
- Privately held companies (and non-profits) can still uphold their ethics
Future topics
- Fallout from data breaches Equifax, Yahoo
- How do these companies work? "reputation management companies"
- Do these companies operate?
- You can get your own data from them, legally mandated
- There are Meta-access services that get info from all services
Back to: Corporate Surveillance
Document Storage
- Date
- Monday, 13 November 2017 from 7:00pm to 9:00pm
- Meetup Event
- https://www.meetup.com/NetSquared-Kitchener-Waterloo/events/243067519/
- Location
- Queen Street Commons Cafe, 43 Queen Street South, Kitchener, Ontario Map
- Event Announcement
- Document Storage/Announcement 2017-11-13
How do you store your documents? Where do you store them? What software creates your documents? What software stores it? What software retrieves it? What about document indexing and searching? How do you deal with non-textual documents? What document file format do you use? Is parchment and goose-quill still best?
This month there'll be a shooting match between the Well-Known Format SysAdmins and the OpenStandards SysAdmins. But it'll be a polite shooting match at our round table discussion, with SysAdmins relating their own practices, learning new ones, and telling tall tales.
--Bob Jonkman & Marc Paré
Resources
File Storage | TechSoup Canada
Future Venues
- Communitech has indicated we can no longer use the Jellybean Room on Mondays
- but the room is available on Wednesdays
- but it's only available until 8:00pm
- do we want to switch meeting days?
- Marc will check if there's any availability on Mondays
- but the cost will probably be higher ($15/hr now)
- but the room is available on Wednesdays
- We were contacted by Reg from One King North Map, a coworking space
- Reg indicated that "Also it's complimentary, so you don't have to pay for using our space to hold meetups"
- Marc followed up with Reg and has yet to hear back from him
- Apparently, Reg was unclear in his communication, probability of having access to this venue space does not look promising
- Other possible venues:
- Old school board building (Marc has contacts, will investigate)
- Downtown Community Centre Map
- but they require all KWNPSA attendees to purchase memberships at $15/year
- Paul Nijjar investigated for KWLUG; it was deemed unsuitable for a non-profit group
- Bob's notes indicate there are also meeting room fees, insurance costs, and participants under 18 years old are not allowed.
- Descendants Beer & Beverage Co. apparently has meeting facilities. Kirk will investigate. Map
Meeting Notes
Cloud Storage
- Microsoft Office 365
- Lots of KWNPSA members use Office 365
- Default installation moves documents to US servers
- Microsoft will move documents to Canadian servers on request
- but this may take up to seven years
- Microsoft OneDrive was automatically installed at one organization
- Business version of Skype can't be turned off, once it's installed!
- It is difficult to use Business Skype with non-business instances of Skype
- But there is finally a good GNU/Linux client for Skype, works with multiple video streams
- Google G Suite (Google Docs)
- Used by political organizations
- This seems like a bad idea; want to keep political affiliations and activity away from prying eyes
- Google Drive storage
- Some SysAdmins have seen identical filenames in folders
- Perhaps the User Interface hides extensions or filename suffixes
- Maybe Google Drive uses links or pointers?
- People move files, but they still exist in orginal locations
- Google Mail uses flat storage of all messages, tags on each message are displayed in UI as though it is a folder structure
- Some SysAdmins have seen identical filenames in folders
- Used by political organizations
- Cloud horror stories:
- Company advertising genetic testing services stored data in the cloud
- then sold people's personal genetic data to a pharmaceutical or insurance company
- Genealogy company acquired data stored "freely available" from individuals' web sites
- Now sells this data, and it is not available to the original authors
- Suggestion: "Poison the well" by creating a "Fake Uncle Ralph" to prove authorship (see Wikipedia:Trap street)
- Company advertising genetic testing services stored data in the cloud
- Security risks
- Commercial cloud providers will hand over customer data to authorities
- National Security Letters -- Cloud providers may be compelled to keep this data access from their customers
- Ensure you have a contract with a Service Level Agreement (SLA) that specifies where servers are stored (Canada? US?), how data is routed
- Even if source and destination are both in Canada, traffic may still be routed through US and subject to snooping; Canadian data has no protection when routed through US
- Technical means: Source Routing can specify how a packet is sent through the network (Internet)
- Commercial cloud providers will hand over customer data to authorities
Encrypted File Storage
- Use VPNs to keep remote sites within your own network
- Encrypted tunnels, eg. Secure Shell (sshfs)
- Encrypted file systems
- Encrypted containers
- eg. TrueCrypt (now obsolete, use VeraCrypt instead)
- eg. CipherShed
- TrueCrypt, VeraCrypt, CipherShed are all cross-platform (Windows, MacOS, GNU/Linux)
- eg. LUKS
- See How To Create an Encrypted Drive in a File Container by Bob Jonkman
- eg. FreeOTFE (obsolete) or LibreCrypt provides OTFE (On-The-Fly-Encryption) for Windows that's LUKS compatible
- For any corporate encryption, Additional Decryption Keys are needed
- Any user-encrypted files or containers can be decrypted by the organization's ADK; ensures data is not lost when user forgets password or leaves the organization
- Office 365 encryption
- The culture for Microsoft products is less concerned with encryption (poor adoption of encrypted technologies?)
- Encrypted Backups?
- For backups in the cloud, or on local storage
- Encrypted backups can become un-restorable with minor errors
- Bob recommends making unencrypted backups, then saving them in an encrypted container; even better to keep unencrypted backups physically secure
Sharing Files
- File permissions
- Staff doesn't know how to use filesystem permissions, makes all files globally read/writeable
- Use a Document Management System to assign authorization to documents
- Access control with a DMS can be more finely tuned
- DMS also provides benefits such as metadata and search/indexing
- but it needs the skills of a librarian to properly catalogue documents
- and a DMS adds another layer of abstraction; more work for the SysAdmin, more to go wrong
- Physical file systems (file cabinets, folders) were treated better by staff than digital file systems
- Using Roaming Profiles for shared file access
- SysAdmin can force desktop computers to put "My Documents", "My Pictures" &c. on the server for shared and secure storage
- Doesn't work for Windows' "My Desktop"; that folder appears to have special privileges, but we don't know how
- Can "My Desktop" or "My Documents" be made read-only to force staff to use server storage? Doubtful
- Thin clients don't store data locally
- Use the Browser Local Storage? (please, no)
- "Libraries" feature in Windows can combine several folders (from different sources) into one
- SysAdmin can force desktop computers to put "My Documents", "My Pictures" &c. on the server for shared and secure storage
- Commercial applications for managing roaming profiles: Micro Focus ZENworks (formerly NAL, Novell Application Launcer); Intel LANdesk Manager, Computer Associates
- Staff gets easily confused with shared filesystems
- Folder tree changes, filename and foldername changes
Storing Binary Files
- Music Files, photos, video, CAD drawings, &c.
- Using Google Drive is not efficient for binary files, better to keep on local (non-cloud) storage
- Post-production for music can't be done online
- Cloud services need cloud-based client software to manage binary files
- Google Docs does not have a good music client to manage music file for an orchestra
- But Google Docs has good photo apps
USB Sticks or Thumbdrives
- How to prevent the use of USB drives?
- Physically hotglue the USB ports on organizations' computers
- Pop up a warning to the user when USB device is inserted
- Lock the computer when a USB device is inserted
- Worried about "Parking Lot USBs" (USB drives found in the parking lot, may contain malicious payload)
- Physical attacks through high-voltage discharges (see https://usbkill.com/ )
- The only protection against physical attacks is physical protection
Future Topics
- Document Management: There are specialized software tools to manage your documents, provide version control, allow staff to checkout documents for exclusive access, and to provide indexing and search tools. What do you use?
- Encryption How do encrypted file systems work? Demonstration/Workshop on creating encrypted file containers.
- Microsoft Evening (do they still provide sponsorship? Marc will check with Eli)
Markup Languages and Note Taking
- Date
- Monday, 16 October 2017 from 7:00pm to 9:00pm
- (Thanksgiving! Scheduled for the 2nd non-holiday Monday of the month)
- Event Announcement
- https://www.meetup.com/NetSquared-Kitchener-Waterloo/events/243068343/
- Location
- Communitech Jelly Bean Room 1st Floor, 151 Charles Street West, Kitchener, Ontario Map
How do you take notes? What software exists for note taking? What markup language is best for taking notes? Are your notes available on your phone or tablet? How do you synchronize them? How do you publish your notes online? When is it better to use a Note Taking application rather than a proper Word Processor?
This month we invite all the devotees of MarkDown, WikiText, MoinMoin, YAML, and LaTeX to contribute to the discussion at our round table.
--Marc Paré & Bob Jonkman
Resources
Note-taking applications
- Xpad https://launchpad.net/xpad
- MATE Desktop Sticky Notes http://wiki.mate-desktop.org/applications
Markup Languages
Markup Editors
- Atom.io https://atom.io/
- Sublime Text https://www.sublimetext.com/
- Notepad++ https://notepad-plus-plus.org/
On creating a standard Markup Language:
Meeting Notes
Practices
- Bob edits notes directly into MediaWiki (but only at KWNPSA)
- Has tried Sticky Notes, Xpad, not suitable
- mounts website locally, edits with his text editor, saves directly to website
- Writes notes in notebook, transcribes to wiki, then copies generated HTML source to destination website
- Steve's practice is to separate content from form
- Create content first, but in a way that it's easy to add formatting stuff later on
- WordProcessing doesn't do that, tries to do them both
- WP tries to be an operating system
- On all principles, WP are bad
- But LibreOffice tries to fix that, its internal format is not proprietary
- Valuable for
- When writing, be concerned primarily with content, secondarily with syntax, format
- Can always add typographical content (the markup) afterwards
- eg. Wordcount isn't really needed, can't do it accurately by examining marked-up text
- Steve uses his own markup, similar to Markdown, related to groff
- Only worries about paragraph breaks and lists, maybe section headers
- Does not want ML to interpret line breaks, unless there's two in a row
- Always works in Linux, so LF only
- Steve uses AWK script to render text,
- But how to apply markup to a previous line?
- Uses VIMperator in Firefox to edit online content
- Create content first, but in a way that it's easy to add formatting stuff later on
- Kirk managed documentation in SGML using James Clark's DSSSL processor called "Jade" to generate RTF, TeX, PDF(?)
- DSSSL == Wikipedia:Document Style Semantics and Specification Language
- James Clark also wrote groff, modelled on SoftQuad troff
- Schema for SGML was DocBook
- None of which gave the results, so he used
- DocBook in XML
- Kirk wrote a stylesheet in XSLT to turn DocBook into XML for LibreOffice
- "compiled" documentation, literally using "make"
- XML provides rigid consistency, important to typographers
- Also created WinHelp files with DSSSL
- Also tried to create TeX files
- The important part is that a single source document created multiple output file formats
- Nick
- Taking notes for school,
- OneNote can be handy, good for finding notes and subcategories
- Adapting different note taking for different purposes, even sticky notes
- Different apps are suitable to different purposes
- Short term is good with StickyNotes or Xpad
- Version of StickyNotes with Win10 is colourizable
- November is NaNoWriMo month,
- Use OneNote is nice because it organizes a lot of notes, eg research, character development
- But not for the actual manuscript, use a WP for that
- There's a StickyNotes app for Android: Search F-Droid for "Sticky Notes"
- Different situatation: Academic, professional, hobby -- all have different requirements, different needs
- How to do the website?
- Not his website, done on webs.com
- Needed to directly edit HTML in webs.com, no feature to FTP content
- The webs.com HTML viewer is not so great, uses his browser to download source, converts to PDF for a rough idea, then copy'n'paste back into the site
- Notepad++ has nice indenting
- Nick's site is largely static, but needs to update meeting events
- Gets content from HTML e-mail, imports to Word, saves as HTML, then massages by hand (Word generates very verbose HTML)
- this is a pretty common technique with other SysAdmins
- Taking notes for school,
- Raymond
- Casual note taking (temporary), eg library cards
- Needs to do it on the cellphone
- Notetaker on iPhone
- Google Keep on Android --
- Has checklists! Good feature!
- Google Notebook was good, no longer exists
- Uses computer to enter content for reading on cell phone
- For serious notetaking
- Started with text files, but that's a problem, eg. need diagrams, searching
- Searchable is a top requirement
- Offline use is important
- Bob has horror story: taking notes at KWNPSA directly into wiki, closed laptop, needed to recover document from browser cache
- Organization is important,
- Re-ordering, re-sorting
- Javascript, programming
- Using Evernote for a long time
- Has a limit on the traffic, now restricted to two devices (annoying with Macbook, cell phone, office desktop)
- Can search, even text in pictures.
- Free (as in gratis)
- Crossplatform
- Evernote and StickyNote can synchronize!
- Tried OneNote years ago, didn't work well
- Formatting or search ability wasn't good enough
- Casual note taking (temporary), eg library cards
- Mojtaba is not a heavy note taker
- Tried OneNote
- gedit and vim on the desktop
- Google Notes on the phone
- Plain text!
- Does programming with vim
- just search through directories with egrep
General Musings
- Raymond has used Atom.io competitor Sublime Text
- Mojtaba has used vundle (package manager for vim)
- People using online apps to synchronize between devices
- OneNote does not have an import/export function
- Raymond can set up a channel ifttt (If This Then That)
- But OneNote is too proprietary to get stuff out (export)
- Steve: Organize stuff in a file system to make it easy to find
- Doc files in one subdir, PDF in another, then create a "logfile" to locate stuff
- Keep notes organized by project, more concerned with content
Tech stuff
- How is a "schema" different from the ML?
- LaTeX is a superset for Tex
- Much more structured
- But easier to use
- And probably faster to describe things like formulas
- groff is pretty much the same syntax for marking up math
- Every computer science and math student needs to know TeX
- Built-in font is "Computer Modern"
- But there are commands to change to any other font for better legibility
- Donald Knuth wrote "metafont" to create fonts, TeX to do page layout
- Tex is primarily layout and presentation, LaTeX adds semantics
- Steve gives a brief overview of LaTeX document structure, logical and strict
- In typesetting
- Authors are just concerned about appearance
- Typesetters want more document structure
- groff is a typesetting language
- runoff for running online printers in the 1960s
- Bell Labs operating system created to generate output
- "We'll write you a typesetting language", just need an OS so they created Unix
- troff was the result "typeset and runoff"
- Author died suddenly, Brian Kernighan needed to reverse-engineer the code, rewrote in C
- SoftQuad got rights to the troff code, developed it before "SGML handbook", HoTMetaL
- Tied to Coach House Press
- Reminiscing about the old days when you could still talk to people in charge of major industries
- Phototypesetting: Steve gives a brief history
- Mindmapping tools
- Freeplane:
- Lots of features
- Non-linear editing
- decorate with icons
- Lua scripting language
- Freemind is another
- Both Java applications, for platform independence?
- Mindmanager is a commercial version for Windows
- Similar to WP outlining feature
- But you need to scroll up and down to find things
- Freeplane:
- Spectrum of file formats
- From binary data with human read-only output
- to readable input formats
- eg. JSON format is not a good human-readable language
- eg. YAML is for machine readable, not human
- XML is not as human-readable as Markdown either
- Markdown is an incomplete language, can't deal with some formatting issues
- Lists are a problem (but there is the pipe character
- Makes sense for XML to be more strict
- Machine needs to read the DOM
- Sometimes meaning of document structure disappears for human readers when a stylesheet is applied that alters appearance
- Typographic needs a structure like XML
- Can contain markup content that is not rendered, but gives typographic instructions
- eg. command to kern a paragraph
- Steve uses attributes as non-content typographic instructions
- If you need to pass structural data use XML
- Markup languages can target either humans or machines
- The more complicated the document structure, the more you need a non-human-readable format like XML
- Can contain markup content that is not rendered, but gives typographic instructions
- Books with indices lend themselves to XML
- also bibliographies, very strict for punctuation and capitalization
- Steve can apply scripts to a document to apply structure, strip out what the author has done
- Generate Tables fo Content from marked up content, don't cut'n'paste
- DRY - Don't Repeat Yourself
- What is the format that uses separate lines for markup, eg.
Heading ======= Subheading ----------
Requirements
- SGML and HTML and XML aren't meant for writing, but for semantic meaning
- More of an interchange format
- Editors need to be for getting content into the editor quickly
- Choose an editor or Markup Language for "pretty", how it appears
- or choose an editor/ML for semantic meaning
Future topics
- Scripting Languages
- Social Night in December, start earlier (6:00pm) for food!
- Internationalization, Localization Scheduled for May 2018
- Dark Web, Hidden Services Scheduled for April 2018
- Corporate Surveillance Scheduled for February 2018
- Fundraising Scheduled for Jan 2018
- Because KWNPSA may need to raise some funds ourselves in 2018!
Project Management
- Date
- Monday, 18 September 2017 from 7:00pm to 8:30pm
- Event Announcement
- https://www.meetup.com/NetSquared-Kitchener-Waterloo/events/243066154/
- Location
- Communitech Jelly Bean Room 1st Floor, 151 Charles Street West, Kitchener, Ontario Map
What is Project Management? How do SysAdmins provide support to Project Managers? What kind of projects directly affect SysAdmins? Do Non-Profit SysAdmins manage projects? What tools are available for project management? What server-based software exists for project management? Who provides outsourced project management? What standards exist for project management? What certification?
Let's bring together SysAdmins and Project Managers to discuss the state of the art. As always, we'll have round table discussion to ask questions, provide expertise, and share stories of past experiences.
--Bob Jonkman & Marc Paré
Resources
Project Management | Techsoup Canada
The Project Management Association of Canada
Canada's Technology Triangle Chapter | PMI | Project Management Institute
(unrelated) https://www.adminadminpodcast.co.uk/
These guys talk about being an IT administrator, whether thats a local desktop engineer, a cloud-native specialist deploying to cloud hosting platforms running Linux, or an enterprise Windows admin...
Meeting Notes
- Sponsorships
- We like NetSquared and TechSoup, but don't want the KWNPSA direction dicated by the sponsors
- Stickers were distributed!
- NaNoWriMo - National Novel Writing Month - good tie-in with Document Storage
- Discussing backups and formatting and document semantics
- File Formats -- tie-in with Document Freedom Day in March
- Introductions - SysAdmins, Typesetters, Software Testers, Software Developers, Teachers
- Not a single Project Manager, but all these projects!
What is Project Management?
- What is a project?
- Has a start and deadline, must have a goal, and measure of success
- Certain kinds of reports, eg. financial statistics, not part of the normal booking routine, eg. grant proposal, eg. special audit
- Contrast with regular operations, which may still have a continuous improvement goal
- Always implies collaboration, eg. a book
- Tasks of project management
- Eliminate Redundancies
- Optimizing the whole project, costs, resources,
- Set constraints and scope of the project
- Scheduling
- Distributing the responsibilities of labour and resources
SysAdmin role in Project Management
- Sometimes SysAdmin is the Project Manager
- Some projects start internally, others are imposed externally
- Server upgrades, reports and time estimates for operations
- Small companies may not have large project teams, people wear many hats
- Sometimes no diff between PM, Team Leader, Department Head
- Who are the "boots on the ground"?
- Again, communication flows are important, making sure it happens smootly.
- Avoid animosity by keeping communications open. There's not software for that
- Even software like Slack doesn't achieve this, needs people-to-people communication. Needs change, software doesn't keep up.
- Time estimates are horrible to figure out in IT
- Need buffer time,
- SysAdmin will have a good idea of time needed to perform tasks.
Software
- Manual techniques like sticky notes and whiteboards
- Gets transferred to software
- Requires stakeholders in a meeting, maybe video conference, not asynchronous tools like e-mail
- But getting contributions in a live meeting may be tough. After the meeting people finally got involved by sending e-mail
- Keeping the tone collegial is everyone's task, but bridge-building is definitely a skill for PMs
- Concurrence: Multiple people may need to access (Read/Write) the project data
- Is concurrence necessarily the best data management practice?
- We had vigorous discussion on the merits of document concurrency
- Good for managing sub-tasks, not good for overall project coherence
- We had vigorous discussion on the merits of document concurrency
- Lose focus of the project with too many simultaneous changes
- Is concurrence necessarily the best data management practice?
- Software licencing can be onerous -- cost of software, seat licenses, and audits
Specific apps
- Symantec Timeline circa 1998.
- Microsoft Project
- Project Libre
- Open Source has XML data format, anyone can read the data without having the software
- Cloud-based project management, eg. Basecamp
- 10 Cloud-Based Project Management Tools to Serve Every Company's Needs
- Google Drive?
- Etherpad? Nextcloud?
Project Management Standards and Certification
(wasn't discussed in the time available)
Stories
- Management dictates timelines, despite project management best practices
- Management dictates "buy from the lowest bidder", not based on project requiremetns
- Management dictates "Put the dev stuff into production", not following proper dev-test-prod protocols
- There is a gap for project managers that have one foot in the software dev world and another foot in the communications field
- PMs spend a lot of time speaking to both developers and management
- Need to teach better communication skills to developers to speak to Management
- although Management may not have the communications skills to listen to developers
- Discussion on the "Mythical Man Month", the book of project management gotchas
- Skunkworks may be more efficient and effective than following the full Project Management procedures
Monetization
- Date
- Monday, 21 August 2017 from 7:00pm to 9:00pm
- Event Announcement
- https://www.meetup.com/NetSquared-Kitchener-Waterloo/events/241820045/ iCal
- Location
- Communitech Jelly Bean Room 1st Floor, 151 Charles Street West, Kitchener, Ontario Map
How can a Non-Profit organization raise money from their services? Can a Not-For-Profit organization make a profit? Why do some NonProfit organizations have separate corporate entities for fundraising and their core business? How do NonProfit SysAdmins manage crowdfunding? How does monetization affect NonProfit status? How does monetization affect legislation concerning mailing lists? What does the NonProfit SysAdmin need to know to enable monetization on the Internet? What software exists to enable monetization?
Join us to discuss these and other ideas for monetization.
--Marc Paré & Bob Jonkman
Resources
Which Crowdfunding Platform Is Best for Your Nonprofit? | TechSoup Canada
Canada's Law on Spam and Other Electronic Threats - Home - Canada's Anti-Spam Legislation
Meeting Notes
What NonProfit Organizations sell stuff?
- Publishing companies
- Food co-ops
- Musical societies (CDs, services)
- Event admission for political groups, rallies
Two companies?
- If activities don't fit within the mission statement, then CRA may consider it a separate, for-profit company
- Charitable companies are particularly vulnerable, hassled by CRA
Drawbacks to monetization
- Need End-of-year reports, tax knowledge
- Need an audit/auditor over a certain amount (maybe $100K?)
- Tricky to justify certain kinds of income, esp if there is significant profit
- Need a budget that justifies certain expenses eg. equipment
- People don't have enough knowledge of IT systems to use them properly
- Using spreadsheets that don't integrate with financial systems
- But still better than a Word Document
- Frustrating for SysAdmins, who need to provide support
- No user knowledge of version control, journalling, &c.
- Using spreadsheets that don't integrate with financial systems
- The Treasurer position of a NonProfit has frequent turnover, no continuity
- Treasurer may be volunteer, unskilled for the task
- Some NonProfits deal with esoteric financials (book sales, royalties), may not have a system in packaged software
- Need specific information that the grant agency (that provides funds) wants to see
- Concerns with transparency, opening the books for the public
- Who maintains privacy of finances?
- Need a designated Privacy Officer
Methods of monetization
- "Legacy Gifts": Larger groups (orchestras?) are pitching bequeathing estates as donations, triggered by a will.
- Important to performance groups, as their audience ages
- In Europe, cities a fraction of the size of KW get government funding for the arts, so fundraising not necessary
- In Canada there are people hired by NonProfit art and performance organizations to do nothing but acquire funding through donations
- Integrate small NonProfit groups into the finances of a larger organization, eg. at a University
- But the reporting needs may not be adequate.
- Need to know about methods for funding proposals
- Software? Forms? Documents?
- http://career.publicoutreachgroup.com/ Facilitates fundraising for non-profits
- Community Foundations will organize the funding for NonProfits, eg. Kitchener-Waterloo Community Foundation
- Other arts groups set up their own foundations, eg. KW Symphony
- Or set up your own foundation, then the KW Community Foundation will provide the administration for it
What does a SysAdmin do to enable monetization?
- Not too interested in accounting
- Shopping carts on websites
- Not done internally, this gets contracted out
- Point-of-sale systems?
- Need to combine with sales data from other systems
- Provide integration to other systems
- Select and set up Crowdfunding platforms
Crowdfunding
- Has Crowdfunding passed its peak? It was the big thing two or three years ago.
- What criteria are used to select a Crowdfunding source?
- Techsoup: https://www.techsoupcanada.ca/en/community/blog/which-crowdfunding-platform-is-best-for-your-nonprofit
- Centre for Social Innovation in Toronto:
- Bring your own audience, your own following, before starting the campaign
- Pretty much everyone involved already needs to be in place
- Crowdfunding sites don't necessarily increase your reach, or attract more contributors
- Crowdfunding is good for devices, eg. Pebble Watch
- If you haven't reached your funding level in three months, it's not likely to fly
- There are "Crowdfunding Brokers"
- providing Consultancy, advocacy,
- Centre for Social Innovation trying to get social advocacy agencies involved (two or three years ago)
- City of Waterloo had a program to crowdfund Civic Improvements
- Had their own website
- People proposed their own projects, advocated for them, got the funding. Then the City would implement them.
- Thorough failure... People did not want to give money for things they had already paid for through taxes
- Education: Raising money for supplies, program was halted by the Ministry of Education: "We already provide funding for that."
Financial Software
Needs dedicated staff to manage privacy issues, but if your NonProfit Org has enough staff to maintain it, it's very effective
- Purchasing financial software also purchases the skills and expertise of building such a system (Lawyers, accountants)
- A way of recording transactions without requiring the expertise of accountants
- Avoid bitrot (spreadsheets may not be the same from one year to the next)
- QuickBooks?
- Has a non-profit module
- QuickBooks is common, but doesn't provide the detail for non-profits
- eg. selling worldwide through Amazon, QuickBooks doesn't provide geographic customer data
- Dedicated software provides more granularity in recording transactions.
- with QuickBooks you still need other tools to record other data
- Spreadsheets are prone to user error, eg. changing or deleting a formula
- Orgs hold fundraisers to pay for events
- Events themselves may raise funds through admission fees
- There exists fundraising software
- Similar to contact management software, eg. CiviCRM, Sales Force Automation, Symantec ACT!
- CiviCRM provides metrics, eg. number and amount of donations
- Metrics are really important for donations and ticket sales
- Good for larger NonProfit orgs, too complicated for small ones
- And with a list of donors, privacy becomes a concern
- Some integrates well with financial/accounting software
- Detects patterns of donations, sends out requests only at the correct intervals, or when donors are ready
- Coordinates with maturity of investments held by donors, when NonProfits can get a pledge.
- Good software can snipe other NonProfits looking for donations
- "Grant Station" (subscription software, available through TechSoup)
- TechSoup subscription is more flexible (cheaper) than purchasing directly from Grant Station
- Provides a list of Canadian and American grant agencies
- helps prepare online pitches for donations
- Hones your skills in preparing grant applications
- "Canada Donates" is also useful for NonProfits
- TechSoup Canada: Constituent/Donor Relationship Management
Accounting software:
http://www.techsoupcanada.ca/en/taxonomy/term/287
- Newviews
- QuickBooks
- MYOB (Mind Your Own Business) (defunct? Only in Australia?)
- Microsoft Money
- GNUcash (Free Software)
- Scrooge (chequebook model, not really for NonProfits) (FS, KDE)
- FrontAccounting (ERP)
Tax Software
- LibrePlanet Ontario: Free Libre Canadian Tax Preparation Software Project https://libreplanet.org/wiki/Group:LibrePlanet_Ontario/FLCTPSP
- UFile: worked under WINE (Wine Is Not an Emulator) until Win10
"If you're looking to monetize your NonProfit group, joining TechSoup is very beneficial." (spontaneous endorsement from KWNPSA attendee)
Template loop detected: Mail Management/Meeting Notes 2017-07-17
Malware
- Date
- Monday, 12 June 2017 from 7:00pm to 9:00pm
- Event Announcement
- https://www.meetup.com/NetSquared-Kitchener-Waterloo/events/239940239/
- Location
- Communitech Jelly Bean Room 1st Floor, 151 Charles Street West, Kitchener, Ontario Map
Breaking News: Dozens of countries affected by ransomware cyberattack (CBC News, 12 May 2017)
Are you protected from malware? On your desktop computers? On your servers? Does your staff have malware protection at home? Is anti-virus software enough? What's "ransomware"? What's the difference between a virus, a trojan, and a phishing attack? Does it matter? How do you protect yourself from malware? What's the best way to react to a malware outbreak? How do you recover from a malware attack?
We'll share our experiences in a round table discussion, and perhaps have a guest from the industry to provide some of the answers.
--Marc Paré and Bob Jonkman
Video
Malware discussion at NetSquared KW meetup (courtesy of Gheorghe Curelet)
Guest: Scott Smith
- Tekkshare demonstration by guest Scott Smith
- A Goods-and-Services marketplace for technical stuff based on Sharetribe
- Invitation for KWNPSA members to sign up, will waive commission for first year
Meeting Notes
Malware experiences
- from the days of floppy drives
- WannaCry ransomware
- seemed to be more prevalent on Win7, not so much WinXP
- Video on encryption in WannaCrypt ransomware: How WanaCrypt Encrypts Your Files - Computerphile
- Malware vulnerability assessments
- SSL Certificates and PKI
- Anyone who pays enough money to browser vendors can be included as a Certificate Authority
- Some CAs have issued invalid certs for well-known domains, eg. DigiNotar and google.com
- Certificate Authority Authentication is designed to protect against that threat: An Introduction to Certification Authority Authorization (CAA) - SSL.com
Platforms
- Apple malware, adware
- Nothing super malicious, but affects the browser, user libraries inc. user preferences
- Backup with TimeMachine, but that takes malware with it
- Free TV websites and proxy sites seem to be sources of malware
- Manual restore (not Time Machine) to restore each file individually
- AdAware bought by Malwareytes, good for Apple platform, free for home use: Malwarebytes | Malwarebytes Anti-Malware for Mac
- Android
- Large platform, biggest vulnerability
- Old, refurbished phones may be vulnerable, they don't get updates
- Same for routers, security cams
- Fragmentation in market, but providers (Samsung, Verizon) don't provide updates after a year or two
- Reluctance to update phones because it takes too long (10 minutes!)
- People are more likely to replace a device than upgrade it
- Both on desktop and mobile devices
- Change is scary, some people can't even deal with a moved icon on the desktop
- SysAdmins are not able to meet the expectations of clients
- Google is taking heat for lack of Android updates
- Thought it might have been like GNU/Linux distros (stable, testing, Sid), didn't work out that way
- Proprietary applications contribute to this, only Google can upgrade their apps
- CopperheadOS tried to address this with a secure Android OS, but constantly battles Google and vendors
People believe things are secure because they've paid the vendor lots of money, they don't pay the vendor lots of money because the products are secure.
Best defence: Make our purchasing decisions based on public data of vulnerabilities
- More security resources:
Mitigation
- Software for Non-profit organizations available from TechSoup: Server & Security Software | TechSoup Canada
- Treat the end-user as an adversary
- Focus on recovery instead of avoidance
- But should we treat people as adversaries? Technical solutions are not a panacea
- Backups!!!
- Risk management -- given enough time, the probability of being affected approaches one
- Training is necessary, but not sufficient
Defence in Depth
- Backups, backup rotation, offsite backup
- Training
- Updates
- Offsite storage (Cloud), store deleted files for 90 days (version control)
- But privacy issues with out-of-country routing and storage
- Buy-in from management to provide enough resources (money)
- Honeypot, canary - let SysAdmin know when certain files are being touched
Staff needs to know this Defence-in-Depth is being done, and when
Recovery
- Some people don't care about their data, just re-image the computer
- Shadowcopy in Window -- only Administrator has access, can't be encrypted by ransomware
- But malware knows Shadowcopy is a good idea, and will try to bypass
- How can you tell your files are encrypted?
- Applications can't open their data files
- Some malware leaves messages "This folder is encrypted"
- Stiller software (c. 1995) to identify modified files with checksum appended to all files; won't open or execute compromised files
Meeting Administration
- Time limits? 8:30pm
- Stay on topic
- May start at 6:30pm? Consensus, not...
Offsite Hosting
- Date
- Monday, 8 May 2017
- Event Announcement
- https://www.meetup.com/NetSquared-Kitchener-Waterloo/events/237779027/
- Location
- Communitech Jelly Bean Room 1st Floor, 151 Charles Street West, Kitchener, Ontario Map
Where are your servers? Are you self-hosting? Have you thought about professional hosting? What services does a professional hosting service offer? Do you need shared hosting? Do you need a VPS? What's a VPS? What's a colocation site? How much will all this cost?
Come share your experiences with self-hosting, shared hosting, and VPSes. Bob and Marc have the questions, and special guest Mark Steffen from indieServe Networks will have the answers.
See you at the meeting!
--Bob Jonkman and Marc Paré
Video
Offsite Internet servers hosting - YouTube (courtesy of Gheorghe Curelet)
Meeting Notes
- Today's guest is Mark Steffen from indieServe Networks
Selecting a hosting provider
- There's no "One size fits all"
- What do you need?
- Disaster recovery?
- Microsoft licensing?
- E-mail hosting?
What kinds of servers for a host?
- Dell servers at one place
- Had HPs, didn't mind them
- indieServe has some HP servers for colocation
- Lenovo, but there was BIOS based malware
- Liked IBM servers, anecdotally liked the reliability
- indieServe has all Lenovo servers
Offsite Hosting Problems?
- Shared hosting was OK for a while, but host was asking for more money
- Another company seemed perfect shared hosting (using WordPress),
- Works today, but lots of complaints on Facebook, so he no longer trusts
- Backups?
- Yes, keeping your own backups in addition to using the hosts' backups
indieServe Networks
- indieServe is hosting for KWLUG, KWVoIP, FairvoteWRC, KWPeace, &c.
- About $10/month for shared host
- No limits but on the honour system
- Keep it to one company per shared host
- Local non-profits may be able to get really good deal -- talk to Mark Steffen
- Also has VPS (Virtual Private Servers)
- Can do hosted Windows servers or domain
- Good for small file sharing systems
- Microsoft has a specific licensing arrangement for hosting providers
- Cost based on cores and sockets, plus number of customers
- Not cheap, $100's /month
- Similar model to Azure or Amazon AWS
Offsite Backups
- Some customers use offsite hosting only for data replication (disaster recovery)
- Do keep offsite backups encrypted
- For any backup solution check with Legal for PIPEDA legislation
- Cheap backup? 20¢/GiByte for storage is typical
- Backup software:
- Duplicity for Linux
- Cloud Berry for backup service
- DupliCaddy for Windows (Open Source, Beta software,supports SQL, kinda slow)
- For Windows, do full backup, then everything is incremental afterwards
- But it keeps a synthetic "Full" in the background
- With S3 or Azure, you can restore to EC2 -- get (almost) instant restore on external VPS -- really cheap disaster recovery
- Back Blaze (personal backup for $5/month, also B2 backup storage, .02¢/Gibyte?, $10/month for 1 TByte?)
- indieServe keeps hard backups (USB drives stored offsite)
Backup horror stories
- Hijacked truck (backups not encrypted, nobody knows who now has access to backup data)
- Encrypted backups corrupted (physical disk damage corrupted one block of data, cypher block chaining made rest of backup inaccesible)
- Bulk files corrupted (backup file is OK, but contained invalid data, making rest of the backup invalid)
- Tape backup is still the most dense storage for immutable backups
- Mark Steffen has techniques for redundant backup storage (good for ransomware attacks, &c.)
- How much backup do you need?
- How much data can you afford to lose?
- Have at least one automated backup in place
Selfhosting?
- Run your own service on a VPS or shared host (XMPP, Wiki, Social media) instead of using Facebook, Google, Twitter)
- Manage your own server, colocated in a datacentre
- Getting a DSL line (with multi-link support), and running a server on premises
- Managed hosting - servers in house or colo, but contract out the SysAdmin
Webhosting Management
cPanel
- Set up WordPress, &c.
- Handles updates, patch management, backups, email
- Installatron for managing applications
- Varnish is a cache in front of Apache, for bursty traffic
- cPanel is pricey? $20/month for bare metal, less for a VPS
- Keeping cPanel on a VPS makes it portable, allows cPanel admin to perform maintenance with no downtime
Zenserver
- A Virtual Machine host
- The free version is pretty unrestricted
- Use Zenserver to run cPanel
Cloud Linux
- uses CageFS,
- isolates users from each other
Other panels?
- CentOS Web Panel
- ISP Config
- Ubuntu MAAS
- WebMin, VirtualMin
- WHM is the management tool for cPanel
- WHMCS is a shopping cart / billing system for hosting
- But these apps may have security issues (PHP doncha know)
Reseller hosting
- Perhaps for Web developers, who want to manage resources for their customers
- Can add multiple accounts, lets hosting provider manage growth and resources
- Could be unlimited accounts, but typically 300 GBytes, good for about 50 accounts
Blockchains
- Date
- Monday, 10 April 2017
- Event Announcement
- https://www.meetup.com/NetSquared-Kitchener-Waterloo/events/237778947/
- Location
- Communitech Jelly Bean Room 1st Floor, 151 Charles Street West, Kitchener, Ontario Map
What's a blockchain? Is this all about math? How do I make Bitcoin payments? How can I receive Bitcoin donations on my Website? Are there other blockchain currencies? What services exist for blockchain currency exchange? Is blockchain technology good for more than just Bitcoin? What blockchain tools exist for Non-Profit organizations?
Marc and Bob ask the questions, and special guest Kris Stinson will be on hand to provide the answers!
See you at the meeting!
--Marc and Bob.
Video
Familiarization with Bitcoin and other cryptocurrencies (courtesy of Gheorghe Curelet)
Meeting Notes
- Today we're joined by guest Kris Stinson (@StinsonKris on Twitter)
- Lots of media attention, "blockchain this, blockchain that", they're trying to sell you a database
- Microsoft, IBM, governments (even Canada: Cancoin)
- Banks are threatened, unregulated currency (scary!)
- Japan has approved Bitcoin as a currency (legal tender)
- Legal (tax) ramifications: Capital Gains.
Video
- We watch a video with Andreas Antonopolis: Foremost educator on Bitcoin Blockchain for Beginners - YouTube
Types of blockchain currency
- CryptoCurrency Market Capitalizations
- Augur - a "betting" site; deals with contracts
- Based on Ethereum
- DAO - Decentralized Autonomous Organization
- eg. Ethereum
- A decision by this DAO split Ethereum into Ethereum and Ethereum Classic
- Now there are miners working on both branches of the blockchain
- "The mining network" determines whether a fork of the blockchain can happen
How does the blockchain determine "truth"?
- The longest chain wins
- "Rolling back the chain"
- database
- miners
Quantum computers?
- Will change the game!
- Winkelvoss brothers
- Own over 50% of bitcoin?
- This is a problem, they can determine the validity of transactions
Wallets
- Wallets are Public/Private Key encryption containers
- How to get a Bitcoin Donation buttton on our Non-Profit Organization website?
- Just need to publish your wallet's Public Key, no "button" required
- But Shifty Button | ShapeShift | The fastest way to swap cryptocurrencies. No account required
- This will generate a button for multiple currencies;
- Just copy 'n' paste your public wallet address
Other blockchain technologies
- Don't trust The Cloud?
- Authentication
- Filesystems
90 minutes was far too short to cover all aspects of Blockchain Technology; we'll invite Kris Stinson back someday.
Branding
- Date
- Monday, 13 March 2017
- Event Announcement
- https://www.meetup.com/NetSquared-Kitchener-Waterloo/events/237778855/
- Location
- Steve Izma's house, 35 Locust Street, Kitchener, Ontario Map
What's your brand? Do you have a brand? How do you choose a brand? Is branding important for NonProfit organizations? What is the value of a good brand? What is the cost of a bad brand? Have you ever changed your branding? How much work was it for the SysAdmins? Did you have re-do the Web site? The e-mail addresses? Business cards? Letterhead? What legal considerations are there for choosing a brand?
Bob and Marc have the questions, together all of us have the answers.
See you at the meeting!
--Bob and Marc
Meeting Notes
This meeting ended up being more about our own re-branding needs, and the business of running KWNPSA as a non-profit organization. We'll have another session in the future on Branding to discuss the experience and gather the advice of other organizations.
- We started with a discussion on the different syntaxes used in markup languages, eg. Markdown, Mediawiki, PMWiki, MoinMoin...
Hosting Services
- Many Non-Profit organizations are migrating from CCj/Clearline (Steph Smith, Cedric Puddy) to IndieServe (Mark Steffen)
- Marc Paré will take over the hosting for KWNPSA
- Marc is currently using 123EHost.com
- This is for the interim, until Marc has his own server set up
- The hosting OS will be Mageia
- Mailing Lists
- Steve Izma will be the Mailing List Manager
- We currently have our Discussion and Announcements mailing lists on CCj/Clearline
- Steve will look after the mailing list migrations as soon as Marc has Mailman set up
- Wiki
- Mediawiki is being used by everyone at this meeting,
- Currently being hosted at http://sobac.com/kwnpsa by Bob Jonkman
- Will be migrated after Marc has set up the Mageia server
Sponsorships
- CIRA - Has provided $100 for the previous and this meeting.
- TechSoup - provides low-cost Microsoft licenses to Non-Profit organizations
- NetSquared (part of TechSoup) is an umbrella group for Non-Profit organizations' IT staff
- If we get a venue without A/V facilities, can NetSquared sponsorship provide, say, a projector? Marc to ask Eli...
- NetSquared (part of TechSoup) is an umbrella group for Non-Profit organizations' IT staff
- Microsoft
- We will gladly accept Microsoft sponsorhip and host an evening dedicated to Microsoft products
- Perhaps have as a guest speaker a product specialist from Microsoft?
- We will continue to focus on Free Software / Open Source solutions at other meetings
- We will gladly accept Microsoft sponsorhip and host an evening dedicated to Microsoft products
- Google
- Apparently Google is a sponsor or a member of NetSquared
- but we have not seen support from our local Google office, eg. request for a venue
- Apparently Google is a sponsor or a member of NetSquared
Formalizing the KWNPSA group
- The formal structure of the group will consist only of a Treasurer
- Marc Paré will be Treasurer, will take care of any finances received from sponsors, donations, &c.
- Funds received from sponsorships &c. will be used for venues, hosting costs, domain name costs.
- Bob Jonkman will ask Eli van Giessen to re-brand the meetup.com group as KWNPSA - Kitchener Waterloo Non-Profit System Administrators -- a NetSquared Group
Marketing KWNPSA
- Business cards?
- We need someone to design a KWNPSA logo
- The KW part is important to our geographic locale; highlight or separate KW from NPSA
- Marc Paré has found with other organizations that business cards are just as effective as posters
- We need someone to design a KWNPSA logo
- Let more people know that KWNPSA exists
- Marc has a list of local KW Non-Profit organizations List he has contacted about 100
Meeting format
- KWNPSA has a collegial Round Table Discussion format, which suits Non-Profit organizations
Mailing Lists
- How do we deal with badly configured MUAs (Mail clients) that try to reply to the Announcements list?
- Do we need two separate lists?
- Steve Izma will investigate the use of "child lists" in Mailman
- "Child lists" will allow "Discussion" to receive "Announcements" so people only have to subscribe to one list
- DMARC problems
- Steve will activate "munging" on Mailman so badly configured mail hosts like Yahoo Mail will accept messages
- We will have KWNPSA branded e-mail addresses
- To be seen if this helps or hinders the DMARC problem
- Lends authority to Announcements; requests for venues, &c.
- Marc Paré marc.pare@kwnpsa.ca
- Steve Izma sizma@kwnpsa.ca
- Bob Jonkman bobjonkman@kwnpsa.ca
- Available to anyone who helps organize the group
Wiki
- Meetup.com is closing its Discussion Forums where we used to publish Meeting Notes
- Paul Nijjar has a .gzip file of all meeting notes
- Bob Jonkman will upload these to the Wiki (they're in the Public Folder as npsa.tar.bz2)
- Public folder (RO): http://sobac.com/owncloud/s/CQr2YmVw6VZ91We
- Upload folder (R/W): http://sobac.com/owncloud/s/35Gyy6yTOG5Ak9z (contact Bob Jonkman for the password)
- Steve Izma will write a script to convert these from Markdown into Mediawiki syntax and upload them
- Bob has been testing different data structures on the Wiki, eg. transclusions for meeting announcements, sub-folders for meeting notes.
Branding
- Description of group: Resource Group for Information Technology in Non-Profit Organizations
- Similar to a Mission Statement, if not identical
- Also the Vision -- use one phrase for all
- We will refine this description on the Discussion List with other members
- Are we KWNPSA or KW-NPSA?
- It's a non-issue, we'll spell it out in full on posters and whenever we make announcements
- Let's see what the Business Card designer does
Venue
- Marc Paré will pursue Communitech and the Downtown Community Centre for "venue sponsorship"
- A venue at Google may not be possible (high security facility)
Meeting notes taken by Bob Jonkman.
Estimating Time and Resources
- Date
- Monday, 16 January 2017
- Event Announcement
- https://www.meetup.com/NetSquared-Kitchener-Waterloo/events/234260371/
- Meeting Notes
- https://www.meetup.com/NetSquared-Kitchener-Waterloo/messages/boards/thread/50529155
In IT we are often asked to estimate the time and resources assorted tasks will take. Often these time/cost estimates are tied to funding, grants, and resource allocations. Unfortunately, many of us struggle at coming up with estimates more accurate than "it will take longer than expected". What are some strategies and best practices we can use to come up with better estimates? Under what circumstances does estimating things become easier? Harder? Under what conditions should we spend a lot of effort making estimates, and under what circumstances should we not?
When have you had good experiences making estimates? When have you struggled?
As always, bring your experiences and questions. Also, please spread the word about this meetup so that more people who do nonprofit systems administration will become aware of it.
Announcements
- Laptop Rescue Mission this Saturday, 21 February 2017, 4-8pm
- Does somebody want to take over the group?
Taking Over the Group
- Is there a venue available?
- QSC is noisy
- Other TWC spaces need staffing
- Meeting at Steve's house?
- Will anybody take the mailing lists?
- New organizers: Bob Jonkman, Marc Paré.
- Should we be on meetup?
- mailman does some of this
- NetSquared does not help with promotion
- meetup has a large user base
- there is a blog and a wiki already
- there is a twitter account
- They want the group to be face to face
- Bob likes the peer to peer conversation
- March meeting's at Steve's house
- Marc will look for other venues
- Communitech has space available to tech groups: Marc
- Moving the mailing lists: Steve
- Marc can host on his server and get a domain name
- Future topic: Project management software
Meeting Notes
Discussion Points
- What are strategies and best practices to get better estimates?
- Under what circumstances does estimation become easier?
- Under what circumstances does estimation become harder?
- When should we spend a lot of effort making estimates?
Discussion
- Horror story: server installation
- building a server room that needed dedicated cooling
- he estimated power consumption of each device
- UPSes only need to be sized for the running current (they are built to handle startup current already)
- He ended up overestimating by three times
- The air conditioner would freeze the pipes and everything would shut down
- He looked up currents instead of measuring them
- How do you deal with the exhaust heat?
- The UPSes had meters for measuring electricity draw
- But then they dismantled the server room for other reasons
- When is it easy?
- Figuring out spending is easy?
- In the horror story they sized based on existing equipment
- Looking up specs can be difficult
- Never?
- When you have done this project before?
- There are differences between software and hardware
- But sometimes you make software similar to the stuff you made before
- When you can look at projects similar organizations have done?
- How do you get that information?
- Figuring out spending is easy?
- Mythical man month comes into play
- You cannot predict how managers will manage the project
- Example: replacing a network was the single largest line item
- It is harder than you think always
- There is always effort associated with making estimates
- When is it worth the effort?
- When projects are expensive
- When projects are tied to specific grants
- Waterfall vs agile software methodologies
- Don't estimate everything at the beginning
- Can you make estimates a little at a time?
- But budgets are always waterfall, not agile
- But we tend to overengineer things
- But then your results are rejected
- Projects always have unanticipated things
- It is expedient to underestimate costs to win contracts and political support
- What will future maintenence costs be?
- If you lowball costs then you get approved
- Who pays for the overage
- But operational budgets are overestimated so that you get a surplus later
- End of year rollovers are political
- Surpluses are seen as weaknesses, not frugality
- This applies to nonprofits as well
- Bureaucrats look good when they give large amounts of money
- There are not good incentives to share funds across departments/projects
- Does that mean IT is always having to convince management for funds?
- IT is always a cost sink
- But technologies can reduce labour costs and stop people waste time
- Workers should enjoy the additional gains from productivity gains
- How do you position yourself so that you get buy-in?
- Get the people who are affected to talk to management too
- Sometimes estimates are done to argue for funds and sometimes they are used to find projects that should not go ahead
- If you know that you are going to need something then just go and do it
- But senior management does not trust the estimates, so they hire consultants, which causes conflicts
- It is less important to estimate when you have projects that can be done in small stages (instead of projects that need to be done all at once).
- If the project is small it makes less sense to make estimates
- Pilot projects can help figure out long term costs
- Projects can be broken down by scope
- Sometimes estimates are not honest, but designed to underbid the competition
- Who pays for the overruns?
- There can be penalty clauses in these contracts
- Getting the lowest contract can be a problem
- If you incur penalties you get taken off the list of approved contractors, but you just change your name and try again
- This can result in lawsuits
- There can be completion bonds, etc
- As soon as lawyers get involved costs go up dramatically
- It can be a problem when sales team promise things without telling engineering
- Doing estimates can give you a ballpark about the costs
- but now you may have to have consultants vetting other consultants
- To some extent you can play vendors off against each other
- Big software companies will have pre-sales engineering teams to help you figure out your costs
- They can also outbid you if they want
- How do you deal with projects where you have blown the time constraints?
- You can hire subcontractors
- Drop parts of the project
- RFPs can tell you what they have to offer
- They can help you anticipate some of the pitfalls
- Do requirements documents of what you need
- Talk with the vendors/engineers from the companies
- But the vendors will not tell you the horror stories
- People's behaviours can change once the ystem changes
- eg people beginning to use email as file storage
- Breaking down projects into chunks
- This shows you things that you are missing
- Then you can better understand what the project is
- Start aspects of the project that you can learn from and what different tasks are involved
- But you cannot do this with monolithic systems
- Fixing technical debt is more work than starting fresh
- Don't be tempted to give the estimate right away
- Be prepared to charge extra when the estimates increase
- Sometimes competitive bids boil down to who you know?
- This is not necessarily bad because of trust
- But the well-known vendors have more experience winning these bids
- If you start out at a big vendor and branch out on your own you can receive trust
- Talk to other people who have done the same thing
Documenting Things
- Date
- Monday, 12 December 2016
- Event Announcement
- https://www.meetup.com/NetSquared-Kitchener-Waterloo/events/234260323/
Much of our September meeting revolved around documentation. How do we ensure it gets written when there are so many other priorities? How is it maintained so it does not go out of date? How do we index it so that it is easy to find the information we need when we need it? What tools have we found most helpful in creating and maintaining documentation? What things are important to document, and what things can be skipped? As always, bring your experiences and questions.
Meeting Notes
(Notes by Martin Edmonds)
Best Practices
- Create documentation for users: “How To” & “FAQ” documents on Wiki so it can be self-serve or you can pass on links when users ask questions
- Consider formats for defining requirements:
- Consider: security, auditor controls, speed, backups, file permissions
- Ask client where data coming from
- Weigh balance between: need for documentation versus the effort that it requires to develop
- Don’t document same info in multiple places or it is more work to maintain
- Get data into a structured format that data can be entered once and it will ripple through to every relevant place
- Too much documentation may never be used; Keep it simple with what is most important
- Know your audience
- Videos have advantages, but you can’t scan through or search to find what you want
- Short instructional video on a specific topics can be helpful
- Consider security: are multiple levels of access required to documentation
- Consider paper versus electronic forms of documentation
- Think about what someone would need and how they would find it, if you are not around to show them.
- Keep it in a standard place. Don’t keep documentation on your personal computer or account, because other people won’t be able to find it.
- Keep in a place where you can give access to someone else but is not accessible to people who should not get it
- Include examples in the documentation
- Include why you did something (not just what you did)
- How do we make sure that it is done
- Make it easy to document
- Allocate more time to do documentation
- Set aside time at the end of each day to update documentation based on what you worked on that day
- Document as you do it
What to Document
- Enough to get a person started (in case person with knowledge is no longer available)
- Overview of where documentation is. (big picture view)
- Explanation of what is done on repeated basis at certain times (eg. Holiday posting done each year)
- Document characteristics of users. For example: user expectations, knowledge, tendencies, tolerance for flaws, etc.
Tools
- Word processor is not ideal since the documentation should be structured so that it can be queried
- Wiki: forces you to think of structure; easy to create new links to new pages; good for collaborative authoring; manages revisions;
- A wiki is not as simple to use as a word processor, but non-programmers can update document using wiki
- Using a wiki may discourage some people from commenting because of learning curve
- Requires a good editor
- Can preview documentation through wiki
- Wiki is not great for multiple security levels of access to documentation
- Tools to consider
- OneNote
- “Remarkable” use on a tablet for taking notes at a meeting
- Data Base: such as Access
- Cloud based: Eg. Google Keep, Google Docs
- Sharepoint
- Video and screen capture: eg. SnagIt or Jing or
- Tools that come with Windows: “Recording Steps” or “Snipping Tool”
- Word processor or spreadsheet are very easy to use, That is what people know how to use. Those are not ideal, but any documentation is better than no documentation
- Ticket system which will capture what you did to resolve issue
- For documenting Network: “Lan Sweeper” or “nmap”
Thanks to Martin Edmonds for moderating this month.
- Event announcement: https://www.meetup.com/NetSquared-Kitchener-Waterloo/events/233388765/
- Meeting notes: https://www.meetup.com/NetSquared-Kitchener-Waterloo/messages/boards/thread/50337067
Regulatory Compliance
- Date
- Monday, 14 November 2016
- Event Announcement
- https://www.meetup.com/NetSquared-Kitchener-Waterloo/events/233388765/
Many non-profit organizations are involved in government-regulated services such as health care, employment acquisition and training. Other activities require adherence to other laws, such as building codes. How do you keep track of all the regulations that you need to follow? How do you store compliance documents such as sign-offs, NDAs, and contacts? What do you use for secure document storage and transmission? How do the SysAdmins get along with the Lawyers? When is encryption required? What do you encrypt and when?
Meeting Notes
- Must consider retention and retention periods of email and other documents (almost any document can be considered a legal document)
- In addition to govt regulations, must consider industry practices & standards
- Following of the Ont. Non-Profit Corporations Act (ONCA
- Maintenance of email lists:
- use double opt-in
- using email lists only for stated purpose
- offer mechanism for requesting to be removed
- On website for incorporated organization (In Europe, but not yet in North America)
- need to specify if cookies will be saved
- need to specify physical address (required in Europe)
- Considered a member of a non-profit (in some cases, even attending an event can constitute you as a member)
- Adherence to Copyrights laws when photocopying
- What responsibilities does organization have when providing internet access to public
- Audits from organizations that grant non-profit status or organizations that provide grants
- Software audits (Eg Microsoft ensuring license adherence)
- Need to be very careful about mailing lists and keeping them up to date to prevent mails to the wrong person
Storage
How do you store compliance documents such as sign-offs, NDAs, and contacts? What do you use for secure document storage and transmission?
- LotusNotes used to route a document and get sign-offs along the way
- Block chain systems (discuss further in future meeting)
- Electronic forms on secure file server or encrypted device
- Encrypted data.
- TrueCrypt
- There are some known vulnerabilities in the Windows version.
- Veracrypt is a fork of TrueCrypt).
- Luks container
- Offsite (using send command)
- ZFS (a file system)
- TrueCrypt
- Indicate on top of email who is the intended audience of email. Legal disclaimer on the footer telling you not to read an email if it does not pertain to you.
- Encrypted email systems eg. Enigmail (a thunderbird plug-in)
- Online service to encrypt mail eg. Proton Mail, and Tutanota
- Signal, Telegraph, and WhatsApp for encrypting instant messages
Potential topics for future meetings
- Block chain systems
- Book: London Review of Books had two stories by the same author Andrew O’Hagen
- Ethereum (a programming environment built on top of Block Chain)
- Accessibility rules
- Document storage formats (ODS, etc.) could be combined with document management systems
KWNPSA Meeting Notes for 2016-10-17
Smooth Succession
- Date
- Monday, 19 September 2016
- Event Announcement
- http://www.meetup.com/NetSquared-Kitchener-Waterloo/events/232556568/
Sooner or later, people move on. Sometimes they leave for greener pastures and sometimes they just leave. Sysadmins tend to have a lot knowledge about the systems they work with, and often their knowledge is in their heads and their heads alone. As responsible sysadmins, how do we transition out of our jobs without our organizations collapsing behind us? How do our replacements learn the institutional knowledge they need to keep things running? What best practices can we implement to document and share knowledge so that others know what is going on when we are hit by buses?
Future sessions
Documentation
- What do you document?
- What tools do you use?
Coming up with time/effort estimates?
- How do you be realistic but efficient
- How do you justify unanticipated difficulties
Questions
- Have you taken over from another person leaving? What was helpful? What was frustrating?
- What preparations have you made so that future people can successfully transition into your work?
- What barriers and challenges are there to smooth succession?
- How do you transfer institutional/oral culture?
- What best practices are there for documentation?
Meeting Notes
Our IT hats
- Schoolteachers: often one person gets picked to wear the IT hat
- 50 staff, 300 students
- He deals with tech support questions
- The board has a regular IT department but the ratio is high: 1 person for thousands of users
- Tickets take a lot of time to resolve from the IT department
- Teachers often have to pick up the slack
- The IT staff they get in now are younger
- The software stack seems to work better now
- Software compatibility would break when deployed
- eg a network game would break everything else
- Now they test deployments better
- But this reduces spontaneity
- What about interaction with the school boards? How do documents get passed around?
- This is more centralized now
- They were going to give all kids their own email accounts
- Schools have logins for their kids now
- Some school boards do BYOD (Bring Your Own Device)
- This is cheaper for the school boards, which can't keep up (and budgets are tight)
- They use the same number of IT staff for the Catholic school board as they did for the entire high school system
- This probably implies web interfaces for everything
- Small non-for-profit, 25 staff
- Prior to joining his director was the primary IT person
- They signed a contract for hardware/software support
- Now there is an IT committee
- He made the mistake of admitting that he "knew about computers"
- The organization decided to move to a cloud based service (Sharepoint) with a data migration
- This was somewhat painful because the outside supplier did not tell them about their slow upload speeds
- He does software/hardware problem solving
- He does software upgrades: Office 2013/Office 365
- Does training on the Sharepoint move
- They are trying to transfer knowledge from the director's head to the collective
- They have a local server
- They also do BYOD
- Getting information for connecting computers to the server is tough
- How can staff do their jobs day to day
- Do people prefer Office 2013 to Office 365?
- There is more functionality in Office 2013
- eg they have a room booking spreadsheet that has pane-freezing problems
- Do people have problems with file versioning?
- Not really
- They have had communications problems with outside tech support
- Even doing hardware audits and internet connections was tough
- Getting people up to speed in Sharepoint is a big issue
- People have problems adjusting to change
- Where is the storage? It is all on the Microsoft cloud
- How do you deal with shared documents on Google Drive?
- You can map your own drive to a drive letter but cannot access shared drives
- OCAML FUSE driver under Linux for Google Drive: https://github.com/astrada/google-drive-ocamlfuse
- Approaches to succession at a large company
- There were procedures that were documented in a lot of detail
- Important for time-sensitive stuff (eg batch jobs)
- People did document well
- You could search a spreadsheet for jobs to diagnose
- Disaster recovery testing were documented in a lot of detail
- He participated in disaster recovery one year
- A coworker then started the next year, and he gave pointers
- The documents were well-written and a good guide
- Reviewing the documents well before is important
- Management was invested in making sure that documented were well done
- Another co-op job was not as smooth
- A small one-person operation was not documented well -- much of the knowledge was in this person's head
- Maybe this person should have done more documentation
- The boss was very time-conscious, so he documented only the most complex issues
- Writing things down is a good buffer for dealing with remembering stuff that is on screens
- Is commenting code financially efficient? There is a short-term/long-term tradeoff.
- Implementing better error tracing can be used by future people
- He was working for a small startup where the emphasis was getting things as soon as possible with no succession of any kind
- There ought to be good handoff procedures
- This can be an issue with Google Summer of Code: people hang out for four months and leave
- But sometimes there are good changelogs
- Succession horror stories (small nonprofits)
- He would like people to assign administrator access
- Most organizations are staffed by nontechnical people
- When going to new organizations
- He had to explore how things are hooked up and why
- Naming conventions were weird
- He changed some of the printer names and got into trouble because it messed up the network documentation
- Other places have been decomissioning jobs
- He had to document everything before shutting things down
- Big municipality had a good disaster recovery plan
- Nobody should have to think in order to get things back up
- Problems: system change and then documentation goes out of date
- One on one training is better than doing no documentation
- He worked for an insurance company. Their disaster planning was based on insurance.
- This is called "key man insurance"
- Worked for a university press
- He kept the job for 30 years
- He had a lot of autonomy in writing his job descriptions
- Early on they had their own UNIX system and some people on Windows using UNIX tools
- User training was not difficult because typographers know how to type to get stuff done
- But in 1999 things changed. Kids these days! They only know how to use word processors
- Passing on old skills was hard
- When he went on leave he hired a friend who knew the same skills
- When he was getting closer to retiring there were a lot of meetings about the stuff he did. Other people were learning this but others didn't think they could handle the whole thing.
- The people who took his job have good communication skills and could change things to their preferences
- He found that his meetings were collaborative and good for problem solving
- Things are going well but are slower
- eg there are fewer spreadsheet manipulation abilities
- There is documentation in wikis. People can read them but not write to them easily.
- Have others dismantled your work since you left?
- Yes
- They were thinking of shutting down the Linux servers
- They were going to migrate the functionality to a virtual machine
- The server ran for a year without being rebooted and continued to work
- Working with text files on local servers can be simpler than the cloud, because of black boxes
- He had a lot of discipline to the structure of the data
- black box: you have a promise of input and output, but you don't know what is happening inside
- If the input data changes then everything can get messed up
- Can you troubleshoot problems when they come up
- Black boxes mean you can change the inputs and examine the outputs, but this is trial and error
- Is there good software for putting bounding box information on EPS information. He found a script that worked that was made of Perl and shell script.
- At TWC
- Lots of complicated infrastructre
- Some of it is documented but documentation goes out of date
- People come and go
- Understand everything about everything
- Oral culture (both positive and negative)
- Documentation is like survivalist training
- Documentation that gets used stays up to date
- Some documents are used frequently
- Write down passwords in a shared (encrypted!) document
- Multiple people working on a door system means documentation gets written
- Documentation that is hard to write and hard to update does not get written (or gets written and is useless)
- Text only
- No screenshots unless absolutely necessary
- Trivial update mechanisms
- DRY : Don't repeat yourself
- Trivial to search
- OneNote
- Plain text
- Documents with good search
- Email (yes, really)
- Write documentation as you go
- Too much documentation is kind of better than too little
- If you learn things twice then document carefully the second time
- Some people consider lack of documentation as job insurance
- HOWTO files can be helpful
- Make things as self-documenting as feasible
- Drop README files in source folders
- Inline comments
- Documentation as file names
- Log files and version control are forms of documentation (if you have the discipline)
- etckeeper is good for Linux systems
Best Practices
- Mind the bus factor and stay away from public transportation
- Don't store documents in someone's personal folders
- Having good documentation is helpful. How does it get created?
- Never admit you know computers
- How do you keep documentation up to date as things change?
- Make documentation accessible
- Get good at trawling other people's work
- Do regular training for staff and volunteers
- Forcing people's hands can help
- Start people small if you can
- This way you can assess their skills and commitment
- Make new people do documentation as they work
- This helps them learn the systems
Worries and Challenges
- Being the person who gets hit by the bus
- How do you spread information?
- Continuous learning by staff -- raising everybody's level of knowledge
- Management may not be on board
- Do people understand that not having long-term planning leaves them vulnerable?
- You can't boss around volunteers as much
- People think that the cloud solves backups and IT administration
- How hard will it be to step into a new position?
- When we are unemployed because we don't have the tools
- Money becomes a huge issue
- Getting access to hardware is an issue
- How many times will you be called after you left?
- Will you remember your old work
- There is a sense of liability -- who is responsible when things break?
- Choosing the wrong successor could be a disaster
- Finding time/resources to transfer knowledge
- Sometimes you need to be inefficient to be effiencent
- Letting other people do the thing even though you could do it faster and more efficiently
- Letting other people do the thing in ways you would not do it
- Giving people good base levels of knowledge helps
- How do you learn the system while being careful and not destroying everything in a burning ball of flame
- How do you make a good impression and getting things done both quickly and correctly
- Sometimes contractors get commissions with promises they cannot keep
Financial Software
- Date
- Monday, 15 August 2016
- Event Announcement
- http://www.meetup.com/NetSquared-Kitchener-Waterloo/events/232234165/
What kinds of financial software are appropriate for nonprofits? What does your organization use? What work is involved in supporting it?
Questions
- What financial software does your organization use?
- How do you migrate between software?
- What considerations do you factor in?
- How do you support this software?
Announcements
- Upcoming meetings? Fold the group?
- Free software for nonprofits
- What do we want out of the group?
- Proselytize free software? How do we get others to adopt free software?
- What makes people use free software vs proprietary?
- Hiring policies. Windows people are replacable?
- Recruitment drive?
Meeting Notes
- It was difficult to get accounting software for Linux without paying a fortune.
- We should be concerned about financial software
- Writing different interfaces (eg for batch jobs) is difficult
- Sysadmins usually do not decide this software. Accountants do.
- There are specific needs for payroll, HST, auditing
- There is a high learning curve
- Brendan uses SAGE because of payroll
- Quickbooks requires a service to deal with payroll
- Personally Brendan uses GNUCash
- NewViews
- hierarchical accounting that looks like a spreadsheet
- It was made for DOS and Windows
- It has a high learning curve
- TWC moved from the DOS version to Windows
- People at banks prefer correctness over efficiency
- Brendan keeps tracks of accounts for several nonprofits
- They were both using some ancient DOS program
- They migrated their infrastructure to Access databases
- They have multiple systems that have to manually reconcile things?!!!??!!?!!
- It is possible to use TeX as an accounting system
- With spreadsheets as input
- Who else maintains this?
- Why can't some Drupally solution come in and take over this space?
- There are consulting companies: eg http://www.parit.ca/
- The core of financial software are:
- Sales
- Financial transactions
- Different accounts
- The non-cores:
- Reports to funders
- Payroll
- (ObTopic) Is the cloud going to eat everyone's lunch?
- Freshbooks is on all the podcasts
- Integrating with banks is not so easy with GNUCash
- You also have to make sure the cheques have been written correctly
- How about hledger/ledger?
- Why can't this all be federated?
- IIF : Intuit Interchange Format (proprietary)
- OFX : open standard used by Microsoft Money : http://www.ofx.net/
- Not an API thing?
- Companies vary in what their expenses are and their categories?
- In publishing:
- There is some key information in invoices
- People need to respond to invoices from printers
- Different industries have come up with their own standards (EDI)
- EDI: Electonic Data Interchange
- Used for Business to Business transactions
- Banks have worked out how to exhange data amongst themselves
- In libraries: somebody wrote http://www.libraryelf.com/Default.aspx that requires you to give your credentials, and it tells you when your books are due.
- Companies decide WHEN to pay invoices to maximize their cash flows
- If you pay early then maybe you get a discount
- Can computers help with some of these problems?
- You favour certain relationships over others
- Quickbooks works under Linux using WINE?
- Studio Tax and UFile will work for tax returns in WINE
Considerations
- What people know
- People like their Word and Excel
- Migration costs are very high -- there has to be lots of benefit
- There are a bunch of updates to payroll and HST
- The software is always under development
- Upgrade costs are very high -- once you make a choice you are kind of stuck
- Accounting software needs to be customized to the particular needs of the organization
- Internal formatting is different from reports
- If internal structure is good then maybe making add-ons is feasible
- Humans will have to input most of the transactions?
- But there are point of sales
- Accountants need to verify the receipts
- Robust interfaces are important to avoid input errors
- Can the bookkeepers use the software?
- Does the software interface with the services (ADP) that the organization uses?
- What are the security implications of data breaches?
- Information leakage about things?
- Corporate surveillance? Future products?
- Know what your prices are?
- Know what different employees are paid?
- Medical/dental data
- Maybe you can't have plugins because that has the potential of violating integrity
- Can't proper transaction logging fix this?
- You close books at the end of the fiscal year
- This freezes accounts
Migration
- Take an end of year fiscal snapshot
- Move the summary to the new program
- Quickbooks will let you upload your desktop information to the cloud
- But you can't get the data back!
- Maybe the competitors will let you upload to THEIR clouds
- But Quickbooks does not support backwards compatibility on the desktop either
Back to: KWNPSA Meeting Notes
KWNPSA Meeting Notes for 2016-06-13
KWNPSA Meeting Notes for 2016-05-09
KWNPSA Meeting Notes for 2016-04-11
KWNPSA Meeting Notes for 2016-03-14
KWNPSA Meeting Notes for 2016-02-08
Estimating Time and Resources/Meeting notes for 2016-01-11
Collaborative Editing Tools
- Date
- Monday, 14 December 2015
- Event Announcement
- http://www.meetup.com/NetSquared-Kitchener-Waterloo/events/223909896/
How do people work together? How do you deal with privacy concerns? What tools work and what have problems?
- OneNote
- Etherpad and friends
- WebEx
Meeting notes
for 14 December 2015:
Many users want to use collaborative editing tools.
- What do you use?
- How do you deal with privacy concerns?
- How do you manage backups?
- What are the strengths and weaknesses of these systems?
- When are they best used?
Options
- Wikis
- OneNote
- Etherpad
- WebEx
- Slack (Mattermost?)
- Sharepoint
- Google Hangouts
- Google docs
Observations
- GoToMeeting is better than WebEx
- WebEx: poor audio
- Pretty expensive? ($50/month)
- Like Skype for 1-many
- There are different classes? Wikis are different from WebEx
- Wikis: collaborative editing
- GoToMeeting: realtime conferencing/interacting
- How can people work together on documents?
- LibreOffice tends to use Google Hangouts
- Hangouts allow multiple video and sound
- LibreOffice will also use IRC
- This is for discussions
- The kids use Google for everything
- Google docs allow you to edit simultaneously and chat
- They have versioning
- Marc backs up Google docs once a month into a zipfile
- You can choose the format
- Should we all embrace the Google?
- LibreOffice is trying to work on OneCloud
- This could be released next spring
- The internal file structure is well known
- Google Drive will let you mount a drive for Google Docs
- LibreOffice will let you edit files from Dropbox
- This is different than having documents mirrored on local drives?
- LibreOffice is a "do what you like" community
- eg there is little interest for any Android devs to develop an Android version, so they are contracting out the work.
- OwnCloud lets you edit LibreOffice collaboratively (without locking)
- This is like Etherpad
- But you cannot do spreadsheets
- Wikis are for structured text; Google docs are not (necessarily?)
- You need guidelines to put documentation into reasonable shape
- You need to handle your backups yourself
- Images have to be handled differently
- Back up each database separately
- Bob generated a 300MB --all-databases file
- He cannot restore the database properly
- Does that mean his file is toast?
- No, because he can chunk it apart
- But that is difficult
What do we want for collaboration?
Why is it more helpful to have multiple people collaborating?
- Conference organizing: You can have 5-6 people on a conference call all looking at the same spreadsheet.
- How do you decide who is taking care of each part? You play nice.
- The editing is not completely random
- Do you need to have a meeting? Not necessarily
- eg Agenda items
- eg collaborative web page editing (Etherpad/UbuntuPad) with text chatting
What is a typical number people who can play nice?
- Maybe 10?
- Sometimes a few people dominate
- Some people can't work like this; they have to take the document home
- But some people think they want to take the document home and then are won over to collaborative meetings
- Some people wreck everything and thus have to be limited to commenting
Grammar skills can be an issue. Can you assume good grammar?
- As they type content you can follow behind and edit
- It is most important for people to get their ideas out
This is similar to a writer's group
- Comments should be constructive
- This works best face to face (because criticism is hard)
People don't go into technical writing because you like creative writing
- Clarity is important in both, however
- Marc's group was reticent to use Google Docs at first, but they were won over
- They found chat to be efficient while editing the document
- He found the visual (Skype) harder
Marc worked on mumble for voice chat
- It is low resource
Is face to face or messaging easier? It depends on the group.
How do you choose the right tool for the job?
It is easy to put bullet points into a document and then organize after
How do you come up with protocols for collaboration?
- Marc's group was ad-hoc, but roles (leader, secretaries) tend to emerge
- There is trust involved
LibreOffice uses a lot of wikis
- Marc thinks they need WYSIWYG because the barrier to editing is too high
- You don't get good content so people get frustrated and leave
- The people LibreOffice is trying to support people who do not necessarily have good editing skills
- Do people who learn office software learn good styles?
- It does not matter. The ideas are important
- What is the bridge between thoughts and markup?
- Wikipedia is working on WYSIWYG tools
- Is Wikimedia not receptive to this?
- Drupal 8 has in-line editing now?
Should people have the right to NOT learn markup?
- If you force people to learn then you raise the barrier to entry
- That makes people elitist
- If the barrier to entry was lower then more people would end up learning the system
- Should people be forced to edit in Word?
- Smart people have the ability to learn it
(Oh no! Markup!)
Marc doesn't like Mediawiki because it is hard to are able to edit it in his group.
- People use all kinds of other tools
- What about eating our own dogfood?
- The initial documentation was not published in ODT
- Should people be forced to edit in Word?
- Smart people have the ability to learn it
Slack???
- Everybody loves slack
- Slack is the email killer?
- Easier to search (with group chat?)
- It is like a searchable newsgroup? mailing list?
- Do you have to go to the site in order to get the content?
- Conversations are collected chronologically so it is easier to go through them than on email chains
Gmail labels deduplicates messages into pointers to folders
How do you avoid the standards problem? Having yet another place to look for stuff.
Finding stuff on Etherpad and Ubuntupad is difficult unless you bookmark items with useful labels
It is impossible to search across Etherpad documents
Redmine can also be used for collaborative work
- Less useful for collaborative work?
- Ticketing assigns work to people : less good for volunteering
- Closing abandoned tickets is difficult (and frustrating!)
Matching employers to job-seekers?
- Use a dating site?
- Donor management software?
progress.com : Database company
- Record-oriented (vs set-oriented)
- It is its own language
- eg Home Hardware point of sale
- http://www.progress.com/customers/
Moodle
- Tim uses it
- It has a learning curve
VPSes
- DigitalOcean
- CloudAtCost
- Linode
Factors in collaboration
- Concurrent or not?
- Are you producing a document out of the tool or not?
- Does the document need to be exported or not?
Sidetrack: community foundation for the arts
- They are in every city?
- This is different from CEI
- The community foundation was giving CEI some money too
Back to: KWNPSA Meeting Notes
KWNPSA Meeting Notes for 2015-11-09
KWNPSA Meeting Notes for 2015-10-19
KWNPSA Meeting Notes for 2015-09-21
All About VoIP
- Date
- Monday, 17 August 2015
- Event Announcement
- http://www.meetup.com/NetSquared-Kitchener-Waterloo/events/223550824/
What combination of VoIP and PSTN lines do you use? What problems does VoIP solve for you? What problems does it create?
The meeting on Monday, 17 August 2015 was All About VoIP.
Discussion Questions
- What are you using?
- What do you like about VoIP? What do you not like?
- What providers do you use?
- What works better with PSTN? With VoIP?
- What are the pros and cons?
Arbitrary Comments
- What can we do with Teksavvy?
- Vonage vs ITSP? (Unlimitel, VoIP.ms) vs ISP (Teksavvy, Rogers) vs MagicJack
- MagicJack is an ATA? You need internet
- You can get a USB dongle as well (don't work under Linux)
- It is reliable enough for faxing
- $10 extra per year for a Canadian number
- $50/year + tax ($70 for the device)
- Berleine spends $32/year for a US number and service
- Unlimited minutes
- Call quality can suffer if the internet is busy
- Magicjack and Vonage are in the same space
- VoiP.ms and Unlimitel
- $1/month for the DID, $1.50 for Emergency 911
- Unlimited minutes
- Magicjack and Vonage are in the same space
- VoIP.ms: $1 + $1.50 for Emergency 911 + 1c/minute per calls
- You can buy a home package for $3.50 per month
- You can have subaccounts
- You can have many calls running simultaneously
- Fongo
- Free phone number, free calls, free voicemail, pay to send texts
- Freephoneline.ca is the same but for desktops
- How far can you get on a wifi phone?
- Sometimes quality is an issue
- SIP phones
- The Working Centre
- One PSTN line + voip lines + Norstar systems
- Use an ATA to convert VoIP.ms to analogue
- This does not work perfectly all the time (eg long tones)
- Brendan has tried to switch to all VoIP
- How do you trunk calls between buildings that use different systems?
- Idea: just map lines to phones so you can use Norstar handsets
- How can you receive calls in multiple locations?
- Voip.ms makes this easy
- You can use follow-me settings in Asterisk
- Faxing and virtual faxing
- Doesn't work so well on VoIP
- VoIP wants to break up packets, but faxes want a continuous
- Cheapest SIP phone: Grandstream GXP1400 (similar: GXP1405)
- Why VoIP?
- Cost: $40 for a PSTN line. VoIP can be cheaper
- Can use the same phone number for many calls
- We trust everything that goes over the internet
- Very configurable for free
- Why not VoIP?
- Depends on power to work. Don't have blackouts!
- Can't run faxing (reliably), DSL modems
- Can't use analog modems
- Can be reliability problems
- Security concerns
- Should have quality of service to ensure good performance
- Need upload bandwidth (16k-64kbps up per call depending on codec)
- Rollovers can be an issue between POTS and VoIP, depending on provider
- Costs more in terms of IT time
- You can do voip via internet addresses
- Older ADSL lines provide 700kbps up
- Bell VDSL is broken? Fibernetics does it right?
- Execulink is a provider that does PSTN rollovers right
- Can you do anything more with commercial VoIP than with regular Bell?
- Maybe. It depends on what the provider provides.
- Hiding callerID : easy
- Is this obsolete because of cellphones?
- The numbers are different
- Not as configurable
- But your cellphone works in a blackout (modulo batteries)
- You can't run your own cellphone service (in Canada)
- Compare to radio, community cable
- SIP clients for cellphones?
- SIPSimple?
- You can register to a local asterisk account
- Ring groups on VoIP.ms
- How can you make phones ring in certain locations only?
- Put a sip client on their phones
- Put Asterisk
- What Asterisk systems can be configured by Thursday?
- PBX in a Flash
- Elastix
- Cheap analog phones?
Acronym Fun
- ADSL : Asymmetric Digital Subsriber Line - High-speed Internet over an analog phone line
- ATA : Analog Telephone Adapter - Turns VoIP into PSTN lines.
- DID : Direct Inward Dialing - A phone number
- FXO : Foreign Exchange Office - Port that is on the phone. In asterisk, you use a port of this type when you want to integrate a PSTN line. Wikipedia:Fxo
- FXS : Foreign Exchange Service - Provides a dialtone. This can be from the wall, or the ports on an ATA
- Hunt groups: Choose which order phones will ring
- ISP : Internet Service Provider
- ITSP : Internet Telephony Service Provider - The company that provides VoIP service
- MWI: Message Waiting Indicator - The light that shows when you have voicemail
- PBX : Private Branch Exchange - the device that routes phone calls
- PSTN/POTS : Public Switched Telephone Network / Plain Old Telephone Service - A "Real" phone line
- QoS: Quality of Service - prefer sending packets to phones rather than Bittorrents
- Rollovers: First call a POTS line, then call a VoIP line with a different provider
- SIP : Session Initiation Protocol - VoIP protocol. There are others (eg IAX)
- VDSL : Very High Speed Digital Subscriber Line - ADSL on steroids
- VoIP : Voice over Internet Protocol - The trendy thing.
- VoIP registration: What phone will ring when you make a call to the number?
Keeping Remote Sites Up To Date
- Date
- Monday, 13 July 2015 from 7:00pm to 9:00pm
- Event Announcement
- https://www.meetup.com/NetSquared-Kitchener-Waterloo/events/223189124/
- Location
- The Working Centre, 58 Queen Street South, Kitchener Map
This month we will be talking about how to deal with multiple locations within an organization. We will be discussing things like file sharing setups for more than one location, communications between locations, different router types for VPN and such, etc....
Multiple locations may mean more than one office building, or other situations like employees who work from home or other remote locations.
Meeting Notes
What kinds of remote sites do you need to support/connect?
- Second location
- public facing location at one site
- People working remotely without having an office
What things do remote users need to do?
- File sharing: spreadsheets, word documents, PDFs
- Database use
What tools do you do to enable them?
- Sharepoint site for sharing documents
- Brendan uses an older version
- Syncing files between file shares
- Windows Server Remote App
- Small Business Server and Essentials
- Moving files to the cloud
- hosted server
- Syncing with dropbox
- Office 365 transitions workflow to the cloud
- VPNs
- Complicated for users
- SecurePoint client makes it easier
- Cisco mobility to connect (forwards all traffic via the VPN?)
- Local storage with encrypted storage
- files are stored remotely
- Windows BranchCache?
- Bittorrent sync, Dropbox, Syncthing
- Caching servers that sync overnight
- Microsoft DFS Replication (don't bother!)
- OneDrive for Business is still not working
- OpenVPN over OpenWRT
- Hamachi
- SSH tunnelling for remote access
- Remote support: SSH tunnelling, VNC, Fuse and SSHFS
- ownCloud with WebDAV
- ownCloud does not do symbolic links very well (OK on synchronized clients, not on WebUI or WebDAV mounts)
- WebEx (free for first three clients)
- http://www.remoteutilities.com/download/ : free for 10 clients
- AWS cloud?
- Using git for synchronization
What clouds are easy to set up?
- ownCloud on VPSes or your own servers
What is painful?
- Attaching remote files to local email
- Syncing multimedia files (photos)
- Downloading things from the VPN is slow
- People want things to work without learning anything
- Initially contact to a remote client: how do you get them setup?
- join.me, bomgar, TeamViewer, screensharing with Skype (slow)
- Users do not provide enough detail
- Slow connections on the remote end
- ADSL connections with slow uploads
- Can we stop the cloud?
- Synchronizing calendars
- ownCloud WebUI does not provide all the tools to manage appointments
- What webdav clients exist for Android? acal, solcalendar don't stay synchronized
- SunRise calendar: https://play.google.com/store/apps/details?id=am.sunrise.android.calendar
- business calendar: https://play.google.com/store/apps/details?id=netgenius.bizcal
- There is an Exchange connector for Android
Troubleshooting mobile devices?
- Remote support viewing on smartphones? WebEx, LogMeIn
Other considerations
- syncing over DSL
- online collaborative systems for sharing documents
- newer versions of Sharepoint allow concurrent editing of documents
- confidential/sensitive information being uploaded to The Cloud (tm)
- But any computer that is online is on the Cloud
- Storing medical information on the Cloud?
- VPN routers?
- They have VPN servers themselves (IPSec and PPTP)
- How do they find the clients? They use a road warrior setup
- German company: SoftMaker (word processor software)
ISPs
- Execulink supports vDSL now?
- Teksavvy has business offerings
- They have good support
- Yak
- Eyesurf : okay but limited
- Acanac ?
Back to: KWNPSA Meeting Notes
Keeping Computers Up To Date
- Date
- Monday, 8 June 2015 from 7:00pm to 9:00pm
- Event Announcement
- Keeping Computers Up To Date/Meeting Announcement 2015-06-08
- Location
- The Working Centre, 58 Queen Street South, Kitchener Map
Updating Desktops
You thought it would never happen again, but we are in fact holding a second Nonprofit Sysadmin meeting this Monday, June 8. As we did introductions last month I tried to collect some themes as future discussion topics. Somewhat arbitrarily, I propose that Monday's meeting be about keeping systems (specifically desktops) up to date:
- What tools do you use to keep desktops up to date? (Windows or Linux, or other)
- What tools do you use for third party updates (Flash? Adobe Reader? Hateful Java?)
- What tools do you use to monitor and ensure that updates are happening?
- How do you prevent desktops from filling up with spyware and other nonsense?
- For Windows people: what are you doing about the Windows 10 upgrade offer?
We will meet starting at 7pm at the main Working Centre building, 58 Queen Street South. Bill says that there is free parking kitty-corner from the Working Centre, on the other side of Charles.
If you know of interested sysadmins who might be interested in our conversation, please invite them to the meeting.
- Paul
Upcoming meeting topics
- July: Administrating remote locations and people who work from home
- August: All about VoIP
Here are the bullet-point notes I took from tonight's meeting.
(Paul Nijjar)
Someone needs to remind the list about how to get information for logging into the wiki.
Meeting Notes
Updating Computers
Linux
- Run apt-get manually
- apticron: emails when there are updates
- unattended-upgrades: does security updates automatically
- apt-dater: run updates in parallel
- rkhunter
- chkrootkit
Windows
- Download and ask to install
- WSUS updates
- Download updates and shut down
Third Party Updates
- ninite.com
- wpkg.org
- chocolatey.org
- wsusoffline.net
Restoring computers
- DriveVaccine (SUCKS)
- SteadyState (RIP)
- SteadierState
- Faronics DeepFreeze
- Virtual terminal servers (Multipoint server)
- Ubuntu with guest account
- PlayOnLinux: install Wine easier
- DelProf
Introductions And Planning
- Date
- Monday, 11 May 2015 from 7:00pm to 9:00pm
- Event Announcement
- Introductions And Planning/Meeting Announcement 2015-05-11
- Location
- The Working Centre, 58 Queen Street South, Kitchener Map
During the first meeting I figure we can introduce ourselves, work out the logistics, and introduce some of the things that are challenging us in our sysadmin work.
- Paul
- There are no meeting notes for this session.
- (KWNPSA Upcoming Events)
- (KWNPSA Past Events)
- (KWNPSA Meeting Notes on one page)
- (KWNPSA Requested Topics)
Meeting Notes
Alternatives to E-mail
- Aren't we all on Slack by now?
- Slack has some free options, also paid ones
- eg. voice and video options
- E-mail threads have messages and reply text, but slack has just the continuous stream-of-consciousness
- Bots: "What's my schedule on Thursday?", "Bot, book me lunch with Kirk on Tuesday"
- Regular expression bots, "human in the loop" bots, and "IBM Watson" hyperintelligent bots
- Bots really made it, turned Slack into a marketable product (opened the platform, API)
- But whatever happened to Google Wave and Google Buzz?
- Is there a Slack-to-Email bridge? Maybe on Rocket.Chat
- Privacy and datamanagment concerns: who stores your chats? streams? e-mail?
- Spammers on Slack? It's a closed environment, you know your spammer (unlike e-mail)
- But there can be public "Talk to a sales rep" windows
- Kik also opened their platform
- Rocket.Chat - "Slack-alike"
- web client & phone apps
- e-mail gateway, LDAP gateway
- Drag'n'drop filesharing
- Self-hosted, on Ubuntu as a Snap
- Self-hosted, so you have control over your own data
- kwvoip.ca may set this up...
- XMPP - Cisco bought Jabber.com (now Cisco Jabber)
- Matrix / Riot
Ease-of-Use
E-mail is so easy to use, people use it for everything
- File storage
- Instant messaging
- Archival storage
- Operating System?
- Heard of people who use git as a mail repository
Difficulty-of-Admin
- Struggle with Exchange and Outlook
- Weird problems, eg. indexes
- Would weird problems like indexing exist on Office365?
- Large systems are constrained only by the time and effort of the SysAdmin
- Or sufficient funds to purchase vendor support
Spam Mitigation
- Large mail providers silently drop some mail, receivers and senders have no idea it's not delivered
- Need to bring mail filtering inhouse
- Opinion that the only effective filters are Bayesian filters on content, not geo-blocks, IP-blocks, or domainname-blocks
- Dealing with blocklists
- Blocklists are reputation managers
- Small orgs sending mail are incorrectly identified as spammers
- Blocklist providers have no incentive to lift blocks based on the requests of senders (otherwise every spammer would make that request)
- Recipients of failed messages need to contact their mail providers to stop the mail providers from subscribing to bad blocklists
- Filter provider needs to hold the spam for subsequent retraining (problems with privacy and data control)
- Organizations block access to external mail providers
- (block ports for SMTP:25, MSP:587, IMAP:143, &c.)
- Must use smarthosts on ISPs
- Web clients to read/send e-mail from external providers
- Horde
- Squirrel Mail
- RoundCube
- Nextcloud mail app (based on Horde)
- New legislation for mass-mail (starting 1 July 2017?)
- Canada's Law on Spam and Other Electronic Threats - Home - Canada's Anti-Spam Legislation
- Mailing lists? OK for non-commercial organizations that don't sell or solicit funds.
- Fundraising? OK as long as there is a paragraph in the message that this is for fundraising.
Back to: KWNPSA Meeting Notes
Malware
- Date
- Monday, 12 June 2017 from 7:00pm to 9:00pm
- Event Announcement
- https://www.meetup.com/NetSquared-Kitchener-Waterloo/events/239940239/
- Location
- Communitech Jelly Bean Room 1st Floor, 151 Charles Street West, Kitchener, Ontario Map
Breaking News: Dozens of countries affected by ransomware cyberattack (CBC News, 12 May 2017)
Are you protected from malware? On your desktop computers? On your servers? Does your staff have malware protection at home? Is anti-virus software enough? What's "ransomware"? What's the difference between a virus, a trojan, and a phishing attack? Does it matter? How do you protect yourself from malware? What's the best way to react to a malware outbreak? How do you recover from a malware attack?
We'll share our experiences in a round table discussion, and perhaps have a guest from the industry to provide some of the answers.
--Marc Paré and Bob Jonkman
Video
Malware discussion at NetSquared KW meetup (courtesy of Gheorghe Curelet)
Guest: Scott Smith
- Tekkshare demonstration by guest Scott Smith
- A Goods-and-Services marketplace for technical stuff based on Sharetribe
- Invitation for KWNPSA members to sign up, will waive commission for first year
Meeting Notes
Malware experiences
- from the days of floppy drives
- WannaCry ransomware
- seemed to be more prevalent on Win7, not so much WinXP
- Video on encryption in WannaCrypt ransomware: How WanaCrypt Encrypts Your Files - Computerphile
- Malware vulnerability assessments
- SSL Certificates and PKI
- Anyone who pays enough money to browser vendors can be included as a Certificate Authority
- Some CAs have issued invalid certs for well-known domains, eg. DigiNotar and google.com
- Certificate Authority Authentication is designed to protect against that threat: An Introduction to Certification Authority Authorization (CAA) - SSL.com
Platforms
- Apple malware, adware
- Nothing super malicious, but affects the browser, user libraries inc. user preferences
- Backup with TimeMachine, but that takes malware with it
- Free TV websites and proxy sites seem to be sources of malware
- Manual restore (not Time Machine) to restore each file individually
- AdAware bought by Malwareytes, good for Apple platform, free for home use: Malwarebytes | Malwarebytes Anti-Malware for Mac
- Android
- Large platform, biggest vulnerability
- Old, refurbished phones may be vulnerable, they don't get updates
- Same for routers, security cams
- Fragmentation in market, but providers (Samsung, Verizon) don't provide updates after a year or two
- Reluctance to update phones because it takes too long (10 minutes!)
- People are more likely to replace a device than upgrade it
- Both on desktop and mobile devices
- Change is scary, some people can't even deal with a moved icon on the desktop
- SysAdmins are not able to meet the expectations of clients
- Google is taking heat for lack of Android updates
- Thought it might have been like GNU/Linux distros (stable, testing, Sid), didn't work out that way
- Proprietary applications contribute to this, only Google can upgrade their apps
- CopperheadOS tried to address this with a secure Android OS, but constantly battles Google and vendors
People believe things are secure because they've paid the vendor lots of money, they don't pay the vendor lots of money because the products are secure.
Best defence: Make our purchasing decisions based on public data of vulnerabilities
- More security resources:
Mitigation
- Software for Non-profit organizations available from TechSoup: Server & Security Software | TechSoup Canada
- Treat the end-user as an adversary
- Focus on recovery instead of avoidance
- But should we treat people as adversaries? Technical solutions are not a panacea
- Backups!!!
- Risk management -- given enough time, the probability of being affected approaches one
- Training is necessary, but not sufficient
Defence in Depth
- Backups, backup rotation, offsite backup
- Training
- Updates
- Offsite storage (Cloud), store deleted files for 90 days (version control)
- But privacy issues with out-of-country routing and storage
- Buy-in from management to provide enough resources (money)
- Honeypot, canary - let SysAdmin know when certain files are being touched
Staff needs to know this Defence-in-Depth is being done, and when
Recovery
- Some people don't care about their data, just re-image the computer
- Shadowcopy in Window -- only Administrator has access, can't be encrypted by ransomware
- But malware knows Shadowcopy is a good idea, and will try to bypass
- How can you tell your files are encrypted?
- Applications can't open their data files
- Some malware leaves messages "This folder is encrypted"
- Stiller software (c. 1995) to identify modified files with checksum appended to all files; won't open or execute compromised files
Meeting Administration
- Time limits? 8:30pm
- Stay on topic
- May start at 6:30pm? Consensus, not...
Offsite Hosting
- Date
- Monday, 8 May 2017
- Event Announcement
- https://www.meetup.com/NetSquared-Kitchener-Waterloo/events/237779027/
- Location
- Communitech Jelly Bean Room 1st Floor, 151 Charles Street West, Kitchener, Ontario Map
Where are your servers? Are you self-hosting? Have you thought about professional hosting? What services does a professional hosting service offer? Do you need shared hosting? Do you need a VPS? What's a VPS? What's a colocation site? How much will all this cost?
Come share your experiences with self-hosting, shared hosting, and VPSes. Bob and Marc have the questions, and special guest Mark Steffen from indieServe Networks will have the answers.
See you at the meeting!
--Bob Jonkman and Marc Paré
Video
Offsite Internet servers hosting - YouTube (courtesy of Gheorghe Curelet)
Meeting Notes
- Today's guest is Mark Steffen from indieServe Networks
Selecting a hosting provider
- There's no "One size fits all"
- What do you need?
- Disaster recovery?
- Microsoft licensing?
- E-mail hosting?
What kinds of servers for a host?
- Dell servers at one place
- Had HPs, didn't mind them
- indieServe has some HP servers for colocation
- Lenovo, but there was BIOS based malware
- Liked IBM servers, anecdotally liked the reliability
- indieServe has all Lenovo servers
Offsite Hosting Problems?
- Shared hosting was OK for a while, but host was asking for more money
- Another company seemed perfect shared hosting (using WordPress),
- Works today, but lots of complaints on Facebook, so he no longer trusts
- Backups?
- Yes, keeping your own backups in addition to using the hosts' backups
indieServe Networks
- indieServe is hosting for KWLUG, KWVoIP, FairvoteWRC, KWPeace, &c.
- About $10/month for shared host
- No limits but on the honour system
- Keep it to one company per shared host
- Local non-profits may be able to get really good deal -- talk to Mark Steffen
- Also has VPS (Virtual Private Servers)
- Can do hosted Windows servers or domain
- Good for small file sharing systems
- Microsoft has a specific licensing arrangement for hosting providers
- Cost based on cores and sockets, plus number of customers
- Not cheap, $100's /month
- Similar model to Azure or Amazon AWS
Offsite Backups
- Some customers use offsite hosting only for data replication (disaster recovery)
- Do keep offsite backups encrypted
- For any backup solution check with Legal for PIPEDA legislation
- Cheap backup? 20¢/GiByte for storage is typical
- Backup software:
- Duplicity for Linux
- Cloud Berry for backup service
- DupliCaddy for Windows (Open Source, Beta software,supports SQL, kinda slow)
- For Windows, do full backup, then everything is incremental afterwards
- But it keeps a synthetic "Full" in the background
- With S3 or Azure, you can restore to EC2 -- get (almost) instant restore on external VPS -- really cheap disaster recovery
- Back Blaze (personal backup for $5/month, also B2 backup storage, .02¢/Gibyte?, $10/month for 1 TByte?)
- indieServe keeps hard backups (USB drives stored offsite)
Backup horror stories
- Hijacked truck (backups not encrypted, nobody knows who now has access to backup data)
- Encrypted backups corrupted (physical disk damage corrupted one block of data, cypher block chaining made rest of backup inaccesible)
- Bulk files corrupted (backup file is OK, but contained invalid data, making rest of the backup invalid)
- Tape backup is still the most dense storage for immutable backups
- Mark Steffen has techniques for redundant backup storage (good for ransomware attacks, &c.)
- How much backup do you need?
- How much data can you afford to lose?
- Have at least one automated backup in place
Selfhosting?
- Run your own service on a VPS or shared host (XMPP, Wiki, Social media) instead of using Facebook, Google, Twitter)
- Manage your own server, colocated in a datacentre
- Getting a DSL line (with multi-link support), and running a server on premises
- Managed hosting - servers in house or colo, but contract out the SysAdmin
Webhosting Management
cPanel
- Set up WordPress, &c.
- Handles updates, patch management, backups, email
- Installatron for managing applications
- Varnish is a cache in front of Apache, for bursty traffic
- cPanel is pricey? $20/month for bare metal, less for a VPS
- Keeping cPanel on a VPS makes it portable, allows cPanel admin to perform maintenance with no downtime
Zenserver
- A Virtual Machine host
- The free version is pretty unrestricted
- Use Zenserver to run cPanel
Cloud Linux
- uses CageFS,
- isolates users from each other
Other panels?
- CentOS Web Panel
- ISP Config
- Ubuntu MAAS
- WebMin, VirtualMin
- WHM is the management tool for cPanel
- WHMCS is a shopping cart / billing system for hosting
- But these apps may have security issues (PHP doncha know)
Reseller hosting
- Perhaps for Web developers, who want to manage resources for their customers
- Can add multiple accounts, lets hosting provider manage growth and resources
- Could be unlimited accounts, but typically 300 GBytes, good for about 50 accounts
Blockchains
- Date
- Monday, 10 April 2017
- Event Announcement
- https://www.meetup.com/NetSquared-Kitchener-Waterloo/events/237778947/
- Location
- Communitech Jelly Bean Room 1st Floor, 151 Charles Street West, Kitchener, Ontario Map
What's a blockchain? Is this all about math? How do I make Bitcoin payments? How can I receive Bitcoin donations on my Website? Are there other blockchain currencies? What services exist for blockchain currency exchange? Is blockchain technology good for more than just Bitcoin? What blockchain tools exist for Non-Profit organizations?
Marc and Bob ask the questions, and special guest Kris Stinson will be on hand to provide the answers!
See you at the meeting!
--Marc and Bob.
Video
Familiarization with Bitcoin and other cryptocurrencies (courtesy of Gheorghe Curelet)
Meeting Notes
- Today we're joined by guest Kris Stinson (@StinsonKris on Twitter)
- Lots of media attention, "blockchain this, blockchain that", they're trying to sell you a database
- Microsoft, IBM, governments (even Canada: Cancoin)
- Banks are threatened, unregulated currency (scary!)
- Japan has approved Bitcoin as a currency (legal tender)
- Legal (tax) ramifications: Capital Gains.
Video
- We watch a video with Andreas Antonopolis: Foremost educator on Bitcoin Blockchain for Beginners - YouTube
Types of blockchain currency
- CryptoCurrency Market Capitalizations
- Augur - a "betting" site; deals with contracts
- Based on Ethereum
- DAO - Decentralized Autonomous Organization
- eg. Ethereum
- A decision by this DAO split Ethereum into Ethereum and Ethereum Classic
- Now there are miners working on both branches of the blockchain
- "The mining network" determines whether a fork of the blockchain can happen
How does the blockchain determine "truth"?
- The longest chain wins
- "Rolling back the chain"
- database
- miners
Quantum computers?
- Will change the game!
- Winkelvoss brothers
- Own over 50% of bitcoin?
- This is a problem, they can determine the validity of transactions
Wallets
- Wallets are Public/Private Key encryption containers
- How to get a Bitcoin Donation buttton on our Non-Profit Organization website?
- Just need to publish your wallet's Public Key, no "button" required
- But Shifty Button | ShapeShift | The fastest way to swap cryptocurrencies. No account required
- This will generate a button for multiple currencies;
- Just copy 'n' paste your public wallet address
Other blockchain technologies
- Don't trust The Cloud?
- Authentication
- Filesystems
90 minutes was far too short to cover all aspects of Blockchain Technology; we'll invite Kris Stinson back someday.
Branding
- Date
- Monday, 13 March 2017
- Event Announcement
- https://www.meetup.com/NetSquared-Kitchener-Waterloo/events/237778855/
- Location
- Steve Izma's house, 35 Locust Street, Kitchener, Ontario Map
What's your brand? Do you have a brand? How do you choose a brand? Is branding important for NonProfit organizations? What is the value of a good brand? What is the cost of a bad brand? Have you ever changed your branding? How much work was it for the SysAdmins? Did you have re-do the Web site? The e-mail addresses? Business cards? Letterhead? What legal considerations are there for choosing a brand?
Bob and Marc have the questions, together all of us have the answers.
See you at the meeting!
--Bob and Marc
Meeting Notes
This meeting ended up being more about our own re-branding needs, and the business of running KWNPSA as a non-profit organization. We'll have another session in the future on Branding to discuss the experience and gather the advice of other organizations.
- We started with a discussion on the different syntaxes used in markup languages, eg. Markdown, Mediawiki, PMWiki, MoinMoin...
Hosting Services
- Many Non-Profit organizations are migrating from CCj/Clearline (Steph Smith, Cedric Puddy) to IndieServe (Mark Steffen)
- Marc Paré will take over the hosting for KWNPSA
- Marc is currently using 123EHost.com
- This is for the interim, until Marc has his own server set up
- The hosting OS will be Mageia
- Mailing Lists
- Steve Izma will be the Mailing List Manager
- We currently have our Discussion and Announcements mailing lists on CCj/Clearline
- Steve will look after the mailing list migrations as soon as Marc has Mailman set up
- Wiki
- Mediawiki is being used by everyone at this meeting,
- Currently being hosted at http://sobac.com/kwnpsa by Bob Jonkman
- Will be migrated after Marc has set up the Mageia server
Sponsorships
- CIRA - Has provided $100 for the previous and this meeting.
- TechSoup - provides low-cost Microsoft licenses to Non-Profit organizations
- NetSquared (part of TechSoup) is an umbrella group for Non-Profit organizations' IT staff
- If we get a venue without A/V facilities, can NetSquared sponsorship provide, say, a projector? Marc to ask Eli...
- NetSquared (part of TechSoup) is an umbrella group for Non-Profit organizations' IT staff
- Microsoft
- We will gladly accept Microsoft sponsorhip and host an evening dedicated to Microsoft products
- Perhaps have as a guest speaker a product specialist from Microsoft?
- We will continue to focus on Free Software / Open Source solutions at other meetings
- We will gladly accept Microsoft sponsorhip and host an evening dedicated to Microsoft products
- Google
- Apparently Google is a sponsor or a member of NetSquared
- but we have not seen support from our local Google office, eg. request for a venue
- Apparently Google is a sponsor or a member of NetSquared
Formalizing the KWNPSA group
- The formal structure of the group will consist only of a Treasurer
- Marc Paré will be Treasurer, will take care of any finances received from sponsors, donations, &c.
- Funds received from sponsorships &c. will be used for venues, hosting costs, domain name costs.
- Bob Jonkman will ask Eli van Giessen to re-brand the meetup.com group as KWNPSA - Kitchener Waterloo Non-Profit System Administrators -- a NetSquared Group
Marketing KWNPSA
- Business cards?
- We need someone to design a KWNPSA logo
- The KW part is important to our geographic locale; highlight or separate KW from NPSA
- Marc Paré has found with other organizations that business cards are just as effective as posters
- We need someone to design a KWNPSA logo
- Let more people know that KWNPSA exists
- Marc has a list of local KW Non-Profit organizations List he has contacted about 100
Meeting format
- KWNPSA has a collegial Round Table Discussion format, which suits Non-Profit organizations
Mailing Lists
- How do we deal with badly configured MUAs (Mail clients) that try to reply to the Announcements list?
- Do we need two separate lists?
- Steve Izma will investigate the use of "child lists" in Mailman
- "Child lists" will allow "Discussion" to receive "Announcements" so people only have to subscribe to one list
- DMARC problems
- Steve will activate "munging" on Mailman so badly configured mail hosts like Yahoo Mail will accept messages
- We will have KWNPSA branded e-mail addresses
- To be seen if this helps or hinders the DMARC problem
- Lends authority to Announcements; requests for venues, &c.
- Marc Paré marc.pare@kwnpsa.ca
- Steve Izma sizma@kwnpsa.ca
- Bob Jonkman bobjonkman@kwnpsa.ca
- Available to anyone who helps organize the group
Wiki
- Meetup.com is closing its Discussion Forums where we used to publish Meeting Notes
- Paul Nijjar has a .gzip file of all meeting notes
- Bob Jonkman will upload these to the Wiki (they're in the Public Folder as npsa.tar.bz2)
- Public folder (RO): http://sobac.com/owncloud/s/CQr2YmVw6VZ91We
- Upload folder (R/W): http://sobac.com/owncloud/s/35Gyy6yTOG5Ak9z (contact Bob Jonkman for the password)
- Steve Izma will write a script to convert these from Markdown into Mediawiki syntax and upload them
- Bob has been testing different data structures on the Wiki, eg. transclusions for meeting announcements, sub-folders for meeting notes.
Branding
- Description of group: Resource Group for Information Technology in Non-Profit Organizations
- Similar to a Mission Statement, if not identical
- Also the Vision -- use one phrase for all
- We will refine this description on the Discussion List with other members
- Are we KWNPSA or KW-NPSA?
- It's a non-issue, we'll spell it out in full on posters and whenever we make announcements
- Let's see what the Business Card designer does
Venue
- Marc Paré will pursue Communitech and the Downtown Community Centre for "venue sponsorship"
- A venue at Google may not be possible (high security facility)
Meeting notes taken by Bob Jonkman.
Social Media
- Date
- Monday, 13 February 2017
- Event Announcement
- https://www.meetup.com/NetSquared-Kitchener-Waterloo/events/237362708/
- Location
- Queen Street Commons Cafe, 43 Queen Street South, Kitchener.
- Across the street from our previous meeting place. Map
How can a Nonprofit organization make use of Social Media? Should a Nonprofit organization even use Social Media? What Social Media platform do you use? What sorts of things do you put on Social Media? Who puts it there? A team of SMEs? One person? Is this a full-time job? How much time does it take to maintain Social Media accounts for a Nonprofit organization? What will you do when your Social Media platform disappears? Or deletes your content? Or delivers your content to only a small set of viewers?
Meeting Notes
- Conversation started with employment
- Headhunters and placement agencies frequently call potential employees or contractors, but rarely result in employment or contracts.
- Salaries for developers are higher in Waterloo Region, due to competition from other tech firms.
- Social Media is all about the analytics
- Using analytics provided by the services, eg. https://analytics.twitter.com
- Analytics from different sites (Twitter, Facebook) are similar enough that direct comparisons can be made.
- Use some custom links to identify source of engagement on their own content
- eg. use one URL for Twitter, another for Facebook to reach the same content
- Use Google Analytics for generic information
- How does Google identifiy the source of the visitor if the links are all the same? Or the URLs are all the same?
- Staffing at one non-profit organization:
- 1 person for Twitter + Facebook
- 1 person for Instagram
- Need more staff (Reddit, other social media forums)
- Maintaining social media accounts by volunteers
- Takes lots of time! Split it up between people
- Automate some tasks (POSSE - Publish Once, Syndicate Self Everywhere)
- Update frequency
- Twitter: 8-10 time per day
- Facebook: Once a day
- Search for how to optimize facebook feed
- Have a hashtag strategy (what is a hashtag strategy?)
- Before starting on social media, ask "What is the organization's goal for social media?"
- Distribute information (meetings, info about the cause, eg. environmental tips)
- Grow the organization
- Automate feeds
- Facebook -> Twitter
- Blog -> GNUsocial -> Twitter -> Facebook
- Your following:
- Are your followers passive or engaged?
- Twitter is good for a large number of followers, but low engagement
- Facebook is the opposite (few followers, strong engagement)
- Linkedin is good for Business-To-Business
- "Twitter will be around forever"
- Some disagreement about that
- Whatever organization buys out Twitter will want to keep the eyeballs (users generating advertising revenue)
- Reddit is a great platform
- But nobody likes it
- Having a social media presence on Twitter and Facebook and Instagram will reach 90% of people online.
- The purpose of one non-profit organization is to change consumer behaviour
- How can that be measured?
- Are social media sites trustworthy?
- Social media sites are bad for your personal mental health
- Some people remove themselves from social media
- Social media sites are bad for your personal mental health
- Twitter is a conversation
- Really? 140 characters seems too short for meaningful conversation
- Twitter is (only) good for broadcast announcements
- A Grade 8 reading level is good for Twitter
- It takes skill to get more information into 140 characters than in long-form prose
- But too many abbreviations and leetspeek and others can't understand
- "Dracula" by Bram Stoker was written as diary entries, good for syndication on Twitter
- Books are being replaced by social media
- so put novels on social media where people will read them
- How to be effective:
- Go where the people are
- But that leaves out Free Software solutions like Friendica (Facebook substitute) or GNUsocial (Twitter substitute)
- Go where the people are
- Wouldn't it be nice
- if social media didn't affect reading levels or comprehension
- people learned more evaluation and critical thinking, not rote memorization
- Filter bubble
- Facebook only shows those things you've already "liked"
- reinforces biases
- Recognize that Social Media is just a tool
- You can use it well
- ...or you can use it poorly
- We (Non-profit organizations) are parasitic
- We're using social media platforms for our own purposes, fully recognizing they're not doing this for our benefit.
Meeting Closing Discussion
- Discussed CIRA (Canadian Internet Registration Authority)
- supports the .ca domain extension for Canada
- most are aware of the organization
- result of discussion is to obtain the .ca version of the NPSA domain: kwnpsa.ca
Future topics:
- Monetization
- Branding (logos, names)
Estimating Time and Resources
- Date
- Monday, 16 January 2017
- Event Announcement
- https://www.meetup.com/NetSquared-Kitchener-Waterloo/events/234260371/
- Meeting Notes
- https://www.meetup.com/NetSquared-Kitchener-Waterloo/messages/boards/thread/50529155
In IT we are often asked to estimate the time and resources assorted tasks will take. Often these time/cost estimates are tied to funding, grants, and resource allocations. Unfortunately, many of us struggle at coming up with estimates more accurate than "it will take longer than expected". What are some strategies and best practices we can use to come up with better estimates? Under what circumstances does estimating things become easier? Harder? Under what conditions should we spend a lot of effort making estimates, and under what circumstances should we not?
When have you had good experiences making estimates? When have you struggled?
As always, bring your experiences and questions. Also, please spread the word about this meetup so that more people who do nonprofit systems administration will become aware of it.
Announcements
- Laptop Rescue Mission this Saturday, 21 February 2017, 4-8pm
- Does somebody want to take over the group?
Taking Over the Group
- Is there a venue available?
- QSC is noisy
- Other TWC spaces need staffing
- Meeting at Steve's house?
- Will anybody take the mailing lists?
- New organizers: Bob Jonkman, Marc Paré.
- Should we be on meetup?
- mailman does some of this
- NetSquared does not help with promotion
- meetup has a large user base
- there is a blog and a wiki already
- there is a twitter account
- They want the group to be face to face
- Bob likes the peer to peer conversation
- March meeting's at Steve's house
- Marc will look for other venues
- Communitech has space available to tech groups: Marc
- Moving the mailing lists: Steve
- Marc can host on his server and get a domain name
- Future topic: Project management software
Meeting Notes
Discussion Points
- What are strategies and best practices to get better estimates?
- Under what circumstances does estimation become easier?
- Under what circumstances does estimation become harder?
- When should we spend a lot of effort making estimates?
Discussion
- Horror story: server installation
- building a server room that needed dedicated cooling
- he estimated power consumption of each device
- UPSes only need to be sized for the running current (they are built to handle startup current already)
- He ended up overestimating by three times
- The air conditioner would freeze the pipes and everything would shut down
- He looked up currents instead of measuring them
- How do you deal with the exhaust heat?
- The UPSes had meters for measuring electricity draw
- But then they dismantled the server room for other reasons
- When is it easy?
- Figuring out spending is easy?
- In the horror story they sized based on existing equipment
- Looking up specs can be difficult
- Never?
- When you have done this project before?
- There are differences between software and hardware
- But sometimes you make software similar to the stuff you made before
- When you can look at projects similar organizations have done?
- How do you get that information?
- Figuring out spending is easy?
- Mythical man month comes into play
- You cannot predict how managers will manage the project
- Example: replacing a network was the single largest line item
- It is harder than you think always
- There is always effort associated with making estimates
- When is it worth the effort?
- When projects are expensive
- When projects are tied to specific grants
- Waterfall vs agile software methodologies
- Don't estimate everything at the beginning
- Can you make estimates a little at a time?
- But budgets are always waterfall, not agile
- But we tend to overengineer things
- But then your results are rejected
- Projects always have unanticipated things
- It is expedient to underestimate costs to win contracts and political support
- What will future maintenence costs be?
- If you lowball costs then you get approved
- Who pays for the overage
- But operational budgets are overestimated so that you get a surplus later
- End of year rollovers are political
- Surpluses are seen as weaknesses, not frugality
- This applies to nonprofits as well
- Bureaucrats look good when they give large amounts of money
- There are not good incentives to share funds across departments/projects
- Does that mean IT is always having to convince management for funds?
- IT is always a cost sink
- But technologies can reduce labour costs and stop people waste time
- Workers should enjoy the additional gains from productivity gains
- How do you position yourself so that you get buy-in?
- Get the people who are affected to talk to management too
- Sometimes estimates are done to argue for funds and sometimes they are used to find projects that should not go ahead
- If you know that you are going to need something then just go and do it
- But senior management does not trust the estimates, so they hire consultants, which causes conflicts
- It is less important to estimate when you have projects that can be done in small stages (instead of projects that need to be done all at once).
- If the project is small it makes less sense to make estimates
- Pilot projects can help figure out long term costs
- Projects can be broken down by scope
- Sometimes estimates are not honest, but designed to underbid the competition
- Who pays for the overruns?
- There can be penalty clauses in these contracts
- Getting the lowest contract can be a problem
- If you incur penalties you get taken off the list of approved contractors, but you just change your name and try again
- This can result in lawsuits
- There can be completion bonds, etc
- As soon as lawyers get involved costs go up dramatically
- It can be a problem when sales team promise things without telling engineering
- Doing estimates can give you a ballpark about the costs
- but now you may have to have consultants vetting other consultants
- To some extent you can play vendors off against each other
- Big software companies will have pre-sales engineering teams to help you figure out your costs
- They can also outbid you if they want
- How do you deal with projects where you have blown the time constraints?
- You can hire subcontractors
- Drop parts of the project
- RFPs can tell you what they have to offer
- They can help you anticipate some of the pitfalls
- Do requirements documents of what you need
- Talk with the vendors/engineers from the companies
- But the vendors will not tell you the horror stories
- People's behaviours can change once the ystem changes
- eg people beginning to use email as file storage
- Breaking down projects into chunks
- This shows you things that you are missing
- Then you can better understand what the project is
- Start aspects of the project that you can learn from and what different tasks are involved
- But you cannot do this with monolithic systems
- Fixing technical debt is more work than starting fresh
- Don't be tempted to give the estimate right away
- Be prepared to charge extra when the estimates increase
- Sometimes competitive bids boil down to who you know?
- This is not necessarily bad because of trust
- But the well-known vendors have more experience winning these bids
- If you start out at a big vendor and branch out on your own you can receive trust
- Talk to other people who have done the same thing
Documenting Things
- Date
- Monday, 12 December 2016
- Event Announcement
- https://www.meetup.com/NetSquared-Kitchener-Waterloo/events/234260323/
Much of our September meeting revolved around documentation. How do we ensure it gets written when there are so many other priorities? How is it maintained so it does not go out of date? How do we index it so that it is easy to find the information we need when we need it? What tools have we found most helpful in creating and maintaining documentation? What things are important to document, and what things can be skipped? As always, bring your experiences and questions.
Meeting Notes
(Notes by Martin Edmonds)
Best Practices
- Create documentation for users: “How To” & “FAQ” documents on Wiki so it can be self-serve or you can pass on links when users ask questions
- Consider formats for defining requirements:
- Consider: security, auditor controls, speed, backups, file permissions
- Ask client where data coming from
- Weigh balance between: need for documentation versus the effort that it requires to develop
- Don’t document same info in multiple places or it is more work to maintain
- Get data into a structured format that data can be entered once and it will ripple through to every relevant place
- Too much documentation may never be used; Keep it simple with what is most important
- Know your audience
- Videos have advantages, but you can’t scan through or search to find what you want
- Short instructional video on a specific topics can be helpful
- Consider security: are multiple levels of access required to documentation
- Consider paper versus electronic forms of documentation
- Think about what someone would need and how they would find it, if you are not around to show them.
- Keep it in a standard place. Don’t keep documentation on your personal computer or account, because other people won’t be able to find it.
- Keep in a place where you can give access to someone else but is not accessible to people who should not get it
- Include examples in the documentation
- Include why you did something (not just what you did)
- How do we make sure that it is done
- Make it easy to document
- Allocate more time to do documentation
- Set aside time at the end of each day to update documentation based on what you worked on that day
- Document as you do it
What to Document
- Enough to get a person started (in case person with knowledge is no longer available)
- Overview of where documentation is. (big picture view)
- Explanation of what is done on repeated basis at certain times (eg. Holiday posting done each year)
- Document characteristics of users. For example: user expectations, knowledge, tendencies, tolerance for flaws, etc.
Tools
- Word processor is not ideal since the documentation should be structured so that it can be queried
- Wiki: forces you to think of structure; easy to create new links to new pages; good for collaborative authoring; manages revisions;
- A wiki is not as simple to use as a word processor, but non-programmers can update document using wiki
- Using a wiki may discourage some people from commenting because of learning curve
- Requires a good editor
- Can preview documentation through wiki
- Wiki is not great for multiple security levels of access to documentation
- Tools to consider
- OneNote
- “Remarkable” use on a tablet for taking notes at a meeting
- Data Base: such as Access
- Cloud based: Eg. Google Keep, Google Docs
- Sharepoint
- Video and screen capture: eg. SnagIt or Jing or
- Tools that come with Windows: “Recording Steps” or “Snipping Tool”
- Word processor or spreadsheet are very easy to use, That is what people know how to use. Those are not ideal, but any documentation is better than no documentation
- Ticket system which will capture what you did to resolve issue
- For documenting Network: “Lan Sweeper” or “nmap”
Thanks to Martin Edmonds for moderating this month.
- Event announcement: https://www.meetup.com/NetSquared-Kitchener-Waterloo/events/233388765/
- Meeting notes: https://www.meetup.com/NetSquared-Kitchener-Waterloo/messages/boards/thread/50337067
Regulatory Compliance
- Date
- Monday, 14 November 2016
- Event Announcement
- https://www.meetup.com/NetSquared-Kitchener-Waterloo/events/233388765/
Many non-profit organizations are involved in government-regulated services such as health care, employment acquisition and training. Other activities require adherence to other laws, such as building codes. How do you keep track of all the regulations that you need to follow? How do you store compliance documents such as sign-offs, NDAs, and contacts? What do you use for secure document storage and transmission? How do the SysAdmins get along with the Lawyers? When is encryption required? What do you encrypt and when?
Meeting Notes
- Must consider retention and retention periods of email and other documents (almost any document can be considered a legal document)
- In addition to govt regulations, must consider industry practices & standards
- Following of the Ont. Non-Profit Corporations Act (ONCA
- Maintenance of email lists:
- use double opt-in
- using email lists only for stated purpose
- offer mechanism for requesting to be removed
- On website for incorporated organization (In Europe, but not yet in North America)
- need to specify if cookies will be saved
- need to specify physical address (required in Europe)
- Considered a member of a non-profit (in some cases, even attending an event can constitute you as a member)
- Adherence to Copyrights laws when photocopying
- What responsibilities does organization have when providing internet access to public
- Audits from organizations that grant non-profit status or organizations that provide grants
- Software audits (Eg Microsoft ensuring license adherence)
- Need to be very careful about mailing lists and keeping them up to date to prevent mails to the wrong person
Storage
How do you store compliance documents such as sign-offs, NDAs, and contacts? What do you use for secure document storage and transmission?
- LotusNotes used to route a document and get sign-offs along the way
- Block chain systems (discuss further in future meeting)
- Electronic forms on secure file server or encrypted device
- Encrypted data.
- TrueCrypt
- There are some known vulnerabilities in the Windows version.
- Veracrypt is a fork of TrueCrypt).
- Luks container
- Offsite (using send command)
- ZFS (a file system)
- TrueCrypt
- Indicate on top of email who is the intended audience of email. Legal disclaimer on the footer telling you not to read an email if it does not pertain to you.
- Encrypted email systems eg. Enigmail (a thunderbird plug-in)
- Online service to encrypt mail eg. Proton Mail, and Tutanota
- Signal, Telegraph, and WhatsApp for encrypting instant messages
Potential topics for future meetings
- Block chain systems
- Book: London Review of Books had two stories by the same author Andrew O’Hagen
- Ethereum (a programming environment built on top of Block Chain)
- Accessibility rules
- Document storage formats (ODS, etc.) could be combined with document management systems
KWNPSA Meeting Notes for 2016-10-17
Smooth Succession
- Date
- Monday, 19 September 2016
- Event Announcement
- http://www.meetup.com/NetSquared-Kitchener-Waterloo/events/232556568/
Sooner or later, people move on. Sometimes they leave for greener pastures and sometimes they just leave. Sysadmins tend to have a lot knowledge about the systems they work with, and often their knowledge is in their heads and their heads alone. As responsible sysadmins, how do we transition out of our jobs without our organizations collapsing behind us? How do our replacements learn the institutional knowledge they need to keep things running? What best practices can we implement to document and share knowledge so that others know what is going on when we are hit by buses?
Future sessions
Documentation
- What do you document?
- What tools do you use?
Coming up with time/effort estimates?
- How do you be realistic but efficient
- How do you justify unanticipated difficulties
Questions
- Have you taken over from another person leaving? What was helpful? What was frustrating?
- What preparations have you made so that future people can successfully transition into your work?
- What barriers and challenges are there to smooth succession?
- How do you transfer institutional/oral culture?
- What best practices are there for documentation?
Meeting Notes
Our IT hats
- Schoolteachers: often one person gets picked to wear the IT hat
- 50 staff, 300 students
- He deals with tech support questions
- The board has a regular IT department but the ratio is high: 1 person for thousands of users
- Tickets take a lot of time to resolve from the IT department
- Teachers often have to pick up the slack
- The IT staff they get in now are younger
- The software stack seems to work better now
- Software compatibility would break when deployed
- eg a network game would break everything else
- Now they test deployments better
- But this reduces spontaneity
- What about interaction with the school boards? How do documents get passed around?
- This is more centralized now
- They were going to give all kids their own email accounts
- Schools have logins for their kids now
- Some school boards do BYOD (Bring Your Own Device)
- This is cheaper for the school boards, which can't keep up (and budgets are tight)
- They use the same number of IT staff for the Catholic school board as they did for the entire high school system
- This probably implies web interfaces for everything
- Small non-for-profit, 25 staff
- Prior to joining his director was the primary IT person
- They signed a contract for hardware/software support
- Now there is an IT committee
- He made the mistake of admitting that he "knew about computers"
- The organization decided to move to a cloud based service (Sharepoint) with a data migration
- This was somewhat painful because the outside supplier did not tell them about their slow upload speeds
- He does software/hardware problem solving
- He does software upgrades: Office 2013/Office 365
- Does training on the Sharepoint move
- They are trying to transfer knowledge from the director's head to the collective
- They have a local server
- They also do BYOD
- Getting information for connecting computers to the server is tough
- How can staff do their jobs day to day
- Do people prefer Office 2013 to Office 365?
- There is more functionality in Office 2013
- eg they have a room booking spreadsheet that has pane-freezing problems
- Do people have problems with file versioning?
- Not really
- They have had communications problems with outside tech support
- Even doing hardware audits and internet connections was tough
- Getting people up to speed in Sharepoint is a big issue
- People have problems adjusting to change
- Where is the storage? It is all on the Microsoft cloud
- How do you deal with shared documents on Google Drive?
- You can map your own drive to a drive letter but cannot access shared drives
- OCAML FUSE driver under Linux for Google Drive: https://github.com/astrada/google-drive-ocamlfuse
- Approaches to succession at a large company
- There were procedures that were documented in a lot of detail
- Important for time-sensitive stuff (eg batch jobs)
- People did document well
- You could search a spreadsheet for jobs to diagnose
- Disaster recovery testing were documented in a lot of detail
- He participated in disaster recovery one year
- A coworker then started the next year, and he gave pointers
- The documents were well-written and a good guide
- Reviewing the documents well before is important
- Management was invested in making sure that documented were well done
- Another co-op job was not as smooth
- A small one-person operation was not documented well -- much of the knowledge was in this person's head
- Maybe this person should have done more documentation
- The boss was very time-conscious, so he documented only the most complex issues
- Writing things down is a good buffer for dealing with remembering stuff that is on screens
- Is commenting code financially efficient? There is a short-term/long-term tradeoff.
- Implementing better error tracing can be used by future people
- He was working for a small startup where the emphasis was getting things as soon as possible with no succession of any kind
- There ought to be good handoff procedures
- This can be an issue with Google Summer of Code: people hang out for four months and leave
- But sometimes there are good changelogs
- Succession horror stories (small nonprofits)
- He would like people to assign administrator access
- Most organizations are staffed by nontechnical people
- When going to new organizations
- He had to explore how things are hooked up and why
- Naming conventions were weird
- He changed some of the printer names and got into trouble because it messed up the network documentation
- Other places have been decomissioning jobs
- He had to document everything before shutting things down
- Big municipality had a good disaster recovery plan
- Nobody should have to think in order to get things back up
- Problems: system change and then documentation goes out of date
- One on one training is better than doing no documentation
- He worked for an insurance company. Their disaster planning was based on insurance.
- This is called "key man insurance"
- Worked for a university press
- He kept the job for 30 years
- He had a lot of autonomy in writing his job descriptions
- Early on they had their own UNIX system and some people on Windows using UNIX tools
- User training was not difficult because typographers know how to type to get stuff done
- But in 1999 things changed. Kids these days! They only know how to use word processors
- Passing on old skills was hard
- When he went on leave he hired a friend who knew the same skills
- When he was getting closer to retiring there were a lot of meetings about the stuff he did. Other people were learning this but others didn't think they could handle the whole thing.
- The people who took his job have good communication skills and could change things to their preferences
- He found that his meetings were collaborative and good for problem solving
- Things are going well but are slower
- eg there are fewer spreadsheet manipulation abilities
- There is documentation in wikis. People can read them but not write to them easily.
- Have others dismantled your work since you left?
- Yes
- They were thinking of shutting down the Linux servers
- They were going to migrate the functionality to a virtual machine
- The server ran for a year without being rebooted and continued to work
- Working with text files on local servers can be simpler than the cloud, because of black boxes
- He had a lot of discipline to the structure of the data
- black box: you have a promise of input and output, but you don't know what is happening inside
- If the input data changes then everything can get messed up
- Can you troubleshoot problems when they come up
- Black boxes mean you can change the inputs and examine the outputs, but this is trial and error
- Is there good software for putting bounding box information on EPS information. He found a script that worked that was made of Perl and shell script.
- At TWC
- Lots of complicated infrastructre
- Some of it is documented but documentation goes out of date
- People come and go
- Understand everything about everything
- Oral culture (both positive and negative)
- Documentation is like survivalist training
- Documentation that gets used stays up to date
- Some documents are used frequently
- Write down passwords in a shared (encrypted!) document
- Multiple people working on a door system means documentation gets written
- Documentation that is hard to write and hard to update does not get written (or gets written and is useless)
- Text only
- No screenshots unless absolutely necessary
- Trivial update mechanisms
- DRY : Don't repeat yourself
- Trivial to search
- OneNote
- Plain text
- Documents with good search
- Email (yes, really)
- Write documentation as you go
- Too much documentation is kind of better than too little
- If you learn things twice then document carefully the second time
- Some people consider lack of documentation as job insurance
- HOWTO files can be helpful
- Make things as self-documenting as feasible
- Drop README files in source folders
- Inline comments
- Documentation as file names
- Log files and version control are forms of documentation (if you have the discipline)
- etckeeper is good for Linux systems
Best Practices
- Mind the bus factor and stay away from public transportation
- Don't store documents in someone's personal folders
- Having good documentation is helpful. How does it get created?
- Never admit you know computers
- How do you keep documentation up to date as things change?
- Make documentation accessible
- Get good at trawling other people's work
- Do regular training for staff and volunteers
- Forcing people's hands can help
- Start people small if you can
- This way you can assess their skills and commitment
- Make new people do documentation as they work
- This helps them learn the systems
Worries and Challenges
- Being the person who gets hit by the bus
- How do you spread information?
- Continuous learning by staff -- raising everybody's level of knowledge
- Management may not be on board
- Do people understand that not having long-term planning leaves them vulnerable?
- You can't boss around volunteers as much
- People think that the cloud solves backups and IT administration
- How hard will it be to step into a new position?
- When we are unemployed because we don't have the tools
- Money becomes a huge issue
- Getting access to hardware is an issue
- How many times will you be called after you left?
- Will you remember your old work
- There is a sense of liability -- who is responsible when things break?
- Choosing the wrong successor could be a disaster
- Finding time/resources to transfer knowledge
- Sometimes you need to be inefficient to be effiencent
- Letting other people do the thing even though you could do it faster and more efficiently
- Letting other people do the thing in ways you would not do it
- Giving people good base levels of knowledge helps
- How do you learn the system while being careful and not destroying everything in a burning ball of flame
- How do you make a good impression and getting things done both quickly and correctly
- Sometimes contractors get commissions with promises they cannot keep
Financial Software
- Date
- Monday, 15 August 2016
- Event Announcement
- http://www.meetup.com/NetSquared-Kitchener-Waterloo/events/232234165/
What kinds of financial software are appropriate for nonprofits? What does your organization use? What work is involved in supporting it?
Questions
- What financial software does your organization use?
- How do you migrate between software?
- What considerations do you factor in?
- How do you support this software?
Announcements
- Upcoming meetings? Fold the group?
- Free software for nonprofits
- What do we want out of the group?
- Proselytize free software? How do we get others to adopt free software?
- What makes people use free software vs proprietary?
- Hiring policies. Windows people are replacable?
- Recruitment drive?
Meeting Notes
- It was difficult to get accounting software for Linux without paying a fortune.
- We should be concerned about financial software
- Writing different interfaces (eg for batch jobs) is difficult
- Sysadmins usually do not decide this software. Accountants do.
- There are specific needs for payroll, HST, auditing
- There is a high learning curve
- Brendan uses SAGE because of payroll
- Quickbooks requires a service to deal with payroll
- Personally Brendan uses GNUCash
- NewViews
- hierarchical accounting that looks like a spreadsheet
- It was made for DOS and Windows
- It has a high learning curve
- TWC moved from the DOS version to Windows
- People at banks prefer correctness over efficiency
- Brendan keeps tracks of accounts for several nonprofits
- They were both using some ancient DOS program
- They migrated their infrastructure to Access databases
- They have multiple systems that have to manually reconcile things?!!!??!!?!!
- It is possible to use TeX as an accounting system
- With spreadsheets as input
- Who else maintains this?
- Why can't some Drupally solution come in and take over this space?
- There are consulting companies: eg http://www.parit.ca/
- The core of financial software are:
- Sales
- Financial transactions
- Different accounts
- The non-cores:
- Reports to funders
- Payroll
- (ObTopic) Is the cloud going to eat everyone's lunch?
- Freshbooks is on all the podcasts
- Integrating with banks is not so easy with GNUCash
- You also have to make sure the cheques have been written correctly
- How about hledger/ledger?
- Why can't this all be federated?
- IIF : Intuit Interchange Format (proprietary)
- OFX : open standard used by Microsoft Money : http://www.ofx.net/
- Not an API thing?
- Companies vary in what their expenses are and their categories?
- In publishing:
- There is some key information in invoices
- People need to respond to invoices from printers
- Different industries have come up with their own standards (EDI)
- EDI: Electonic Data Interchange
- Used for Business to Business transactions
- Banks have worked out how to exhange data amongst themselves
- In libraries: somebody wrote http://www.libraryelf.com/Default.aspx that requires you to give your credentials, and it tells you when your books are due.
- Companies decide WHEN to pay invoices to maximize their cash flows
- If you pay early then maybe you get a discount
- Can computers help with some of these problems?
- You favour certain relationships over others
- Quickbooks works under Linux using WINE?
- Studio Tax and UFile will work for tax returns in WINE
Considerations
- What people know
- People like their Word and Excel
- Migration costs are very high -- there has to be lots of benefit
- There are a bunch of updates to payroll and HST
- The software is always under development
- Upgrade costs are very high -- once you make a choice you are kind of stuck
- Accounting software needs to be customized to the particular needs of the organization
- Internal formatting is different from reports
- If internal structure is good then maybe making add-ons is feasible
- Humans will have to input most of the transactions?
- But there are point of sales
- Accountants need to verify the receipts
- Robust interfaces are important to avoid input errors
- Can the bookkeepers use the software?
- Does the software interface with the services (ADP) that the organization uses?
- What are the security implications of data breaches?
- Information leakage about things?
- Corporate surveillance? Future products?
- Know what your prices are?
- Know what different employees are paid?
- Medical/dental data
- Maybe you can't have plugins because that has the potential of violating integrity
- Can't proper transaction logging fix this?
- You close books at the end of the fiscal year
- This freezes accounts
Migration
- Take an end of year fiscal snapshot
- Move the summary to the new program
- Quickbooks will let you upload your desktop information to the cloud
- But you can't get the data back!
- Maybe the competitors will let you upload to THEIR clouds
- But Quickbooks does not support backwards compatibility on the desktop either
Back to: KWNPSA Meeting Notes
KWNPSA Meeting Notes for 2016-06-13
KWNPSA Meeting Notes for 2016-05-09
KWNPSA Meeting Notes for 2016-04-11
KWNPSA Meeting Notes for 2016-03-14
KWNPSA Meeting Notes for 2016-02-08
Estimating Time and Resources/Meeting notes for 2016-01-11
Collaborative Editing Tools
- Date
- Monday, 14 December 2015
- Event Announcement
- http://www.meetup.com/NetSquared-Kitchener-Waterloo/events/223909896/
How do people work together? How do you deal with privacy concerns? What tools work and what have problems?
- OneNote
- Etherpad and friends
- WebEx
Meeting notes
for 14 December 2015:
Many users want to use collaborative editing tools.
- What do you use?
- How do you deal with privacy concerns?
- How do you manage backups?
- What are the strengths and weaknesses of these systems?
- When are they best used?
Options
- Wikis
- OneNote
- Etherpad
- WebEx
- Slack (Mattermost?)
- Sharepoint
- Google Hangouts
- Google docs
Observations
- GoToMeeting is better than WebEx
- WebEx: poor audio
- Pretty expensive? ($50/month)
- Like Skype for 1-many
- There are different classes? Wikis are different from WebEx
- Wikis: collaborative editing
- GoToMeeting: realtime conferencing/interacting
- How can people work together on documents?
- LibreOffice tends to use Google Hangouts
- Hangouts allow multiple video and sound
- LibreOffice will also use IRC
- This is for discussions
- The kids use Google for everything
- Google docs allow you to edit simultaneously and chat
- They have versioning
- Marc backs up Google docs once a month into a zipfile
- You can choose the format
- Should we all embrace the Google?
- LibreOffice is trying to work on OneCloud
- This could be released next spring
- The internal file structure is well known
- Google Drive will let you mount a drive for Google Docs
- LibreOffice will let you edit files from Dropbox
- This is different than having documents mirrored on local drives?
- LibreOffice is a "do what you like" community
- eg there is little interest for any Android devs to develop an Android version, so they are contracting out the work.
- OwnCloud lets you edit LibreOffice collaboratively (without locking)
- This is like Etherpad
- But you cannot do spreadsheets
- Wikis are for structured text; Google docs are not (necessarily?)
- You need guidelines to put documentation into reasonable shape
- You need to handle your backups yourself
- Images have to be handled differently
- Back up each database separately
- Bob generated a 300MB --all-databases file
- He cannot restore the database properly
- Does that mean his file is toast?
- No, because he can chunk it apart
- But that is difficult
What do we want for collaboration?
Why is it more helpful to have multiple people collaborating?
- Conference organizing: You can have 5-6 people on a conference call all looking at the same spreadsheet.
- How do you decide who is taking care of each part? You play nice.
- The editing is not completely random
- Do you need to have a meeting? Not necessarily
- eg Agenda items
- eg collaborative web page editing (Etherpad/UbuntuPad) with text chatting
What is a typical number people who can play nice?
- Maybe 10?
- Sometimes a few people dominate
- Some people can't work like this; they have to take the document home
- But some people think they want to take the document home and then are won over to collaborative meetings
- Some people wreck everything and thus have to be limited to commenting
Grammar skills can be an issue. Can you assume good grammar?
- As they type content you can follow behind and edit
- It is most important for people to get their ideas out
This is similar to a writer's group
- Comments should be constructive
- This works best face to face (because criticism is hard)
People don't go into technical writing because you like creative writing
- Clarity is important in both, however
- Marc's group was reticent to use Google Docs at first, but they were won over
- They found chat to be efficient while editing the document
- He found the visual (Skype) harder
Marc worked on mumble for voice chat
- It is low resource
Is face to face or messaging easier? It depends on the group.
How do you choose the right tool for the job?
It is easy to put bullet points into a document and then organize after
How do you come up with protocols for collaboration?
- Marc's group was ad-hoc, but roles (leader, secretaries) tend to emerge
- There is trust involved
LibreOffice uses a lot of wikis
- Marc thinks they need WYSIWYG because the barrier to editing is too high
- You don't get good content so people get frustrated and leave
- The people LibreOffice is trying to support people who do not necessarily have good editing skills
- Do people who learn office software learn good styles?
- It does not matter. The ideas are important
- What is the bridge between thoughts and markup?
- Wikipedia is working on WYSIWYG tools
- Is Wikimedia not receptive to this?
- Drupal 8 has in-line editing now?
Should people have the right to NOT learn markup?
- If you force people to learn then you raise the barrier to entry
- That makes people elitist
- If the barrier to entry was lower then more people would end up learning the system
- Should people be forced to edit in Word?
- Smart people have the ability to learn it
(Oh no! Markup!)
Marc doesn't like Mediawiki because it is hard to are able to edit it in his group.
- People use all kinds of other tools
- What about eating our own dogfood?
- The initial documentation was not published in ODT
- Should people be forced to edit in Word?
- Smart people have the ability to learn it
Slack???
- Everybody loves slack
- Slack is the email killer?
- Easier to search (with group chat?)
- It is like a searchable newsgroup? mailing list?
- Do you have to go to the site in order to get the content?
- Conversations are collected chronologically so it is easier to go through them than on email chains
Gmail labels deduplicates messages into pointers to folders
How do you avoid the standards problem? Having yet another place to look for stuff.
Finding stuff on Etherpad and Ubuntupad is difficult unless you bookmark items with useful labels
It is impossible to search across Etherpad documents
Redmine can also be used for collaborative work
- Less useful for collaborative work?
- Ticketing assigns work to people : less good for volunteering
- Closing abandoned tickets is difficult (and frustrating!)
Matching employers to job-seekers?
- Use a dating site?
- Donor management software?
progress.com : Database company
- Record-oriented (vs set-oriented)
- It is its own language
- eg Home Hardware point of sale
- http://www.progress.com/customers/
Moodle
- Tim uses it
- It has a learning curve
VPSes
- DigitalOcean
- CloudAtCost
- Linode
Factors in collaboration
- Concurrent or not?
- Are you producing a document out of the tool or not?
- Does the document need to be exported or not?
Sidetrack: community foundation for the arts
- They are in every city?
- This is different from CEI
- The community foundation was giving CEI some money too
Back to: KWNPSA Meeting Notes
KWNPSA Meeting Notes for 2015-11-09
KWNPSA Meeting Notes for 2015-10-19
KWNPSA Meeting Notes for 2015-09-21
All About VoIP
- Date
- Monday, 17 August 2015
- Event Announcement
- http://www.meetup.com/NetSquared-Kitchener-Waterloo/events/223550824/
What combination of VoIP and PSTN lines do you use? What problems does VoIP solve for you? What problems does it create?
The meeting on Monday, 17 August 2015 was All About VoIP.
Discussion Questions
- What are you using?
- What do you like about VoIP? What do you not like?
- What providers do you use?
- What works better with PSTN? With VoIP?
- What are the pros and cons?
Arbitrary Comments
- What can we do with Teksavvy?
- Vonage vs ITSP? (Unlimitel, VoIP.ms) vs ISP (Teksavvy, Rogers) vs MagicJack
- MagicJack is an ATA? You need internet
- You can get a USB dongle as well (don't work under Linux)
- It is reliable enough for faxing
- $10 extra per year for a Canadian number
- $50/year + tax ($70 for the device)
- Berleine spends $32/year for a US number and service
- Unlimited minutes
- Call quality can suffer if the internet is busy
- Magicjack and Vonage are in the same space
- VoiP.ms and Unlimitel
- $1/month for the DID, $1.50 for Emergency 911
- Unlimited minutes
- Magicjack and Vonage are in the same space
- VoIP.ms: $1 + $1.50 for Emergency 911 + 1c/minute per calls
- You can buy a home package for $3.50 per month
- You can have subaccounts
- You can have many calls running simultaneously
- Fongo
- Free phone number, free calls, free voicemail, pay to send texts
- Freephoneline.ca is the same but for desktops
- How far can you get on a wifi phone?
- Sometimes quality is an issue
- SIP phones
- The Working Centre
- One PSTN line + voip lines + Norstar systems
- Use an ATA to convert VoIP.ms to analogue
- This does not work perfectly all the time (eg long tones)
- Brendan has tried to switch to all VoIP
- How do you trunk calls between buildings that use different systems?
- Idea: just map lines to phones so you can use Norstar handsets
- How can you receive calls in multiple locations?
- Voip.ms makes this easy
- You can use follow-me settings in Asterisk
- Faxing and virtual faxing
- Doesn't work so well on VoIP
- VoIP wants to break up packets, but faxes want a continuous
- Cheapest SIP phone: Grandstream GXP1400 (similar: GXP1405)
- Why VoIP?
- Cost: $40 for a PSTN line. VoIP can be cheaper
- Can use the same phone number for many calls
- We trust everything that goes over the internet
- Very configurable for free
- Why not VoIP?
- Depends on power to work. Don't have blackouts!
- Can't run faxing (reliably), DSL modems
- Can't use analog modems
- Can be reliability problems
- Security concerns
- Should have quality of service to ensure good performance
- Need upload bandwidth (16k-64kbps up per call depending on codec)
- Rollovers can be an issue between POTS and VoIP, depending on provider
- Costs more in terms of IT time
- You can do voip via internet addresses
- Older ADSL lines provide 700kbps up
- Bell VDSL is broken? Fibernetics does it right?
- Execulink is a provider that does PSTN rollovers right
- Can you do anything more with commercial VoIP than with regular Bell?
- Maybe. It depends on what the provider provides.
- Hiding callerID : easy
- Is this obsolete because of cellphones?
- The numbers are different
- Not as configurable
- But your cellphone works in a blackout (modulo batteries)
- You can't run your own cellphone service (in Canada)
- Compare to radio, community cable
- SIP clients for cellphones?
- SIPSimple?
- You can register to a local asterisk account
- Ring groups on VoIP.ms
- How can you make phones ring in certain locations only?
- Put a sip client on their phones
- Put Asterisk
- What Asterisk systems can be configured by Thursday?
- PBX in a Flash
- Elastix
- Cheap analog phones?
Acronym Fun
- ADSL : Asymmetric Digital Subsriber Line - High-speed Internet over an analog phone line
- ATA : Analog Telephone Adapter - Turns VoIP into PSTN lines.
- DID : Direct Inward Dialing - A phone number
- FXO : Foreign Exchange Office - Port that is on the phone. In asterisk, you use a port of this type when you want to integrate a PSTN line. Wikipedia:Fxo
- FXS : Foreign Exchange Service - Provides a dialtone. This can be from the wall, or the ports on an ATA
- Hunt groups: Choose which order phones will ring
- ISP : Internet Service Provider
- ITSP : Internet Telephony Service Provider - The company that provides VoIP service
- MWI: Message Waiting Indicator - The light that shows when you have voicemail
- PBX : Private Branch Exchange - the device that routes phone calls
- PSTN/POTS : Public Switched Telephone Network / Plain Old Telephone Service - A "Real" phone line
- QoS: Quality of Service - prefer sending packets to phones rather than Bittorrents
- Rollovers: First call a POTS line, then call a VoIP line with a different provider
- SIP : Session Initiation Protocol - VoIP protocol. There are others (eg IAX)
- VDSL : Very High Speed Digital Subscriber Line - ADSL on steroids
- VoIP : Voice over Internet Protocol - The trendy thing.
- VoIP registration: What phone will ring when you make a call to the number?
Keeping Remote Sites Up To Date
- Date
- Monday, 13 July 2015 from 7:00pm to 9:00pm
- Event Announcement
- https://www.meetup.com/NetSquared-Kitchener-Waterloo/events/223189124/
- Location
- The Working Centre, 58 Queen Street South, Kitchener Map
This month we will be talking about how to deal with multiple locations within an organization. We will be discussing things like file sharing setups for more than one location, communications between locations, different router types for VPN and such, etc....
Multiple locations may mean more than one office building, or other situations like employees who work from home or other remote locations.
Meeting Notes
What kinds of remote sites do you need to support/connect?
- Second location
- public facing location at one site
- People working remotely without having an office
What things do remote users need to do?
- File sharing: spreadsheets, word documents, PDFs
- Database use
What tools do you do to enable them?
- Sharepoint site for sharing documents
- Brendan uses an older version
- Syncing files between file shares
- Windows Server Remote App
- Small Business Server and Essentials
- Moving files to the cloud
- hosted server
- Syncing with dropbox
- Office 365 transitions workflow to the cloud
- VPNs
- Complicated for users
- SecurePoint client makes it easier
- Cisco mobility to connect (forwards all traffic via the VPN?)
- Local storage with encrypted storage
- files are stored remotely
- Windows BranchCache?
- Bittorrent sync, Dropbox, Syncthing
- Caching servers that sync overnight
- Microsoft DFS Replication (don't bother!)
- OneDrive for Business is still not working
- OpenVPN over OpenWRT
- Hamachi
- SSH tunnelling for remote access
- Remote support: SSH tunnelling, VNC, Fuse and SSHFS
- ownCloud with WebDAV
- ownCloud does not do symbolic links very well (OK on synchronized clients, not on WebUI or WebDAV mounts)
- WebEx (free for first three clients)
- http://www.remoteutilities.com/download/ : free for 10 clients
- AWS cloud?
- Using git for synchronization
What clouds are easy to set up?
- ownCloud on VPSes or your own servers
What is painful?
- Attaching remote files to local email
- Syncing multimedia files (photos)
- Downloading things from the VPN is slow
- People want things to work without learning anything
- Initially contact to a remote client: how do you get them setup?
- join.me, bomgar, TeamViewer, screensharing with Skype (slow)
- Users do not provide enough detail
- Slow connections on the remote end
- ADSL connections with slow uploads
- Can we stop the cloud?
- Synchronizing calendars
- ownCloud WebUI does not provide all the tools to manage appointments
- What webdav clients exist for Android? acal, solcalendar don't stay synchronized
- SunRise calendar: https://play.google.com/store/apps/details?id=am.sunrise.android.calendar
- business calendar: https://play.google.com/store/apps/details?id=netgenius.bizcal
- There is an Exchange connector for Android
Troubleshooting mobile devices?
- Remote support viewing on smartphones? WebEx, LogMeIn
Other considerations
- syncing over DSL
- online collaborative systems for sharing documents
- newer versions of Sharepoint allow concurrent editing of documents
- confidential/sensitive information being uploaded to The Cloud (tm)
- But any computer that is online is on the Cloud
- Storing medical information on the Cloud?
- VPN routers?
- They have VPN servers themselves (IPSec and PPTP)
- How do they find the clients? They use a road warrior setup
- German company: SoftMaker (word processor software)
ISPs
- Execulink supports vDSL now?
- Teksavvy has business offerings
- They have good support
- Yak
- Eyesurf : okay but limited
- Acanac ?
Back to: KWNPSA Meeting Notes
Keeping Computers Up To Date
- Date
- Monday, 8 June 2015 from 7:00pm to 9:00pm
- Event Announcement
- Keeping Computers Up To Date/Meeting Announcement 2015-06-08
- Location
- The Working Centre, 58 Queen Street South, Kitchener Map
Updating Desktops
You thought it would never happen again, but we are in fact holding a second Nonprofit Sysadmin meeting this Monday, June 8. As we did introductions last month I tried to collect some themes as future discussion topics. Somewhat arbitrarily, I propose that Monday's meeting be about keeping systems (specifically desktops) up to date:
- What tools do you use to keep desktops up to date? (Windows or Linux, or other)
- What tools do you use for third party updates (Flash? Adobe Reader? Hateful Java?)
- What tools do you use to monitor and ensure that updates are happening?
- How do you prevent desktops from filling up with spyware and other nonsense?
- For Windows people: what are you doing about the Windows 10 upgrade offer?
We will meet starting at 7pm at the main Working Centre building, 58 Queen Street South. Bill says that there is free parking kitty-corner from the Working Centre, on the other side of Charles.
If you know of interested sysadmins who might be interested in our conversation, please invite them to the meeting.
- Paul
Upcoming meeting topics
- July: Administrating remote locations and people who work from home
- August: All about VoIP
Here are the bullet-point notes I took from tonight's meeting.
(Paul Nijjar)
Someone needs to remind the list about how to get information for logging into the wiki.
Meeting Notes
Updating Computers
Linux
- Run apt-get manually
- apticron: emails when there are updates
- unattended-upgrades: does security updates automatically
- apt-dater: run updates in parallel
- rkhunter
- chkrootkit
Windows
- Download and ask to install
- WSUS updates
- Download updates and shut down
Third Party Updates
- ninite.com
- wpkg.org
- chocolatey.org
- wsusoffline.net
Restoring computers
- DriveVaccine (SUCKS)
- SteadyState (RIP)
- SteadierState
- Faronics DeepFreeze
- Virtual terminal servers (Multipoint server)
- Ubuntu with guest account
- PlayOnLinux: install Wine easier
- DelProf
Introductions And Planning
- Date
- Monday, 11 May 2015 from 7:00pm to 9:00pm
- Event Announcement
- Introductions And Planning/Meeting Announcement 2015-05-11
- Location
- The Working Centre, 58 Queen Street South, Kitchener Map
During the first meeting I figure we can introduce ourselves, work out the logistics, and introduce some of the things that are challenging us in our sysadmin work.
- Paul
- There are no meeting notes for this session.
- (KWNPSA Upcoming Events)
- (KWNPSA Past Events)
- (KWNPSA Meeting Notes on one page)
- (KWNPSA Requested Topics)