All posts by Sean Sosik-Hamor

We Hire Bloggers Who Immediately Stop Blogging

Years ago in 2007, when I first joined Canonical as a staffer, I attended their yearly in-person all-hands meeting during my second week of employment. During the opening plenary, after the icebreaker where all new employees were asked to stand up and explain the history of their IRC pseudonym, the presenter lamented, “We hire bloggers who immediately stop blogging.”

The presenter then went on to talk about how many prospective candidates make it through to the final-round interviews because of their public open source contributions and blog entires. Which makes perfect sense! Ubuntu is open source. Canonical hires expert open source contributors. And what better way is there to promote your open source contributions than to blog about them!

But the comment about how new hires stop blogging really stayed with me. While working at Pepper before Canonical I used to blog daily here on Inert Ramblings and many other now-defunct platforms and forums. I blogged about everything from diet and exercise to tech industry news to photography and journalism.

I Immediately Stopped Blogging

Three months before my team was officially hired by Canonical, Pepper was contracted with Canonical for three months to work on the then-skunk works Ubuntu mobile project.

Everyone at Pepper, including myself, went heads-down with tighter deadlines and more intensive workloads. We found less time to work on our personal open source projects and endeavors. Which in turn led to less things to blog about. Even our after-hours personal time was now dedicated to Canonical projects.

Don’t get me wrong. This wasn’t a bad thing! I’m a geek. I have geek hobbies. Canonical was my dream job and my workload coincidentally paralleled my hobbies. So, for me, it was a win-win!

The only real difference was that I stopped blogging because I was so busy with work. I stopped posting to Inert Ramblings. I stopped posting to photography forums. I stopped posting to coding forums. I stopped posting to the social media platforms that were active at the time. I even stopped rally racing.

It’s not that the previous culture at Canonical dissuaded against blogging. It’s just that there was no incentive to blog anymore. If we were blogging then we weren’t working towards our deadlines. And, although Canonical management made the occasional comments wondering why folks stopped blogging, there was never an official company policy to promote blogging and make it part of our daily workflow.

Start your blogging engines!

Luckily, things changed a few years ago. Canonical holds quarterly product roadmap sprints for key managers and engineers. I organized most of these sprints and, during numerous plenary sessions over the past few years, upper management made it a point to encourage teams to blog about their non-proprietary projects.

Which is great! Canonical’s Ubuntu Blog started seeing more content and traffic. More content started appearing on employee personal blogs. News organizations started picking up stories based on employee blog entries. And, during every roadmap cycle, managers encouraged their employees to blog about what they’re working on.

And the community took notice! More blog content from Canonical and their employees started getting syndicated. My RSS reader is now filled with content from both the official Ubuntu Blog and personal employee blogs!

So, take note. Your company’s marketing team shouldn’t be your only outreach channel. Your employee’s personal blogs can be just as bolstering for your product and service offering!


Sean Sosik-Hamor is a former employee of Canonical. Working within Canonical’s IS Team Alpha Squad, Sean’s focus was end-to-end logistics, planning, implementation, and photography for corporate events, summits, conventions, data centers, facilities, equipment transport, and constructing offices and data centers.

He is currently entertaining offers for full-time positions within the photography, event, and data center fields.

Create Shell Scripts to Implement Your Own Local Fix for Poor App UI/UX

Repository: Sean Sosik-Hamor’s Snippets-Collection on GitHub.com – Newsvoice.com

I’ve recently started submitting summary posts to Newsvoice.com to expand my journalism portfolio for Hamor Photography in Pelham, NH.

But, like many web-based services, the web app doesn’t implement the same feature set as the smartphone app and vice versa. More frustratingly, neither app seems to allow editors to view a list of their submitted story links or their summaries pending moderation.

So I’ve hacked together a quick shell script to find the latest published summary URL on Newsvoice.com, iterate from that URL through a list of all recently-submitted summaries (both published and unpublished), and do a case-insensitive search for a single-word string that appears in your latest submitted title.

That way, as soon as you submit the links and title, you can immediately find the URL to your unmoderated story links page and submit your summary for moderation before another contributor claims it!

And, once the story links page is is approved by moderators, the script will also find all other stories that link to the page.

Unless I’m overlooking some obvious functionality during the submission process the workflow seems to entail:

  1. Submit multiple links for a news story from different reputable news sources with differing views, opinions, or biases.
  2. Create a short, unbiased, factual title to describe the story links.
  3. Wait for your links and title to be approved by moderators.
  4. Tap the approval notification that’s pushed to your smartphone.
  5. Create an unbiased summary of the story.
  6. Wait for your summary to be approved by moderators.
  7. The final story with summary and links will publish publicly on the Newsvoice front page or channel page once approved my moderators.

It sounds pretty straightforward. But things get frustrating going into step 4.

Once the links are approved by moderators anyone can claim the story links and write their own unbiased summary of the story. Like Wikipedia, shared editing with public accountability is the whole point of Newsvoice. But the only approval notice that you receive is via the single push notification on your smartphone.

When you tap the notification it permanently disappears. If you unlock your smartphone without tapping the notification, and the Newsvoice app was the last app that you used, then the notification permanently disappears without displaying the approved story links screen within the app.

Either way, if you forget to save the approved story links page in the smartphone app once you tap the notification, then you can’t find it again. And, since you’re not given the story ID or URL, you can’t find the story links page through the web app either.

And that’s not even taking into consideration that trying to write summaries on a tiny smartphone screen is less than ideal.

It could take a couple hours for the links to show up as a published story links page with no summary and, in the meantime, someone else could click claim.

So far I’m a fan of the idea of the Newsvoice platform. The more I use the platform as a non-moderator contributor the more frustrated I become. It should also be noted that, any time I’ve submitted more than two links to a story, only one or two links are approved. Other summary pages may show a dozen or more links so my assumption is only links submitted by multiple contributors (or merged pages) display more than a link or two.

Updated Sunday, July 26, 2020 to fix a typo, reorder paragraphs, and add a conclusion paragraph.

Configuring a TFTP server on Ubuntu for switch upgrades and maintenance

Note: Community TFTP documentation is on the Ubuntu Wiki but this short guide adds extra steps to help secure and safeguard your TFTP server.

Every Data Centre Engineer should have a TFTP server somewhere on their network whether it be running on a production host or running on their own notebook for disaster recovery. And since TFTP is lightweight without any user authentication care should be taken to prevent access to or overwriting of critical files.

The following example is similar to the configuration I run on my personal Ubuntu notebook and home Ubuntu servers. This allows me to do switch firmware upgrades and backup configuration files regardless of environment since my notebook is always with me.

Step 1: Install TFTP and TFTP server

$ sudo apt update; sudo apt install tftp-hpa tftpd-hpa

Step 2: Configure TFTP server

The default configuration below allows switches and other devices to download files but, if you have predictable filenames, then anyone can download those files if you configure TFTP Server on your notebook. This can lead to dissemination of copyrighted firmware images or config files that may contain passwords and other sensitive information.

# /etc/default/tftpd-hpa

TFTP_USERNAME="tftp"
TFTP_DIRECTORY="/var/lib/tftpboot"
TFTP_ADDRESS=":69"
TFTP_OPTIONS="--secure"

Instead of keeping any files directly in the /var/lib/tftpboot base directory I’ll use mktemp to create incoming and outgoing directories with hard-to-guess names. This prevents guessing common filenames.

First create an outgoing directory owned by root mode 755. Files in this directory should be owned by root to prevent unauthorized or accidental overwriting. You wouldn’t want your expensive Cisco IOS firmware image accidentally or maliciously overwritten.

$ cd /var/lib/tftpboot
$ sudo chmod 755 $(sudo mktemp -d XXXXXXXXXX --suffix=-outgoing)

Next create incoming directory owned by tftp mode 700 . This allows tftpd-hpa to create files in this directory if configured to do so.

$ sudo chown tftp:tftp $(sudo mktemp -d XXXXXXXXXX --suffix=-incoming)
$ ls -1
ocSZiwPCkH-outgoing
UHiI443eTG-incoming

Configure tftpd-hpa to allow creation of new files. Simply add –create to TFTP_OPTIONS in /etc/default/tftpd-hpa.

# /etc/default/tftpd-hpa

TFTP_USERNAME="tftp"
TFTP_DIRECTORY="/var/lib/tftpboot"
TFTP_ADDRESS=":69"
TFTP_OPTIONS="--secure --create"

And lastly restart tftpd-hpa.

$ sudo /etc/init.d/tftpd-hpa restart
[ ok ] Restarting tftpd-hpa (via systemctl): tftpd-hpa.service.

Step 3: Firewall rules

If you have a software firewall enabled you’ll need to allow access to port 69/udp. Either add this rule to your firewall scripts if you manually configure iptables or run the following UFW command:

$ sudo ufw allow tftp

Step 4: Transfer files

Before doing a firmware upgrade or other possibly destructive maintenance I always backup my switch config and firmware.

cisco-switch#copy running-config tftp://192.168.0.1/UHiI443eTG-incoming/config-cisco-switch
Address or name of remote host [192.168.0.1]? 
Destination filename [UHiI443eTG-incoming/config-cisco-switch]? 
 
 !!
3554 bytes copied in 0.388 secs (9160 bytes/sec)
cisco-switch#copy flash:?
flash:c1900-universalk9-mz.SPA.156-3.M2.bin flash:ccpexp flash:cpconfig-19xx.cfg flash:home.shtml
flash:vlan.dat

cisco-switch#copy flash:c1900-universalk9-mz.SPA.156-3.M2.bin tftp://192.168.0.1/UHiI443eTG-incoming/c1900-universalk9-mz.SPA.156-3.M2.bin 
Address or name of remote host [192.168.0.1]? 
Destination filename [UHiI443eTG-incoming/c1900-universalk9-mz.SPA.156-3.M2.bin]? 
!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
85258084 bytes copied in 172.692 secs (493700 bytes/sec)

Files in incoming will be owned by tftp mode 666 (world writable) by default. Remember to move those files to your outgoing directory and change ownership to root mode 644 for safe keeping.

Once you’re sure your switch config and firmware is safely backed up it’s safe to copy new firmware to flash or do any other required destructive maintenance.

Step 5: Prevent TFTP access

It’s good practice on a notebook to deny services when not actively in-use. Assuming you have a software firewall be sure to deny access to your TFTP server when on the road or when connected to hostile networks.

$ sudo ufw deny tftp
Rule updated
Rule updated (v6)
$ sudo ufw status
Status: active

To Action From
-- ------ ----
CUPS ALLOW Anywhere 
OpenSSH DENY Anywhere 
69/udp DENY Anywhere 
CUPS (v6) ALLOW Anywhere (v6) 
OpenSSH (v6) DENY Anywhere (v6) 
69/udp (v6) DENY Anywhere (v6)

Is Google Chrome running obscenely slow on your obscenely expensive Mac Pro or Retina MacBook Pro with 4K or UHD monitor? Fear not…

My shiny Mac Pro just arrived along with a pair of Dell 28 Ultra HD (P2815Q) Monitors (2160p). I anxiously plugged everything in, fired up Google Chrome, and waited…and waited…and waited…and waited. The dreaded spinning pinwheel of death greeted me and it took minutes for each page to load. Not even the chrome://settings/ or chrome://version/ pages would load. Chrome was basically unusable.

Odd, since everything was running fine when I had the Mac Pro plugged into my Sony R550A 60″ HDTV (1080p). I begrudgingly switched to Safari and started to do some digging.

Turns out the latest Chrome Stable and Chrome Beta (as of 13-Mar-2014) eat themselves right in the face when plugged into 4K or UHD displays. I’m unable to find a specific bug report but I did manage to find a single general complaint thread in the Google Product Forums from Oct/Nov 2013. Turns out I’m not the only one experiencing this problem.

Luckily the problem has been fixed in the latest Chrome Dev 35.0.1883.0 and Chrome Canary 35.0.1888.0 builds so just download either of those versions. Chrome now completely screams on the Mac Pro.

Version information: Mac Pro Late 2013 MacPro6,1 running Mac OS X 10.9.2 Mavericks.

Wi-Fi regulatory domains are a pain

Managing multiple facilities across multiple continents can be a pain especially when Wi-Fi is involved. Different regions use different frequencies depending on regulatory domain. And, depending on your hardware vendor, compliant hardware could be backordered.

In my case, the Cisco Aironet 1140 Series Access Point (AIR-AP1142N-T-K9 802.11a/g/n Standalone AP; Int Ant; Taiwan C) is backordered by 4-6 weeks. I guess our Taipei 101 office is out of luck for a while unless I can find a different piece of compliant hardware.

Here are some miscellaneous regulatory notes for when I need to revisit this in the future:

Pulling the Karakoram out of storage

Since Operation Stop Being a Fatass 2.0 is progressing rather satisfactorily (down 15 pounds this month) I’ll be pulling my trusty 1992 GT Karakoram Full Rigid out of storage so I can give it a proper tuneup and start hitting the trails again. With the exception of racing my nephews up and down the cul-de-sac I haven’t gone riding since Summer of 2004 and the Karakoram desperately needs some TLC since it was ridden hard and put away wet without any end of season maintenance. I got fat and it started rusting.

So I’ve now committed myself financially to getting back behind the bars by picking up the supplies required to finally do a complete overhaul. A Park Tool PCS-10 Home Mechanic Repair Stand and Park Tool Work Tray will keep the bike firmly planted on the workbench while I tickle its naughty bits with a Park Tool AK-37 Advanced Mechanic Tool Kit, Finish Line Speed Degreaser, and Finish Line DRY Teflon Bicycle Chain Lube. My full automotive mechanic tool kit was missing many of the critical tools to properly maintain a bike so I needed the AK-37 kit to fill in the gaps.

Assuming I actually follow through, start riding again, and hit my initial goal weight of 240ish pounds by the end of the Summer I’ll definitely upgrade to a 2012 GT Karakoram 1.0 Hardtail 29er. No way I’m going to drop the coin to go full suspension unless I get under 200 pounds and am doing some serious miles. And if the wife wants to start riding as well then a 2012 GT Palomar Hardtail will probably be in her future.

Operation Stop Being a Fatass 2.0 is well underway

It’s been seven years since I mused about weight loss on this Blog. And in that seven years I’ve embarrassingly regained almost all the weight I so elatedly lost and enthusiastically wrote about. An unfortunate combination of work, stress, and a complete lack of healthful motivation turned those seven years into a crash course of unhinged weight gain.

I saw and felt it happening as I ballooned back up to a 46″ waist and had to dig out my cache of old 2XL geek and hacker t-shirts that had been packed away for nostalgic reasons. But even as I jumped up each size I just didn’t care. And on New Year’s Day of this year I weighed in at 308.6 pounds. Not quite the 330 pounds I weighed at my all-time high in 1998 but a Hell of a lot more than the 220ish pounds I weighed at my last health-related entry in 2004.

So Operation Stop Being a Fatass 1.0 ended in failure but Operation Stop Being a Fatass 2.0 is well underway thanks to some hardy motivation from my lovely wife since we’ve both vowed to get back into shape together. Since the beginning of January I’ve dropped 12.6 pounds and I’m down to 296 pounds. That may seem like a tiny victory but it’s a victory nonetheless.

The Hacker’s Diet is still my primary motivation and going back to Blogging about my fat ass will definitely help but I’ve also added some additional tools to my aresenal:

HP Mini 1000 and 110 batteries on sale

For you mobile geeks out there HP Home currently has 3-cell batteries for the HP Mini 1000 and 110 on sale for 60% off as well as a $15-off coupon you can use (ACY93421). No idea how long this is going to last.

The 6-cell batteries are regular price but the coupon should also work.

Photo credit: http://www.flickr.com/photos/minami/ / CC BY-NC-SA 2.0

Upgrading Polycom firmware

If you have a mixed bag of Polycom kit in your office, be sure to check out the VoIP SIP Software Release Matrix to check on compatible versions. In our case, I chose SIP version 3.1.3RevC since it’s compatible with both the IP 430 and the IP 4000. I’ll probably bump up to SIP version 3.2.0 for the IP 430; just not today.

Also pay special attention to the release notes. Just because a Firmware version is on the download page for a particular model doesn’t mean it will work. We had to mix and match with Firmware version 4.1.3 for the IP 4000 and 4.2.0 for the IP 430. This is difficult (but not impossible) since pre-4.0 Firmware versions look for bootrom.ld instead of modelnumber.bootrom.ld in 4.0 and higher versions.
Continue reading Upgrading Polycom firmware