Sunday, June 24, 2018

Someone should have told me this earlier...



The reference that should be read by everyone aged over 30 that wishes to move to Finland

In Finland is job seeking and finding the desired job for foreigners is a general problem . The problem doesn't arise from the fact that it's a small country but, it lays within the history of Finland. Finland is a country and the Finnish people have come along way in a very short amount of time. If you look back at the 150 year history of Finland you will realize that Finland hasn't actually been so wealthy as it’s neighbors Sweden or Russia nor they their relations haven’t been great. Due to this fact, it has concentrated its focus on workmanship and education to become better.

Respectfully this formula has worked out over the last 20 years or so and this has made them well trained and educated. Their education has been and always will be targeted on manpower and being professional at what you do. That's why nearly every job in Finland requires "license". Of course certification does not mean you are experienced at the job, but if certify's that you are educated and able to perform the job according to the laws and regulations. As Finland is a "country of workmanship", vocational nearly all jobs are supported by vocational trainings/education and training periods, just to get you a little experienced.

Now, if we compare this to us foreigners, you will see that there's a huge gap. What usually happens elsewhere is you graduate or leave school and you somehow endup doing some job that you professionalize in and over time you become experienced in that certain field. That job becomes your career and occupation. Of course, within your own power you train and expand your knowledge by "self-training". Years of workmanship brews your experience and you eventually "become a professional".

This system usually works elsewhere but Finland, due the local population having been well trained vocationally and / or occupationally on the subjects they have chosen. For example, even the most regular service related occupations such as taxi drivers', waiters, barmen, cleaning, construction, machine operation etc. require to have vocational job training and certification examinations to be able to perform that task. These certifications are also counted as the "license" to perform the task. (Barmens require alkolupa, taxi drivers, taxi driver's license, cleaners, hygene pass etc.)

This is the point actually the language barrier kicks in as most of the trainings are in Finnish language, targetted only to the Finnish population. I have been trying to point this matter out to every audience I can find. Though the Finnish language is extremely difficult to learn compared to the other latin based languages, it's not impossible to learn. But of course our difficulty isn't arising from the difficulty of the language but lined directly to the fact that we are already well experienced and "unemployed".

What I mean is, whenever I discuss with some university kid or a newly graduated, I find myself in the argument of Finnish language being easy or difficult. It's a pointless discussion as a university undergraduate or a new graduate still doesn't usually have urge of fulfilling the responsibilities of life such as car/house payment, children etc. as like the 35+ year old person who is already experienced elsewhere, who has spent most of his life trying to fulfill his responsibilities without the support of the government. Experienced newcomers tend to look at it as they have been used to before; the need to find work and earn money immediately.

Sorry, my argument still withstands as this doesn't happen very often here. Some young computer programmer gets a job as it's currently in the mainstream and argues that it's not difficult to find a job...

Though partially even the newcomer foreigners are supported by the Finnish legistlation as you all know it's merely a charity. Even the refugees get better support.

My conclusions are:

  1. If you are not young anymore, educated and/or experienced in your career, it's better for you to seek habitance elsewhere as Finland, nor it's socio-economical system may not fullfil your needs as it requires time for you to get localized and fit into the socio-economy’s needs.
  2. If you have a professional diploma obtained from outside of Finland, though you may get it converted, the chances of you finding a desired career is pretty slim due to the fact that it's not localized to the local system nor neither are you; so forth to speak as there's a population against you who believe that their local diplomas and certifications are way better than yours (even though you are probably more experienced than them).
  3. Even if your education, experience, certification may be "better" (eg. if you are a Harvard, Oxford, MIT grad etc.) you may be mobbed and mistreated by your co-workers as they are not very familiar with foreigners being "better" (educated or experienced). You may even have to perform harder than the locals to prove that you are as good as them.
  4. If you are lucky enough to find the desired job, it’s a good idea you stick to it until the end of time as most probably you will not be able to find something better to advance in your career here. (Remember that, you have to under-perform compared to your coworkers as they may feel agitated and may consider you as “competition” -yeah, it’s a contradiction! ).

Bottomline is, the best education perhaps might be in Finland, but if you have moved on in your life and believe that you have left the fun days of school far behind, relocating to Finland may not be right choice for you. (Most probably you have been brainwashed by your spouse or by the social mediaon how perfect, peaceful, secure life in Finland is and with your education and experience it wouldn’t be so difficult for you to get the dream job you desire etc. -that’s another topic.)

As I mentioned in a recent media interview, this is one of the reasons why Finland has the most highly educated blue-collar workers which are even capable of splitting atoms whilst cleaning toilets or serving pizza or driving a taxi.

Sunday, June 17, 2018

My most ever challenging project

For some reason this topic came up as a question in quite a few interviews. Though I remember "my most challenging project" rather well, I tend to leave it out from the discussions, due to several reasons (and as it sounds too fantastic).


It was just after Y2K (2000) era, when humans realized that the world wasn't going to destroy itself due to the limitations of the date problem in early computers...Our journey with Karma had just ended and I was hunting hight and low, when a fellow friend, who was the CEO of a major IT Project company, in Turkey (I am publishing this article with his kind permission). I had signed up to work on project basis, ranging from networking hardware to complex IT tender projects

Soon enough a "Mission Impossible" project landed on my desk. Turkish Directorate of Motorways -(TCK was and still is one of the major gov't tenderers in Turkey) had recently opened a tender for data connectivity project for the Istanbul's two Bosphorus Bridges datacentre's.(As there are toll booths on both bridges, the data used be collected to huge tapes then manually shipped to the hq datacenter, which of course meant a huge vulnerability).

At first glance in 2018, the project may seem quite simple, but in early 2000 era of Turkey, where fiber connectivity was only a myth. Most of the city’s internetworking backbone was built on dialups and copper cables which were connected over tens of pops.. Due to the extremely low quality cabling, excessive pop usage, speeds over 2 Mbps (async ofc!) was only a dream. Whilst the Telecom was still trying to hurdle with the leased copper lines, though it was available in selected locations, ISDN was part of the dream; even then 4-5 128kbit lines didn’t solve anything.

So the TCK had a huge bottleneck as trying to link both bridges’ datacenters into one, generally meant for the offering companies to use at least 2x 2 Mbit copper Leased lines over approx. 20 pop locations. Of course this means huge hardware as the day had it’s limitations. Estimated value for the project was around $ 2m.


Of course, first alternative that came to my mind was to lay a 5 km of fiber cable under the Bosphorus Sea. Though it seemed reasonable, it still was risky as Istanbul is known for it’s unsolicited constructions, yes, even underwater and as the govt’s offices were so disconnected from each other, they usually wouldn’t even bother letting the other party know that they are going to dig in their turf, until they damage something :)) ; plus, Bosphorus Sea itself isn’t a soft cookie. It’s known for its strong currents, which generally meant extra shielded fiber wires needed to be used with a lot of slack. When we added the costs it came close to $ 2m, which didn’t really leave much profit for us.

Wireless? What wireless? We are talking about year 2002. How can you get a secure wireless singal over 5 km and achieve 2Mbit data connectivity ?

I didn’t know it was possible and most of you out there, still do not know that it is possible !  

With a long flight to Canada and vast R & D, I was convinced that it was possible; at least it was possible to send 155 Mbit at full duplex over 4 km and the company was promising that weather conditions such as rain, fog, snow didn’t matter. After the nda, we shared our project with the manufacturer who mainly served on military contract, which were actually fascinated with the idea. They were so fascinated, they even decided to support the project !

The challenges were that the direct line distance from A to B was about 5 kms (4.9) and the range of the device was limited to 3 km (2.8 guaranteed). This simply meant we needed a pop somewhere in the middle, perhaps on a cell tower or something even higher ! Also due to the technology of the products all the transreceivers had to see one and other over a certain degree range.

You still don’t know what I am talking about do you ? OK, no need for mystery. There’s a technology that exists since the late 90’s and is widely used where cable or radio signal connectivity isn’t possible :)) Yeah I know. I drooled too.

It’s called FSO – Free Space Optics. You can read all about what it is here. Similar technology is currently used today to transmit live HD video from the ISS to earth and enabling us to view it over YouTube live. Though our goal was to obtain the “AFAP” (as far as possible + as fast as possible) fSONA can obtain around 2.Gbit data rate over shorter distances today.

What FSO is:
Free Space Optics (FSO), also called Free Space Photonics (FSP) or Optical Wireless, refers to the transmission of modulated visible or infrared (IR) beams through the atmosphere to obtain broadband communications. FSO systems can function over distances of several kilometers. As long as there is a clear line of sight between the source and the destination, and enough transmitter power, communication is theoretically possible. Like fiber, FSO uses lasers to transmit data, but instead of enclosing the data stream in a glass fiber, it is transmitted through the air.

In A Nutshell - FSO transmits invisible, eye-safe light beams from one "telescope" to another using low power infrared lasers in the teraHertz spectrum, where capacity can reasonably be expected to reach 10 Gbps. The light beam carries whatever optical transmission signal (layer 2 or MAC) and protocol framing a manufacturer chooses to market, typically SONET/ATM and 10/100/1000 Ethernet. Plus, unlike other free space communication systems, FSO doesn’t require licensing.

I admit it took me a while to convince my friend who actually had put me up to this task as this technology was quite unknown then and it still is pretty much unknown in today’s IT world.

The most amusing part was that all equipment and the installation cost was merely $ 400k ! On the day of the tender, it was quite crowded, probably around 30 companies, some are tendering, the rest just curious enthusiasts.

As expected, first offer was from one of the leading IT project companies and their offer was to go use 2 x 2Mbps LL coppers over 20 pops and hops which guaranteed 1.5 Mbps over the low quality and totally untrustable backbone of Istanbul at a round figure of $ 1.7m. The reason for 2x LL was to achieve the redundancy as well as to load balance the traffic. (But, I can’t help still thinking, wtf is the point of having 2x copper wires going through the same route, same potholes etc. as they are bound together for damage !)

All of the offers in the specific tender were based on copper wire technologies and they just played around the prices on their active/passive hardware via the discounts on their GPLs. The price was as low as $ 1.4m, until we stepped in. Our starting offfer was around 20% lower than the closest competitor and a huge gap of 144 Mbps in full duplex !

I still remember that moment quite well as all the heads suddenly turned towards us like a herd of penguins!! There were quite few synical grins by the “pro’s of the trade” like it was some kind of a joke being told. After a 5 minute presentation, TCK had to decide that there’s no reason for a 2nd round to tender. After selection of a substute, there was a huge rowl in the room people screaming in pain and distress ! 😂😂😄😄

As a rookie conqueror, I remember that moment quite well. With a simple proactive thinking and deep research I had managed to defeat the top 10 brands and the pro-IT companies which were left clueless ; which several of them went far enough to threaten us with legal proceedings due to their misery!

It was until next Monday that my victory celebrations lasted, when the company owner, who reminded me that I was the leader of the project which didn’t only consist of the sales part of the project, but also the supervision of the installation as I had agreed previously.

Our project proposal actually consisted of placing 2x beacons on the highest point of the two Bosphorus Bridges as well as installing 2x beacons on a antenna tower (approx. 45m high) at the center location as a bridge point. (and I always thought the firm had technicians to install the devices!!!).

First one to bail out was the manufacturer, then the company’s other techies 😀😀😄 as the distance to place the beacons were as high as 170m from sea level (approx. 70m from the carriage way to the peak of the carrier towers) on a tiny platform as wide as 3 x 4 m !! Though I tried to explain to my fellow technicians that all towers consisted of elevators to take them up, I guess I wasn’t very successful.

Frankly, as being one of the fortunate ones to experience the 1999 Izmit earthquake (7.6 magnitude) on a high tower apartment, I knew what it feels like to be in a high altitude when the ground is moving. As both of the Bosphorus Bridges are suspension bridges, they relatively move around even when you are on the carriage way. But being on a 12m2 platform, 70m higher and in open-air…….. … --- …

Admittedly I was an adrenaline junkie until that day and I had never had experienced any anxiety whatsoever.

Fortunately it took approx. 4 months for the goods to be shipped from Canada to Turkey; enough time to get used to the idea of working at high altitude. Luckily I had managed to convince two professional mountaineers from Middle Eastern Technical University to assist me on my quest….

Until that day, I had thought I had completed my “most challenging project”….
It was sometime in 2002 a cloudy Spring day that was scheduled for the climb on the primary tower of Fatih Sultan Mehmet bridge. It took us around an hour to carry the equipment to the leg of the bridge, where we loaded them onto the service elevator for the ascension 😇😇

When the climb began, I had alreay calculated the wind, the vibration but what I hadn’t taken into consideration was the flexibility ratio of the steel-reinforced concrete tower! Honestly, I have lived that moment in my nightmares for several years.

When we were in the final chamber, it was much smaller than I had expected. Though scene was spectacular, I realized there was no reason to wear the safety helmet as incase of a mishap, it wouldn’t really matter on which part of my body I would land on 😆😆😆😆 Although we were securely harnessed to the rails by double safety belts (to move around you need to detach/attach one belt at a time) due to the gushing winds as well as the flexing tower (I would have never guessed that concrete would flex so much) I could hardly standup (yeah also due to the height LOL!). For a second or so, for a reason that I could not comprehend I had wished to try base jumping from that point. I guess it would have been more fun.

Of course as we hadn’t unpacked the goods on the ground level, we had to cancel the event and head back to the ground level to re-prepare. On the 2nd trial it was more comforting than the first mockup as the boxes were unpacked and everything was nearly ready to go. After 2 hours of drilling the reinforced concrete, we managed to fixate the beacon on the tower and install the network cable behind it all the way down the elevator shaft. I even had managed to get few shots on my 2MP Kodak camera !
No, the rest wasn’t child’s play. Though I didn’t have to climb to the top of the bridging tower in the center, I had to do the climbing once again on the old Bosphorus Bridge, which was about the same height, the concrete was crumbly and it rocked like a cradle. After a month of constant climbs, tests, I had managed to complete the project on time and hand it over to the offfice doodes who think themselves are real technicians 😈😈😈

I think it was around then I had got the idea to get married and settle down...sigh...I wish I was on top of that tower instead now (at least I had harnesses)….

Was it worth it ? 

Hell Yeah ! Let's go again !

References:
fSONA - http://www.fsona.com
Wikipedia - https://en.wikipedia.org/wiki/Free-space_optical_communication



Saturday, June 9, 2018

How to block cryptocurrency mining in web browser? (Part-2 - Solutions)

For the first part, please refer here.

How to block cryptocurrency mining in web browser?

In my previous blog on the subject I had given brief information on how the website owners were secretly trying to monetize by running cryptocurrency mining scripts on your browser, causing your cpu to spike. The common symptom is your CPU gets too hot too quickly when you visit a website (and most probably drains your battery too quickly). 

This method is commonly known as coin-hive mining or cyrptojacking.

How to detect if the site is running cyrptocurrency mining on your web browser?

Check for your browser's CPU usage. Sadly the mining javascript code has been optimized for Windows OS's as it's the most common OS out there. Reseach shows that Internet Explorer and Google Chrome are the ones who gets the most of the polarity as the script allows the browsers to run in the background, even the window is closed. 

But this doesn't mean it doesn't affect other OS'es such as the OSX or Linux. It does. As the most browsers are platform independent and it is executed on the browser, the cryptojacker code functions worse than on Windows computers as it can result in spiking your CPU utilization over 200%.


  1. So first step is to select from browser settings to stop allowing it to run in the background (most people allow their browsers to run in the background due to the addons in the browsers such as the mailcheckers). If the the browser CPU usage is above 50% this generally means, someone is using your CPU without your permission. 
  2. If you know your way around in Windows, you can block access to the mining sites from your windows hosts file (you need admin permission to modify the file). This way by blocking particular domains your browser won’t be able to connect to these domains. We can edit the hosts file and redirect it to 0.0.0.0. Your hosts file is located at C:\Windows\System32\drivers\etc subfolder.

For Linux users. type sudo nano /etc/hosts which will give access to your hosts file. Just add the addresses of the domains to the host file as stated below. 



3. Use browser Chrome browser extensions to block cryptojacking websites from Google web store. Frankly I was going to advise the extension "No Coin", but, though it worked perfectly in the begining, as the developer has stopped updating the code, it does NOT work anymore. Most probably, cryptojackers found a way to bypass the blocker, which makes the addon useless (most sites on the net refer to No Coin as being the best addon, but it's not. That's why I have shared this information). 

Instead I am advising to use "minerBlock" which a simple, lightweight addon which works perfectly. The extension uses two different approaches to block miners. The first one is based on blocking requests/scripts loaded from a blacklist, this is the traditional approach adopted by most ad-blockers and other mining blockers.


The other approach which makes MinerBlock more efficient against cryptojacking is detecting potential mining behavior inside loaded scripts and kills them immediately. This makes the extension able to block inline scripts as well as miners running through proxies.

There's also a minerBlock extension available for Firefox browsers, which also functions perfectly. 

BEWARE: MinerBlock addon should be only installed from Chrome Webstore or Firefox web store as it is known that some n00b has created a fake version of this addon, which when installed, instead of blocking cryptojackers, it plays a loop of videos in the background, causing your cpu to spike. 

4. Though it's not my first preference, you can also block the cryptojack sites by adding custom filter to your Ad Blocker (AdBlock Plus is the best so below are for Adblock Plus)

In Chrome, click on the menu button, More tools, and then Extensions. Find Adblock Plus, click on Options, click the “Add your own filters” tab at the top, and in the text field that appears enter ||coin-hive.com/lib/coinhive.min.js and click +Add Filter. (Note: This is only an example of a domain to be blocked. The complete list can be downloaded from here)

In Firefox, select the Firefox menu (Tools on OS X and Linux), choose Add-ons, and find Adblock Plus. Choose Preferences to access the Adblock Plus profile, click on Filter Preferences, hit “Add filter subscription” and add coin-hive.com/lib/coinhive.min.js. (Note: This is only an example of a domain to be blocked. The complete list can be downloaded from here)

On Android, open the Adblock Plus application and select Filter Subscription. You can’t select multiple filterlists, so you’ll have to change your filterlist subscription.


References:https://www.bleepingcomputer.com/news/security/fake-minerblock-extension-repeatedly-playing-videos-in-the-background/

https://fossbytes.com/block-cryptocurrency-mining-in-browser/

https://venturebeat.com/2017/09/21/adblock-plus-can-now-protect-your-computer-from-being-hijacked-to-mine-cryptocurrency/

Wednesday, March 21, 2018

Cryptocurrency Mining Haunts Browsers






Browser-based cryptocurrency mining makes a suprising come back to haunt visitors.

Browser-based cryptocurrency mining activity has once again exploded in the last few months of 2017 and it is still climbing in 2018. After many years of silence, the convict appears to be the launch of a new browser-based mining service in September 2017 by Coinhive. This service generally wraps everything up nicely in an easy-to-use package for website owners and has injected new life into an idea that was long thought as lost.
  • As said before browser based cryptocurrency mining isn't something new; it's been around since at least 2011.
  • A surge in the cryptocurrency market in 2017, as well as availability of coins that are mineable using home hardware and easy-to-use JavaScript APIs, has led to a torrent of malicious browser-based mining affecting many well-known and lesser-known websites.
  • Mobile devices have not been spared from cryptocurrency mining, as witnessed by a 34 % increase in the number of mobile apps incorporating cryptocurrency mining code.
Browser-based mining, as its name suggests, is a method of cryptocurrency mining that happens inside a browser and is implemented using scripting language. This is different compared to the more widely known file-based cryptocurrency mining approach which involves downloading and running a dedicated executable file.

The website injected service generally allows itself to mine the crypto-currency Monero without the consent of users while users had the website opened in a browser tab. This illicit nature highlights the problem of not only unregulated cryptocurrencies but cryptocurrency mining as well.

Browser-based mining dates back to May of 2011 when an innovative service called BitcoinPlus.com was initially launched—back then Bitcoin was cheap and mining was relatively easy. That service was in many ways remarkably similar to its modern reincarnation, Coinhive. It used JavaScript for pooled mining and website owners could sign up to the service and embed these scripts into their web pages to make page visitors mine for them. The big difference is that back in 2011 BitcoinPlus.com, as its name suggests, mined for Bitcoin (BTC) whereas the current browser-based miners like Coinhive are mining for Monero (XMR)—a newer, privacy-focused cryptocurrency. Back in 2011, before the advent of ASIC mining in 2013, Bitcoin was still in its infancy, mining difficulty was relatively low, and cryptocurrency prices were even lower. It was (just about) possible to do some mining with home-grade hardware.

Worse case scenario is that lesser known websites, such as user forums etc. are rapidly choosing this method to increase their revenue as site advertising doesn't seem to produce enough revenue.

Due to the fact that the code is executed on the user's browsers without the consent of the user, the user literally have no control over the execution of the code. The impacts are not limited to the browsers, but it affects the whole machine as, many users today visit sites not only on their desktops, but whilst on the move on their phones, tablets and laptops, which generally means faster draining of their battery power as the CPU of their appliance is consuming power nearly at 100% rate (causing the systems and devices to produce more heat, which means more power consumption !!)

As the code is executed on the user's browser, the problem is OS independent and it affects all systems (yes, Linux, you are no exception).

SYMPTOMS:

Frankly, when I first ran into the problem, I realized that my CPU fan was working at fullspeed, whilst hot air was being exhausted out from the vents. At first glance I found it quite odd that a website was causing my CPU to work like crazy as first reaction is, it cannot be possible. But of course it can. When I looked at what is heating my proudly owned Linux-top I realized something odd:





In my next post I will explain about the solutions for the problem. 

References:
https://www.symantec.com/blogs/threat-intelligence/browser-mining-cryptocurrency

http://www.thewindowsclub.com/block-websites-using-cpu-mine-cryptocurrency
https://thenextweb.com/apps/2017/09/19/cpu-cryptocurrency-miner-blocker/