Posted on Leave a comment

Dropbox Paper, Markdown, Sync

Dropbox Paper is a product I really want to like. For one thing, the promise of better editor is something long unfulfilled. And taking some design cues (or perhaps merely unrelated similarities), Medium did do something nice for the blogging environment. By extending it as essentially a wysiwyg Markdown+ editor, drag and drop-friendly, with handy JavaScript handles for visual editing, this is definitely an interesting project.

Markdown as a First Class Filetype

However, there are those of us who prefer something with Markdown as a first class document filetype, which could be seamlessly synchronized alongside other files, and edited with other editors. This is what the cloud editors do, after all, provide some level of editing of desktop-class documents, collaboratively, and those same files are generally available in the same binary format (via sync or import/export). Of course by Markdown we mean much more than the anemic initial (but no less necessary) initial Markdown spec. We like Markdown Extra as a more complete specification. With Dropbox Paper there is at least one additional feature from straightforward Markdown, the inclusion of images without having to know where they physically reside. Drag in and the image appears as a part of the document. This is similar to what Github does well with its Github-flavored Markdown. Clearly there is some kind of zip/archive file format behind the scenes, which we simply don't have access to, or perhaps a nasty rats nest of pointers in a database. The thing is, Paper doesn't have a public spec or source available. In other words, Paper documents only live in Paper, the Application (akin to Google Docs). This means Paper is not a first class filetype, and therein lies the rub.

Stable File Format is Key to Offline Sync, Editor Diversity

With its Office-in-the-Cloud, Microsoft actually preserves both the file format and allows a variety of editors (which is what preserving the file format enables). This in a superior way with Word and Excel documents, essentially round-tripping edits into synced files in the desktop or the cloud. Libre Office Online, Collabora CODE, and Collabora Online are similar to the Microsoft approach, with files not changing their basic structure. Of course one would expect Microsoft to take this approach of focus on file format, since it is what helped cement their leadership in editing applications. Own the format, own the tools. Google took a different approach (for scalability reasons, surely), and the ability to edit anywhere requires offline applications and the use of a browser (which means lock-in to the Google Suite editors). Dropbox Paper is less functional than Microsoft, Libre, and Google suites, but appears to be taking a Google approach, sad.

Scalability and the Requirements for State Management

A quick read of the EtherCalc story provide excellent insight into what it takes to maintain state in a connection-less multi-user environment. Essentially a copy of the document needs to be kept updated. That generally requires the same resources as on a workstation, and was likely a strong motivation for Google building from scratch simpler non-compatible file formats for Word and Excel documents, as well as a log of all change-sets (for version tracking). The same is said for the Pydio/LibreOffice Cloud offerings, namely that they take a bit of memory to get them to work, again due to the architectural requirements of real-time server-based state management.

Limitations of Paper as a First Class Editor

Since Dropbox already uses the Microsoft Online editors for Word and Excel documents (which work as advertised), Paper is a bit of an unwanted stepchild in terms of integration. Paper (which is both a file storage and a file editor, with web and mobile app versions) doesn't live within the Dropbox folder system, but rather has its own file system. This is awkward, for navigation, to say the least. Paper folders and files do not sync.

Offline Editing with Mobile, but not Web

With the IOS or Android App, Paper files can be edited offline, akin to Google Suite, but without the ability to do offline editing with the web app. Paper files can be exported in Markdown and Word document formats, but there is no ability to import Paper files, one has to copy/paste. This is trouble if someone has a lot of Markdown files already at hand. It seems clear that this use case is fairly well ignored.

Copy/Paste and AutoCorrect in Dropbox Paper

With copy/paste, another glaring problem comes to light, which is the required transformation of single and double quotes into their fancy quotes equivalents. This is a non-starter for people working with text that needs to remain inviolable in their originally intended ASCII characters. There are obvious work-arounds for the well-known ASCII and Unicode Quotation Marks problem, and a handy visual JavaScript replacement is one that would keep the underlying text unchanged, but that is not the path which Dropbox took on this editor. Rather like Microsoft Word and Google Docs -- but unlike them without the ability to turn off the AutoCorrect options -- characters are automatically replaced, not leaving a trace of what they were formerly.

Mo' Paper, Mo' Problems

Intimated above is that what went wrong is a lack of open source of the file format that Dropbox Paper uses, which gives it severe technical limitations in terms of portability, offline editing, file synchronization, and a clear separation between interface and file format. This approach is one which Google has also embraced, and Google's moderate success in the face of such technical limitations should not be a signal of the weakness of such limitations. Rather one should look at the years and years of massive resources poured into the cloud editing project, which still cannot do proper offline file synchronization, and which has allowed Microsoft to compete effectively after a very long delay in entering the market with cloud editors.

Conclusion: Ignore Dropbox Paper

For the particular use case mentioned above, requiring file format and content integrity, file synchronization, diversity of editors, and the like, the solution is to simply ignore Dropbox Paper. The product is not for me or others with my same requirements. Fair enough. For our needs: - Dropbox for file synchronization - Stackedit version 5 for web-based editing (with access to the Dropbox file system) - Editorial for IOS is a great plain text editor supporting Markdown and Fountain (screenplay formatting), and also includes workflow scripting with python. There's a book on doing workflow with Editorial. - Atom editor Updated needs (18-Sep-2018): - Google Drive (Gsuite) + Insync for Linux - for files only, no online editors - Text - Chrome Extension, Excellent - Caret - Chrome Extension, Also Excellent - Atom editor - Native Application, Cross-Platform - Libre Office - Clunky but Functional

Posted on Leave a comment

Open Source Collaborative Docs

We can call this Tsuite, inspired by Toot Sweet (a Chitty Chitty Bang Bang candy invention), and is meant to provide some functionality offered through third party collaborative documents. The main point is to have a self-hosted, free-and-open-source alternative, albeit with more bare bones functionality. Ultimately the goal is to be functional enough to allow for the replacement of things like Google GSuite, Microsoft Office Suite, and the like. Note: This topic is continued with a recent article about Dropbox Paper

Basic Functionality

  • Email (with IMAP)
  • Web-based Spreadsheets
  • Web-based Text documents and/or wiki pages
  • Some level of collaboration (realtime synchronous and serial persistence)
  • Some level of security and access control (though rudimentarily may be VPN-based)

Expanded Functionality

  • User and group access control
  • Better audit control and backup
  • Export of documents into common document types (.pdf, .xls, .doc)
  • Import of documents
  • More extensive wiki layouts
  • Shared calendaring
  • Shared contacts

Tools to Start

File Options to Explore

Notes

For a third-party, open source solution, the most complete while having a modicum of stability, is likely Pydio + Collabora on GlusterFS. Pydio has mobile apps and integrates with Collabora, which has web-based file editors, and GlusterFS is the file service on the server. It is possible that the Pydio open source docker image would be enough, including (or in addition to) the Collabora Online Development Edition distribution. The biggest problem with Collabora as a shared document editing environment is the requirements for a server, which is 8gb of ram (currently $76/mo for an AWS EC2, though a 1-year reserved instance would provide a 38% savings at $46.57/mo). Note: This topic is continued with a recent article about Dropbox Paper

Posted on Leave a comment

Tokyo or Singapore Datacenter

Tokyo still top choice for Asia HQ Datacenter

Even with multiple options coming online in Singapore, Tokyo is still the best option for a single, Asia-based datacenter. Even when serving locations such as Thailand and Vietnam, Tokyo is a strong competitor to Singapore. Linode is my unmanaged VPS of choice. They have a great service, are as reliable as any other, generally very speedy responsiveness, and great prices. They also have a number of locations, including: Germany, Japan, Singapore, the United Kingdom, and the United States.

When Singapore is a Better Datacenter Choice

  • UPDATE 21-Nov-2016: Tokyo 2 is now publicly available at Linode, my testing has continued to back up the assertion that Tokyo is still the best spot for an Asian HQ Internet presence. My current Tokyo datacenter can't accept new customers, or do any hardware upgrades as it is completely sold out (and has been for a few years now). However, a new Tokyo datacenter will come online by the end of 2016, which is fairly easy to migrate to. Currently the best option is a Singapore location, then moving to Tokyo when the new system comes online. Or just wait until Tokyo is available and make the move then. Those are the two options. The only time Singapore would be a better choice, would be if Singapore, and/or Malaysia, and/or Australia are the primary markets, or if there is some kind of legal requirement for being in Singapore.

For East Asia, Little Difference between Tokyo and Singapore

To Australia, a Singapore location would be slightly faster, and to the US and UK, slightly slower. Submarine lines (that run most of the backbone Internet traffic, as it doesn't go through other countries, more secure). More fiber is being built between Singapore and Australia (some of it came online in 2015). There is a significant interconnect between Tokyo and Singapore (and other countries in between) coming online this year. Therefore to locations such as Malaysia, Thailand, Vietnam, Hong Kong, and Taiwan there is little difference.

Routes to Australia - Tokyo Leads the Pack

This section was added in August, 2017 After six months of suffering with a Singapore location, I've finally come to the conclusion that raw pipes are definitely not enough. Others have made the same argument. To summarize from not only ping speeds but better, fully-loaded (but optimized for speed) ecommerce sites when trying to reach the Australia market: - Tokyo is the fastest connect to Sydney (besides Sydney itself), however there is some delay to Europe - Sydney itself is superfast to Australia but sucks to everywhere else. - Northern California is very fast to North America, and acceptable to Sydney and to Europe - My estimation is as follows: - About 1 second load time on an optimized WooCommerce site with caching - Another 0.5 second for transit within a fast region (NA, EU) - From N.Calif, add 1.5 seconds to EU and 1.5 seconds to Sydney (and 0.5 seconds within NA) - From Tokyo, add 1 second to Sydney, 1 second to North America, and 2 seconds to the EU - From Singapore, add 1.5 seconds to Sydney, 2.5 seconds to North America, and 3.5 seconds to the EU - From Sydney, add 3 seconds to the EU and 2 seconds to North America, and 0.5 seconds within Australia - Tokyo is a balance of fast to Sydney and North America, and moderate speed to Europe - Northern California is a balance of moderate speed to EU and Sydney, and fast to North America - Sydney is a balance of fast to Australia, and slow to EU and North America Note that any edge location can be sped up with a content delivery network (one that works). P.S., AWS Tokyo also has Lightsail which is Amazon's VPS bundle, that includes things like a decent amount of data transfer, disk, 3 dns zones in Route 53, etc., at no extra charge.

Arctic Fiber Lines

A few arctic fiber lines being deployed which will cut time from Tokyo to the US West Coast as well as Europe.

Single Location - Tokyo

In summary, Tokyo still appears to be the best single place in Asia to be located (which is why it is so popular, and generally more expensive). Tokyo has decent speeds to Europe, more redundancy, and faster speeds to the US (already a fast link), and to Australia (via Sydney).

Posted on Leave a comment

Amazon Customers, Markets, Resources

Amazon is different than other companies. From the outside, this difference can appear as anomolies, odd things that stand out. I belive that there is a fundamental way of understanding the current state and dynamo of change within Amazon.

Customer Centrism

Amazon is meant to be the most customer-centric company on Earth. Likely when we get to Mars, Amazon will need to change that to the Solar System. However, it is not customer-centric in all ways. User interfaces and documentation are a huge challenge that many competitors excel. Even on the issue of price, there are various options that are generally cheaper, or as cheap, such as ebay. This is where things like free shipping and very fast delivery come into play. Bundling digital and physical goods (to sell more physical goods) is a good tactic, as digital goods have low incremental cost of sales. If this locks in a customer who will pay in excess of the margin on digital goods, that is an increase in profit, a happier customer, and an increase in trust and mindshare. But in some cases prices are still poor in relation to the competition. In these cases, it seems clear that (unless we are talking about overlooked anomolies) there are other factors at work.

Resource Centrism

Most organizations have fewer resources than they could use (though that is not correct unless there are appropriate mechanisms for management and leadership). Customer centrism can always be a focus, but of course it will be constrained in terms of resources available. In order to understand customer centrism, there should be two aspects: improvement (which might be called innovation) and listening/understanding (which might be called communication, more generally). Since communication actually informs improvement/innovation, that part is primary (and we see that in the generally lightning-fast reaction times to customer requests. However, this can be somewhat annoying as small things require a request to customer service, rather than being fixed in the interface. However, again, this is brilliant management as those issues which generate the most support calls, or have a greater impact on sales and customer satisfaction, will get the priority for engineering resources. Given enough computing power and good data, prioritization of product development and maintenance could potentially be done by the Amazon computer brain.

Market Centrism

This idea of markets as driving optimal resource allocation is rife throughout the company, and the ability to participate in these markets externally (essentially the core of ecommerce) is invigorating. Some examples:

Amazon Vendor Programs

Amazon has multiple vendor programs, from the original affiliate program and the amazon advantage (for media companies) to the Amazon Seller Central program, there are many ways to interact in the Amazon marketplace. Shipping/delivery is an area that has become increasingly varied with options for vendor fulfillment, fulfillment by Amazon, and in some cases Amazon Prime fulfillment by the vendor.

Amazon Web Services

AWS has itself also evolved over the years, and the fundamental resource of computing, storage, and networking has become sliced and diced into a variety of offerings. EC2 is the basic VPS options with some levels of resiliency. Next came the Elastic Beanstalk, which takes care of much of the provisioning in dealing with scaling stateless services. Third is Lambda which is serverless computing (it simply executes the code without any server management/configuration).

Amazon Hardware - Kindle, Fire

Amazon hardware has also gone through many iterations and includes variety in the offerings. This is akin to a normal product line, and line extensions, though sometimes the level of innovative is category-defining. The Kindle ebook reader, while certainly not the first, has become dominant for good reason. The Fire TV and Fire TV Stick has largely beaten out the Chromecast. And most recently Alexa on the Echo and Echo View.

Software + Hardware + Logistics

The fundamental skills underlying Amazon are several, but building and maintaining software, designing and managing hardware (different kinds, from a handheld device to server farms), and logistics, especially distribution/shipping/delivery. Expect innovation around each of these fairly complex, and difficult alignment of the two sets of three pillars of expertise and practical, valuable knowledge.

Posted on Leave a comment

Google Apps Free vs. G Suite

For those of us early adopters who managed to snag a 50 user (or 10 user) free google apps accounts, things are sweet. New users have to cough up $ 5 USD/mailbox/month (or $ 4.19 USD/mailbox/month provided yearly billing). What Google really wants is the $ 10 USD/month or $25 USD/month enhanced cloud services. Yeah, right. Ok, but what if you need more, or different, domains configured for the free account? Google has systematically cracked down on the ability to add secondary domains (only domain aliases allowed beginning a few years ago), and now it is not possible to change the primary domain either with a free account, or by temporarily signing up for a trial account. The handy ability to add full secondary domains within a trial account means it is not possible to downgrade. However, all is not lost. There is one final loophole that exists (currently) that is still useful.

Secondary Domains vs. Domain Aliases

The main issue is one of namespace. A domain alias (almost) always means all users with a given account (e.g., info@, name@, etc.) have full alias across all domain aliases added. This is not useful if one wants separate mailboxes for separate domains, with the same username (e.g., info@domain1.com, info@domain2.com).

Mailboxes, Email Aliases, Mailbox Forwarding

What should be discussed ahead of this is how to manage mailboxes. For a single person, a vast proliferation of mailboxes is not all that great, either now or in the future. Mail clients themselves can handle multiple mailboxes, but also mailboxes can have mail aliases, and that is possibly all the functionality actually required. In addition, mailboxes can simply forward email as well. The advantages are: instead of a regular mailbox, it does not need to be logged-into, and mail is stored in a primary mailbox (filters/rules can help with tagging/sorting mail). The advantage over mail aliases is that the mailbox can be logged into separately, and therefore managed separately. This is handy when an info@ mailbox is managed by someone other than the sysadmin, who has the admin@ mailbox as their basic utility mailbox for things such as social media accounts, advertising accounts, website mailer accounts, etc. In sum, there are three basic configurations: - Mailbox, logged-into with a mail client (for monitoring) - Mailbox, forwaded email (not logged-into, normally) - Mailbox alias, cannot be logged-into (without primary mailbox access) Let's walk through the main use scenarios to see what is actually needed for certain situations, a unique mailbox (with or without forwarding) or a mail alias.

Postman SMTP - Secure OAuth2 Gmail from WordPress

A very useful and secure email client, Postman SMTP is a great option. The idea is that a single correct email address needs to be used for sending and replies. With two domains and two WordPress sites, is it possible to have info@domain1.com and info@domain2.com as the primary sending email addresses while using a single mailbox? No, not really. Any given mailbox requires a primary email address that acts as the username (at least with Google/Gmail/Gapps/Gsuite). For simplicity's sake, the domain name cannot be different from the WordPress website, nor can the email address be different from the send-as email address of the mailer (reply-to can be different, however). Having a dedicated account for this kind of utility, including troubleshooting as needed, makes work much easier, than having to ask access, and have that access granted, then revoked, each time it is needed.

Paypal Email Account

It is possible to transact with one paypal email address (the underlying primary email address) and use an alias email address. This second email address is the one visible on transactions and that receives email from Paypal. From both the Postman SMTP and the Paypal examples, it is desirable to have a branded info@domain.tld, and it is necessary to have multiple accounts, at least 1 per domain. In addition, for security it is best to have a dedicated account with administrative rights to email (to be used only for admin purposes, and not as a general purpose mailbox).

Free Google Apps and Unique Non-Aliased Mailboxes

There is one way of creating mailboxes that can maintain unique accounts on a per domain basis. This is basically a configuration work-around. The process is as follows: - There will be one mailbox with the standard info@primary-domain.tld. This will need to be configured in a number of ways. - For each domain where an info@ is desired, create a special mailbox with the account domain@primary-domain.tld - Once these are created, log into each of them to perform basic configuration, as well as add the info@domain.tld as a secondary account (validate with the info@primary-domain.tld), and set this as primary. - At the gmail account of the info@primary-domain.tld. There are three things to do: - Configure the mailbox as having other accounts (each of the info@domain.tld, one for each domain alias created) - Create filters (which act as mail forwarding), for each of the domains, such as any email coming to the domain-alias.tld will be forwarded to domain@primary-domain.tld - Validate the email addresses that are used in the filters (replying with links or the security code to enable the filters - Once this is done, there is a mailbox that can receive email sent to info@domain.tld (forwarded from the info@primary-domain.tld), and can send email as well from that address. Most mail clients can that simply add each mailbox in turn, without having to have aliases for the individual mailbox (not always supported in mail clients). The key is to log into the mailbox with the domain@primary-domain.tld account, but change the sending information to info@domain.tld. A small price to pay for ongoing free access to Google Apps for Domains.

GSuite API - Cute, Not Useful

I'm all for APIs but instead of a developer demonstrator, it would be way better to have a real tool, backed by an API (or not, who cares?). Here are a few clumsy things to do: - Add a new secondary domain (doesn't work on free or trial accounts) - Get a list of domains on the account - Set the primary domain (doesn't work on free or trial accounts) - Get customer info, including immutable customer ID (CustomerKey is my_customer, also need to authenticate)

Additional Notes

If moving a domain from one Apps/Gsuite account to another (and in the process, deleting the first account), there is about 24 hours where it will be unavailable to register/validate in the receiving account. Prepare for this by changing MX records and forwarding any email addresses that would be impacted. When deleting a Google Apps account (and any mailboxes and accounts within it, it is important to have granted ownership to a variety of possible additional accounts linked to it, including: - YouTube channels - Google+ Accounts - Google My Business - Locations - Brand accounts - Google Adwords - Google Adsense - Google Analytics The list goes on, so think it through.

Posted on Leave a comment

GSuite DNS Records

GSuite is the latest term Google is using for what used to be called Google Apps for Domains. Google Cloud is now a provider of GSuite (along with many other services). GSuite is akin to similar offerings by Microsoft, Yandex, and more anemically, Amazon Workmail/Workdocs, and Apple.

CNAME Records

calendar = ghs.google.com.
drive = ghs.google.com.
mail = ghs.google.com.

MX Records

aspmx.l.google.com.         [1]
alt1.aspmx.l.google.com.    [5]
alt2.aspmx.l.google.com.    [5]

SPF, DKIM, DMARC Records

SPF Record

GSuite SPF record is

v=spf1 include:_spf.google.com ~all

If there is a need to add additional IP addresses for the domain, then as follows:

"v=spf1 ip4:1.2.3.4 ip4:5.6.7.8 include:_spf.google.com ~all"

Note: Change 1.2.3.4 and 5.6.7.8 to appropriate IP addresses, as needed

DKIM Record

For GSuite, a given domain's DKIM record can be generated. Then the record added to DNS. And then, enable DKIM on the domain in the GSuite admin. DKIM looks like:

google._domainkey = "v=DKIM1; k=rsa;
p=MIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKB
gQCAAzcVQ93IuUdrFWizejuaC4b+zTeKj48R
A7y+PzdRZgHb0abfUUvZW8KR7oADkmxeGp/B
W6ZhJz8ytlZ2JJ+ubBB7o4Lb5QQIIIpR00Tt
fZa3WORctXRhU4wyIR7CqdbaPKK7+xSJK8BQ
/mzzJ22a59FVEgjzVdIquFN+N515fwIDAQAB"

Note some DNS does not take 2048 bit keys so have to go with 1024 bit.

DMARC Record

DMARC basically sets a policy based on verification of SPF and DKIM records (or their failure). They look something like:

_dmarc = "v=DMARC1; p=none; rua=mailto:postmaster@jeffmcneill.com; adkim=r; aspf=r"

Note the p means policy and none basically means reporting only (work out the bugs first). adkim and aspf are set to r for relaxed so subdomains will pass without explicitly declaring them.

Posted on Leave a comment

Yandex Cloud Services

Yandex is likely the 4th most important Search-based provider, with Google, Baidu, and Bing being ahead in terms of overall traffic. Yandex is certainly like Google and Bing (and Amazon) in terms of offering a combination of email and file storage along with file sharing and file editing tools for organizations. Essentially it is a combination of Google, Paypal, and

Yandex Disk

Disk is file storage akin more to Google Drive + Google Apps, than simply a file storage like Dropbox. They have web-based applications for editing documents, spreadsheets, and presentations (provided by Microsoft), and have a viewer that works for text files. They also include the Aviary image editor, which is convenient.

Yandex Disk over Webdav

Yandex Disk can be accessed via Webdav, which makes it especially lightweight on lightweight machines such as Chromebooks, intel Compute sticks, and for accessing files such as KeePass files using KSync on mobile devices. While integration isn't ubiquitous as it is with Dropbox and Google Drive, the Yandex Disk mobile app has a lot of functionality itself.

Storage Space on Yandex Mail / Yandex Disk

10gb are free, with another possible 10gb for referring friends. Monthly costs for additional storage are $1 USD/10gb, $2 USD/100gb, and $10 USD/1tb, with 17% discount on 1 year (2 months free). This is about the same as Google Drive. All Yandex Mail users get 10gb of Yandex Disk. Saving attachments saves them into Yandex Disk. From what I can tell there is greater integration of Mail and Disk than with Gmail and Google Drive.

Screenshots and Photos on Yandex Disk

The Yandex Disk apps for desktops and mobile have nice support for capturing and uploading screenshots and photos, as well as image editing tools.

Yandex Hosted DNS

Yandex also offers hosted DNS for free with a dns editor available after delegating any domains.

Yandex Domains

Yandex allows Mail accounts to register Domains, and then be able to manage mailboxes (up to 1,000) for that domain, as well as unlimited domains and unlimited domain aliases. This is quite mindboggling, when compared with cheap ass Google.

Yandex Mail SPF, DKIM, OAuth2

Yandex supports SPF and DKIM. Check SPF/DKIM with this testing tool. Yandex also supports Oauth2 for use with SMTP, and IMAP, and other services, including Yandex Disk. > Currently I am having trouble getting the Oauth2 to work with Postman SMTP. Hopefully that will get worked out. Certs are needed to not have a mailbox compromised based on username/password being in the database.

Yandex DNS Records

One can delegate zones to Yandex DNS and then manage records through a web-based DNS editor. Or, one can go through a process of authorization and record entries as follows: - CNAME record (unique) set to: mail.yandex.com. - MX record: mx.yandex.net. (10) - TXT record (Yandex DKIM): name=mail._domainkey value="v=DKIM1; k=rsa; t=s; p=MIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQC2+xOv5+WXFROygWIKk1dSLXOYcoJQqL1kGHYY3ymVNYXk+gTlVwgW7o+M2a2Ci8BmVxZjW+TPdu0qnhY626HJ2SDNszznKhDgZSB4xvImyGZBbTmtgA9wDlZam9OaX+p5eN3YB0BCT0iUQqLNAGSZrGOd9gpES0Xuoswo7Qy5OwIDAQAB" - TXT record (Yandex SPF): value=“v=spf1 redirect=_spf.yandex.net”. - Alternately if additional IPs are needed to be validated, use: "v=spf1 ip4:1.2.3.4 ip4:5.6.7.8 include:_spf.yandex.net ~all" (replace 1.2.3.4 and 5.6.7.8 with correct IP addresses

Yandex Money

Yandex is basically Google + Paypal + Uber, so it is a much bigger deal in its markets, though it is perhaps a tenth the

Posted on Leave a comment

Widespread Hacking

> This is as true today than it was more than five years ago when first posted. Due to the ongoing hacking of accounts and passwords on popular web services, it is a good time to consider the following suggested security practices. If you feel you do not have the time to deal with this, think again...

Suggested Security Practices

- Have one unique password per site/account - Have a special account not normally used, which is for administration of accounts (again, per site/account) - Generate and manage passwords with an encrypted password management tool, e.g., KeePass and others of its ilk. - Keep backup of the encrypted password management tool in the cloud (some kind of cloud-based backup). There are many options for cloud storage, and we ourselves are on our third cloud provider, with likely a fourth on the horizon. First it was Dropbox, then Google Drive, and now the highly functional Yandex Disk, with an eventual migration to Amazon WorkMail and WorkDocs, once there is functional parity, later in 2017 or 2018. - Encrypt files/drives which contain confidential information, so that in the event of intrusion, the files/drives will not be accessible, using strong encryption, e.g., VeraCrypt - Get in the habit of deleting email that has confidential information, such as passwords. - Force the use of SLL for all website browsing, when possible, especially for email and other sites with sensitive information.