Daniel Miessler's Blog, page 118

The more I pay attention in the Bay Area the more I’m noticing that it’s a place of absolute poverty.

Much of the East Bay is extremely poor. The South Bay is poor. The North Bay quite poor (on the east side). And we’re talking about around 7 million people in total.

Inside of this 7 million people, and the vast swaths of poverty, there are basically a few rich areas. Mostly the tech areas.

San Francisco. Mountain View. Palo Alto. San Mateo. Marin County. And a few tiny areas spread around. I’m guessing around 2-5% of the actual geography and population has a salary that lets them live comfortably, and that seems too be supported by numerous recent articles.

Other than that, what you have is working class people making very little money while living in one of the most expensive places in the world. And it’s extremely hard for them to get by.

We’re talking about people with little education, some basic job skill like construction, or retail, cleaning surfaces, medical tech, or something similar. Many are immigrants facing language and legal barriers, as well as the even more formidable obstacle of having been told:

If you just just work hard, everything will work out. Don’t worry about all that fancy college stuff, that’s not for you. Just work constantly, start a family, and everything will be ok.

It’s heartbreaking to watch people walk over that cliff, work lunchbox in hand, smiling because they’re being good workers.

Anyway, driving around the Bay Area is surreal. I live in San Francisco, and if I drive just around 5 minutes south, you’re instantly in a very different place. The crime rates skyrocket. There is garbage all over the place (well, that’s in San Francisco too). And you generally have no energy in the people.

Why? Because they’re fried. They work 2-3 jobs, making no money, and basically look forward to getting home and watching TV until their next shift starts. Of course that’ll be a shift that is as long as possible, as unpredictable as possible, and hopefully (for the company) isn’t enough hours to require that benefits be paid.

So you basically have millions of zombies, roaming around the Bay Area, going from job to job, making virtually no money, who are not planning at all for their futures (other than having kids to take care of them).

You’ll know you’re in these neighborhoods because they’ll be full of check cashing businesses, dollar stores, cheap Chinese food, fast food, and basically everything looks dilapidated.

The malls are full of discount shops trying to liquidate something. No high end stores. No bookstores. There is trash everywhere. The conversations are all about how they’re being beaten down by the daily grind, and you doubt they even know that automation is coming for the jobs that they still have. It’s just sad.

So I keep driving, and I eventually end up in San Mateo. There’s a small amount of stuff right there by the water. Lots of Tech. Visa. Decent shopping, etc. So, it looks a bit more healthy. But it’s tiny, really. And the areas around it are just like the ones 5 minutes north—poor.

So then you drive out of San Mateo heading south. More of the same. Working class poverty. Run down cars. Run down people. People working way too much for way too little. Garbage everywhere. No colleges. No bookstores. Just car title shops and places to buy alcohol and nicotine.

Then you get to the Valley at some point. Mountain View. Menlo Park. Palo Alto.

Oh, this must be the thriving Bay Area I’ve heard of. Everyone’s on fire. Fast-talking. Vibrant. Energetic. Smart. Busy. The job pays well, but they’ve got 12 other things going on at the same time.

Their kids come out of the womb with a college acceptance letter. Not because they’re entitled one, but because the parents have been planning it since 4 years before they got pregnant.

This area is full of colleges. Bookstores. Coffee shops. High-end shopping. Apartments that virtually nobody in the United States can afford. 3-4K for a single bedroom.

Keep going down and you end up San Jose. Keep in mind this is just a few minutes drive away. But much of San Jose is indistinguishable from a slum. So much of the infrastructure is decayed to the point of looking like a third-world country. I’ve been to many, and the similarities are unpleasant.

Come back around up to the north and you end up around Newark and Fremont, which is where I’m from. Newark is working class poor. The energy has been sucked from it by jobs that pay virtually nothing after taking every waking moment from those who work them.

Fremont has some promise, but only because it has a chance of becoming a small green zone. And green zones only represent “promise” if they’re options for everyone, not if they’re a tiny oasis in the rest of the world.

Heading north from Fremont is basically sadness. Hayward, Oakland, San Leandro, Richmond, Vallejo. They’re all poverty stricken and broken. The only green zones I see out in that area are maybe in Dublin, Pleasanton, Moraga, etc., but I honestly don’t know much about those areas because I seldom get out there.

Minus the rent levels, green zones represent the America that we thought we had. It’s the Bay Area we thought we had.

But to 95% of the Bay Area this isn’t where they live. It’s where rich people live.

So what we have is an extremely poor Bay Area, with a few tiny little rich spots.

We have 90% of the Bay Area working for wages and not getting an education or gaining skills that will lift them into the next socio-economic class. And then 10% of the Bay Area lives in very few places, with the best jobs, the best infrastructure, all their kids are going to college, and they’ll have as good jobs or better.

This is a problem.

I drive around this Bay Are that I love, listening to books about the trends that are coming. Trends around work. Trends around technology. Trends around income disparity.

And I see it. I’m watching it in realtime, as I gain an increasingly vivid picture of where it’s going.

A while back I wrote The Bifurcation of America: The Forced Class Separation into Alphas and Betas.

This is what I’m seeing happen to the Bay Area. I’m seeing a big red zone with tiny little green zones inside of it.

And I’m worried about what the borders to those zones will soon look like. I’m worried that within 10-20 years there will be strong measures that keep red zone types out of the green zone, due to security problems that will arise out of the separation and disparity in opportunity and benefits.

At some point people are going to get tired of being bused into the green zone to clean and build, only to be shipped back out to the red zone where they can afford to live.

I can’t see any degree of harmony coming from this degree of separation between the classes. And I don’t see any force in our immediate future (other than a world war) that can keep technology from making it happen.

So I’m sad.

I wish people could see what I think I’m seeing. Or that I were wrong in some way.

But I don’t think they want to, and I don’t think I am.

__

I do a weekly show called Unsupervised Learning, where I curate the most interesting stories in infosec, technology, and humans, and talk about why they matter. You can subscribe here.

The Shape of the Coming Global Dystopia
A Guide to Information Security Certifications
Green Zone, Red Zone
A DNS Primer
Failure and How to Help People Avoid It

I was just watching some server logs and decided to pull some statistics on common attacks from Snort and Bro.

This first one is SSH bruteforce attempts.

Here are the most commonly attempted usernames:

Here are the most common IDS alerts at Priority 2.

These are the most common source countries for IDS attacks.

And here are the 10 least common issues captured by Bro.

I also have live alerts set up for several types of event, such as bruteforce attempts against services, access to honey content, etc.

Knowledge of what’s happening on your servers is crucial to both defense and general curiosity.

If you’re not collecting data from your servers for edification purposes, you’re missing out on a rich stream of opportunities to learn about a great many things. Who’s attacking you, how, what they’re attacking, how common tools work, etc.

Capture, Watch, Improve.

__

I do a weekly show called Unsupervised Learning, where I curate the most interesting stories in infosec, technology, and humans, and talk about why they matter. You can subscribe here.

A DNS Primer
The Simple, Effective Way to Track What’s Said About You on the Internet
Information Security Concepts
Ideas
My RSA 2017 Recap

This week’s topics: Amazon Macie, APT28, Cuba sonic attacks, Palantir and police, DNA malware, confusing self-driving cars, ideas, discovery, aphorism, and more…

This is Episode No. 88 of Unsupervised Learning—a weekly show where I curate 3-5 hours of reading in infosec, technology, and humans into a 15 to 30 minute summary.

The goal is to catch you up on current events, tell you about the best content from the week, and hopefully give you something to think about as well.

The show is released as a Podcast on iTunes, Overcast, Android, or RSS—and as a Newsletter which you can subscribe to and get previous editions of here.

Newsletter

Every Sunday I put out a curated list of the most interesting stories in infosec, technology, and humans.

I do the research, you get the benefits. Over 10K subscribers.

The podcast and newsletter usually go out on Sundays, so you can catch up on everything early Monday morning.

I hope you enjoy it.

__

I do a weekly show called Unsupervised Learning, where I curate the most interesting stories in infosec, technology, and humans, and talk about why they matter. You can subscribe here.

Unsupervised Learning: No. 78
Unsupervised Learning: No. 73
Unsupervised Learning: No. 75
Unsupervised Learning: No. 71
A find Tutorial and Primer

Many in the InfoSec community are currently making a major mistake by dismissing the ML/AI craze as hype. There are two main causes for this reaction.

There are a ton of InfoSec vendors who are claiming to have AI when they really don’t.
The InfoSec community loves to call bullshit on things. It’s like a sport or a religion.

The problem is that it’s detrimental to not just the InfoSec community, but to the customers it protects, when there’s a narrative of ‘that’s just hype’ being spread throughout the industry.

It makes people blind to what’s actually happening, which is extremely significant.

The argument for taking AI seriously

Let me start by saying there are two different claims here. The first is that AI is about to completely dominate the InfoSec world, and the second is that AI is massively impacting IT and business.

I believe the first to be an overstatement, and the latter to be true, obvious, and important.

It’s true that AI will start to creep into InfoSec, and that it’s already started. But this is likely to start in SOCs, with some basic analyst and incident response type work. It’s not going to have a massive impact on jobs in the sector in the next 1-5 years because the problems are not fully defined yet.

So I agree with the skeptics about AI and InfoSec: at least in the very short term.

But in the greater world of IT and business, AI is already very real, and highly significant. Dismissing AI as hype in this arena is the product of not paying enough attention and/or having a bit too much of a curmudgeon bias.

Stop it. It’s hurting you, not helping you. And not just you—the customers you protect as well.

Here are some examples of how AI capabilities have surpassed those of humans in just the last few years.

Computers can now identify people from images better than humans can.
Computers can now find issues in X-Rays better than humans can.
Computers can now identify melanoma on skin better than doctors trained to do the same task.
Insurance companies have fired their analysts and replaced them with IBM Watson.
AI has beaten us at Chess, Go, and are about to surpass us in Poker as well.
Amazon has 30,000 fulfillment robots working in its factories, and those jobs would have belonged to humans just a few years ago.
Major financial companies have replaced most of their financial analysts with a team of programmers who are building AI that out-performs the humans they replaced.
The stock trading floor used to be people making realtime trades, and now it’s mostly done using AI.

This is happening.

But the fact that it’s happening is just the minor point. The major point is the speed that it’s taking place.

10 years ago we didn’t think AI could do anything. We thought it was junk science. We thought humans just had a native ability to recognize faces better than computers, and it was one of those things that could never be crossed. Like the speed of light.

Now that’s a joke. Then X-rays fall. And Go. And Poker. Financial analysis. Stock trading.

In internet time it’s been like 12 minutes. We’re not even starting. We’re just starting to start.

Summary

So, no. It’s not cool to just look the other way and laugh and call it all crap. It’s funny, and makes you look smart to people who also don’t follow what’s actually happening, but it doesn’t help you or the people you’re looking out for.

AI is very real, and it’s having a serious impact on human jobs and business as a whole.

It might take a bit longer to impact InfoSec, but that doesn’t matter. InfoSec was never about InfoSec itself. It’s about business, and people, and society as a whole. And those are the things that AI is affecting.

The sooner you take it seriously the better prepared you’ll be.

Laugh less, read more.

__

I do a weekly show called Unsupervised Learning, where I curate the most interesting stories in infosec, technology, and humans, and talk about why they matter. You can subscribe here.

How to Build a Successful Information Security Career
A Guide to Information Security Certifications
Why People Like Kurzweil Get it Wrong
Ideas
Daniel Dennett is Wrong About Free Will

Statues are a problem. Specifically statues of people.

A statue (or sculpture) of a person generally indicates that this person had such an impact, or was so notable, that their contribution should be recognized for decades or centuries into the future.

But there’s a problem with that.

The problem is that society constantly upgrades itself in terms of what’s acceptable and/or reprehensible. So someone who lived 150 years ago might have been considered normal and heroic, whereas now the casual details of their lives make them villains.

But there’s still a statue for them today, and they’re still presented as heroes to new generations.

Then there’s the other, equally challenging, problem that people who do fantastic things on the scale of hundreds of years tend to also do horrible things. Especially men. I think testosterone might be a major factor. It makes us want to stand out by being special, and that “special” often manifests in atrocious ways.

So you have two things happening that make statues difficult:

What society considers acceptable behavior keeps getting upgraded, while the lives of great people in the past does not.
Many people (especially men) who did enough to get a statue made of them, also did horrible things as well.

So the question is, when do you take down a statue? When do you stop teaching young people that this was a great person?

Here are some examples.

Ghandi was a horrible racist against black people.
George Washington owned slaves.
Hamilton was an adulterer.
Martin Luther King Jr. was an adulterer who plagiarized his dissertation.
Thomas Jefferson hated slavery but loved luxury, so he kept slaves himself.
Bill Clinton cheated and lied to everyone about it.
General Lee fought against the U.S. for his state.

For some people the switch is obvious. Adolf. Saddam. Columbus. They did so much harm that any good they did gets erased. No questions asked.

But for the list above it’s much harder.

General Lee didn’t even have a preference on who to fight for. He put it to his state to pick, and went with their decision. If they’d have said to stay with the Union he would have fought on that side.
Ghandi helped free a country from British rule, and inspired millions, including JFK, to oppose things non-violently.
Bill Clinton was by many measures a great president, giving us a strong sense of unity and a strong economy.
Jefferson founded many of the best principles of our country.
MLK helped start the civil rights movement, and has moved black people forward int his country in a way that has not been matched by anyone.
Hamilton was one of the most honorable and brilliant founders of our country.

So the question is simple: which statues do we take down?

And actually it’s not about the statues. It’s about what they represent, which is timeless respect.

The more fundamental question is this:

Which horrible things, of what magnitude, are able to be overlooked in a great person? And what level of greatness must they achieve in order to cancel out such negatives?

The statue of General Lee that’s loosely tied to the violence in Virginia right now is a case in point.

He was a good general. He represented his people. He deserves some measure of respect for that.

But he was also fighting the U.S., in open rebellion. And he was defending an economy based on slavery.

I don’t have answers to these cognitive-dissonance raising quandaries. They’re complex and nuanced and subjective. But I can tell you for certain that more people should be thinking about the question.

__

I do a weekly show called Unsupervised Learning, where I curate the most interesting stories in infosec, technology, and humans, and talk about why they matter. You can subscribe here.

Greatness vs. Imperfection: How Should We Rate Our Leaders?
The Myth of Exceptionalism
Daniel Dennett is Wrong About Free Will
Ron Paul is Seriously Flawed as a Candidate; We’re Just So in Love With Him That We’re Not Paying Attention
Ron Paul’s Flaws as Seen by One Die-Hard Supporter

When Google Reader died I cried a lot. Not sure why you close the best RSS reader in the world but leave Google Wave Talk Hangouts to walk the earth.

Anyway.

When I was done mourning I started looking for a replacement. None of them were too exciting, but I finally settled on Feedly.

I’ve been mostly happy with it, but there are a couple of features it lacks that seem super powerful and obvious to me. I’m going to capture them here and treat them as feature request documentation. Because internet.

1. Reorganize the order that feeds appear

The first thing I’d love to be able to do is list feeds in the order that I want. This should have been the first feature, not something that still doesn’t exist years after launching.

To put it another way, this is a product focused exclusively on organizing information, and yet ALPHABETICAL is the both the default and only option for listing them. It’s ridiculous.

I beg you to stop whatever wutang backflip roundhouse you’re working on and put this step 0 functionality in there as soon as possible.

2. A slider bar for popularity

Time is a precious thing, but sometimes we have a lot and sometimes we have a little.

I produce a podcast and newsletter called Unsupervised Learning, and that generally involves me reading hundreds or thousands of potential headlines to find the few stories that go into the show each week.

Sometimes I can read thousands of stories over 5 hours. Other times I need to get maximum content in minimum time.

A great way to handle this would be to let me move up or down on a slider of popularity, as measured by shares. As you move to the right (more popular) you get fewer stories because it filters stories that don’t have at least N number of shares. And as you slide to the left you filter fewer and fewer until you have all stories.

I need this. Everyone needs this (even though they don’t know it yet). Please make it.

3. A slider bar for recency

A similar concept would be fantastic for time. This functionality already exists to some degree with “older than N” filters, but it’d be nice to have a more quantitative and visual option there as well, or some sort of hybrid.

So as you move to the right things the older items drop off, and as you move to the left you have everything ever published from those sources, and as you slide you see the number of days that you’re viewing at that level.

[ NOTE: Actually, what would be super cool would be a two dimensional graph where you could move up/down for popularity, and or right/left for recency. It would be super elegant, although the UX could be a challenge. ]

Summary


Let us change the order of feeds. Alphabetical as the only option in a news reader is like going to a high-end typography course and discovering they only use Arial and Times New Roman.
Let us filter on how many shares the stories had.
Let us filter on how recent the stories were published.
(nice to have) Perhaps a visual way of combing 2 and 3 using a two-dimensional graph.

And finally, thanks for the product as it is today. It’s already pretty great.

__

I do a weekly show called Unsupervised Learning, where I curate the most interesting stories in infosec, technology, and humans, and talk about why they matter. You can subscribe here.

A vim Tutorial and Primer
How To Effectively Manage and Process Your RSS Feeds [GTD]
Using Your iPhone as Your Home Phone: The Ultimate VOIP Solution
Summarized Differences Between iPhone and Android
3 Steps to Highly Efficient News Reading

I’ve been thinking about the role of desire in the human identity, and I think I’ve identified a fundamental relationship between the two that isn’t appreciated nearly enough.

Quite simply, I think the center of human identity is the presence of core desires.

This is important for many reasons. Understanding this can help us pursue a more healthy state of being as humans, and it can also help us deal with the coming challenges around synthetic life.

Below are a number of examples I’ve captured that show how critical desire is to both our own lives and to lives we might create from machines.

Examples of desire’s role

Evolution gave us the desires we consider to be fundamental to our natures, yet we don’t realize that they’re hardcoded urges that come from outside ourselves rather than being part of our own individual identity. We don’t choose to like food, or sex, or being creative, or winning at life. These desires and pleasures are imprinted on us by evolution, yet we somehow attribute them to our own individuality.

Youth is the time in our lives where we’re injected with hormones, bringing our desires to their maximum. Unsurprisingly, in this light, it’s also the best moment of most peoples’ lives. Hormones produce desires for mates, for adventure, and for experiences. And that desire is directly associated with happiness.

Depression in its most evil and debilitating form can easily be described as the lack of desire. It’s where one finds it impossible to find joy in life, which is because there are no desires to pursue and achieve. To have desires that you can’t achieve can be frustrating, and heartbreaking, but at least you feel alive in your suffering. To have no desires is usually far worse perhaps because desire and meaning are virtually identical.

Older men and women often get expensive hormone treatments to increase their libidos, which is nothing less than an overt, chemical injection of desire into their bloodstreams. Think about that for a moment. Someone doesn’t want to have sex, and the only thing they want is to want it. It’s unhappiness due to the lack of desire, exemplified in the most direct way.

If you think about common and agreed-upon definitions of meaning, they often collapse into the notion of overcoming obstacles in order to achieve one’s desires. Step 0 in this process is having desires. It’s not clear to me what meaning looks like without either desire or obstacle, since both are required for the triumph of achievement.

The world of artificial intelligence is intently focused on what it means to be human, and what would constitute true life vs. an empty facsimile. I think the answer is very simply a significantly high-quality replica of our own set of built-in desires. Ours were given to us by evolution, over millions of years, and they invisibly guide our lives every day. Giving an artificial life desires like these, which were sufficiently deep, and sufficiently unalterable, would (after a certain point) likely produce far more realism in a synthetic life form than any other specific aspect of cognitive function. In other words, once we are able to process a certain amount of information, at a certain speed, and the various sub-systems of the brain are close enough to ours, the game will completely switch to assigning goals, drives, and desires in a way that emulates what evolution gave to us.


Endless advice throughout life tells us to “find what you’re passionate about” and do that. This is general life advice, and it’s also career advice. When you look at this from the standpoint of desire equating happiness and meaning, this common guidance gains a new color and focus. Perhaps it’s not so much about working to solve the problem associated with your passion, but instead simply living in the midst of it. It’s the experience of the passion and desire that brings the happiness. It’s what makes us feel alive. So it’s not about finding a profession where you can solve a problem that drives you—it’s more about having a problem that drives you.

The unhappiest people I’ve ever known in life have been those who lack deep and unchanging desires in life. They temporarily adopt hobbies or passions that give them fleeting enthusiasm, but after a few weeks or months they return to the state of depression and start looking for the next thing. They are always chasing things, always buying things, always emerging themselves in new hobbies. Yet they spend most of their time bored and sad. This seems to be a clear instance of the same principle: the lack of core desire.

This same mechanism also explains why family creates and provides such a strong sense of meaning. Someone could be single, or childless, and lack motivation for living. But upon having children and starting a family, they suddenly have something to protect, to nurture, and to manufacture success for. Having a family creates a desire to not see it fail. To have them thrive and grow. To have them succeed above and beyond the average, and to become exceptional. That desire often is enough to grant true meaning. Not always, but often.


Anecdotally, as I was collecting the ideas for this piece, I realized I’d written in the past that I like to maintain a list of projects so that I can maintain enthusiasm for life. I did this not even having experienced a lack of enthusiasm. I must have known, even in my thirties, that not having a list of things one is passionate about would be devastating. So I create lists of such things to remind me if I ever forgot. It’s not happened yet, and I don’t want it to.

Taking action

So what can one do if they accept this model of desire being so key to human identity and happiness?

I think an obvious answer is to ensure you have deep and fundamental desires. But that seems easy if you already have them, and completely elusive if you don’t.

I wonder if one diagnostic could be the ability to be comfortable alone for hours, days, or weeks at a time. Reading, writing, drawing, painting, thinking, sculpting, studying, etc. But alone. Pursuing knowledge, or creation, or some sort of ever-present goal that pulls you to the next action effortlessly.

I think anyone who has that is likely to be more happy than others because everywhere you go you have the potential to be with yourself and your thoughts. And there are of course endless sources of additional inputs to inspire your ideas or creativity.

The harder question is what to do when you aren’t happy being alone with your thoughts and your creativity. If happiness only comes from superficial things, such as materialism in the form of collecting things or experiences, and there is no deeper enjoyment in creation or nurturing, how does one get that?

I think an easy answer is to start a family. But what if that’s not an option? What if someone just wants to be happy alone, but they currently don’t know how?

Is it possible to inject oneself with these passions, desires, obsessions, goals, or fascinations in a contrived way? Is it possible to discover native and intrinsic desires that will pull them through life instead of having to find ways to push?

My current answer to this question is that it seems hard. Most people I know who are one way or the other tend to have been in that position for their entire lives, and I cannot think of any examples of someone who’s switched from one to the other.

But I don’t think that’s any reason to stop looking for a way to transition.

Takeaways

I hope this has at least helped someone think about meaning and happiness in a different way. Or maybe given some context to how some people are so natively happy and others so natively unhappy. Surely this doesn’t take into account the wide range of mental health issues that could affect this, and I’m in no way an expert on happiness.

I simply believe that deep and powerful drives and passions within humans are fundamental to their happiness, and that any conversation about human fulfillment, or realistic, synthetic, human-like life forms should include this concept as a major consideration.

Notes


Image by Paul Desire.

__

I do a weekly show called Unsupervised Learning, where I curate the most interesting stories in infosec, technology, and humans, and talk about why they matter. You can subscribe here.

The Future of Happiness as Digital Humans
Meaning is an Illusion
American Happiness
Free Will and the Absurdist Chasm
The Difference Between Pursuing Happiness and Pursuing Meaning

I have a friend who I’ve always wished I was closer to. He is one of the kindest and happiest people I know.

He’s like an ancient power source that produces hugs, smiles, and laughter.

He’s also famously popular with women. Everywhere I see him he’s surrounded by multiple girls tying to learn more about him. It’s like holds court with the best and most beautiful wherever he goes, except the court is based on having a good time instead of being pretentious.

And he likes to party. He brings it with him. As soon as he shows up, that’s where the alcohol is, that’s where the women are, and everyone immediately starts having one of the best times of their lives.

Then he met a girl.

This girl pulled him from that world. She changed him. She showed him what it meant to be a better person, and he became one just by being near her.

I only heard about this from a distance. Through other friends.

He met someone. Someone who changed him.

I was going to see him at EDC this year, but he didn’t come. I was going to text him and give him a hard time about why he wasn’t there, but decided against it. He probably regretted not coming and would only feel worse if I pinged him.

I’m glad I didn’t.

He told me that they had tickets to EDC, and that they planned to surprise me and my friend Jason there. He was so fucking happy that we’d finally get to meet her.

But he didn’t come, and we didn’t get to meet her. Because she’s gone.

The woman who changed him so completely. The woman who had rebuilt him from the inside out. She came into his life in an instant, and then left in another.

And now he is devastated.

I just talked to him and tried to give him the best advice I could for dealing with something where advice cannot matter.

I wish I had met her. I wish I had known this beautiful person who has affected my friend in this way. The woman who has touched and improved his life in such a short time. I am so sad that I din’t meet her.

He’s been working on ways to continue propagating her energy in this universe. I asked him to try to explain what she was. What she was to him. I want to know this. I want to experience it. For him, and for her.

I am here if you need me, my friend, and I am so sorry for what you have lost.

__

I do a weekly show called Unsupervised Learning, where I curate the most interesting stories in infosec, technology, and humans, and talk about why they matter. You can subscribe here.

On Giving Advice to Friends
Free Will and Punishment
An Atheist Debate Reference
Ron Paul is Seriously Flawed as a Candidate; We’re Just So in Love With Him That We’re Not Paying Attention
Ron Paul’s Flaws as Seen by One Die-Hard Supporter

I just lowered my Amazon EC2 bill, over 3 years, from $6,120 to $583. Or, put another way, I just saved myself $5,500 dollars.

Here’s how it happened. I was in Vegas this week for BlackHat / DEFCON and was hanging with my friend Saša Zdjelar in the hotel and messing with EC2 (as one does in Vegas).

We were talking about how Amazon basically releases new stuff every 12 minutes, and that it’s so hard to keep up with all of the features. And at one point he says,

Hey, have you seen these Reserved Instances?

I say no. Or maybe. Or I think so. Because I’m not sure which kind Reserved instances actually are. Amazon is famously bad at naming things, and I can’t remember if those are the ones where you have dedicated hosting, or if it’s the kind where you pay less to get leftover resources from other peoples’ boxes.

Turns out it’s neither. It’s not even a type of instance—it’s a type of billing.

Basically, it’s for people who plan on running a specific size of EC2 instance, in a specific availability zone, for an extended period of time. Say from 12 to 36 months.

So if you build and destroy your boxen every 37 minutes or something this isn’t for those systems. It’s for systems that are relatively static, like a personal or company web server. In my case I host this site on EC2, and I have a box dedicated for that purpose.

I was paying around $160 a month for my T2.Medium with lots of options enabled. I just took that to $583 over 3 years, which is around $24 dollars a month. If this holds true it’s basically gone from the most expensive host I’ve ever had to the least expensive.

How to migrate to the Reserved Model

The way to get to Reserved billing is counterintuitive.

Basically, you have to pretend that you’re buying a new instance, of the Reserved type, with the exact same attributes of the one you want to convert. Upon making the purchase you will have converted the other one.

It’s gross, but it works.

Navigate to https://console.aws.amazon.com/ec2/v2/home.
Click on Reserved Instances.
Select an instance that matches the one you want to replace the billing on, for both instance type/size and instance availability zone. For example, mine was T2.Medium and US-East-1a.
Make the purchase.

So what then happens is that Amazon finds your running On Demand instance and converts it to a Reserved instance. And now if you go into billing you should see that reflected.

And more importantly, if you go into your instances dashboard you’ll just see the same ones you had before. You haven’t actually purchased a new box; you’ve just converted the one that matched those specs from On Demand to Reserved.

For anyone running a box in EC2 that isn’t likely to change in size or location over one to three years, I highly recommend you check out Reserved Instances. They could save you a massive amount of money, just like it did for me.

Notes


Yes, the title is clickbaity. I try to avoid such tactics with my site, but in this case I think it’s warranted because 1) it literally describes what happened, and 2) it would likely to be ignored if I wasn’t that clear about the benefit.
Thanks to Sasa for repeatedly insisting I look at these things. I had become jaded against changing instance types because of the damage to my brain from Amazon Naming Trauma (ANT), and he helped me get through it.

__

I do a weekly show called Unsupervised Learning, where I curate the most interesting stories in infosec, technology, and humans, and talk about why they matter. You can subscribe here.

A vim Tutorial and Primer
Information Security Concepts
The Ultimate Speed Guide for WordPress on NGINX
A Security-focused HTTP Primer
A DNS Primer

I just lowered my Amazon EC2 bill, over 3 years, from $6,120 to $583. Or, put another way, I just saved myself $5,500 dollars.

Here’s how it happened. I was in Vegas this week for BlackHat / DEFCON and was hanging with my friend Saša Zdjelar in the hotel and messing with EC2 (as one does in Vegas).

We were talking about how Amazon basically releases new stuff ever 12 minutes, and that it’s so hard to keep up with all of the features. And at one point he says,

Hey, have you seen these Reserved Instances?

I say no. Or maybe. Or I think so. Because I’m not sure which kind Reserved instances actually are. Amazon is famously bad at naming things, and I can’t remember if those are the ones where you have dedicated hosting, or if it’s the kind where you pay less to get leftover resources from other peoples’ boxes.

Turns out it’s neither. It’s not even a type of instance—it’s a type of billing.

Basically, it’s for people who plan on running a specific size of EC2 instance, in a specific availability zone, for an extended period of time. Say from 12 to 36 months.

So if you build and destroy your boxen every 37 minutes or something this isn’t for those systems. It’s for systems that are relatively static, like a personal or company web server. In my case I host this site on EC2, and I have a box dedicated for that purpose.

I was paying around $160 a month for my T2.Medium with lots of options enabled. I just took that to $583 over 3 years, which is around $24 dollars a month. If this holds true it’s basically gone from the most expensive host I’ve ever had to the least expensive.

How to migrate to the Reserved Model

The way to get to Reserved billing is counterintuitive.

Basically, you have to pretend that you’re buying a new instance, of the Reserved type, with the exact same attributes of the one you want to convert. Upon making the purchase you will have converted the other one.

It’s gross, but it works.

Navigate to https://console.aws.amazon.com/ec2/v2/home.
Click on Reserved Instances.
Select an instance that matches the one you want to replace the billing on, for both instance type/size and instance availability zone. For example, mine was T2.Medium and US-East-1a.
Make the purchase.

So what then happens is that Amazon finds your running On Demand instance and converts it to a Reserved instance. And now if you go into billing you should see that reflected.

And more importantly, if you go into your instances dashboard you’ll just see the same ones you had before. You haven’t actually purchased a new box; you’ve just converted the one that matched those specs from On Demand to Reserved.

For anyone running a box in EC2 that isn’t likely to change in size or location over one to three years, I highly recommend you check out Reserved Instances. They could save you a massive amount of money, just like it did for me.

Notes


Yes, the title is clickbaity. I try to avoid such tactics with my site, but in this case I think it’s warranted because 1) it literally describes what happened, and 2) it would likely to be ignored if I wasn’t that clear about the benefit.
Thanks to Sasa for repeatedly insisting I look at these things. I had become jaded against changing instance types because of the damage to my brain from Amazon Naming Trauma (ANT), and he helped me get through it.

__

I do a weekly show called Unsupervised Learning, where I curate the most interesting stories in infosec, technology, and humans, and talk about why they matter. You can subscribe here.

A DNS Primer
The Shape of the Coming Global Dystopia
A vim Tutorial and Primer
Information Security Concepts
A tcpdump Tutorial and Primer with Examples