Meraki and Aerohive - Meraki bad whitepaper

I had an assignment to design a wireless network for a mid-sized hotel.
The specification was for Cisco, but IMHO Cisco Controllers are bloatware for this kind of situation

• Small amount of in-house IT at client site +
  
• Big cost of Cisco controllers (+ possible ongoing configuration and maintenance needs)
• = bad choice

I have been out of the 802.11 game for a year or two doing other things, so thought I'd read up. Hotels are an interesting application - especially in a business hotel - you have a potential for very high spiky usage at conferences. Security might be deemed unimportant, however to conserve precious bandwidth you need to restrict access. Plus here are the ineresting questions of what is the easiest way to distribute and manage logins, and if you can protect guests from each other that might not be a bad idea. So some kind of built-in easy radius server would be good.

I looked into meraki and aerohive  -
The "fat AP is out"  right? Thin is in.. OOps - not anymore. These APs  look like they do a fair amount of processing, but are in some way "collaborative" and "self-managing" (WRT sharing the airspace and routing traffic at least). So I  would call them "fat and sassy" APs-  But the preferred term by vendors seems to be "Smart".

 I am still reading up and playing with Aerohives nice online demo tool.  Meraki looks like they have really geared their product to exploit Cisco's pricing  in this area - in terms of ease of manageability and price - they even have a Meraki vs Cisco calculator.  -Which admittedly has list prices for Cisco stuff that you will never pay.

Even so, their "cloud controller" option makes sense for hotels and other public access networks.

HOWEVER. Reading Meraki's product literature, (a network security whitepaper) I was bothered by evil half-factiods, which made me wonder if they are sloppy or sleazy in other ways.

Quoth Meraki"

WPA2-Enterprise, also known as 802.1x,

WPA2-Enterprise is not known as 802.1x - Maybe you mean 802.11i  ?

is considered by many to be  the “gold standard” of wireless security. In this architecture, each client(known as a supplicant) uses a unique username and password to authenticate on the wireless network.

Um, WPA2- Enterprise - using 802.1x/EAP can do  a number of different types of authentication, including certificates.

The client’s username and password are checked against any Active Directory or LDAP server that supports the RADIUS protocol (and most do).

You really don't need to mention Active Directory here, because that has nothing to do with it.
Also Radius is not really necessary, though almost always used. I would reword this as:
"The most common form of WPA2-Enterprise uses 802.1x authentication to  to allow the access point to check user and password information for each client against an authentication server. This authentication server is almost always a RADIUS server  "

Meraki supplies an integrated RADIUS server that companies can use instead of a stand-
alone server if they wish.  The primary advantages of WPA2-Enterprise are that it is highly secure and scales well. IT administrators can re-use their existing authentication
infrastructure, so as employees come and go they are automatically added and removed from the wireless network. There is also no need to VPN.   Since 802.1x is a relatively new standard,

Whoa! 802.1x has been around before wireless lans. It is not so new.

client support is still evolving.  As of 2009, support is common on most laptop and PC operating systems. However, support for PDAs, scanners, and other devices still
varies. In addition, client configuration can sometimes be complex.
While implementation of 802.1x has often been highly complex, Meraki
has simplified the process significantly. 802.1x takes just a few clicks to
deploy, and is no more difficult than implementing WPA2-PSK.

I am not sure on the preceeding because there is some legitimacy to what they are saying here.
But I think it should be worded "implementation of 802.1x authentication in WPA2" to clarify.


Am I just being picky? or maybe my understanding of the issues is rusty?

xkcd

I just wasted about 3 hours reading through 250 xkcd  comix  and classifying onese I like into categories. no time to make links now, (maybe that task is best
Forthwith: done with vi, not blogger)

Good but unclassified as of yet
http://xkcd.com/434/
http://xkcd.com/426/ href=http://wiki.xkcd.com/geohashing/Main_Page> OMFG - build it and they will come...
http://xkcd.com/420/
http://xkcd.com/419/
http://xkcd.com/416/
http://xkcd.com/413/
http://xkcd.com/481/
http://xkcd.com/482/
http://xkcd.com/492/
http://xkcd.com/489/
http://xkcd.com/497/
LOL funny " however on review of your qualifications, we've decided to sentence you to death...
http://xkcd.com/498/
http://xkcd.com/539/
http://xkcd.com/550/
http://xkcd.com/576/ read the mouseover text last!
http://xkcd.com/604/
http://xkcd.com/646/
http://xkcd.com/649/

Tearjerker
http://xkcd.com/502/

I resemble that remark. things i think about  or / what a good idea, i cant believe I didnt think of it/do it
http://xkcd.com/503/
http://xkcd.com/525/
http://xkcd.com/529/
http://xkcd.com/539/ statistically significant other - I wish I had thought of that.
http://xkcd.com/539/ - this is something I (occasionally) agonize over :) ! (or is it !:)  (personally I like to insert a space-- ;) )
http://xkcd.com/559/
http://xkcd.com/609/ - This is me. I suffer from terminal tab sprawl
http://xkcd.com/616/
http://xkcd.com/635/ - I thought about this when I read Enders Game recently. What a book.
http://xkcd.com/666/

what is a roomba dueling harness?
http://xkcd.com/506/

;)
http://xkcd.com/511/
http://xkcd.com/535/
http://xkcd.com/565/
http://xkcd.com/585/
http://xkcd.com/588/ - how I really felt at pep rallies growing up
http://xkcd.com/589/
http://xkcd.com/605/
http://xkcd.com/611/
http://xkcd.com/645/

ones I put up at work
http://xkcd.com/528/
http://xkcd.com/612/
http://xkcd.com/619/
http://xkcd.com/627/

True
http://xkcd.com/538/
http://xkcd.com/554/
http://xkcd.com/651/

Good web sites:
There are 56,929 articles on the Simple English Wikipedia today http://xkcd.com/547/

Recovering from "database cleaning" - mySQL - innoDB

OR: "How to cover your ass when your belt snaps and you forgot to wear your braces.  (Proof of the wear clean underwear rule.)
OR: When work is a little like duck hunting with Dick Cheney.


Today we had a bit of a scare. Someone decided to "clean up the databases".

Who needs to worry about this:

When you can just do it yourself :

mysql> drop foo;

"oh... you mean that 'foo' was in use ?  ? I was sure  it was useless." 

Rule 1: Always backup  before you delete. 

Always. Always. Always.

Memorize this: # mysqldump -u username -ppassword database_name > FILE.sql 

Thankfully the db was for an app with only a small amount of data.  So though a loss would be sad, it would not be catastrophic.  The other saving grace is that the app involves  undergrad students, not say, Vice Presidents, or Dept heads.  This is good as undergrad students are slightly above janitors in the pecking order.

I was training a new person when I got pulled in to the issue. So she got to experience the heavy breathing and waving of hands. Now that she has been exposed to the dark underbelly of our procedures on her first day, If she decides to stay, at least she has seen the worst.

This brings us to:
Rule 2: Backups are nice, but Restores are nicer.


It turns out that the restore plan was to copy all the files back in to place in the database directory in question.  We kept restoring the files from backups, and guess what, they all had the original creation date still. No data! We questioned our backups. But something seemed fishy to me, so I poked around and noticed that the other database directories had additional files,  e.g. .myi and .myd files - and this directory had only .frm files.  
From this I discovered -(thanks Google: )

That it was an innodb database not a myisam db, and so the data was stored elsewhere (by default in an ibdata1 file, in the directory one level up)


So I was pretty much able to restore the ibdata file and not lose anything. And Someone was pretty happy.

Win 7 - VMware Fusion - sloww..

[UPDATE] +2G memory later... problem resolved...

My darling little MacBook with VMware Fusion/Windows 7 when intially installed was unconscionably slooow.
I had all the settings on the VM decently set. 1 processor and 1 GB mem for Win 7,
no 3D graphics. Set Win user exeperience to optimize for performance in GUI.

But after installing VMware tools (If you can't figure that out you should be shot in the head because Fusion prompts you about 11000 times to do it.)
...And installing piles of windows updates and rebooting a few times, things seem better.  This makes sense, because windows generally has to load lots of patches after an install.  I have seen windows grind to a halt in if you download the windows updates, and install, but don't reboot. My hunch is that the cause has something to do with memory use.

We'll see....

-----
Model Name:    MacBook Pro
  Model Identifier:    MacBookPro5,5
  Processor Name:    Intel Core 2 Duo
  Processor Speed:    2.26 GHz
  Number Of Processors:    1
  Total Number Of Cores:    2
  L2 Cache:    3 MB
  Memory:    2 GB
  Bus Speed:    1.07 GHz

OS X version 10.5.8
build 9l31a

VMware Fusion 2.0.6

Windows 7 Virtual Machine under VMware Fusion

I recently got a new MacBook Pro. I have used various flavors of VMware in the past (VMware workstation under Windows and Linux desktops; VMware Server and ESX 3.5 ; VSphere) - But never  Fusion.
It's pretty darn easy to install. However, the version of VMware fusion I have installed (2.0.6) does not have a virtual machine type for Windows 7  In the past It seems that you can use another VM type with an unsupported OS with good results.. In fact the VMware Team fusion blog recommends using Win 2008 server virtual machine.
Other salient points they suggest:

• Disable 3D Acceleration
• Disable Shared Folders

...Wah, my .iso file was corrupt. See you in 4 hours afer I get another copy. ...two weeks later
Well it turned out that the version of Windows 7 that I was entitled to was an "upgrade" version. And therefore crippled and not bootable. I could have  gone through a whole install of Windows XP, and then upgraded it. But what a waste. But how to make it bootable?

The most straighforward brain-dead way I found is to copy the .iso to a windows machine, and use a program microsoft provides which will make my .iso file into a bootable DVD or USB : http://store.microsoft.com/Help/ISO-Tool .  However, this is an annoying and inelegant solution. All I  really want to do is to graft one little boot loader file into the .iso which is already on my disk. To accomplish this I have to burn my non-bootable iso to a dvd or otherwise copy it to a windows machine, and then burn it to a dvd or bootable usb stick there, and then bring it back.? Wah.

Yikes. I would much rather spend 5 hours learning about how to do this  smarter than spend 1 hour doing something dumb.

Hmm! Boot sectors and bootloaders and .isos oh my!

I got some inspiration from this post:
http://milliamp.org/2009/windows-7-64-bit-on-an-aluminium-macbook-pro/
To look at mkisofs on OS X as the means to slam that boot sector into my existing .iso file.

 Steps:

1. Download mkisofs, from helios: http://www.helios.de/news/news07/mkisofs.phtml
   
2. Open a terminal window (terminal.app) and copy the executable into somewhere in your path (e.g. /usr/bin or /usr/local/bin )
   
3. Find the existing .iso file in finder and double click it to mount it as a file system. 
4. Use mkisofs to create the new .iso file by copying all the files from the mounted .iso file together with the new boot sector file:

mkisofs -v  -hfs-unlock  -N   -U -udf  -no-emul-boot   -no-hfs  -nolimit-pathtables  -ignore-changed-files  -b boot/etfsboot.com -c boot.catalog  --osx-hfs  -iso-level 4 -o /Users/yournamehere/yourshinynewisofile.iso  /Volumes/thenameofoldisofile

not sure that all flags are necessary (e.g. -ignore-changed-files, --osx-hfs, -nolimit-pathtables?). The key discovery was that etfsboot.com is the boot image in /boot on the non-bootable iso, which is written to the boot sector (-b flag) by mkisofs.

And guess what it worked!

Desktop Fedora -> Ubuntu - Thunderbird problem

After changing my desktop from Fedora to Ubuntu my thunderbird profile disappeared -
When I started up thunderbird, instead of seeing all my old accounts, I saw:

No! I don't want to freakin' import 3 mail accounts, and my assorted local folders! Guess again!

We use nfs to mount /home directories, so it should JUST WORK. Right....

I looked in my .thunderbird directory - and there was my sweet little old profile, just like always:


xxl@foo:~$ ls -l .thunderbird   

total 11
drwx------ 7 xxl dept  37 2009-10-21 16:55 1bn7kwbx.default   
-rw-r----- 1 xxl dept 335 2009-10-21 14:42 appreg                    
-rw-r----- 1 xxl dept  94 2008-04-07 11:33 profiles.ini      

But whoa.. what's this?

drwx------  8 xxl dept     10 2009-03-17 13:10 .mozilla
drwx------  3 xxl dept      4 2009-10-21 17:23 .mozilla-thunderbird
drwxr-xr-x  2 xxl dept      8 2008-11-07 11:14 .mplayer

...

Ok then, take this you impostor!
xxl@foo:~$ rm -r .mozilla-thunderbird
xxl@foo:~$ mv .thunderbird/ .mozilla-thunderbird

And just in case I might want to use a fedora desktop again

xxl@foo:~$ ln -s .mozilla-thunderbird/ .thunderbird   

Ok, That's better.

 Kind of.Except for the hours of email to get to.

See forums.mozillazine.org
for a discussion.

Interview tips

How to navigate technical questions
nancy amato texas a & m

Erin Chapple, Microsoft
group program manager. data management

• I don't have alot of time. Want to read quicky. In first page. Who are you . Why would I want to interview you.
• Gabby Silverman. Research at CA
• Do you know us, What are you looking for, why do you have the qualification
• Sue Dragich, Director SW engineering Global communications,
  
• Clarity!!!!!
• Simple looking Easy to get through
• What are you passionate about. Hook. If you are excited

Nancy Amato Texas A&M

• Researcher. Publications, but where were they, quality

Lindsay
Concept management

• Specific results, Saved money, got great grade

Lynn Pastori Enterprise technical services. Data Center

• What was your role, what did you do
• Action words

Ellen Spertus, Mills

• Experience, including in class projects.
  

Tracey Intuit.

• Talent development.

Mock interview
technical questions
interviewing the interviewer
behavioral questions

Comments from the panel
Fictitious companyd. 500 people. Software engineer.

Looking for software development.

Good. Used whiteboard.
Talked aloud about her thought process.
You know an answer .
sounded confident as she worked through. s

Could have done better.
Be cautious about saying "NO" or hedge.
Get more information make sure you ask up front.

How do theory and algorithms act with machine.
Interviewee ask questions.

How to prepare for this question. Be a flexible person.

• Syntactically correct compilable code.
• Common language. Can you write in a well known language

Improvements

• don't think in silence think aloud.
  
• you can use pseudo code to map out what you would do
• Test your code for boundary conditions yourself

Behavioral
Can you think of a time you have had to try a new approach to people.

Customer surveys, drive alongs.

As interview probe for specific situation. Past performance is a good indication of future performance. Quantify success, reflection on past performance and continuous improvement.

How would someone work with a team, how do they speak about teammates.
Do they acknowledge others contributions as well as own contributions. Be upfront about your own contribution.

Did you have difficulty ever working with someone.
More detail of how worked out.

So admit mistakes. What would you do next time to change this.
Be specific. what was the situation. What action did you take. What was the result.
Even if it didn't work, tell people the result. show that you learned.

------------------------------------------
She mentioned the code change. This is a do-over. Chance to correct that.
This is ok. good to mention. Able to mention mistake.

--------
How much do you want the candidate to know about the company
THIS WILL MAKE YOU STAND OUT.
---
Passion
Core values of the team.
What is the team looking for.

Tell me about the Mentoring program. formal? informal?

Ask Questions

IT industry: why women leave?

Presenter Sue from Sudo coaching (what a great business name)

50% of women who leave go to non-industry jobs.
30% to non-SET industry jobs
20% stay at home.

Why?
39% Extreme job pressure 62 hours a week US, 72 hours India, China
38% Job not woman friendly
27% Compensation

Other ?'s
46% Career stalled
47% lack carere paths,
84% lack sponsors 47% mentors. role models 40% Senior men don't want to pal around with young women.
38% Isolated

Women More Risk averse leads to fewer high profile success.
Less credit if you take a risk. because you don't have a sponsor

More helper roles.
Don't get credit.

Discrimination/Macho culture
66-64% experienced sexual harassment
44-46% perceive bias in performance evaluation
23-27% "believe women are seen as less capable"

What helps?

• 10% female management
• Flexible workday and career track timing
• shock you actually get more work out of people.
• Career paths, mentoring programs, sponsorship
• Opportunities for altruism (Athena)
• On-ramps - have way to take off and come back.

Catalyst study

- workers at tech company
- boomers say "not having a mentor" is important impediment to success

More likely to have barriers if
- work for large company, have MS/PHD
- have fewer women at company

-----------
Few differences between women and men

but across the board tech women and tech men, men were happier with supervisor.

51% of men have partner primarily responsible for home and kids (13% women)
62% - 82%

HIgh level women are more likely to have a CS degree - Tech partner - partner responsible for home and kids (24 -13%)

Women managers are being perceived as less technical. how much is this because of bias?
by 50% - 30

Toot tech horn.

WHAT CAN I DO

• Find coach, mentor, group combat isolation
  
• Find a place with 10% women managers
• have a career goal
• build and demonstrate tech skills
• ask for high-profile & risky assignments "women don't ask" http://www.womendontask.com/
  

What can Co do

• on ramp/off ramp
• provide training for supervisors

The grace hopper conference is amazing

Grace Hopper conference is amazing.
Notes from one session.


Don't be afraid to fail. Maria.
The importance of coaches and mentors. Would help with structure.
Write down where want to be and when.

Writing it down helps you to see the next milestone.

If you do a good job and get everything done it will be recognized? NO.
That is not how it works. You need to speak up for yourself.
How to do this. Book by Peggy Klaus. The art of brag: How to toot your own horn without blowing it.

You can get pigeonholed into a role where you are good at what you are doing.
Read Deborah Tannen. The power of talk:
Female communication styles and Male communication styles. the dynamics at work. Read bout this, and get coaching. practice this.

Betty.
Networking. Do a great job. People will recommend you.

Alicia.
Write your own obituary today. What do you want to do by the end of your life.
How do the pieces fit in that goal. What matters to you. What are you passionate about.
Know yourself. What do you want to do.

Install gn03 on Macbook Pro (Leopard)

I found an excellent post on configuring Gn03 for mac. However if you are still running leopard (10.5) you need to make some changes. This post updates crimson silos with new links.

1. Install Xcode

Get Apple Xcode (Info on xcode ) - 10/20 - Latest version: 3.2.1 NOT FOR Leopard. So you must either:

1. Install an older version of xcode from your OS X install dvd.
2. Or ( join Apple Developer Connection (free)) and then download Xcode 3.1.4 which runs on Leopard.
   Apple makes it hard to find the old download page. To find it log in to ADC -> Downloads -> Developer tools (right nav bar) -> scroll down to xcode 3.1.4 -> download and install. Default install is fine.

2. Install Macports

Macports is basically a package management system for Macs. For info see http://en.wikipedia.org/wiki/Macports .

1. Go to http://www.macports.org/install.php , and select dmg download for Leopard.
   

In my case I had this installed. so I simply make sure it was updated by opening a terminal window and typing "su root" and then

Software soul

Mala Devlin (Cisco)
Hong-Chung Tsou (Intuit)

Mina Kaul-Basu
HA solaris cluster - worked in Bangalore 12 years
Manages global teams, Germany, UK.
Remote teams. Globalization is real.
Have teams participate in events locally.

• Hire right team
• Not just like yourself, not just good engineers
• learn and teach team culture.
• set roles use chat, webconference, webex etc to communicate.
• approach disagreements openly
• trust team. take risk.
  

Divya Kolar
Diversity
Hired as part of an all male team. was I a diversity hire?
"Coexist slide"
Diversity - art of thinking together independently.

2005 joined intel hiring freeze, intel encourage diversity. Manager gave full time offer. Did I get offer as being female? NO - I hired you because you bring skill diversity to team.
Being from research lab, always looking for funding, present, convince, persuade value of project. Had to speak to CEO - can I get the funding for the team? Our team did get funding.
Research in security. If the team is happy it reflects on the company
Diversity brings

• Understanding - better understanding of customer, IE netbook style PC cheap. worked in india. Who knows needs in India, Indonesia?
• Credibility - Having a clear connection with customer
• Connectedness Book "The Software Soul" e.g. Henry -from Asian country. In company no Asians higher than Sr Engineer. He left because he could not make connection
  

Classmate PC idea came from understanding the market, the country, India.
Mosaic, not melting pot.

Karin Catin
Project Manager

How can you identify the "Zen" soul of software release. 1996. web exploding. people used text editors. some tools, professionals used text editors. I was working for macromedia. saw market for wsywig for web developers. Kevin Lynch "19 dreams" whitepaper of web developers. Zen/mantra. 19 dreams -> dreamweaver -> product. Engineers got excited. Active advisory council to have meetings. Hired Web developer sat with Engineering team.

E.G. "Round-trip HTML" - the HTML in did not look like the HTML out. The HTML was reformatted by the tool on the page. or "Dont touch my layout"

Dave George "I found the round-trip HTML motivating because we were solving
remember first co wide demo, when lynch showed the round-trip demo, and audience broke into spontaneous applause I felt proud"

When we introduced our project - Engineers said "HTML is like postscript no one wants to edit it by hand."

NJ /Ben had a discussion of how to do the database. should we use attribute/ value pairs or efficient

Zen --> bartending. Program manager as a bartender. We have two ears and one mouth so that we can listen as much as we speak.

We need more bartender personalities at work. Cube the place you want to stop by. Find out about life.

Veep she knows, still use this technique. "Hows it going" "I have to run, have some extra budget to spend on creative suite project, gotta run."

Had problem with no cash for tools project. There is a budget we can get.

If you are not a good listener. Here is how to do it. I did it wrong and learned.
Bob comes in to ask question. I answer.
Bob says "please take hands off keyboard, turn around and listen" Watch good bartenders.

Get zen statements. Assign one to each team.

Happier teams work better. A good culture unleashes great productivity.

Establish a network. make friends. What do you want. Ask direct questions to friends about the teams they are members. Networking is key.

Don't underestimate your influence speak up.