Monthly Archives: August 2015

Blog

DebConf15 – Day 2-3

Day 2

It was raining and it was freezing cold, even inside the building. I spent most of the time making my computer to run docker and move code that I wanted to fix to my local machine. There were also ad-hoc events that interrupted my plan, though. Anyway, I installed docker 1.8, and started to port code that will be used for web hosting.

I met Niibe-san and his family in the evening.

Day 3
I brought 2 bottles of liquer (Mekhong + Regency) for Cheese and Wine Party in the evening. As expected, everyone was enjoy strong smell of various kinds of cheese, and many bottles of wine and other alcohol drinks. Space was too small for our party ! I cannot stay late since bus to my hotel would not run all night. So, I went back to the hotel at 22:30. Andrew told me later that those two bottles I brought disappeared quickly than any other non-wine liquer. Hhaha.

Blog

DebConf15 – Travel – Day 1

DebConf15 was held on 15th – 22nd August 2015 in Heidelberg, Germany. It was relatively easy for me travel since I could take direct flights from Bangkok to Frankfurt, then Heidelberg is about 1 hour away by bus or train. Also, I currently hold an official passport, which can enter to Germany without applying a visa.

I left Bangkok on 13th, and arrived Frankfurt on 14th, the Heidelberg was 1 hour away by bus. After checked at the hotel, I walked to the venue for registration. I met Andrew, Paul, Hector there. Some already there since DebCamp week.

On the Day 1, it is about 560 participants registered in DebConf15. This is quite number. Sure enough, many old friends I’ve been acquainted like Anibal, Hideki (with his wife), Andrew Lee, Paul Liu, Aigarius, Jonas. Still, miss others like Christian Perrier.

There was also a job fair for those sponsors/companies that wanted to seek for Debian experts. One of them was 2 Sigma. I didn’t really know about this company, but after few chatted, boys, IT department of this company is crazy! They discovered Thunderstrike bug, Intel bugs, and create Magic Lantern firmware for Canon EOS.

Nothing much for the Day 1 though. I attended 3 sessions in the morning, opening ceremony, Golang, and obnam, and started to do my works in the afternoon till dinner then headed back to the hotel.

Blog, Lab

Getting “A” from Qualy’s SSL

Qualys SSL Labs provides a SSL Server Test for awhile. You can rate your web site at https://www.ssllabs.com/ssltest

To get rating “A”, there are few straightforward tricks:

  1. Disable all versions of SSL protocol. Enable only TLS. e.g., 
    ssl_protocols TLSv1 TLSv1.1 TLSv1.2
  2. Choose only strong ciphers, e.g., you’ll sacrifice some very old clients. 
    ssl_ciphers ECDH+AESGCM:DH+AESGCM:ECDH+AES256:DH+AES256:ECDH+AES128:DH+AES:ECDH+3DES:DH+3DES:RSA+AESGCM:RSA+AES:RSA+3DES:!aNULL:!MD5:!DSS;
  3. Use HSTS, e.g., 
    add_header Strict-Transport-Security max-age=31536000;

Optionally,

ssl_dhparam /etc/ssl/private/dhparam.pem;
ssl_stapling on;
ssl_stapling_verify on;