Fail of the Week: GitLab Goes Down

Has work been a little stressful this week, are things getting you down? Spare a thought for an unnamed sysadmin at the GitHub-alike startup GitLab, who early yesterday performed a deletion task on a PostgreSQL database in response to some problems they were having in the wake of an attack by spammers. Unfortunately due to a command line error he ran the deletion on one of the databases behind the company’s main service, forcing it to be taken down. By the time the deletion was stopped, only 4.5 Gb of the 300 Gb trove of data remained.

Reading their log of the incident the scale of the disaster unfolds, and we can’t help wincing at the phrase “out of 5 backup/replication techniques deployed none are working reliably or set up in the first place“. In the end they were able to restore most of the data from a staging server, but at the cost of a lost six hours of issues and merge requests. Fortunately for them their git repositories were not affected.

For 707 GitLab users then there has been a small amount of lost data, the entire web service was down for a while, and the incident has gained them more publicity in a day than their marketing department could have achieved in a year. The post-mortem document makes for a fascinating read, and will probably leave more than one reader nervously thinking about the integrity of whichever services they are responsible for. We have to hand it to them for being so open about it all and for admitting a failure of their whole company for its backup failures rather than heaping blame on one employee. In many companies it would all have been swept under the carpet. We suspect that GitLab’s data will be shepherded with much more care henceforth.

We trust an increasing amount of our assets to online providers these days, and this tale highlights some of the hazards inherent in placing absolute trust in them. GitLab had moved from a cloud provider to their own data centre, though whether or not this incident would have been any less harmful wherever it was hosted is up for debate. Perhaps it’s a timely reminder to us all: keep your own backups, and most importantly: test them to ensure they work.

Thanks [Jack Laidlaw] for the tip.

Rack server image: Trique303 [CC BY-SA 4.0], via Wikimedia Commons.

Partsbox.io Wants to Organize Your Junk Box

There are many ways to divide the hacker community into groups. Tubes vs transistors. Emacs vs VI, microcontroller vs discrete component designers. However, one of the more fundamental divisions in the community is how you organize your parts. We’ve seen giant warehouses with carefully organized bins and cabinets full of components, and we’ve seen storage crates with tangles of wires and bits of electron-bending components scattered among the wires.

dbIf you are in the former camp, you’d probably enjoy partsbox.io (see image, right). If you are in the latter group, you probably need to check it out even more than the other people. The idea is simple: an online place to keep an inventory of your electronic parts. The implementation is not as simple, though. The web application will work on a mobile device or just about anywhere. You can view your components by type, by location (the shoe box under the bed vs the parts bin in the closet), or by a project’s bill of materials. You can use “known” parts or create private parts for things no one else has (for example, your custom PC boards, or those 3D printed brackets you made to hold a microswitch). If you add data for a component you can make it available to other users.

Continue reading “Partsbox.io Wants to Organize Your Junk Box”

Using The FCC EAS For Fun And Profit

When a consumer electronics device is sold in the US, especially if it has a wireless aspect, it must be tested for compliance with FCC regulations and the test results filed with the FCC (see preparing your product for FCC testing). These documents are then made available online for all to see in the Office of Engineering and Technology (OET) Laboratory Equipment Authorization System (EAS). In fact, it’s this publishing in this and other FCC databases that has led to many leaks about new product releases, some of which we’ve covered, and others we’ve been privileged enough to know about before the filings but whose breaking was forced when the documents were filed, like the Raspberry Pi 3. It turns out that there are a lot of useful things that can be accomplished by poring over FCC filings, and we’ll explore some of them.

Continue reading “Using The FCC EAS For Fun And Profit”

A Trove Of 3D Printer Filament Test Data

We’re not sure what a typical weekend at [Walter]’s house is like, but we can probably safely assume that any activity taking place is at minimum accompanied by the hum of a 3D printer somewhere in the background.

Those of us who 3D print have had our experiences with bad rolls of filament. Anything from filament that warps when it shouldn’t to actual wood splinters mixed in somewhere in the manufacturing process clogging up our nozzles. There are lots of workarounds, but the best one is to not buy bad filament in the first place. To this end [Walter] has spent many hours cataloging the results of the different filaments that have made it through his shop.

We really enjoyed his comparison of twleve different yellow filaments printed side by side with the same settings on the same printer. You can really see the difference high dimensional tolerance, the right colorant mix, and good virgin plastic stock makes to the quality of the final print. Also, how transparent different brands of transparent actually are as well as the weight of spools from different brands (So you can weigh your spool to see how much is left).

The part we really liked was his list every filament he’s experienced in: PLA, ABS, PETG, Flexible, Nylon, Metal, Wood, and Other. This was a massive effort, and while his review is naturally subjective, it’s still nice to have someone else’s experience to rely on when figuring out where to spend your next thirty dollars.

OneSolver Does What Wolfram Can’t

Wolfram Alpha has been “helping” students get through higher math and science classes for years. It can do almost everything from solving Laplace transforms to various differential equations. It’s a little lacking when it comes to solving circuits, though, which is where [Grant] steps in. He’s come up with a tool called OneSolver which can help anyone work out a number of electrical circuits (and a few common physics problems, too).

[Grant] has been slowly building an online database of circuit designs that has gotten up to around a hundred unique solvers. The interesting thing is that the site implements a unique algorithm where all input fields of a circuits design can also become output fields. This is unique to most other online calculators because it lets you do things that circuit simulators and commercial math packages can’t. The framework defines one system of equations, and will solve all possible combinations, and lets one quickly home in on a desired design solution.

If you’re a student or someone who constantly builds regulators or other tiny circuits (probably most of us) then give this tool a shot. [Grant] is still adding to it, so it will only get better over time. This may be the first time we’ve seen something like this here, too, but there have been other more specific pieces of software to help out with your circuit design.

Investigating the strength of the 4-digit PIN

If we wanted to take a look at the statistics behind 4-digit pin numbers how could we do such a thing? After all, it’s not like people are just going to tell you the code they like to use. It turns out the databases of leaked passwords that have been floating around the Internet are the perfect source for a little study like this one. One such source was filtered for passwords that were exactly four digits long and contained only numbers. The result was a set of 3.4 million PIN numbers which were analysed for statistical patterns.

As the cliché movie joke tells us, 1234 is by far the most commonly used PIN to tune of 10% (*facepalm*). That’s followed relatively closely by 1111. But if plain old frequency were as deep as this look went it would make for boring reading. You’ll want to keep going with this article, which then looks into issues like ease of entry; 2580 is straight down the center of a telephone keypad. Dates are also very common, which greatly limits what the first and last pair of the PIN combination might be.

We’ll leave you with this nugget: Over 25% of all PINs are made of just 20 different number (at least from this data set).

[Thanks Awjlogan]

Arduino, RFID, and you

[Matt] has mixed up a batch of two RFID reading door lock systems. While the “door lock” part of the setup has yet to come into existence, the “RFID reading” section is up and running. By using the Parallax RFID readers (for cheap, remember?) and an Arduino, [Matt] is able to parse an RFID tag, look its number up in a database, and then have a computer announce “Access Denied” in a creamy “Douglas Adam’s sliding door of Hitchiker’s Guide” kind of way with Python.

Good books aside, catch a not as exciting as you’re thinking video after the jump.

Continue reading “Arduino, RFID, and you”