Friday, April 28, 2017

Replacing the battery of a Toyota Auris key fob

Lately I started receiving the message "Key battery low" when turning off the car which is a 2014 Toyota Auris. I found a similar post for Toyota Prius and the receipt for Auris fairly similar with a couple of exceptions.

1. Take out the metal key and split the housing in half by using a flat screw driver.

2. Use a flat screw driver to remove the black plastic that covers the battery.

3. Use the screw driver to eject the existing battery.

4. Insert a new CR2032 battery.

5. Click on the black cover and the housing. Insert the metal key again.

6. Success (no need to resync the key with the car or anything else)

Saturday, August 30, 2014

Saturday, October 12, 2013

Book:The Phoenix project

Sometimes you read a book and you recognize the problems described and the people involved. The Phoenix Project was such a book. I recognized many of the characters in the book as people I've been working with or even myself. The Phoenix Project do however bring something very valuable to this world and I frequently recommend people in relevant positions to go read it. I want them to understand what this devops thing is and how it can contribute in solving their biggest challenges. There are other books on the topic of devops too, but this book is a fictional book with a story which is both exciting, funny, touching and educating. It touches the very same problems that many IT departments/people face, and it also brings a suggested change in IT operations that can help getting IT running more smoothly. A change in methodology based upon the experiences done in some of the most influential IT organizations in the world today. 

One of the authors of this book (Gene Kim) was guest star in episode 111 of the Cloud Virtualization Security Roundtable podcast.

Cloud Virtualization Security Roundtable, episode 111

Update: I've met Gene Kim at the ITSMF conference and he is in the process of writing a new book that I will soon be getting access to one of the early drafts.

NIST Cloud Computing Security Reference Architecture

A couple of years ago NIST released the first edition of  Cloud Computing Reference Architecture, but this summer they released a draft document with focus on cloud securityCloud Computing Security Reference Architecture(SP 500-299).

Due to the shutdown of the US government this document seems to be unavailable from the NIST site at the moment, but they will hopefully soon restart again in safe mode.

Cloud Virtualization Security Roundtable

Sunday, May 19, 2013

Episode 105: VirtuStream

This episode's guest is Pete Nicoletti from VirtuStream. VirtuStream is a cloud solution provider with a strong focus on security and they are hosting some major customers.

One of the topics that are being discussed in episode 105 is the use of TXT technology in cloud solutions. Currently it's not possible to enable TXT across all cloud solutions because it depends on what hardware the cloud providers are using. Providers using white boxes can not support TXT as it is available in enterprise solutions.

In a cloud solution tenant specific logging is very important and a standard is still missing even though there is some work underway.

In addition to various hardening guides there is also an application called Onapsis that can check if you have setup your system in a secure way. It's an application specific security scanner.

Hosting different customers on the same platform can be a risk and most cloud providers have no evaluation on which customers should be allowed to run on the same hardware (or at all).

PCI-DSS is also something you must have in mind. Many PCI auditors may scratch their head when they come across a virtualized solution. Even though there is a virtualization special interest group for auditors, such auditors are hard to find.

Texiwill has written a bit here on How VirtuStream does Cloud Security and the podcast is available below.

Audio: Cloud Virtualization Security Roundtable, episode 105

Tuesday, May 7, 2013

Human technology roadblocks

Often new proposals and projects are stopped due to the lack of knowledge of others.

The security team can stop many good projects such as those involving virtualization because they don't have enough knowledge and are skeptical to new types of services that they don't have experience with.

Mrs Y once worked at a company and the networking department was skeptical to running virtualized networks. They were asking about latency and other issues that may have been a problem many years ago.

Some people are skeptical regarding VLANs. Texiwill too. That includes VXLAN and other similar technologies.

It has been said that it's a struggle for people to separate the logical from the physical. For the longest time it has been the same thing and now it's suddenly different. Both people, companies, ISVs and hardware vendors are confused by these changes and many of them will try to block these new inventions in favor of the old ones.

All this and more in episode 104.

Driving from Lycia to Fethiye.

Audio: Cloud Virtualization Security Roundtable, episode 104

Saturday, May 4, 2013

Boat trip

Last week I attended a boat trip from Dalyan to Iztuzu Beach. On this same truo we also attended a mud bath and turtle safari. There were one turtle near our boat for a short moment, but I didn't see it with my own eyes since it was at the front of our boat and I was sitting in the back. The beach was great and I wish we could have stayed there longer.