Feb 16, 2018

Simplify your travel expenses with Expensify

Let me start out by saying this is definitely not a paid endorsement. My company recently made available a tool to make expense reporting more simple, and also make it easier for managers to approve expenses.

You see, I work remotely from my home in Colorado, but my company is headquartered in San Diego. It's a pretty sweet gig, and has proven to be very flexible. Occasionally though, I have to fly back for one reason or another. Most of the time it's pretty nice, but the thing I dread about it is keeping track of all of my expenses!

Up until recently, every expensable purchase I made (Meals, gas, plane tickets, rental car, hotel, etc) I had to keep the receipt with me until I got back home. I would then spend about an hour separating the receipts by date, scanning them to PDF on my scanner, then filling out an Excel spreadsheet to submit as my report. What a pain in the ass!

Enter Expensify! From their page:
Whether you're a road warrior with pockets full of receipts or a busy accountant buried in paperwork, Expensify automates the entire receipt and expense management process.
Here are their features:

  • One-Click Receipt Scanning - Expense reports are finished with one click. Take a picture of your receipt and Expensify automatically fills out and submits an expense report for you!
  • Next-Day Reimbursement - As soon as reports are approved, rapid reimbursement delivers the money right into the employee's bank account within 24 hours via ACH direct deposit.
  • Automatic Approval Workflows - Admins can customize expense policy rules for their organization and configure Expensify to flag any expenses that actually need a manager’s review. The rest — like that $3 coffee receipt — are automatically approved.
  • Automatic Accounting Sync - Any changes made in your accounting system are automatically synced with Expensify in realtime for constant visibility into your organization’s finances, making audits and tax season a breeze.

To see it in action, check out this video:

It was so easy. Every time I purchased something that I could expense, I would snap a picture of the receipt using my Android app, and boom! Done! When I flew back, my report was pretty much ready to go already. I just had to submit it for approval. My company already had the workflow setup so my boss could approve it. So easy!

If you are going to use it as an individual, it's free! You get 10 free SmartScans per month (You can also manually enter information for anything over 10), you get the free mobile app, unlimited receipt storage and email and chat support!

If you are going to use it for your team, you get additional features for only $5 per user per month, and corporate users can get even more features for only $9 per user per month. With the time it saves though, it will easily pay for itself when your employees don't have to take an hour out of their day to fill out their reports!

Do you use Expensify? Do you use something else to manage travel expenses? Let us know in the comments!

Feb 15, 2018

This major central bank signed a deal with #Ripple

Saudi Arabia’s central bank has signed a deal with U.S.-based Ripple to help banks in the kingdom settle payments using blockchain software, as Gulf regulators begin to explore new forms of financial technology.

The pilot program is the first of its kind to be launched by a central bank, allowing banks in Saudi Arabia to use Ripple’s software to instantly settle payments sent into and out of the country, the company said late on Wednesday.

This will allow Saudi banks to make faster, cheaper and more transparent cross-border transactions, Ripple said, adding that the central bank would provide training to Saudi banks interested in the program.

A Preview of Ubuntu 18.04 "Bionic Beaver"

In this video, Ronald Wallpapersfree gives us a simple preview of original stable version of Ubuntu 18.04, aka Bionic Beaver that is coming on 26th April. This will be a long term support (LTS) version of the popular Linux operating system.

Feb 14, 2018

How Secure is Your #Bitcoin Exchange's SSL/TLS Implementation?

One thing I have a habit of doing since I work in the IT Security industry myself, is check not only a website's SSL certificate, but I also like to see how well they implemented it. The tool I often use to test this sort of thing is SSL Labs.

You see, not all implementations of SSL are secure. There are obsolete ciphers available. Plus, older implementations of SSL have been found to be vulnerable to various attacks. It's one of the reasons why PCI-DSS is forcing all companies that handle credit card transactions to disable everything except TLS 1.1 and TLS 1.2 in June this year.

I was curious on how well the cryptocurrency exchanges I use for various reasons stacked up. So I decided to test their websites using SSL Labs. Here are the results:


You can view the full report here, but as you can see above, Coinbase did exceptionally well. I also noticed that their SSL Certificate has a 4096 bit public key, the largest of the group I tested.

Binance did a great job as well scoring an A+. You can see the full report here. They did not implement all of the security options that Coinbase did like HTTP Public Key Pinning (HPKP), or implementing a DNS Certification Authority Authorization (CAA) Policy though. Still, their implementation is better than most. Their public key is 2048 bits.

I can't really complain about Changelly either with their A+ rating. You can see their full report here. They too use a 2048 RSA public key.

While still pretty good, it's not perfect. HitBTC only scored an A. You can see the full report here. One thing I noticed was that they use Cloudflare's CDN service, as well as Cloudflare's multi-client SSL certificate. That certificate has a 256 bit ECC key. If you are not familiar with the difference between ECC and RSA, Globalsign says the following:
ECC is able to provide the same cryptographic strength as an RSA-based system with much smaller key sizes. For example, a 256 bit ECC key is equivalent to RSA 3072 bit keys (which are 50% longer than the 2048 bit keys commonly used today). The latest, most secure symmetric algorithms used by TLS (eg. AES) use at least 128 bit keys, so it makes sense that the asymmetric keys provide at least this level of security.
After reviewing all of these, I feel pretty comfortable continuing to do business with these exchanges. Over all, their SSL implementation is pretty damned good compared to some sites out there. All of them still support TLS 1.0 though, so it may be interesting to test them again after PCI-DSS's June 30th deadline to disable it.

What do you think about this? Was there another exchange you wanted me to test? If so, let me know in the comments!

Feb 13, 2018

Chart that shows the Linux file system hierarchy

I ran across an interesting chart that broke down the Linux file system hierarchy in a way that makes it a little easier to understand. This chart is very helpful for those that are new to Linux and is also helpful to anyone who needs to refresher.

The chart was created by the guys at BlackMoreOps.

From their page:
What is a file in Linux? What is file system in Linux? Where are all the configuration files? Where do I keep my downloaded applications? Is there really a filesystem standard structure in Linux? Well, the above image explains Linux file system hierarchy in a very simple and non-complex way. It’s very useful when you’re looking for a configuration file or a binary file. I’ve added some explanation and examples below, but that’s TL;DR. 
Another issue is when you got configuration and binary files all over the system that creates inconsistency and if you’re a large organization or even an end user, it can compromise your system (binary talking with old lib files etc.) and when you do security audit of your Linux system, you find it is vulnerable to different exploits. So keeping a clean operating system (no matter Windows or Linux) is important.

Below is the chart

Click the image to view it better

The article where the chart was originally posted goes way more into depth on the Linux file system, what it is, what each directory is used for, types of files, etc.

If you were ever confused about how the Linux files system works, hopefully this helps to clear things up a bit.

Feb 12, 2018

I met a professional cryptocurrency miner in Cedaredge Colorado!

I recently inherited a new desktop computer with 32GB of RAM and quad-core 3.3 GHz processor. It's pretty sweet, and I've turned it into my new Emby media server! Since I had this new toy, I didn't need my old workhorse, custom desktop that I built years ago.

So I wiped out all of my data, put Ubuntu and Steam on it and sold it on Craigslist as a custom Steam gaming computer!

One of the potential buyers of my rig contacted me because he was eyeing the case, and was thinking about turning my machine into a cryptocurrency mining machine. The thing that threw me off about it, after talking with this guy for a while, was that he was a professional miner and lived in my little one horse town of Cedaredge Colorado of all places!

For those of you not in the know, Cedaredge is located in Delta County Colorado which is basically a technological blackhole. Nobody knows how to use computers or technology around here. It's kind of scary actually. So imagine my shock when I found out that a guy in town had his own mining farm.

Well, he wanted to see if his high end GPU video cards that he uses for mining would fit in the case, and I was interested in his mining rigs, so he invited me over to his humble abode to check them out while he tested his video cards in my Ubuntu computer.

Being in the tech industry, and working in data centers all the time, I sort of imagined a standard data closet kind of setup, or even a colocation like place... Nope, this miner lived a very non-descript rundown place right in the middle of town.

He invited me in with my desktop computer, and the placed smelled strongly of marijuana. It turns out that although he is a professional crypto miner, he was also running a small pot venture.. and clearly smoking it too!

While he fiddled with my machine, he allowed me to take a few pictures of his three mining rigs:

ASICS Mining setup. Open air, no case... Just boards.

Open air case with one video card

Open case with two ASUS cards, and several PCI-E to USB extension cables

MSI cards attached to a 2x4 connected to USB PCI-E expansion cables

Mining script running

Another mining script running

When I asked him if he used a specific mining pool, he said he actually used several depending on the currency he was mining, or the change in the market. He said he used:

You might be wondering what kind of money he's pulling in with these functional, yet ugly mining rigs. Well, he said he averages about $3,000 per month take home on his venture, and only pays roughly $500 per month in electrical bills. That's an easy $2,500 profit! On top of that, since it's winter here in Colorado he said he isn't paying anything for heating his place with all of his rigs running!

Of course, the day I visited was on January 16th, when the streets were red with blood because the crypto market tanked pretty hard, so he said he was feeling the pain that day. Of course, he and I were very optimistic that things would bounce back!

So long story short, he didn't buy my Ubuntu rig because his video cards were way too big to fit in my case. That's cool though, I had a guy come by later that afternoon that wanted to use it for games and bought it from me anyway. Still though, I thought seeing a professional mining operation was definitely worth the time it took to let him test his cards out.

What do you think about his mining setup? Let me know in the comments.

Feb 11, 2018

Alessio Rastani: The Weird #Bitcoin Pattern Everyone Needs to See

Rastani almost did not see this odd bitcoin pattern, which he calls a hammer candlestick pattern. According to Wikipedia a hammer candlestick pattern is:
...a type of bullish reversal candlestick pattern, made up of just one candle, found in price charts of financial assets. The candle looks like a hammer, as it has a long lower wick and a short body at the top of the candlestick with little or no upper wick. In order for a candle to be a valid hammer most traders say the lower wick must be two times greater than the size of the body portion of the candle, and the body of the candle must be at the upper end of the trading range. 
When you see the hammer form in a downtrend this is a sign of a potential reversal in the market as the long lower wick represents a period of trading where the sellers were initially in control but the buyers were able to reverse that control and drive prices back up to close near the high for the day, thus the short body at the top of the candle. 
After seeing this chart pattern form in the market most traders will wait for the next period to open higher than the close of the previous period to confirm that the buyers are actually in control.
Does this mean that we're going to start seeing a consistent upward trend going forward? Rastani says we need to see further buying strength before we will have confirmation that we're heading back into a bullish trend.

What do you think about this? Are you optimistic about it? Let us know your thoughts in the comments.

Twitter Delicious Facebook Digg Stumbleupon Favorites More

Design by Free WordPress Themes | Bloggerized by Lasantha - Premium Blogger Themes | stopping spam