Encode image and display in html

     No comments
To encode an image file(eg. png, jpg, gif) we will need the apache commons-codec library.
To avoid it in a maven project:

<dependency>
 <groupId>commons-codec</groupId>
 <artifactId>commons-codec</artifactId>
 <version>1.11</version>
</dependency>

Encode a file:

public static String encodeFileToBase64Binary(File file) throws IOException {
 String encodedFile = null;
 try (FileInputStream fileInputStreamReader = new FileInputStream(file)) {
  byte[] bytes = new byte[(int) file.length()];
  fileInputStreamReader.read(bytes);
  encodedFile = org.apache.commons.codec.binary.Base64.encodeBase64String(bytes);
 }

 return encodedFile;
}

Prepare the image: 

String strImage = encodeFileToBase64Binary(new File(imagePath));
String imageExt = FilenameUtils.getExtension(imagePath);

imagePath = "data:image/" + imageExt + ";charset=utf-8;base64, " + strImage;

Now you can use imagePath in your HTML. 

<img src="#{imagePath}" />

Setting Up Elk and Pushing Relational Data Using Logstash JDBC Input Plugin and Secrets Keystore

     No comments

Introduction

In this tutorial, we will go over the installation of Elasticsearch. We will also show you how to configure it to gather and visualize data from a database.

Logstash is an open source tool for collecting, parsing and storing logs/data for future use.

Kibana is a web interface that can be used to search and view the logs/data that Logstash has indexed. Both of these tools are based on Elasticsearch, which is used for storing logs.

Our Goal

The goal of this tutorial is to set up Logstash to gather records from a database and set up Kibana to create a visualization.

Our ELK stack setup has three main components:
  • Logstash: The server component of Logstash that processes database records
  • Elasticsearch: Stores all of the records
  • Kibana: Web interface for searching and visualizing logs.

Install Elasticsearch

Using the MSI Installer package. The package contains a graphical user interface (GUI) to guides you through the installation process.

Then double-click the downloaded file to launch the GUI. Within the first screen, select the deployment directories:

images/msi_installer/msi_installer_locations.png

Then select whether to install as a service or start Elasticsearch manually as needed. Choose install as a service:
For configuration, simply leave the default values:
images/msi_installer/msi_installer_configuration.png
Uncheck all plugins to not install any plugins:
images/msi_installer/msi_installer_plugins.png
After clicking the install button, Elasticsearch will be installed:
images/msi_installer/msi_installer_success.png
To check if the Elasticsearch is running, open command prompt and type "services.msc" and look for Elasticsearch. You should see the status that it is 'Running'.

Or simply download the zipped file from https://www.elastic.co/downloads/elasticsearch.

Install Kibana

You can download the Kibana https://www.elastic.co/downloads/kibana.

After downloading Kibana and unzipping the file you will see a folder structure as below.

The runnable file is located at bin\kibana.bat.

To test, start kibanat.bat and point your browser at http://localhost:5601 and you should see a web page similar below:


Install Logstash

You can download the Logstash https://www.elastic.co/products/logstash.

After downloading Logstash and unzipping the file you will see a folder structure as below.

The runnable file is located at bin\logstash.bat.

Inserting Data Into Logstash By Using Select Data from Database

Elastic.co has a good blog regarding this topic that you can visit https://www.elastic.co/blog/logstash-jdbc-input-plugin.

Secrets keystore

When you configure Logstash, you might need to specify sensitive settings or configuration, such as passwords. Rather than relying on file system permissions to protect these values, you can use the Logstash keystore to securely store secret values for use in configuration settings.

Create a keystore

To create a secrets keystore, use the create:

bin/logstash-keystore create

Add keys

To store sensitive values, such as authentication credentials, use the add command:

bin/logstash-keystore add PG_PWD

When prompted, enter a value for the key.

We could use keystore to store values jdbc_connection_string, jdbc_user, jdbc_password, etc.

For simplicity, an underscore was added for referencing the keys. See below for sample config file.


Let's say that a Postgresql table was changed after pushing the data to Elasticsearch. Those changes will not be present in Elasticsearch. To keep Elasticsearch updated we need to update it by running logstash with the configuration below. 



In this configuration we are running logstash every second, of course, you wouldn't do that :-) Normally we run per day, week, month, etc. Can be configure depending on your needs.

References:

Navigating in Guard in Angular5

     No comments
There are some cases when we need to navigate in a Guard rather than in component. Why? Well, obviously you didn't have to define a component where you need to navigate. An example use case would be a route where you need to navigate given a certain role.

A sample route:

{
 path: 'bride',
 canLoad: [AuthGuard],
 loadChildren: 'app/module/bride/bride.module#BrideModule'
}
A matching guard that navigates defending on role: 

@Injectable()
export class AuthGuard implements CanActivate {

    constructor( private router: Router, private route: ActivatedRoute ) {

    }

    canActivate( next: ActivatedRouteSnapshot, state: RouterStateSnapshot ): Observable | Promise | boolean {
        console.log( 'registration.guard' )

        if ( !KeycloakService.auth.loggedIn || !KeycloakService.auth.authz.authenticated ) {
            return false;
        }

        //check group
        if ( KeycloakService.hasGroup( 'Anime' ) ) {
            this.router.navigate( ['/bride/postRegistration'] );

        } else if ( KeycloakService.hasGroup( 'Vendor' ) ) {
            this.router.navigate( ['/bride/postRegistration'] );
        }

        return true;
    }
}

Multi-layout in Angular5

     No comments
How to implement a multi-layout feature in Angular5. A common use case for this is when you have a different layout for your public and secured pages. For example, your secured page could have a menu on the left side. Or you have a page that doesn't require a layout.

Let's provide some examples. Let's say you have the following requirements:
  1. Plain pages that don't require any layout.
  2. Public pages.
  3. Secured pages.
The core feature that we need to set is the router configuration. 
  1. First, the app.component content must only be the router-outlet tag.
  2. We need to create a module for the layout components. Why we need a separate module for the layout? It's because it's possible to use the layout on different modules. If we just make it part of a module, say app.module, then we cannot use it inside secret.module. 
The layout module will contain the public and secured layout components. These 2 components are just ordinary component with template defined in its HTML page. The main point here is that inside, HTML  tag must be defined. Remember we have another router in the app.component? The Router class has a way of dealing with this, by using the children property.

In this section, we will provide an example of how a route should be defined in app-routing.

Public pages layout:

{
 path: '',
 component: PublicPageLayoutComponent,
 children: [
  { path: '', component: HomeComponent, pathMatch: 'full' },
  { path: 'home', component: HomeComponent },
  { path: 'about', component: AboutComponent}
 ]
}

Secured pages layout:

{
 path: '',
 component: SecuredSiteLayoutComponent,
 children: [
  { path: '', component: AdminComponent, pathMatch: 'full' },
  { path: 'admin', component: AdminComponent}
 ]
}

Now, what if we have a lazy loaded module route? If we defined it like below, it will throw an error.

{
 path: 'secret',
        component: SecuredSiteLayoutComponent,
 loadChildren: 'app/module/secret/secret.module#SecretModule'
}

To fix this, we must define a secret-routing.module and defines some routes similar to app-routing.

const routes: Routes = [
    {
        path: '',
        component: SecuredSiteLayoutComponent,
        children: [
            { path: '', redirectTo: 'dashboard', pathMatch: 'full' },
            { path: 'dashboard', component: DashboardComponent }
        ]
    },
    {
        path: 'postRegistration',
        component: SecuredSiteLayoutComponent2,
        children: [
            { path: '', component: PostRegistrationComponent }
        ]
    }
];

Basically, following the same logic of using the children property.

As a bonus, we are adding a guard that navigates depending on the role of a newly registered user. I used this to redirect the user to a configuration page.
@Injectable()
export class RegistrationGuard implements CanActivate {

    constructor( private router: Router, private route: ActivatedRoute ) {

    }

    canActivate( next: ActivatedRouteSnapshot, state: RouterStateSnapshot ): Observable | Promise | boolean {
        console.log( 'registration.guard' )

        if ( !KeycloakService.auth.loggedIn || !KeycloakService.auth.authz.authenticated ) {
            return false;
        }

        //check group
        if ( KeycloakService.hasGroup( 'Bride' ) ) {
            this.router.navigate( ['/bride/postRegistration'] );

        } else if ( KeycloakService.hasGroup( 'Vendor' ) ) {
            this.router.navigate( ['/bride/postRegistration'] );
        }

        return true;
    }
}
Here's a link on how I secured the pages: http://czetsuya-tech.blogspot.com/2017/11/secure-angular4-with-keycloak-role-or.html.

Monero Is For...

   No comments
Follow @cryptoizzy

(If you want to skip my intro, just scroll down to sections: Monero is for Porn, Monero is for Pot and Monero is for Guns)

Monero is the Esperanto word for money, and I’ve reached the conclusion that money is precisely what Monero is. In previous articles, I’ve referred to money as being either sound or unsound, but I now believe that was the wrong approach. ‘Sound or unsound’ isn’t the question. The question is – “is it or is it not money?” Right now, there is nothing else on earth I am aware of that is also money[1], with the exception of precious metals (though they have very different medium of exchange profiles, and thus, usefulness). Of course this may change over time, and new forms of money may present themselves (for instance, with zk-starks), but for now, this is it.

 Current fiat currency systems, which our world uses now, are not money. True money doesn’t allow a group to create money at whim, and direct it to whom they like. This violates the store of value rule. Fiat currency systems are in reality, just tokens – created and distributed by a select group who decide the rules for use.

 Bitcoin and other alt-coins are not money. Because of the way they have been designed, privacy is at best optional (though often non-existent), and consequently, identifiable histories can be linked to transactions[2]. This is problematic for a number of reasons, but simply put, privacy is a technical requirement for fungibility, and fungibility is a binary and necessary trait for something to be money. And so, Bitcoin and other altcoins are not money… tokens, yes – and designed to be a better store of value than Fiat, but still not money.

 Using something as money that truly is money has the potential to solve a lot of the problems of today’s world. It can do this by providing an alternative to our current broken monetary system which is currently riddled with such absurdities as engineered inflation, massive wealth inequality and endlessly funded institutionalized violence. This is why I, and so many others are excited by Monero’s potential as the only cryptocurrency that is money. But history has shown repeatedly the best product doesn’t always win. Marketing plays a huge part, and there are other coins (from Bitcoin to Bcash to Dash) which have far more significant marketing programs (whether centralized or decentralized).

 But marketing is only ultimately effective if it gets people to buy and use the product being marketed. This tells us that the real driver for competitive success is adoption and use.And here’s where I see a real opportunity for Monero – because Monero, as a private and fungible money, has use cases with which no other altcoin or fiat note can compete. It is adoption and usethat will ultimately determine whether Monero will be successful, and in that vein, I offer three real, legitimate use cases which I believe can facilitate its adoption and use as something more than a speculation or investment vehicle.

 Hey, I’d love it if the average-joe understood all the societal and macroeconomic implications of using cryptocurrencies in general and Monero in particular. But I’ll happily settle for than same average-joe simply usingMonero, and let time and experience further educate him on the bigger issues. In fact, this approach might just be what tips the scales -  transforming Monero’s potential into kinetic reality. And if that man on the street doesn’t want to defend Monero by citing his porn, pot, or firearms habits – well then, he can just tell his friends he doesn’t like being spied on.

 Monero is for Porn  ( #pornero!)

 From a porn user’s perspective, this is a no-brainer. Anyone who subscribes to a porn-site today and pays for it with anything other than a truly private payment method means their whole porn-history can be tracked and linked to their real-life persona (sorry Verge, but just because Pornhub has for some reason picked you, doesn’t mean you’re any good). For a lot of people, this is not an acceptable prospect, and so they either don’t subscribe at all, or try not to think about what would happen if the porn or credit-card companies sell this info (to private industry or government) or are hacked (remember the Ashley Madison leak?). But using Monero to pay for porn would break that link, and (assuming a user connects through a trusted VPN), provide the privacy which the vast majority of porn users want.

 From a porn company’s perspective, offering Monero as a trusted payment method would be hugely profitable. Right now, only about 4% of porn-viewers actually ‘convert’ to paid users. In other words, 96 out of 100 porn-viewers never pay. But if a truly private way to subscribe were available (i.e., Monero) then each *1* of these 96 people who took advantage of this option and became a paid subscriber would translate into a profit[3]boost of 25%! In other words, if you run a porn-business… what are you waiting for? Set it up for Monero payment and boost your profits – don’t let Mariah Carey have all the fun.)  The same really holds true for all sex-industry businesses, but I’ll leave that for you to ponder those implications.

 From a Monero adoption perspective, this would be enormous as well. Best estimates are that 77% of Americans view porn once a month, or 77% x 325 million = 250 million users[4]. If only 1 out of 100 of these viewers became subscribers with Monero, then that would be an increase of the Monero user base[5]of 2.5 million people! If they on average spent $15 a month for subscription, then that would generate annual required Monero purchases of 2.5M x $15 x 12 months = $450 million in the U.S. alone!

 Monero is for Pot ( #reefero? #gangero?)
Marijuana is increasingly legal in the U.S. (and other parts of the world), but the stigma associated with it continues to be very real. Never mind that if your insurance company believes you are a user of recreational drugs they’re likely to charge you higher premiums – legal or not. Tack on to this that a lot of credit-card companies won’t even bank pot dispensaries, and it’s no surprise that they so frequently transact in cash.

 Using (and dispensaries accepting) Monero for marijuana purchases would be a terrific solution – providing privacy (that credit card acceptance wouldn’t provide, even if it was offered), allowing for remote payments, and saving dispensaries from the logistical difficulties of holding large amounts of physical cash. Of course, just like in the porn example, to the extent that having a new, truly private payment option convinced more people to become customers, well then – it would clearly boost sales.

 Finally, it’s worth noting that there have been attempts in the past to create cryptocurrency specifically for marijuana transactions (potcoin). Ultimately though, as these coins are not truly private, they can’t hold a candle to Monero, and are instead more novelty than a scalable business payments solution.

 Monero is for Guns
This is probably the most controversial of the three ‘fors’ I list here – even though what I’m speaking about are legal gun purchases as supported by the U.S. Constitution. I have (by and large) no desire to argue either side here, and am simply pointing out a use case that would be extremely valuable to participants in that economy.

 Many gun purchasers do so under the auspices of the 2nd amendment, which they will tell you has nothing to do with hunting, and everything to do with protecting citizens from a corrupt and tyrannical government[6]. As such, it would make sense for these purchasers to want to keep their purchases private in the event that a ‘coming for your guns’ scenario plays out.

Well, unfortunately for them, outside of using cash, their options are quite limited. Credit cards intimately link the guns to purchasers, and compilation of this data is actively being developed (though I personally would be shocked if it hasn’t already been done – and these headlines are just warming up the public to the official announcements).

 Yet again, Monero offers a solution – truly private transactions – effectively anonymous digital cash. I won’t run through the numbers here on market opportunity for gun shops to accept Monero – but suffice it to say that any offering which makes it easier for their customers to make new purchases will of course boost business and profits.

However, I will quickly run through the Monero adoption scenario. It’s estimated U.S. Gun and Ammunition stores generate annual revenues in the neighborhood of $3.1 billion.  If just 5% of those purchases are made with Monero, that equates to an incremental annual ‘Monero purchase demand’ of $155 million – again, in the U.S. only!

Summing Up

 If you are in the Monero community, you might be annoyed at me. You might be saying, “Hey Izzy – thanks for nothing. We’ve worked so hard to fight the wrong and unfair stigma of being a ‘dark coin’… and now you’re associating Monero with pornography, pot, and guns?!”

 If this is how you feel, first let me say I understand your position. I would however offer three points for you to consider.

 1)    The single most powerful long-term indicator of any alt-coins success is whether people use it. With numbers like those illustrated in this article, Monero would be catapulted into the status of one of the most used cryptocurrency worldwide – if not the most. And as we know, success breeds success – use breeds use. This could be a fantastic springboard into mainstream awareness and adoption.

2)    The more people use Monero, the more people with defend Monero.
We in the Monero community understand that it represents the single biggest threat to the established monetary system since Bitcoin. And since Bitcoin has been beaten, sites have been set on attacking Monero. But if a significant portion of the populace uses Monero, it will have more defenders and supporters. Furthermore, the fact that there are so many non-porn/pot/gun related reasons to be a Monero supporter gives the average user plenty of air-cover to defend it without announcing him or herself as a porn user.

“I support Monero because I believe in privacy, fungibility and sound money. Oh – what’s that you say? People use it for porn? Ah well, cest la vie. I certainly wouldn’t use it for that! But it’s still vital to our civil liberties!”

 3)    There’s a delicious irony to harnessing people’s “base” habits and desires to facilitate healthy societal change.

 While the ‘Powers that Be’ seek to corral and control the masses with bread and circus, here we are, harnessing those very same base-impulses (at least with regard to porn) and redirecting them toward a mechanism that may actually help free the masses from a corrupt monetary system. What can I say? I like the sound of that.

--------------------------------------------------------------------------------------------------------

If you enjoyed this article and want to show support, you can drop me a note at cryptoizzy369@protonmail.com, or a donation to:
41fksK8rNJ7VUWHr5yW58C75oAJbL8mEh3ytfLDucVq3StwTudzbGPyQ75Sj3BeqvNjKtw3Mn5Gni5nD62aWZCiDNjaPY8k

[1]Yes, I am dictating my own definitions. But where have the standard economic definitions come from? And do they do what definitions are meant to do – describe the world around us in the best way possible? I believe my change here does a better job of this.
[2] Anonymity sets will simply never consistently be large enough without default privacy through the chain’s direct ecosystem. That this also means Bitcoin can ultimately be used as a surveillance and control mechanism illustrates how important it is that we avoid things that aren’t true money.
[3]Assuming gross margin of incremental subscribers is near 100%.
[4]Let’s assume that these are all online users.
[5]Assuming they weren’t already Monero users.
[6]Have you seen “The Handmaid’s Tale”? Would that dystopia have been possible if citizenry had arms to protect themselves? Just asking.

På tide at bankene betaler

   No comments
Med et gjeldsregister på plass bør bankene ta en større del av regningen når privatøkonomien kollapser.

I følge en reportasje i DN har det vært en dramatisk økning i tvangsinndrivelse av forbrukslån. Nordmenns totale forbrukslån bikket hundre milliarder i fjor. Det er over førti tusen per husholdning, i gjennomsnitt. Det er åpenbart for enkelt å låne ut penger.

Noe av årsaken kan være at norske kreditorer har det veldig greit. Om du ikke klarer å betale kan de ta huset ditt eller trekke i lønnen din. Inndrivingen er det staten som står for og regningen sendes til deg.

Det skal veldig mye til for at banken taper penger med slike maktmidler til disposisjon. Samtidig garanterer skyhøye renter gode inntekter. At forbrukslån er en fantastisk forretningsmodell er det ingen tvil om. For gjeldsslavene er det ikke like festlig.

En åpenbar løsning er å sette et tak på hvor høye renter bankene kan ta. Når banken for eksempel tar tjue prosent rente, så betyr det at de anser det som forholdsvis sannsynlig at kunden ikke vil klare å betale tilbake. Men da burde vel ikke lånet vært gitt i utgangspunktet? Et rentetak vil sørge for at det ikke blir mulig å gi lån med høy risiko for betalingsproblemer.

Men forskningen er ikke helt entydig på om dette er det beste tiltaket. Ideen om en maksrente bygger på en litt naiv forestilling om at når husholdningen ikke får lån fra banken, så blir det opprydding i økonomien, kjøleskapemagnet med middagsplan for hele uken og ringpermer med skilleark. Men slik er det dessverre ikke.

I stedet vil noen låne andre steder til enda høyere rente, noe som vil stimulere det svarte lånemarkedet. Andre låner mindre, men uten at de kommer seg ut av gjeldsspiralen.

I tillegg finnes det helt legitime grunner til å ta opp høyrentelån. Om kjøleskapet havarerer kan det for eksempel være billigere å låne til nytt, fremfor å dra på butikken hver eneste dag. Det er derfor forståelig at regjeringen i finansmarkedsmeldingen forrige uke foreløpig ikke vil gå inn for et slikt tak.

En mer målrettet løsning er å øke bankenes ansvar overfor låntakeren. Dersom banken må ta en større del av kostnaden når gjelden blir uhåndterlig, så vil banken også bli mer løsningsorientert og mer interessert i å hjelpe kunden på et tidlig tidspunkt.

Frem til i dag har ikke dette vært mulig fordi banken ikke har hatt informasjon om hele gjeldssituasjonen til kunden. Når økonomien imploderer er det mange som lar vær å rapportere inn all gjeld. Dersom banken skal ta hele denne risikoen så ville den måtte dekke det inn ved å sette opp renten på alle lån. Det ville hverken vært særlig populært eller hensiktsmessig.

Men nå kommer et nytt gjeldsregister som vil vise kundens totale forbruksgjeld. Bankene kan ikke lenger unnskylde seg med at de ikke visste. Når gjeldsregisteret kommer vil banken jevnlig kunne sjekke om økonomien er i utforbakke. Om banken lar en familie gli ut i et gjeldshelvete uten å gjøre noe, så kan ikke banken lenger fraskrive seg ansvaret.

Med et slik verktøy tilgjengelig, forsvinner også grunnlaget for statens generøse behandling av kreditorer. Siden bankene nå får et verktøy til å bli mer ansvarlig, bør lovverket endres slik at bankene i større grad motiveres til å hindre katastrofen før den inntreffer.

Hovedproblemet med forbrukslån er at konsekvensene er så skjevt fordelt. Banken får stort sett alltid pengene sine tilbake til en lav kostnad. For gjeldsslavene kan konsekvensen være et ødelagt liv.

Joda, er du kommet i en situasjon med uhåndterlig forbruksgjeld så kan du bare skylde på deg selv. Banken tvinger aldri noen til å ta opp lån. Men problemet blir ikke mindre av at det er selvpåført. Den høye forbruksgjelden og tallene på tvangsinndriving viser at dette er et samfunnsproblem.

Å fortelle forbrukerne at de må skjerpe seg er sannsynligvis ikke en særlig effektiv løsning. Det er bare bankene som kan gjøre noe med problemet. For at det skal skje, må kundens økonomiske sammenbrudd merkes bedre på bunnlinjen.