Multizone | All our technotes

It is no longer hard to serve multiple differently named websites from the same server with SSL. Let's Encrypt supports Apache and Ubuntu and is easy to configure. 

The Apache HTTP Server has always had a virtual hosts feature to serve multiple differently named websites from the same server. Setting it up with SSL is historically more complex than it perhaps ought to be given that the project it named after HTTP it was centred around http and https was originally an additional, often expensive and complex configuration step.

This seems outmoded to me. Even for test sites, traffic encrypted to the web browser with https is mandatory for any serious web presence. http is an insecure protocol that should really be a secondary consideration. Anyway, it is what it is.

With virtual hosts, each individual site appears to the end-user to have a different identity even though it is served from the same server. Hosting providers use this technology to provide resilience, security, scale, analytics and for many other reasons but it is also useful for developers who want to have a replica small scale development or staging environment perhaps for multiple websites. A development environment is my reason for building out Apache 2 virtual hosts with separate Let's Encrypt certificates on my Ubuntu Linux machine.

To make it work, you need to think about setting out the directory structure on your Linux machine, the Virtual Hosts configuration files for Apache2, and a properly resolving DNS record to the Linux machine hosting your virtual host site. Setting it up is easy enough but takes a little bit of concentration on the details of all these moving parts. Adding SSL to these virtual hosts is far less tricky than it once was because 'Let's Encrypt' does most of the heavy lifting now.

TL:DR — I now have two dev sites on my local Ubuntu Desktop. Both have valid Let's Encrypt SSL certificates and are working well locally and via the Internet. It took about 45 minutes to set up.

Details

Last Updated: 14 April 2025

• Ubuntu Linux: Stability, Security, and Open-Source Freedom
• Linux: The Backbone of Modern Computing

Read more: Let's Encrypt Secure virtual hosts on Ubuntu 24.04

This PC doesnt currently meet Windows 11 system requirements

So, I bought this total bargain Lenovo ThinkCentre 710q chiefly because it consumes low power, has all Lenovo's attention to detail for maintenance and spare part replacement, has a nice tiny form factor, and a reasonably modern architecture. The Think Centre supports secure boot, and has a Trusted Platform Module (TPM) 2.0. This one came with a DVD rw drive but has a modest 8GB of memory and a 500GB drive. The 6th Generation Intel® Core™ i5-6400T 'Skylake' processor and the Intel HD 530 graphics are end of life. Nevertheless it is a relatively good specification. Sadly however, according to Microsoft's tools, the Lenovo ThinkCentre M710q appears to be unable to meet the minimum system requirements for Windows 11. Thats a shame, but all is not lost! Lets see what can be done to improve the usefulness of this machine.

TL:DR — Lenovo have always made high quality rugged expandable hardware, especially in the Think design range they acquired from IBM, who after all, invented the PC in the first place. These ThinkCentre 710q tiny workstations are low power workhorses so they don't cost a fortune to run and are cheaply and plentifully available now in the used marketplaces. They can be expanded to excellent maximum specification and in some cases beyond to deliver their full potential at low cost and are ideal for home/lab/small office use. Plenty of parts are available, mostly very easily user replacable with ease. It is as easy as can be to bypass the arbitrary restriction and allow the upgrade to Windows 11, or indeed to install Linux or whatever other OS you please.

Details

Last Updated: 27 June 2025

• Microsoft Windows: An Operating System
• Technology We Use: Devices and Tools Powering Everyday Life

Read more: Install Windows 11 on a ThinkCentre with unsupported processor chip

Secure File Sharing with FileCloud

FileCloud is powerful software, delivering a secure, enterprise-grade file sharing and content collaboration platform. The community edition provides an annual licence for 5 full accounts, with 10 external accounts. Community edition is self-hosted on your Windows or Linux servers or in your own account in a supported Infrastructure as a Service (IaaS) provider. For our review we installed it in Amazon EC2, using Amazon S3 for storage, as well as on a local Linux server, using local storage, and on a local virtual machine, on an Intel based Mac, running VMware Fusion, with the Filecloud provided Ubuntu 22,04 virtual machine. You need to have a good knowledge of Linux, virtual machines and web applications to get Filecloud running well. 

Details

Last Updated: 05 March 2025

• Technology We Use: Devices and Tools Powering Everyday Life

Read more: FileCloud

Cassette tapes are a lost art. I haven't had a cassette player connected to my home audio system for decades. But I remember vividly the playlists on my mixtapes, and still today expect certain songs to appear after other songs when I hear them. Mixtapes also provide a snapshot of the music at the time, unlike our digital media services today.

Vintage cassette players and recorders, are expensive and full of compromises on eBay but seem to have a devoted following among collectors, vinyl enthusiasts, and music lovers. Analog audio has the hiss of tape. Remember the special grades of Tape? Like mighty TDK SA 90 which was the king of the blank audio cassette for years. TDK also made C-120s but they were prone to failure and best avoided. Everybody it seemed, made Cassette media, but it was always TDK for me if I could stretch to them.

In my other article on New Cassette recorders in 2024, I look at the only two, almost identical brand new decks you can buy (from Teac and TASCAM). Both have the exact same mechanism, and remote, with a few styling differences, notably – rack mount capability and one additional playback function on the TASCAM. In the end I decide to try a second hand deck to determine how much quality I can get out of it, and really whether I care enough to invest in this old but originally groundbreaking media. I'm still a sucker for TASCAM, the professional division of Teac, so I looked for a TASCAM 302 - one of the finest professional, rack mountable, dual cassette decks ever made.

TASCAM 302

TL:DR — If you have the means theres still a TASCAM Pro Audio and a Teac consumer cassette deck available in new condition with USB out from. But can you get similar quality out of a second hand TASCAM cassette deck?

Details

Last Updated: 01 July 2025

• Vintage Software
• Vintage Computer Hardware: Glimpse into heritage technology

Read more: Tascam 302 Professional level Compact Cassette Deck

Microsoft's recent announcement regarding the sunset of Windows Subsystem for Android (WSA) means the end of Amazon Appstore on Windows 11. This ripple is being felt throughout the tech press, sparking discussions about the company's technology shifts and the implications for users and developers alike. Here's an extract of Amazon's email

In this article, we examine some of the murk surrounding this decision, examining its possible  background, reasons, impact, industry response, and future implications. Here is Microsofts announcement:

TL:DR: Microsoft has thrown in the towel. Use a Chromebook or an Android tablet if you want seamless Android. Use an Emulator from Android Studio if you want recently updated emulators of Android devices.

Details

Last Updated: 14 April 2025

• Android: A Dominant Force in Mobile Computing
• Amazon: A Global Leader in Technology and Innovation

Read more: Amazon Appstore and WSA heads off into the sunset

File Sharing securely with external users and with adequate governance is hard. You might think you can just easily mandate a file sharing Software as a Service (SaaS) platform as part of your productivity suite, (Google Workspace has Google Drive, Microsoft 365 has Microsoft OneDrive, Apple has iCloud or there's always a third party SaaS like the venerable DropBox), but hold on before you do so. In exchange for a simple user experience you give up control over your data hosting to the cloud service provider. That might be fine for your organisation, and it is for a lot of organisations, but for some data workloads with sensitive, private or privileged data it could well not be acceptable.

{ToC}

Five reasons why a Software as a Service (SaaS) platform might fail your organisations criteria for secure file sharing technology

There are probably more but here are five:

1. Firstly, SaaS providers might be required to give access to their data to other agencies by regulation or for other reasons although like DropBox they may appear to be transparent about it.
2. Secondly, they might index your content as Windows does if you let it by enabling "Cloud content search", leading to the potential for serving information in search results to users who should not be able to see it.
3. Thirdly, your SaaS provider might harvest the data for use in training a large language model (LLM) for Artificial Intelligence (AI), with the resulting risk posited by Google in "Privacy Considerations in Large Language Models" that training data appears in output or could be subject to a training data extraction attack.
4. Fourthly, they might change their terms and conditions or like Skiff be acquired and shut down.
5. In extreme cases, (looking at you, Amazon Drive), they may just throw in the towel and cease operating the service altogether.

Evaluating secure file sharing against an information security policy framework

Recently, we conducted an evaluation of secure file sharing technology for suitability for sharing securely with users both internal and external to an organisation in a regulated market sector. This was an interesting exercise, which made us spend further time thinking about the issues around secure sharing of company information in the cloud, and the almost automatic use these days of the technologies tied to an organisations business cloud software provider. The criteria we set were informed by our own information security policy framework as we look to become ISO27001 certified.  

Information Security Criteria

Whatever system is chosen must preserve information security. It should ensure that access to the system is only given to the right people, to the right data, and at the right time.

• Access Control – Measures to control who can access the data and what actions they can perform.
• Authentication – Authentication, authorisation and revocation mechanisms strong enough to verify the identity of users accessing the service.
• Auditing and Logging – Detailed logs of all activities and accesses to the data, allowing for accountability and traceability.
• Incident Response – Procedures to respond and mitigate changes, continuity, disaster, security incidents or breaches.
• Data Encryption – Encryption to protect data from unauthorized access.
• Data Integrity – Maintenance and assurance of data over its entire life-cycle.
• Data Deletion and Disposal – Supports procedures for securely deleting and disposing of data when it is no longer needed.
• Data Governance – Policies and procedures for the proper management and use of data within the organization.
• Data Classification – Data classification based on its sensitivity.
• Network Security – Prevention of unauthorized access and protection against external threats.
• Vendor Risk Management – Assessment and management of security risks associated with third-party vendors or partners involved in the data sharing process.
• User Training and Awareness – Education available to users about security best practices to help prevent security incidents.
• Secure Development Lifecycle – Security in the software development process must be respected.
• Security Monitoring – Tools and processes for continuous monitoring of the service and its environment for potential security issues.
• Compliance and Regulatory Requirements – Ensure that the service complies with relevant laws, regulations, and industry standards.

Functionality and ease of use

Functionality and ease of use only matters if the information security criteria are met. 

• Ease of use – There should be a fully featured web App, Windows, Mac desktop drive/volume level support is desirable, folder level support acceptable. iOS and Android Apps are highly desirable.
• Functionality – Branded Portal, Let's Encrypt SSL support, Custom URL, Shared Files and Folders, (password protection, public, time timited), Unlimited storage. Comprehensive email notifications. 

No system guarantees everything in an information security policy

This exercise is not about criticising systems that cannot guarantee total  compliance with information security policies. None are perfect, It is more to show that if information security cannot be guaranteed then the risks should be quantified, written down, subject to regular review and accepted by the executive management of the business. 

TL:DR: Operating system vendor solutions and well known SaaS services cannot easily be made to satisfy all of these conditions. The only way to guarantee compliance with strict information security policies is to self host with a technology and platform that enables you to encrypt your data in transit and at rest. You have to have the keys to the kingdom!

Details

Last Updated: 05 March 2025

• Technology Strategy

Read more: Secure file sharing information security policy framework