• Ben Tasker Dip.pc rep S.A.C Cert

    Ben Tasker Dip.pc rep S.A.C Cert

    About Me

    I am an experienced Suffolk (UK) based IT Professional, with significant experience in deploying, managing and operating at planetary scale.

    Although my primary focus has traditionally been operations and security, my roles have always included some software development responsibilities (ultimately leading to more of a DevOps approach, and a significant amount of rapid prototyping).

    At heart I'm a problem solver and am able to move quickly in order to meet requirements, so have found myself well suited for projects which need a fast and flexible response.

    In my previous role, I managed a global Content Delivery Network (CDN) with nodes in locations ranging from Miami to Timor Leste and as a result have an extremely strong understanding of the challenges and technologies involved in content and service delivery within carrier grade networks.

    I also pursue a range of technical activities and hobbies in my free time:

    • I developed Intelligent DNS Routing Software which now routes traffic for one of the biggest social networks on the planet (amongst others). I've also created CDN Switcher technology more akin to Amazon's Route53.
    • I discovered and responsibly disclosed a security flaw in a number of implementations of the cryptographic portion of the HomePlugAV specification. I've also conducted similar investigative work in relation to other products (such as the BitFi Cryptocurrency Hardware Wallet). As a result, my work is occasionally quoted as a reference in talks at conferences such as DefCon, whilst some of my earlier work appears to get used in case studies at various universities around the world.
    • I've maintained a public documentation archive (at https://www.bentasker.co.uk/documentation) for over 10 years, creating a range of technical docs relating not only to software, but also to subjects such as vehicle mechanics. 

    Secondary Education

    • 10 GCSEs Graded B-C
    • 5 AS Levels Graded B-D
    • 4 A2 Levels Graded C-D

     

    Further Education

    • iTQ (User) Diploma (Level 3)
    • Advanced Level Apprenticeship for IT Users
    • iTQ (Level 3)
    • Health and Safety NCFE (Level 2)
    • PC Repair Diploma (Level 2)
    • Functional Skills English Reading (Level 2)
    • Functional Skills English Writing (Level 2)
    • Functional Skills English Speaking (Level 2)
    • English Law NCFE (Level 3)
    • WSET Intermediate (Level 2)
    • National Certificate for Personal License Holders (Level 2)
    • Certificate in Retail Operations (Level 2)
    • Retail Operations NVQ (Level 2)

     

    Employment Related Courses

    During the course of employment, I've completed the courses listed below in addition to mandatory training (such as Fire Safety).

    • Emergency First Aid
    • Portable Appliance Testing
    • Protecting Information Level 1
    • APM Introductory Certificate
    • ITIL V3
    • Project Management
    • Information Gathering
    • Local Security Officer
    • Fraud Awareness
    • Decision Making Models
    • Validation, Verification and Testing
    • JAVA 2
    • Encryption Technologies
    • Processor System Administrator
    • Computer Network Defence
    • Diagnosing & Troubleshooting
    • ECDL Unit E
    • ECDL Modules 1 - 7
    • UNIX Use and Administration
    • Electronic Defence Writing

     

    Skills

    I continually work to develop new skills, whilst keeping existing skills current. Some of my current skill set is listed below

    • Software Development including testing
    • System Design and Architecture
    • API Design
    • System Integration
    • HTTP Adaptive Streaming (HLS & DASH)
    • Reverse Engineering
    • Penetration Testing
    • Linux Server Administration (primarily CentOS and Debian)
    • Appliance/Infrastructure Security
    • Ansible
    • DNS Request Routing
    • AWS (primarily EC2 and R53)

     

    Software Development Languages

    I've developed software in a range of languages, some of which are listed below. I have sufficient familiarity with a range of other languages to be able to call upon when needed.

    • Python (2 & 3)
    • Javascript
    • BASH Shell Scripting
    • LUA
    • PHP
    • C
     

     

    Portfolio

    My Online Portfolio contains examples of past Software Development activities and also of past Website development activities. Some examples of my code (and contributions to other projects) can be seen on GitHub.

    I take great pride in my problem solving abilities, especially when translating requirements or documentation into programmatic code. As an example, when Joomla! 3.0 was nearing final release, I used the list of backwards compatibility issues to create an extension compatibility checker - allowing extension developers to quickly identify which areas of their extensions were likely to require a rewrite.

    I've worked with a number of API's, ranging from enhancement of "Account Expiration & Control (AEC)" to the creation of an API for my PHPChangedBinaries project, which included a cryptographic authentication mechanism.

     

     

     

    Employment History

     

    Senior Technical Support Engineer InfluxData

    Operations Architect Conversant Networks Ltd

    Conversant is a Content Delivery Network (CDN) provider, with a customer base primarily located in South East Asia.

    I was promoted to Operations Architect in March 2018. This is a senior position reporting to, and regularly working with the CEO and other senior stakeholders within an extremely fast paced environment.

    The role has a broad scope of responsibility, involving overseeing architectural aspects of the network’s growth, as well as

    • Identifying and resolve potential issues in already deployed software
    • Help drive product direction and priorities
    • Perform acceptance testing on the various engineering team’s output (ranging from Ansible playbook submissions to entirely new software stacks, products and appliance types)
    • Run beta tests of new features with selected customers
    • Schedule and plan rollout of major releases
    • Act as Subject Matter Expert (SME) for the DNS Routing System and CDN Technical authority
    • Work with partners & suppliers to improve network peering relationships
    • Act as escalation point for the operational support team

    In particular, I’ve worked with engineering to design, develop and deploy

    • Next generation Command & Control Infrastructure
    • Distributed File Storage appliances
    • Next Generation Delivery Infrastructure
    • HTTP/2, SNI and TLS 1.3 Support
    • An “Infrastructure as Code” approach to managing the network as a whole

    When requests for particularly specialised work are received, they’re passed to me to gauge viability when measured against a variety of both business and technical concerns. Depending on the result of that assessment, I may also be responsible for rapidly prototyping the requested functionality.

    Such requests have ranged from developing specialised mid-tier solutions to requests for extremely complex media protection mechanisms, using various languages including BASH, C, LUA, PHP & Python.

    I was tasked with rapidly prototyping and building a solution in order to serve video traffic for a well known social network. Ultimately, the result of this work was that we were able to outperform the incumbent (and industry leader) in multiple important countries.

    Operations & Platform Engineer Swiftserve / Conversant Networks Ltd

    As well as providing Operational support for the company’s federated Content Distribution Network (CDN), this role involved developing and maintaining new features and complimentary systems in order to meet both internal operational and customer requirements. The latter required a lot of rapid prototyping, with subsequent productisation of successful implementations.

    Implementations included a DNS routing system, distributed Real Time Media Protocol (RTMP) stack customised to meet requirements common in the Asian markets, and support for a number of custom authentication and tokenisation requirements for HTTP delivery within the Chinese market. Many prospective customers had an existing supplier, so the requirements had to be adhered to exactly (with little room for negotiation) to ensure we could provide a directly compatible offering.

    Projects were often started (and had to be completed) with very little advance notice, with the approach used tending more towards agile than waterfall. Jenkins (and later, Gitlab's Continuous Integration/CI functionaliy) was used in order to automate testing in most cases, with deployments being managed via Puppet (and, later, Ansible).

    Sole Trader BenTasker.co.uk

    Although customer satisfaction was obviously my primary concern, my aim in operating as a sole trader was always to allow me to develop/maintain skills which might otherwise be neglected in my employed role (also ensuring that conflicts of interest were avoided).

    As a result, the type of work I completed as a Sole Trader was very varied, however, below are examples of some of the work I completed

    • Security audits/Penetration Testing
    • Bespoke software development
    • Server administration and maintenance
    • Creating various RESTful APIs
    • System/Software specific training
    • Performance optimisation of Joomla! sites
    • Post-compromise analysis

    In August 2018 I wound down my Sole Trade operations in order to free up more time to spend with family.

    NOC Specialist Velocix / Alcatel-Lucent / Nokia

    I was promoted into a role specialising in Operational Security and am expected to ensure that both infrastructure and operational procedures reflect the highest possible level of security and professionality.

    In addition to this, I acted as an escalation point for the NOC (as well as the wider operations team) and am also expected to undertake project work in order to maintain and develop tools as part of our Continuous Improvement regime - as part of this I developed a RESTful API linked to a trend-analysis library so that various systems could generate alerts if the traffic profile on any actively monitored CDN had deviated from the usual pattern.

    In the past, I have also acted as a Customer Resident Engineer - integrating with a customer’s Operations Team in order to provide on-site support during the transition of their CDN from a Managed Service to an Owner Operated model.

    My prescribed role also included

    • Network Management
    • Incident Response
    • Supplier Management

    NOC Engineer Velocix

    Velocix was a world leading provider of Digital Media Delivery Platforms, building and providing Linux based Content Delivery Networks to Internet Service Providers worldwide.

    My role was to provide first and second level support on all Velocix products and services, including monitoring, managing and configuring the worldwide Content Delivery Network. The core role being to ensure that both internal and external customers are provided with maximum service availability

    Core responsibilities

    • 24/7 network surveillance, proactively responding to issue that are detected or reported, including analysing all available data and identifying trends
    • General System Administration tasks on all elements of the CDN and also of the company network
    • Identify areas of concern, whether due to potential service impact or directly affecting customer satisfaction

    Whilst maintaining an understanding of the product range and it’s functioning, I also

    • Reverse engineered a customer provided flash player to identify the cause of the reported delivery issue, identifying a bug in a 3rd party library they were using.
    • Identified (and, where possible, provided patches for) issues within the product
    • Managed various internal projects
    • Identified and reported security concerns within the product and infrastructure
    • Created various VXPL (similar in principle to serverless products such as AWS Lambda) scripts
    • Created and extended various HTTP APIs

    Linux Specialist & IT Manager Virya Technologies Ltd

    My role at Virya primarily involved

    • managing customers' servers (primarily Linux based infrastructure but also Windows)
    • developing software (primarily web-based applications in PHP, including extensions for the Joomla! CMS)
    • Managing the company's Hosting infrastructure (Shared, Virtual and dedicated servers)
    • Conducting security audits (including penetration testing)
    • providing emergency server support where requested by a customer (including post-compromise forensic analysis)

    The role required an intimate understanding of networking protocols, system (and database) administration and agile development techniques. I was also the lead software developer, and worked to help develop a DevOps culture within the business. I also migrated elements of the businesses infrastructure onto AWS as well as developing tooling, utilities and bespoke customer products.

    Being a small business, my responsibilities stretched beyond those within my job description, and additional roles included marketing the business, providing quotes for work and management of the business in the Director's absence.

    I initially contracted for this role, becoming a full-time employee in February 2012.

    Inventory Clerk Ministry of Defence

    I trained as a Processor System Administrator, Local Security Officer and Authorised Demander for the systems utilised by both the unit and it’s dependant squadrons, including personnel deployed on operations and exercises.

    The systems I administered consisted of a mix of AIX (hosting Oracle databases, amongst other applications) and Windows (XP, Server 2003 and Server 2000), running various bespoke military applications in addition to a standard range of productivity tools.

    More...

     

    Client Testimonials

    – Server Support

    Ben at Virya Technologies was recommended to me by a colleague when looking for a provider of system admin for my dedicated server. Ben, Ruth and the team at Virya Technologies have been absolutely brilliant from day one. Patient, understanding and extremely helpful, I have no hesitation in recommending their efficient and knowledgeable service.

     

    Ben has worked in a support/development capacity for the ISSBA website which is Joomla based. He has always been happy to help, has kept me up to date with progress and has endeavoured to find the best solutions to any issues with the site. I would be happy to recommend his services.

     

    Ben is an extremely competent and dependable Joomla expert and server security specialist. He has been fundamental to the deliverability, on-going support and maintenance of Seatrade's news sites (amongst other projects).

    Ben has always being very personable and uses his extensive knowledge and people skills to ensure that he employs the best solution, whilst ensuring that we understand the rationale to any suggestion, issue or enhancement that he has deployed or recommended to improve the usability and functionality of Seatrade's news sites.

     

    Additional Information

    The following additional details are available upon request;

    • Full Education History (including all courses completed)
    • Full Employment History
    • References

     

  • Benscomputer.no-ip.org

    Benscomputer.no-ip.org was the precursor to bentasker.co.uk.

    It was self-built, self-run and self-hosted, using server side includes in order to dynamically load content into otherwise static templates. As antiquated as that might sound now, it attracted a reasonable level of traffic, particularly during the Phorm Debacle.

    I moved over to using a properly hosted Joomla install in November 2010

    Some of the history behind how benscomputer.no-ip.org came to be, and how it evolved is detailed in this March 2013 blog post.

    2020: there is now a static archive of benscomputer.no-ip.org.

  • BenTasker.co.uk V1

    The first version of BenTasker.co.uk was based on Joomla 1.5, and being something of a rushed affair, it showed.

    Having stored much of the Benscomputer.no-ip.org content in a CSV based database, importing content was reasonably easy with a few scripts. To my regret though, I was overly conservative with the content I imported, and so some content was never migrated over and has been lost to time as a result, despite my more recent efforts to find and republish content in backups etc.

    The Joomla 1.5 version of the site was relatively short-lived, as I migrated to Joomla 2.5 in June 2012

  • BenTasker.co.uk V2

    The second version of BenTasker.co.uk sported a template very similar to the first, albeit with some colour changes

    Content came across automatically, as it was simply an upgrade and re-templating of the Joomla CMS that underpinned the site

    The migration from Joomla 1.5 to Joomla 2.5 was completed in June 2012 and the changes went live with the site sporting a much darker look

    The history of the site is discussed in a little more depth in this post announcing the migration to Joomla 3 in March 2013

  • BenTasker.co.uk V3

    BenTasker.co.uk was migrated to Joomla 3 in March 2013

    Content came across automatically, as it was simply an upgrade and re-templating of the Joomla CMS that underpinned the site

    An entirely new template had to be used for Joomla 3 due to the old one not being compatible, but the original build continued the tradition of light text on a black background.

    Going from the 2.x branch of Joomla to 3.x was a big step - whilst the upgrade itself wasn't as painful as from Joomla 1.5 - 2.x, extension compatibility was a serious issue.

  • BenTasker.co.uk v3.1

    In April 2013, following feedback from others, the site was switched over to using a different default colour scheme (with the old one still supported via a toggle on the pages)

    A number of other important improvements were made too, including reducing the site's use of cookies, improving transparency (via the launch of mod_yourData) and the addition of some basic privacy options to the left-hand side of the site.

    In the ensuing time, those privacy options have changed/improved and new privacy features have been added - including multihoming the site so that it's accessible as a Tor .onion, and enabling opportunistic encryption. Others, like support for the dark theme have been removed (though the theme seemingly still works, as that's how I got the screenshot for the V3 information page

  • Freedom4All

    Freedom4All was a small Human Rights focused blog I ran between 2008-2010

    It was a small Wordpress based blog, with a mixture of dedicated content and "news" posts highlighting things of focus/importance on other sites.

    Much of the earlier content was lost following issues with the hosting provider (and the backups they'd been paid to take), but content from 2010 onwards can be located in the Freedom4All Archive

  • HLS Stream Creator

    HLS Stream Creator is a script which acts as a wrapper to FFMPEG in order to simplify remuxing video into HTTP Live Streaming (HLS) format.

    Originally written as research into HLS for a job interview, I've continued to develop it and since used it for a range of projects, including creating a raspberry-pi based transcoding cluster.

  • Lotto Predict

    LottoPredict was a simply statistical exercise to see whether analysis of ball draw rates could lead to predicting some of the balls to be drawn

    The underlying engine compromised of a site scraper (in order to collect and collate lottery results), the analysis engine and a simple REST API in order to retrieve results, generate predictions etc.

    The concept ultimately led to the development of a better API, and the release of my mod_lotto Joomla extension.

  • Onionstroke

    I was contacted for this, as a result of research I'd previously conducted into the feasibility of delivering high resolution video via encrypted overlay networks (in this case, Tor).

    The customer was a small group of people who had an idea, but weren't sure on how best to implement it - the idea being a privacy sensitive service delivering legal adult content, in effect a PornHub without all the tracking and profiling that MindGeek does.

    My role was to help them design and develop the infrastructure required to deliver this. This included working out how best to route users who simply cannot be geolocated, in order to achieve the minimal possible latency, as well as designing the CDN upon which it would all be built.

    The site worked well on a technical level, and delivered full-HD content over Tor quite successfully. However, the group's plan to financially support the site proved to be a little over-optimistic, and so the site was ultimately shuttered.

  • RequestRouter

    Request Router is a routing engine. The default install methodology exposes a Geolocating Intelligent DNS Load Balancer.

    It features:

    • Geolocation cost based routing (with overrides)
    • Protocol Aware
    • Delivery Status/Load Aware
    • EDNS Client Subnet (ECS) support
    • Wildcard support
    • HTTP Redirect (302) Routing Support
    • Content Optimised Routing in HTTP Routing
    • Alt-Svc Header Support

  • Vehman

    Vehman was a system to track the Total Cost of Ownership for vehicles

    The primary component was a fuel consumption tracker, allowing you to generate reports on average MPG, distance travelled by month etc.

    It ultimately evolved into a purely API based system, with the front-end being presented as a custom Joomla extension on VehicleFuelTracker.co.uk

  • Your-motorcycle.tk

    In truth, I'd forgotten I ever created this site until I stumbled upon a backup disk in early 2020.

    In January 2004 I started a small self-hosted site called Your-motorcycle.tk dedicated to creating and publishing documentation around motorcycle maintenance - focusing on both general topics (how Ignition systems work) as well as on specific models of motorbike (i.e. those which I had access to)

    The site itself is a graphical design disaster, but is one of the earliest examples I have of me creating and publishing documentation. It's fairly clear, too, that my focus was entirely on the documentation rather than the design aspect.

    Following it's rediscovery, an archived copy of the site's content has been made available - Your-motorcycle.tk Archive