Mark Turner : Jessica Holmes and the Wake Commissioners

December 06, 2016 11:03 PM

Jessica Holmes

Jessica Holmes

The new Wake County Board of Commissioners were sworn in last night and got to the business of picking its chair and vice-chair positions. Sig Hutchinson got unanimous support for Wake Chair while Matt Calabria won a split vote for vice-chair over Jessica Holmes. Jessica, apparently caught up in the moment, then announced she was resigning from the board.

This was a real shame and a shocker. Jessica has pushed some awesome initiatives during her two years on the board and her energy and enthusiasm made you want to cheer for her. Fortunately for all of us, she rescinded her resignation today and will continue to serve.

I am an acquaintance of Jessica and Matt but I know some of the other Wake Commissioners well. I don’t know what Jessica’s reasoning was for resigning (and she has yet to share it) but I do know the people she serves with are good people. I do not believe anyone was out to get her and I think she probably took things more personally than she should’ve. Politics is a long game. You can’t get tripped up by small setbacks.

The folks who think this is a racist or sexist thing (see “good people,” above) aren’t helping matters. The voters of Wake County selected these representatives; if you don’t like the make-up you can blame them. Or better yet, encourage more people of color to run for office. We have some great ones (like Jessica and many others) and could certainly use more. Labeling good representatives “good ol’ boys,” “the MALES,” or “white progressives” simply because they selected someone else as vice-chair is petty and insulting to good public servants. Jessica, to her credit, has not engaged in these characterizations but some of her supporters have and it’s not productive.

I think Jessica’s awesome and I’m thrilled she’s chosen to stay. That said, we don’t need drama, we need unity. Here’s hoping the board (and its supporters) can focus again on the amazing teamwork that has gotten us this far.

Update: apparently she did release a statement:

Yesterday, I shared my plan to resign my position from the Wake County Board of Commissioners. Serving the people of Wake County has been a privilege for which I am incredibly thankful. An opportunity had presented itself to me, and in part out of frustration, I had decided to pursue it. With the long awaited vote for the creation of Wake County’s first ever affordable housing committee, I felt proud for breathing life into an issue that has impacted me and my family and many others across our county and State. With this issue on track, I felt that I could step aside.

The overwhelming voice of my constituents has been for me to lead this work as chair of the affordable housing committee and continue pounding the pavement. This immense response from the community has encouraged me to reconsider this decision. Based on this calling, I am abandoning my original decision to resign and will stay to complete my term as a commissioner serving the community that I love. My apologies to those who were confused or upset by this decision.

Mark Turner : Scratch ANOTHER credit card. Sigh

December 02, 2016 03:35 AM

Kelly was checking her email this morning, expecting to find more birthday greetings. Instead, she turned to me and asked me if I had purchased pizza at Domino’s. Buying pizza at 7 AM is a little … unconventional, so I walked over to see why she would pose such a silly question. Turns out she was reading a “fraud alert” email from our credit card company, showing a purchase at Domino’s sometime today.

Cue the internal cursing and rolling eyes.

A phone call to the credit card company confirmed our fears. Someone had purchased $40 worth of Domino’s pizza in Missouri and used our credit card to do it. Our card was promptly canceled and new ones put in the mail.

It had been less than two weeks that we had those particular cards. Two. Fricking. Weeks (in truth, these new cards had the same number as our old cards but with a different CVV).

Turns out, last night I bought something online just a few hours prior. Rather than buy yet another product from Amazon, I bought it from a mom-and-pop shop. I don’t know for sure but I’m assuming their e-commerce website has been hacked.

This morning I filed a credit card fraud report with Raleigh Police, though I found out after filing it that since the crime didn’t occur in the City of Raleigh it was out of RPD’s jurisdiction. I also called the area PD in Missouri and asked for a detective to call me back. Finally, I left a message at the Domino’s letting them know what had happened. Have not yet heard back from anyone, though I did miss a call from RPD this evening. I figured this incident was more promising for prosecution than the last one since the last time was apparently a road-trip spending spree and it’s a bit easier to figure out who it was who picked up a pizza (or had one delivered). There’s more to go on.

It did get me wondering: who is the victim in this scenario? It was my card used but I don’t have to pay the fraudulent charge. Domino’s traded pizza for a fraudulent payment yet they’ll likely be reimbursed by the credit card company. Finally, the credit card company will likely write off the fraud like the $21.48 billion dollars worth of fraud the industry suffers each year. Now, I am motivated to get these perps some jail time. Domino’s doesn’t five a shit because they got paid, and the credit card company sure ain’t gonna sweat $40 if they’re losing billions elsewhere. Likely outcome? The Pizza Perps walk.

So if no one is willing to go after these crooks, what are the options? A coworker mentioned that some credit card companies offer one-time “virtual credit card numbers” that can be used when making purchases from vendors of unknown honesty (or security). Only my card no longer offers this feature due to lack of demand. I did find mention of an interesting startup called which can tack a virtual number onto your existing credit card but it’s only in “invitation” mode at this stage. I’m hoping I can get in.

In the meantime, I’m thinking we’ll keep at least two cards: one for trusted vendors (Amazon, groceries, airlines, online bills, etc.) and one for untrusted vendors (mom-and-pop stores with dubious security). I’m hoping to lessen the impact of the next credit card breach (because another breach is inevitable, sadly) so that the card we use most (the trusted one) is shielded from unnecessary exposure. We’ll give it a try for a little while and I’ll report back how it works.

Now if you’ll excuse me, I have a zillion automatic payment websites to update. Sigh.

Mark Turner : Raleigh quietly pulled the plug on Camp Ranoca. Why?

November 28, 2016 06:14 PM

We met Kelly’s family at a Virginia state park for our new “Cabin Thanksgiving” tradition. Standing around the campfire Friday night, we were close to exhausting our measly repertoire of camp songs when Hallie and Travis giddily led the others through several zany camp songs they had picked up from their summers at Raleigh’s Camp Ranoca. Anything that gets both of my kids to happily cooperate gets my attention and it was obvious they both looked back fondly on their Camp Ranoca experiences.

Hallie was greatly looking forward to the chance to be a camp counselor this summer at Camp Ranoca. She is excellent with kids and loves the camp experience. Goofiness runs in the family (if you couldn’t tell). She would’ve been great. I was probably as crushed as she was when we found out at the beginning of the year that Raleigh had quietly discontinued Camp Ranoca.

For those who aren’t familiar with Camp Ranoca, it is a summer day camp that the City of Raleigh Parks and Recreation department offered for over four decades (RaNoCa is a contraction of RAleigh, NOrth CArolina). Two generations of kids have grown up collecting mosquito bites, corny songs, swimmer’s ear, and sunburn at the camps held simultaneously at both Umstead Park and Durant Nature Park. There’s even a Facebook page devoted to Camp Ranoca. I would’ve thought the demise of such a beloved camp would’ve been cause for at least some announcement, but no such luck.

When I say “quietly,” I do mean quietly. Google searches turn up nothing. A few stale Google links point to a city webpage that used to have Camp Ranoca information but has since been scrubbed clean. Camp Ranoca isn’t listed in any of the minutes of the Raleigh City Council. All I was able to find is a budget item for the 2016-2017 budget [PDF], showing Camp Ranoca dropping funding from $140,000 last year to just $3,000 this year. Poof. Gone.


Back in February I emailed Diane Sauer, Director of Raleigh’s Parks, Recreation, and Cultural Resources department, asking for more information on Camp Ranoca’s demise. I never got an answer (UPDATE: turns out I used the wrong email address. Whoops.) and didn’t think to follow up until I saw the smiles on my kids’ faces Friday night.

I’m reaching out again to Raleigh’s Parks department to see if I can get the scoop. If Ranoca is gone for good, it deserves a proper send-off.

UPDATE 29 Nov:
I heard back from Scott Payne, Recreation Superintendent, with a detailed explanation to what led to the decision. tl;dr: dwindling demand ended Camp Ranoca. More on that in a future post.

Scott says:

Yes, Camp Ranoca as we knew it for more than 40 years no longer exists as one of our summer camp offerings. In 2015 we acknowledged challenges with delivering the traditional Camp Ranoca: an aging facility for Ranoca West; re-classification of Ranoca North’s home as a nature preserve; and a downward trend in registration for both sites. The Civilian Conservation Corps constructed Camp Whispering Pines located at William B. Umstead State Park hosted Ranoca West for decades, yet the facility had aged to a point where we could no longer sustain a quality experience. Durant Park, home to Ranoca North, was reclassified to Durant Nature Preserve, one of our four (4) nature preserves, with a new emphasis on education of natural environments, a direction supported by the 2014 Park System Plan. The downward trend in registration called to question if a traditional outdoor recreation-based summer camp still met the expectations of our patrons.

At the end of the 2015 summer camp season we made the very difficult (especially for me, my son attended and loved Ranoca) decision to not offer Camp Ranoca for 2016. We notified all of the 2015 Camp Ranoca families by letter of our decision for 2016 and shared information on other similar camp programs offered by the Department for the 2016 season. A team of staff developed an on-line survey instrument on desired summer camps experiences and administered to more than 5,600 attendees of our 2013-2015 summers programs, Camp Ranoca attendees as well as all of our other summer camp and program attendees. Analysis of the results from the survey confirmed patrons highly value outdoor activities such nature lessons, outdoor games, hiking, swimming and boating; however, participation in camp traditions (a Camp Ranoca hallmark) were not valued as highly. With this information and awareness in hand, our creative staff developed for the 2017 summer camp season a new outdoor-recreation focused camp series, “Oak City Adventures.” This series will originate from two (2) hubs, Durant Nature Preserve Park and Walnut Creek Wetland Center, with opportunities for 10-12 year olds as well as 13-15 year olds. The camps will be on the go, leaving each day from their respective “hubs” to visit and enjoy outdoor activities such as boating, swimming, hiking (and for the older group biking and kayking) at outdoor spaces the “City of Oaks” has to offer, Lake Johnson, Lake Wheeler, the Capital Area Greenway System, Neuse River, etc. Durant Nature Preserve now provides a series of smaller, environmental education-focused camps: these offerings were developed and successfully delivered in 2016.

In summary, Camp Ranoca, as we knew it, will not be offered as summer camp; yet, its memories of fun and laughter will live on. The Department now offers a new program, Oak City Adventures, seeking to create new memories of fun and laughter through new exceptional outdoor recreation-based experiences.

So there ya go.

Mark Turner : Need Photos of Raleigh? Mark Turner Says Use His for Free, Please. – Raleigh Agenda

November 28, 2016 05:47 PM

Raleigh Agenda wrote about my public domain photos of Raleigh today.

I first met Mark Turner on the corner of McDowell and Hargett streets for a mysterious “field trip,” as he had called it.

“C’mon, there’s something I want to show you,” he told me, motioning up the street toward DECO. He seemed eager to push past the handshakes and how-do-you-dos, so the adventure could begin. Inside the gift shop, he directed me toward a little basket filled with postcards.

“See that?” he asked, holding up a pack of cards that featured a colorful, sketch-like rendering of the Raleigh skyline. “These are based on the picture of Raleigh that I uploaded to Wikipedia. All the streets line up.”

Sure enough, the skyline sketch—captured from the Western Boulevard overpass, looking northeast in 2008—employed the same angle and details as the picture that accompanies the Raleigh, North Carolina Wikipedia entry. Even a red minivan was echoed on the postcard, eternally stuck in traffic. That’s Turner’s shot, free to anyone who wants to use it.

Source: Need Photos of Raleigh? Mark Turner Says Use His for Free, Please. – Raleigh Agenda

Scott Schulz : Encrypted Evernote Notes with Saferoom

November 24, 2016 04:10 PM

One of the biggest failings of Evernote as it stands is the inability to encrypt notes and/or notebooks. While Evernote does now offer the ability to encrypt the text of a note, any attached documents are not encrypted, so it cannot be used to store financial or tax documents (at least not securely). Note: The other failing (IMHO) is the overly simplistic editor.

So while perusing the Evernote forums the other day, I came across an application called Saferoom which offers the ability to encrypt the entirety of a note. Unfortunately, the workflow is still rather clunky, i.e. one has to move a note to a special Encrypt folder, then encrypt it via the installed Mac app (button click), then move it to wherever you want to keep it, and finally, you have to delete the original note still in the Encrypt folder. Decryption follows a similar procedure.

They are working on a Saferoom Pro app which may offer this functionality via the Right-click menu, but as Evernote has no Mac SDK, they are porting functionality from IOS at this time. However, if you merely want to create and encrypt notes quickly, they do have a Linux app which streamlines a bit of this, but rather than using the Evernote app, the Linux client works in your web browser via a local Python-based website. Since I am using this a fair amount, I thought I'd post my quick install instructions.

I tend to keep most apps and their required modules separated in virtual environments, so the following steps are based around using Virtualenvwrapper, though the pieces could just as easily be installed into the standard system locations. Also, despite being labelled as a Linux application, being Python, it runs fine on a Mac, which is where I am using it.


Create the virtual environment (which auto-activates the environment), and install the dependencies (Note: while they have laid a foundation for Python 3 support, in many places they still use the statement form of print, i.e. print text, so the app is not yet Python 3 compliant):

$ mkvirtualenv saferoom
$ pip install flask requests evernote pycrypto beautifulsoup4

Clone the software from Github and change into that directory:

$ git clone saferoom
$ cd saferoom

To use the software, you need to give it an Evernote developer token, available here. Once retrieved, add it to config.ini:

$ vim config.ini

evernote_developer = <put long token ID here >

Create, or add your Saferoom key to the repository (if you are already using the official Mac app, use the same here):

$ python

Once those steps are complete, start up the server which can then be accessed at http://localhost:5000.

$ python

One thing I have noticed is that when opening a notebook, depending on the contents I occasionally receive an error message indicate that the contents could not be decoded. It appears that on first pass, they are trying to encode a (probably already encoded) string to UTF-8, which throws the error (it forces Python to try s.decode().encode('UTF-8')). Simply clicking on the notebook again should display the contents properly.

If all is working, you should now be able to browse your notes, and add new encrypted notes and attachments.

Saferoom Add Note

The nice part about using this app, is that it lets you decrypt notes in place. It displays the contents in a popup window immediately, rather than making you go through all of the steps mentioned above.

Saferoom View Note

Best of luck!

Warren Myers : vampires vs zombies

November 23, 2016 05:00 PM

A few years ago I wrote about why I like good vampire and zombie stories.

I had an epiphany this week related to that, that I thought you’d all find interesting.

If vampires exist, zombies can not exist [long] in the same universe. Why? Because they’d be eliminating the only source of food for the vampires. And since vampires are, more or less, indestructible (at least to the wiles of marauding zombies), when they eliminated zombie outbreaks, they’d do it quickly and efficiently – and, most likely, quietly.

Mark Turner : NASA Team Claims ‘Impossible’ Space Engine Works—Get the Facts

November 23, 2016 02:55 AM

A paper describing NASA’s spooky new EMDrive microwave propulsion engine has survived peer review. Scientists are still scratching their heads over how this seemingly impossible engine appears to work. Cool!

After years of speculation, a maverick research team at NASA’s Johnson Space Center has reached a milestone that many experts thought was impossible. This week, the team formally published their experimental evidence for an electromagnetic propulsion system that could power a spacecraft through the void—without using any kind of propellant.

According to the team, the electromagnetic drive, or EmDrive, converts electricity into thrust simply by bouncing around microwaves in a closed cavity. In theory, such a lightweight engine could one day send a spacecraft to Mars in just 70 days.

Source: NASA Team Claims ‘Impossible’ Space Engine Works—Get the Facts

Warren Myers : results from running pi-hole for several weeks

November 21, 2016 09:55 PM

I came across pi-hole recently – an ad blocker and DNS service that you can run on a Raspberry Pi in Raspian (or any Debian or Ubuntu (ie Debian-like)) system. Using pi-hole should obviate the need for running ad-blockers in your browser (so long as you’re on a network that is running DNS queries through pi-hole).

I’ve seen some people running it on CentOS – but I’ve had issues with that combination, so am keeping to the .deb-based distros (specifically, I’m running it on the smallest droplet size from Digital Ocean with Ubuntu 16.04).

First the good – it is truly stupidly-simple to get setup and running. A little too simple – not because tools should have to be hard to use, but because there’s not much configuration that goes in the automated script. Also, updating the blacklist and whitelist are easy – though they don’t always update via the web portal as you’d hope.

Second, configuration is almost all manual: so, if you want to use more than 2 upstream DNS hosts (I personally want to hit both Google and Freenom upstream), for example, there is manual file editing. Or if you want to have basic auth enabled for the web portal, you need to not only add it manually, but you need to re-add it manually after any updates.

Third, the bad. This is not a pi-hole issue, per se, but it is still relevant: most devices that you would configure to use DNS for your home (or maybe even enterprise) want at least two entries (eg your cable modem, or home wifi router). You can set only one DNS provider with some devices, but not all. Which goes towards showing how pi-hole might not be best run outside your network – if you run piggy-back DHCP and DNS both off your RPi, and not off the wireless router you’re probably running, then you’re OK. But if your wireless router / cable modem demands multiple DNS entries, you either need to run multiple pi-hole servers somewhere, or you need to realize not everything will end up going through the hole.

Pi-hole sets up lighttpd instance (which you don’t have to use) so you can see a pretty admin panel:


I added basic authentication to the admin subdirectory by adding the following lines to /etc/lighttpd/lighttpd.conf after following this tutorial:

#add http basic auth
auth.backend = "htdigest"
auth.backend.htdigest.userfile = "/etc/lighttpd/.htpasswd/lighttpd-htdigest.user"
auth.require = ("/admin" =>
( "method" => "digest",
"realm" => "rerss",
"require" => "valid-user" )

I also have 4 upstream DNS providers in /etc/dnsmasq.d/01-pihole.conf:


I still need to SSLify the page, but that’s coming.

The 8.8.* addresses are Google’s public DNS. The 80.80.* addresses are Freenom’s. There are myriad more free DNS providers out there – these are just the ones I use.

So what’s my tl;dr on pi-hole? It’s pretty good. It needs a little work to get it more stable between updates – but it’s very close. And I bet if I understood a little more of the setup process, I could probably make a fix to the update script that wouldn’t clobber (or would restore) any custom settings I have in place.

Tarus Balog : Network World Reviews OpenNMS

November 21, 2016 04:22 PM

Today Network World published the results of a comparison among open source network monitoring applications. OpenNMS did not win but I was pretty happy with the article.

The main criticism I have is that the winner, Pandora FMS, seems to be the only one of the four reviewed that is more “open core” than “open source”. They have a large number of versions, each with different features, and you have to pay for those features based on the number of monitored devices. It seems to be difficult to have open source software that is limited in this fashion, as anyone should be able to easily remove that limit. Thus I have to assume that their revenue model is firmly based on selling software licenses, which is antithetical to open source. That said, it looks like the review was based on the “community” version of Pandora which does appear to be free software, just don’t expect any of the “enterprise” features to be available in that version any time soon.

I don’t know why I have such a visceral dislike of the “per managed node” pricing model, outside of having to deal with it back in the 1990s and 2000s. It seems like an unnecessary tax on your growth, “hey, customer, for every new device you add you have to pay for another monitoring license.” Plus, in these days of virtualization and microservices it seems silly. Our customers might spin up between 10 and 100 virtual servers as needed and tear them down just as quickly, and I can’t imagine the complexity that would get added to have to manage a license of each one of them.

Network World Comparison

Of the other applications reviewed, I’m not familiar with NetXMS but I do know Zabbix. They, like OpenNMS, are 100% open source and they are great people. It was awesome to finally meet Alexei Vladishev in person at this year’s All Things Open conference.

Alexei Vladishev and Tarus Balog

The only other thing that immediately pushed a button was the sentence “All four products were surprisingly good.” At first I took it to express surprise that free software could also be good, but then I calmed down a bit and figured they meant it was surprising that all four applications were strong.

For the article they installed OpenNMS on Windows. When I read that my heart just sank, because while it does run on Windows our support of that operating system grew out of a bet. We were talking many years ago about Java’s “write once, run anywhere” slogan and I mentioned that if that were true, why don’t we run on Windows? The team took up the challenge and it took two weeks to port. The first week was spent getting the few bits of code written in C to compile on Windows, and the second week on soft-coding the file separator character so that it would use a back-slash instead of a forward-slash. Even on Windows, the comments in the article were really positive, which make me think this whole Java thing isn’t such a bad idea after all (grin).

They used Windows because apparently was an issue with getting OpenNMS installed on CentOS 7, which was a surprise to me, but then Ronny pointed out that there can be some weird conflicts with Java and packages like LibreOffice that I don’t experience since I always do a minimal install. There is a cool installer for CentOS 7 which may help with that. We also maintain Docker images that make installation easy if you are used to that environment.

Fortunately, or unfortunately, not much has been done for OpenNMS on Windows since we got it working. It is fortunate because not much is required to keep OpenNMS running on Windows due to Java, but it is unfortunate because we really don’t have the Windows expertise that would be required to get it to run as a service, create an MSI installer, etc. Susan Perschke, the author of the article, seems to be a Windows-guru so I plan to reach out to her about improving the OpenNMS experience for Windows users.

One thing that is both common and valid is criticism of the web user interface. At the moment we spend most of our time focused on making OpenNMS even more scalable, and thus we don’t have the resources to make the user interface easier to use. That is changing, and most of the current effort goes into Compass™, the OpenNMS mobile app. The article didn’t mention it which means they probably didn’t try it out, which is more a failure on our part to market it versus an oversight on theirs.

They also didn’t talk directly about scalability, although it was listed in the comparison chart (see above). OpenNMS is designed to monitor tens of thousands to hundreds of thousands of devices with our goal to be virtually unlimited in order to address scale on the order of the Internet of Things. That is why we wrote Newts for storing performance data and are working on both the Minion and Underling to easily distribute OpenNMS functionality.

Another reason we haven’t spent much time on the user interface is that our larger customers tend not to use it much. They rely on the ReST interface to integrate their own systems with OpenNMS and on things like the Trouble Ticketing API for alerts. As the paradigm shifts from monitoring devices to monitoring services, we have made improvements to the user interface for such things as “Business Service Monitoring.

But still, it was nice to be included. We don’t do much direct marketing and even though typing “open source network monitoring” into Google returns OpenNMS as the first hit we are often overlooked. Let’s hope they revisit this in a year and we can impress them even more.

Mark Turner : Jon Stewart on President-elect Trump, hypocrisy in America – YouTube

November 19, 2016 10:59 PM

After Jon Stewart left “The Daily Show” last summer, much of the presidential campaign went on without his unique and satirical point of view. Charlie Rose met with Stewart to discuss his new book about the more than 16 years he spent at the Comedy Central program. Stewart was quick to give his post-election analysis.

Mark Turner : Autocracy: Rules for Survival | by Masha Gessen | NYR Daily | The New York Review of Books

November 19, 2016 10:42 PM

However well-intentioned, this talk assumes that Trump is prepared to find common ground with his many opponents, respect the institutions of government, and repudiate almost everything he has stood for during the campaign. In short, it is treating him as a “normal” politician. There has until now been little evidence that he can be one.

More dangerously, Clinton’s and Obama’s very civil passages, which ended in applause lines, seemed to close off alternative responses to his minority victory. (It was hard not to be reminded of Neville Chamberlain’s statement, that “We should seek by all means in our power to avoid war, by analyzing possible causes, by trying to remove them, by discussion in a spirit of collaboration and good will.”) Both Clinton’s and Obama’s phrases about the peaceful transfer of power concealed the omission of a call to action. The protesters who took to the streets of New York, Los Angeles, and other American cities on Wednesday night did so not because of Clinton’s speech but in spite of it. One of the falsehoods in the Clinton speech was the implied equivalency between civil resistance and insurgency. This is an autocrat’s favorite con, the explanation for the violent suppression of peaceful protests the world over.

Source: Autocracy: Rules for Survival | by Masha Gessen | NYR Daily | The New York Review of Books

Mark Turner : The Right Way to Resist Trump –

November 19, 2016 10:29 PM

Five years ago, I warned about the risk of a Donald J. Trump presidency. Most people laughed. They thought it inconceivable.

I was not particularly prescient; I come from Italy, and I had already seen this movie, starring Silvio Berlusconi, who led the Italian government as prime minister for a total of nine years between 1994 and 2011. I knew how it could unfold.

Now that Mr. Trump has been elected president, the Berlusconi parallel could offer an important lesson in how to avoid transforming a razor-thin victory into a two-decade affair. If you think presidential term limits and Mr. Trump’s age could save the country from that fate, think again. His tenure could easily turn into a Trump dynasty.

Source: The Right Way to Resist Trump –

Warren Myers : i’m surprised facebook doesn’t offer something akin to aws, gcp, azure, etc

November 18, 2016 09:08 PM

Given the ridiculous popularity of Facebook, their huge datacenter investments, super-resilient computing models, etc, I’m very surprised they haven’t gotten into the cloud computing business like Amazon’s AWS, Google’s Cloud, Microsoft Azure, Digital Ocean, etc.

Tarus Balog : Android Open Source Frustrations

November 18, 2016 06:02 PM

I used to be a huge fan of Apple products, but as they started to lock down their ecosystem the limitations they created started to bother me, so I switched to running as much open source as possible.

It wasn’t, and isn’t always now, easy. One of the gripes I still have against Apple is that their commercial success has spawned a ton of imitators who have decided to lock down their products, quite often without the Apple savvy to back it up. Unfortunately, Google seems to be joining these ranks.

I’m a fan of Google, they do a lot to support open source, and I use a Nexus 6 as my primary “hand terminal” (handy). However, I run alternative software on it, namely OmniROM, which gives me more control over my experience and security.

I pretty much run open source software on all my technology with few exceptions, one being my Android Wear watch. I noticed that there was a new update to Android Wear (version 2.0) so I went to play with it. When I launched the app I got this screen:

Android Wear App Error


So I went off to search for a solution to the error message “This phone has been flashed with an unsupported configuration for companion. you must re-flash it as either signed/user or unsigned/userdebug”. I found a couple of answers that suggested I edit the build.prop file and change


In order to do this, you have to have root access to your phone.


I do root my phone, but I haven’t done it in awhile because Google has introduced this thing called “SafetyNet“. The stated purpose is to prevent malware but in practice what it does is torpedo people like me who actually want to control the software on the devices they own. If you install a custom ROM or have root access, certain applications will not run.

Now I have to choose between running the Android Wear app or, say, Pokémon Go. I chose Android Wear (I pretty much finished Pokémon Go).

The process: Boot into recovery, install SuperSU, boot into system, use a file editor to edit /system/build.prop and change from “userdebug” to “user”, reboot.

Android Wear Mute

So Android Wear will start now, but to add to the frustration the one feature I hoped they would fix is still broken for me. It used to be that if my watch was actively paired with the phone, it would mute ringing and other audio notifications. It doesn’t (and none of the fixes I’ve found work for me) so now I just remember to decrease the volume on the phone down to “vibrate”.

Pokemon Go Blocks root

And, I verified that Pokémon Go will not start now – it hangs on the login screen and then reports an error. This is whether or not SuperSU is enabled, and I think I would have to remove it entirely to get it to work.

Now I know that I can install other apps that will hide the fact that my phone is rooted, but if I do that the terrorists win. I would just rather use apps that don’t force me to give up my rights.

Which brings me to the last frustration. I purchased a bunch of content from Google, but now I can’t access it on this phone. I get “couldn’t fetch license”. This started recently so I believe it has something to do with SafetyNet, but repeated calls to Google Play support yielded no answers.

Google License Error - Deadpool

I have a Google 6P that is stock and doesn’t suffer from the download issue, so it stands to reason that there is some “protection” in place that is preventing me from accessing the content I purchased. I solved the problem by not buying content from Google Play anymore.

I’m pretty certain that it is only going to get worse. Google used to be much better about such things but I think they want to emulate Apple in more ways than one (see the new Pixel phone if you don’t believe me) and that is a shame for all of us.

UPDATE: I found a better way to do this that doesn’t require root. Assuming you have a custom recovery like TWRP, you can simply boot into recovery and then connect the handy to a computer. Using “adb shell” you can then access the system directory and edit the build.prop file directly.

Mark Turner : Obama Is Warning America About Trump’s Presidency. Are You Listening? | New Republic

November 17, 2016 12:55 AM

President Barack Obama’s remarks about Donald Trump in his Monday press conference contained some of the most ominous words I’ve heard since news networks began calling the election for Trump early last Wednesday morning. But you may not have heard them.

It is an understatement to say that Obama’s departure from the White House is occurring under unusual circumstances. He is managing a transition to the presidency of someone he believes is unfit for that office, who has empowered racist hate groups, wants to undo the Obama presidency, and shouldn’t be entrusted with nuclear weapons.
In a tense environment where reporters, government workers, world leaders, and anxious citizens and immigrants understandably are scrutinizing every Donald Trump tweet and utterance and leak, Obama’s closing thoughts on the presidency and his successor will be given short shrift. But the things he says about the transition contain critical information about its progress and his confidence that, on the other side of it, things will run smoothly.

His Monday comments suggests he has very little confidence that they will.

Source: Obama Is Warning America About Trump’s Presidency. Are You Listening? | New Republic

Mark Turner : The Role of Rural Resentment in Trump’s Victory – CityLab

November 16, 2016 10:23 PM

Donald Trump’s victory in Wisconsin last week marked the first time a Republican presidential candidate has won there since 1984. The seemingly massive political shift that took place in this Midwestern U.S. state on Election Day, particularly in its rural counties, has since been thrust into the national spotlight.

In trying to better understand what happened in Wisconsin, and for that matter in the outcome of the election nationwide, one of the first people I wanted to speak with was Kathy Cramer. For almost a decade, the political science professor at the University of Wisconsin-Madison has been inserting herself into the casual political conversations of smaller rural communities in her state—listening, asking questions, and ultimately identifying the common threads she’s been able to uncover.

Source: The Role of Rural Resentment in Trump’s Victory – CityLab

Mark Hinkle : 2016 Guide to the Open Cloud

November 16, 2016 02:47 PM

2016 Guide to the Open CloudThis year I, along with Editor-in-Chief Libby Clark, collated the 2016 Guide to the Open Cloud with input from various experts in the cloud computing industry. It’s a directory of this year’s most relevant cloud computing technologies.

The report covers:

  • IaaS
  • PaaS
  • Virtualization
  • Cloud operating systems
  • Container management and automation
  • Unikernels
  • DevOps (complete CI/CD, configuration management, logging and monitoring)
  • Software-defined networking (SDN)
  • Software-defined storage

Download the report from for free. 

Mark Turner : Another talk with the Digital Connectors

November 16, 2016 03:17 AM

I was honored again to be invited to speak to the Raleigh Digital Connectors about blogging tonight. Hopefully I inspired some of them to take up writing (and hopefully blogging) on a regular basis. I certainly enjoyed the opportunity to share my experience and look forward to what they create and share with the world.

Mark Turner : T-Mobile trips Google’s security measures

November 16, 2016 03:08 AM

This afternoon Kelly forwarded me an alarming-looking email purportedly from Google and asked me to see if it was a phishing attempt. “Someone has your password,” warned the emails. Kelly is rightfully suspicious of any unexpected email claiming that one’s account is locked or compromised so I thought this was just another phishing attempt.

Fraud or not? Always be on guard!

Fraud or not? Always be on guard!

But then I looked carefully at the message. The headers showed it came from Google. The link included went to an actual Google server. It was legit. Yikes! Did Kelly get hacked?

Some interesting clues were present. First, she got three such emails, one for her account and each kid’s account. The only device on which all three accounts are present is her mobile phone. It had to be something with her phone!

So did her phone get hacked? Not likely. It’s brand new and fully patched. She and the kids all use decent passwords, too. I couldn’t think of any reason her phone could have been hacked.

Another clue was that Google’s emails all listed the exact same time for the alleged hack. It was unlikely that all three accounts would be hacked simultaneously, and even more unlikely they’d be successfully hacked on the very first try!

So if the phone wasn’t hacked, what was going on here? Following the link in Google’s email showed us the IP address associated with the alleged security breach. It was an IPv6 address that whois helpfully told me belonged to … T-Mobile. T-Mobile is the phone carrier of Kelly’s new phone. It was proof that no security breach had taken place.



What I’m guessing happened was that some of the IP addresses T-Mobile hands out to its phone subscribers are simply mapped to the company’s locations around America. Today’s address was listed as being in Seattle. Another one Google flagged on Thursday showed Kelly in Miami. Needless to say, Kelly wasn’t in either of these places. It’s just that Google’s geolocation algorithm thought she was.

I don’t know if T-Mobile or Google is to blame here. It’d be nice perhaps if T-Mobile had reverse-mapped DNS entries that somewhat corresponded to a physical location. Or Google could do a better job of mapping IP addresses to places. Either way, I’m glad Google takes security seriously enough to be watching for funny business with our accounts. Hopefully they can hone their fraud detection a bit more to account for wacky networks like T-Mobile’s.

Warren Myers : a history of hollywood and hacking

November 15, 2016 11:04 PM

As shared in the most recent Crypto-Gram, Bruce Schneier’s monthly newsletter.

  • 1980s – kid hackers, nerds and Richard Pryor
  • 1990s – Techno, virtual reality and Steven Seagal’s Apple Newton
  • 2000s – Real life hackers, computer punks and Hugh Jackman dancing

Mark Turner : How We Broke Democracy (But Not in the Way You Think) – Medium

November 14, 2016 08:15 PM

How Facebook divides us.

Since we feel uncomfortable when we’re exposed to media that pushes back on our perspective (like that weird political uncle you see at a family reunion), we usually end up avoiding it. It requires a lot of effort to change opinions, and generally it feels gross to have difficult chats with people that don’t agree with us. So, we politely decline the opportunity to become their friend, buy their product, read their magazine, or watch their show.

We insulate ourselves in these ‘information ghettos’ not because we mean to, but because it’s just easier.Our own Facebook feed is no different. It is a manifestation of who we are. It was created by us: by the things we have liked in the past, by the friends we have added along the way, and by people that tend to have opinions a lot like ours. It is made by us.

This is self-segregation, and it happens naturally. But the success of Facebook’s algorithm has effectively poured gasoline on this smoldering innate bias.

Source: How We Broke Democracy (But Not in the Way You Think) – Medium

Mark Turner : Bernie Sanders: Where the Democrats Go From Here – The New York Times

November 13, 2016 05:46 PM

Bernie Sanders’ op-ed in the New York Times.

I am saddened, but not surprised, by the outcome. It is no shock to me that millions of people who voted for Mr. Trump did so because they are sick and tired of the economic, political and media status quo.

Working families watch as politicians get campaign financial support from billionaires and corporate interests — and then ignore the needs of ordinary Americans. Over the last 30 years, too many Americans were sold out by their corporate bosses. They work longer hours for lower wages as they see decent paying jobs go to China, Mexico or some other low-wage country. They are tired of having chief executives make 300 times what they do, while 52 percent of all new income goes to the top 1 percent. Many of their once beautiful rural towns have depopulated, their downtown stores are shuttered, and their kids are leaving home because there are no jobs — all while corporations suck the wealth out of their communities and stuff them into offshore accounts.

Source: Bernie Sanders: Where the Democrats Go From Here – The New York Times

Mark Turner : Bernie’s empire strikes back – POLITICO

November 13, 2016 05:45 PM

Supporters of Bernie Sanders’ failed presidential bid are seizing on Democratic disarray at the national level to launch a wave of challenges to Democratic Party leaders in the states.

The goal is to replace party officials in states where Sanders defeated Hillary Clinton during the acrimonious Democratic primary with more progressive leadership. But the challenges also represent a reckoning for state party leaders who, in many cases, tacitly supported Clinton’s bid.

Source: Bernie’s empire strikes back – POLITICO

Mark Turner : In rural-urban divide, U.S. voters are worlds apart | Reuters

November 13, 2016 05:43 PM

Semi-retired Wisconsin pig farmer John Lader does not think much of Donald Trump as a messenger, but voted for what he described as the Republican president-elect’s message of change and economic hope for America.

“The last few years, there hasn’t been much optimism and hope among working people in rural areas in this country,” said Lader, 65, who lives in the farmland outside the southern Wisconsin city of Janesville.

Around 65 miles (105 km) to the northeast in the state’s biggest city of Milwaukee, Jose Boni, who cleans offices at a local university and rents out several homes, heard a different message: Trump’s plan to build a wall on the U.S.-Mexican border and vow to deport the estimated 11 million immigrants who are in the United States illegally, most of whom are Hispanic.

“He doesn’t care about our community or working people, he only cares about himself,” said Boni, 57, an Ecuador-born U.S. citizen.

The different worlds of Lader and Boni help illustrate the rural-urban divide that was critical to the outcome of Tuesday’s U.S. presidential election.

Source: In rural-urban divide, U.S. voters are worlds apart | Reuters

Mark Turner : Elizabeth Warren Gears Up to Battle Donald Trump | Mother Jones

November 11, 2016 05:21 PM

With Democrats reeling from the election, Sen. Elizabeth Warren (D-Mass.), who was one of the leading Trump-blasters of her party, vowed on Thursday to continue battling the president-elect—while adding that she would be delighted to collaborate with him on some of the populist issues he raised during the campaign.

Speaking at the Washington, DC, offices of the AFL-CIO union federation on Thursday, in an event shown on Facebook Live, Warren declared, “If Trump is ready to go on rebuilding economic security for millions of Americans, so am I, and so are a lot of other people—Democrats and Republicans.” She noted that on the campaign trail, Trump had criticized Wall Street’s power in Washington and promised not to cut Social Security benefits—areas of common ground. But Warren, whom Trump derided as “Pocahontas” during the election, warned that if Trump tries to tear down the Dodd-Frank Wall Street reform law—which overhauled the financial industry after the 2008 meltdown—or to gut the Consumer Financial Protection Bureau, she would fight him “every step of the way.”

Source: Elizabeth Warren Gears Up to Battle Donald Trump | Mother Jones

Mark Turner : An App Called Brigade Saw Trump Winning Swing States When Polls Didn’t : All Tech Considered : NPR

November 11, 2016 03:40 PM

In 2016, the polls got it wrong. They failed to predict that Donald Trump was winning key battleground states. But a startup in San Francisco says it spotted it well in advance, not because of the “enthusiasm gap” — Republicans turning out and Democrats staying at home. Instead, the startup Brigade’s data pointed to a big crossover effect: Democrats voting for Trump in droves.

The company built an app that asks a simple question: Which candidate are you going to vote for?

It’s like what boots-on-the-ground organizers do. Though there is one big difference. In the physical world, most people aren’t wearing their candidate button for the 18 months leading up to the election.

Source: An App Called Brigade Saw Trump Winning Swing States When Polls Didn’t : All Tech Considered : NPR

Mark Turner : President Trump: How and Why

November 11, 2016 03:24 PM

Satirst Tom Walker’s Jonathan Pie character rightfully rips the Democratic Party for losing to Trump.

Tarus Balog : 2016 All Things Open

November 10, 2016 07:17 PM

I made the decision to stop going to conferences for 2016, but I made an exception for All Things Open (ATO). Not only is it an amazing show, it’s also in my back yard, and the combination is not something I can pass up.

I love conferences. My favorite track is always the “hallway” track and I really enjoy spending time with people that I tend only to see these events. The problem is that I started to do the math.

In 2015, due to work travel, I was gone part or all of 26 weekends (I travel about 50% of the time, and often that means I head out on Sunday and back on Saturday). That leaves 26 weekends free. Of those, at least 10 are taken up with vacations, holidays, birthdays and other social engagements, leaving me just 16 or so weekends to myself. If I do 5 to 10 conferences, most of which are held over a weekend, I’m left with less than a weekend a month.

Plus, OpenNMS is going like gang-busters, so I really need to focus on that business. While I love open source conferences, we don’t get many customers out of them (one exception is the Ohio Linuxfest which seems to attract a large number of OpenNMS users) so it can be hard to justify the time (although they are a whole lot of fun).

Anyway, since ATO was the main show I was going to be involved with this year, we decided to host a party that first night. I also submitted some papers, and to my surprise two of them were accepted.

I headed out on Tuesday afternoon, as the wonderful team at was hosting a gathering for contributors that night. That was a lot of fun and a number of us ended up at Foundation afterward. As a cocktail enthusiast I had always wanted to visit, but it is about an hour from my house I don’t want to drink and drive. Since I was staying downtown for the event, that issue went away and I had a great time.

The conference was held in the Raleigh Convention Center, and you could see the registration desk from my hotel room.

ATO - View from Marriott

Wednesday was start of the conference. ATO is organized by Todd Lewis, the nicest guy in open source, and he kicked off the keynotes.

ATO - Todd Lewis

Todd’s superpower is organization, and not only did the conference run smoothly, he got some great speakers. Jim Whitehurst, the CEO of Red Hat, did a talk on the social benefits of open source.

ATO - Jim Whitehurst

We also got a talk from Mark Hinkle, the VP of Marketing of the Linux Foundation. He was recruited at the last minute due to a cancellation, and I thought he did a good job especially considering his time to prepare (unlike normal, I actually had my presentations done at least a week before the conference).

ATO - Mark Hinkle

He started off with some “separated at birth” pictures between punk rockers and open source personalities, which reminded me of something that hit me when it was announced that the DB Cooper investigation was being closed.

ATO - DB Cooper and Jim Whitehurst

I think Jim was about four years old when DB Cooper hijacked that plane, but the similarity is striking.

Another keynote speaker was Jono Bacon.

ATO - Jono Bacon

Always (well, usually) interesting, I love how he has been working the relatively new field of behavioral economics into his talks of late. It is the study of how human psychology can impact economic decision-making and I think it has a lot of relevance in a field where businesses often tout the word “free”. By understanding how we behave we can better align our communities to meet the needs and desires of their participants.

After the keynotes were the individual sessions. I had two back-to back.

ATO - Tarus Balog

Thanks to Ben for the picture, which captures me in my full “Fred Flintstone” glory. Click on the pic below if you want to see the slides, and I did a interview for DZone on my talks. I did embed some video which won’t show up on the PDF, though.

My first talk was on the challenges facing us with the Internet of Things, especially when it comes to monitoring.

ATO - Silos Presentation

It was lightly attended but everyone who came seemed to get a lot out of it.

Right after that I did a new, updated version of my open source business talk.

ATO - Business Presentation

That one was standing room only, and I was really pleased with the feedback. One guy was telling me that he has seen a number of presentations about running an open source business but mine was the only one with concrete examples. I’m glad folks liked it.

Once my talks were done it was time for lunch and I was pretty much done with my obligations. The main one left was to help prepare for the OpenNMS Group sponsored concert at King’s Raleigh. We had hired MC Frontalot and his band to play a show in Portland, Oregon for OSCON, and the Doubleclicks opened. It was so much fun we decided it would be cool to bring it closer to home.

ATO - Doubleclicks

If you haven’t heard of the Doubleclicks you should check out their music. Even if you have, you might want to familiarize yourself with their catalog, especially if, like I did, you think it would be funny to shout out “Freebird!” in the middle of their show (ouch).

ATO - Mc Frontalot

The MC Frontalot set was really tight as well. I love working for professionals. We when got there and there was no keyboard and half the drum kit was missing, I was a mess. They calmly got it all sorted and then really kicked it during the show. They premiered “Freedom Feud” – a song we commissioned about free software. Front is still working on the final master and we have a video in production, so look for it to be posted soon, and thanks to Ben for the concert pics.

Even though I didn’t get to bed until about 04:30 (we eventually ended up in the hotel listening to some tracks Front is writing for the next album that’s all about the Internets) I was back up at 08:00 for Day Two of ATO. With my responsibilities out of the way it was nice to listen to the talks and visit with all the cool people in attendance.

Many thanks to everyone who came to my talks, to Todd and Company for a great show, and to OpenNMS for hosting a party for all my friends. See you next year.

Mark Turner : I am. – Cassie Hewlett

November 10, 2016 06:46 PM

A friend shared this blog post from a Republican college student, who wrote about what it is like to be a Republican college student.

I have reminded my liberal friends of the mistake of dismissing Trump supporters simply as racists (I will be writing more about this when I come up for air from all the stuff going on). The author here is right in reminding everyone of this.

I don’t think Ms. Hewlett is racist. This doesn’t mean she isn’t a little naive.

This paragraph stands out (emphases mine):

Well, I was not sad. While I understand that many people found the result disheartening, I am happy that the Republican party is in office for the next four years. I am happy that trade and markets will once again be free. I am happy that jobs will be brought back into the United States. I am happy that small business owners will finally be able to reap the benefits of hard work and dedication. I am happy that I voted in my first presidential election as a Republican.

Let’s take these one by one.

I am happy that the Republican party is in office for the next four years.

You mean six years of Republican Congressional obstructionism wasn’t enough for you? Running a do-nothing House and Senate? And why do you suppose a Trump presidency headed by a guy who ran against the Republican party establishment will mean smooth sailing for the Republican party?

I am happy that trade and markets will once again be free.

Repeat after me: there is no such thing as a free market. There is no such thing as a free market. It’s a myth. Everyone games the system somehow. Everyone stacks the deck against everyone else. Even if this weren’t the case, trade agreements, treaties and the like don’t get undone overnight. I recall with amusement how Obama was going to change Washington. Didn’t happen then and it won’t happen now.

I am happy that jobs will be brought back into the United States.

It’s a nice dream, isn’t it? Not a chance of it ever happening. As Bruce Springsteen sang in “My Hometown,” those jobs are going, boys, and they ain’t coming back. America competes with the world now. As long as companies have unfettered access to move their factories to any shithole country having no environmental or labor protections this is how it’s going to be.

I am happy that small business owners will finally be able to reap the benefits of hard work and dedication.

Business owners have always been able to reap the benefits of their hard work. Own a business? Good for you. You probably work hard and deserve to feel proud. But don’t forget the people and policies that helped make you successful. Society expects you to pay it forward. Do you love your country enough to invest in it?

Overall, I’ll cut Ms. Hewlett some slack. She’s young and new to how the world really works. Celebrate your victory, Ms. Hewlett, but don’t be too disappointed when things don’t turn out the way you expect them too.

I am not racist. I am not homophobic. I am not sexist. I am not a misogynist. I am for free market. I am for stronger foreign policy. I am for small business. I am for my family. I am Republican.

With the results of the presidential election stirring up a vast amount of emotions, I think it is important to clarify something: just because I am Republican does not mean I am heartless. The point of this is not to debate political policies. It is to highlight what it felt like to be a Republican college student the day after Donald Trump was elected President of the United States.

Source: I am. – Cassie Hewlett

Mark Turner : When ESPN Anchor Finds Out Kaepernick Didn’t Even Vote, He Teaches QB a Lesson He’ll Never Forget

November 10, 2016 05:59 PM


ESPN commentator Stephen A. Smith gave Colin Kaepernick a brutal verbal beatdown Wednesday after he learned the San Francisco 49ers quarterback decided not to vote at all in the 2016 presidential election.

In a fiery and lengthy rant, Smith argued Kaepernick has delegitimized everything he tried to accomplish by first sitting then taking a knee during the national anthem in protest of “oppression” in America.

“As far as I am concerned, Colin Kaepernick is absolutely irrelevant,” Smith said. “I don’t want to see him again; I don’t want to hear from him again; I don’t wanna hear a damn word about anything he has to say about our nation — the issues that we have, racial injustices, needing change, etcetera, etcetera. He comes across as a flaming hypocrite.”

Source: When ESPN Anchor Finds Out Kaepernick Didn’t Even Vote, He Teaches QB a Lesson He’ll Never Forget

Mark Turner : Why the White Working Class Rebelled: Neoliberalism Is Killing Them (Literally) – Juan Cole – Truthdig

November 10, 2016 01:54 PM

I’ll have more election thoughts soon.

The Democratic Party has been the Establishment for eight years, and the Clintons have arguably been the Establishment for 24 years. Since the late 1990s, members of the white working class with high school or less have seen their life-chances radically decline, even to the point where they are dying at much higher rates than they have a right to expect.

A year ago Anne Case and Angus Deaton, Princeton University economists, published a study with the startling finding that since 1999 death rates have been going up for white Americans aged 45-54. It is even worse than it sounds, since death rates were declining for the general population.

One of the big reasons for this increased death rate has been increased use of opiods and other drugs, leading to overdoses, along with liver disease from drinking too much alcohol and increased suicide rates. The problems were especially acute among working class and rural whites with only high school or less, and later studies found that they extended to younger members of this social class in their 20s and 30s. Loss of good-paying manufacturing jobs was clearly a primary reason for this despair.

Source: Why the White Working Class Rebelled: Neoliberalism Is Killing Them (Literally) – Juan Cole – Truthdig

Mark Turner : It was the Democrats’ embrace of neoliberalism that won it for Trump | Naomi Klein | Opinion | The Guardian

November 10, 2016 01:52 PM

More truth. I believe if Bernie Sanders had run against Trump we’d be saying “President-elect Sanders” today.

Here is what we need to understand: a hell of a lot of people are in pain. Under neoliberal policies of deregulation, privatisation, austerity and corporate trade, their living standards have declined precipitously. They have lost jobs. They have lost pensions. They have lost much of the safety net that used to make these losses less frightening. They see a future for their kids even worse than their precarious present.

At the same time, they have witnessed the rise of the Davos class, a hyper-connected network of banking and tech billionaires, elected leaders who are awfully cosy with those interests, and Hollywood celebrities who make the whole thing seem unbearably glamorous. Success is a party to which they were not invited, and they know in their hearts that this rising wealth and power is somehow directly connected to their growing debts and powerlessness.

Source: It was the Democrats’ embrace of neoliberalism that won it for Trump | Naomi Klein | Opinion | The Guardian

Mark Turner : Don’t Panic

November 10, 2016 01:49 PM

Some unexpectedly good political advice from Cracked.Com’s David Wong.

The truth is, most of Trump’s voters voted for him despite the fact that he said/believes awful things, not because of it. That in no way excuses it, but I have to admit I’ve spent eight years quietly tuning out news stories about drone strikes blowing up weddings in Afghanistan. I still couldn’t point to Yemen on a map. We form blind spots for our side, because there’s something larger at stake. In their case, it’s a belief that the system is fundamentally broken and that Hillary Clinton would have been more of the same. Trump rode a wave of support from people who’ve spent the last eight years watching terrifying nightly news reports about ISIS and mass shootings and riots. They look out their front door and see painkiller addicts and closed factories. They believe that nobody in Washington gives a shit about them, mainly because that’s 100-percent correct.

Source: Don’t Panic

Mark Turner : Post-election mop-up

November 10, 2016 01:47 PM

The November 2016 election is now in the books. Hillary Clinton lost. We have President-elect Trump. I’ve been very busy doing what I could to put the Democratic Party over the finish line and had little time to reflect. Last night I did gather some pertinent thoughts and will share some of them in a post or two.

I took the day off from work Tuesday to work the polls (I’m the Democratic precinct chair for my precinct, 01-13). I saw a steady stream of people coming to vote, both Clinton supporters but also a surprising number of Trump supporters. Most were friendly to my greeting but some were obviously angry. One man who took my voter guide returned afterward and – very worked up – told me he wished the incumbents had been listed on the ballot, because he “wanted to vote all these assholes out.” I nodded, not really sure what to make of that.

I love working the polls on Election Day and saying hello to all of my neighbors, though. I shared the responsibility with Dave Malette, Heidi, Tammy, and Julie. Kelly and Travis joined me for the 5-7:30 PM shift. We were joined by a reporter named Ben from a newspaper in Belfast (yes, Belfast, Ireland) who was interviewing voters after they had voted.

Earlier in the day, I spotted a not-so-happy white man in the corner of the parking lot, snapping a photo with his phone of the Republican campaign signs. A well-dressed man and woman walked up to me and asked quietly if I knew what he was doing. I told them them man looked harmless but another greeter asked what they were all about. The man then flashed me his credentials. They were from the U.S. Department of Justice, there to make sure that no one’s right to vote was being infringed. They were super-polite and I reassured them that this was about as friendly a polling place as you would find. With that, the returned inside the building for an hour or two before going on their way. I’d never seen the Feds monitor an election before. That was a first for me.

I took a break from greeting around lunchtime and stayed home until I had to pick Travis up from school around 4:30. As we were returning home, we saw a broken-down car parked in front of our house.

“Let’s go out and see if they need help,” I told Travis. We both went over to meet the driver, who was under the front of the car checking it out. His name was Shawn and his car had overheated. I offered him tools or any assistance I could give but he told me his brother Willie was on his way. With that, I went inside and began cooking dinner.

I later looked out the window and Shawn’s family and brother were now standing around the car.

“Anything I can do to help?” I asked again. This time Shawn handed me two containers and asked for water for his car.

“I didn’t want to trouble you,” he said. I laughed and told him it was no problem at all, soon fetching his water.

I spoke with his wife Pam and daughter, Brianna while we watched Willie and Sean work on the car. Brianna saw my camera and Pam told me Brianna wants to be a photographer. I chatted with them about photography and ways she could get into the hobby. They were all very friendly and appreciative of my help. Meeting them was the highlight of my day.

I returned to the polling place around 5 PM. Heidi had to leave but I learned from Kelly that she didn’t want to go until I had returned. She is the daughter of parents who were persecuted by the Nazis, perhaps even in camps. I am not sure why she insisted on waiting for me to get back but Kelly told me later that Heidi was apparently inspired by me. Hearing the story of her parents’ ordeal and knowing the hate that has been thrown around in this election I was humbled by the thought that what I was doing out there really did matter; that good people have to make a stand.

Once the polls closed I headed over to the Democratic Party election night party. People were shell-shocked when it appeared Trump would prevail. Their shock continued when many Council of State results came in. It was a gloomy occasion. I watched some returns in Duane Hall’s hotel room before heading over my friend Cynthia Ball’s. Her election to the House was one bright spot in the otherwise disappointing night. She didn’t even feel like celebrating her own victory. Can’t blame her.

Other bright spots was that Marylin Avila lost to Joe Johns. Avila was in the pocket of Time Warner Cable and did everything she could to block municipal broadband efforts. I suppose the N&O’s inexplicable endorsement of her was her kiss of death.

My friend Jay Chauduri easily won his election, as did my friend Josh Stein. And at this point Roy Cooper, the most popular politician in the state, is hanging on to a 5000 vote lead over Pat McCrory. Hurray!

I’ve had plenty of doubt over the past few weeks about why I continue to pour so much into politics. I get tired of the posturing and insincerity I see. Then I think of the family I helped out Tuesday, and of Heidi and her parents, and I’m reminded of the good that can be done by the collective partnership that is representative government.

As long as there’s a need I can’t walk away.

Eric Christensen : Thunderbird 45.4.0 TLS Ciphers

November 10, 2016 02:33 AM

While working on strengthening my email server I discovered that Mozilla Thunderbird 45.4.0 only supports the following ciphers:


Not sure why it doesn’t just use the default from OpenSSL.

Update: As pointed out here and other locations, Thunderbird doesn’t use OpenSSL for its encryption library, rather it uses NSS.  This is a good example of why one shouldn’t write articles while sick.

Jesse Morgan : A Brief Review of Ansible Redis Modules

November 06, 2016 04:29 AM

I’m currently investigating the best ansible module to manage redis for my server. The good news is that ansible galaxy has plenty of options; the bad news is that most of them are terrible. This is my first attempt to find the best of the bunch.


For the sake of simplicity, I’m limiting my search to roles that support Enterprise_Linux (e.g. Redhat, Centos, etc). In addition, I’m going to be examining the github repos rather than the galaxy entries.


It’s important to note that I’m not judging the authors, only their usefulness to me.

Last Commit: Sept 15th, 2015

Commits: 2    Contributors: 1

Branches: 1    Releases: 0


  • Default values used
  • Remi repo used
  • config templatized
  • vars used


  • Installs its own Remi repo config
  • docker stuff included
  • extensive template hardcodeds content
  • README example is limited.

Last Commit: May 25th, 2016

Commits: 15    Contributors: 3

Branches: 1    Releases: 0

Redis versions supported explicity: 2.4, 2.6, 2.8


  • Extensive defaults
  • simple tasks and template
  • Estensive README


  • overly simplistic module, complex variables
  • uses default redis package

Last Commit: September 8th, 2016

Commits: 5    Contributors:1

Branches: 1  Releases: 0


  • includes spec file
  • enables remi and epel repos


  • includes docker for tests
  • doesn’t include repos as requirements

Last Commit: September 27th, 2016

Commits: 7    Contributors: 1

Branches: 1    Releases: 3


  • Good Defaults
  • Excellent README
  • multilayer vars configuration
  • includes test playbook and inventory
  • Supports multiple distributions


  • complex vars configuration
  • default packages only, no repo support

Last Commit: June 20th, 2016

Commits: 5    Contributors: 3

Branches: 1     Releases: 3


  • includes good repo dependencies


  • Poor defaults
  • Bad formatting with redirects
  • Bad README

Last Commit: June 7th, 2016

Commits: 18    Contributors: 1

Branches: 1     Releases: 0


  • includes performance tweaks


  • includes docker file
  • bad defaults
  • mentions epel, no include or dependencies
  • no repo dependencies
  • Poor vars

Last Commit: March 10th, 2016

Commits: 36    Contributors: 1

Branches: 2    Releases: 6


  • includes build status


  • No repo dependencies
  • Weird tasks layout
  • Configuration not really EL specific (more debian than Redhat)


Wow…. that was, uh, painful. The good news is a lot of them are still active, though the number of commits is relatively low. across the board. The low commit numbers could mean one of two things:

  1. Ansible roles are easy to get right the first time, or
  2. they’re slapped together and not really polished.

There’s a few we can rule out straight away: mrlesmithjr, dgnest, AerisCloud- there just wasn’t a lot of useful content.


That leaves hostclick, jtyr, officel, and sbaerlocher with useful content. I think the right answer will be to roll my own taking parts from each. I’ll give it a closer look tomorrow.


Update: AAAND I feel dumb. I didn’t notice during my first search that those were the first 10 results- 3 rows of 3 and one row of 1 made it look like that was the end of the list.


I’ll have to re-evaluate, probably based on “most downloaded.”

Warren Myers : watch your mtu size in openstack

November 05, 2016 12:11 PM

For a variety of reasons related to package versions and support contracts, I was unable to use the Red Hat built KVM image of RHEL 7.2 for a recent project. (The saga of that is worthy of its own post – and maybe I’ll write it at some point. But not today.)

First thing I tried was to build an OpenStack instance off of the RHEL 7.2 media ISO directly – but that didn’t work.

So I built a small VM on another KVM host – with virt-viewer, mirt-manager, etc – got it setup and ready to go, then went through the process of converting the qcow image to raw, and plopping it into the OpenStack image inventory.

Then I deployed the two VMs I need for my project (complete with additional disk space, yada yada yada). So far, so good.

Floating IP assigned to the app server, proper network for both, static configs updated. Life is good.

Except I cannot ssh out from the newly-minted servers anywhere. Or if it will ssh out, it’s super laggy.

I could ssh-in, but not out. I could scp out (to some locales, but not others), but was not getting nearly the transfer rates I should have been seeing. Pings worked just fine. So did nslookup.

After a couple hours of fruitless searching, got a hold of one of my coworkers who setup our OpenStack environment: maybe he’d know something.

We spent another about half hour on the phone, when he said, “hey – what’s your MTU set to?” “I dunno – whatever’s default, I guess. “Try setting it to 1450.”

Why 1450? What’s wrong with the default of 1500? Theoretically, the whole reason defaults are, well, default, is that they should “just work”. In other words, they might not be optimal for your situation, but they should be more-or-less optimalish for most situations.

Unless you’re in a basically-vanilla “layered networking” environment (apologies if “layered networking” is the wrong term, it’s the one my coworker used, and it made sense to me – networking isn’t really my forte). Fortunately, my colleague had seen an almost-identical problem several months ago playing with Docker containers. The maximum transmission unit is the cap on the network packet size, which is important to set in a TCP/IP environment – otherwise devices on the network won’t know how much data they can see at once from each other.

1500 bytes is the default for most systems, as I mentioned before, but when you have a container / virtual machine / etc hosted on a parent system whose MTU is set to 1500, the guest cannot have as large an MTU because then the host cannot attach whatever extra routing bits it needs to identify which guest gets what data when it comes back. For small network requests, such as ping uses, you’re nowhere near the MTU, so they work without a hitch.

For larger requests, you can (and will) start running into headspace issues – so either the guest MTU needs to shrink, or the host needs to grow.

Growing the host’s MTU isn’t a great option in a live environment – because it could disrupt running guests. So shrinking the guest MTU needs to be done instead.

Hopefully this helps somebody else.

Now you know, and knowing is half the battle.

Warren Myers : apple finally did what i asked for 6 years ago

November 02, 2016 12:03 AM

Thanks, Apple. About time someone did this!

We can now charge a laptop from either side. Like should have been possible for decades.

Reference – Do any laptops exist with multiple power connectors?

Tarus Balog : Move to Let’s Encrypt – it’s soooo easy!

October 31, 2016 04:07 PM

This weekend I wanted to play around with setting up Nextcloud on my home network (we already use it at work and it is awesome). Since I am planning on putting personal information into that app, I wanted to make sure that access to it was encrypted end-to-end.

This meant setting up SSL on my home web server. Now, it used to be that you either had to use a self-signed certificate (which could cause problems) or you had to spend a bunch of money on a certificate from a recognized Certificate Authority (CA).

Enter Let’s Encrypt. Launched in April of this year, Let’s Encrypt provides free certificates that are recognized by most of the things you need to recognize them.

I had been putting it off since dealing with certs is, quite frankly, a pain. You have to fill out a request, send it to the CA, get back a key file, install it in the write place, etc. Even with a free one I didn’t have time for the hassle.

I shouldn’t have worried – with Certbot it is dead simple. Seriously.

Certbot Screen

I went to their site (as directed from the Let’s Encrypt site) and just followed the instructions. I downloaded a script which downloaded all the required dependencies via apt, answered a few questions, and, bam, I had a functioning web server running SSL. They even prompted me if I wanted all requests to port 80 (http) to be redirected to port 443 (https) and when I said “yes” it did it for me.

The whole process took a couple of minutes.

Amazing stuff. The certificates are only good for 90 days, but they even include an automated way to update them.

Certbot Certificate Renewal

As more and more of our personal information becomes digitized, it is extremely important to use strong encryption. In the past this could be inconvenient if not outright difficult, but you really don’t have an excuse with Let’s Encrypt. Use it.

Magnus Hedemark : fitness update

October 31, 2016 11:11 AM

It’s been 60 days since my body started responding to changes in my fitness strategy, and in those 60 days I’ve lost 24 pounds of mass, gone down two shirt sizes, and gained some strength.

In mid-August, I’d started using my Bowflex Max M3 trainer to start dramatically improving my cardiovascular fitness. And to that end, it worked well. But it also started reinvigorating the muscles in my body. It did this so much so that I actually gained weight when I first started using the Bowflex. If you experience this first week weight gain, stay with it; that cliff you see at the beginning of the banner image is where the Bowflex-inspired weight loss kicked in.

All along the way, I took a very DevOps approach to my fitness. I’d measure, observe, form a hypothesis, and risk failure for the sake of improvement.

The last time I wrote, I was still using the Streaks app for managing my fitness routine. I’ve changed things around a little since then.

Streaks is now used to remind me to record my weight, my blood pressure, and to spend some time reading a book every day.

I’ve begun using MyFitnessPal to record everything I put in my digestive system, right down to a cup of coffee or a glass of water. After doing this for a week and realizing I wanted to get a bit more into the numbers in a way that the free app wouldn’t provide, I weighed my options and sprang for the $50/yr “MVP” level service, which unlocks the features I was after.

One of the features I was after was to have a quick dashboard showing my macronutrient targets and my calorie target, with progress toward each. Early on this fitness path I’d listened to too many people who said “carbs are bad, m’kay?” and ended up suffering a bit of an energy crash when my running got really underway. MyFitnessPal is helping me to realize just how much my diet has to change, and in a healthy way, to get in all of the carbs that I need to feel strong all day. It’s helping me to find that balance until I build the habits to eat this way more intuitively.

I also started running a few weeks ago, and now I’m running four times a week. I’m using MapMyRun for this, and once again I’m shelling out for the premium tier. I’m getting a lot of value out of this for coaching me on my outdoor exercises.

What didn’t work?

  • UA Record – This app held out promise as a nice dashboard to unify the workout and nutritional data, along with sleep data, in one place. But it wouldn’t import sleep data from where I was already storing it (Sleep++ and Apple Health). And it had some horrible caching issues where the data on the dashboard, more often than not, was wrong. The Apple Watch complication didn’t even try to sync up with MyFitnessPal for nutritional data. It had to go.
  • Apple Reminders app. I was using Reminders to help remind me what days were running days. It turned out to be redundant. MapMyRun is now reminding me, and giving me a little more data like what kind of run is planned for the day.

Special mention:

  • Cookie and Kate recipes  are fueling most of my dinners now. They are absolutely delicious and make great use of whole food products.
  • Oh She Glows fuels the rest of my dinners. Yes, my dinners tend to be vegetarian. I am not a vegetarian. I just eat a lot less meat than I used to.
  • Apple Watch is still fantastic. Note that the watch band has to be set pretty tight for the heart rate data to get recorded. It’s about a notch tighter than I’d like it to be.

Mark Turner : A park is a park. Don’t restrict play!

October 27, 2016 12:42 AM

No fun allowed.

No fun allowed.

This sign in the Iwo Jima memorial park in Arlington last week had me shaking my head. There’s this beautiful expanse of lawn behind this memorial and some bureaucrat wants to keep people from enjoying it! Did anyone stop to think that the men who bled during the battle for that Godforsaken island would’ve probably loved to be in that park, playing ball instead? Is there any better way to honor our country’s freedom than, you know, actually giving people freedom?

Before there was such a thing as public parks, society used cemeteries for this purpose. Picnickers would plop down right by the grave of Great-Great Aunt Martha and celebrate life. Somewhere along the line cemeteries and memorials mistakenly became places of “quiet reflection only.”

I can think of no better way to honor those who’ve passed than to celebrate the life we continue to live.

Mark Turner : Intel NUC as home server

October 27, 2016 12:24 AM

It's nice when your server fits in your mailbox.

It’s nice when your server fits in your mailbox.

I’ve always liked to have a home server hanging around for things like email, file sharing, and the like. Over the years this has taken the form of a beefy desktop computer, a PowerPC-based MacMini, an embedded Linux-based router, and recently a beat-up old laptop. All had their challenges, power consumption and fan noise being the two main ones, though the PowerPC machine and the router also couldn’t run all the software I needed. I was limping along on my busted laptop for as long as I could but decided it was nearing the end of its useful life. It was time to go shopping for something that would last me a while.

The embedded idea still appealed to me for the two main reasons I mentioned above: power consumption and noise. I wanted something that sips electricity and was quiet yet still provided enough computing power to do what I needed. After reading up on some online reviews, I went with the Intel NUC.

Intel’s NUC (“Next Unit of Computing”) systems are embedded x86_64 machines which are about half the size of a brick. They have plenty of ports: HDMI, USB 3.0, and even a Thunderbolt port. They come with your choice of Intel processors, whether it is an i3, i5, or i7 series. Memory can be boosted to 32 GB and it accepts newer SSD drives. Some models can fit 2.5″ laptop drives as well. The hardest part about making the jump to an Intel NUC was simply deciphering which Intel model had which options. Sometimes having too many choices isn’t a good thing, I suppose.

I went with the Intel NUC model xx. It seemed a good balance of price and performance, with an i5 processor, room for a 2.5″ drive, and available memory of 32 GB. I bought it, a 1 TB SSD drive, and two sticks of 16 GB memory to round it out, anxiously awaiting its delivery.

The memory, it turns out, was in high demand. Amazon showed I wouldn’t get it for two weeks after everything else shipped. This was unacceptable, so I splurged on the “priority shipping” option for $20 more. Within two days, I had the memory in my hands, having been shipped overnight from Tokyo. Man, I love living in the future!

Next it was time to install the software. Since my goal was to run multiple things on this box, I was looking to put a hypervisor on it. VMware was overkill for me (and not open source). Red Hat Enterprise Virtualization (RHEV) seemed appealing but was not free. That left XenServer from Citrix, which was given favorable reviews in some online NUC how-tos I had read. I went with XenServer.

Downloading and installing XenServer was a piece of cake, simply grabbing the ISO and burning it to a flash drive. Soon I had it up and running with surprisingly little hassle. Xen comes with a Windows-based management tool which isn’t ideal to my all-things-Linux worldview, but I soon found comparable Linux-based tools to do the job. Before I knew it I had a configured Xen host with a CentOS guest running on it. I was home free!

Except I wasn’t. I wanted to take advantage of all the fancy ports the NUC gave me but try as I might I could not get my guest OS connected to them. It turns out that XenServer does not support device passthrough. This means I could not assign the host’s USB ports to the guests the way I’ve gotten used to doing with tools like Oracle’s VirtualBox. Bummer! I futzed for a week with finding a way around this limitation but finally had to pull the plug on XenServer. As easy as it was to get going it was clear that XenServer wasn’t going to meet my needs.

Where to turn to next? I love working with VirtualBox on my work and home laptops and considered putting it on my shiny new NUC. Still, VirtualBox doesn’t have the bells and whistles needed to properly manage multiple VMs at once the way that XenServer, VMware and RHEV do. I also didn’t want to put what is mainly a desktop VM tool on a server. The principle of the thing, you know.

I knew Red Hat’s excellent policy of making their software open source, and figured there was an open source project upstream of their RHEV product the same way Fedora feeds Red Hat Enterprise Linux. I then discovered oVirt, Red Hat’s open source testbed for RHEV. Bingo!

oVirt seemed to do all I needed. It’s open source, offers a nice, web-based management interface, and has support for device passthrough that XenServer doesn’t. The catch with oVirt, though, is that it’s not that easy to install.

oVirt at the time of this writing is on version 4.0. Version 4 made some changes to the previous version 3.6, one key one being that it no longer supports a self-hosted management system. oVirt 4.0’s solution to this is to download a pre-built oVirt VM to manage the host which seemed to be a logical way to go. However, the VM that Red Hat provides is set to use 16 GB of RAM all by itself! I appreciate that oVirt (and RHEV) are aimed at the enterprise market (thus the “Enterprise” in the name) but having the hypervisor stuff take up half of the memory on my little box would never do. I skipped oVirt 4.0 in favor of oVirt 3.6 which still allows for the oVirt tools to be run inside the bare-metal OS. I highly recommend anyone trying to run oVirt on a home server do the same or else you’ll be facing several weeks of maddening configuration, at best.

With oVirt 3.6 installed on a CentOS 7 host OS, I was now able to get started with building my VM host. I export filesystems via NFS from the host OS to the guest OSs and to oVirt’s use. I have the host OS doing only the things needed for supporting oVirt and nothing more. I want it to be as lean as possible so more resources can be available to the VMs. oVirt’s interface is fairly sophisticated but after a little time with it it becomes easy to navigate.

There’s still a bit of work to be done, namely with configuring a host-based video server for one of my VMs, but overall it’s doing what I wanted. I am enjoying having a pint-sized server that gives me a platform for easily testing new software.

Mark Turner : Two Years of Construction on Glascock Street Could End This Week. Did Bad Communication Only Create More Problems? – Raleigh Agenda

October 26, 2016 11:40 PM

Jane Porter’s story on the seemingly never-ending construction on Glascock Street ran in today’s Raleigh Agenda. It’s a fair piece and properly highlights the frustration neighbors have been feeling.

To give a little context to my remarks, I also told Jane that I’m happy that the City is bringing much-needed investment to East Raleigh (after all, there are still two actual, honest-to-God unpaved dirt roads that connect to Glasdock). I only wish the city had done a better job of setting expectations for how long this project (these projects) would take.

Being that I was East CAC chair at the time (or had just been), I certainly knew that the project was gearing. I was not aware, though (and I don’t think any other neighbors were aware), of the time it would all take.

What I would like to see for future projects is the city not only telling us when a project is expected begin but when it is expected to be completed. Put up a sign at the work site with this information. Include a URL (or QR code) that points people to the project webpage. This would do a lot to keep neighbors comfortable with the process.

A good example of why this is needed is the construction that has temporarily closed Old Louisburg Road. A sign appeared over the weekend of October 8th, which tells drivers that the road would close on the 10th. The sign does not tell drivers when the road will reopen! Because Old Louisburg Road is the main way people in my neighborhood get to downtown Raleigh, it being closed is hugely disruptive.

I get it. Work needs to be done, but how about being more open with the public so we can:

  1. better appreciate the scope of your work, and
  2. plan accordingly around your work?

The other thing I’d like the city to do is to designate one point person for these joint projects. I did reach out to the engineer in charge of one aspect of this project but received no response. Was this the right engineer for this particular project phase? Who knows? Raleigh should have one person the public can call with questions/concerns about city work. That could be in the Public Works department or it could be in the Public Affairs department; it probably doesn’t matter which. But one name and number should be prominently designated to find out more information.

It’s taken more than two years, but a major construction project along Glascock Street on the edge of Oakwood and Mordecai should soon be finished.

Beginning where Glascock connects with Wake Forest Road and ending where it intersects Raleigh Boulevard, the multi-tiered, $1.2 million effort has been entirely necessary but caused considerable disruption to area residents and traffic patterns. The project involved installing a new water line and traffic-calming measures, including implementing multiple speed humps and warning signs, then re-paving the road and rebuilding several sidewalks.

But neighbors say the city’s lack of engagement and communication with residents has the potential to influence the way Raleigh residents think about future road projects. Will they now aim to avoid the nuisance, even when it’s needed?

Source: Two Years of Construction on Glascock Street Could End This Week. Did Bad Communication Only Create More Problems? – Raleigh Agenda

Mark Turner : Instead of answers, more questions

October 19, 2016 02:35 PM

Yesterday, I crafted a long blog post detailing my time as a participant in this Gulf War Illness (GWI) research study but never had a chance to post it. I was about to say it seems I have some answers to my health issues. Sadly, after talking with lead researcher Dr. Baraniuk for several hours last night (yes, several hours. Does your doctor do that?) I’ve realized that there are actually more questions than answers now.

I took a week off of work and away from home and traveled to DC at partially my own expense to be tested by an expert in GWI. Dr. Baraniuk is a brilliant man – an expert in GWI – and I was tested, but I never expected that my medical issues would stump him of all people. My joy of yesterday is well-founded: Dr. Baraniuk has detected a legitimate, abnormal response in my nervous system which makes my body work extra hard and seems to occur in GWI-affected veterans (about 30% of those who served in the Persian Gulf War). This confirmation is a wonderful validation of the way I’ve been feeling for the past 25 years.

But there’s more, and it’s the “more” part that has both of us scratching our heads. For at least as long as I’ve been dealing with GWI (and it’s confirmed that I do meet GWI criteria) I’ve also had a significant, unexplained drop in my blood platelets. Dr. Baraniuk has not been as quick to shrug this off as my primary care physicians and I have. He suspects something else is affecting my low platelet count which might also be draining me of energy.

In order to be diagnosed with GWI, all other diagnoses must be ruled out. So I have to get a solid answer on the platelets before anything else can be decided. And it appears to my disappointment that it will take brighter minds than Dr. Baraniuk to figure it out. After meeting Dr. Baraniuk, I can say that’s gonna be a really tall order.

I came here to get answers. Looks like I got one at least – there is truly something physically wrong with me – but more questions have been raised. I hope I have the stamina and perseverance to get these answered as well.

Mark Turner : Insider reveals true intent of Florida’s proposed solar amendment | Miami Herald

October 19, 2016 01:49 PM

Solar panels

Solar panels

Who’s ready to fire their electric company? A Duke Energy-backed lobbying group is pushing Amendment 1 in Florida, an anti-solar constitutional amendment disguised as a pro-solar one. This makes me wish I had some other choice for electric power than Duke Energy. Thanks to electric monopolies I don’t have that choice.

It’s time to end electric monopolies and open this market to competition. It’s time the Duke Energys in this country stop just pretending to support free markets and actually do it.

The policy director of a think tank hired by Florida’s largest electric utilities admitted at a conference this month what opponents have claimed for months: The industry attempted to deceive voters into supporting restrictions on the expansion of solar by shrouding Amendment 1 as a pro-solar amendment.

Sal Nuzzo, a vice president at the James Madison Institute in Tallahassee, detailed the strategy used by the state’s largest utilities to create and finance Amendment 1 at the State Energy/Environment Leadership Summit in Nashville on Oct. 2.

Nuzzo called the amendment, which has received more than $21 million in utility industry financing, “an incredibly savvy maneuver” that “would completely negate anything they (pro-solar interests) would try to do either legislatively or constitutionally down the road,” according to an audio recording of the event supplied to the Herald/Times.

Source: Insider reveals true intent of Florida’s proposed solar amendment | Miami Herald

Mark Turner : Mysterious illness that can cause hallucinations hits Coos Bay |

October 18, 2016 01:07 PM

This is X-Files-worthy.

A mysterious illness that can cause hallucinations has struck Coos Bay.It all started Tuesday afternoon when a caregiver who works with a 78-year-old woman called 911. She reported that seven or eight people were trying to take the roof off her vehicle.

A deputy who showed up found nothing amiss, said Sgt. Patrick Downing, spokesman for the Coos Bay Sheriff’s Office.

The caregiver, 52, called back early Wednesday, reporting the same thing. This time the deputy who responded figured something was wrong and arranged to have another deputy with a more suitable vehicle take the caregiver to Coos Bay Hospital on a mental health hold, Downing said.

Not long after the two deputies reported feeling nauseous, light-headed and euphoric. The elderly woman also came down with symptoms.

Source: Mysterious illness that can cause hallucinations hits Coos Bay |

Mark Turner : Important MT.Net announcement

October 18, 2016 01:03 PM

This is my 7,000th blog post. That is all.

Mark Turner : Georgetown Hospital blocks MT.Net, gives Facebook a pass

October 18, 2016 12:51 PM

I’m connected to Georgetown University Hospital’s MedStarGuest network and trying to keep from being bored between tests. I was about to do some blogging this morning when I was greeted with a WebSense notification that my blog has been blocked:

No MT.Net for you!

No MT.Net for you!

What makes this particularly amusing is that Facebook is not blocked by the hospital’s WebSense nanny filter. It seems that MarkTurner.Net is considered “Social Networking” but Facebook, the granddaddy of all social networking sites, is not blocked for being “Social Networking.” What’s even more amusing is that other sites I host on the very same site using the very same software (like are not blocked. Somehow I’ve earned inclusion onto WebSense’s no-no list.

This is yet another example of how idiotic these Internet nanny filters can be. Attention fellow IT people: there is no substitution for monitoring your own network. Don’t delegate your network monitoring to stupid products like WebSense.

And aren’t “guest” networks supposed to be safe for guests? Protect your important infrastructure with a secure network but your visitors shouldn’t need nanny filters.

Fortunately my VPN has not been blocked so that I could bring you this important message.

Mark Turner : If it’s Monday, this must be DC

October 18, 2016 01:07 AM

At the top of the “Exorcist” Steps in Georgetown. I climbed these steps to and from my appointment today.

At the top of the “Exorcist” Steps in Georgetown. I climbed these steps to and from my appointment today.

I’ve been on the road for a little while. Last week I was in Seattle for a work trip, spending most of my time in a windowless datacenter. My colleagues and I did get out to visit the Museum of Flight as well as the Living Computer Museum, both which were fascinating to us geeks!

I got home Friday night to spend the weekend with my family before hopping a train north to DC. I’ll be here for the next two days participating in a DoD-funded research study on Gulf War Illness (GWI). The research study involves a bunch of repetitive vital sign measurements, some MRI time, and intense exercise tests. I got through most of the medical forms, vital sign measurements, and interview today but the real fun starts tomorrow when I pedal my ass off on a stationary bike while wearing a SCUBA breather and an EKG harness, then spend an hour cooped up in an MRI while they look at my brain. Then I do it again on Wednesday and celebrate afterward with a lumbar puncture (aka, spinal tap). Yay?

After I had a long interview with the doctor in charge of the research study, he doesn’t seem convinced that I have traditional GWI (or it’s cousin, Chronic Fatigue Syndrome, CFS). He does find my symptoms curious, though, and wants to get me some answers. I don’t know what I’ll find out here, if anything, but I seem to be in the realm of experts. At least I know that my vitals are good and EKG looks “stellar,” in their words.

Being away from my family for two weeks in a row isn’t something I’ve done since my 2006 business trip to Australia, I believe. Can’t say I’m a fan of this much travel. My health is important, though, so I want to find out whatever I can so that I can keep up with my very active family.

One plus of being in DC now is that I had a great view of tonight’s Antares rocket launch which launched from Wallops Island, VA. I saw it from the grounds of the U.S. Marine Corps Memorial with the Potomac River in the foreground and excited kids and dads all around me. Made me wish my excited kids (and my wife) were here with me!

Magnus Hedemark : getting fit like a nerd

October 17, 2016 10:10 AM

Most of my adult life, since I took up my first full-time IT job in 1994 and sat behind a desk, I’ve watched my waistline grow and my health decline. I’ve tried a few things to fix this, but I think I’m on to something… that people have been saying for years. But like a good nerd, I’m using technology to help me manage my fitness.


December 2015, weight around 315 pounds and my shirt buttons were straining to keep up.

Christmas of 2015, I was all of 43 years old. But I felt down into my bones like I was nearing the last years of my life. It hurt to stand. It hurt more to walk. The unnatural strength that I enjoyed in my 20’s and 30’s had left me, with all of that inexplicable muscle mass being replaced with body fat. I’d run out of breath standing up, or trying to hold a conversation.

The breathing problems probably had a lot to do with an occasional vice turning into a terrible habit: tobacco. I never did have a taste for cigarettes, but I could often be seen with a pipe of fine tobacco, a cigar, or even a hookah. I had a hookah on my desk at home that was often up and running. I had a hookah in my car in case I ran into some friends who wanted to smoke some hookah and play Cards Against Humanity. So on top of being over 300 pounds, which made breathing difficult enough, I’d been spending a couple of years filling my lungs with crap.

I remember during this time I had to run (more like lumber) about 50 meters one cool Winter evening. My heart felt like it was pounding out of my chest, I felt light-headed, and really wondered if this was going to be “the big one” that Fred Sanford always warned about.

This entry isn’t about smoking, but it’s important to point out that before I did anything else, I really had to quit smoking and get my heart and breathing back from the brink.

I quit smoking. I vaped for awhile to stop tobacco, and then quickly worked to eliminate the vape, too.


No more crappy food. I had to get really comfortable with salad.

My food intake started skewing toward healthier meals, smaller portions, and less snacking. I drink either coffee or water. Having the occasional Diet Coke is still one of my guilty vices, but that needs to go, too.

For months, I was getting what seemed to be a cardiovascular workout from nothing more than stretching exercises. So I did that every day until it no longer resulted in elevated heart rates and heavy breathing.

So I started walking. I used the Apple Health app built into my iPhone to see how far I’d walked and encourage myself to walk a little more. This wasn’t much at first, but it got me up and moving.

As I’ve mentioned elsewhere, I am autistic. Part how how this impacts my fitness regimen is that I kind of need some structure around what I do. It also means that going to a gym is too cognitively overstimulating and I know from past experience that I will avoid such environments. My solution had to happen without a gym membership. So when my tax refund came in, I picked up a Bowflex Max M3 and installed it in my home office.


The Bowflex Max M3 totally kicked my ass at first. But I kept at it, and now it’s a vital part of my fitness regimen.

At first, I could do about two minutes on the Bowflex Max before I felt terrible, my legs burned, and my knee was sore. But every other day, I kept getting back on. The “Fat Burner” program is 15 minutes in duration and changes in difficulty as you go (especially 4 of the final 5 minutes). I’m now doing that regularly, and regulating my relative effort against my heart rate.

A note about the Bowflex Max: the exercise hardware is fantastic, but the digital tech attached to it is missing an opportunity for greatness. I almost want a job with Nautilus to reboot this effort, but I’m good where I’m at. I started out using their phone app, but now I just use the Exercise app on my Apple Watch which has been much more useful. The on-machine digital technology is also pretty poor. Nautilus has a lot of opportunity here to make this better.

The weight really started coming off, especially toward late August when all of my little changes started coming together and working toward my benefit.

But my routine was suffering a little lack of consistency because I hadn’t yet found the right combination of technology to help keep things organized. I’m still figuring it out, but I’ll run down a quick bullet list of who I think the MVP’s are in my regimen.

  • Apple Watch (Series 2) – First thing I did was unload all of the social media crap and change the watch face to a Modular one. This gives me (on top of the time and date) a nice dashboard that shows me my heart rate, how I’m doing on my fitness goals, and a shortcut to starting a workout.
  • MapMyRun – Don’t let the name fool you; this maps quite a number of exercises using the GPS in your phone. I’d used it for awhile to track kayaking adventures, but also for walks. I’ve recently ponied up the $$ for an MVP membership, which offers some additional features that I’ve found invaluable as I begin training for running.
  • Streaks App – This works in harmony with HealthKit to help motivate you to reach your goals. Not all goals have to be fitness goals, and you can have up to six recurring goals configured. It shows up on the watch as an easy to read complication to quickly see if I’ve hit all of my goals. I have goals around my workouts as well as “Read a book”, “weigh in once a week”, and “record blood pressure”. I’m tinkering around with my goals as my use of the app matures, but it’s really helpful.
  • Activity app – I’m using this less now for actively driving my goals (Streaks is more customizable), but I still look in Activity once or twice a day to check my numbers.
  • MyFitnessPal – This one has been a little less useful to me, but it’s worth mentioning. I think if I were tracking meals and other body measurements, this would be great.

My weight has gone down from over 300 to under 280 in the last few months.

In August 2016, I was still over 300 pounds. As I write this now in mid October 2016, I’m 278 pounds. And this is definitely not just weight loss, as previous efforts had been. I’m losing weight more slowly than “weight loss diets” had done for me in the past because I’m also laying down muscle mass, which is more dense and thus heavier than fat.

Recently, I’d been hospitalized for food poisoning and had the benefit of multiple EKG tests being done during my stay. The attending physician blew my mind when he said “I can hardly believe this, but you’ve got a young, strong heart. Take good care of it.” This is after being clinically obese for 20 years and bringing myself down to feeling like death from tobacco products.

All of that body fat around the trunk is going to take awhile to burn away, but it’s working. My shirt size had been 3XLT for many years. I went to the Big & Tall store for some smaller shirts over the weekend, tried on some 2XLT shirts and the clerk said “no, my man, that’s too big for you… try the 1XLT.”

And it fit.


Down to a 1XLT shirt size. The pants and belt are still too big for my shrinking frame.

“My man,” the clerk said, “you’ve done a great job losing all that weight. But if you lose any more, you’ll be down to an LT and you can’t get that here. So I’m happy for you but I’m going to be losing a customer soon.”

In all, I’ve lost a little over 35 pounds to date. This is a good start, but I still have close to 100 pounds to go.

My challenges now are around the seasons. It’s dark in the morning, it’s dark in the early evening, and the days are only getting shorter. This is really cutting into my walking/running time. I may need to pick up a treadmill. So much of my success hinges on building and maintaining a routine.

I’m finding little opportunities everywhere to just get up and move around more. For example, if I get out of a meeting early and find myself with some time between meetings, I’ll do a few brisk laps around the office. I’ve found that I can add 3,000-4,000 steps a day just by doing this. And instead of taking the elevator from the parking deck to my desk on the 12th floor, I’ll take the stairs. Taking the stairs actually gives me a good (but brief) cardio workout.

I work all day at a standing desk. And I track that with my Apple Watch to make sure I’m standing enough every day.

On weekends, I try to have one “big effort”, like going kayaking, or a longer day hike, or a run.

What’s next?

  • As I’d mentioned earlier, I just began running. For now, I’m starting with intervals so I don’t get hurt. The MVP features at MapMyRun are helping a lot with this.
  • I’m going to invest in a kettle bell to start adding more weight resistance training to my routine.
  • Treadmill so I don’t lose momentum when the weather gets crappy.
  • I want to start doing yoga, but I can’t deal with the crowded conditions of most yoga classes. I’ll probably use technology to help me with this. There are some neat options out there to explore.